diff options
Diffstat (limited to 'contrib/bind/lib/dst/bsafe_link.c')
-rw-r--r-- | contrib/bind/lib/dst/bsafe_link.c | 39 |
1 files changed, 21 insertions, 18 deletions
diff --git a/contrib/bind/lib/dst/bsafe_link.c b/contrib/bind/lib/dst/bsafe_link.c index ec072b3..7c9e481 100644 --- a/contrib/bind/lib/dst/bsafe_link.c +++ b/contrib/bind/lib/dst/bsafe_link.c @@ -1,5 +1,5 @@ #if defined(BSAFE) || defined(DNSSAFE) -static const char rcsid[] = "$Header: /proj/cvs/isc/bind8/src/lib/dst/bsafe_link.c,v 1.12 2001/04/05 21:59:59 bwelling Exp $"; +static const char rcsid[] = "$Header: /proj/cvs/isc/bind8/src/lib/dst/bsafe_link.c,v 1.15 2001/09/25 04:50:28 marka Exp $"; /* * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc. @@ -118,7 +118,7 @@ static void *dst_bsafe_free_key_structure(void *key); * BSAFE/DNSSAFE related functions */ int -dst_bsafe_init() +dst_bsafe_init(void) { if (dst_t_func[KEY_RSA] != NULL) return (1); @@ -327,7 +327,8 @@ dst_bsafe_verify(const int mode, DST_KEY *dkey, void **context, if (ret == 0 && (status = B_DecryptUpdate(rsaEncryptor, work_area, &u_bytes, 0, - (u_char *) signature, sig_len, + (const u_char *) signature, + sig_len, NULL_PTR, NULL_SURRENDER))) ret = VERIFY_FINAL_FAILURE; @@ -385,24 +386,28 @@ dst_bsafe_to_dns_key(const DST_KEY *in_key, u_char *out_str, public = (B_KEY_OBJ)((RSA_Key *) in_key->dk_KEY_struct)->rk_Public_Key; n = B_GetKeyInfo((POINTER *) &pub, public, KI_RSAPublic); - - if (out_len < pub->exponent.len) /* not enough space */ + if (n != 0) return (-1); - if (pub->exponent.len < 256) /* key exponent is <= 2040 bits */ + + if (pub->exponent.len < 256) { /* key exponent is <= 2040 bits */ + if ((unsigned int)out_len < pub->exponent.len + 1) + return (-1); *op++ = (u_int8_t) pub->exponent.len; - else { /* key exponent is > 2040 bits */ + } else { /* key exponent is > 2040 bits */ u_int16_t e = (u_int16_t) pub->exponent.len; - *op++ = 0; /* 3 byte lenght field */ + if ((unsigned int)out_len < pub->exponent.len + 3) + return (-1); + *op++ = 0; /* 3 byte length field */ dst_s_put_int16(op, e); op += sizeof(e); n = 2; } - n += pub->exponent.len; - memcpy(op, pub->exponent.data, n); - op += n; n++; + memcpy(op, pub->exponent.data, pub->exponent.len); + op += pub->exponent.len; + n += pub->exponent.len; - if ((out_len - n) > pub->modulus.len) { + if ((unsigned int)(out_len - n) >= pub->modulus.len) { /*copy exponent */ memcpy(op, pub->modulus.data, pub->modulus.len); n += pub->modulus.len; @@ -612,7 +617,6 @@ dst_bsafe_key_from_file_format(DST_KEY *d_key, const char *buff, int status; char s[RAW_KEY_SIZE]; int len, s_len = sizeof(s); - int tag = -1; const char *p = buff; RSA_Key *b_key; A_RSA_KEY *public; @@ -1041,7 +1045,7 @@ dst_bsafe_md5digest(const int mode, B_ALGORITHM_OBJ *digest_obj, if (digest_obj == NULL || *digest_obj == NULL) { printf("NO digest obj\n"); - exit(-33); + exit(33); } if ((mode & SIG_MODE_INIT) && @@ -1050,8 +1054,7 @@ dst_bsafe_md5digest(const int mode, B_ALGORITHM_OBJ *digest_obj, return (SIGN_INIT_FAILURE); if ((mode & SIG_MODE_UPDATE) && data && (len > 0) && - (status = B_DigestUpdate(*digest_obj, (u_char *) data, len, - NULL_SURRENDER))) + (status = B_DigestUpdate(*digest_obj, data, len, NULL_SURRENDER))) return (SIGN_UPDATE_FAILURE); if (mode & SIG_MODE_FINAL) { @@ -1080,13 +1083,13 @@ T_malloc(unsigned int len) } int -T_memcmp(POINTER firstBlock, POINTER secondBlock, unsigned int len) +T_memcmp(CPOINTER firstBlock, CPOINTER secondBlock, unsigned int len) { return (memcmp(firstBlock, secondBlock, len)); } void -T_memcpy(POINTER output, POINTER input, unsigned int len) +T_memcpy(POINTER output, CPOINTER input, unsigned int len) { memcpy(output, input, len); } |