X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fed25519%2Fecdsa.c;h=28daf4a1672132a373913d6c0a7b155709007948;hb=a5c6c6ea1ab657d83a4d8b064ac9bfa9c16adf63;hp=78e24fe6aaa99f28bf97d4ff9e20d9bbb5c39e73;hpb=3a316823b971396a428f020f401b9fe41252d98d;p=tinc diff --git a/src/ed25519/ecdsa.c b/src/ed25519/ecdsa.c index 78e24fe6..28daf4a1 100644 --- a/src/ed25519/ecdsa.c +++ b/src/ed25519/ecdsa.c @@ -35,18 +35,19 @@ typedef struct { // Get and set ECDSA keys // ecdsa_t *ecdsa_set_base64_public_key(const char *p) { - int len = strlen(p); + size_t len = strlen(p); if(len != 43) { - logger(DEBUG_ALWAYS, LOG_ERR, "Invalid size %d for public key!", len); + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid size %lu for public key!", (unsigned long)len); return 0; } ecdsa_t *ecdsa = xzalloc(sizeof(*ecdsa)); - len = b64decode(p, ecdsa->public, len); + len = b64decode_tinc(p, ecdsa->public, len); + if(len != 32) { - logger(DEBUG_ALWAYS, LOG_ERR, "Invalid format of public key! len = %d", len); - free(ecdsa); + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid format of public key! len = %lu", (unsigned long)len); + ecdsa_free(ecdsa); return 0; } @@ -55,43 +56,45 @@ ecdsa_t *ecdsa_set_base64_public_key(const char *p) { char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa) { char *base64 = xmalloc(44); - b64encode(ecdsa->public, base64, sizeof(ecdsa->public)); + b64encode_tinc(ecdsa->public, base64, sizeof(ecdsa->public)); return base64; } // Read PEM ECDSA keys -static bool read_pem(FILE *fp, const char *type, void *buf, size_t size) { +static bool read_pem(FILE *fp, const char *type, void *vbuf, size_t size) { + const size_t buflen = size; char line[1024]; bool data = false; size_t typelen = strlen(type); + char *buf = vbuf; while(fgets(line, sizeof(line), fp)) { if(!data) { - if(strncmp(line, "-----BEGIN ", 11)) + if(strncmp(line, "-----BEGIN ", 11)) { continue; - if(strncmp(line + 11, type, typelen)) + } + + if(strncmp(line + 11, type, typelen)) { continue; + } + data = true; continue; } - if(!strncmp(line, "-----END ", 9)) + if(!strncmp(line, "-----END ", 9)) { break; + } size_t linelen = strcspn(line, "\r\n"); - size_t len = b64decode(line, line, linelen); - if(!len) { - logger(DEBUG_ALWAYS, LOG_ERR, "Invalid base64 data in PEM file\n"); - errno = EINVAL; - return false; - } + size_t len = b64decode_tinc(line, line, linelen); - if(len > size) { - logger(DEBUG_ALWAYS, LOG_ERR, "Too much base64 data in PEM file\n"); + if(!len || len > size) { + logger(DEBUG_ALWAYS, LOG_ERR, "%s base64 data in PEM file\n", len ? "Too much" : "Invalid"); errno = EINVAL; - return false; + goto exit; } memcpy(buf, line, len); @@ -106,6 +109,13 @@ static bool read_pem(FILE *fp, const char *type, void *buf, size_t size) { } else { errno = ENOENT; } + } + +exit: + memzero(line, sizeof(line)); + + if(size) { + memzero(vbuf, buflen); return false; } @@ -114,21 +124,28 @@ static bool read_pem(FILE *fp, const char *type, void *buf, size_t size) { ecdsa_t *ecdsa_read_pem_public_key(FILE *fp) { ecdsa_t *ecdsa = xzalloc(sizeof(*ecdsa)); - if(read_pem(fp, "ED25519 PUBLIC KEY", ecdsa->public, sizeof(ecdsa->public))) + + if(read_pem(fp, "ED25519 PUBLIC KEY", ecdsa->public, sizeof(ecdsa->public))) { return ecdsa; - free(ecdsa); - return 0; + } + + ecdsa_free(ecdsa); + return NULL; } ecdsa_t *ecdsa_read_pem_private_key(FILE *fp) { ecdsa_t *ecdsa = xmalloc(sizeof(*ecdsa)); - if(read_pem(fp, "ED25519 PRIVATE KEY", ecdsa->private, sizeof(*ecdsa))) + + if(read_pem(fp, "ED25519 PRIVATE KEY", ecdsa->private, sizeof(*ecdsa))) { return ecdsa; - free(ecdsa); - return 0; + } + + ecdsa_free(ecdsa); + return NULL; } size_t ecdsa_size(ecdsa_t *ecdsa) { + (void)ecdsa; return 64; } @@ -148,5 +165,5 @@ bool ecdsa_active(ecdsa_t *ecdsa) { } void ecdsa_free(ecdsa_t *ecdsa) { - free(ecdsa); + xzfree(ecdsa, sizeof(ecdsa_t)); }