* pads its data with random bytes. Since we only use rsadecrypt()
* and the signing functions, which are deterministic, this should
* never be called.
- *
+ *
* If it _is_ called, there is a _serious_ problem, because it
* won't generate true random numbers. So we must scream, panic,
* and exit immediately if that should happen.
break;
case SSH2_AGENTC_SIGN_REQUEST:
/*
- * Reply with either SSH2_AGENT_RSA_RESPONSE or
+ * Reply with either SSH2_AGENT_SIGN_RESPONSE or
* SSH_AGENT_FAILURE, depending on whether we have that key
* or not.
*/
{
struct RSAKey *key;
char *comment;
+ int commentlen;
key = smalloc(sizeof(struct RSAKey));
- memset(key, 0, sizeof(key));
+ memset(key, 0, sizeof(struct RSAKey));
p += makekey(p, key, NULL, 1);
p += makeprivate(p, key);
- p += ssh1_read_bignum(p, key->iqmp); /* p^-1 mod q */
- p += ssh1_read_bignum(p, key->p); /* p */
- p += ssh1_read_bignum(p, key->q); /* q */
- comment = smalloc(GET_32BIT(p));
+ p += ssh1_read_bignum(p, &key->iqmp); /* p^-1 mod q */
+ p += ssh1_read_bignum(p, &key->p); /* p */
+ p += ssh1_read_bignum(p, &key->q); /* q */
+ commentlen = GET_32BIT(p);
+ comment = smalloc(commentlen+1);
if (comment) {
- memcpy(comment, p + 4, GET_32BIT(p));
+ memcpy(comment, p + 4, commentlen);
+ comment[commentlen] = '\0';
key->comment = comment;
}
PUT_32BIT(ret, 1);
/* Add further algorithm names here. */
if (alglen == 7 && !memcmp(alg, "ssh-rsa", 7))
key->alg = &ssh_rsa;
+ else if (alglen == 7 && !memcmp(alg, "ssh-dss", 7))
+ key->alg = &ssh_dss;
else {
sfree(key);
goto failure;
projects / u / mdw / putty / blobdiff