1 files changed, 3 insertions, 166 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 4ce469605..1a47e4174 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.77 2013/11/06 16:52:11 markus Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.79 2014/02/02 03:44:31 djm Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -71,8 +71,6 @@
 #include "atomicio.h"
 #include "monitor_fdpass.h"
 #include "misc.h"
-#include "schnorr.h"
-#include "jpake.h"
 #include "uuencode.h"
 #include "channels.h"
@@ -574,7 +572,7 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
                *blobp = xmalloc(len);
                memcpy(*blobp, buffer_ptr(&b), len);
        }
-        memset(buffer_ptr(&b), 0, len);
+        explicit_bzero(buffer_ptr(&b), len);
        buffer_free(&b);
        return len;
 }
@@ -618,7 +616,7 @@ mm_send_keystate(struct monitor *monitor)
                key = xmalloc(keylen+1);        /* add 1 if keylen == 0 */
                keylen = packet_get_encryption_key(key);
                buffer_put_string(&m, key, keylen);
-                memset(key, 0, keylen);
+                explicit_bzero(key, keylen);
                free(key);
                ivlen = packet_get_keyiv_len(MODE_OUT);
@@ -1292,164 +1290,3 @@ mm_ssh_gssapi_userok(char *user)
 }
 #endif /* GSSAPI */
-#ifdef JPAKE
-void
-mm_auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s,
-    char **hash_scheme, char **salt)
-{
-        Buffer m;
-        debug3("%s entering", __func__);
-        buffer_init(&m);
-        mm_request_send(pmonitor->m_recvfd,
-            MONITOR_REQ_JPAKE_GET_PWDATA, &m);
-        debug3("%s: waiting for MONITOR_ANS_JPAKE_GET_PWDATA", __func__);
-        mm_request_receive_expect(pmonitor->m_recvfd,
-            MONITOR_ANS_JPAKE_GET_PWDATA, &m);
-        *hash_scheme = buffer_get_string(&m, NULL);
-        *salt = buffer_get_string(&m, NULL);
-        buffer_free(&m);
-}
-void
-mm_jpake_step1(struct modp_group *grp,
-    u_char **id, u_int *id_len,
-    BIGNUM **priv1, BIGNUM **priv2, BIGNUM **g_priv1, BIGNUM **g_priv2,
-    u_char **priv1_proof, u_int *priv1_proof_len,
-    u_char **priv2_proof, u_int *priv2_proof_len)
-{
-        Buffer m;
-        debug3("%s entering", __func__);
-        buffer_init(&m);
-        mm_request_send(pmonitor->m_recvfd,
-            MONITOR_REQ_JPAKE_STEP1, &m);
-        debug3("%s: waiting for MONITOR_ANS_JPAKE_STEP1", __func__);
-        mm_request_receive_expect(pmonitor->m_recvfd,
-            MONITOR_ANS_JPAKE_STEP1, &m);
-        if ((*priv1 = BN_new()) == NULL ||
-            (*priv2 = BN_new()) == NULL ||
-            (*g_priv1 = BN_new()) == NULL ||
-            (*g_priv2 = BN_new()) == NULL)
-                fatal("%s: BN_new", __func__);
-        *id = buffer_get_string(&m, id_len);
-        /* priv1 and priv2 are, well, private */
-        buffer_get_bignum2(&m, *g_priv1);
-        buffer_get_bignum2(&m, *g_priv2);
-        *priv1_proof = buffer_get_string(&m, priv1_proof_len);
-        *priv2_proof = buffer_get_string(&m, priv2_proof_len);
-        buffer_free(&m);
-}
-void
-mm_jpake_step2(struct modp_group *grp, BIGNUM *s,
-    BIGNUM *mypub1, BIGNUM *theirpub1, BIGNUM *theirpub2, BIGNUM *mypriv2,
-    const u_char *theirid, u_int theirid_len,
-    const u_char *myid, u_int myid_len,
-    const u_char *theirpub1_proof, u_int theirpub1_proof_len,
-    const u_char *theirpub2_proof, u_int theirpub2_proof_len,
-    BIGNUM **newpub,
-    u_char **newpub_exponent_proof, u_int *newpub_exponent_proof_len)
-{
-        Buffer m;
-        debug3("%s entering", __func__);
-        buffer_init(&m);
-        /* monitor already has all bignums except theirpub1, theirpub2 */
-        buffer_put_bignum2(&m, theirpub1);
-        buffer_put_bignum2(&m, theirpub2);
-        /* monitor already knows our id */
-        buffer_put_string(&m, theirid, theirid_len);
-        buffer_put_string(&m, theirpub1_proof, theirpub1_proof_len);
-        buffer_put_string(&m, theirpub2_proof, theirpub2_proof_len);
-        mm_request_send(pmonitor->m_recvfd,
-            MONITOR_REQ_JPAKE_STEP2, &m);
-        debug3("%s: waiting for MONITOR_ANS_JPAKE_STEP2", __func__);
-        mm_request_receive_expect(pmonitor->m_recvfd,
-            MONITOR_ANS_JPAKE_STEP2, &m);
-        if ((*newpub = BN_new()) == NULL)
-                fatal("%s: BN_new", __func__);
-        buffer_get_bignum2(&m, *newpub);
-        *newpub_exponent_proof = buffer_get_string(&m,
-            newpub_exponent_proof_len);
-        buffer_free(&m);
-}
-void
-mm_jpake_key_confirm(struct modp_group *grp, BIGNUM *s, BIGNUM *step2_val,
-    BIGNUM *mypriv2, BIGNUM *mypub1, BIGNUM *mypub2,
-    BIGNUM *theirpub1, BIGNUM *theirpub2,
-    const u_char *my_id, u_int my_id_len,
-    const u_char *their_id, u_int their_id_len,
-    const u_char *sess_id, u_int sess_id_len,
-    const u_char *theirpriv2_s_proof, u_int theirpriv2_s_proof_len,
-    BIGNUM **k,
-    u_char **confirm_hash, u_int *confirm_hash_len)
-{
-        Buffer m;
-        debug3("%s entering", __func__);
-        buffer_init(&m);
-        /* monitor already has all bignums except step2_val */
-        buffer_put_bignum2(&m, step2_val);
-        /* monitor already knows all the ids */
-        buffer_put_string(&m, theirpriv2_s_proof, theirpriv2_s_proof_len);
-        mm_request_send(pmonitor->m_recvfd,
-            MONITOR_REQ_JPAKE_KEY_CONFIRM, &m);
-        debug3("%s: waiting for MONITOR_ANS_JPAKE_KEY_CONFIRM", __func__);
-        mm_request_receive_expect(pmonitor->m_recvfd,
-            MONITOR_ANS_JPAKE_KEY_CONFIRM, &m);
-        /* 'k' is sensitive and stays in the monitor */
-        *confirm_hash = buffer_get_string(&m, confirm_hash_len);
-        buffer_free(&m);
-}
-int
-mm_jpake_check_confirm(const BIGNUM *k,
-    const u_char *peer_id, u_int peer_id_len,
-    const u_char *sess_id, u_int sess_id_len,
-    const u_char *peer_confirm_hash, u_int peer_confirm_hash_len)
-{
-        Buffer m;
-        int success = 0;
-        debug3("%s entering", __func__);
-        buffer_init(&m);
-        /* k is dummy in slave, ignored */
-        /* monitor knows all the ids */
-        buffer_put_string(&m, peer_confirm_hash, peer_confirm_hash_len);
-        mm_request_send(pmonitor->m_recvfd,
-            MONITOR_REQ_JPAKE_CHECK_CONFIRM, &m);
-        debug3("%s: waiting for MONITOR_ANS_JPAKE_CHECK_CONFIRM", __func__);
-        mm_request_receive_expect(pmonitor->m_recvfd,
-            MONITOR_ANS_JPAKE_CHECK_CONFIRM, &m);
-        success = buffer_get_int(&m);
-        buffer_free(&m);
-        debug3("%s: success = %d", __func__, success);
-        return success;
-}
-#endif /* JPAKE */

diff --git a/monitor_wrap.c b/monitor_wrap.c index 4ce469605..1a47e4174 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor_wrap.c,v 1.77 2013/11/06 16:52:11 markus Exp $ */	1	/* $OpenBSD: monitor_wrap.c,v 1.79 2014/02/02 03:44:31 djm Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -71,8 +71,6 @@
71	#include "atomicio.h"	71	#include "atomicio.h"
72	#include "monitor_fdpass.h"	72	#include "monitor_fdpass.h"
73	#include "misc.h"	73	#include "misc.h"
74	#include "schnorr.h"
75	#include "jpake.h"
76	#include "uuencode.h"	74	#include "uuencode.h"
77		75
78	#include "channels.h"	76	#include "channels.h"
@@ -574,7 +572,7 @@ mm_newkeys_to_blob(int mode, u_char *blobp, u_int lenp)
574	*blobp = xmalloc(len);	572	*blobp = xmalloc(len);
575	memcpy(*blobp, buffer_ptr(&b), len);	573	memcpy(*blobp, buffer_ptr(&b), len);
576	}	574	}
577	memset(buffer_ptr(&b), 0, len);	575	explicit_bzero(buffer_ptr(&b), len);
578	buffer_free(&b);	576	buffer_free(&b);
579	return len;	577	return len;
580	}	578	}
@@ -618,7 +616,7 @@ mm_send_keystate(struct monitor *monitor)
618	key = xmalloc(keylen+1); /* add 1 if keylen == 0 */	616	key = xmalloc(keylen+1); /* add 1 if keylen == 0 */
619	keylen = packet_get_encryption_key(key);	617	keylen = packet_get_encryption_key(key);
620	buffer_put_string(&m, key, keylen);	618	buffer_put_string(&m, key, keylen);
621	memset(key, 0, keylen);	619	explicit_bzero(key, keylen);
622	free(key);	620	free(key);
623		621
624	ivlen = packet_get_keyiv_len(MODE_OUT);	622	ivlen = packet_get_keyiv_len(MODE_OUT);
@@ -1292,164 +1290,3 @@ mm_ssh_gssapi_userok(char *user)
1292	}	1290	}
1293	#endif /* GSSAPI */	1291	#endif /* GSSAPI */
1294		1292
1295	#ifdef JPAKE
1296	void
1297	mm_auth2_jpake_get_pwdata(Authctxt authctxt, BIGNUM *s,
1298	char hash_scheme, char salt)
1299	{
1300	Buffer m;
1301
1302	debug3("%s entering", __func__);
1303
1304	buffer_init(&m);
1305	mm_request_send(pmonitor->m_recvfd,
1306	MONITOR_REQ_JPAKE_GET_PWDATA, &m);
1307
1308	debug3("%s: waiting for MONITOR_ANS_JPAKE_GET_PWDATA", __func__);
1309	mm_request_receive_expect(pmonitor->m_recvfd,
1310	MONITOR_ANS_JPAKE_GET_PWDATA, &m);
1311
1312	*hash_scheme = buffer_get_string(&m, NULL);
1313	*salt = buffer_get_string(&m, NULL);
1314
1315	buffer_free(&m);
1316	}
1317
1318	void
1319	mm_jpake_step1(struct modp_group *grp,
1320	u_char *id, u_int id_len,
1321	BIGNUM priv1, BIGNUM priv2, BIGNUM g_priv1, BIGNUM g_priv2,
1322	u_char *priv1_proof, u_int priv1_proof_len,
1323	u_char *priv2_proof, u_int priv2_proof_len)
1324	{
1325	Buffer m;
1326
1327	debug3("%s entering", __func__);
1328
1329	buffer_init(&m);
1330	mm_request_send(pmonitor->m_recvfd,
1331	MONITOR_REQ_JPAKE_STEP1, &m);
1332
1333	debug3("%s: waiting for MONITOR_ANS_JPAKE_STEP1", __func__);
1334	mm_request_receive_expect(pmonitor->m_recvfd,
1335	MONITOR_ANS_JPAKE_STEP1, &m);
1336
1337	if ((*priv1 = BN_new()) == NULL \|\|
1338	(*priv2 = BN_new()) == NULL \|\|
1339	(*g_priv1 = BN_new()) == NULL \|\|
1340	(*g_priv2 = BN_new()) == NULL)
1341	fatal("%s: BN_new", __func__);
1342
1343	*id = buffer_get_string(&m, id_len);
1344	/* priv1 and priv2 are, well, private */
1345	buffer_get_bignum2(&m, *g_priv1);
1346	buffer_get_bignum2(&m, *g_priv2);
1347	*priv1_proof = buffer_get_string(&m, priv1_proof_len);
1348	*priv2_proof = buffer_get_string(&m, priv2_proof_len);
1349
1350	buffer_free(&m);
1351	}
1352
1353	void
1354	mm_jpake_step2(struct modp_group grp, BIGNUM s,
1355	BIGNUM mypub1, BIGNUM theirpub1, BIGNUM theirpub2, BIGNUM mypriv2,
1356	const u_char *theirid, u_int theirid_len,
1357	const u_char *myid, u_int myid_len,
1358	const u_char *theirpub1_proof, u_int theirpub1_proof_len,
1359	const u_char *theirpub2_proof, u_int theirpub2_proof_len,
1360	BIGNUM **newpub,
1361	u_char *newpub_exponent_proof, u_int newpub_exponent_proof_len)
1362	{
1363	Buffer m;
1364
1365	debug3("%s entering", __func__);
1366
1367	buffer_init(&m);
1368	/* monitor already has all bignums except theirpub1, theirpub2 */
1369	buffer_put_bignum2(&m, theirpub1);
1370	buffer_put_bignum2(&m, theirpub2);
1371	/* monitor already knows our id */
1372	buffer_put_string(&m, theirid, theirid_len);
1373	buffer_put_string(&m, theirpub1_proof, theirpub1_proof_len);
1374	buffer_put_string(&m, theirpub2_proof, theirpub2_proof_len);
1375
1376	mm_request_send(pmonitor->m_recvfd,
1377	MONITOR_REQ_JPAKE_STEP2, &m);
1378
1379	debug3("%s: waiting for MONITOR_ANS_JPAKE_STEP2", __func__);
1380	mm_request_receive_expect(pmonitor->m_recvfd,
1381	MONITOR_ANS_JPAKE_STEP2, &m);
1382
1383	if ((*newpub = BN_new()) == NULL)
1384	fatal("%s: BN_new", __func__);
1385
1386	buffer_get_bignum2(&m, *newpub);
1387	*newpub_exponent_proof = buffer_get_string(&m,
1388	newpub_exponent_proof_len);
1389
1390	buffer_free(&m);
1391	}
1392
1393	void
1394	mm_jpake_key_confirm(struct modp_group grp, BIGNUM s, BIGNUM *step2_val,
1395	BIGNUM mypriv2, BIGNUM mypub1, BIGNUM *mypub2,
1396	BIGNUM theirpub1, BIGNUM theirpub2,
1397	const u_char *my_id, u_int my_id_len,
1398	const u_char *their_id, u_int their_id_len,
1399	const u_char *sess_id, u_int sess_id_len,
1400	const u_char *theirpriv2_s_proof, u_int theirpriv2_s_proof_len,
1401	BIGNUM **k,
1402	u_char *confirm_hash, u_int confirm_hash_len)
1403	{
1404	Buffer m;
1405
1406	debug3("%s entering", __func__);
1407
1408	buffer_init(&m);
1409	/* monitor already has all bignums except step2_val */
1410	buffer_put_bignum2(&m, step2_val);
1411	/* monitor already knows all the ids */
1412	buffer_put_string(&m, theirpriv2_s_proof, theirpriv2_s_proof_len);
1413
1414	mm_request_send(pmonitor->m_recvfd,
1415	MONITOR_REQ_JPAKE_KEY_CONFIRM, &m);
1416
1417	debug3("%s: waiting for MONITOR_ANS_JPAKE_KEY_CONFIRM", __func__);
1418	mm_request_receive_expect(pmonitor->m_recvfd,
1419	MONITOR_ANS_JPAKE_KEY_CONFIRM, &m);
1420
1421	/* 'k' is sensitive and stays in the monitor */
1422	*confirm_hash = buffer_get_string(&m, confirm_hash_len);
1423
1424	buffer_free(&m);
1425	}
1426
1427	int
1428	mm_jpake_check_confirm(const BIGNUM *k,
1429	const u_char *peer_id, u_int peer_id_len,
1430	const u_char *sess_id, u_int sess_id_len,
1431	const u_char *peer_confirm_hash, u_int peer_confirm_hash_len)
1432	{
1433	Buffer m;
1434	int success = 0;
1435
1436	debug3("%s entering", __func__);
1437
1438	buffer_init(&m);
1439	/* k is dummy in slave, ignored */
1440	/* monitor knows all the ids */
1441	buffer_put_string(&m, peer_confirm_hash, peer_confirm_hash_len);
1442	mm_request_send(pmonitor->m_recvfd,
1443	MONITOR_REQ_JPAKE_CHECK_CONFIRM, &m);
1444
1445	debug3("%s: waiting for MONITOR_ANS_JPAKE_CHECK_CONFIRM", __func__);
1446	mm_request_receive_expect(pmonitor->m_recvfd,
1447	MONITOR_ANS_JPAKE_CHECK_CONFIRM, &m);
1448
1449	success = buffer_get_int(&m);
1450	buffer_free(&m);
1451
1452	debug3("%s: success = %d", __func__, success);
1453	return success;
1454	}
1455	#endif /* JPAKE */