[BACK]Return to sshkey.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/sshkey.c between version 1.114 and 1.115

version 1.114, 2021/01/26 00:49:30 version 1.115, 2021/02/02 22:36:46
Line 3358 
Line 3358 
 sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)  sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
 {  {
         char *tname = NULL, *curve = NULL, *xmss_name = NULL;          char *tname = NULL, *curve = NULL, *xmss_name = NULL;
           char *expect_sk_application = NULL;
         struct sshkey *k = NULL;          struct sshkey *k = NULL;
         size_t pklen = 0, sklen = 0;          size_t pklen = 0, sklen = 0;
         int type, r = SSH_ERR_INTERNAL_ERROR;          int type, r = SSH_ERR_INTERNAL_ERROR;
         u_char *ed25519_pk = NULL, *ed25519_sk = NULL;          u_char *ed25519_pk = NULL, *ed25519_sk = NULL;
           u_char *expect_ed25519_pk = NULL;
         u_char *xmss_pk = NULL, *xmss_sk = NULL;          u_char *xmss_pk = NULL, *xmss_sk = NULL;
 #ifdef WITH_OPENSSL  #ifdef WITH_OPENSSL
         BIGNUM *exponent = NULL;          BIGNUM *exponent = NULL;
Line 3394 
Line 3396 
                         r = SSH_ERR_KEY_CERT_MISMATCH;                          r = SSH_ERR_KEY_CERT_MISMATCH;
                         goto out;                          goto out;
                 }                  }
                   /*
                    * Several fields are redundant between certificate and
                    * private key body, we require these to match.
                    */
                   expect_sk_application = k->sk_application;
                   expect_ed25519_pk = k->ed25519_pk;
                   k->sk_application = NULL;
                   k->ed25519_pk = NULL;
         } else {          } else {
                 if ((k = sshkey_new(type)) == NULL) {                  if ((k = sshkey_new(type)) == NULL) {
                         r = SSH_ERR_ALLOC_FAIL;                          r = SSH_ERR_ALLOC_FAIL;
Line 3613 
Line 3623 
                 break;                  break;
         }          }
 #endif /* WITH_OPENSSL */  #endif /* WITH_OPENSSL */
           if ((expect_sk_application != NULL && (k->sk_application == NULL ||
               strcmp(expect_sk_application, k->sk_application) != 0)) ||
               (expect_ed25519_pk != NULL && (k->ed25519_pk == NULL ||
                memcmp(expect_ed25519_pk, k->ed25519_pk, ED25519_PK_SZ) != 0))) {
                   r = SSH_ERR_KEY_CERT_MISMATCH;
                   goto out;
           }
         /* success */          /* success */
         r = 0;          r = 0;
         if (kp != NULL) {          if (kp != NULL) {
Line 3642 
Line 3659 
         free(xmss_name);          free(xmss_name);
         freezero(xmss_pk, pklen);          freezero(xmss_pk, pklen);
         freezero(xmss_sk, sklen);          freezero(xmss_sk, sklen);
           free(expect_sk_application);
           free(expect_ed25519_pk);
         return r;          return r;
 }  }
   
Legend:
Removed from v.1.114  
changed lines
  Added in v.1.115