comparison signkey.c @ 1478:3a933956437e coverity

update coverity
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 23:49:22 +0800
parents 06d52bcb8094
children 2d450c1056e3
comparison
equal deleted inserted replaced
1439:8d24733026c5 1478:3a933956437e
398 } 398 }
399 399
400 /* Since we're not sure if we'll have md5 or sha1, we present both. 400 /* Since we're not sure if we'll have md5 or sha1, we present both.
401 * MD5 is used in preference, but sha1 could still be useful */ 401 * MD5 is used in preference, but sha1 could still be useful */
402 #if DROPBEAR_MD5_HMAC 402 #if DROPBEAR_MD5_HMAC
403 static char * sign_key_md5_fingerprint(unsigned char* keyblob, 403 static char * sign_key_md5_fingerprint(const unsigned char* keyblob,
404 unsigned int keybloblen) { 404 unsigned int keybloblen) {
405 405
406 char * ret; 406 char * ret;
407 hash_state hs; 407 hash_state hs;
408 unsigned char hash[MD5_HASH_SIZE]; 408 unsigned char hash[MD5_HASH_SIZE];
433 433
434 return ret; 434 return ret;
435 } 435 }
436 436
437 #else /* use SHA1 rather than MD5 for fingerprint */ 437 #else /* use SHA1 rather than MD5 for fingerprint */
438 static char * sign_key_sha1_fingerprint(unsigned char* keyblob, 438 static char * sign_key_sha1_fingerprint(const unsigned char* keyblob,
439 unsigned int keybloblen) { 439 unsigned int keybloblen) {
440 440
441 char * ret; 441 char * ret;
442 hash_state hs; 442 hash_state hs;
443 unsigned char hash[SHA1_HASH_SIZE]; 443 unsigned char hash[SHA1_HASH_SIZE];
470 470
471 #endif /* MD5/SHA1 switch */ 471 #endif /* MD5/SHA1 switch */
472 472
473 /* This will return a freshly malloced string, containing a fingerprint 473 /* This will return a freshly malloced string, containing a fingerprint
474 * in either sha1 or md5 */ 474 * in either sha1 or md5 */
475 char * sign_key_fingerprint(unsigned char* keyblob, unsigned int keybloblen) { 475 char * sign_key_fingerprint(const unsigned char* keyblob, unsigned int keybloblen) {
476 476
477 #if DROPBEAR_MD5_HMAC 477 #if DROPBEAR_MD5_HMAC
478 return sign_key_md5_fingerprint(keyblob, keybloblen); 478 return sign_key_md5_fingerprint(keyblob, keybloblen);
479 #else 479 #else
480 return sign_key_sha1_fingerprint(keyblob, keybloblen); 480 return sign_key_sha1_fingerprint(keyblob, keybloblen);
481 #endif 481 #endif
482 } 482 }
483 483
484 void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, 484 void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type,
485 buffer *data_buf) { 485 const buffer *data_buf) {
486 buffer *sigblob; 486 buffer *sigblob;
487 sigblob = buf_new(MAX_PUBKEY_SIZE); 487 sigblob = buf_new(MAX_PUBKEY_SIZE);
488 488
489 #if DROPBEAR_DSS 489 #if DROPBEAR_DSS
490 if (type == DROPBEAR_SIGNKEY_DSS) { 490 if (type == DROPBEAR_SIGNKEY_DSS) {
515 #if DROPBEAR_SIGNKEY_VERIFY 515 #if DROPBEAR_SIGNKEY_VERIFY
516 /* Return DROPBEAR_SUCCESS or DROPBEAR_FAILURE. 516 /* Return DROPBEAR_SUCCESS or DROPBEAR_FAILURE.
517 * If FAILURE is returned, the position of 517 * If FAILURE is returned, the position of
518 * buf is undefined. If SUCCESS is returned, buf will be positioned after the 518 * buf is undefined. If SUCCESS is returned, buf will be positioned after the
519 * signature blob */ 519 * signature blob */
520 int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) { 520 int buf_verify(buffer * buf, sign_key *key, const buffer *data_buf) {
521 521
522 char *type_name = NULL; 522 char *type_name = NULL;
523 unsigned int type_name_len = 0; 523 unsigned int type_name_len = 0;
524 enum signkey_type type; 524 enum signkey_type type;
525 525
568 * base64 data, and contains no trailing data */ 568 * base64 data, and contains no trailing data */
569 /* If fingerprint is non-NULL, it will be set to a malloc()ed fingerprint 569 /* If fingerprint is non-NULL, it will be set to a malloc()ed fingerprint
570 of the key if it is successfully decoded */ 570 of the key if it is successfully decoded */
571 int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, 571 int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen,
572 const unsigned char* algoname, unsigned int algolen, 572 const unsigned char* algoname, unsigned int algolen,
573 buffer * line, char ** fingerprint) { 573 const buffer * line, char ** fingerprint) {
574 574
575 buffer * decodekey = NULL; 575 buffer * decodekey = NULL;
576 int ret = DROPBEAR_FAILURE; 576 int ret = DROPBEAR_FAILURE;
577 unsigned int len, filealgolen; 577 unsigned int len, filealgolen;
578 unsigned long decodekeylen; 578 unsigned long decodekeylen;