shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 18:04:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

pki: Use SSH_STRING_FREE()

Browse Source 
Fixes T183

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 189fd76589)
This commit is contained in:
Andreas Schneider
2019-10-28 12:08:41 +01:00
parent 0016888942
commit 8f0ab53b7b
1 changed files with 44 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
src/pki.c
View File

@@ -705,7 +705,7 @@ void ssh_signature_free(ssh_signature sig)
/* Explicitly zero the signature content before free */ /* Explicitly zero the signature content before free */
ssh_string_burn(sig->raw_sig); ssh_string_burn(sig->raw_sig);
ssh_string_free(sig->raw_sig); SSH_STRING_FREE(sig->raw_sig);
SAFE_FREE(sig); SAFE_FREE(sig);
} }
@@ -817,7 +817,7 @@ int ssh_pki_export_privkey_base64(const ssh_key privkey,
} }
b64 = strndup(ssh_string_data(blob), ssh_string_len(blob)); b64 = strndup(ssh_string_data(blob), ssh_string_len(blob));
ssh_string_free(blob); SSH_STRING_FREE(blob);
if (b64 == NULL) { if (b64 == NULL) {
return SSH_ERROR; return SSH_ERROR;
} }
@@ -979,7 +979,7 @@ int ssh_pki_export_privkey_file(const ssh_key privkey,
} }
rc = fwrite(ssh_string_data(blob), ssh_string_len(blob), 1, fp); rc = fwrite(ssh_string_data(blob), ssh_string_len(blob), 1, fp);
ssh_string_free(blob); SSH_STRING_FREE(blob);
if (rc != 1 || ferror(fp)) { if (rc != 1 || ferror(fp)) {
fclose(fp); fclose(fp);
unlink(filename); unlink(filename);
@@ -1083,15 +1083,15 @@ int pki_import_privkey_buffer(enum ssh_keytypes_e type,
ssh_string_len(privkey)); ssh_string_len(privkey));
#endif #endif
ssh_string_burn(p); ssh_string_burn(p);
ssh_string_free(p); SSH_STRING_FREE(p);
ssh_string_burn(q); ssh_string_burn(q);
ssh_string_free(q); SSH_STRING_FREE(q);
ssh_string_burn(g); ssh_string_burn(g);
ssh_string_free(g); SSH_STRING_FREE(g);
ssh_string_burn(pubkey); ssh_string_burn(pubkey);
ssh_string_free(pubkey); SSH_STRING_FREE(pubkey);
ssh_string_burn(privkey); ssh_string_burn(privkey);
ssh_string_free(privkey); SSH_STRING_FREE(privkey);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
goto fail; goto fail;
} }
@@ -1124,17 +1124,17 @@ int pki_import_privkey_buffer(enum ssh_keytypes_e type,
ssh_log_hexdump("q", ssh_string_data(q), ssh_string_len(q)); ssh_log_hexdump("q", ssh_string_data(q), ssh_string_len(q));
#endif #endif
ssh_string_burn(n); ssh_string_burn(n);
ssh_string_free(n); SSH_STRING_FREE(n);
ssh_string_burn(e); ssh_string_burn(e);
ssh_string_free(e); SSH_STRING_FREE(e);
ssh_string_burn(d); ssh_string_burn(d);
ssh_string_free(d); SSH_STRING_FREE(d);
ssh_string_burn(iqmp); ssh_string_burn(iqmp);
ssh_string_free(iqmp); SSH_STRING_FREE(iqmp);
ssh_string_burn(p); ssh_string_burn(p);
ssh_string_free(p); SSH_STRING_FREE(p);
ssh_string_burn(q); ssh_string_burn(q);
ssh_string_free(q); SSH_STRING_FREE(q);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
SSH_LOG(SSH_LOG_WARN, "Failed to build RSA private key"); SSH_LOG(SSH_LOG_WARN, "Failed to build RSA private key");
goto fail; goto fail;
@@ -1158,16 +1158,16 @@ int pki_import_privkey_buffer(enum ssh_keytypes_e type,
} }
nid = pki_key_ecdsa_nid_from_name(ssh_string_get_char(i)); nid = pki_key_ecdsa_nid_from_name(ssh_string_get_char(i));
ssh_string_free(i); SSH_STRING_FREE(i);
if (nid == -1) { if (nid == -1) {
goto fail; goto fail;
} }
rc = pki_privkey_build_ecdsa(key, nid, e, exp); rc = pki_privkey_build_ecdsa(key, nid, e, exp);
ssh_string_burn(e); ssh_string_burn(e);
ssh_string_free(e); SSH_STRING_FREE(e);
ssh_string_burn(exp); ssh_string_burn(exp);
ssh_string_free(exp); SSH_STRING_FREE(exp);
if (rc < 0) { if (rc < 0) {
SSH_LOG(SSH_LOG_WARN, "Failed to build ECDSA private key"); SSH_LOG(SSH_LOG_WARN, "Failed to build ECDSA private key");
goto fail; goto fail;
@@ -1187,8 +1187,8 @@ int pki_import_privkey_buffer(enum ssh_keytypes_e type,
rc = pki_privkey_build_ed25519(key, pubkey, privkey); rc = pki_privkey_build_ed25519(key, pubkey, privkey);
ssh_string_burn(privkey); ssh_string_burn(privkey);
ssh_string_free(privkey); SSH_STRING_FREE(privkey);
ssh_string_free(pubkey); SSH_STRING_FREE(pubkey);
if (rc != SSH_OK) { if (rc != SSH_OK) {
SSH_LOG(SSH_LOG_WARN, "Failed to build ed25519 key"); SSH_LOG(SSH_LOG_WARN, "Failed to build ed25519 key");
goto fail; goto fail;
@@ -1252,13 +1252,13 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer,
ssh_log_hexdump("g", ssh_string_data(g), ssh_string_len(g)); ssh_log_hexdump("g", ssh_string_data(g), ssh_string_len(g));
#endif #endif
ssh_string_burn(p); ssh_string_burn(p);
ssh_string_free(p); SSH_STRING_FREE(p);
ssh_string_burn(q); ssh_string_burn(q);
ssh_string_free(q); SSH_STRING_FREE(q);
ssh_string_burn(g); ssh_string_burn(g);
ssh_string_free(g); SSH_STRING_FREE(g);
ssh_string_burn(pubkey); ssh_string_burn(pubkey);
ssh_string_free(pubkey); SSH_STRING_FREE(pubkey);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
SSH_LOG(SSH_LOG_WARN, "Failed to build DSA public key"); SSH_LOG(SSH_LOG_WARN, "Failed to build DSA public key");
goto fail; goto fail;
@@ -1282,9 +1282,9 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer,
ssh_log_hexdump("n", ssh_string_data(n), ssh_string_len(n)); ssh_log_hexdump("n", ssh_string_data(n), ssh_string_len(n));
#endif #endif
ssh_string_burn(e); ssh_string_burn(e);
ssh_string_free(e); SSH_STRING_FREE(e);
ssh_string_burn(n); ssh_string_burn(n);
ssh_string_free(n); SSH_STRING_FREE(n);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
SSH_LOG(SSH_LOG_WARN, "Failed to build RSA public key"); SSH_LOG(SSH_LOG_WARN, "Failed to build RSA public key");
goto fail; goto fail;
@@ -1308,14 +1308,14 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer,
} }
nid = pki_key_ecdsa_nid_from_name(ssh_string_get_char(i)); nid = pki_key_ecdsa_nid_from_name(ssh_string_get_char(i));
ssh_string_free(i); SSH_STRING_FREE(i);
if (nid == -1) { if (nid == -1) {
goto fail; goto fail;
} }
rc = pki_pubkey_build_ecdsa(key, nid, e); rc = pki_pubkey_build_ecdsa(key, nid, e);
ssh_string_burn(e); ssh_string_burn(e);
ssh_string_free(e); SSH_STRING_FREE(e);
if (rc < 0) { if (rc < 0) {
SSH_LOG(SSH_LOG_WARN, "Failed to build ECDSA public key"); SSH_LOG(SSH_LOG_WARN, "Failed to build ECDSA public key");
goto fail; goto fail;
@@ -1334,20 +1334,20 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer,
if (ssh_string_len(pubkey) != ED25519_KEY_LEN) { if (ssh_string_len(pubkey) != ED25519_KEY_LEN) {
SSH_LOG(SSH_LOG_WARN, "Invalid public key length"); SSH_LOG(SSH_LOG_WARN, "Invalid public key length");
ssh_string_burn(pubkey); ssh_string_burn(pubkey);
ssh_string_free(pubkey); SSH_STRING_FREE(pubkey);
goto fail; goto fail;
} }
key->ed25519_pubkey = malloc(ED25519_KEY_LEN); key->ed25519_pubkey = malloc(ED25519_KEY_LEN);
if (key->ed25519_pubkey == NULL) { if (key->ed25519_pubkey == NULL) {
ssh_string_burn(pubkey); ssh_string_burn(pubkey);
ssh_string_free(pubkey); SSH_STRING_FREE(pubkey);
goto fail; goto fail;
} }
memcpy(key->ed25519_pubkey, ssh_string_data(pubkey), ED25519_KEY_LEN); memcpy(key->ed25519_pubkey, ssh_string_data(pubkey), ED25519_KEY_LEN);
ssh_string_burn(pubkey); ssh_string_burn(pubkey);
ssh_string_free(pubkey); SSH_STRING_FREE(pubkey);
} }
break; break;
case SSH_KEYTYPE_DSS_CERT01: case SSH_KEYTYPE_DSS_CERT01:
@@ -1488,7 +1488,7 @@ int ssh_pki_import_pubkey_base64(const char *b64_key,
ssh_buffer_free(buffer); ssh_buffer_free(buffer);
return SSH_ERROR; return SSH_ERROR;
} }
ssh_string_free(type_s); SSH_STRING_FREE(type_s);
if (is_cert_type(type)) { if (is_cert_type(type)) {
rc = pki_import_cert_buffer(buffer, type, pkey); rc = pki_import_cert_buffer(buffer, type, pkey);
@@ -1550,7 +1550,7 @@ int ssh_pki_import_pubkey_blob(const ssh_string key_blob,
SSH_LOG(SSH_LOG_WARN, "Unknown key type found!"); SSH_LOG(SSH_LOG_WARN, "Unknown key type found!");
goto fail; goto fail;
} }
ssh_string_free(type_s); SSH_STRING_FREE(type_s);
if (is_cert_type(type)) { if (is_cert_type(type)) {
rc = pki_import_cert_buffer(buffer, type, pkey); rc = pki_import_cert_buffer(buffer, type, pkey);
@@ -1563,7 +1563,7 @@ int ssh_pki_import_pubkey_blob(const ssh_string key_blob,
return rc; return rc;
fail: fail:
ssh_buffer_free(buffer); ssh_buffer_free(buffer);
ssh_string_free(type_s); SSH_STRING_FREE(type_s);
return SSH_ERROR; return SSH_ERROR;
} }
@@ -1881,7 +1881,7 @@ int ssh_pki_export_privkey_to_pubkey(const ssh_key privkey,
* *
* @return SSH_OK on success, SSH_ERROR otherwise. * @return SSH_OK on success, SSH_ERROR otherwise.
* *
* @see ssh_string_free() * @see SSH_STRING_FREE()
*/ */
int ssh_pki_export_pubkey_blob(const ssh_key key, int ssh_pki_export_pubkey_blob(const ssh_key key,
ssh_string *pblob) ssh_string *pblob)
@@ -1911,7 +1911,7 @@ int ssh_pki_export_pubkey_blob(const ssh_key key,
* *
* @return SSH_OK on success, SSH_ERROR on error. * @return SSH_OK on success, SSH_ERROR on error.
* *
* @see ssh_string_free_char() * @see SSH_STRING_FREE_CHAR()
*/ */
int ssh_pki_export_pubkey_base64(const ssh_key key, int ssh_pki_export_pubkey_base64(const ssh_key key,
char **b64_key) char **b64_key)
@@ -1929,7 +1929,7 @@ int ssh_pki_export_pubkey_base64(const ssh_key key,
} }
b64 = bin_to_base64(ssh_string_data(key_blob), ssh_string_len(key_blob)); b64 = bin_to_base64(ssh_string_data(key_blob), ssh_string_len(key_blob));
ssh_string_free(key_blob); SSH_STRING_FREE(key_blob);
if (b64 == NULL) { if (b64 == NULL) {
return SSH_ERROR; return SSH_ERROR;
} }
@@ -2061,7 +2061,7 @@ int ssh_pki_export_signature_blob(const ssh_signature sig,
} }
rc = ssh_buffer_add_ssh_string(buf, str); rc = ssh_buffer_add_ssh_string(buf, str);
ssh_string_free(str); SSH_STRING_FREE(str);
if (rc < 0) { if (rc < 0) {
ssh_buffer_free(buf); ssh_buffer_free(buf);
return SSH_ERROR; return SSH_ERROR;
@@ -2074,7 +2074,7 @@ int ssh_pki_export_signature_blob(const ssh_signature sig,
} }
rc = ssh_buffer_add_ssh_string(buf, str); rc = ssh_buffer_add_ssh_string(buf, str);
ssh_string_free(str); SSH_STRING_FREE(str);
if (rc < 0) { if (rc < 0) {
ssh_buffer_free(buf); ssh_buffer_free(buf);
return SSH_ERROR; return SSH_ERROR;
@@ -2132,7 +2132,7 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob,
alg = ssh_string_get_char(algorithm); alg = ssh_string_get_char(algorithm);
type = ssh_key_type_from_signature_name(alg); type = ssh_key_type_from_signature_name(alg);
hash_type = ssh_key_hash_from_name(alg); hash_type = ssh_key_hash_from_name(alg);
ssh_string_free(algorithm); SSH_STRING_FREE(algorithm);
blob = ssh_buffer_get_ssh_string(buf); blob = ssh_buffer_get_ssh_string(buf);
ssh_buffer_free(buf); ssh_buffer_free(buf);
@@ -2141,7 +2141,7 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob,
} }
sig = pki_signature_from_blob(pubkey, blob, type, hash_type); sig = pki_signature_from_blob(pubkey, blob, type, hash_type);
ssh_string_free(blob); SSH_STRING_FREE(blob);
if (sig == NULL) { if (sig == NULL) {
return SSH_ERROR; return SSH_ERROR;
} }
@@ -2367,7 +2367,7 @@ ssh_string ssh_pki_do_sign(ssh_session session,
end: end:
ssh_signature_free(sig); ssh_signature_free(sig);
ssh_buffer_free(sign_input); ssh_buffer_free(sign_input);
ssh_string_free(session_id); SSH_STRING_FREE(session_id);
return sig_blob; return sig_blob;
} }
@@ -2397,17 +2397,17 @@ ssh_string ssh_pki_do_sign_agent(ssh_session session,
sig_buf = ssh_buffer_new(); sig_buf = ssh_buffer_new();
if (sig_buf == NULL) { if (sig_buf == NULL) {
ssh_string_free(session_id); SSH_STRING_FREE(session_id);
return NULL; return NULL;
} }
rc = ssh_buffer_add_ssh_string(sig_buf, session_id); rc = ssh_buffer_add_ssh_string(sig_buf, session_id);
if (rc < 0) { if (rc < 0) {
ssh_string_free(session_id); SSH_STRING_FREE(session_id);
ssh_buffer_free(sig_buf); ssh_buffer_free(sig_buf);
return NULL; return NULL;
} }
ssh_string_free(session_id); SSH_STRING_FREE(session_id);
/* append out buffer */ /* append out buffer */
if (ssh_buffer_add_buffer(sig_buf, buf) < 0) { if (ssh_buffer_add_buffer(sig_buf, buf) < 0) {