return ret;
}
-int get_asymmetric_key(const char *key_file, int private,
- struct asymmetric_key **result)
+int get_public_key(const char *key_file, struct asymmetric_key **result)
{
struct asymmetric_key *key = NULL;
void *map = NULL;
char *cp;
key = para_malloc(sizeof(*key));
- if (private) {
- ret = get_openssl_key(key_file, &key->rsa, LOAD_PRIVATE_KEY);
- goto out;
- }
ret = mmap_full_file(key_file, O_RDONLY, &map, &map_size, NULL);
if (ret < 0)
goto out;
return ret;
}
-void free_asymmetric_key(struct asymmetric_key *key)
+void free_public_key(struct asymmetric_key *key)
{
if (!key)
return;
return ret;
if (inlen < 0)
return -E_RSA;
- ret = get_asymmetric_key(key_file, LOAD_PRIVATE_KEY, &priv);
- if (ret < 0)
+ priv = para_malloc(sizeof(*priv));
+ ret = get_openssl_key(key_file, &priv->rsa, LOAD_PRIVATE_KEY);
+ if (ret < 0) {
+ free(priv);
return ret;
+ }
/*
* RSA is vulnerable to timing attacks. Generate a random blinding
* factor to protect against this kind of attack.
if (ret <= 0)
ret = -E_DECRYPT;
out:
- free_asymmetric_key(priv);
+ RSA_free(priv->rsa);
+ free(priv);
return ret;
}
* Read an asymmetric key from a file.
*
* \param key_file The file containing the key.
- * \param private if non-zero, read the private key, otherwise the public key.
* \param result The key structure is returned here.
*
* \return The size of the key on success, negative on errors.
*/
-int get_asymmetric_key(const char *key_file, int private,
- struct asymmetric_key **result);
+int get_public_key(const char *key_file, struct asymmetric_key **result);
/**
- * Deallocate an asymmetric key structure.
+ * Deallocate a public key.
*
* \param key Pointer to the key structure to free.
*
- * This must be called for any key obtained by get_asymmetric_key().
+ * This should be called for keys obtained by get_public_key() if the key is no
+ * longer needed.
*/
-void free_asymmetric_key(struct asymmetric_key *key);
+void free_public_key(struct asymmetric_key *key);
/**
return ret;
}
-int get_asymmetric_key(const char *key_file, int private,
- struct asymmetric_key **result)
+int get_public_key(const char *key_file, struct asymmetric_key **result)
{
int ret, ret2;
void *map;
gcry_sexp_t sexp;
struct asymmetric_key *key;
- if (private)
- return get_private_key(key_file, result);
ret = mmap_full_file(key_file, O_RDONLY, &map, &map_size, NULL);
if (ret < 0)
return ret;
return ret;
}
-void free_asymmetric_key(struct asymmetric_key *key)
+void free_public_key(struct asymmetric_key *key)
{
if (!key)
return;
key_release:
gcry_sexp_release(priv_key);
free_key:
- free_asymmetric_key(priv);
+ gcry_sexp_release(priv->sexp);
+ free(priv);
return ret;
}
if (strcmp(w, "user"))
continue;
PARA_DEBUG_LOG("found entry for user %s\n", n);
- ret = get_asymmetric_key(k, LOAD_PUBLIC_KEY, &pubkey);
+ ret = get_public_key(k, &pubkey);
if (ret < 0) {
PARA_NOTICE_LOG("skipping entry for user %s: %s\n", n,
para_strerror(-ret));
if (ret <= CHALLENGE_SIZE + 2 * SESSION_KEY_LEN + 41) {
PARA_WARNING_LOG("public key %s too short (%d)\n",
k, ret);
- free_asymmetric_key(pubkey);
+ free_public_key(pubkey);
continue;
}
u = para_malloc(sizeof(*u));
list_for_each_entry_safe(u, tmp, &user_list, node) {
list_del(&u->node);
free(u->name);
- free_asymmetric_key(u->pubkey);
+ free_public_key(u->pubkey);
free(u);
}
} else
projects / paraslash.git / commitdiff