diff options
-rw-r--r-- | Makefile.in | 6 | ||||
-rw-r--r-- | krl.c | 62 | ||||
-rw-r--r-- | sshbuf-getput-basic.c | 38 | ||||
-rw-r--r-- | sshbuf-getput-crypto.c | 18 | ||||
-rw-r--r-- | sshbuf.h | 4 |
5 files changed, 87 insertions, 41 deletions
diff --git a/Makefile.in b/Makefile.in index 9b485fba8..ebd48c303 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -70,7 +70,9 @@ LIBOPENSSH_OBJS=\ | |||
70 | sshkey.o \ | 70 | sshkey.o \ |
71 | sshbuf-getput-basic.o \ | 71 | sshbuf-getput-basic.o \ |
72 | sshbuf-misc.o \ | 72 | sshbuf-misc.o \ |
73 | sshbuf-getput-crypto.o | 73 | sshbuf-getput-crypto.o \ |
74 | krl.o \ | ||
75 | bitmap.o | ||
74 | 76 | ||
75 | LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | 77 | LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ |
76 | authfd.o authfile.o bufaux.o bufbn.o buffer.o \ | 78 | authfd.o authfile.o bufaux.o bufbn.o buffer.o \ |
@@ -83,7 +85,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | |||
83 | monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ | 85 | monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ |
84 | kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ | 86 | kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ |
85 | msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ | 87 | msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ |
86 | ssh-pkcs11.o krl.o smult_curve25519_ref.o \ | 88 | ssh-pkcs11.o smult_curve25519_ref.o \ |
87 | kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \ | 89 | kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \ |
88 | ssh-ed25519.o digest-openssl.o hmac.o \ | 90 | ssh-ed25519.o digest-openssl.o hmac.o \ |
89 | sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o | 91 | sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o |
@@ -14,7 +14,7 @@ | |||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
15 | */ | 15 | */ |
16 | 16 | ||
17 | /* $OpenBSD: krl.c,v 1.25 2015/01/13 19:04:35 djm Exp $ */ | 17 | /* $OpenBSD: krl.c,v 1.26 2015/01/14 15:02:39 djm Exp $ */ |
18 | 18 | ||
19 | #include "includes.h" | 19 | #include "includes.h" |
20 | 20 | ||
@@ -37,6 +37,7 @@ | |||
37 | #include "misc.h" | 37 | #include "misc.h" |
38 | #include "log.h" | 38 | #include "log.h" |
39 | #include "digest.h" | 39 | #include "digest.h" |
40 | #include "bitmap.h" | ||
40 | 41 | ||
41 | #include "krl.h" | 42 | #include "krl.h" |
42 | 43 | ||
@@ -519,6 +520,25 @@ choose_next_state(int current_state, u_int64_t contig, int final, | |||
519 | return new_state; | 520 | return new_state; |
520 | } | 521 | } |
521 | 522 | ||
523 | static int | ||
524 | put_bitmap(struct sshbuf *buf, struct bitmap *bitmap) | ||
525 | { | ||
526 | size_t len; | ||
527 | u_char *blob; | ||
528 | int r; | ||
529 | |||
530 | len = bitmap_nbytes(bitmap); | ||
531 | if ((blob = malloc(len)) == NULL) | ||
532 | return SSH_ERR_ALLOC_FAIL; | ||
533 | if (bitmap_to_string(bitmap, blob, len) != 0) { | ||
534 | free(blob); | ||
535 | return SSH_ERR_INTERNAL_ERROR; | ||
536 | } | ||
537 | r = sshbuf_put_bignum2_bytes(buf, blob, len); | ||
538 | free(blob); | ||
539 | return r; | ||
540 | } | ||
541 | |||
522 | /* Generate a KRL_SECTION_CERTIFICATES KRL section */ | 542 | /* Generate a KRL_SECTION_CERTIFICATES KRL section */ |
523 | static int | 543 | static int |
524 | revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) | 544 | revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) |
@@ -529,7 +549,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) | |||
529 | struct revoked_key_id *rki; | 549 | struct revoked_key_id *rki; |
530 | int next_state, state = 0; | 550 | int next_state, state = 0; |
531 | struct sshbuf *sect; | 551 | struct sshbuf *sect; |
532 | BIGNUM *bitmap = NULL; | 552 | struct bitmap *bitmap = NULL; |
533 | 553 | ||
534 | if ((sect = sshbuf_new()) == NULL) | 554 | if ((sect = sshbuf_new()) == NULL) |
535 | return SSH_ERR_ALLOC_FAIL; | 555 | return SSH_ERR_ALLOC_FAIL; |
@@ -572,9 +592,9 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) | |||
572 | case KRL_SECTION_CERT_SERIAL_RANGE: | 592 | case KRL_SECTION_CERT_SERIAL_RANGE: |
573 | break; | 593 | break; |
574 | case KRL_SECTION_CERT_SERIAL_BITMAP: | 594 | case KRL_SECTION_CERT_SERIAL_BITMAP: |
575 | if ((r = sshbuf_put_bignum2(sect, bitmap)) != 0) | 595 | if ((r = put_bitmap(sect, bitmap)) != 0) |
576 | goto out; | 596 | goto out; |
577 | BN_free(bitmap); | 597 | bitmap_free(bitmap); |
578 | bitmap = NULL; | 598 | bitmap = NULL; |
579 | break; | 599 | break; |
580 | } | 600 | } |
@@ -595,7 +615,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) | |||
595 | case KRL_SECTION_CERT_SERIAL_RANGE: | 615 | case KRL_SECTION_CERT_SERIAL_RANGE: |
596 | break; | 616 | break; |
597 | case KRL_SECTION_CERT_SERIAL_BITMAP: | 617 | case KRL_SECTION_CERT_SERIAL_BITMAP: |
598 | if ((bitmap = BN_new()) == NULL) { | 618 | if ((bitmap = bitmap_new()) == NULL) { |
599 | r = SSH_ERR_ALLOC_FAIL; | 619 | r = SSH_ERR_ALLOC_FAIL; |
600 | goto out; | 620 | goto out; |
601 | } | 621 | } |
@@ -626,8 +646,8 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) | |||
626 | goto out; | 646 | goto out; |
627 | } | 647 | } |
628 | for (i = 0; i < contig; i++) { | 648 | for (i = 0; i < contig; i++) { |
629 | if (BN_set_bit(bitmap, | 649 | if (bitmap_set_bit(bitmap, |
630 | rs->lo + i - bitmap_start) != 1) { | 650 | rs->lo + i - bitmap_start) != 0) { |
631 | r = SSH_ERR_ALLOC_FAIL; | 651 | r = SSH_ERR_ALLOC_FAIL; |
632 | goto out; | 652 | goto out; |
633 | } | 653 | } |
@@ -645,9 +665,9 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) | |||
645 | case KRL_SECTION_CERT_SERIAL_RANGE: | 665 | case KRL_SECTION_CERT_SERIAL_RANGE: |
646 | break; | 666 | break; |
647 | case KRL_SECTION_CERT_SERIAL_BITMAP: | 667 | case KRL_SECTION_CERT_SERIAL_BITMAP: |
648 | if ((r = sshbuf_put_bignum2(sect, bitmap)) != 0) | 668 | if ((r = put_bitmap(sect, bitmap)) != 0) |
649 | goto out; | 669 | goto out; |
650 | BN_free(bitmap); | 670 | bitmap_free(bitmap); |
651 | bitmap = NULL; | 671 | bitmap = NULL; |
652 | break; | 672 | break; |
653 | } | 673 | } |
@@ -671,8 +691,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) | |||
671 | } | 691 | } |
672 | r = 0; | 692 | r = 0; |
673 | out: | 693 | out: |
674 | if (bitmap != NULL) | 694 | bitmap_free(bitmap); |
675 | BN_free(bitmap); | ||
676 | sshbuf_free(sect); | 695 | sshbuf_free(sect); |
677 | return r; | 696 | return r; |
678 | } | 697 | } |
@@ -784,13 +803,13 @@ format_timestamp(u_int64_t timestamp, char *ts, size_t nts) | |||
784 | static int | 803 | static int |
785 | parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl) | 804 | parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl) |
786 | { | 805 | { |
787 | int r = SSH_ERR_INTERNAL_ERROR, nbits; | 806 | int r = SSH_ERR_INTERNAL_ERROR; |
788 | u_char type; | 807 | u_char type; |
789 | const u_char *blob; | 808 | const u_char *blob; |
790 | size_t blen; | 809 | size_t blen, nbits; |
791 | struct sshbuf *subsect = NULL; | 810 | struct sshbuf *subsect = NULL; |
792 | u_int64_t serial, serial_lo, serial_hi; | 811 | u_int64_t serial, serial_lo, serial_hi; |
793 | BIGNUM *bitmap = NULL; | 812 | struct bitmap *bitmap = NULL; |
794 | char *key_id = NULL; | 813 | char *key_id = NULL; |
795 | struct sshkey *ca_key = NULL; | 814 | struct sshkey *ca_key = NULL; |
796 | 815 | ||
@@ -834,31 +853,32 @@ parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl) | |||
834 | goto out; | 853 | goto out; |
835 | break; | 854 | break; |
836 | case KRL_SECTION_CERT_SERIAL_BITMAP: | 855 | case KRL_SECTION_CERT_SERIAL_BITMAP: |
837 | if ((bitmap = BN_new()) == NULL) { | 856 | if ((bitmap = bitmap_new()) == NULL) { |
838 | r = SSH_ERR_ALLOC_FAIL; | 857 | r = SSH_ERR_ALLOC_FAIL; |
839 | goto out; | 858 | goto out; |
840 | } | 859 | } |
841 | if ((r = sshbuf_get_u64(subsect, &serial_lo)) != 0 || | 860 | if ((r = sshbuf_get_u64(subsect, &serial_lo)) != 0 || |
842 | (r = sshbuf_get_bignum2(subsect, bitmap)) != 0) | 861 | (r = sshbuf_get_bignum2_bytes_direct(subsect, |
862 | &blob, &blen)) != 0) | ||
843 | goto out; | 863 | goto out; |
844 | if ((nbits = BN_num_bits(bitmap)) < 0) { | 864 | if (bitmap_from_string(bitmap, blob, blen) != 0) { |
845 | error("%s: bitmap bits < 0", __func__); | ||
846 | r = SSH_ERR_INVALID_FORMAT; | 865 | r = SSH_ERR_INVALID_FORMAT; |
847 | goto out; | 866 | goto out; |
848 | } | 867 | } |
868 | nbits = bitmap_nbits(bitmap); | ||
849 | for (serial = 0; serial < (u_int64_t)nbits; serial++) { | 869 | for (serial = 0; serial < (u_int64_t)nbits; serial++) { |
850 | if (serial > 0 && serial_lo + serial == 0) { | 870 | if (serial > 0 && serial_lo + serial == 0) { |
851 | error("%s: bitmap wraps u64", __func__); | 871 | error("%s: bitmap wraps u64", __func__); |
852 | r = SSH_ERR_INVALID_FORMAT; | 872 | r = SSH_ERR_INVALID_FORMAT; |
853 | goto out; | 873 | goto out; |
854 | } | 874 | } |
855 | if (!BN_is_bit_set(bitmap, serial)) | 875 | if (!bitmap_test_bit(bitmap, serial)) |
856 | continue; | 876 | continue; |
857 | if ((r = ssh_krl_revoke_cert_by_serial(krl, | 877 | if ((r = ssh_krl_revoke_cert_by_serial(krl, |
858 | ca_key, serial_lo + serial)) != 0) | 878 | ca_key, serial_lo + serial)) != 0) |
859 | goto out; | 879 | goto out; |
860 | } | 880 | } |
861 | BN_free(bitmap); | 881 | bitmap_free(bitmap); |
862 | bitmap = NULL; | 882 | bitmap = NULL; |
863 | break; | 883 | break; |
864 | case KRL_SECTION_CERT_KEY_ID: | 884 | case KRL_SECTION_CERT_KEY_ID: |
@@ -888,7 +908,7 @@ parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl) | |||
888 | r = 0; | 908 | r = 0; |
889 | out: | 909 | out: |
890 | if (bitmap != NULL) | 910 | if (bitmap != NULL) |
891 | BN_free(bitmap); | 911 | bitmap_free(bitmap); |
892 | free(key_id); | 912 | free(key_id); |
893 | sshkey_free(ca_key); | 913 | sshkey_free(ca_key); |
894 | sshbuf_free(subsect); | 914 | sshbuf_free(subsect); |
diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 06d6cc492..8ff8a0a28 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf-getput-basic.c,v 1.3 2015/01/12 15:18:07 djm Exp $ */ | 1 | /* $OpenBSD: sshbuf-getput-basic.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -424,3 +424,39 @@ sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len) | |||
424 | memcpy(d + 4 + prepend, s, len); | 424 | memcpy(d + 4 + prepend, s, len); |
425 | return 0; | 425 | return 0; |
426 | } | 426 | } |
427 | |||
428 | int | ||
429 | sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, | ||
430 | const u_char **valp, size_t *lenp) | ||
431 | { | ||
432 | const u_char *d; | ||
433 | size_t len, olen; | ||
434 | int r; | ||
435 | |||
436 | if ((r = sshbuf_peek_string_direct(buf, &d, &olen)) < 0) | ||
437 | return r; | ||
438 | len = olen; | ||
439 | /* Refuse negative (MSB set) bignums */ | ||
440 | if ((len != 0 && (*d & 0x80) != 0)) | ||
441 | return SSH_ERR_BIGNUM_IS_NEGATIVE; | ||
442 | /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */ | ||
443 | if (len > SSHBUF_MAX_BIGNUM + 1 || | ||
444 | (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0)) | ||
445 | return SSH_ERR_BIGNUM_TOO_LARGE; | ||
446 | /* Trim leading zeros */ | ||
447 | while (len > 0 && *d == 0x00) { | ||
448 | d++; | ||
449 | len--; | ||
450 | } | ||
451 | if (valp != 0) | ||
452 | *valp = d; | ||
453 | if (lenp != NULL) | ||
454 | *lenp = len; | ||
455 | if (sshbuf_consume(buf, olen + 4) != 0) { | ||
456 | /* Shouldn't happen */ | ||
457 | SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); | ||
458 | SSHBUF_ABORT(); | ||
459 | return SSH_ERR_INTERNAL_ERROR; | ||
460 | } | ||
461 | return 0; | ||
462 | } | ||
diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c index 7fad28bb7..e2e093c00 100644 --- a/sshbuf-getput-crypto.c +++ b/sshbuf-getput-crypto.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf-getput-crypto.c,v 1.3 2015/01/12 15:18:07 djm Exp $ */ | 1 | /* $OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -38,24 +38,10 @@ sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v) | |||
38 | size_t len; | 38 | size_t len; |
39 | int r; | 39 | int r; |
40 | 40 | ||
41 | if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0) | 41 | if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0) |
42 | return r; | 42 | return r; |
43 | /* Refuse negative (MSB set) bignums */ | ||
44 | if ((len != 0 && (*d & 0x80) != 0)) | ||
45 | return SSH_ERR_BIGNUM_IS_NEGATIVE; | ||
46 | /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */ | ||
47 | if (len > SSHBUF_MAX_BIGNUM + 1 || | ||
48 | (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0)) | ||
49 | return SSH_ERR_BIGNUM_TOO_LARGE; | ||
50 | if (v != NULL && BN_bin2bn(d, len, v) == NULL) | 43 | if (v != NULL && BN_bin2bn(d, len, v) == NULL) |
51 | return SSH_ERR_ALLOC_FAIL; | 44 | return SSH_ERR_ALLOC_FAIL; |
52 | /* Consume the string */ | ||
53 | if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) { | ||
54 | /* Shouldn't happen */ | ||
55 | SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); | ||
56 | SSHBUF_ABORT(); | ||
57 | return SSH_ERR_INTERNAL_ERROR; | ||
58 | } | ||
59 | return 0; | 45 | return 0; |
60 | } | 46 | } |
61 | 47 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf.h,v 1.3 2014/06/24 01:13:21 djm Exp $ */ | 1 | /* $OpenBSD: sshbuf.h,v 1.4 2015/01/14 15:02:39 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -212,6 +212,8 @@ int sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len); | |||
212 | #ifdef WITH_OPENSSL | 212 | #ifdef WITH_OPENSSL |
213 | int sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v); | 213 | int sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v); |
214 | int sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v); | 214 | int sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v); |
215 | int sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, | ||
216 | const u_char **valp, size_t *lenp); | ||
215 | int sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v); | 217 | int sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v); |
216 | int sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v); | 218 | int sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v); |
217 | # ifdef OPENSSL_HAS_ECC | 219 | # ifdef OPENSSL_HAS_ECC |