- markus@cvs.openbsd.org 2003/03/13 11:44:50 [ssh-agent.c] ssh-agent is similar to ssh-keysign (allows other processes to use private rsa keys). however, it gets key over socket and not from a file, so we have to do blinding here as well.

commit: c51d0735a4a68ddcd927f003ffb3fc917cb207c2 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Sat Mar 15 11:37:09 2003 +1100
committer: Damien Miller <djm@mindrot.org> Sat Mar 15 11:37:09 2003 +1100
tree: 6d3aa9d416598357278077245ffa31af13ae5292
parent: ed33d3b4d229b0e815f43d8a3192047ef161dcd7 [diff] [blame]
diff --git a/ssh-agent.c b/ssh-agent.c
index b18dd98..eb593de 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c

@@ -35,7 +35,7 @@
 
 #include "includes.h"
 #include "openbsd-compat/sys-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.107 2003/01/23 13:50:27 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.108 2003/03/13 11:44:50 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -483,6 +483,17 @@
 		}
 		break;
 	}
+	/* enable blinding */
+	switch (k->type) {
+	case KEY_RSA:
+	case KEY_RSA1:
+		if (RSA_blinding_on(k->rsa, NULL) != 1) {
+			error("process_add_identity: RSA_blinding_on failed");
+			key_free(k);
+			goto send;
+		}
+		break;
+	}
 	comment = buffer_get_string(&e->request, NULL);
 	if (k == NULL) {
 		xfree(comment);
commit	c51d0735a4a68ddcd927f003ffb3fc917cb207c2	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Sat Mar 15 11:37:09 2003 +1100
committer	Damien Miller <djm@mindrot.org>	Sat Mar 15 11:37:09 2003 +1100
tree	6d3aa9d416598357278077245ffa31af13ae5292
parent	ed33d3b4d229b0e815f43d8a3192047ef161dcd7 [diff] [blame]