2 files changed, 16 insertions, 154 deletions
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
index a68e1329e..5d39e63e1 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_getput_crypto.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_getput_crypto.c,v 1.2 2019/01/21 12:29:35 djm Exp $ */
 /*
 * Regress test for sshbuf.h buffer API
 *
@@ -33,7 +33,6 @@ sshbuf_getput_crypto_tests(void)
 {
        struct sshbuf *p1;
        BIGNUM *bn, *bn2;
-        /* This one has num_bits != num_bytes * 8 to test bignum1 encoding */
        const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10";
        /* This one has MSB set to test bignum2 encoding negative-avoidance */
        const char *hexbn2 = "f0e0d0c0b0a0908070605040302010007fff11";
@@ -77,54 +76,6 @@ sshbuf_getput_crypto_tests(void)
                ASSERT_INT_GT(BN_hex2bn(&bnn, b), 0); \
        } while (0)
-        TEST_START("sshbuf_put_bignum1");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 2);
-        ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn));
-        ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn1, sizeof(expbn1));
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-        TEST_START("sshbuf_put_bignum1 limited");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0);
-        r = sshbuf_put_bignum1(p1, bn);
-        ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0);
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-        TEST_START("sshbuf_put_bignum1 bn2");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 2);
-        ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn));
-        ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn2, sizeof(expbn2));
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-        TEST_START("sshbuf_put_bignum1 bn2 limited");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0);
-        r = sshbuf_put_bignum1(p1, bn);
-        ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0);
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
        TEST_START("sshbuf_put_bignum2");
        MKBN(hexbn1, bn);
        p1 = sshbuf_new();
@@ -174,88 +125,6 @@ sshbuf_getput_crypto_tests(void)
        sshbuf_free(p1);
        TEST_DONE();
-        TEST_START("sshbuf_get_bignum1");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1));
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0);
-        ASSERT_BIGNUM_EQ(bn, bn2);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-        TEST_START("sshbuf_get_bignum1 truncated");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-        TEST_START("sshbuf_get_bignum1 giant");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xffff), 0);
-        ASSERT_INT_EQ(sshbuf_reserve(p1, (0xffff + 7) / 8, NULL), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8));
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8));
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-        TEST_START("sshbuf_get_bignum1 bn2");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2));
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0);
-        ASSERT_BIGNUM_EQ(bn, bn2);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-        TEST_START("sshbuf_get_bignum1 bn2 truncated");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
        TEST_START("sshbuf_get_bignum2");
        MKBN(hexbn1, bn);
        p1 = sshbuf_new();
@@ -264,8 +133,8 @@ sshbuf_getput_crypto_tests(void)
        ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);
        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + sizeof(expbn1));
        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
+        bn2 = NULL;
-        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0);
+        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0);
        ASSERT_BIGNUM_EQ(bn, bn2);
        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
        BN_free(bn);
@@ -279,8 +148,8 @@ sshbuf_getput_crypto_tests(void)
        ASSERT_PTR_NE(p1, NULL);
        ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);
        ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);
-        bn2 = BN_new();
+        bn2 = NULL;
-        r = sshbuf_get_bignum2(p1, bn2);
+        r = sshbuf_get_bignum2(p1, &bn2);
        ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 3);
        BN_free(bn);
@@ -294,8 +163,8 @@ sshbuf_getput_crypto_tests(void)
        ASSERT_PTR_NE(p1, NULL);
        ASSERT_INT_EQ(sshbuf_put_u32(p1, 65536), 0);
        ASSERT_INT_EQ(sshbuf_reserve(p1, 65536, NULL), 0);
-        bn2 = BN_new();
+        bn2 = NULL;
-        r = sshbuf_get_bignum2(p1, bn2);
+        r = sshbuf_get_bignum2(p1, &bn2);
        ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);
        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 65536 + 4);
        BN_free(bn);
@@ -312,8 +181,8 @@ sshbuf_getput_crypto_tests(void)
        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + 1 + sizeof(expbn2));
        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
+        bn2 = NULL;
-        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0);
+        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0);
        ASSERT_BIGNUM_EQ(bn, bn2);
        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
        BN_free(bn);
@@ -328,8 +197,8 @@ sshbuf_getput_crypto_tests(void)
        ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn) + 1), 0);
        ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x00), 0);
        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);
-        bn2 = BN_new();
+        bn2 = NULL;
-        r = sshbuf_get_bignum2(p1, bn2);
+        r = sshbuf_get_bignum2(p1, &bn2);
        ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 1 + 4 - 1);
        BN_free(bn);
@@ -343,8 +212,8 @@ sshbuf_getput_crypto_tests(void)
        ASSERT_PTR_NE(p1, NULL);
        ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);
        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
-        bn2 = BN_new();
+        bn2 = NULL;
-        r = sshbuf_get_bignum2(p1, bn2);
+        r = sshbuf_get_bignum2(p1, &bn2);
        ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_IS_NEGATIVE);
        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 4);
        BN_free(bn);
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
index 7c7cb2bfd..ca06bfb00 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.3 2018/10/17 23:28:05 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.4 2019/01/21 12:29:35 djm Exp $ */
 /*
 * Regress test for sshbuf.h buffer API
 *
@@ -54,11 +54,8 @@ attempt_parse_blob(u_char *blob, size_t len)
                bzero(s, l);
                free(s);
        }
-        bn = BN_new();
+        bn = NULL;
-        sshbuf_get_bignum1(p1, bn);
+        sshbuf_get_bignum2(p1, &bn);
-        BN_clear_free(bn);
-        bn = BN_new();
-        sshbuf_get_bignum2(p1, bn);
        BN_clear_free(bn);
 #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
        eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
@@ -92,10 +89,6 @@ sshbuf_getput_fuzz_tests(void)
                /* string */
                0x00, 0x00, 0x00, 0x09,
                'O', ' ', 'G', 'o', 'r', 'g', 'o', 'n', '!',
-                /* bignum1 */
-                0x79,
-                0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
-                0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
                /* bignum2 */
                0x00, 0x00, 0x00, 0x14,
                0x00,

diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c index a68e1329e..5d39e63e1 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: test_sshbuf_getput_crypto.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */	1	/* $OpenBSD: test_sshbuf_getput_crypto.c,v 1.2 2019/01/21 12:29:35 djm Exp $ */
2	/*	2	/*
3	* Regress test for sshbuf.h buffer API	3	* Regress test for sshbuf.h buffer API
4	*	4	*
@@ -33,7 +33,6 @@ sshbuf_getput_crypto_tests(void)
33	{	33	{
34	struct sshbuf *p1;	34	struct sshbuf *p1;
35	BIGNUM bn, bn2;	35	BIGNUM bn, bn2;
36	/* This one has num_bits != num_bytes * 8 to test bignum1 encoding */
37	const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10";	36	const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10";
38	/* This one has MSB set to test bignum2 encoding negative-avoidance */	37	/* This one has MSB set to test bignum2 encoding negative-avoidance */
39	const char *hexbn2 = "f0e0d0c0b0a0908070605040302010007fff11";	38	const char *hexbn2 = "f0e0d0c0b0a0908070605040302010007fff11";
@@ -77,54 +76,6 @@ sshbuf_getput_crypto_tests(void)
77	ASSERT_INT_GT(BN_hex2bn(&bnn, b), 0); \	76	ASSERT_INT_GT(BN_hex2bn(&bnn, b), 0); \
78	} while (0)	77	} while (0)
79		78
80	TEST_START("sshbuf_put_bignum1");
81	MKBN(hexbn1, bn);
82	p1 = sshbuf_new();
83	ASSERT_PTR_NE(p1, NULL);
84	ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0);
85	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 2);
86	ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn));
87	ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn1, sizeof(expbn1));
88	BN_free(bn);
89	sshbuf_free(p1);
90	TEST_DONE();
91
92	TEST_START("sshbuf_put_bignum1 limited");
93	MKBN(hexbn1, bn);
94	p1 = sshbuf_new();
95	ASSERT_PTR_NE(p1, NULL);
96	ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0);
97	r = sshbuf_put_bignum1(p1, bn);
98	ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE);
99	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0);
100	BN_free(bn);
101	sshbuf_free(p1);
102	TEST_DONE();
103
104	TEST_START("sshbuf_put_bignum1 bn2");
105	MKBN(hexbn2, bn);
106	p1 = sshbuf_new();
107	ASSERT_PTR_NE(p1, NULL);
108	ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0);
109	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 2);
110	ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn));
111	ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn2, sizeof(expbn2));
112	BN_free(bn);
113	sshbuf_free(p1);
114	TEST_DONE();
115
116	TEST_START("sshbuf_put_bignum1 bn2 limited");
117	MKBN(hexbn2, bn);
118	p1 = sshbuf_new();
119	ASSERT_PTR_NE(p1, NULL);
120	ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0);
121	r = sshbuf_put_bignum1(p1, bn);
122	ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE);
123	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0);
124	BN_free(bn);
125	sshbuf_free(p1);
126	TEST_DONE();
127
128	TEST_START("sshbuf_put_bignum2");	79	TEST_START("sshbuf_put_bignum2");
129	MKBN(hexbn1, bn);	80	MKBN(hexbn1, bn);
130	p1 = sshbuf_new();	81	p1 = sshbuf_new();
@@ -174,88 +125,6 @@ sshbuf_getput_crypto_tests(void)
174	sshbuf_free(p1);	125	sshbuf_free(p1);
175	TEST_DONE();	126	TEST_DONE();
176		127
177	TEST_START("sshbuf_get_bignum1");
178	MKBN(hexbn1, bn);
179	p1 = sshbuf_new();
180	ASSERT_PTR_NE(p1, NULL);
181	ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
182	ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);
183	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1));
184	ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
185	bn2 = BN_new();
186	ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0);
187	ASSERT_BIGNUM_EQ(bn, bn2);
188	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
189	BN_free(bn);
190	BN_free(bn2);
191	sshbuf_free(p1);
192	TEST_DONE();
193
194	TEST_START("sshbuf_get_bignum1 truncated");
195	MKBN(hexbn1, bn);
196	p1 = sshbuf_new();
197	ASSERT_PTR_NE(p1, NULL);
198	ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
199	ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);
200	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1);
201	bn2 = BN_new();
202	r = sshbuf_get_bignum1(p1, bn2);
203	ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
204	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1);
205	BN_free(bn);
206	BN_free(bn2);
207	sshbuf_free(p1);
208	TEST_DONE();
209
210	TEST_START("sshbuf_get_bignum1 giant");
211	MKBN(hexbn1, bn);
212	p1 = sshbuf_new();
213	ASSERT_PTR_NE(p1, NULL);
214	ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xffff), 0);
215	ASSERT_INT_EQ(sshbuf_reserve(p1, (0xffff + 7) / 8, NULL), 0);
216	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8));
217	bn2 = BN_new();
218	r = sshbuf_get_bignum1(p1, bn2);
219	ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);
220	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8));
221	BN_free(bn);
222	BN_free(bn2);
223	sshbuf_free(p1);
224	TEST_DONE();
225
226	TEST_START("sshbuf_get_bignum1 bn2");
227	MKBN(hexbn2, bn);
228	p1 = sshbuf_new();
229	ASSERT_PTR_NE(p1, NULL);
230	ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
231	ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
232	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2));
233	ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
234	bn2 = BN_new();
235	ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0);
236	ASSERT_BIGNUM_EQ(bn, bn2);
237	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
238	BN_free(bn);
239	BN_free(bn2);
240	sshbuf_free(p1);
241	TEST_DONE();
242
243	TEST_START("sshbuf_get_bignum1 bn2 truncated");
244	MKBN(hexbn2, bn);
245	p1 = sshbuf_new();
246	ASSERT_PTR_NE(p1, NULL);
247	ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
248	ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);
249	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1);
250	bn2 = BN_new();
251	r = sshbuf_get_bignum1(p1, bn2);
252	ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
253	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1);
254	BN_free(bn);
255	BN_free(bn2);
256	sshbuf_free(p1);
257	TEST_DONE();
258
259	TEST_START("sshbuf_get_bignum2");	128	TEST_START("sshbuf_get_bignum2");
260	MKBN(hexbn1, bn);	129	MKBN(hexbn1, bn);
261	p1 = sshbuf_new();	130	p1 = sshbuf_new();
@@ -264,8 +133,8 @@ sshbuf_getput_crypto_tests(void)
264	ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);	133	ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);
265	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + sizeof(expbn1));	134	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + sizeof(expbn1));
266	ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);	135	ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
267	bn2 = BN_new();	136	bn2 = NULL;
268	ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0);	137	ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0);
269	ASSERT_BIGNUM_EQ(bn, bn2);	138	ASSERT_BIGNUM_EQ(bn, bn2);
270	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);	139	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
271	BN_free(bn);	140	BN_free(bn);
@@ -279,8 +148,8 @@ sshbuf_getput_crypto_tests(void)
279	ASSERT_PTR_NE(p1, NULL);	148	ASSERT_PTR_NE(p1, NULL);
280	ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);	149	ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);
281	ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);	150	ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);
282	bn2 = BN_new();	151	bn2 = NULL;
283	r = sshbuf_get_bignum2(p1, bn2);	152	r = sshbuf_get_bignum2(p1, &bn2);
284	ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);	153	ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
285	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 3);	154	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 3);
286	BN_free(bn);	155	BN_free(bn);
@@ -294,8 +163,8 @@ sshbuf_getput_crypto_tests(void)
294	ASSERT_PTR_NE(p1, NULL);	163	ASSERT_PTR_NE(p1, NULL);
295	ASSERT_INT_EQ(sshbuf_put_u32(p1, 65536), 0);	164	ASSERT_INT_EQ(sshbuf_put_u32(p1, 65536), 0);
296	ASSERT_INT_EQ(sshbuf_reserve(p1, 65536, NULL), 0);	165	ASSERT_INT_EQ(sshbuf_reserve(p1, 65536, NULL), 0);
297	bn2 = BN_new();	166	bn2 = NULL;
298	r = sshbuf_get_bignum2(p1, bn2);	167	r = sshbuf_get_bignum2(p1, &bn2);
299	ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);	168	ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);
300	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 65536 + 4);	169	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 65536 + 4);
301	BN_free(bn);	170	BN_free(bn);
@@ -312,8 +181,8 @@ sshbuf_getput_crypto_tests(void)
312	ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);	181	ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
313	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + 1 + sizeof(expbn2));	182	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + 1 + sizeof(expbn2));
314	ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);	183	ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
315	bn2 = BN_new();	184	bn2 = NULL;
316	ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0);	185	ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0);
317	ASSERT_BIGNUM_EQ(bn, bn2);	186	ASSERT_BIGNUM_EQ(bn, bn2);
318	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);	187	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
319	BN_free(bn);	188	BN_free(bn);
@@ -328,8 +197,8 @@ sshbuf_getput_crypto_tests(void)
328	ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn) + 1), 0);	197	ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn) + 1), 0);
329	ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x00), 0);	198	ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x00), 0);
330	ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);	199	ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);
331	bn2 = BN_new();	200	bn2 = NULL;
332	r = sshbuf_get_bignum2(p1, bn2);	201	r = sshbuf_get_bignum2(p1, &bn2);
333	ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);	202	ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
334	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 1 + 4 - 1);	203	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 1 + 4 - 1);
335	BN_free(bn);	204	BN_free(bn);
@@ -343,8 +212,8 @@ sshbuf_getput_crypto_tests(void)
343	ASSERT_PTR_NE(p1, NULL);	212	ASSERT_PTR_NE(p1, NULL);
344	ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);	213	ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);
345	ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);	214	ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
346	bn2 = BN_new();	215	bn2 = NULL;
347	r = sshbuf_get_bignum2(p1, bn2);	216	r = sshbuf_get_bignum2(p1, &bn2);
348	ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_IS_NEGATIVE);	217	ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_IS_NEGATIVE);
349	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 4);	218	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 4);
350	BN_free(bn);	219	BN_free(bn);


diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c index 7c7cb2bfd..ca06bfb00 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.3 2018/10/17 23:28:05 djm Exp $ */	1	/* $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.4 2019/01/21 12:29:35 djm Exp $ */
2	/*	2	/*
3	* Regress test for sshbuf.h buffer API	3	* Regress test for sshbuf.h buffer API
4	*	4	*
@@ -54,11 +54,8 @@ attempt_parse_blob(u_char *blob, size_t len)
54	bzero(s, l);	54	bzero(s, l);
55	free(s);	55	free(s);
56	}	56	}
57	bn = BN_new();	57	bn = NULL;
58	sshbuf_get_bignum1(p1, bn);	58	sshbuf_get_bignum2(p1, &bn);
59	BN_clear_free(bn);
60	bn = BN_new();
61	sshbuf_get_bignum2(p1, bn);
62	BN_clear_free(bn);	59	BN_clear_free(bn);
63	#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)	60	#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
64	eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);	61	eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
@@ -92,10 +89,6 @@ sshbuf_getput_fuzz_tests(void)
92	/* string */	89	/* string */
93	0x00, 0x00, 0x00, 0x09,	90	0x00, 0x00, 0x00, 0x09,
94	'O', ' ', 'G', 'o', 'r', 'g', 'o', 'n', '!',	91	'O', ' ', 'G', 'o', 'r', 'g', 'o', 'n', '!',
95	/* bignum1 */
96	0x79,
97	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
98	0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
99	/* bignum2 */	92	/* bignum2 */
100	0x00, 0x00, 0x00, 0x14,	93	0x00, 0x00, 0x00, 0x14,
101	0x00,	94	0x00,