crypto: Rename check_key_file() -> check_private_key_file().

For public keys the function only called stat(2), which is unnecessary
because only an error from the subsequent open(2) call requires to
fail the operation.

The stat() call is needed for loading private keys though, to make
sure permissions are restrictive enough.

This commit renames the function as indicated in the subject and
drops the second parameter. In crypt.c we now call this function for
private keys only.

diff --git a/crypt.c b/crypt.c
index 8116fb6eeacdbeaa0f1f22d14cfcc3726ee3bbbf..085c0563d0afb2eb23669d4084e4f83c92ff5540 100644 (file)
--- a/crypt.c
+++ b/crypt.c
@@ -65,12 +65,7 @@ static EVP_PKEY *load_key(const char *file, int private)
 {
        BIO *key;
        EVP_PKEY *pkey = NULL;
-       int ret = check_key_file(file, private);
 
-       if (ret < 0) {
-               PARA_ERROR_LOG("%s\n", para_strerror(-ret));
-               return NULL;
-       }
        key = BIO_new(BIO_s_file());
        if (!key)
                return NULL;
@@ -229,6 +224,9 @@ int priv_decrypt(const char *key_file, unsigned char *outbuf,
        struct asymmetric_key *priv;
        int ret;
 
+       ret = check_private_key_file(key_file);
+       if (ret < 0)
+               return ret;
        if (inlen < 0)
                return -E_RSA;
        ret = get_asymmetric_key(key_file, LOAD_PRIVATE_KEY, &priv);

diff --git a/crypt_backend.h b/crypt_backend.h
index f9a69d9490057382126e4efe04a15bfda9025419..fccdd2efbda6da1f8dac7a3a4731885e4e8f7290 100644 (file)
--- a/crypt_backend.h
+++ b/crypt_backend.h
@@ -14,4 +14,4 @@
 size_t is_ssh_rsa_key(char *data, size_t size);
 uint32_t read_ssh_u32(const void *vp);
 int check_ssh_key_header(const unsigned char *blob, int blen);
-int check_key_file(const char *file, bool private_key);
+int check_private_key_file(const char *file);

diff --git a/crypt_common.c b/crypt_common.c
index a05572df85b1de5fb5e1043abfc34c66e26c65e7..1fd8189ca3c5a201bd2d227bb366bd800757a5a5 100644 (file)
--- a/crypt_common.c
+++ b/crypt_common.c
@@ -103,25 +103,22 @@ int check_ssh_key_header(const unsigned char *blob, int blen)
 }
 
 /**
- * Check existence and permissions of a key file.
+ * Check existence and permissions of a private key file.
  *
  * \param file The path of the key file.
- * \param private_key Whether this is a private key.
  *
- * This checks whether the file exists. If it is a private key, we additionally
- * check that the permissions are restrictive enough. It is considered an error
- * if we own the file and it is readable for others.
+ * This checks whether the file exists and its permissions are restrictive
+ * enough. It is considered an error if we own the file and it is readable for
+ * others.
  *
  * \return Standard.
  */
-int check_key_file(const char *file, bool private_key)
+int check_private_key_file(const char *file)
 {
        struct stat st;
 
        if (stat(file, &st) != 0)
                return -ERRNO_TO_PARA_ERROR(errno);
-       if (!private_key)
-               return 0;
        if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0)
                return -E_KEY_PERM;
        return 1;

diff --git a/gcrypt.c b/gcrypt.c
index ee1092033b42d7d513e0821c2022abe848e8189e..ba8aadc68e6ce7f7faf4822f186c6c5d22d1718c 100644 (file)
--- a/gcrypt.c
+++ b/gcrypt.c
@@ -779,7 +779,7 @@ int priv_decrypt(const char *key_file, unsigned char *outbuf,
        gcry_sexp_t in, out, priv_key;
        size_t nbytes;
 
-       ret = check_key_file(key_file, true);
+       ret = check_private_key_file(key_file);
        if (ret < 0)
                return ret;
        PARA_INFO_LOG("decrypting %d byte input\n", inlen);