Ooops, fix all the bugs.

diff --git a/key-pass.c b/key-pass.c
index 3785765..d31b31f 100644 (file)
--- a/key-pass.c
+++ b/key-pass.c
@@ -1,6 +1,6 @@
 /* -*-c-*-
  *
- * $Id: key-pass.c,v 1.3 2004/03/27 00:04:19 mdw Exp $
+ * $Id: key-pass.c,v 1.4 2004/03/28 01:58:26 mdw Exp $
  *
  * Encrypting keys with passphrases
  *
@@ -30,6 +30,9 @@
 /*----- Revision history --------------------------------------------------* 
  *
  * $Log: key-pass.c,v $
+ * Revision 1.4  2004/03/28 01:58:26  mdw
+ * Ooops, fix all the bugs.
+ *
  * Revision 1.3  2004/03/27 00:04:19  mdw
  * INCOMPATIBLE CHANGE.  Use proper authentication on encrypted keys.
  *
@@ -167,7 +170,7 @@ int key_punlock(const char *tag, key_data *k, key_data *kt)
 {
   octet b[RMD160_HASHSZ * 2];
   char buf[256];
-  octet *p;
+  octet *p = 0;
   size_t sz;
 
   /* --- Sanity check --- */
@@ -175,12 +178,11 @@ int key_punlock(const char *tag, key_data *k, key_data *kt)
   assert(((void)"Key data isn't encrypted",
          (k->e & KF_ENCMASK) == KENC_ENCRYPT));
 
-  /* --- Allocate a destination buffer --- */
+  /* --- Check the size --- */
 
   if (k->u.k.sz < RMD160_HASHSZ * 2)
-    return (-1);;
+    return (-1);
   sz = k->u.k.sz - RMD160_HASHSZ * 2;
-  p = xmalloc(k->u.k.sz);
 
   /* --- Fetch the passphrase --- */
 
@@ -199,15 +201,6 @@ int key_punlock(const char *tag, key_data *k, key_data *kt)
     BURN(buf);
   }
 
-  /* --- Decrypt the key data --- */
-
-  {
-    blowfish_cbcctx c;
-    blowfish_cbcinit(&c, b, sizeof(b), 0);
-    blowfish_cbcdecrypt(&c, k->u.k.k + RMD160_HASHSZ, p, sz);
-    BURN(c);
-  }
-
   /* --- Verify the MAC --- */
 
   {
@@ -215,9 +208,10 @@ int key_punlock(const char *tag, key_data *k, key_data *kt)
     rmd160_macctx mc;
     rmd160_hmacinit(&mk, b + RMD160_HASHSZ, RMD160_HASHSZ);
     rmd160_macinit(&mc, &mk);
-    rmd160_machash(&mc, p, sz);
-    rmd160_macdone(&mc, b);
-    if (memcmp(b, k->u.k.k + RMD160_HASHSZ, RMD160_HASHSZ) != 0) {
+    rmd160_machash(&mc, k->u.k.k + RMD160_HASHSZ * 2, sz);
+    rmd160_macdone(&mc, b + RMD160_HASHSZ);
+    if (memcmp(b + RMD160_HASHSZ, k->u.k.k + RMD160_HASHSZ,
+              RMD160_HASHSZ) != 0) {
       passphrase_cancel(tag);
       goto fail;
     }
@@ -225,6 +219,19 @@ int key_punlock(const char *tag, key_data *k, key_data *kt)
     BURN(mc);
   }
 
+  /* --- Allocate a destination buffer --- */
+
+  p = xmalloc(sz);
+
+  /* --- Decrypt the key data --- */
+
+  {
+    blowfish_cbcctx c;
+    blowfish_cbcinit(&c, b, RMD160_HASHSZ, 0);
+    blowfish_cbcdecrypt(&c, k->u.k.k + RMD160_HASHSZ * 2, p, sz);
+    BURN(c);
+  }
+
   /* --- Decode the key data into the destination buffer --- */
 
   if (k == kt) {