Date: Mon, 4 May 2015 19:23:45 GMT From: def@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r285005 - soc2013/def/crashdump-head/sbin/cryptcore Message-ID: <201505041923.t44JNj36081512@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: def Date: Mon May 4 19:23:44 2015 New Revision: 285005 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=285005 Log: Use sizeof instead of constants for buf and ciphertext. Modified: soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Modified: soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c ============================================================================== --- soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Mon May 4 18:49:25 2015 (r285004) +++ soc2013/def/crashdump-head/sbin/cryptcore/cryptcore.c Mon May 4 19:23:44 2015 (r285005) @@ -50,14 +50,14 @@ if (pubkey == NULL) pjdlog_exitx(1, "Unable to read data from %s.", pubkeyfile); pubkeysize = RSA_size(pubkey); - if (RSA_size(pubkey) > 8 * KERNELDUMP_CIPHERTEXT_SIZE) { - pjdlog_exitx(1, "The maximum RSA modulus size is %db.", - 8 * KERNELDUMP_CIPHERTEXT_SIZE); + if (pubkeysize > (int)sizeof(ciphertext)) { + pjdlog_exitx(1, "The maximum RSA modulus size is %lub.", + 8 * sizeof(ciphertext)); } arc4random_buf(buf, sizeof(buf)); - if (RSA_public_encrypt(KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE, buf, - ciphertext, pubkey, RSA_PKCS1_PADDING) != pubkeysize) { + if (RSA_public_encrypt(sizeof(buf), buf, ciphertext, pubkey, + RSA_PKCS1_PADDING) != pubkeysize) { pjdlog_exitx(1, "Unable to encrypt the one-time key."); } @@ -80,12 +80,12 @@ goto failed; } - bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE); + bzero(buf, sizeof(buf)); RSA_free(pubkey); return; failed: - bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE); + bzero(buf, sizeof(buf)); RSA_free(pubkey); exit(1); } @@ -117,11 +117,11 @@ fd = open(keyfile, O_RDONLY); if (fd == -1) pjdlog_exit(1, "Unable to open %s", keyfile); - size = (int)read(fd, ciphertext, KERNELDUMP_CIPHERTEXT_SIZE); + size = (int)read(fd, ciphertext, sizeof(ciphertext)); err = errno; close(fd); fd = -1; - if (size != KERNELDUMP_CIPHERTEXT_SIZE) { + if (size != sizeof(ciphertext)) { errno = err; pjdlog_exit(1, "Unable to read data from %s", keyfile); } @@ -137,15 +137,14 @@ * From this moment on keys have to be erased before exit. */ privkeysize = RSA_size(privkey); - if (RSA_size(privkey) > 8 * KERNELDUMP_CIPHERTEXT_SIZE) { - pjdlog_error("The maximum RSA modulus size is %db.", - 8 * KERNELDUMP_CIPHERTEXT_SIZE); + if (privkeysize > (int)sizeof(ciphertext)) { + pjdlog_error("The maximum RSA modulus size is %lub.", + 8 * sizeof(ciphertext)); goto failed; } - if (RSA_private_decrypt(KERNELDUMP_CIPHERTEXT_SIZE, ciphertext, buf, - privkey, RSA_PKCS1_PADDING) != - KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE) { + if (RSA_private_decrypt(sizeof(ciphertext), ciphertext, buf, privkey, + RSA_PKCS1_PADDING) != KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE) { pjdlog_error("Unable to decrypt key and IV."); goto failed; } @@ -167,21 +166,19 @@ EVP_CIPHER_CTX_set_padding(&ctx, 0); bufused = 0; - while ((bytes = read(fd, buf + bufused, - KERNELDUMP_BUFFER_SIZE - bufused)) > 0) { + while ((bytes = read(fd, buf + bufused, sizeof(buf) - bufused)) > 0) { bufused += bytes; - if (bufused != KERNELDUMP_BUFFER_SIZE) + if (bufused != sizeof(buf)) continue; if (EVP_DecryptUpdate(&ctx, buf, &size, buf, - KERNELDUMP_BUFFER_SIZE) == 0) { + sizeof(buf)) == 0) { pjdlog_error("Unable to decrypt core."); goto failed; } - PJDLOG_ASSERT(size == KERNELDUMP_BUFFER_SIZE); + PJDLOG_ASSERT(size == sizeof(buf)); - if (write(ofd, buf, KERNELDUMP_BUFFER_SIZE) != - KERNELDUMP_BUFFER_SIZE) { + if (write(ofd, buf, sizeof(buf)) != sizeof(buf)) { pjdlog_errno(LOG_ERR, "Unable to write data to %s", output); goto failed; @@ -189,7 +186,7 @@ bufused = 0; } - bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE); + bzero(buf, sizeof(buf)); EVP_CIPHER_CTX_cleanup(&ctx); RSA_free(privkey); @@ -202,7 +199,7 @@ close(ofd); if (fd >= 0) close(fd); - bzero(buf, KERNELDUMP_KEY_SIZE + KERNELDUMP_IV_SIZE); + bzero(buf, sizeof(buf)); EVP_CIPHER_CTX_cleanup(&ctx); RSA_free(privkey); exit(1);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201505041923.t44JNj36081512>