1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 09:58:01 +00:00

Move some manual freeing into freersakey().

Several pieces of old code were disposing of pieces of an RSAKey by
manually freeing them one at a time. We have a centralised
freersakey(), so we should use that instead wherever possible.

Where it wasn't possible to switch over to that, it was because we
were only freeing the private fields of the key - so I've fixed that
by cutting freersakey() down the middle and exposing the private-only
half as freersapriv().
This commit is contained in:
Simon Tatham 2018-12-14 19:42:47 +00:00
parent 55cea187e9
commit a80edab4b5
4 changed files with 38 additions and 34 deletions

View File

@ -308,8 +308,7 @@ void pageant_handle_msg(BinarySink *bs,
if (response) if (response)
freebn(response); freebn(response);
freebn(challenge); freebn(challenge);
freebn(reqkey.exponent); freersakey(&reqkey);
freebn(reqkey.modulus);
} }
break; break;
case SSH2_AGENTC_SIGN_REQUEST: case SSH2_AGENTC_SIGN_REQUEST:
@ -526,13 +525,13 @@ void pageant_handle_msg(BinarySink *bs,
plog(logctx, logfn, "request: SSH1_AGENTC_REMOVE_RSA_IDENTITY"); plog(logctx, logfn, "request: SSH1_AGENTC_REMOVE_RSA_IDENTITY");
memset(&reqkey, 0, sizeof(reqkey));
get_rsa_ssh1_pub(msg, &reqkey, RSA_SSH1_EXPONENT_FIRST); get_rsa_ssh1_pub(msg, &reqkey, RSA_SSH1_EXPONENT_FIRST);
if (get_err(msg)) { if (get_err(msg)) {
pageant_failure_msg(bs, "unable to decode request", pageant_failure_msg(bs, "unable to decode request",
logctx, logfn); logctx, logfn);
freebn(reqkey.exponent); freersakey(&reqkey);
freebn(reqkey.modulus);
return; return;
} }
@ -545,8 +544,7 @@ void pageant_handle_msg(BinarySink *bs,
} }
key = find234(rsakeys, &reqkey, NULL); key = find234(rsakeys, &reqkey, NULL);
freebn(reqkey.exponent); freersakey(&reqkey);
freebn(reqkey.modulus);
if (key) { if (key) {
plog(logctx, logfn, "found with comment: %s", key->comment); plog(logctx, logfn, "found with comment: %s", key->comment);

1
ssh.h
View File

@ -514,6 +514,7 @@ bool rsa_verify(struct RSAKey *key);
void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key, void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
RsaSsh1Order order); RsaSsh1Order order);
int rsa_ssh1_public_blob_len(void *data, int maxlen); int rsa_ssh1_public_blob_len(void *data, int maxlen);
void freersapriv(struct RSAKey *key);
void freersakey(struct RSAKey *key); void freersakey(struct RSAKey *key);
unsigned long crc32_compute(const void *s, size_t len); unsigned long crc32_compute(const void *s, size_t len);

View File

@ -368,22 +368,8 @@ static void ssh1_login_process_queue(PacketProtocolLayer *ppl)
ssh1_bpp_new_cipher(s->ppl.bpp, cipher, s->session_key); ssh1_bpp_new_cipher(s->ppl.bpp, cipher, s->session_key);
} }
if (s->servkey.modulus) { freersakey(&s->servkey);
sfree(s->servkey.modulus); freersakey(&s->hostkey);
s->servkey.modulus = NULL;
}
if (s->servkey.exponent) {
sfree(s->servkey.exponent);
s->servkey.exponent = NULL;
}
if (s->hostkey.modulus) {
sfree(s->hostkey.modulus);
s->hostkey.modulus = NULL;
}
if (s->hostkey.exponent) {
sfree(s->hostkey.exponent);
s->hostkey.exponent = NULL;
}
crMaybeWaitUntilV((pktin = ssh1_login_pop(s)) != NULL); crMaybeWaitUntilV((pktin = ssh1_login_pop(s)) != NULL);
if (pktin->type != SSH1_SMSG_SUCCESS) { if (pktin->type != SSH1_SMSG_SUCCESS) {
@ -745,7 +731,7 @@ static void ssh1_login_process_queue(PacketProtocolLayer *ppl)
return; return;
} }
response = rsa_ssh1_decrypt(challenge, &s->key); response = rsa_ssh1_decrypt(challenge, &s->key);
freebn(s->key.private_exponent);/* burn the evidence */ freersapriv(&s->key); /* burn the evidence */
for (i = 0; i < 32; i++) { for (i = 0; i < 32; i++) {
buffer[i] = bignum_byte(response, 31 - i); buffer[i] = bignum_byte(response, 31 - i);

View File

@ -486,22 +486,41 @@ int rsa_ssh1_public_blob_len(void *data, int maxlen)
return src->pos; return src->pos;
} }
void freersapriv(struct RSAKey *key)
{
if (key->private_exponent) {
freebn(key->private_exponent);
key->private_exponent = NULL;
}
if (key->p) {
freebn(key->p);
key->p = NULL;
}
if (key->q) {
freebn(key->q);
key->q = NULL;
}
if (key->iqmp) {
freebn(key->iqmp);
key->iqmp = NULL;
}
}
void freersakey(struct RSAKey *key) void freersakey(struct RSAKey *key)
{ {
if (key->modulus) freersapriv(key);
if (key->modulus) {
freebn(key->modulus); freebn(key->modulus);
if (key->exponent) key->modulus = NULL;
}
if (key->exponent) {
freebn(key->exponent); freebn(key->exponent);
if (key->private_exponent) key->exponent = NULL;
freebn(key->private_exponent); }
if (key->p) if (key->comment) {
freebn(key->p);
if (key->q)
freebn(key->q);
if (key->iqmp)
freebn(key->iqmp);
if (key->comment)
sfree(key->comment); sfree(key->comment);
key->comment = NULL;
}
} }
/* ---------------------------------------------------------------------- /* ----------------------------------------------------------------------