diff options
Diffstat (limited to 'sshkey.c')
| -rw-r--r-- | sshkey.c | 68 |
1 files changed, 34 insertions, 34 deletions
diff --git a/sshkey.c b/sshkey.c index c9f04cd673a0b..c01da6c39b2e9 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.35 2016/06/19 07:48:02 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.41 2016/10/24 01:09:17 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -27,7 +27,6 @@ #include "includes.h" -#include <sys/param.h> /* MIN MAX */ #include <sys/types.h> #include <netinet/in.h> @@ -196,7 +195,7 @@ sshkey_ecdsa_nid_from_name(const char *name) } char * -key_alg_list(int certs_only, int plain_only) +sshkey_alg_list(int certs_only, int plain_only, char sep) { char *tmp, *ret = NULL; size_t nlen, rlen = 0; @@ -208,7 +207,7 @@ key_alg_list(int certs_only, int plain_only) if ((certs_only && !kt->cert) || (plain_only && kt->cert)) continue; if (ret != NULL) - ret[rlen++] = '\n'; + ret[rlen++] = sep; nlen = strlen(kt->name); if ((tmp = realloc(ret, rlen + nlen + 2)) == NULL) { free(ret); @@ -513,7 +512,6 @@ sshkey_new(int type) default: free(k); return NULL; - break; } if (sshkey_is_cert(k)) { @@ -888,9 +886,12 @@ sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg, int nlen = BN_num_bytes(k->rsa->n); int elen = BN_num_bytes(k->rsa->e); + if (nlen < 0 || elen < 0 || nlen >= INT_MAX - elen) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } blob_len = nlen + elen; - if (nlen >= INT_MAX - elen || - (blob = malloc(blob_len)) == NULL) { + if ((blob = malloc(blob_len)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } @@ -1082,10 +1083,10 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, y += (input & 0x2) ? 1 : -1; /* assure we are still in bounds */ - x = MAX(x, 0); - y = MAX(y, 0); - x = MIN(x, FLDSIZE_X - 1); - y = MIN(y, FLDSIZE_Y - 1); + x = MAXIMUM(x, 0); + y = MAXIMUM(y, 0); + x = MINIMUM(x, FLDSIZE_X - 1); + y = MINIMUM(y, FLDSIZE_Y - 1); /* augment the field */ if (field[x][y] < len - 2) @@ -1126,7 +1127,7 @@ fingerprint_randomart(const char *alg, u_char *dgst_raw, size_t dgst_raw_len, for (y = 0; y < FLDSIZE_Y; y++) { *p++ = '|'; for (x = 0; x < FLDSIZE_X; x++) - *p++ = augmentation_string[MIN(field[x][y], len)]; + *p++ = augmentation_string[MINIMUM(field[x][y], len)]; *p++ = '|'; *p++ = '\n'; } @@ -2862,6 +2863,14 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) BIGNUM *order, *x, *y, *tmp; int ret = SSH_ERR_KEY_INVALID_EC_VALUE; + /* + * NB. This assumes OpenSSL has already verified that the public + * point lies on the curve. This is done by EC_POINT_oct2point() + * implicitly calling EC_POINT_is_on_curve(). If this code is ever + * reachable with public points not unmarshalled using + * EC_POINT_oct2point then the caller will need to explicitly check. + */ + if ((bnctx = BN_CTX_new()) == NULL) return SSH_ERR_ALLOC_FAIL; BN_CTX_start(bnctx); @@ -3029,13 +3038,11 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, size_t i, pubkeylen, keylen, ivlen, blocksize, authlen; u_int check; int r = SSH_ERR_INTERNAL_ERROR; - struct sshcipher_ctx ciphercontext; + struct sshcipher_ctx *ciphercontext = NULL; const struct sshcipher *cipher; const char *kdfname = KDFNAME; struct sshbuf *encoded = NULL, *encrypted = NULL, *kdf = NULL; - memset(&ciphercontext, 0, sizeof(ciphercontext)); - if (rounds <= 0) rounds = DEFAULT_ROUNDS; if (passphrase == NULL || !strlen(passphrase)) { @@ -3122,7 +3129,7 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, if ((r = sshbuf_reserve(encoded, sshbuf_len(encrypted) + authlen, &cp)) != 0) goto out; - if ((r = cipher_crypt(&ciphercontext, 0, cp, + if ((r = cipher_crypt(ciphercontext, 0, cp, sshbuf_ptr(encrypted), sshbuf_len(encrypted), 0, authlen)) != 0) goto out; @@ -3154,7 +3161,7 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, sshbuf_free(kdf); sshbuf_free(encoded); sshbuf_free(encrypted); - cipher_cleanup(&ciphercontext); + cipher_free(ciphercontext); explicit_bzero(salt, sizeof(salt)); if (key != NULL) { explicit_bzero(key, keylen + ivlen); @@ -3183,12 +3190,11 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, size_t i, keylen = 0, ivlen = 0, authlen = 0, slen = 0; struct sshbuf *encoded = NULL, *decoded = NULL; struct sshbuf *kdf = NULL, *decrypted = NULL; - struct sshcipher_ctx ciphercontext; + struct sshcipher_ctx *ciphercontext = NULL; struct sshkey *k = NULL; u_char *key = NULL, *salt = NULL, *dp, pad, last; u_int blocksize, rounds, nkeys, encrypted_len, check1, check2; - memset(&ciphercontext, 0, sizeof(ciphercontext)); if (keyp != NULL) *keyp = NULL; if (commentp != NULL) @@ -3317,7 +3323,7 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, (r = cipher_init(&ciphercontext, cipher, key, keylen, key + keylen, ivlen, 0)) != 0) goto out; - if ((r = cipher_crypt(&ciphercontext, 0, dp, sshbuf_ptr(decoded), + if ((r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(decoded), encrypted_len, 0, authlen)) != 0) { /* an integrity error here indicates an incorrect passphrase */ if (r == SSH_ERR_MAC_INVALID) @@ -3371,7 +3377,7 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, } out: pad = 0; - cipher_cleanup(&ciphercontext); + cipher_free(ciphercontext); free(ciphername); free(kdfname); free(comment); @@ -3405,7 +3411,7 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob, struct sshbuf *buffer = NULL, *encrypted = NULL; u_char buf[8]; int r, cipher_num; - struct sshcipher_ctx ciphercontext; + struct sshcipher_ctx *ciphercontext = NULL; const struct sshcipher *cipher; u_char *cp; @@ -3475,16 +3481,14 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob, if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, CIPHER_ENCRYPT)) != 0) goto out; - if ((r = cipher_crypt(&ciphercontext, 0, cp, + if ((r = cipher_crypt(ciphercontext, 0, cp, sshbuf_ptr(buffer), sshbuf_len(buffer), 0, 0)) != 0) goto out; - if ((r = cipher_cleanup(&ciphercontext)) != 0) - goto out; r = sshbuf_putb(blob, encrypted); out: - explicit_bzero(&ciphercontext, sizeof(ciphercontext)); + cipher_free(ciphercontext); explicit_bzero(buf, sizeof(buf)); sshbuf_free(buffer); sshbuf_free(encrypted); @@ -3654,7 +3658,7 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, struct sshbuf *decrypted = NULL, *copy = NULL; u_char *cp; char *comment = NULL; - struct sshcipher_ctx ciphercontext; + struct sshcipher_ctx *ciphercontext = NULL; const struct sshcipher *cipher; struct sshkey *prv = NULL; @@ -3712,12 +3716,8 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, CIPHER_DECRYPT)) != 0) goto out; - if ((r = cipher_crypt(&ciphercontext, 0, cp, - sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0) { - cipher_cleanup(&ciphercontext); - goto out; - } - if ((r = cipher_cleanup(&ciphercontext)) != 0) + if ((r = cipher_crypt(ciphercontext, 0, cp, + sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0) goto out; if ((r = sshbuf_get_u16(decrypted, &check1)) != 0 || @@ -3754,7 +3754,7 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, comment = NULL; } out: - explicit_bzero(&ciphercontext, sizeof(ciphercontext)); + cipher_free(ciphercontext); free(comment); sshkey_free(prv); sshbuf_free(copy); |