diff options
author | Damien Miller <djm@mindrot.org> | 2014-05-15 14:33:43 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-05-15 14:33:43 +1000 |
commit | 05e82c3b963c33048128baf72a6f6b3a1c10b4c1 (patch) | |
tree | cb238452459af2f8311d54ca509722497e799517 /sshbuf.h | |
parent | 380948180f847a26f2d0c85b4dad3dca2ed2fd8b (diff) |
- djm@cvs.openbsd.org 2014/04/30 05:29:56
[bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
[sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
[ssherr.h]
New buffer API; the first installment of the conversion/replacement
of OpenSSH's internals to make them usable as a standalone library.
This includes a set of wrappers to make it compatible with the
existing buffer API so replacement can occur incrementally.
With and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review.
Diffstat (limited to 'sshbuf.h')
-rw-r--r-- | sshbuf.h | 325 |
1 files changed, 325 insertions, 0 deletions
diff --git a/sshbuf.h b/sshbuf.h new file mode 100644 index 000000000..1d7da31c7 --- /dev/null +++ b/sshbuf.h | |||
@@ -0,0 +1,325 @@ | |||
1 | /* $OpenBSD: sshbuf.h,v 1.1 2014/04/30 05:29:56 djm Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2011 Damien Miller | ||
4 | * | ||
5 | * Permission to use, copy, modify, and distribute this software for any | ||
6 | * purpose with or without fee is hereby granted, provided that the above | ||
7 | * copyright notice and this permission notice appear in all copies. | ||
8 | * | ||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
16 | */ | ||
17 | |||
18 | #ifndef _SSHBUF_H | ||
19 | #define _SSHBUF_H | ||
20 | |||
21 | #include <sys/types.h> | ||
22 | #include <stdarg.h> | ||
23 | #include <stdio.h> | ||
24 | #include <openssl/bn.h> | ||
25 | #include <openssl/ec.h> | ||
26 | |||
27 | #define SSHBUF_SIZE_MAX 0x8000000 /* Hard maximum size */ | ||
28 | #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ | ||
29 | #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ | ||
30 | #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ | ||
31 | |||
32 | /* | ||
33 | * NB. do not depend on the internals of this. It will be made opaque | ||
34 | * one day. | ||
35 | */ | ||
36 | struct sshbuf { | ||
37 | u_char *d; /* Data */ | ||
38 | const u_char *cd; /* Const data */ | ||
39 | size_t off; /* First available byte is buf->d + buf->off */ | ||
40 | size_t size; /* Last byte is buf->d + buf->size - 1 */ | ||
41 | size_t max_size; /* Maximum size of buffer */ | ||
42 | size_t alloc; /* Total bytes allocated to buf->d */ | ||
43 | int readonly; /* Refers to external, const data */ | ||
44 | int dont_free; /* Kludge to support sshbuf_init */ | ||
45 | u_int refcount; /* Tracks self and number of child buffers */ | ||
46 | struct sshbuf *parent; /* If child, pointer to parent */ | ||
47 | }; | ||
48 | |||
49 | #ifndef SSHBUF_NO_DEPREACTED | ||
50 | /* | ||
51 | * NB. Please do not use sshbuf_init() in new code. Please use sshbuf_new() | ||
52 | * instead. sshbuf_init() is deprectated and will go away soon (it is | ||
53 | * only included to allow compat with buffer_* in OpenSSH) | ||
54 | */ | ||
55 | void sshbuf_init(struct sshbuf *buf); | ||
56 | #endif | ||
57 | |||
58 | /* | ||
59 | * Create a new sshbuf buffer. | ||
60 | * Returns pointer to buffer on success, or NULL on allocation failure. | ||
61 | */ | ||
62 | struct sshbuf *sshbuf_new(void); | ||
63 | |||
64 | /* | ||
65 | * Create a new, read-only sshbuf buffer from existing data. | ||
66 | * Returns pointer to buffer on success, or NULL on allocation failure. | ||
67 | */ | ||
68 | struct sshbuf *sshbuf_from(const void *blob, size_t len); | ||
69 | |||
70 | /* | ||
71 | * Create a new, read-only sshbuf buffer from the contents of an existing | ||
72 | * buffer. The contents of "buf" must not change in the lifetime of the | ||
73 | * resultant buffer. | ||
74 | * Returns pointer to buffer on success, or NULL on allocation failure. | ||
75 | */ | ||
76 | struct sshbuf *sshbuf_fromb(struct sshbuf *buf); | ||
77 | |||
78 | /* | ||
79 | * Create a new, read-only sshbuf buffer from the contents of a string in | ||
80 | * an existing buffer (the string is consumed in the process). | ||
81 | * The contents of "buf" must not change in the lifetime of the resultant | ||
82 | * buffer. | ||
83 | * Returns pointer to buffer on success, or NULL on allocation failure. | ||
84 | */ | ||
85 | int sshbuf_froms(struct sshbuf *buf, struct sshbuf **bufp); | ||
86 | |||
87 | /* | ||
88 | * Clear and free buf | ||
89 | */ | ||
90 | void sshbuf_free(struct sshbuf *buf); | ||
91 | |||
92 | /* | ||
93 | * Reset buf, clearing its contents. NB. max_size is preserved. | ||
94 | */ | ||
95 | void sshbuf_reset(struct sshbuf *buf); | ||
96 | |||
97 | /* | ||
98 | * Return the maximum size of buf | ||
99 | */ | ||
100 | size_t sshbuf_max_size(const struct sshbuf *buf); | ||
101 | |||
102 | /* | ||
103 | * Set the maximum size of buf | ||
104 | * Returns 0 on success, or a negative SSH_ERR_* error code on failure. | ||
105 | */ | ||
106 | int sshbuf_set_max_size(struct sshbuf *buf, size_t max_size); | ||
107 | |||
108 | /* | ||
109 | * Returns the length of data in buf | ||
110 | */ | ||
111 | size_t sshbuf_len(const struct sshbuf *buf); | ||
112 | |||
113 | /* | ||
114 | * Returns number of bytes left in buffer before hitting max_size. | ||
115 | */ | ||
116 | size_t sshbuf_avail(const struct sshbuf *buf); | ||
117 | |||
118 | /* | ||
119 | * Returns a read-only pointer to the start of the the data in buf | ||
120 | */ | ||
121 | const u_char *sshbuf_ptr(const struct sshbuf *buf); | ||
122 | |||
123 | /* | ||
124 | * Returns a mutable pointer to the start of the the data in buf, or | ||
125 | * NULL if the buffer is read-only. | ||
126 | */ | ||
127 | u_char *sshbuf_mutable_ptr(const struct sshbuf *buf); | ||
128 | |||
129 | /* | ||
130 | * Check whether a reservation of size len will succeed in buf | ||
131 | * Safer to use than direct comparisons again sshbuf_avail as it copes | ||
132 | * with unsigned overflows correctly. | ||
133 | * Returns 0 on success, or a negative SSH_ERR_* error code on failure. | ||
134 | */ | ||
135 | int sshbuf_check_reserve(const struct sshbuf *buf, size_t len); | ||
136 | |||
137 | /* | ||
138 | * Reserve len bytes in buf. | ||
139 | * Returns 0 on success and a pointer to the first reserved byte via the | ||
140 | * optional dpp parameter or a negative * SSH_ERR_* error code on failure. | ||
141 | */ | ||
142 | int sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp); | ||
143 | |||
144 | /* | ||
145 | * Consume len bytes from the start of buf | ||
146 | * Returns 0 on success, or a negative SSH_ERR_* error code on failure. | ||
147 | */ | ||
148 | int sshbuf_consume(struct sshbuf *buf, size_t len); | ||
149 | |||
150 | /* | ||
151 | * Consume len bytes from the end of buf | ||
152 | * Returns 0 on success, or a negative SSH_ERR_* error code on failure. | ||
153 | */ | ||
154 | int sshbuf_consume_end(struct sshbuf *buf, size_t len); | ||
155 | |||
156 | /* Extract or deposit some bytes */ | ||
157 | int sshbuf_get(struct sshbuf *buf, void *v, size_t len); | ||
158 | int sshbuf_put(struct sshbuf *buf, const void *v, size_t len); | ||
159 | int sshbuf_putb(struct sshbuf *buf, const struct sshbuf *v); | ||
160 | |||
161 | /* Append using a printf(3) format */ | ||
162 | int sshbuf_putf(struct sshbuf *buf, const char *fmt, ...) | ||
163 | __attribute__((format(printf, 2, 3))); | ||
164 | int sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap); | ||
165 | |||
166 | /* Functions to extract or store big-endian words of various sizes */ | ||
167 | int sshbuf_get_u64(struct sshbuf *buf, u_int64_t *valp); | ||
168 | int sshbuf_get_u32(struct sshbuf *buf, u_int32_t *valp); | ||
169 | int sshbuf_get_u16(struct sshbuf *buf, u_int16_t *valp); | ||
170 | int sshbuf_get_u8(struct sshbuf *buf, u_char *valp); | ||
171 | int sshbuf_put_u64(struct sshbuf *buf, u_int64_t val); | ||
172 | int sshbuf_put_u32(struct sshbuf *buf, u_int32_t val); | ||
173 | int sshbuf_put_u16(struct sshbuf *buf, u_int16_t val); | ||
174 | int sshbuf_put_u8(struct sshbuf *buf, u_char val); | ||
175 | |||
176 | /* | ||
177 | * Functions to extract or store SSH wire encoded strings (u32 len || data) | ||
178 | * The "cstring" variants admit no \0 characters in the string contents. | ||
179 | * Caller must free *valp. | ||
180 | */ | ||
181 | int sshbuf_get_string(struct sshbuf *buf, u_char **valp, size_t *lenp); | ||
182 | int sshbuf_get_cstring(struct sshbuf *buf, char **valp, size_t *lenp); | ||
183 | int sshbuf_get_stringb(struct sshbuf *buf, struct sshbuf *v); | ||
184 | int sshbuf_put_string(struct sshbuf *buf, const void *v, size_t len); | ||
185 | int sshbuf_put_cstring(struct sshbuf *buf, const char *v); | ||
186 | int sshbuf_put_stringb(struct sshbuf *buf, const struct sshbuf *v); | ||
187 | |||
188 | /* | ||
189 | * "Direct" variant of sshbuf_get_string, returns pointer into the sshbuf to | ||
190 | * avoid an malloc+memcpy. The pointer is guaranteed to be valid until the | ||
191 | * next sshbuf-modifying function call. Caller does not free. | ||
192 | */ | ||
193 | int sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, | ||
194 | size_t *lenp); | ||
195 | |||
196 | /* Skip past a string */ | ||
197 | #define sshbuf_skip_string(buf) sshbuf_get_string_direct(buf, NULL, NULL) | ||
198 | |||
199 | /* Another variant: "peeks" into the buffer without modifying it */ | ||
200 | int sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp, | ||
201 | size_t *lenp); | ||
202 | |||
203 | /* | ||
204 | * Functions to extract or store SSH wire encoded bignums and elliptic | ||
205 | * curve points. | ||
206 | */ | ||
207 | int sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v); | ||
208 | int sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v); | ||
209 | int sshbuf_get_ec(struct sshbuf *buf, EC_POINT *v, const EC_GROUP *g); | ||
210 | int sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v); | ||
211 | int sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v); | ||
212 | int sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v); | ||
213 | int sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g); | ||
214 | int sshbuf_put_eckey(struct sshbuf *buf, const EC_KEY *v); | ||
215 | int sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len); | ||
216 | |||
217 | /* Dump the contents of the buffer to stderr in a human-readable format */ | ||
218 | void sshbuf_dump(struct sshbuf *buf, FILE *f); | ||
219 | |||
220 | /* Return the hexadecimal representation of the contents of the buffer */ | ||
221 | char *sshbuf_dtob16(struct sshbuf *buf); | ||
222 | |||
223 | /* Encode the contents of the buffer as base64 */ | ||
224 | char *sshbuf_dtob64(struct sshbuf *buf); | ||
225 | |||
226 | /* Decode base64 data and append it to the buffer */ | ||
227 | int sshbuf_b64tod(struct sshbuf *buf, const char *b64); | ||
228 | |||
229 | /* Macros for decoding/encoding integers */ | ||
230 | #define PEEK_U64(p) \ | ||
231 | (((u_int64_t)(((u_char *)(p))[0]) << 56) | \ | ||
232 | ((u_int64_t)(((u_char *)(p))[1]) << 48) | \ | ||
233 | ((u_int64_t)(((u_char *)(p))[2]) << 40) | \ | ||
234 | ((u_int64_t)(((u_char *)(p))[3]) << 32) | \ | ||
235 | ((u_int64_t)(((u_char *)(p))[4]) << 24) | \ | ||
236 | ((u_int64_t)(((u_char *)(p))[5]) << 16) | \ | ||
237 | ((u_int64_t)(((u_char *)(p))[6]) << 8) | \ | ||
238 | (u_int64_t)(((u_char *)(p))[7])) | ||
239 | #define PEEK_U32(p) \ | ||
240 | (((u_int32_t)(((u_char *)(p))[0]) << 24) | \ | ||
241 | ((u_int32_t)(((u_char *)(p))[1]) << 16) | \ | ||
242 | ((u_int32_t)(((u_char *)(p))[2]) << 8) | \ | ||
243 | (u_int32_t)(((u_char *)(p))[3])) | ||
244 | #define PEEK_U16(p) \ | ||
245 | (((u_int16_t)(((u_char *)(p))[0]) << 8) | \ | ||
246 | (u_int16_t)(((u_char *)(p))[1])) | ||
247 | |||
248 | #define POKE_U64(p, v) \ | ||
249 | do { \ | ||
250 | ((u_char *)(p))[0] = (((u_int64_t)(v)) >> 56) & 0xff; \ | ||
251 | ((u_char *)(p))[1] = (((u_int64_t)(v)) >> 48) & 0xff; \ | ||
252 | ((u_char *)(p))[2] = (((u_int64_t)(v)) >> 40) & 0xff; \ | ||
253 | ((u_char *)(p))[3] = (((u_int64_t)(v)) >> 32) & 0xff; \ | ||
254 | ((u_char *)(p))[4] = (((u_int64_t)(v)) >> 24) & 0xff; \ | ||
255 | ((u_char *)(p))[5] = (((u_int64_t)(v)) >> 16) & 0xff; \ | ||
256 | ((u_char *)(p))[6] = (((u_int64_t)(v)) >> 8) & 0xff; \ | ||
257 | ((u_char *)(p))[7] = ((u_int64_t)(v)) & 0xff; \ | ||
258 | } while (0) | ||
259 | #define POKE_U32(p, v) \ | ||
260 | do { \ | ||
261 | ((u_char *)(p))[0] = (((u_int64_t)(v)) >> 24) & 0xff; \ | ||
262 | ((u_char *)(p))[1] = (((u_int64_t)(v)) >> 16) & 0xff; \ | ||
263 | ((u_char *)(p))[2] = (((u_int64_t)(v)) >> 8) & 0xff; \ | ||
264 | ((u_char *)(p))[3] = ((u_int64_t)(v)) & 0xff; \ | ||
265 | } while (0) | ||
266 | #define POKE_U16(p, v) \ | ||
267 | do { \ | ||
268 | ((u_char *)(p))[0] = (((u_int64_t)(v)) >> 8) & 0xff; \ | ||
269 | ((u_char *)(p))[1] = ((u_int64_t)(v)) & 0xff; \ | ||
270 | } while (0) | ||
271 | |||
272 | /* Internal definitions follow. Exposed for regress tests */ | ||
273 | #ifdef SSHBUF_INTERNAL | ||
274 | |||
275 | /* | ||
276 | * Return the allocation size of buf | ||
277 | */ | ||
278 | size_t sshbuf_alloc(const struct sshbuf *buf); | ||
279 | |||
280 | /* | ||
281 | * Increment the reference count of buf. | ||
282 | */ | ||
283 | int sshbuf_set_parent(struct sshbuf *child, struct sshbuf *parent); | ||
284 | |||
285 | /* | ||
286 | * Return the parent buffer of buf, or NULL if it has no parent. | ||
287 | */ | ||
288 | const struct sshbuf *sshbuf_parent(const struct sshbuf *buf); | ||
289 | |||
290 | /* | ||
291 | * Return the reference count of buf | ||
292 | */ | ||
293 | u_int sshbuf_refcount(const struct sshbuf *buf); | ||
294 | |||
295 | # define SSHBUF_SIZE_INIT 256 /* Initial allocation */ | ||
296 | # define SSHBUF_SIZE_INC 256 /* Preferred increment length */ | ||
297 | # define SSHBUF_PACK_MIN 8192 /* Minimim packable offset */ | ||
298 | |||
299 | /* # define SSHBUF_ABORT abort */ | ||
300 | /* # define SSHBUF_DEBUG */ | ||
301 | |||
302 | # ifndef SSHBUF_ABORT | ||
303 | # define SSHBUF_ABORT() | ||
304 | # endif | ||
305 | |||
306 | # ifdef SSHBUF_DEBUG | ||
307 | # define SSHBUF_TELL(what) do { \ | ||
308 | printf("%s:%d %s: %s size %zu alloc %zu off %zu max %zu\n", \ | ||
309 | __FILE__, __LINE__, __func__, what, \ | ||
310 | buf->size, buf->alloc, buf->off, buf->max_size); \ | ||
311 | fflush(stdout); \ | ||
312 | } while (0) | ||
313 | # define SSHBUF_DBG(x) do { \ | ||
314 | printf("%s:%d %s: ", __FILE__, __LINE__, __func__); \ | ||
315 | printf x; \ | ||
316 | printf("\n"); \ | ||
317 | fflush(stdout); \ | ||
318 | } while (0) | ||
319 | # else | ||
320 | # define SSHBUF_TELL(what) | ||
321 | # define SSHBUF_DBG(x) | ||
322 | # endif | ||
323 | #endif /* SSHBUF_INTERNAL */ | ||
324 | |||
325 | #endif /* _SSHBUF_H */ | ||