summaryrefslogtreecommitdiff
path: root/rsa.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>1999-11-08 15:30:59 +1100
committerDamien Miller <djm@mindrot.org>1999-11-08 15:30:59 +1100
commit356a0b004aad93ec570b134664522a3a925ba556 (patch)
tree3c7cddb50f71a838947d5fda204b569d879dc757 /rsa.c
parent0aa8e5395ca08c7fa927bccd8a763edc4ae61f7b (diff)
Lots of changes:
- Removed lots of unnecessary checks from autoconf - Added support and autoconf test for openpty() function (Unix98 pty support) - Fix for scp not finding ssh if not installed as /usr/bin/ssh - Added TODO file - Merged parts of Debian patch From Phil Hands <phil@hands.com>: - Added ssh-askpass program - Added ssh-askpass support to ssh-add.c - Create symlinks for slogin on install - Fix "distclean" target in makefile - Added example for ssh-agent to manpage - Added support for PAM_TEXT_INFO messages - Disable internal /etc/nologin support if PAM enabled - Merged latest OpenBSD CVS changes: - [sshd.c] don't send fail-msg but disconnect if too many authentication failures - [sshd.c] replace assert() with error, fatal or packet_disconnect - [sshd.c] remove unused argument. ok dugsong - [sshd.c] typo - [rsa.c] clear buffers used for encryption. ok: niels - [rsa.c] replace assert() with error, fatal or packet_disconnect - Fixed coredump after merge of OpenBSD rsa.c patch
Diffstat (limited to 'rsa.c')
-rw-r--r--rsa.c34
1 files changed, 21 insertions, 13 deletions
diff --git a/rsa.c b/rsa.c
index 6d4b7044..6845fab9 100644
--- a/rsa.c
+++ b/rsa.c
@@ -35,7 +35,7 @@ Description of the RSA algorithm can be found e.g. from the following sources:
*/
#include "includes.h"
-RCSID("$Id: rsa.c,v 1.1 1999/10/27 03:42:44 damien Exp $");
+RCSID("$Id: rsa.c,v 1.2 1999/11/08 04:30:59 damien Exp $");
#include "rsa.h"
#include "ssh.h"
@@ -70,8 +70,8 @@ rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits)
}
key = RSA_generate_key(bits, 35, NULL, NULL);
-
- assert(key != NULL);
+ if (key == NULL)
+ fatal("rsa_generate_key: key generation failed.");
/* Copy public key parameters */
pub->n = BN_new();
@@ -110,24 +110,28 @@ void
rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA* key)
{
char *inbuf, *outbuf;
+ int in_len;
+ int out_len;
int len;
if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
fatal("rsa_public_encrypt() exponent too small or not odd");
- len = BN_num_bytes(key->n);
- outbuf = xmalloc(len);
+ out_len = BN_num_bytes(key->n);
+ outbuf = xmalloc(out_len);
- len = BN_num_bytes(in);
- inbuf = xmalloc(len);
+ in_len = BN_num_bytes(in);
+ inbuf = xmalloc(in_len);
BN_bn2bin(in, inbuf);
- if ((len = RSA_public_encrypt(len, inbuf, outbuf, key,
+ if ((len = RSA_public_encrypt(in_len, inbuf, outbuf, key,
RSA_PKCS1_PADDING)) <= 0)
fatal("rsa_public_encrypt() failed");
BN_bin2bn(outbuf, len, out);
+ memset(outbuf, 0, out_len);
+ memset(inbuf, 0, in_len);
xfree(outbuf);
xfree(inbuf);
}
@@ -136,21 +140,25 @@ void
rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
{
char *inbuf, *outbuf;
+ int in_len;
+ int out_len;
int len;
- len = BN_num_bytes(key->n);
- outbuf = xmalloc(len);
+ out_len = BN_num_bytes(key->n);
+ outbuf = xmalloc(out_len);
- len = BN_num_bytes(in);
- inbuf = xmalloc(len);
+ in_len = BN_num_bytes(in);
+ inbuf = xmalloc(in_len);
BN_bn2bin(in, inbuf);
- if ((len = RSA_private_decrypt(len, inbuf, outbuf, key,
+ if ((len = RSA_private_decrypt(in_len, inbuf, outbuf, key,
RSA_SSLV23_PADDING)) <= 0)
fatal("rsa_private_decrypt() failed");
BN_bin2bn(outbuf, len, out);
+ memset(outbuf, 0, out_len);
+ memset(inbuf, 0, in_len);
xfree(outbuf);
xfree(inbuf);
}