lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-08 19:02:06 +03:00
Code Activity

pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built without ECC

Browse Source 
Summary:
When ed25519 was introduced in commit 93c7b81b4e,
the ed25519 case was added after the ecdsa case in src/pki.c. The ecdsa case seems to
have relied on falling through to report an error, when HAVE_ECC is not defined.
If HAVE_ECC is not defined, but ecdsa keys are used, with for example,
ssh_pki_import_pubkey_file, the code fallthroughs into the ed25519 case.

Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>

Test Plan: Unit tests passed. No memory leaks found with valgrind.

Reviewers: asn

Differential Revision: https://bugs.libssh.org/D13
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
jvijtiuk
2017-12-28 20:45:49 +01:00
committed by Andreas Schneider
parent c3c492a190
commit ea99215664
2 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/pki.c
View File

@@ -771,8 +771,8 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer,
} }
} }
break; break;
case SSH_KEYTYPE_ECDSA:
#ifdef HAVE_ECC #ifdef HAVE_ECC
case SSH_KEYTYPE_ECDSA:
{ {
ssh_string e; ssh_string e;
ssh_string i; ssh_string i;
@@ -1201,8 +1201,8 @@ int ssh_pki_generate(enum ssh_keytypes_e type, int parameter,
if(rc == SSH_ERROR) if(rc == SSH_ERROR)
goto error; goto error;
break; break;
case SSH_KEYTYPE_ECDSA:
#ifdef HAVE_ECC #ifdef HAVE_ECC
case SSH_KEYTYPE_ECDSA:
rc = pki_key_generate_ecdsa(key, parameter); rc = pki_key_generate_ecdsa(key, parameter);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
goto error; goto error;
@@ -1221,6 +1221,7 @@ int ssh_pki_generate(enum ssh_keytypes_e type, int parameter,
case SSH_KEYTYPE_DSS_CERT01: case SSH_KEYTYPE_DSS_CERT01:
case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_RSA_CERT01:
case SSH_KEYTYPE_UNKNOWN: case SSH_KEYTYPE_UNKNOWN:
default:
goto error; goto error;
} }

3
src/pki_crypto.c
View File

@@ -697,8 +697,8 @@ ssh_string pki_private_key_to_pem(const ssh_key key,
goto err; goto err;
} }
break; break;
case SSH_KEYTYPE_ECDSA:
#ifdef HAVE_ECC #ifdef HAVE_ECC
case SSH_KEYTYPE_ECDSA:
if (passphrase == NULL) { if (passphrase == NULL) {
struct pem_get_password_struct pgp = { auth_fn, auth_data }; struct pem_get_password_struct pgp = { auth_fn, auth_data };
@@ -730,6 +730,7 @@ ssh_string pki_private_key_to_pem(const ssh_key key,
case SSH_KEYTYPE_DSS_CERT01: case SSH_KEYTYPE_DSS_CERT01:
case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_RSA_CERT01:
case SSH_KEYTYPE_UNKNOWN: case SSH_KEYTYPE_UNKNOWN:
default:
BIO_free(mem); BIO_free(mem);
SSH_LOG(SSH_LOG_WARN, "Unkown or invalid private key type %d", key->type); SSH_LOG(SSH_LOG_WARN, "Unkown or invalid private key type %d", key->type);
return NULL; return NULL;