summaryrefslogtreecommitdiff
path: root/libs/libssh2/src/hostkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'libs/libssh2/src/hostkey.c')
-rw-r--r--libs/libssh2/src/hostkey.c96
1 files changed, 67 insertions, 29 deletions
diff --git a/libs/libssh2/src/hostkey.c b/libs/libssh2/src/hostkey.c
index 56eee369f5..b28b4e6995 100644
--- a/libs/libssh2/src/hostkey.c
+++ b/libs/libssh2/src/hostkey.c
@@ -106,7 +106,7 @@ hostkey_method_ssh_rsa_init(LIBSSH2_SESSION * session,
#endif
{
_libssh2_debug((session, LIBSSH2_TRACE_ERROR,
- "unexpected rsa type: %.*s", type_len, type));
+ "unexpected rsa type: %.*s", (int)type_len, type));
return -1;
}
@@ -242,11 +242,18 @@ hostkey_method_ssh_rsa_signv(LIBSSH2_SESSION * session,
unsigned char hash[SHA_DIGEST_LENGTH];
libssh2_sha1_ctx ctx;
- (void)libssh2_sha1_init(&ctx);
+ if(!libssh2_sha1_init(&ctx)) {
+ return -1;
+ }
for(i = 0; i < veccount; i++) {
- libssh2_sha1_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
+ if(!libssh2_sha1_update(ctx,
+ datavec[i].iov_base, datavec[i].iov_len)) {
+ return -1;
+ }
+ }
+ if(!libssh2_sha1_final(ctx, hash)) {
+ return -1;
}
- libssh2_sha1_final(ctx, hash);
ret = _libssh2_rsa_sha1_sign(session, rsactx, hash, SHA_DIGEST_LENGTH,
signature, signature_len);
@@ -316,9 +323,14 @@ hostkey_method_ssh_rsa_sha2_256_signv(LIBSSH2_SESSION * session,
return -1;
}
for(i = 0; i < veccount; i++) {
- libssh2_sha256_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
+ if(!libssh2_sha256_update(ctx,
+ datavec[i].iov_base, datavec[i].iov_len)) {
+ return -1;
+ }
+ }
+ if(!libssh2_sha256_final(ctx, hash)) {
+ return -1;
}
- libssh2_sha256_final(ctx, hash);
ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA256_DIGEST_LENGTH,
signature, signature_len);
@@ -386,9 +398,14 @@ hostkey_method_ssh_rsa_sha2_512_signv(LIBSSH2_SESSION * session,
return -1;
}
for(i = 0; i < veccount; i++) {
- libssh2_sha512_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
+ if(!libssh2_sha512_update(ctx,
+ datavec[i].iov_base, datavec[i].iov_len)) {
+ return -1;
+ }
+ }
+ if(!libssh2_sha512_final(ctx, hash)) {
+ return -1;
}
- libssh2_sha512_final(ctx, hash);
ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA512_DIGEST_LENGTH,
signature, signature_len);
@@ -659,6 +676,12 @@ hostkey_method_ssh_dss_signv(LIBSSH2_SESSION * session,
libssh2_sha1_ctx ctx;
int i;
+ if(!libssh2_sha1_init(&ctx)) {
+ *signature = NULL;
+ *signature_len = 0;
+ return -1;
+ }
+
*signature = LIBSSH2_CALLOC(session, 2 * SHA_DIGEST_LENGTH);
if(!*signature) {
return -1;
@@ -666,11 +689,15 @@ hostkey_method_ssh_dss_signv(LIBSSH2_SESSION * session,
*signature_len = 2 * SHA_DIGEST_LENGTH;
- (void)libssh2_sha1_init(&ctx);
for(i = 0; i < veccount; i++) {
- libssh2_sha1_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
+ if(!libssh2_sha1_update(ctx,
+ datavec[i].iov_base, datavec[i].iov_len)) {
+ return -1;
+ }
+ }
+ if(!libssh2_sha1_final(ctx, hash)) {
+ return -1;
}
- libssh2_sha1_final(ctx, hash);
if(_libssh2_dsa_sha1_sign(dsactx, hash, SHA_DIGEST_LENGTH, *signature)) {
LIBSSH2_FREE(session, *signature);
@@ -909,20 +936,33 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session,
}
-#define LIBSSH2_HOSTKEY_METHOD_EC_SIGNV_HASH(digest_type) \
- do { \
- unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \
- libssh2_sha##digest_type##_ctx ctx; \
- int i; \
- (void)libssh2_sha##digest_type##_init(&ctx); \
- for(i = 0; i < veccount; i++) { \
- libssh2_sha##digest_type##_update(ctx, datavec[i].iov_base, \
- datavec[i].iov_len); \
- } \
- libssh2_sha##digest_type##_final(ctx, hash); \
- ret = _libssh2_ecdsa_sign(session, ec_ctx, hash, \
- SHA##digest_type##_DIGEST_LENGTH, \
- signature, signature_len); \
+#define LIBSSH2_HOSTKEY_METHOD_EC_SIGNV_HASH(digest_type) \
+ do { \
+ unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \
+ libssh2_sha##digest_type##_ctx ctx; \
+ int i; \
+ if(!libssh2_sha##digest_type##_init(&ctx)) { \
+ ret = -1; \
+ break; \
+ } \
+ for(i = 0; i < veccount; i++) { \
+ if(!libssh2_sha##digest_type##_update(ctx, \
+ datavec[i].iov_base, \
+ datavec[i].iov_len)) { \
+ ret = -1; \
+ break; \
+ } \
+ } \
+ if(ret == -1) { \
+ break; \
+ } \
+ if(!libssh2_sha##digest_type##_final(ctx, hash)) { \
+ ret = -1; \
+ break; \
+ } \
+ ret = _libssh2_ecdsa_sign(session, ec_ctx, hash, \
+ SHA##digest_type##_DIGEST_LENGTH, \
+ signature, signature_len); \
} while(0)
@@ -1224,7 +1264,8 @@ hostkey_method_ssh_ed25519_signv(LIBSSH2_SESSION * session,
}
return _libssh2_ed25519_sign(ctx, session, signature, signature_len,
- datavec[0].iov_base, datavec[0].iov_len);
+ (const uint8_t *)datavec[0].iov_base,
+ datavec[0].iov_len);
}
@@ -1326,18 +1367,15 @@ libssh2_hostkey_hash(LIBSSH2_SESSION * session, int hash_type)
return (session->server_hostkey_md5_valid)
? (char *) session->server_hostkey_md5
: NULL;
- break;
#endif /* LIBSSH2_MD5 */
case LIBSSH2_HOSTKEY_HASH_SHA1:
return (session->server_hostkey_sha1_valid)
? (char *) session->server_hostkey_sha1
: NULL;
- break;
case LIBSSH2_HOSTKEY_HASH_SHA256:
return (session->server_hostkey_sha256_valid)
? (char *) session->server_hostkey_sha256
: NULL;
- break;
default:
return NULL;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-01 11:41:35 +0000