diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-01-21 10:35:09 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-01-21 23:13:03 +1100 |
commit | 71e67fff946396caa110a7964da23480757258ff (patch) | |
tree | 07cae7bce377241a7b61195d0810ec91d953685e /kexc25519.c | |
parent | 4b83e2a2cc0c12e671a77eaba1c1245894f4e884 (diff) |
upstream: pass values used in KEX hash computation as sshbuf
rather than pointer+len
suggested by me; implemented by markus@ ok me
OpenBSD-Commit-ID: 994f33c464f4a9e0f1d21909fa3e379f5a0910f0
Diffstat (limited to 'kexc25519.c')
-rw-r--r-- | kexc25519.c | 38 |
1 files changed, 21 insertions, 17 deletions
diff --git a/kexc25519.c b/kexc25519.c index a06c6e44b..ec5bb574f 100644 --- a/kexc25519.c +++ b/kexc25519.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexc25519.c,v 1.14 2019/01/21 10:24:09 djm Exp $ */ | 1 | /* $OpenBSD: kexc25519.c,v 1.15 2019/01/21 10:35:09 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -96,9 +96,9 @@ kex_c25519_hash( | |||
96 | const u_char *ckexinit, size_t ckexinitlen, | 96 | const u_char *ckexinit, size_t ckexinitlen, |
97 | const u_char *skexinit, size_t skexinitlen, | 97 | const u_char *skexinit, size_t skexinitlen, |
98 | const u_char *serverhostkeyblob, size_t sbloblen, | 98 | const u_char *serverhostkeyblob, size_t sbloblen, |
99 | const u_char *client_pub, size_t client_pub_len, | 99 | const struct sshbuf *client_pub, |
100 | const u_char *server_pub, size_t server_pub_len, | 100 | const struct sshbuf *server_pub, |
101 | const u_char *shared_secret, size_t secretlen, | 101 | const struct sshbuf *shared_secret, |
102 | u_char *hash, size_t *hashlen) | 102 | u_char *hash, size_t *hashlen) |
103 | { | 103 | { |
104 | struct sshbuf *b; | 104 | struct sshbuf *b; |
@@ -118,9 +118,9 @@ kex_c25519_hash( | |||
118 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | 118 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || |
119 | (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 || | 119 | (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 || |
120 | (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 || | 120 | (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 || |
121 | (r = sshbuf_put_string(b, client_pub, client_pub_len)) != 0 || | 121 | (r = sshbuf_put_stringb(b, client_pub)) != 0 || |
122 | (r = sshbuf_put_string(b, server_pub, server_pub_len)) != 0 || | 122 | (r = sshbuf_put_stringb(b, server_pub)) != 0 || |
123 | (r = sshbuf_put(b, shared_secret, secretlen)) != 0) { | 123 | (r = sshbuf_putb(b, shared_secret)) != 0) { |
124 | sshbuf_free(b); | 124 | sshbuf_free(b); |
125 | return r; | 125 | return r; |
126 | } | 126 | } |
@@ -162,11 +162,12 @@ kex_c25519_keypair(struct kex *kex) | |||
162 | } | 162 | } |
163 | 163 | ||
164 | int | 164 | int |
165 | kex_c25519_enc(struct kex *kex, const u_char *pkblob, | 165 | kex_c25519_enc(struct kex *kex, const struct sshbuf *client_blob, |
166 | size_t pklen, struct sshbuf **server_blobp, struct sshbuf **shared_secretp) | 166 | struct sshbuf **server_blobp, struct sshbuf **shared_secretp) |
167 | { | 167 | { |
168 | struct sshbuf *server_blob = NULL; | 168 | struct sshbuf *server_blob = NULL; |
169 | struct sshbuf *buf = NULL; | 169 | struct sshbuf *buf = NULL; |
170 | const u_char *client_pub; | ||
170 | u_char *server_pub; | 171 | u_char *server_pub; |
171 | u_char server_key[CURVE25519_SIZE]; | 172 | u_char server_key[CURVE25519_SIZE]; |
172 | int r; | 173 | int r; |
@@ -174,12 +175,13 @@ kex_c25519_enc(struct kex *kex, const u_char *pkblob, | |||
174 | *server_blobp = NULL; | 175 | *server_blobp = NULL; |
175 | *shared_secretp = NULL; | 176 | *shared_secretp = NULL; |
176 | 177 | ||
177 | if (pklen != CURVE25519_SIZE) { | 178 | if (sshbuf_len(client_blob) != CURVE25519_SIZE) { |
178 | r = SSH_ERR_SIGNATURE_INVALID; | 179 | r = SSH_ERR_SIGNATURE_INVALID; |
179 | goto out; | 180 | goto out; |
180 | } | 181 | } |
182 | client_pub = sshbuf_ptr(client_blob); | ||
181 | #ifdef DEBUG_KEXECDH | 183 | #ifdef DEBUG_KEXECDH |
182 | dump_digest("client public key 25519:", pkblob, CURVE25519_SIZE); | 184 | dump_digest("client public key 25519:", client_pub, CURVE25519_SIZE); |
183 | #endif | 185 | #endif |
184 | /* allocate space for encrypted KEM key and ECDH pub key */ | 186 | /* allocate space for encrypted KEM key and ECDH pub key */ |
185 | if ((server_blob = sshbuf_new()) == NULL) { | 187 | if ((server_blob = sshbuf_new()) == NULL) { |
@@ -194,7 +196,7 @@ kex_c25519_enc(struct kex *kex, const u_char *pkblob, | |||
194 | r = SSH_ERR_ALLOC_FAIL; | 196 | r = SSH_ERR_ALLOC_FAIL; |
195 | goto out; | 197 | goto out; |
196 | } | 198 | } |
197 | if ((r = kexc25519_shared_key_ext(server_key, pkblob, buf, 0)) < 0) | 199 | if ((r = kexc25519_shared_key_ext(server_key, client_pub, buf, 0)) < 0) |
198 | goto out; | 200 | goto out; |
199 | #ifdef DEBUG_KEXECDH | 201 | #ifdef DEBUG_KEXECDH |
200 | dump_digest("server public key 25519:", server_pub, CURVE25519_SIZE); | 202 | dump_digest("server public key 25519:", server_pub, CURVE25519_SIZE); |
@@ -212,27 +214,29 @@ kex_c25519_enc(struct kex *kex, const u_char *pkblob, | |||
212 | } | 214 | } |
213 | 215 | ||
214 | int | 216 | int |
215 | kex_c25519_dec(struct kex *kex, const u_char *pkblob, | 217 | kex_c25519_dec(struct kex *kex, const struct sshbuf *server_blob, |
216 | size_t pklen, struct sshbuf **shared_secretp) | 218 | struct sshbuf **shared_secretp) |
217 | { | 219 | { |
218 | struct sshbuf *buf = NULL; | 220 | struct sshbuf *buf = NULL; |
221 | const u_char *server_pub; | ||
219 | int r; | 222 | int r; |
220 | 223 | ||
221 | *shared_secretp = NULL; | 224 | *shared_secretp = NULL; |
222 | 225 | ||
223 | if (pklen != CURVE25519_SIZE) { | 226 | if (sshbuf_len(server_blob) != CURVE25519_SIZE) { |
224 | r = SSH_ERR_SIGNATURE_INVALID; | 227 | r = SSH_ERR_SIGNATURE_INVALID; |
225 | goto out; | 228 | goto out; |
226 | } | 229 | } |
230 | server_pub = sshbuf_ptr(server_blob); | ||
227 | #ifdef DEBUG_KEXECDH | 231 | #ifdef DEBUG_KEXECDH |
228 | dump_digest("server public key c25519:", pkblob, CURVE25519_SIZE); | 232 | dump_digest("server public key c25519:", server_pub, CURVE25519_SIZE); |
229 | #endif | 233 | #endif |
230 | /* shared secret */ | 234 | /* shared secret */ |
231 | if ((buf = sshbuf_new()) == NULL) { | 235 | if ((buf = sshbuf_new()) == NULL) { |
232 | r = SSH_ERR_ALLOC_FAIL; | 236 | r = SSH_ERR_ALLOC_FAIL; |
233 | goto out; | 237 | goto out; |
234 | } | 238 | } |
235 | if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, pkblob, | 239 | if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub, |
236 | buf, 0)) < 0) | 240 | buf, 0)) < 0) |
237 | goto out; | 241 | goto out; |
238 | #ifdef DEBUG_KEXECDH | 242 | #ifdef DEBUG_KEXECDH |