lib/libssh2
1
0
Fork 0
mirror of https://github.com/libssh2/libssh2.git synced 2025-11-20 02:42:09 +03:00
Code Activity

misc.c : String buffer API improvements (#332)

Browse Source 
Files : misc.c, hostkey.c, kex.c, misc.h, openssl.c, sftp.c

Notes : 
* updated _libssh2_get_bignum_bytes and _libssh2_get_string. Now pass in length as an argument instead of returning it to keep signedness correct. Now returns -1 for failure, 0 for success.

_libssh2_check_length now returns 0 on success and -1 on failure to match the other string_buf functions. Added comment to _libssh2_check_length.

Credit : Will Cosgrove
This commit is contained in:
Will Cosgrove
2019-04-23 10:28:01 -07:00
committed by GitHub
parent a19d85319d
commit 8ab5c36a32
7 changed files with 121 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
src/openssl.c
View File

@@ -955,9 +955,8 @@ gen_publickey_from_rsa_openssh_priv_data(LIBSSH2_SESSION *session,
libssh2_rsa_ctx **rsa_ctx)
{
int rc = 0;
int nlen, elen, dlen, plen, qlen, coefflen;
size_t nlen, elen, dlen, plen, qlen, coefflen, commentlen;
unsigned char *n, *e, *d, *p, *q, *coeff, *comment;
int commentlen;
RSA *rsa = NULL;
_libssh2_debug(session,
@@ -965,51 +964,44 @@ gen_publickey_from_rsa_openssh_priv_data(LIBSSH2_SESSION *session,
"Computing RSA keys from private key data");
/* public key data */
nlen = _libssh2_get_bignum_bytes(decrypted, &n);
if(nlen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &n, &nlen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"RSA no n");
return -1;
}
elen = _libssh2_get_bignum_bytes(decrypted, &e);
if(elen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &e, &elen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"RSA no e");
return -1;
}
/* private key data */
dlen = _libssh2_get_bignum_bytes(decrypted, &d);
if(dlen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &d, &dlen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"RSA no d");
return -1;
}
coefflen = _libssh2_get_bignum_bytes(decrypted, &coeff);
if(coefflen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &coeff, &coefflen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"RSA no coeff");
return -1;
}
plen = _libssh2_get_bignum_bytes(decrypted, &p);
if(plen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &p, &plen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"RSA no p");
return -1;
}
qlen = _libssh2_get_bignum_bytes(decrypted, &q);
if(qlen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &q, &qlen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"RSA no q");
return -1;
}
commentlen = _libssh2_get_c_string(decrypted, &comment);
if(commentlen < 0) {
if(_libssh2_get_string(decrypted, &comment, &commentlen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"RSA no comment");
return -1;
@@ -1089,9 +1081,9 @@ _libssh2_rsa_new_openssh_private(libssh2_rsa_ctx ** rsa,
}
/* We have a new key file, now try and parse it using supported types */
rc = _libssh2_get_c_string(decrypted, &buf);
rc = _libssh2_get_string(decrypted, &buf, NULL);
if(rc < 1 || buf == NULL) {
if(rc != 0 || buf == NULL) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Public key type in decrypted key data not found");
return -1;
@@ -1282,7 +1274,7 @@ gen_publickey_from_dsa_openssh_priv_data(LIBSSH2_SESSION *session,
libssh2_dsa_ctx **dsa_ctx)
{
int rc = 0;
int plen, qlen, glen, pub_len, priv_len;
size_t plen, qlen, glen, pub_len, priv_len;
unsigned char *p, *q, *g, *pub_key, *priv_key;
DSA *dsa = NULL;
@@ -1290,36 +1282,31 @@ gen_publickey_from_dsa_openssh_priv_data(LIBSSH2_SESSION *session,
LIBSSH2_TRACE_AUTH,
"Computing DSA keys from private key data");
plen = _libssh2_get_bignum_bytes(decrypted, &p);
if(plen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &p, &plen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"DSA no p");
return -1;
}
qlen = _libssh2_get_bignum_bytes(decrypted, &q);
if(qlen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &q, &qlen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"DSA no q");
return -1;
}
glen = _libssh2_get_bignum_bytes(decrypted, &g);
if(glen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &g, &glen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"DSA no g");
return -1;
}
pub_len = _libssh2_get_bignum_bytes(decrypted, &pub_key);
if(pub_len <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &pub_key, &pub_len)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"DSA no public key");
return -1;
}
priv_len = _libssh2_get_bignum_bytes(decrypted, &priv_key);
if(priv_len <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &priv_key, &priv_len)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"DSA no private key");
return -1;
@@ -1396,9 +1383,9 @@ _libssh2_dsa_new_openssh_private(libssh2_dsa_ctx ** dsa,
}
/* We have a new key file, now try and parse it using supported types */
rc = _libssh2_get_c_string(decrypted, &buf);
rc = _libssh2_get_string(decrypted, &buf, NULL);
if(rc < 1 || buf == NULL) {
if(rc != 0 || buf == NULL) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Public key type in decrypted key data not found");
return -1;
@@ -1595,23 +1582,24 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session,
libssh2_ed25519_ctx *ctx = NULL;
unsigned char *method_buf = NULL;
unsigned char *key = NULL;
int i, rc, ret = 0;
int i, ret = 0;
unsigned char *pub_key, *priv_key, *buf;
size_t key_len = 0;
size_t key_len = 0, tmp_len = 0;
unsigned char *p;
_libssh2_debug(session,
LIBSSH2_TRACE_AUTH,
"Computing ED25519 keys from private key data");
if(_libssh2_get_c_string(decrypted, &pub_key) != LIBSSH2_ED25519_KEY_LEN) {
if(_libssh2_get_string(decrypted, &pub_key, &tmp_len) ||
tmp_len != LIBSSH2_ED25519_KEY_LEN) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Wrong public key length");
return -1;
}
if(_libssh2_get_c_string(decrypted, &priv_key) !=
LIBSSH2_ED25519_PRIVATE_KEY_LEN) {
if(_libssh2_get_string(decrypted, &priv_key, &tmp_len) ||
tmp_len != LIBSSH2_ED25519_PRIVATE_KEY_LEN) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Wrong private key length");
ret = -1;
@@ -1639,19 +1627,18 @@ gen_publickey_from_ed25519_openssh_priv_data(LIBSSH2_SESSION *session,
LIBSSH2_ED25519_KEY_LEN);
/* comment */
rc = _libssh2_get_c_string(decrypted, &buf);
if(rc < 0) {
if(_libssh2_get_string(decrypted, &buf, &tmp_len)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Unable to read comment");
ret = -1;
goto clean_exit;
}
if(rc > 0) {
unsigned char *comment = LIBSSH2_CALLOC(session, rc + 1);
if(tmp_len > 0) {
unsigned char *comment = LIBSSH2_CALLOC(session, tmp_len + 1);
if(comment != NULL) {
memcpy(comment, buf, rc);
memcpy(comment + rc, "\0", 1);
memcpy(comment, buf, tmp_len);
memcpy(comment + tmp_len, "\0", 1);
_libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Key comment: %s",
comment);
@@ -1770,9 +1757,9 @@ _libssh2_ed25519_new_private(libssh2_ed25519_ctx ** ed_ctx,
}
/* We have a new key file, now try and parse it using supported types */
rc = _libssh2_get_c_string(decrypted, &buf);
rc = _libssh2_get_string(decrypted, &buf, NULL);
if(rc < 1 || buf == NULL) {
if(rc != 0 || buf == NULL) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Public key type in decrypted key data not found");
return -1;
@@ -1787,6 +1774,9 @@ _libssh2_ed25519_new_private(libssh2_ed25519_ctx ** ed_ctx,
NULL,
&ctx);
}
else {
rc = -1;
}
if(decrypted)
_libssh2_string_buf_free(session, decrypted);
@@ -2363,7 +2353,7 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session,
libssh2_ecdsa_ctx **ec_ctx)
{
int rc = 0;
int curvelen, exponentlen, pointlen;
size_t curvelen, exponentlen, pointlen;
unsigned char *curve, *exponent, *point_buf;
EC_KEY *ec_key = NULL;
BIGNUM *bn_exponent;
@@ -2372,30 +2362,27 @@ gen_publickey_from_ecdsa_openssh_priv_data(LIBSSH2_SESSION *session,
LIBSSH2_TRACE_AUTH,
"Computing ECDSA keys from private key data");
curvelen = _libssh2_get_c_string(decrypted, &curve);
if(curvelen <= 0) {
if(_libssh2_get_string(decrypted, &curve, &curvelen) ||
curvelen == 0) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"ECDSA no curve");
return -1;
}
pointlen = _libssh2_get_c_string(decrypted, &point_buf);
if(pointlen <= 0) {
if(_libssh2_get_string(decrypted, &point_buf, &pointlen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"ECDSA no point");
return -1;
}
exponentlen = _libssh2_get_bignum_bytes(decrypted, &exponent);
if(exponentlen <= 0) {
if(_libssh2_get_bignum_bytes(decrypted, &exponent, &exponentlen)) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"ECDSA no exponent");
return -1;
}
rc = _libssh2_ecdsa_curve_name_with_octal_new(&ec_key, point_buf,
pointlen, curve_type);
if(rc != 0) {
if((rc = _libssh2_ecdsa_curve_name_with_octal_new(&ec_key, point_buf,
pointlen, curve_type)) != 0) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"ECDSA could not create key");
goto fail;
@@ -2475,9 +2462,9 @@ _libssh2_ecdsa_new_openssh_private(libssh2_ecdsa_ctx ** ec_ctx,
}
/* We have a new key file, now try and parse it using supported types */
rc = _libssh2_get_c_string(decrypted, &buf);
rc = _libssh2_get_string(decrypted, &buf, NULL);
if(rc < 1 || buf == NULL) {
if(rc != 0 || buf == NULL) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Public key type in decrypted key data not found");
return -1;
@@ -2852,9 +2839,9 @@ _libssh2_pub_priv_openssh_keyfile(LIBSSH2_SESSION *session,
}
/* We have a new key file, now try and parse it using supported types */
rc = _libssh2_get_c_string(decrypted, &buf);
rc = _libssh2_get_string(decrypted, &buf, NULL);
if(rc < 1 || buf == NULL) {
if(rc != 0 || buf == NULL) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Public key type in decrypted key data not found");
return -1;
@@ -3049,14 +3036,16 @@ _libssh2_pub_priv_openssh_keyfilememory(LIBSSH2_SESSION *session,
}
/* We have a new key file, now try and parse it using supported types */
rc = _libssh2_get_c_string(decrypted, &buf);
rc = _libssh2_get_string(decrypted, &buf, NULL);
if(rc < 1 || buf == NULL) {
if(rc != 0 || buf == NULL) {
_libssh2_error(session, LIBSSH2_ERROR_PROTO,
"Public key type in decrypted key data not found");
return -1;
}
rc = -1;
#if LIBSSH2_ED25519
if(strcmp("ssh-ed25519", (const char *)buf) == 0) {
if(key_type == NULL || strcmp("ssh-ed25519", key_type) == 0) {