version 1.7, 2019/10/14 06:00:02 |
version 1.8, 2019/11/13 07:53:10 |
|
|
u_int32_t maxidx; /* restricted # of signatures */ |
u_int32_t maxidx; /* restricted # of signatures */ |
int have_state; /* .state file exists */ |
int have_state; /* .state file exists */ |
int lockfd; /* locked in sshkey_xmss_get_state() */ |
int lockfd; /* locked in sshkey_xmss_get_state() */ |
int allow_update; /* allow sshkey_xmss_update_state() */ |
u_char allow_update; /* allow sshkey_xmss_update_state() */ |
char *enc_ciphername;/* encrypt state with cipher */ |
char *enc_ciphername;/* encrypt state with cipher */ |
u_char *enc_keyiv; /* encrypt state with key */ |
u_char *enc_keyiv; /* encrypt state with key */ |
u_int32_t enc_keyiv_len; /* length of enc_keyiv */ |
u_int32_t enc_keyiv_len; /* length of enc_keyiv */ |
|
|
{ |
{ |
struct ssh_xmss_state *state = k->xmss_state; |
struct ssh_xmss_state *state = k->xmss_state; |
int r = SSH_ERR_INVALID_ARGUMENT; |
int r = SSH_ERR_INVALID_ARGUMENT; |
|
u_char have_stack, have_filename, have_enc; |
|
|
if (state == NULL) |
if (state == NULL) |
return SSH_ERR_INVALID_ARGUMENT; |
return SSH_ERR_INVALID_ARGUMENT; |
|
|
break; |
break; |
case SSHKEY_SERIALIZE_FULL: |
case SSHKEY_SERIALIZE_FULL: |
if ((r = sshkey_xmss_serialize_enc_key(k, b)) != 0) |
if ((r = sshkey_xmss_serialize_enc_key(k, b)) != 0) |
break; |
return r; |
r = sshkey_xmss_serialize_state(k, b); |
r = sshkey_xmss_serialize_state(k, b); |
break; |
break; |
|
case SSHKEY_SERIALIZE_SHIELD: |
|
/* all of stack/filename/enc are optional */ |
|
have_stack = state->stack != NULL; |
|
if ((r = sshbuf_put_u8(b, have_stack)) != 0) |
|
return r; |
|
if (have_stack) { |
|
state->idx = PEEK_U32(k->xmss_sk); /* update */ |
|
if ((r = sshkey_xmss_serialize_state(k, b)) != 0) |
|
return r; |
|
} |
|
have_filename = k->xmss_filename != NULL; |
|
if ((r = sshbuf_put_u8(b, have_filename)) != 0) |
|
return r; |
|
if (have_filename && |
|
(r = sshbuf_put_cstring(b, k->xmss_filename)) != 0) |
|
return r; |
|
have_enc = state->enc_keyiv != NULL; |
|
if ((r = sshbuf_put_u8(b, have_enc)) != 0) |
|
return r; |
|
if (have_enc && |
|
(r = sshkey_xmss_serialize_enc_key(k, b)) != 0) |
|
return r; |
|
if ((r = sshbuf_put_u32(b, state->maxidx)) != 0 || |
|
(r = sshbuf_put_u8(b, state->allow_update)) != 0) |
|
return r; |
|
break; |
case SSHKEY_SERIALIZE_DEFAULT: |
case SSHKEY_SERIALIZE_DEFAULT: |
r = 0; |
r = 0; |
break; |
break; |
|
|
int |
int |
sshkey_xmss_deserialize_state_opt(struct sshkey *k, struct sshbuf *b) |
sshkey_xmss_deserialize_state_opt(struct sshkey *k, struct sshbuf *b) |
{ |
{ |
|
struct ssh_xmss_state *state = k->xmss_state; |
enum sshkey_serialize_rep opts; |
enum sshkey_serialize_rep opts; |
u_char have_state; |
u_char have_state, have_stack, have_filename, have_enc; |
int r; |
int r; |
|
|
if ((r = sshbuf_get_u8(b, &have_state)) != 0) |
if ((r = sshbuf_get_u8(b, &have_state)) != 0) |
|
|
switch (opts) { |
switch (opts) { |
case SSHKEY_SERIALIZE_DEFAULT: |
case SSHKEY_SERIALIZE_DEFAULT: |
r = 0; |
r = 0; |
|
break; |
|
case SSHKEY_SERIALIZE_SHIELD: |
|
if ((r = sshbuf_get_u8(b, &have_stack)) != 0) |
|
return r; |
|
if (have_stack && |
|
(r = sshkey_xmss_deserialize_state(k, b)) != 0) |
|
return r; |
|
if ((r = sshbuf_get_u8(b, &have_filename)) != 0) |
|
return r; |
|
if (have_filename && |
|
(r = sshbuf_get_cstring(b, &k->xmss_filename, NULL)) != 0) |
|
return r; |
|
if ((r = sshbuf_get_u8(b, &have_enc)) != 0) |
|
return r; |
|
if (have_enc && |
|
(r = sshkey_xmss_deserialize_enc_key(k, b)) != 0) |
|
return r; |
|
if ((r = sshbuf_get_u32(b, &state->maxidx)) != 0 || |
|
(r = sshbuf_get_u8(b, &state->allow_update)) != 0) |
|
return r; |
break; |
break; |
case SSHKEY_SERIALIZE_STATE: |
case SSHKEY_SERIALIZE_STATE: |
if ((r = sshkey_xmss_deserialize_state(k, b)) != 0) |
if ((r = sshkey_xmss_deserialize_state(k, b)) != 0) |