From b4c9282be012ea84f7154684e9b2a469171e5e2b Mon Sep 17 00:00:00 2001 From: Andre Noll Date: Sun, 10 Jul 2016 21:46:00 +0200 Subject: [PATCH] crypto: Rename check_key_file() -> check_private_key_file(). For public keys the function only called stat(2), which is unnecessary because only an error from the subsequent open(2) call requires to fail the operation. The stat() call is needed for loading private keys though, to make sure permissions are restrictive enough. This commit renames the function as indicated in the subject and drops the second parameter. In crypt.c we now call this function for private keys only. --- crypt.c | 8 +++----- crypt_backend.h | 2 +- crypt_common.c | 13 +++++-------- gcrypt.c | 2 +- 4 files changed, 10 insertions(+), 15 deletions(-) diff --git a/crypt.c b/crypt.c index 8116fb6e..085c0563 100644 --- a/crypt.c +++ b/crypt.c @@ -65,12 +65,7 @@ static EVP_PKEY *load_key(const char *file, int private) { BIO *key; EVP_PKEY *pkey = NULL; - int ret = check_key_file(file, private); - if (ret < 0) { - PARA_ERROR_LOG("%s\n", para_strerror(-ret)); - return NULL; - } key = BIO_new(BIO_s_file()); if (!key) return NULL; @@ -229,6 +224,9 @@ int priv_decrypt(const char *key_file, unsigned char *outbuf, struct asymmetric_key *priv; int ret; + ret = check_private_key_file(key_file); + if (ret < 0) + return ret; if (inlen < 0) return -E_RSA; ret = get_asymmetric_key(key_file, LOAD_PRIVATE_KEY, &priv); diff --git a/crypt_backend.h b/crypt_backend.h index f9a69d94..fccdd2ef 100644 --- a/crypt_backend.h +++ b/crypt_backend.h @@ -14,4 +14,4 @@ size_t is_ssh_rsa_key(char *data, size_t size); uint32_t read_ssh_u32(const void *vp); int check_ssh_key_header(const unsigned char *blob, int blen); -int check_key_file(const char *file, bool private_key); +int check_private_key_file(const char *file); diff --git a/crypt_common.c b/crypt_common.c index a05572df..1fd8189c 100644 --- a/crypt_common.c +++ b/crypt_common.c @@ -103,25 +103,22 @@ int check_ssh_key_header(const unsigned char *blob, int blen) } /** - * Check existence and permissions of a key file. + * Check existence and permissions of a private key file. * * \param file The path of the key file. - * \param private_key Whether this is a private key. * - * This checks whether the file exists. If it is a private key, we additionally - * check that the permissions are restrictive enough. It is considered an error - * if we own the file and it is readable for others. + * This checks whether the file exists and its permissions are restrictive + * enough. It is considered an error if we own the file and it is readable for + * others. * * \return Standard. */ -int check_key_file(const char *file, bool private_key) +int check_private_key_file(const char *file) { struct stat st; if (stat(file, &st) != 0) return -ERRNO_TO_PARA_ERROR(errno); - if (!private_key) - return 0; if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) return -E_KEY_PERM; return 1; diff --git a/gcrypt.c b/gcrypt.c index ee109203..ba8aadc6 100644 --- a/gcrypt.c +++ b/gcrypt.c @@ -779,7 +779,7 @@ int priv_decrypt(const char *key_file, unsigned char *outbuf, gcry_sexp_t in, out, priv_key; size_t nbytes; - ret = check_key_file(key_file, true); + ret = check_private_key_file(key_file); if (ret < 0) return ret; PARA_INFO_LOG("decrypting %d byte input\n", inlen); -- 2.39.5