search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
inet6: only mark autoconf addresses tentative if detached
[dragonfly.git] / crypto / openssh / sshbuf-getput-crypto.c
blob56ffdd86156a59277d8740e7cbb357e323a92bd5
1 /* $OpenBSD: sshbuf-getput-crypto.c,v 1.10 2022/05/25 06:03:44 djm Exp $ */
2 /*
3 * Copyright (c) 2011 Damien Miller
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18 #define SSHBUF_INTERNAL
19 #include "includes.h"
20
21 #include <sys/types.h>
22 #include <stdlib.h>
23 #include <stdio.h>
24 #include <string.h>
25
26 #ifdef WITH_OPENSSL
27 #include <openssl/bn.h>
28 #ifdef OPENSSL_HAS_ECC
29 # include <openssl/ec.h>
30 #endif /* OPENSSL_HAS_ECC */
31
32 #include "ssherr.h"
33 #include "sshbuf.h"
34
35 int
36 sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM **valp)
37 {
38 BIGNUM *v;
39 const u_char *d;
40 size_t len;
41 int r;
42
43 if (valp != NULL)
44 *valp = NULL;
45 if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0)
46 return r;
47 if (valp != NULL) {
48 if ((v = BN_new()) == NULL ||
49 BN_bin2bn(d, len, v) == NULL) {
50 BN_clear_free(v);
51 return SSH_ERR_ALLOC_FAIL;
52 }
53 *valp = v;
54 }
55 return 0;
56 }
57
58 #ifdef OPENSSL_HAS_ECC
59 static int
60 get_ec(const u_char *d, size_t len, EC_POINT *v, const EC_GROUP *g)
61 {
62 /* Refuse overlong bignums */
63 if (len == 0 || len > SSHBUF_MAX_ECPOINT)
64 return SSH_ERR_ECPOINT_TOO_LARGE;
65 /* Only handle uncompressed points */
66 if (*d != POINT_CONVERSION_UNCOMPRESSED)
67 return SSH_ERR_INVALID_FORMAT;
68 if (v != NULL && EC_POINT_oct2point(g, v, d, len, NULL) != 1)
69 return SSH_ERR_INVALID_FORMAT; /* XXX assumption */
70 return 0;
71 }
72
73 int
74 sshbuf_get_ec(struct sshbuf *buf, EC_POINT *v, const EC_GROUP *g)
75 {
76 const u_char *d;
77 size_t len;
78 int r;
79
80 if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0)
81 return r;
82 if ((r = get_ec(d, len, v, g)) != 0)
83 return r;
84 /* Skip string */
85 if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) {
86 /* Shouldn't happen */
87 SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
88 SSHBUF_ABORT();
89 return SSH_ERR_INTERNAL_ERROR;
90 }
91 return 0;
92 }
93
94 int
95 sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v)
96 {
97 EC_POINT *pt = EC_POINT_new(EC_KEY_get0_group(v));
98 int r;
99 const u_char *d;
100 size_t len;
101
102 if (pt == NULL) {
103 SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));
104 return SSH_ERR_ALLOC_FAIL;
105 }
106 if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0) {
107 EC_POINT_free(pt);
108 return r;
109 }
110 if ((r = get_ec(d, len, pt, EC_KEY_get0_group(v))) != 0) {
111 EC_POINT_free(pt);
112 return r;
113 }
114 if (EC_KEY_set_public_key(v, pt) != 1) {
115 EC_POINT_free(pt);
116 return SSH_ERR_ALLOC_FAIL; /* XXX assumption */
117 }
118 EC_POINT_free(pt);
119 /* Skip string */
120 if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) {
121 /* Shouldn't happen */
122 SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
123 SSHBUF_ABORT();
124 return SSH_ERR_INTERNAL_ERROR;
125 }
126 return 0;
127 }
128 #endif /* OPENSSL_HAS_ECC */
129
130 int
131 sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v)
132 {
133 u_char d[SSHBUF_MAX_BIGNUM + 1];
134 int len = BN_num_bytes(v), prepend = 0, r;
135
136 if (len < 0 || len > SSHBUF_MAX_BIGNUM)
137 return SSH_ERR_INVALID_ARGUMENT;
138 *d = '\0';
139 if (BN_bn2bin(v, d + 1) != len)
140 return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
141 /* If MSB is set, prepend a \0 */
142 if (len > 0 && (d[1] & 0x80) != 0)
143 prepend = 1;
144 if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) {
145 explicit_bzero(d, sizeof(d));
146 return r;
147 }
148 explicit_bzero(d, sizeof(d));
149 return 0;
150 }
151
152 #ifdef OPENSSL_HAS_ECC
153 int
154 sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g)
155 {
156 u_char d[SSHBUF_MAX_ECPOINT];
157 size_t len;
158 int ret;
159
160 if ((len = EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED,
161 NULL, 0, NULL)) > SSHBUF_MAX_ECPOINT) {
162 return SSH_ERR_INVALID_ARGUMENT;
163 }
164 if (EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED,
165 d, len, NULL) != len) {
166 return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
167 }
168 ret = sshbuf_put_string(buf, d, len);
169 explicit_bzero(d, len);
170 return ret;
171 }
172
173 int
174 sshbuf_put_eckey(struct sshbuf *buf, const EC_KEY *v)
175 {
176 return sshbuf_put_ec(buf, EC_KEY_get0_public_key(v),
177 EC_KEY_get0_group(v));
178 }
179 #endif /* OPENSSL_HAS_ECC */
180 #endif /* WITH_OPENSSL */
DragonFly BSD