In some harmless places, checks for the return value of ECDSA and RSA
key generation and verification was omitted. Add them to keep the
compiler happy and to warn end users in case something is wrong.
return 1;
}
chmod(filename, 0600);
return 1;
}
chmod(filename, 0600);
- ecdsa_write_pem_private_key(key, f);
+ if(!ecdsa_write_pem_private_key(key, f)) {
+ fprintf(stderr, "Could not write ECDSA private key\n");
+ fclose(f);
+ return 1;
+ }
fclose(f);
if(connect_tincd(false))
fclose(f);
if(connect_tincd(false))
snprintf(filename, sizeof filename, "%s" SLASH "ed25519_key.priv", confbase);
f = fopenmask(filename, "w", 0600);
snprintf(filename, sizeof filename, "%s" SLASH "ed25519_key.priv", confbase);
f = fopenmask(filename, "w", 0600);
if(!ecdsa_write_pem_private_key(key, f)) {
fprintf(stderr, "Error writing private key!\n");
if(!ecdsa_write_pem_private_key(key, f)) {
fprintf(stderr, "Error writing private key!\n");
snprintf(filename, sizeof filename, "%s" SLASH "rsa_key.priv", confbase);
f = fopenmask(filename, "w", 0600);
snprintf(filename, sizeof filename, "%s" SLASH "rsa_key.priv", confbase);
f = fopenmask(filename, "w", 0600);
- rsa_write_pem_private_key(rsa, f);
+ if(!f || !rsa_write_pem_private_key(rsa, f)) {
+ fprintf(stderr, "Could not write private RSA key\n");
+ } else if(!rsa_write_pem_public_key(rsa, fh)) {
+ fprintf(stderr, "Could not write public RSA key\n");
+ }
+
- rsa_write_pem_public_key(rsa, fh);
fclose(fh);
rsa_free(rsa);
fclose(fh);
rsa_free(rsa);
FILE *fp = fopen(argv[1], "w");
if(fp) {
FILE *fp = fopen(argv[1], "w");
if(fp) {
- ecdsa_write_pem_private_key(key, fp);
+ if(!ecdsa_write_pem_private_key(key, fp)) {
+ fprintf(stderr, "Could not write ECDSA private key\n");
+ return 1;
+ }
fclose(fp);
} else {
fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[1], strerror(errno));
fclose(fp);
} else {
fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[1], strerror(errno));
fp = fopen(argv[2], "w");
if(fp) {
fp = fopen(argv[2], "w");
if(fp) {
- ecdsa_write_pem_public_key(key, fp);
+ if(!ecdsa_write_pem_public_key(key, fp))
+ fprintf(stderr, "Could not write ECDSA public key\n");
fclose(fp);
} else {
fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[2], strerror(errno));
fclose(fp);
} else {
fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[2], strerror(errno));
fprintf(stderr, "Ed25519 sign for %lg seconds: ", duration);
for(clock_start(); clock_countto(duration);)
fprintf(stderr, "Ed25519 sign for %lg seconds: ", duration);
for(clock_start(); clock_countto(duration);)
- ecdsa_sign(key1, buf1, 256, buf2);
+ if(!ecdsa_sign(key1, buf1, 256, buf2))
+ return 1;
fprintf(stderr, "%22.2lf op/s\n", rate);
fprintf(stderr, "Ed25519 verify for %lg seconds: ", duration);
for(clock_start(); clock_countto(duration);)
fprintf(stderr, "%22.2lf op/s\n", rate);
fprintf(stderr, "Ed25519 verify for %lg seconds: ", duration);
for(clock_start(); clock_countto(duration);)
- ecdsa_verify(key1, buf1, 256, buf2);
+ if(!ecdsa_verify(key1, buf1, 256, buf2)) {
+ fprintf(stderr, "Signature verification failed\n");
+ return 1;
+ }
fprintf(stderr, "%20.2lf op/s\n", rate);
ecdh1 = ecdh_generate_public(buf1);
fprintf(stderr, "ECDH for %lg seconds: ", duration);
for(clock_start(); clock_countto(duration);) {
ecdh2 = ecdh_generate_public(buf2);
fprintf(stderr, "%20.2lf op/s\n", rate);
ecdh1 = ecdh_generate_public(buf1);
fprintf(stderr, "ECDH for %lg seconds: ", duration);
for(clock_start(); clock_countto(duration);) {
ecdh2 = ecdh_generate_public(buf2);
- ecdh_compute_shared(ecdh2, buf1, buf3);
+ if(!ecdh2)
+ return 1;
+ if(!ecdh_compute_shared(ecdh2, buf1, buf3))
+ return 1;
}
fprintf(stderr, "%28.2lf op/s\n", rate);
ecdh_free(ecdh1);
}
fprintf(stderr, "%28.2lf op/s\n", rate);
ecdh_free(ecdh1);
perms &= ~mask;
umask(~perms);
FILE *f = fopen(filename, mode);
perms &= ~mask;
umask(~perms);
FILE *f = fopen(filename, mode);
+
+ if(!f) {
+ fprintf(stderr, "Could not open %s: %s\n", filename, strerror(errno));
+ return NULL;
+ }
+
#ifdef HAVE_FCHMOD
if((perms & 0444) && f)
fchmod(fileno(f), perms);
#ifdef HAVE_FCHMOD
if((perms & 0444) && f)
fchmod(fileno(f), perms);