aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2015-09-07 10:50:49 +0200
committerAndreas Schneider <asn@cryptomilk.org>2015-09-07 10:57:34 +0200
commit3b0b1c3ee3c88d5bc1c649d20969219e1e43b58d (patch)
tree0eb24263e6681c3244daa7f64bd2401cc7225519
parent82a80b205bb5159c3e8da635c47882a14c17120b (diff)
downloadlibssh-3b0b1c3ee3c88d5bc1c649d20969219e1e43b58d.tar.gz
libssh-3b0b1c3ee3c88d5bc1c649d20969219e1e43b58d.tar.xz
libssh-3b0b1c3ee3c88d5bc1c649d20969219e1e43b58d.zip
pki: Use the standard logging function
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--include/libssh/pki_priv.h5
-rw-r--r--src/pki.c68
-rw-r--r--src/pki_container_openssh.c47
-rw-r--r--src/pki_crypto.c55
-rw-r--r--src/pki_ed25519.c2
-rw-r--r--src/pki_gcrypt.c34
-rw-r--r--tests/unittests/torture_pki.c10
7 files changed, 109 insertions, 112 deletions
diff --git a/include/libssh/pki_priv.h b/include/libssh/pki_priv.h
index 5acb02a8..9a8857dc 100644
--- a/include/libssh/pki_priv.h
+++ b/include/libssh/pki_priv.h
@@ -43,11 +43,6 @@ int bcrypt_pbkdf(const char *pass,
/* Magic defined in OpenSSH/PROTOCOL.key */
#define OPENSSH_AUTH_MAGIC "openssh-key-v1"
-#define ssh_pki_log(...) \
- _ssh_log(SSH_LOG_FUNCTIONS, __func__, __VA_ARGS__)
-void _ssh_pki_log(const char *function,
- const char *format, ...) PRINTF_ATTRIBUTE(2, 3);
-
int pki_key_ecdsa_nid_from_name(const char *name);
const char *pki_key_ecdsa_nid_to_name(int nid);
diff --git a/src/pki.c b/src/pki.c
index 7cc3d6d5..b2f3a784 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -64,24 +64,6 @@
#include "libssh/misc.h"
#include "libssh/agent.h"
-void _ssh_pki_log(const char *function, const char *format, ...)
-{
-#ifdef DEBUG_CRYPTO
- char buffer[1024];
- va_list va;
-
- va_start(va, format);
- vsnprintf(buffer, sizeof(buffer), format, va);
- va_end(va);
-
- ssh_log_function(SSH_LOG_DEBUG, function, buffer);
-#else
- (void) function;
- (void) format;
-#endif
- return;
-}
-
enum ssh_keytypes_e pki_privatekey_type_from_string(const char *privkey) {
if (strncmp(privkey, DSA_HEADER_BEGIN, strlen(DSA_HEADER_BEGIN)) == 0) {
return SSH_KEYTYPE_DSS;
@@ -309,7 +291,7 @@ int ssh_key_cmp(const ssh_key k1,
}
if (k1->type != k2->type) {
- ssh_pki_log("key types don't match!");
+ SSH_LOG(SSH_LOG_WARN, "key types don't match!");
return 1;
}
@@ -412,8 +394,9 @@ int ssh_pki_import_privkey_base64(const char *b64_key,
return SSH_ERROR;
}
- ssh_pki_log("Trying to decode privkey passphrase=%s",
- passphrase ? "true" : "false");
+ SSH_LOG(SSH_LOG_INFO,
+ "Trying to decode privkey passphrase=%s",
+ passphrase ? "true" : "false");
/* Test for OpenSSH key format first */
cmp = strncmp(b64_key, OPENSSH_HEADER_BEGIN, strlen(OPENSSH_HEADER_BEGIN));
@@ -475,16 +458,20 @@ int ssh_pki_import_privkey_file(const char *filename,
file = fopen(filename, "rb");
if (file == NULL) {
- ssh_pki_log("Error opening %s: %s",
- filename, strerror(errno));
+ SSH_LOG(SSH_LOG_WARN,
+ "Error opening %s: %s",
+ filename,
+ strerror(errno));
return SSH_EOF;
}
rc = fstat(fileno(file), &sb);
if (rc < 0) {
fclose(file);
- ssh_pki_log("Error getting stat of %s: %s",
- filename, strerror(errno));
+ SSH_LOG(SSH_LOG_WARN,
+ "Error getting stat of %s: %s",
+ filename,
+ strerror(errno));
switch (errno) {
case ENOENT:
case EACCES:
@@ -495,7 +482,8 @@ int ssh_pki_import_privkey_file(const char *filename,
}
if (sb.st_size > MAX_PRIVKEY_SIZE) {
- ssh_pki_log("Private key is bigger than 4M.");
+ SSH_LOG(SSH_LOG_WARN,
+ "Private key is bigger than 4M.");
fclose(file);
return SSH_ERROR;
}
@@ -503,7 +491,7 @@ int ssh_pki_import_privkey_file(const char *filename,
key_buf = malloc(sb.st_size + 1);
if (key_buf == NULL) {
fclose(file);
- ssh_pki_log("Out of memory!");
+ SSH_LOG(SSH_LOG_WARN, "Out of memory!");
return SSH_ERROR;
}
@@ -512,8 +500,10 @@ int ssh_pki_import_privkey_file(const char *filename,
if (size != sb.st_size) {
SAFE_FREE(key_buf);
- ssh_pki_log("Error reading %s: %s",
- filename, strerror(errno));
+ SSH_LOG(SSH_LOG_WARN,
+ "Error reading %s: %s",
+ filename,
+ strerror(errno));
return SSH_ERROR;
}
key_buf[size] = 0;
@@ -789,7 +779,7 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer,
{
ssh_string pubkey = buffer_get_ssh_string(buffer);
if (ssh_string_len(pubkey) != ED25519_PK_LEN) {
- ssh_pki_log("Invalid public key length");
+ SSH_LOG(SSH_LOG_WARN, "Invalid public key length");
ssh_string_burn(pubkey);
ssh_string_free(pubkey);
goto fail;
@@ -809,7 +799,7 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer,
break;
case SSH_KEYTYPE_UNKNOWN:
default:
- ssh_pki_log("Unknown public key protocol %d", type);
+ SSH_LOG(SSH_LOG_WARN, "Unknown public key protocol %d", type);
goto fail;
}
@@ -892,26 +882,26 @@ int ssh_pki_import_pubkey_blob(const ssh_string key_blob,
buffer = ssh_buffer_new();
if (buffer == NULL) {
- ssh_pki_log("Out of memory!");
+ SSH_LOG(SSH_LOG_WARN, "Out of memory!");
return SSH_ERROR;
}
rc = ssh_buffer_add_data(buffer, ssh_string_data(key_blob),
ssh_string_len(key_blob));
if (rc < 0) {
- ssh_pki_log("Out of memory!");
+ SSH_LOG(SSH_LOG_WARN, "Out of memory!");
goto fail;
}
type_s = buffer_get_ssh_string(buffer);
if (type_s == NULL) {
- ssh_pki_log("Out of memory!");
+ SSH_LOG(SSH_LOG_WARN, "Out of memory!");
goto fail;
}
type = ssh_key_type_from_name(ssh_string_get_char(type_s));
if (type == SSH_KEYTYPE_UNKNOWN) {
- ssh_pki_log("Unknown key type found!");
+ SSH_LOG(SSH_LOG_WARN, "Unknown key type found!");
goto fail;
}
ssh_string_free(type_s);
@@ -957,7 +947,7 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey)
file = fopen(filename, "r");
if (file == NULL) {
- ssh_pki_log("Error opening %s: %s",
+ SSH_LOG(SSH_LOG_WARN, "Error opening %s: %s",
filename, strerror(errno));
return SSH_EOF;
}
@@ -965,7 +955,7 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey)
rc = fstat(fileno(file), &sb);
if (rc < 0) {
fclose(file);
- ssh_pki_log("Error gettint stat of %s: %s",
+ SSH_LOG(SSH_LOG_WARN, "Error gettint stat of %s: %s",
filename, strerror(errno));
switch (errno) {
case ENOENT:
@@ -983,7 +973,7 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey)
key_buf = malloc(sb.st_size + 1);
if (key_buf == NULL) {
fclose(file);
- ssh_pki_log("Out of memory!");
+ SSH_LOG(SSH_LOG_WARN, "Out of memory!");
return SSH_ERROR;
}
@@ -992,7 +982,7 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey)
if (size != sb.st_size) {
SAFE_FREE(key_buf);
- ssh_pki_log("Error reading %s: %s",
+ SSH_LOG(SSH_LOG_WARN, "Error reading %s: %s",
filename, strerror(errno));
return SSH_ERROR;
}
diff --git a/src/pki_container_openssh.c b/src/pki_container_openssh.c
index bfc6f8d4..54aee4de 100644
--- a/src/pki_container_openssh.c
+++ b/src/pki_container_openssh.c
@@ -69,20 +69,20 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer,
rc = ssh_buffer_unpack(key_blob_buffer, "s", &type_s);
if (rc == SSH_ERROR){
- ssh_pki_log("Unpack error");
+ SSH_LOG(SSH_LOG_WARN, "Unpack error");
return SSH_ERROR;
}
type = ssh_key_type_from_name(type_s);
if (type == SSH_KEYTYPE_UNKNOWN) {
- ssh_pki_log("Unknown key type found!");
+ SSH_LOG(SSH_LOG_WARN, "Unknown key type found!");
return SSH_ERROR;
}
SAFE_FREE(type_s);
key = ssh_key_new();
if (key == NULL) {
- ssh_pki_log("Out of memory");
+ SSH_LOG(SSH_LOG_WARN, "Out of memory");
return SSH_ERROR;
}
@@ -94,12 +94,12 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer,
case SSH_KEYTYPE_ED25519:
rc = ssh_buffer_unpack(key_blob_buffer, "SS", &pubkey, &privkey);
if (rc != SSH_OK){
- ssh_pki_log("Unpack error");
+ SSH_LOG(SSH_LOG_WARN, "Unpack error");
goto fail;
}
if(ssh_string_len(pubkey) != ED25519_PK_LEN ||
ssh_string_len(privkey) != ED25519_SK_LEN){
- ssh_pki_log("Invalid ed25519 key len");
+ SSH_LOG(SSH_LOG_WARN, "Invalid ed25519 key len");
goto fail;
}
key->ed25519_privkey = malloc(ED25519_SK_LEN);
@@ -120,10 +120,10 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer,
case SSH_KEYTYPE_RSA1:
case SSH_KEYTYPE_ECDSA:
/* curve_name, group, privkey */
- ssh_pki_log("Unsupported private key method %s", key->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Unsupported private key method %s", key->type_c);
goto fail;
case SSH_KEYTYPE_UNKNOWN:
- ssh_pki_log("Unknown private key protocol %s", key->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Unknown private key protocol %s", key->type_c);
goto fail;
}
@@ -213,18 +213,21 @@ static int pki_private_key_decrypt(ssh_string blob,
/* We need material for key (keysize bits / 8) and IV (blocksize) */
key_material_len = cipher.keysize/8 + cipher.blocksize;
if (key_material_len > sizeof(key_material)) {
- ssh_pki_log("Key material too big");
+ SSH_LOG(SSH_LOG_WARN, "Key material too big");
return SSH_ERROR;
}
- ssh_pki_log("Decryption: %d key, %d IV, %d rounds, %zu bytes salt",
- cipher.keysize/8,
- cipher.blocksize, rounds, ssh_string_len(salt));
+ SSH_LOG(SSH_LOG_DEBUG,
+ "Decryption: %d key, %d IV, %d rounds, %zu bytes salt",
+ cipher.keysize/8,
+ cipher.blocksize,
+ rounds,
+ ssh_string_len(salt));
if (passphrase == NULL) {
if (auth_fn == NULL) {
SAFE_FREE(salt);
- ssh_pki_log("No passphrase provided");
+ SSH_LOG(SSH_LOG_WARN, "No passphrase provided");
return SSH_ERROR;
}
rc = auth_fn("Passphrase",
@@ -339,7 +342,11 @@ ssh_key ssh_pki_openssh_privkey_import(const char *text_key,
SSH_LOG(SSH_LOG_WARN, "Not an OpenSSH private key (bad magic)");
goto error;
}
- ssh_pki_log("Opening OpenSSH private key: ciphername: %s, kdf: %s, nkeys: %d\n", ciphername, kdfname, nkeys);
+ SSH_LOG(SSH_LOG_INFO,
+ "Opening OpenSSH private key: ciphername: %s, kdf: %s, nkeys: %d\n",
+ ciphername,
+ kdfname,
+ nkeys);
if (nkeys != 1){
SSH_LOG(SSH_LOG_WARN, "Opening OpenSSH private key: only 1 key supported (%d available)", nkeys);
goto error;
@@ -383,7 +390,7 @@ ssh_key ssh_pki_openssh_privkey_import(const char *text_key,
if (padding != i){
ssh_key_free(key);
key = NULL;
- ssh_pki_log("Invalid padding");
+ SSH_LOG(SSH_LOG_WARN, "Invalid padding");
goto error;
}
}
@@ -419,7 +426,7 @@ static int pki_openssh_export_privkey_blob(const ssh_key privkey,
int rc;
if (privkey->type != SSH_KEYTYPE_ED25519) {
- ssh_pki_log("Type %s not supported", privkey->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Type %s not supported", privkey->type_c);
return SSH_ERROR;
}
if (privkey->ed25519_privkey == NULL ||
@@ -494,17 +501,17 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer,
/* We need material for key (keysize bits / 8) and IV (blocksize) */
key_material_len = cipher.keysize/8 + cipher.blocksize;
if (key_material_len > sizeof(key_material)){
- ssh_pki_log("Key material too big");
+ SSH_LOG(SSH_LOG_WARN, "Key material too big");
return SSH_ERROR;
}
- ssh_pki_log("Encryption: %d key, %d IV, %d rounds, %zu bytes salt",
+ SSH_LOG(SSH_LOG_WARN, "Encryption: %d key, %d IV, %d rounds, %zu bytes salt",
cipher.keysize/8,
cipher.blocksize, rounds, ssh_string_len(salt));
if (passphrase == NULL){
if (auth_fn == NULL){
- ssh_pki_log("No passphrase provided");
+ SSH_LOG(SSH_LOG_WARN, "No passphrase provided");
return SSH_ERROR;
}
rc = auth_fn("Passphrase",
@@ -573,11 +580,11 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
return NULL;
}
if (privkey->type != SSH_KEYTYPE_ED25519){
- ssh_pki_log("Unsupported key type %s", privkey->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Unsupported key type %s", privkey->type_c);
return NULL;
}
if (passphrase != NULL || auth_fn != NULL){
- ssh_pki_log("Enabling encryption for private key export");
+ SSH_LOG(SSH_LOG_INFO, "Enabling encryption for private key export");
to_encrypt = 1;
}
buffer = ssh_buffer_new();
diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index b53bba24..ab549c11 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -649,11 +649,11 @@ ssh_string pki_private_key_to_pem(const ssh_key key,
#endif
case SSH_KEYTYPE_ED25519:
BIO_free(mem);
- ssh_pki_log("PEM output not supported for key type ssh-ed25519");
+ SSH_LOG(SSH_LOG_WARN, "PEM output not supported for key type ssh-ed25519");
return NULL;
case SSH_KEYTYPE_UNKNOWN:
BIO_free(mem);
- ssh_pki_log("Unkown or invalid private key type %d", key->type);
+ SSH_LOG(SSH_LOG_WARN, "Unkown or invalid private key type %d", key->type);
return NULL;
}
@@ -696,7 +696,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
type = pki_privatekey_type_from_string(b64_key);
if (type == SSH_KEYTYPE_UNKNOWN) {
- ssh_pki_log("Unknown or invalid private key.");
+ SSH_LOG(SSH_LOG_WARN, "Unknown or invalid private key.");
return NULL;
}
@@ -720,8 +720,9 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
BIO_free(mem);
if (dsa == NULL) {
- ssh_pki_log("Parsing private key: %s",
- ERR_error_string(ERR_get_error(), NULL));
+ SSH_LOG(SSH_LOG_WARN,
+ "Parsing private key: %s",
+ ERR_error_string(ERR_get_error(), NULL));
return NULL;
}
@@ -744,8 +745,9 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
BIO_free(mem);
if (rsa == NULL) {
- ssh_pki_log("Parsing private key: %s",
- ERR_error_string(ERR_get_error(),NULL));
+ SSH_LOG(SSH_LOG_WARN,
+ "Parsing private key: %s",
+ ERR_error_string(ERR_get_error(),NULL));
return NULL;
}
@@ -768,8 +770,9 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
BIO_free(mem);
if (ecdsa == NULL) {
- ssh_pki_log("Parsing private key: %s",
- ERR_error_string(ERR_get_error(), NULL));
+ SSH_LOG(SSH_LOG_WARN,
+ "Parsing private key: %s",
+ ERR_error_string(ERR_get_error(), NULL));
return NULL;
}
@@ -779,7 +782,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
/* Cannot open ed25519 keys with libcrypto */
case SSH_KEYTYPE_UNKNOWN:
BIO_free(mem);
- ssh_pki_log("Unkown or invalid private key type %d", type);
+ SSH_LOG(SSH_LOG_WARN, "Unkown or invalid private key type %d", type);
return NULL;
}
@@ -1247,7 +1250,7 @@ ssh_string pki_signature_to_blob(const ssh_signature sig)
break;
default:
case SSH_KEYTYPE_UNKNOWN:
- ssh_pki_log("Unknown signature key type: %s", sig->type_c);
+ SSH_LOG(SSH_LOG_WARN, "Unknown signature key type: %s", sig->type_c);
return NULL;
}
@@ -1267,19 +1270,21 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey,
size_t len = ssh_string_len(sig_blob);
if (pubkey->rsa == NULL) {
- ssh_pki_log("Pubkey RSA field NULL");
+ SSH_LOG(SSH_LOG_WARN, "Pubkey RSA field NULL");
goto errout;
}
rsalen = RSA_size(pubkey->rsa);
if (len > rsalen) {
- ssh_pki_log("Signature is too big: %lu > %lu",
- (unsigned long)len, (unsigned long)rsalen);
+ SSH_LOG(SSH_LOG_WARN,
+ "Signature is too big: %lu > %lu",
+ (unsigned long)len,
+ (unsigned long)rsalen);
goto errout;
}
#ifdef DEBUG_CRYPTO
- ssh_pki_log("RSA signature len: %lu", (unsigned long)len);
+ SSH_LOG(SSH_LOG_WARN, "RSA signature len: %lu", (unsigned long)len);
ssh_print_hexa("RSA signature", ssh_string_data(sig_blob), len);
#endif
@@ -1287,8 +1292,10 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey,
sig->rsa_sig = ssh_string_copy(sig_blob);
} else {
/* pad the blob to the expected rsalen size */
- ssh_pki_log("RSA signature len %lu < %lu",
- (unsigned long)len, (unsigned long)rsalen);
+ SSH_LOG(SSH_LOG_DEBUG,
+ "RSA signature len %lu < %lu",
+ (unsigned long)len,
+ (unsigned long)rsalen);
pad_len = rsalen - len;
@@ -1339,8 +1346,9 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
case SSH_KEYTYPE_DSS:
/* 40 is the dual signature blob len. */
if (len != 40) {
- ssh_pki_log("Signature has wrong size: %lu",
- (unsigned long)len);
+ SSH_LOG(SSH_LOG_WARN,
+ "Signature has wrong size: %lu",
+ (unsigned long)len);
ssh_signature_free(sig);
return NULL;
}
@@ -1457,9 +1465,10 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
}
if (rlen != 0) {
- ssh_pki_log("Signature has remaining bytes in inner "
- "sigblob: %lu",
- (unsigned long)rlen);
+ SSH_LOG(SSH_LOG_WARN,
+ "Signature has remaining bytes in inner "
+ "sigblob: %lu",
+ (unsigned long)rlen);
ssh_signature_free(sig);
return NULL;
}
@@ -1476,7 +1485,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
break;
default:
case SSH_KEYTYPE_UNKNOWN:
- ssh_pki_log("Unknown signature type");
+ SSH_LOG(SSH_LOG_WARN, "Unknown signature type");
ssh_signature_free(sig);
return NULL;
}
diff --git a/src/pki_ed25519.c b/src/pki_ed25519.c
index 37d3c878..a51f6c6b 100644
--- a/src/pki_ed25519.c
+++ b/src/pki_ed25519.c
@@ -290,7 +290,7 @@ int pki_ed25519_sig_from_blob(ssh_signature sig, ssh_string sig_blob)
len = ssh_string_len(sig_blob);
if (len != ED25519_SIG_LEN){
- ssh_pki_log("Invalid ssh-ed25519 signature len: %zu", len);
+ SSH_LOG(SSH_LOG_WARN, "Invalid ssh-ed25519 signature len: %zu", len);
return SSH_ERROR;
}
diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c
index 757a0375..0def32cb 100644
--- a/src/pki_gcrypt.c
+++ b/src/pki_gcrypt.c
@@ -622,7 +622,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
type = pki_privatekey_type_from_string(b64_key);
if (type == SSH_KEYTYPE_UNKNOWN) {
- ssh_pki_log("Unknown or invalid private key.");
+ SSH_LOG(SSH_LOG_WARN, "Unknown or invalid private key.");
return NULL;
}
@@ -642,7 +642,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
}
if (!valid) {
- ssh_pki_log("Parsing private key");
+ SSH_LOG(SSH_LOG_WARN, "Parsing private key");
goto fail;
}
break;
@@ -662,7 +662,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
}
if (!valid) {
- ssh_pki_log("Parsing private key");
+ SSH_LOG(SSH_LOG_WARN, "Parsing private key");
goto fail;
}
break;
@@ -671,7 +671,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key,
case SSH_KEYTYPE_ECDSA:
case SSH_KEYTYPE_UNKNOWN:
default:
- ssh_pki_log("Unkown or invalid private key type %d", type);
+ SSH_LOG(SSH_LOG_WARN, "Unkown or invalid private key type %d", type);
return NULL;
}
@@ -1461,7 +1461,7 @@ ssh_string pki_signature_to_blob(const ssh_signature sig)
case SSH_KEYTYPE_ECDSA:
case SSH_KEYTYPE_UNKNOWN:
default:
- ssh_pki_log("Unknown signature key type: %d", sig->type);
+ SSH_LOG(SSH_LOG_WARN, "Unknown signature key type: %d", sig->type);
return NULL;
break;
}
@@ -1492,14 +1492,17 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
case SSH_KEYTYPE_DSS:
/* 40 is the dual signature blob len. */
if (len != 40) {
- ssh_pki_log("Signature has wrong size: %lu",
- (unsigned long)len);
+ SSH_LOG(SSH_LOG_WARN,
+ "Signature has wrong size: %lu",
+ (unsigned long)len);
ssh_signature_free(sig);
return NULL;
}
#ifdef DEBUG_CRYPTO
- ssh_pki_log("DSA signature len: %lu", (unsigned long)len);
+ SSH_LOG(SSH_LOG_DEBUG,
+ "DSA signature len: %lu",
+ (unsigned long)len);
ssh_print_hexa("DSA signature", ssh_string_data(sig_blob), len);
#endif
@@ -1520,19 +1523,22 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
rsalen = (gcry_pk_get_nbits(pubkey->rsa) + 7) / 8;
if (len > rsalen) {
- ssh_pki_log("Signature is to big size: %lu",
- (unsigned long)len);
+ SSH_LOG(SSH_LOG_WARN,
+ "Signature is to big size: %lu",
+ (unsigned long)len);
ssh_signature_free(sig);
return NULL;
}
if (len < rsalen) {
- ssh_pki_log("RSA signature len %lu < %lu",
- (unsigned long)len, (unsigned long)rsalen);
+ SSH_LOG(SSH_LOG_DEBUG,
+ "RSA signature len %lu < %lu",
+ (unsigned long)len,
+ (unsigned long)rsalen);
}
#ifdef DEBUG_CRYPTO
- ssh_pki_log("RSA signature len: %lu", (unsigned long)len);
+ SSH_LOG(SSH_LOG_DEBUG, "RSA signature len: %lu", (unsigned long)len);
ssh_print_hexa("RSA signature", ssh_string_data(sig_blob), len);
#endif
@@ -1556,7 +1562,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
case SSH_KEYTYPE_ECDSA:
case SSH_KEYTYPE_UNKNOWN:
default:
- ssh_pki_log("Unknown signature type");
+ SSH_LOG(SSH_LOG_WARN, "Unknown signature type");
return NULL;
}
diff --git a/tests/unittests/torture_pki.c b/tests/unittests/torture_pki.c
index 879da6c7..b5627dcd 100644
--- a/tests/unittests/torture_pki.c
+++ b/tests/unittests/torture_pki.c
@@ -1265,8 +1265,6 @@ static void torture_pki_write_privkey_rsa(void **state)
(void) state; /* unused */
- ssh_set_log_level(5);
-
rc = ssh_pki_import_privkey_file(LIBSSH_RSA_TESTKEY,
NULL,
NULL,
@@ -1305,8 +1303,6 @@ static void torture_pki_write_privkey_dsa(void **state)
(void) state; /* unused */
- ssh_set_log_level(5);
-
rc = ssh_pki_import_privkey_file(LIBSSH_DSA_TESTKEY,
NULL,
NULL,
@@ -1346,8 +1342,6 @@ static void torture_pki_write_privkey_ecdsa(void **state)
(void) state; /* unused */
- ssh_set_log_level(5);
-
rc = ssh_pki_import_privkey_file(LIBSSH_ECDSA_TESTKEY,
NULL,
NULL,
@@ -1387,8 +1381,6 @@ static void torture_pki_write_privkey_ed25519(void **state){
(void) state; /* unused */
- ssh_set_log_level(5);
-
rc = ssh_pki_import_privkey_file(LIBSSH_ED25519_TESTKEY,
NULL,
NULL,
@@ -1457,8 +1449,6 @@ static void torture_pki_ecdsa_name(void **state, const char *expected_name)
(void) state; /* unused */
- ssh_set_log_level(5);
-
rc = ssh_pki_import_privkey_file(LIBSSH_ECDSA_TESTKEY, NULL, NULL, NULL, &key);
assert_true(rc == 0);