X-Git-Url: http://git.tuebingen.mpg.de/?a=blobdiff_plain;f=gcrypt.c;h=f30e8166b01badc08de69487dcb99645d4d15990;hb=f0919ce4c6ca831e5a623ce2de9b9dd9f497cff1;hp=32dd227f619aadfa3f00f2e75980409821b58698;hpb=032d743d782e23604daa926c8e153ad4a75797be;p=paraslash.git

diff --git a/gcrypt.c b/gcrypt.c
index 32dd227f..f30e8166 100644
--- a/gcrypt.c
+++ b/gcrypt.c
@@ -15,6 +15,7 @@
 #include "crypt.h"
 #include "crypt_backend.h"
 #include "fd.h"
+#include "base64.h"
 
 //#define GCRYPT_DEBUG 1
 
@@ -58,16 +59,15 @@ void get_random_bytes_or_die(unsigned char *buf, int num)
 }
 
 /*
- * This is called at the beginning of every program that uses libgcrypt. We
- * don't have to initialize any random seed here, but we must initialize the
- * gcrypt library. This task is performed by gcry_check_version() which can
- * also check that the gcrypt library version is at least the minimal required
- * version. This function also tells us whether we have to use our own OAEP
- * padding code.
+ * This is called at the beginning of every program that uses libgcrypt. The
+ * call to gcry_check_version() initializes the gcrypt library and checks that
+ * we have at least the minimal required version. This function also tells us
+ * whether we have to use our own OAEP padding code.
  */
 void init_random_seed_or_die(void)
 {
 	const char *ver, *req_ver;
+	int seed;
 
 	ver = gcry_check_version(NULL);
 	req_ver = "1.4.0";
@@ -84,6 +84,8 @@ void init_random_seed_or_die(void)
 		libgcrypt_has_oaep = false;
 		rsa_decrypt_sexp = "(enc-val(rsa(a %m)))";
 	}
+	get_random_bytes_or_die((unsigned char *)&seed, sizeof(seed));
+	srandom(seed);
 }
 
 /** S-expression for the public part of an RSA key. */
@@ -239,12 +241,11 @@ static int decode_key(const char *key_file, const char *header_str,
 		key[j++] = begin[i];
 	}
 	key[j] = '\0';
-	blob_size = key_size * 2;
-	blob = para_malloc(blob_size);
-	ret = base64_decode(key, blob, blob_size);
+	ret = base64_decode(key, j, (char **)&blob, &blob_size);
 	free(key);
 	if (ret < 0)
 		goto free_unmap;
+	ret = blob_size;
 	goto unmap;
 free_unmap:
 	free(blob);
@@ -606,13 +607,9 @@ static int get_ssh_public_key(unsigned char *data, int size, gcry_sexp_t *result
 	gcry_mpi_t e = NULL, n = NULL;
 
 	PARA_DEBUG_LOG("decoding %d byte public rsa-ssh key\n", size);
-	if (size > INT_MAX / 4)
-		return -ERRNO_TO_PARA_ERROR(EOVERFLOW);
-	blob = para_malloc(2 * size);
-	ret = uudecode((char *)data, blob, 2 * size);
+	ret = uudecode((char *)data, size, (char **)&blob, &decoded_size);
 	if (ret < 0)
 		goto free_blob;
-	decoded_size = ret;
 	end = blob + decoded_size;
 	dump_buffer("decoded key", blob, decoded_size);
 	ret = check_ssh_key_header(blob, decoded_size);