1 files changed, 12 insertions, 51 deletions
diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c
index d0d791b50..3dd1e1446 100644
--- a/sshbuf-getput-crypto.c
+++ b/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $    */
+/*      $OpenBSD: sshbuf-getput-crypto.c,v 1.7 2019/01/21 09:54:11 djm Exp $    */
 /*
 * Copyright (c) 2011 Damien Miller
 *
@@ -32,41 +32,24 @@
 #include "sshbuf.h"
 int
-sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v)
+sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM **valp)
 {
+        BIGNUM *v;
        const u_char *d;
        size_t len;
        int r;
+        if (valp != NULL)
+                *valp = NULL;
        if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0)
                return r;
-        if (v != NULL && BN_bin2bn(d, len, v) == NULL)
+        if (valp != NULL) {
-                return SSH_ERR_ALLOC_FAIL;
+                if ((v = BN_new()) == NULL ||
-        return 0;
+                    BN_bin2bn(d, len, v) == NULL) {
-}
+                        BN_clear_free(v);
+                        return SSH_ERR_ALLOC_FAIL;
-int
+                }
-sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v)
+                *valp = v;
-{
-        const u_char *d = sshbuf_ptr(buf);
-        u_int16_t len_bits;
-        size_t len_bytes;
-        /* Length in bits */
-        if (sshbuf_len(buf) < 2)
-                return SSH_ERR_MESSAGE_INCOMPLETE;
-        len_bits = PEEK_U16(d);
-        len_bytes = (len_bits + 7) >> 3;
-        if (len_bytes > SSHBUF_MAX_BIGNUM)
-                return SSH_ERR_BIGNUM_TOO_LARGE;
-        if (sshbuf_len(buf) < 2 + len_bytes)
-                return SSH_ERR_MESSAGE_INCOMPLETE;
-        if (v != NULL && BN_bin2bn(d + 2, len_bytes, v) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        if (sshbuf_consume(buf, 2 + len_bytes) != 0) {
-                SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
-                SSHBUF_ABORT();
-                return SSH_ERR_INTERNAL_ERROR;
        }
        return 0;
 }
@@ -165,28 +148,6 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v)
        return 0;
 }
-int
-sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v)
-{
-        int r, len_bits = BN_num_bits(v);
-        size_t len_bytes = (len_bits + 7) / 8;
-        u_char d[SSHBUF_MAX_BIGNUM], *dp;
-        if (len_bits < 0 || len_bytes > SSHBUF_MAX_BIGNUM)
-                return SSH_ERR_INVALID_ARGUMENT;
-        if (BN_bn2bin(v, d) != (int)len_bytes)
-                return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
-        if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {
-                explicit_bzero(d, sizeof(d));
-                return r;
-        }
-        POKE_U16(dp, len_bits);
-        if (len_bytes != 0)
-                memcpy(dp + 2, d, len_bytes);
-        explicit_bzero(d, sizeof(d));
-        return 0;
-}
 #ifdef OPENSSL_HAS_ECC
 int
 sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g)

diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c index d0d791b50..3dd1e1446 100644 --- a/sshbuf-getput-crypto.c +++ b/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $ */	1	/* $OpenBSD: sshbuf-getput-crypto.c,v 1.7 2019/01/21 09:54:11 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2011 Damien Miller	3	* Copyright (c) 2011 Damien Miller
4	*	4	*
@@ -32,41 +32,24 @@
32	#include "sshbuf.h"	32	#include "sshbuf.h"
33		33
34	int	34	int
35	sshbuf_get_bignum2(struct sshbuf buf, BIGNUM v)	35	sshbuf_get_bignum2(struct sshbuf buf, BIGNUM *valp)
36	{	36	{
		37	BIGNUM *v;
37	const u_char *d;	38	const u_char *d;
38	size_t len;	39	size_t len;
39	int r;	40	int r;
40		41
		42	if (valp != NULL)
		43	*valp = NULL;
41	if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0)	44	if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0)
42	return r;	45	return r;
43	if (v != NULL && BN_bin2bn(d, len, v) == NULL)	46	if (valp != NULL) {
44	return SSH_ERR_ALLOC_FAIL;	47	if ((v = BN_new()) == NULL \|\|
45	return 0;	48	BN_bin2bn(d, len, v) == NULL) {
46	}	49	BN_clear_free(v);
47		50	return SSH_ERR_ALLOC_FAIL;
48	int	51	}
49	sshbuf_get_bignum1(struct sshbuf buf, BIGNUM v)	52	*valp = v;
50	{
51	const u_char *d = sshbuf_ptr(buf);
52	u_int16_t len_bits;
53	size_t len_bytes;
54
55	/* Length in bits */
56	if (sshbuf_len(buf) < 2)
57	return SSH_ERR_MESSAGE_INCOMPLETE;
58	len_bits = PEEK_U16(d);
59	len_bytes = (len_bits + 7) >> 3;
60	if (len_bytes > SSHBUF_MAX_BIGNUM)
61	return SSH_ERR_BIGNUM_TOO_LARGE;
62	if (sshbuf_len(buf) < 2 + len_bytes)
63	return SSH_ERR_MESSAGE_INCOMPLETE;
64	if (v != NULL && BN_bin2bn(d + 2, len_bytes, v) == NULL)
65	return SSH_ERR_ALLOC_FAIL;
66	if (sshbuf_consume(buf, 2 + len_bytes) != 0) {
67	SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
68	SSHBUF_ABORT();
69	return SSH_ERR_INTERNAL_ERROR;
70	}	53	}
71	return 0;	54	return 0;
72	}	55	}
@@ -165,28 +148,6 @@ sshbuf_put_bignum2(struct sshbuf buf, const BIGNUM v)
165	return 0;	148	return 0;
166	}	149	}
167		150
168	int
169	sshbuf_put_bignum1(struct sshbuf buf, const BIGNUM v)
170	{
171	int r, len_bits = BN_num_bits(v);
172	size_t len_bytes = (len_bits + 7) / 8;
173	u_char d[SSHBUF_MAX_BIGNUM], *dp;
174
175	if (len_bits < 0 \|\| len_bytes > SSHBUF_MAX_BIGNUM)
176	return SSH_ERR_INVALID_ARGUMENT;
177	if (BN_bn2bin(v, d) != (int)len_bytes)
178	return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
179	if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {
180	explicit_bzero(d, sizeof(d));
181	return r;
182	}
183	POKE_U16(dp, len_bits);
184	if (len_bytes != 0)
185	memcpy(dp + 2, d, len_bytes);
186	explicit_bzero(d, sizeof(d));
187	return 0;
188	}
189
190	#ifdef OPENSSL_HAS_ECC	151	#ifdef OPENSSL_HAS_ECC
191	int	152	int
192	sshbuf_put_ec(struct sshbuf buf, const EC_POINT v, const EC_GROUP *g)	153	sshbuf_put_ec(struct sshbuf buf, const EC_POINT v, const EC_GROUP *g)