i += 4;\r
\r
/* Now the serious stuff. An ordinary SSH-1 public key. */\r
- i += makekey(buf + i, len, key, NULL, 1);\r
- if (i < 0)\r
+ j = makekey(buf + i, len, key, NULL, 1);\r
+ if (j < 0)\r
goto end; /* overran */\r
+ i += j;\r
\r
/* Next, the comment field. */\r
- j = GET_32BIT(buf + i);\r
+ j = toint(GET_32BIT(buf + i));\r
i += 4;\r
- if (len - i < j)\r
+ if (j < 0 || len - i < j)\r
goto end;\r
comment = snewn(j + 1, char);\r
if (comment) {\r
MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));\r
MD5Final(keybuf, &md5c);\r
des3_decrypt_pubkey(keybuf, buf + i, (len - i + 7) & ~7);\r
- memset(keybuf, 0, sizeof(keybuf)); /* burn the evidence */\r
+ smemclr(keybuf, sizeof(keybuf)); /* burn the evidence */\r
}\r
\r
/*\r
ret = 1;\r
\r
end:\r
- memset(buf, 0, sizeof(buf)); /* burn the evidence */\r
+ smemclr(buf, sizeof(buf)); /* burn the evidence */\r
return ret;\r
}\r
\r
int ret = 0;\r
const char *error = NULL;\r
\r
- fp = f_open(*filename, "rb", FALSE);\r
+ fp = f_open(filename, "rb", FALSE);\r
if (!fp) {\r
error = "can't open file";\r
goto end;\r
FILE *fp;\r
char buf[64];\r
\r
- fp = f_open(*filename, "rb", FALSE);\r
+ fp = f_open(filename, "rb", FALSE);\r
if (!fp)\r
return 0; /* doesn't even exist */\r
\r
*bloblen = 0;\r
ret = 0;\r
\r
- fp = f_open(*filename, "rb", FALSE);\r
+ fp = f_open(filename, "rb", FALSE);\r
if (!fp) {\r
error = "can't open file";\r
goto end;\r
*blob = rsa_public_blob(&key, bloblen);\r
freersakey(&key);\r
ret = 1;\r
- fp = NULL;\r
}\r
+ fp = NULL; /* loadrsakey_main unconditionally closes fp */\r
} else {\r
error = "not an SSH-1 RSA file";\r
}\r
MD5Update(&md5c, (unsigned char *)passphrase, strlen(passphrase));\r
MD5Final(keybuf, &md5c);\r
des3_encrypt_pubkey(keybuf, estart, p - estart);\r
- memset(keybuf, 0, sizeof(keybuf)); /* burn the evidence */\r
+ smemclr(keybuf, sizeof(keybuf)); /* burn the evidence */\r
}\r
\r
/*\r
* Done. Write the result to the file.\r
*/\r
- fp = f_open(*filename, "wb", TRUE);\r
+ fp = f_open(filename, "wb", TRUE);\r
if (fp) {\r
int ret = (fwrite(buf, 1, p - buf, fp) == (size_t) (p - buf));\r
if (fclose(fp))\r
int len = 39;\r
int c;\r
\r
- while (len > 0) {\r
+ while (1) {\r
c = fgetc(fp);\r
if (c == '\n' || c == '\r' || c == EOF)\r
return 0; /* failure */\r
encryption = comment = mac = NULL;\r
public_blob = private_blob = NULL;\r
\r
- fp = f_open(*filename, "rb", FALSE);\r
+ fp = f_open(filename, "rb", FALSE);\r
if (!fp) {\r
error = "can't open file";\r
goto error;\r
/* this is an old key file; warn and then continue */\r
old_keyfile_warning();\r
old_fmt = 1;\r
+ } else if (0 == strncmp(header, "PuTTY-User-Key-File-", 20)) {\r
+ /* this is a key file FROM THE FUTURE; refuse it, but with a\r
+ * more specific error message than the generic one below */\r
+ error = "PuTTY key format too new";\r
+ goto error;\r
} else {\r
error = "not a PuTTY SSH-2 private key";\r
goto error;\r
cipher = 0;\r
cipherblk = 1;\r
} else {\r
- sfree(encryption);\r
goto error;\r
}\r
\r
\r
hmac_sha1_simple(mackey, 20, macdata, maclen, binary);\r
\r
- memset(mackey, 0, sizeof(mackey));\r
- memset(&s, 0, sizeof(s));\r
+ smemclr(mackey, sizeof(mackey));\r
+ smemclr(&s, sizeof(s));\r
} else {\r
SHA_Simple(macdata, maclen, binary);\r
}\r
\r
if (free_macdata) {\r
- memset(macdata, 0, maclen);\r
+ smemclr(macdata, maclen);\r
sfree(macdata);\r
}\r
\r
\r
public_blob = NULL;\r
\r
- fp = f_open(*filename, "rb", FALSE);\r
+ fp = f_open(filename, "rb", FALSE);\r
if (!fp) {\r
error = "can't open file";\r
goto error;\r
if (!read_header(fp, header)\r
|| (0 != strcmp(header, "PuTTY-User-Key-File-2") &&\r
0 != strcmp(header, "PuTTY-User-Key-File-1"))) {\r
- error = "not a PuTTY SSH-2 private key";\r
+ if (0 == strncmp(header, "PuTTY-User-Key-File-", 20))\r
+ error = "PuTTY key format too new";\r
+ else\r
+ error = "not a PuTTY SSH-2 private key";\r
goto error;\r
}\r
error = "file format error";\r
if (commentptr)\r
*commentptr = NULL;\r
\r
- fp = f_open(*filename, "rb", FALSE);\r
+ fp = f_open(filename, "rb", FALSE);\r
if (!fp)\r
return 0;\r
if (!read_header(fp, header)\r
\r
if (commentptr)\r
*commentptr = comment;\r
+ else\r
+ sfree(comment);\r
\r
fclose(fp);\r
if (!strcmp(b, "aes256-cbc"))\r
SHA_Bytes(&s, passphrase, strlen(passphrase));\r
SHA_Final(&s, mackey);\r
hmac_sha1_simple(mackey, 20, macdata, maclen, priv_mac);\r
- memset(macdata, 0, maclen);\r
+ smemclr(macdata, maclen);\r
sfree(macdata);\r
- memset(mackey, 0, sizeof(mackey));\r
- memset(&s, 0, sizeof(s));\r
+ smemclr(mackey, sizeof(mackey));\r
+ smemclr(&s, sizeof(s));\r
}\r
\r
if (passphrase) {\r
aes256_encrypt_pubkey(key, priv_blob_encrypted,\r
priv_encrypted_len);\r
\r
- memset(key, 0, sizeof(key));\r
- memset(&s, 0, sizeof(s));\r
+ smemclr(key, sizeof(key));\r
+ smemclr(&s, sizeof(s));\r
}\r
\r
- fp = f_open(*filename, "w", TRUE);\r
+ fp = f_open(filename, "w", TRUE);\r
if (!fp)\r
return 0;\r
fprintf(fp, "PuTTY-User-Key-File-2: %s\n", key->alg->name);\r
fclose(fp);\r
\r
sfree(pub_blob);\r
- memset(priv_blob, 0, priv_blob_len);\r
+ smemclr(priv_blob, priv_blob_len);\r
sfree(priv_blob);\r
sfree(priv_blob_encrypted);\r
return 1;\r
const char openssh_sig[] = "-----BEGIN ";\r
int i;\r
\r
- fp = f_open(*filename, "r", FALSE);\r
+ fp = f_open(filename, "r", FALSE);\r
if (!fp)\r
return SSH_KEYTYPE_UNOPENABLE;\r
i = fread(buf, 1, sizeof(buf), fp);\r