* key file.
*/
if (fgets(buf, sizeof(buf), fp) && !strcmp(buf, rsa_signature)) {
+ /*
+ * This routine will take care of calling fclose() for us.
+ */
ret = loadrsakey_main(fp, key, FALSE, NULL, passphrase, &error);
goto end;
}
/*
* Otherwise, we have nothing. Return empty-handed.
*/
- fclose(fp);
error = "not an SSH-1 RSA file";
end:
+ fclose(fp);
if ((ret != 1) && errorstr)
*errorstr = error;
return ret;
*/
if (fgets(buf, sizeof(buf), fp) && !strcmp(buf, rsa_signature)) {
const char *dummy;
+ /*
+ * This routine will take care of calling fclose() for us.
+ */
return loadrsakey_main(fp, NULL, FALSE, comment, NULL, &dummy);
}
fclose(fp);
}
} else {
error = "not an SSH-1 RSA file";
- fclose(fp);
}
end:
+ if (fp)
+ fclose(fp);
if ((ret != 1) && errorstr)
*errorstr = error;
return ret;
* data "putty-private-key-file-mac-key"
* data passphrase
*
- * Encrypted keys should have a MAC, whereas unencrypted ones must
- * have a hash.
+ * (An empty passphrase is used for unencrypted keys.)
*
* If the key is encrypted, the encryption key is derived from the
* passphrase by means of a succession of SHA-1 hashes. Each hash
SHA_Init(&s);
SHA_Bytes(&s, header, sizeof(header)-1);
- if (passphrase)
+ if (cipher && passphrase)
SHA_Bytes(&s, passphrase, passlen);
SHA_Final(&s, mackey);
sfree(public_blob);
sfree(private_blob);
sfree(encryption);
- *errorstr = NULL;
+ if (errorstr)
+ *errorstr = NULL;
return ret;
/*