From 56eb573560722f0fa7e47ce7abd399074df30bd2 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 20 Jan 2019 22:57:46 +0000 Subject: cleanup pkcs#11 client code: use sshkey_new in instead of stack- allocating a sshkey work by markus@, ok djm@ --- usr.bin/ssh/ssh-pkcs11-client.c | 65 ++++++++++++++++++++++++++--------------- 1 file changed, 42 insertions(+), 23 deletions(-) (limited to 'usr.bin') diff --git a/usr.bin/ssh/ssh-pkcs11-client.c b/usr.bin/ssh/ssh-pkcs11-client.c index b78a950b8d1..50bdfa6fda6 100644 --- a/usr.bin/ssh/ssh-pkcs11-client.c +++ b/usr.bin/ssh/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.13 2019/01/20 22:54:30 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.14 2019/01/20 22:57:45 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -109,19 +109,25 @@ pkcs11_terminate(void) static int rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding) { - struct sshkey key; /* XXX */ - u_char *blob, *signature = NULL; + struct sshkey *key = NULL; + struct sshbuf *msg = NULL; + u_char *blob = NULL, *signature = NULL; size_t blen, slen = 0; int r, ret = -1; - struct sshbuf *msg; if (padding != RSA_PKCS1_PADDING) - return (-1); - key.type = KEY_RSA; - key.rsa = rsa; - if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) { + goto fail; + key = sshkey_new(KEY_UNSPEC); + if (key == NULL) { + error("%s: sshkey_new failed", __func__); + goto fail; + } + key->type = KEY_RSA; + RSA_up_ref(rsa); + key->rsa = rsa; + if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); - return -1; + goto fail; } if ((msg = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); @@ -130,7 +136,6 @@ rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding) (r = sshbuf_put_string(msg, from, flen)) != 0 || (r = sshbuf_put_u32(msg, 0)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); - free(blob); send_msg(msg); sshbuf_reset(msg); @@ -143,6 +148,9 @@ rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding) } free(signature); } + fail: + free(blob); + sshkey_free(key); sshbuf_free(msg); return (ret); } @@ -151,24 +159,33 @@ static ECDSA_SIG * ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, const BIGNUM *rp, EC_KEY *ec) { - struct sshkey key; /* XXX */ - u_char *blob, *signature = NULL; + struct sshkey *key = NULL; + struct sshbuf *msg = NULL; + ECDSA_SIG *ret = NULL; const u_char *cp; + u_char *blob = NULL, *signature = NULL; size_t blen, slen = 0; - ECDSA_SIG *ret = NULL; - struct sshbuf *msg; - int r; + int r, nid; - key.type = KEY_ECDSA; - key.ecdsa = ec; - key.ecdsa_nid = sshkey_ecdsa_key_to_nid(ec); - if (key.ecdsa_nid < 0) { + nid = sshkey_ecdsa_key_to_nid(ec); + if (nid < 0) { error("%s: couldn't get curve nid", __func__); - return (NULL); + goto fail; + } + + key = sshkey_new(KEY_UNSPEC); + if (key == NULL) { + error("%s: sshkey_new failed", __func__); + goto fail; } - if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) { + key->ecdsa = ec; + key->ecdsa_nid = nid; + key->type = KEY_ECDSA; + EC_KEY_up_ref(ec); + + if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); - return (NULL); + goto fail; } if ((msg = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); @@ -177,7 +194,6 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, (r = sshbuf_put_string(msg, dgst, dgst_len)) != 0 || (r = sshbuf_put_u32(msg, 0)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); - free(blob); send_msg(msg); sshbuf_reset(msg); @@ -189,6 +205,9 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, free(signature); } + fail: + free(blob); + sshkey_free(key); sshbuf_free(msg); return (ret); } -- cgit v1.2.3