diff options
author | Colin Watson <cjwatson@debian.org> | 2016-12-20 00:22:52 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-12-20 00:22:52 +0000 |
commit | 971a7653746a6972b907dfe0ce139c06e4a6f482 (patch) | |
tree | 70fb964265d57ae4967be55b75dbb2a122e9b969 /sshkey.c | |
parent | a8ed8d256b2e2c05b0c15565a7938028c5192277 (diff) | |
parent | 4a354fc231174901f2629437c2a6e924a2dd6772 (diff) |
Import openssh_7.4p1.orig.tar.gz
Diffstat (limited to 'sshkey.c')
-rw-r--r-- | sshkey.c | 68 |
1 files changed, 34 insertions, 34 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.35 2016/06/19 07:48:02 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.41 2016/10/24 01:09:17 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -27,7 +27,6 @@ | |||
27 | 27 | ||
28 | #include "includes.h" | 28 | #include "includes.h" |
29 | 29 | ||
30 | #include <sys/param.h> /* MIN MAX */ | ||
31 | #include <sys/types.h> | 30 | #include <sys/types.h> |
32 | #include <netinet/in.h> | 31 | #include <netinet/in.h> |
33 | 32 | ||
@@ -196,7 +195,7 @@ sshkey_ecdsa_nid_from_name(const char *name) | |||
196 | } | 195 | } |
197 | 196 | ||
198 | char * | 197 | char * |
199 | key_alg_list(int certs_only, int plain_only) | 198 | sshkey_alg_list(int certs_only, int plain_only, char sep) |
200 | { | 199 | { |
201 | char *tmp, *ret = NULL; | 200 | char *tmp, *ret = NULL; |
202 | size_t nlen, rlen = 0; | 201 | size_t nlen, rlen = 0; |
@@ -208,7 +207,7 @@ key_alg_list(int certs_only, int plain_only) | |||
208 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) | 207 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) |
209 | continue; | 208 | continue; |
210 | if (ret != NULL) | 209 | if (ret != NULL) |
211 | ret[rlen++] = '\n'; | 210 | ret[rlen++] = sep; |
212 | nlen = strlen(kt->name); | 211 | nlen = strlen(kt->name); |
213 | if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { | 212 | if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { |
214 | free(ret); | 213 | free(ret); |
@@ -513,7 +512,6 @@ sshkey_new(int type) | |||
513 | default: | 512 | default: |
514 | free(k); | 513 | free(k); |
515 | return NULL; | 514 | return NULL; |
516 | break; | ||
517 | } | 515 | } |
518 | 516 | ||
519 | if (sshkey_is_cert(k)) { | 517 | if (sshkey_is_cert(k)) { |
@@ -888,9 +886,12 @@ sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg, | |||
888 | int nlen = BN_num_bytes(k->rsa->n); | 886 | int nlen = BN_num_bytes(k->rsa->n); |
889 | int elen = BN_num_bytes(k->rsa->e); | 887 | int elen = BN_num_bytes(k->rsa->e); |
890 | 888 | ||
889 | if (nlen < 0 || elen < 0 || nlen >= INT_MAX - elen) { | ||
890 | r = SSH_ERR_INVALID_FORMAT; | ||
891 | goto out; | ||
892 | } | ||
891 | blob_len = nlen + elen; | 893 | blob_len = nlen + elen; |
892 | if (nlen >= INT_MAX - elen || | 894 | if ((blob = malloc(blob_len)) == NULL) { |
893 | (blob = malloc(blob_len)) == NULL) { | ||
894 | r = SSH_ERR_ALLOC_FAIL; | 895 | r = SSH_ERR_ALLOC_FAIL; |
895 | goto out; | 896 | goto out; |
896 | } | 897 | } |
@@ -1082,10 +1083,10 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, | |||
1082 | y += (input & 0x2) ? 1 : -1; | 1083 | y += (input & 0x2) ? 1 : -1; |
1083 | 1084 | ||
1084 | /* assure we are still in bounds */ | 1085 | /* assure we are still in bounds */ |
1085 | x = MAX(x, 0); | 1086 | x = MAXIMUM(x, 0); |
1086 | y = MAX(y, 0); | 1087 | y = MAXIMUM(y, 0); |
1087 | x = MIN(x, FLDSIZE_X - 1); | 1088 | x = MINIMUM(x, FLDSIZE_X - 1); |
1088 | y = MIN(y, FLDSIZE_Y - 1); | 1089 | y = MINIMUM(y, FLDSIZE_Y - 1); |
1089 | 1090 | ||
1090 | /* augment the field */ | 1091 | /* augment the field */ |
1091 | if (field[x][y] < len - 2) | 1092 | if (field[x][y] < len - 2) |
@@ -1126,7 +1127,7 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, | |||
1126 | for (y = 0; y < FLDSIZE_Y; y++) { | 1127 | for (y = 0; y < FLDSIZE_Y; y++) { |
1127 | *p++ = '|'; | 1128 | *p++ = '|'; |
1128 | for (x = 0; x < FLDSIZE_X; x++) | 1129 | for (x = 0; x < FLDSIZE_X; x++) |
1129 | *p++ = augmentation_string[MIN(field[x][y], len)]; | 1130 | *p++ = augmentation_string[MINIMUM(field[x][y], len)]; |
1130 | *p++ = '|'; | 1131 | *p++ = '|'; |
1131 | *p++ = '\n'; | 1132 | *p++ = '\n'; |
1132 | } | 1133 | } |
@@ -2862,6 +2863,14 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
2862 | BIGNUM *order, *x, *y, *tmp; | 2863 | BIGNUM *order, *x, *y, *tmp; |
2863 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; | 2864 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; |
2864 | 2865 | ||
2866 | /* | ||
2867 | * NB. This assumes OpenSSL has already verified that the public | ||
2868 | * point lies on the curve. This is done by EC_POINT_oct2point() | ||
2869 | * implicitly calling EC_POINT_is_on_curve(). If this code is ever | ||
2870 | * reachable with public points not unmarshalled using | ||
2871 | * EC_POINT_oct2point then the caller will need to explicitly check. | ||
2872 | */ | ||
2873 | |||
2865 | if ((bnctx = BN_CTX_new()) == NULL) | 2874 | if ((bnctx = BN_CTX_new()) == NULL) |
2866 | return SSH_ERR_ALLOC_FAIL; | 2875 | return SSH_ERR_ALLOC_FAIL; |
2867 | BN_CTX_start(bnctx); | 2876 | BN_CTX_start(bnctx); |
@@ -3029,13 +3038,11 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, | |||
3029 | size_t i, pubkeylen, keylen, ivlen, blocksize, authlen; | 3038 | size_t i, pubkeylen, keylen, ivlen, blocksize, authlen; |
3030 | u_int check; | 3039 | u_int check; |
3031 | int r = SSH_ERR_INTERNAL_ERROR; | 3040 | int r = SSH_ERR_INTERNAL_ERROR; |
3032 | struct sshcipher_ctx ciphercontext; | 3041 | struct sshcipher_ctx *ciphercontext = NULL; |
3033 | const struct sshcipher *cipher; | 3042 | const struct sshcipher *cipher; |
3034 | const char *kdfname = KDFNAME; | 3043 | const char *kdfname = KDFNAME; |
3035 | struct sshbuf *encoded = NULL, *encrypted = NULL, *kdf = NULL; | 3044 | struct sshbuf *encoded = NULL, *encrypted = NULL, *kdf = NULL; |
3036 | 3045 | ||
3037 | memset(&ciphercontext, 0, sizeof(ciphercontext)); | ||
3038 | |||
3039 | if (rounds <= 0) | 3046 | if (rounds <= 0) |
3040 | rounds = DEFAULT_ROUNDS; | 3047 | rounds = DEFAULT_ROUNDS; |
3041 | if (passphrase == NULL || !strlen(passphrase)) { | 3048 | if (passphrase == NULL || !strlen(passphrase)) { |
@@ -3122,7 +3129,7 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, | |||
3122 | if ((r = sshbuf_reserve(encoded, | 3129 | if ((r = sshbuf_reserve(encoded, |
3123 | sshbuf_len(encrypted) + authlen, &cp)) != 0) | 3130 | sshbuf_len(encrypted) + authlen, &cp)) != 0) |
3124 | goto out; | 3131 | goto out; |
3125 | if ((r = cipher_crypt(&ciphercontext, 0, cp, | 3132 | if ((r = cipher_crypt(ciphercontext, 0, cp, |
3126 | sshbuf_ptr(encrypted), sshbuf_len(encrypted), 0, authlen)) != 0) | 3133 | sshbuf_ptr(encrypted), sshbuf_len(encrypted), 0, authlen)) != 0) |
3127 | goto out; | 3134 | goto out; |
3128 | 3135 | ||
@@ -3154,7 +3161,7 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, | |||
3154 | sshbuf_free(kdf); | 3161 | sshbuf_free(kdf); |
3155 | sshbuf_free(encoded); | 3162 | sshbuf_free(encoded); |
3156 | sshbuf_free(encrypted); | 3163 | sshbuf_free(encrypted); |
3157 | cipher_cleanup(&ciphercontext); | 3164 | cipher_free(ciphercontext); |
3158 | explicit_bzero(salt, sizeof(salt)); | 3165 | explicit_bzero(salt, sizeof(salt)); |
3159 | if (key != NULL) { | 3166 | if (key != NULL) { |
3160 | explicit_bzero(key, keylen + ivlen); | 3167 | explicit_bzero(key, keylen + ivlen); |
@@ -3183,12 +3190,11 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, | |||
3183 | size_t i, keylen = 0, ivlen = 0, authlen = 0, slen = 0; | 3190 | size_t i, keylen = 0, ivlen = 0, authlen = 0, slen = 0; |
3184 | struct sshbuf *encoded = NULL, *decoded = NULL; | 3191 | struct sshbuf *encoded = NULL, *decoded = NULL; |
3185 | struct sshbuf *kdf = NULL, *decrypted = NULL; | 3192 | struct sshbuf *kdf = NULL, *decrypted = NULL; |
3186 | struct sshcipher_ctx ciphercontext; | 3193 | struct sshcipher_ctx *ciphercontext = NULL; |
3187 | struct sshkey *k = NULL; | 3194 | struct sshkey *k = NULL; |
3188 | u_char *key = NULL, *salt = NULL, *dp, pad, last; | 3195 | u_char *key = NULL, *salt = NULL, *dp, pad, last; |
3189 | u_int blocksize, rounds, nkeys, encrypted_len, check1, check2; | 3196 | u_int blocksize, rounds, nkeys, encrypted_len, check1, check2; |
3190 | 3197 | ||
3191 | memset(&ciphercontext, 0, sizeof(ciphercontext)); | ||
3192 | if (keyp != NULL) | 3198 | if (keyp != NULL) |
3193 | *keyp = NULL; | 3199 | *keyp = NULL; |
3194 | if (commentp != NULL) | 3200 | if (commentp != NULL) |
@@ -3317,7 +3323,7 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, | |||
3317 | (r = cipher_init(&ciphercontext, cipher, key, keylen, | 3323 | (r = cipher_init(&ciphercontext, cipher, key, keylen, |
3318 | key + keylen, ivlen, 0)) != 0) | 3324 | key + keylen, ivlen, 0)) != 0) |
3319 | goto out; | 3325 | goto out; |
3320 | if ((r = cipher_crypt(&ciphercontext, 0, dp, sshbuf_ptr(decoded), | 3326 | if ((r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(decoded), |
3321 | encrypted_len, 0, authlen)) != 0) { | 3327 | encrypted_len, 0, authlen)) != 0) { |
3322 | /* an integrity error here indicates an incorrect passphrase */ | 3328 | /* an integrity error here indicates an incorrect passphrase */ |
3323 | if (r == SSH_ERR_MAC_INVALID) | 3329 | if (r == SSH_ERR_MAC_INVALID) |
@@ -3371,7 +3377,7 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, | |||
3371 | } | 3377 | } |
3372 | out: | 3378 | out: |
3373 | pad = 0; | 3379 | pad = 0; |
3374 | cipher_cleanup(&ciphercontext); | 3380 | cipher_free(ciphercontext); |
3375 | free(ciphername); | 3381 | free(ciphername); |
3376 | free(kdfname); | 3382 | free(kdfname); |
3377 | free(comment); | 3383 | free(comment); |
@@ -3405,7 +3411,7 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob, | |||
3405 | struct sshbuf *buffer = NULL, *encrypted = NULL; | 3411 | struct sshbuf *buffer = NULL, *encrypted = NULL; |
3406 | u_char buf[8]; | 3412 | u_char buf[8]; |
3407 | int r, cipher_num; | 3413 | int r, cipher_num; |
3408 | struct sshcipher_ctx ciphercontext; | 3414 | struct sshcipher_ctx *ciphercontext = NULL; |
3409 | const struct sshcipher *cipher; | 3415 | const struct sshcipher *cipher; |
3410 | u_char *cp; | 3416 | u_char *cp; |
3411 | 3417 | ||
@@ -3475,16 +3481,14 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob, | |||
3475 | if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, | 3481 | if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, |
3476 | CIPHER_ENCRYPT)) != 0) | 3482 | CIPHER_ENCRYPT)) != 0) |
3477 | goto out; | 3483 | goto out; |
3478 | if ((r = cipher_crypt(&ciphercontext, 0, cp, | 3484 | if ((r = cipher_crypt(ciphercontext, 0, cp, |
3479 | sshbuf_ptr(buffer), sshbuf_len(buffer), 0, 0)) != 0) | 3485 | sshbuf_ptr(buffer), sshbuf_len(buffer), 0, 0)) != 0) |
3480 | goto out; | 3486 | goto out; |
3481 | if ((r = cipher_cleanup(&ciphercontext)) != 0) | ||
3482 | goto out; | ||
3483 | 3487 | ||
3484 | r = sshbuf_putb(blob, encrypted); | 3488 | r = sshbuf_putb(blob, encrypted); |
3485 | 3489 | ||
3486 | out: | 3490 | out: |
3487 | explicit_bzero(&ciphercontext, sizeof(ciphercontext)); | 3491 | cipher_free(ciphercontext); |
3488 | explicit_bzero(buf, sizeof(buf)); | 3492 | explicit_bzero(buf, sizeof(buf)); |
3489 | sshbuf_free(buffer); | 3493 | sshbuf_free(buffer); |
3490 | sshbuf_free(encrypted); | 3494 | sshbuf_free(encrypted); |
@@ -3654,7 +3658,7 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
3654 | struct sshbuf *decrypted = NULL, *copy = NULL; | 3658 | struct sshbuf *decrypted = NULL, *copy = NULL; |
3655 | u_char *cp; | 3659 | u_char *cp; |
3656 | char *comment = NULL; | 3660 | char *comment = NULL; |
3657 | struct sshcipher_ctx ciphercontext; | 3661 | struct sshcipher_ctx *ciphercontext = NULL; |
3658 | const struct sshcipher *cipher; | 3662 | const struct sshcipher *cipher; |
3659 | struct sshkey *prv = NULL; | 3663 | struct sshkey *prv = NULL; |
3660 | 3664 | ||
@@ -3712,12 +3716,8 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
3712 | if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, | 3716 | if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, |
3713 | CIPHER_DECRYPT)) != 0) | 3717 | CIPHER_DECRYPT)) != 0) |
3714 | goto out; | 3718 | goto out; |
3715 | if ((r = cipher_crypt(&ciphercontext, 0, cp, | 3719 | if ((r = cipher_crypt(ciphercontext, 0, cp, |
3716 | sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0) { | 3720 | sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0) |
3717 | cipher_cleanup(&ciphercontext); | ||
3718 | goto out; | ||
3719 | } | ||
3720 | if ((r = cipher_cleanup(&ciphercontext)) != 0) | ||
3721 | goto out; | 3721 | goto out; |
3722 | 3722 | ||
3723 | if ((r = sshbuf_get_u16(decrypted, &check1)) != 0 || | 3723 | if ((r = sshbuf_get_u16(decrypted, &check1)) != 0 || |
@@ -3754,7 +3754,7 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
3754 | comment = NULL; | 3754 | comment = NULL; |
3755 | } | 3755 | } |
3756 | out: | 3756 | out: |
3757 | explicit_bzero(&ciphercontext, sizeof(ciphercontext)); | 3757 | cipher_free(ciphercontext); |
3758 | free(comment); | 3758 | free(comment); |
3759 | sshkey_free(prv); | 3759 | sshkey_free(prv); |
3760 | sshbuf_free(copy); | 3760 | sshbuf_free(copy); |