i += 4;
/* Now the serious stuff. An ordinary SSH-1 public key. */
- i += makekey(buf + i, len, key, NULL, 1);
- if (i < 0)
+ j = makekey(buf + i, len - i, key, NULL, 1);
+ if (j < 0)
goto end; /* overran */
+ i += j;
/* Next, the comment field. */
- j = GET_32BIT(buf + i);
+ j = toint(GET_32BIT(buf + i));
i += 4;
- if (len - i < j)
+ if (j < 0 || len - i < j)
goto end;
comment = snewn(j + 1, char);
if (comment) {
int len = 39;
int c;
- while (len > 0) {
+ while (1) {
c = fgetc(fp);
if (c == '\n' || c == '\r' || c == EOF)
return 0; /* failure */
}
}
-int base64_decode_atom(char *atom, unsigned char *out)
-{
- int vals[4];
- int i, v, len;
- unsigned word;
- char c;
-
- for (i = 0; i < 4; i++) {
- c = atom[i];
- if (c >= 'A' && c <= 'Z')
- v = c - 'A';
- else if (c >= 'a' && c <= 'z')
- v = c - 'a' + 26;
- else if (c >= '0' && c <= '9')
- v = c - '0' + 52;
- else if (c == '+')
- v = 62;
- else if (c == '/')
- v = 63;
- else if (c == '=')
- v = -1;
- else
- return 0; /* invalid atom */
- vals[i] = v;
- }
-
- if (vals[0] == -1 || vals[1] == -1)
- return 0;
- if (vals[2] == -1 && vals[3] != -1)
- return 0;
-
- if (vals[3] != -1)
- len = 3;
- else if (vals[2] != -1)
- len = 2;
- else
- len = 1;
-
- word = ((vals[0] << 18) |
- (vals[1] << 12) | ((vals[2] & 0x3F) << 6) | (vals[3] & 0x3F));
- out[0] = (word >> 16) & 0xFF;
- if (len > 1)
- out[1] = (word >> 8) & 0xFF;
- if (len > 2)
- out[2] = word & 0xFF;
- return len;
-}
-
static unsigned char *read_blob(FILE * fp, int nlines, int *bloblen)
{
unsigned char *blob;
}
}
sfree(mac);
+ mac = NULL;
/*
* Create and return the key.
ret->data = alg->createkey(public_blob, public_blob_len,
private_blob, private_blob_len);
if (!ret->data) {
- sfree(ret->comment);
sfree(ret);
ret = NULL;
error = "createkey failed";
goto error;
}
sfree(public_blob);
+ smemclr(private_blob, private_blob_len);
sfree(private_blob);
sfree(encryption);
if (errorstr)
sfree(mac);
if (public_blob)
sfree(public_blob);
- if (private_blob)
- sfree(private_blob);
+ if (private_blob) {
+ smemclr(private_blob, private_blob_len);
+ sfree(private_blob);
+ }
if (errorstr)
*errorstr = error;
return ret;
int public_blob_len;
int i;
const char *error = NULL;
- char *comment;
+ char *comment = NULL;
public_blob = NULL;
goto error;
/* Select key algorithm structure. */
alg = find_pubkey_alg(b);
+ sfree(b);
if (!alg) {
- sfree(b);
goto error;
}
- sfree(b);
/* Read the Encryption header line. */
if (!read_header(fp, header) || 0 != strcmp(header, "Encryption"))
sfree(public_blob);
if (errorstr)
*errorstr = error;
+ if (comment && commentptr) {
+ sfree(comment);
+ *commentptr = NULL;
+ }
return NULL;
}
if (commentptr)
*commentptr = comment;
+ else
+ sfree(comment);
fclose(fp);
if (!strcmp(b, "aes256-cbc"))
}
fp = f_open(filename, "w", TRUE);
- if (!fp)
- return 0;
+ if (!fp) {
+ sfree(pub_blob);
+ smemclr(priv_blob, priv_blob_len);
+ sfree(priv_blob);
+ smemclr(priv_blob_encrypted, priv_blob_len);
+ sfree(priv_blob_encrypted);
+ return 0;
+ }
fprintf(fp, "PuTTY-User-Key-File-2: %s\n", key->alg->name);
fprintf(fp, "Encryption: %s\n", cipherstr);
fprintf(fp, "Comment: %s\n", key->comment);
sfree(pub_blob);
smemclr(priv_blob, priv_blob_len);
sfree(priv_blob);
+ smemclr(priv_blob_encrypted, priv_blob_len);
sfree(priv_blob_encrypted);
return 1;
}