X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=rsa.c;h=d5d80ff6664dbcb0e0a1d0a07960c67fb3bcbf92;hb=934cb196c3928724c351045f25c740a830941e4a;hp=cda8d8924dfac0f4bd68a54d8648d8ec6fa670f6;hpb=4b9f8efbb918eb573f8b4b0289aa0349a4e68f4c;p=secnet.git diff --git a/rsa.c b/rsa.c index cda8d89..d5d80ff 100644 --- a/rsa.c +++ b/rsa.c @@ -332,6 +332,7 @@ struct rsapriv_load_ctx { void (*verror)(struct rsapriv_load_ctx *l, FILE *maybe_f, bool_t unsup, const char *message, va_list args); + bool_t (*postreadcheck)(struct rsapriv_load_ctx *l, FILE *f); union { struct { struct cloc loc; @@ -344,24 +345,27 @@ struct rsapriv_load_ctx { #define LDFATAL_FILE(...) ({ load_error(l,f,0,__VA_ARGS__); goto error_out; }) #define LDUNSUP_FILE(...) ({ load_error(l,f,1,__VA_ARGS__); goto error_out; }) #define FREE(b) ({ free((b)); (b)=0; }) +#define KEYFILE_GET(is) ({ \ + uint##is##_t keyfile_get_tmp=keyfile_get_##is(l,f); \ + if (!l->postreadcheck(l,f)) goto error_out; \ + keyfile_get_tmp; \ + }) -static uint32_t keyfile_get_int(struct cloc loc, FILE *f) +static uint32_t keyfile_get_32(struct rsapriv_load_ctx *l, FILE *f) { uint32_t r; r=fgetc(f)<<24; r|=fgetc(f)<<16; r|=fgetc(f)<<8; r|=fgetc(f); - cfgfile_postreadcheck(loc,f); return r; } -static uint16_t keyfile_get_short(struct cloc loc, FILE *f) +static uint16_t keyfile_get_16(struct rsapriv_load_ctx *l, FILE *f) { uint16_t r; r=fgetc(f)<<8; r|=fgetc(f); - cfgfile_postreadcheck(loc,f); return r; } @@ -387,8 +391,7 @@ static void rsapriv_dispose(void *sst) static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, FILE *f, struct cloc loc, - bool_t do_validity_check, - const char *filename) + bool_t do_validity_check) { struct rsapriv *st=0; long length; @@ -433,20 +436,19 @@ static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, b=safe_malloc(length,"rsapriv_apply"); if (fread(b,length,1,f)!=1 || memcmp(b,AUTHFILE_ID_STRING,length)!=0) { LDUNSUP_FILE("failed to read magic ID" - " string from SSH1 private keyfile \"%s\"\n", - filename); + " string from SSH1 private keyfile\n"); } FREE(b); cipher_type=fgetc(f); - keyfile_get_int(loc,f); /* "Reserved data" */ + KEYFILE_GET(32); /* "Reserved data" */ if (cipher_type != 0) { LDUNSUP("we don't support encrypted keyfiles\n"); } /* Read the public key */ - keyfile_get_int(loc,f); /* Not sure what this is */ - length=(keyfile_get_short(loc,f)+7)/8; + KEYFILE_GET(32); /* Not sure what this is */ + length=(KEYFILE_GET(16)+7)/8; if (length>RSA_MAX_MODBYTES) { LDFATAL("implausible length %ld for modulus\n", length); @@ -457,7 +459,7 @@ static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, } read_mpbin(&st->n,b,length); FREE(b); - length=(keyfile_get_short(loc,f)+7)/8; + length=(KEYFILE_GET(16)+7)/8; if (length>RSA_MAX_MODBYTES) { LDFATAL("implausible length %ld for e\n",length); } @@ -468,7 +470,7 @@ static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, read_mpbin(&e,b,length); FREE(b); - length=keyfile_get_int(loc,f); + length=KEYFILE_GET(32); if (length>1024) { LDFATAL("implausibly long (%ld) key comment\n", length); @@ -482,12 +484,12 @@ static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, /* Check that the next two pairs of characters are identical - the keyfile is not encrypted, so they should be */ - if (keyfile_get_short(loc,f) != keyfile_get_short(loc,f)) { + if (KEYFILE_GET(16) != KEYFILE_GET(16)) { LDFATAL("corrupt keyfile\n"); } /* Read d */ - length=(keyfile_get_short(loc,f)+7)/8; + length=(KEYFILE_GET(16)+7)/8; if (length>RSA_MAX_MODBYTES) { LDFATAL("implausibly long (%ld) decryption key\n", length); @@ -499,7 +501,7 @@ static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, read_mpbin(&d,b,length); FREE(b); /* Read iqmp (inverse of q mod p) */ - length=(keyfile_get_short(loc,f)+7)/8; + length=(KEYFILE_GET(16)+7)/8; if (length>RSA_MAX_MODBYTES) { LDFATAL("implausibly long (%ld)" " iqmp auxiliary value\n", length); @@ -511,7 +513,7 @@ static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, read_mpbin(&iqmp,b,length); FREE(b); /* Read q (the smaller of the two primes) */ - length=(keyfile_get_short(loc,f)+7)/8; + length=(KEYFILE_GET(16)+7)/8; if (length>RSA_MAX_MODBYTES) { LDFATAL("implausibly long (%ld) q value\n", length); @@ -523,7 +525,7 @@ static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, read_mpbin(&st->q,b,length); FREE(b); /* Read p (the larger of the two primes) */ - length=(keyfile_get_short(loc,f)+7)/8; + length=(KEYFILE_GET(16)+7)/8; if (length>RSA_MAX_MODBYTES) { LDFATAL("implausibly long (%ld) p value\n", length); @@ -592,8 +594,8 @@ static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l, done_checks: if (!valid) { - LDFATAL("file \"%s\" does not contain a " - "valid RSA key!\n",filename); + LDFATAL("file does not contain a " + "valid RSA key!\n"); } assume_valid: @@ -623,6 +625,12 @@ static void verror_cfgfatal(struct rsapriv_load_ctx *l, vcfgfatal_maybefile(maybe_f,l->u.apply.loc,"rsa-private",message,args); } +static bool_t postreadcheck_apply(struct rsapriv_load_ctx *l, FILE *f) +{ + cfgfile_postreadcheck(l->u.apply.loc,f); + return True; +} + static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context, list_t *args) { @@ -633,6 +641,7 @@ static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context, struct rsapriv_load_ctx l[1]; l->verror=verror_cfgfatal; + l->postreadcheck=postreadcheck_apply; l->u.apply.loc=loc; /* Argument is filename pointing to SSH1 private key file */ @@ -667,7 +676,7 @@ static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context, do_validity_check=False; } - st=rsa_loadpriv_core(l,f,loc,do_validity_check,filename); + st=rsa_loadpriv_core(l,f,loc,do_validity_check); fclose(f); return new_closure(&st->cl); }