socsvn commit: r285005 - soc2013/def/crashdump-head/sbin/cryptcore
def at FreeBSD.org
def at FreeBSD.org
Mon May 4 19:23:45 UTC 2015
Author: def
Date: Mon May 4 19:23:44 2015
New Revision: 285005
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=285005
Log:
Use sizeof instead of constants for buf and ciphertext.
Modified:
soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c
Modified: soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c
==============================================================================
--- soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Mon May 4 18:49:25 2015 (r285004)
+++ soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Mon May 4 19:23:44 2015 (r285005)
@@ -50,14 +50,14 @@
if (pubkey == NULL)
pjdlog_exitx(1, "Unable to read data from %s.", pubkeyfile);
pubkeysize = RSA_size(pubkey);
- if (RSA_size(pubkey) > 8 * KERNELDUMP_CIPHERTEXT_SIZE) {
- pjdlog_exitx(1, "The maximum RSA modulus size is %db.",
- 8 * KERNELDUMP_CIPHERTEXT_SIZE);
+ if (pubkeysize > (int)sizeof(ciphertext)) {
+ pjdlog_exitx(1, "The maximum RSA modulus size is %lub.",
+ 8 * sizeof(ciphertext));
}
arc4random_buf(buf, sizeof(buf));
- if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE, buf,
- ciphertext, pubkey, RSA_PKCS1_PADDING) != pubkeysize) {
+ if (RSA_public_encrypt(sizeof(buf), buf, ciphertext, pubkey,
+ RSA_PKCS1_PADDING) != pubkeysize) {
pjdlog_exitx(1, "Unable to encrypt the one-time key.");
}
@@ -80,12 +80,12 @@
goto failed;
}
- bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE);
+ bzero(buf, sizeof(buf));
RSA_free(pubkey);
return;
failed:
- bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE);
+ bzero(buf, sizeof(buf));
RSA_free(pubkey);
exit(1);
}
@@ -117,11 +117,11 @@
fd = open(keyfile, O_RDONLY);
if (fd == -1)
pjdlog_exit(1, "Unable to open %s", keyfile);
- size = (int)read(fd, ciphertext, KERNELDUMP_CIPHERTEXT_SIZE);
+ size = (int)read(fd, ciphertext, sizeof(ciphertext));
err = errno;
close(fd);
fd = -1;
- if (size != KERNELDUMP_CIPHERTEXT_SIZE) {
+ if (size != sizeof(ciphertext)) {
errno = err;
pjdlog_exit(1, "Unable to read data from %s", keyfile);
}
@@ -137,15 +137,14 @@
* From this moment on keys have to be erased before exit.
*/
privkeysize = RSA_size(privkey);
- if (RSA_size(privkey) > 8 * KERNELDUMP_CIPHERTEXT_SIZE) {
- pjdlog_error("The maximum RSA modulus size is %db.",
- 8 * KERNELDUMP_CIPHERTEXT_SIZE);
+ if (privkeysize > (int)sizeof(ciphertext)) {
+ pjdlog_error("The maximum RSA modulus size is %lub.",
+ 8 * sizeof(ciphertext));
goto failed;
}
- if (RSA_private_decrypt(KERNELDUMP_CIPHERTEXT_SIZE, ciphertext, buf,
- privkey, RSA_PKCS1_PADDING) !=
- KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE) {
+ if (RSA_private_decrypt(sizeof(ciphertext), ciphertext, buf, privkey,
+ RSA_PKCS1_PADDING) != KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE) {
pjdlog_error("Unable to decrypt key and IV.");
goto failed;
}
@@ -167,21 +166,19 @@
EVP_CIPHER_CTX_set_padding(&ctx, 0);
bufused = 0;
- while ((bytes = read(fd, buf + bufused,
- KERNELDUMP_BUFFER_SIZE - bufused)) > 0) {
+ while ((bytes = read(fd, buf + bufused, sizeof(buf) - bufused)) > 0) {
bufused += bytes;
- if (bufused != KERNELDUMP_BUFFER_SIZE)
+ if (bufused != sizeof(buf))
continue;
if (EVP_DecryptUpdate(&ctx, buf, &size, buf,
- KERNELDUMP_BUFFER_SIZE) == 0) {
+ sizeof(buf)) == 0) {
pjdlog_error("Unable to decrypt core.");
goto failed;
}
- PJDLOG_ASSERT(size == KERNELDUMP_BUFFER_SIZE);
+ PJDLOG_ASSERT(size == sizeof(buf));
- if (write(ofd, buf, KERNELDUMP_BUFFER_SIZE) !=
- KERNELDUMP_BUFFER_SIZE) {
+ if (write(ofd, buf, sizeof(buf)) != sizeof(buf)) {
pjdlog_errno(LOG_ERR, "Unable to write data to %s",
output);
goto failed;
@@ -189,7 +186,7 @@
bufused = 0;
}
- bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE);
+ bzero(buf, sizeof(buf));
EVP_CIPHER_CTX_cleanup(&ctx);
RSA_free(privkey);
@@ -202,7 +199,7 @@
close(ofd);
if (fd >= 0)
close(fd);
- bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE);
+ bzero(buf, sizeof(buf));
EVP_CIPHER_CTX_cleanup(&ctx);
RSA_free(privkey);
exit(1);
More information about the svn-soc-all
mailing list