For public keys the function only called stat(2), which is unnecessary
because only an error from the subsequent open(2) call requires to
fail the operation.
The stat() call is needed for loading private keys though, to make
sure permissions are restrictive enough.
This commit renames the function as indicated in the subject and
drops the second parameter. In crypt.c we now call this function for
private keys only.
{
BIO *key;
EVP_PKEY *pkey = NULL;
{
BIO *key;
EVP_PKEY *pkey = NULL;
- int ret = check_key_file(file, private);
- if (ret < 0) {
- PARA_ERROR_LOG("%s\n", para_strerror(-ret));
- return NULL;
- }
key = BIO_new(BIO_s_file());
if (!key)
return NULL;
key = BIO_new(BIO_s_file());
if (!key)
return NULL;
struct asymmetric_key *priv;
int ret;
struct asymmetric_key *priv;
int ret;
+ ret = check_private_key_file(key_file);
+ if (ret < 0)
+ return ret;
if (inlen < 0)
return -E_RSA;
ret = get_asymmetric_key(key_file, LOAD_PRIVATE_KEY, &priv);
if (inlen < 0)
return -E_RSA;
ret = get_asymmetric_key(key_file, LOAD_PRIVATE_KEY, &priv);
size_t is_ssh_rsa_key(char *data, size_t size);
uint32_t read_ssh_u32(const void *vp);
int check_ssh_key_header(const unsigned char *blob, int blen);
size_t is_ssh_rsa_key(char *data, size_t size);
uint32_t read_ssh_u32(const void *vp);
int check_ssh_key_header(const unsigned char *blob, int blen);
-int check_key_file(const char *file, bool private_key);
+int check_private_key_file(const char *file);
- * Check existence and permissions of a key file.
+ * Check existence and permissions of a private key file.
*
* \param file The path of the key file.
*
* \param file The path of the key file.
- * \param private_key Whether this is a private key.
- * This checks whether the file exists. If it is a private key, we additionally
- * check that the permissions are restrictive enough. It is considered an error
- * if we own the file and it is readable for others.
+ * This checks whether the file exists and its permissions are restrictive
+ * enough. It is considered an error if we own the file and it is readable for
+ * others.
-int check_key_file(const char *file, bool private_key)
+int check_private_key_file(const char *file)
{
struct stat st;
if (stat(file, &st) != 0)
return -ERRNO_TO_PARA_ERROR(errno);
{
struct stat st;
if (stat(file, &st) != 0)
return -ERRNO_TO_PARA_ERROR(errno);
- if (!private_key)
- return 0;
if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0)
return -E_KEY_PERM;
return 1;
if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0)
return -E_KEY_PERM;
return 1;
gcry_sexp_t in, out, priv_key;
size_t nbytes;
gcry_sexp_t in, out, priv_key;
size_t nbytes;
- ret = check_key_file(key_file, true);
+ ret = check_private_key_file(key_file);
if (ret < 0)
return ret;
PARA_INFO_LOG("decrypting %d byte input\n", inlen);
if (ret < 0)
return ret;
PARA_INFO_LOG("decrypting %d byte input\n", inlen);