mirror of git://anongit.mindrot.org/openssh.git
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/03/13 11:42:19 [authfile.c ssh-keysign.c] move RSA_blinding_on to generic key load method
This commit is contained in:
parent
c1365e19b0
commit
ed33d3b4d2
|
@ -1,3 +1,9 @@
|
||||||
|
20030315
|
||||||
|
- (djm) OpenBSD CVS Sync
|
||||||
|
- markus@cvs.openbsd.org 2003/03/13 11:42:19
|
||||||
|
[authfile.c ssh-keysign.c]
|
||||||
|
move RSA_blinding_on to generic key load method
|
||||||
|
|
||||||
20030310
|
20030310
|
||||||
- (djm) OpenBSD CVS Sync
|
- (djm) OpenBSD CVS Sync
|
||||||
- markus@cvs.openbsd.org 2003/03/05 22:33:43
|
- markus@cvs.openbsd.org 2003/03/05 22:33:43
|
||||||
|
@ -1203,4 +1209,4 @@
|
||||||
save auth method before monitor_reset_key_state(); bugzilla bug #284;
|
save auth method before monitor_reset_key_state(); bugzilla bug #284;
|
||||||
ok provos@
|
ok provos@
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.2627 2003/03/12 22:42:51 djm Exp $
|
$Id: ChangeLog,v 1.2628 2003/03/15 00:36:18 djm Exp $
|
||||||
|
|
13
authfile.c
13
authfile.c
|
@ -36,7 +36,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: authfile.c,v 1.51 2002/11/15 10:03:09 fgsch Exp $");
|
RCSID("$OpenBSD: authfile.c,v 1.52 2003/03/13 11:42:18 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
@ -421,6 +421,12 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
|
||||||
rsa_generate_additional_parameters(prv->rsa);
|
rsa_generate_additional_parameters(prv->rsa);
|
||||||
|
|
||||||
buffer_free(&decrypted);
|
buffer_free(&decrypted);
|
||||||
|
|
||||||
|
/* enable blinding */
|
||||||
|
if (RSA_blinding_on(prv->rsa, NULL) != 1) {
|
||||||
|
error("key_load_private_rsa1: RSA_blinding_on failed");
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
close(fd);
|
close(fd);
|
||||||
return prv;
|
return prv;
|
||||||
|
|
||||||
|
@ -460,6 +466,11 @@ key_load_private_pem(int fd, int type, const char *passphrase,
|
||||||
#ifdef DEBUG_PK
|
#ifdef DEBUG_PK
|
||||||
RSA_print_fp(stderr, prv->rsa, 8);
|
RSA_print_fp(stderr, prv->rsa, 8);
|
||||||
#endif
|
#endif
|
||||||
|
if (RSA_blinding_on(prv->rsa, NULL) != 1) {
|
||||||
|
error("key_load_private_pem: RSA_blinding_on failed");
|
||||||
|
key_free(prv);
|
||||||
|
prv = NULL;
|
||||||
|
}
|
||||||
} else if (pk->type == EVP_PKEY_DSA &&
|
} else if (pk->type == EVP_PKEY_DSA &&
|
||||||
(type == KEY_UNSPEC||type==KEY_DSA)) {
|
(type == KEY_UNSPEC||type==KEY_DSA)) {
|
||||||
prv = key_new(KEY_UNSPEC);
|
prv = key_new(KEY_UNSPEC);
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
*/
|
*/
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: ssh-keysign.c,v 1.9 2002/12/19 00:07:02 djm Exp $");
|
RCSID("$OpenBSD: ssh-keysign.c,v 1.10 2003/03/13 11:42:19 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/rand.h>
|
#include <openssl/rand.h>
|
||||||
|
@ -192,13 +192,6 @@ main(int argc, char **argv)
|
||||||
keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC,
|
keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC,
|
||||||
NULL, NULL);
|
NULL, NULL);
|
||||||
close(key_fd[i]);
|
close(key_fd[i]);
|
||||||
if (keys[i] != NULL && keys[i]->type == KEY_RSA) {
|
|
||||||
if (RSA_blinding_on(keys[i]->rsa, NULL) != 1) {
|
|
||||||
error("RSA_blinding_on failed");
|
|
||||||
key_free(keys[i]);
|
|
||||||
keys[i] = NULL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (keys[i] != NULL)
|
if (keys[i] != NULL)
|
||||||
found = 1;
|
found = 1;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue