- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/03/13 11:42:19 [authfile.c ssh-keysign.c] move RSA_blinding_on to generic key load method

commit: ed33d3b4d229b0e815f43d8a3192047ef161dcd7 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Sat Mar 15 11:36:18 2003 +1100
committer: Damien Miller <djm@mindrot.org> Sat Mar 15 11:36:18 2003 +1100
tree: 26aadf53af8d7550a2e9dd8e7252d1aedca2424f
parent: c1365e19b0f5ae8d05b697cd40d1fb4f664112b6 [diff] [blame]
diff --git a/authfile.c b/authfile.c
index 24ae6ab..90618ef 100644
--- a/authfile.c
+++ b/authfile.c

@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.51 2002/11/15 10:03:09 fgsch Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.52 2003/03/13 11:42:18 markus Exp $");
 
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -421,6 +421,12 @@
 	rsa_generate_additional_parameters(prv->rsa);
 
 	buffer_free(&decrypted);
+
+	/* enable blinding */
+	if (RSA_blinding_on(prv->rsa, NULL) != 1) {
+		error("key_load_private_rsa1: RSA_blinding_on failed");
+		goto fail;
+	}
 	close(fd);
 	return prv;
 
@@ -460,6 +466,11 @@
 #ifdef DEBUG_PK
 		RSA_print_fp(stderr, prv->rsa, 8);
 #endif
+		if (RSA_blinding_on(prv->rsa, NULL) != 1) {
+			error("key_load_private_pem: RSA_blinding_on failed");
+			key_free(prv);
+			prv = NULL;
+		}
 	} else if (pk->type == EVP_PKEY_DSA &&
 	    (type == KEY_UNSPEC||type==KEY_DSA)) {
 		prv = key_new(KEY_UNSPEC);
commit	ed33d3b4d229b0e815f43d8a3192047ef161dcd7	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Sat Mar 15 11:36:18 2003 +1100
committer	Damien Miller <djm@mindrot.org>	Sat Mar 15 11:36:18 2003 +1100
tree	26aadf53af8d7550a2e9dd8e7252d1aedca2424f
parent	c1365e19b0f5ae8d05b697cd40d1fb4f664112b6 [diff] [blame]