+20030315
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/03/13 11:42:19
+ [authfile.c ssh-keysign.c]
+ move RSA_blinding_on to generic key load method
+
20030310
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/03/05 22:33:43
*/
#include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.51 2002/11/15 10:03:09 fgsch Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.52 2003/03/13 11:42:18 markus Exp $");
#include <openssl/err.h>
#include <openssl/evp.h>
rsa_generate_additional_parameters(prv->rsa);
buffer_free(&decrypted);
+
+ /* enable blinding */
+ if (RSA_blinding_on(prv->rsa, NULL) != 1) {
+ error("key_load_private_rsa1: RSA_blinding_on failed");
+ goto fail;
+ }
close(fd);
return prv;
#ifdef DEBUG_PK
RSA_print_fp(stderr, prv->rsa, 8);
#endif
+ if (RSA_blinding_on(prv->rsa, NULL) != 1) {
+ error("key_load_private_pem: RSA_blinding_on failed");
+ key_free(prv);
+ prv = NULL;
+ }
} else if (pk->type == EVP_PKEY_DSA &&
(type == KEY_UNSPEC||type==KEY_DSA)) {
prv = key_new(KEY_UNSPEC);
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-keysign.c,v 1.9 2002/12/19 00:07:02 djm Exp $");
+RCSID("$OpenBSD: ssh-keysign.c,v 1.10 2003/03/13 11:42:19 markus Exp $");
#include <openssl/evp.h>
#include <openssl/rand.h>
keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC,
NULL, NULL);
close(key_fd[i]);
- if (keys[i] != NULL && keys[i]->type == KEY_RSA) {
- if (RSA_blinding_on(keys[i]->rsa, NULL) != 1) {
- error("RSA_blinding_on failed");
- key_free(keys[i]);
- keys[i] = NULL;
- }
- }
if (keys[i] != NULL)
found = 1;
}