src/usr.bin/ssh/sshsig.c - diff

Return to sshsig.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/sshsig.c between version 1.17 and 1.18

version 1.17, 2020/08/31 00:17:41

version 1.18, 2020/10/18 11:32:02

Line 52

*out = NULL;

if ((buf = sshbuf_new()) == NULL) {

error("%s: sshbuf_new failed", __func__);

error_f("sshbuf_new failed");

r = SSH_ERR_ALLOC_FAIL;

goto out;

}

if ((r = sshbuf_put(buf, BEGIN_SIGNATURE,

sizeof(BEGIN_SIGNATURE)-1)) != 0) {

error("%s: sshbuf_putf failed: %s", __func__, ssh_err(r));

error_fr(r, "sshbuf_putf");

goto out;

}

if ((r = sshbuf_dtob64(blob, buf, 1)) != 0) {

error("%s: Couldn't base64 encode signature blob: %s",

error_fr(r, "base64 encode signature");

__func__, ssh_err(r));

goto out;

}

if ((r = sshbuf_put(buf, END_SIGNATURE,

sizeof(END_SIGNATURE)-1)) != 0 ||

(r = sshbuf_put_u8(buf, '\n')) != 0) {

error("%s: sshbuf_put failed: %s", __func__, ssh_err(r));

error_fr(r, "sshbuf_put");

goto out;

}

/* success */

Line 94

Line 93

char *b64 = NULL;

if ((sbuf = sshbuf_fromb(sig)) == NULL) {

error("%s: sshbuf_fromb failed", __func__);

error_f("sshbuf_fromb failed");

return SSH_ERR_ALLOC_FAIL;

}

Line 105

Line 104

}

if ((r = sshbuf_consume(sbuf, sizeof(BEGIN_SIGNATURE)-1)) != 0) {

error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r));

error_fr(r, "consume");

goto done;

}

Line 116

Line 115

}

if ((r = sshbuf_consume_end(sbuf, sshbuf_len(sbuf)-eoffset)) != 0) {

error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r));

error_fr(r, "consume");

goto done;

}

if ((b64 = sshbuf_dup_string(sbuf)) == NULL) {

error("%s: sshbuf_dup_string failed", __func__);

error_f("sshbuf_dup_string failed");

r = SSH_ERR_ALLOC_FAIL;

goto done;

}

if ((buf = sshbuf_new()) == NULL) {

error("%s: sshbuf_new() failed", __func__);

error_f("sshbuf_new() failed");

r = SSH_ERR_ALLOC_FAIL;

goto done;

}

if ((r = sshbuf_b64tod(buf, b64)) != 0) {

error("Couldn't decode signature: %s", ssh_err(r));

error_fr(r, "decode base64");

goto done;

}

Line 163

Line 162

if ((tosign = sshbuf_new()) == NULL ||

(blob = sshbuf_new()) == NULL) {

error("%s: sshbuf_new failed", __func__);

error_f("sshbuf_new failed");

r = SSH_ERR_ALLOC_FAIL;

goto done;

}

Line 173

Line 172

(r = sshbuf_put_string(tosign, NULL, 0)) != 0 || /* reserved */

(r = sshbuf_put_cstring(tosign, hashalg)) != 0 ||

(r = sshbuf_put_stringb(tosign, h_message)) != 0) {

error("Couldn't construct message to sign: %s", ssh_err(r));

error_fr(r, "assemble message to sign");

goto done;

}

Line 185

Line 184

if ((r = signer(key, &sig, &slen,

sshbuf_ptr(tosign), sshbuf_len(tosign),

sign_alg, sk_provider, sk_pin, 0, signer_ctx)) != 0) {

error("Couldn't sign message: %s", ssh_err(r));

error_r(r, "Couldn't sign message (signer)");

goto done;

}

} else {

if ((r = sshkey_sign(key, &sig, &slen,

sshbuf_ptr(tosign), sshbuf_len(tosign),

sign_alg, sk_provider, sk_pin, 0)) != 0) {

error("Couldn't sign message: %s", ssh_err(r));

error_r(r, "Couldn't sign message");

goto done;

}

Line 204

Line 203

(r = sshbuf_put_string(blob, NULL, 0)) != 0 || /* reserved */

(r = sshbuf_put_cstring(blob, hashalg)) != 0 ||

(r = sshbuf_put_string(blob, sig, slen)) != 0) {

error("Couldn't populate blob: %s", ssh_err(r));

error_fr(r, "assemble signature object");

goto done;

}

Line 248

Line 247

if (hashalg == NULL ||

match_pattern_list(hashalg, HASHALG_ALLOWED, 0) == 1)

return 0;

error("%s: unsupported hash algorithm \"%.100s\"", __func__, hashalg);

error_f("unsupported hash algorithm \"%.100s\"", hashalg);

return SSH_ERR_SIGN_ALG_UNSUPPORTED;

}

Line 270

Line 269

(r = sshbuf_get_string(buf, NULL, NULL)) != 0 ||

(r = sshbuf_get_cstring(buf, &hashalg, NULL)) != 0 ||

(r = sshbuf_get_string_direct(buf, NULL, NULL)) != 0) {

error("Couldn't parse signature blob: %s", ssh_err(r));

error_fr(r, "parse signature object");

goto done;

}

Line 296

Line 295

char *got_namespace = NULL, *sigtype = NULL, *sig_hashalg = NULL;

size_t siglen;

debug("%s: verify message length %zu", __func__, sshbuf_len(h_message));

debug_f("verify message length %zu", sshbuf_len(h_message));

if (sig_details != NULL)

*sig_details = NULL;

if (sign_keyp != NULL)

*sign_keyp = NULL;

if ((toverify = sshbuf_new()) == NULL) {

error("%s: sshbuf_new failed", __func__);

error_f("sshbuf_new failed");

r = SSH_ERR_ALLOC_FAIL;

goto done;

}

Line 313

Line 312

(r = sshbuf_put_string(toverify, NULL, 0)) != 0 || /* reserved */

(r = sshbuf_put_cstring(toverify, hashalg)) != 0 ||

(r = sshbuf_put_stringb(toverify, h_message)) != 0) {

error("Couldn't construct message to verify: %s", ssh_err(r));

error_fr(r, "assemble message to verify");

goto done;

}

Line 325

Line 324

(r = sshbuf_get_string(signature, NULL, NULL)) != 0 ||

(r = sshbuf_get_cstring(signature, &sig_hashalg, NULL)) != 0 ||

(r = sshbuf_get_string_direct(signature, &sig, &siglen)) != 0) {

error("Couldn't parse signature blob: %s", ssh_err(r));

error_fr(r, "parse signature object");

goto done;

}

Line 337

Line 336

if (strcmp(expect_namespace, got_namespace) != 0) {

error("Couldn't verify signature: namespace does not match");

debug("%s: expected namespace \"%s\" received \"%s\"",

debug_f("expected namespace \"%s\" received \"%s\"",

__func__, expect_namespace, got_namespace);

expect_namespace, got_namespace);

r = SSH_ERR_SIGNATURE_INVALID;

goto done;

}

if (strcmp(hashalg, sig_hashalg) != 0) {

error("Couldn't verify signature: hash algorithm mismatch");

debug("%s: expected algorithm \"%s\" received \"%s\"",

debug_f("expected algorithm \"%s\" received \"%s\"",

__func__, hashalg, sig_hashalg);

hashalg, sig_hashalg);

r = SSH_ERR_SIGNATURE_INVALID;

goto done;

}

/* Ensure that RSA keys use an acceptable signature algorithm */

if (sshkey_type_plain(key->type) == KEY_RSA) {

if ((r = sshkey_get_sigtype(sig, siglen, &sigtype)) != 0) {

error("Couldn't verify signature: unable to get "

error_r(r, "Couldn't verify signature: unable to get "

"signature type: %s", ssh_err(r));

"signature type");

goto done;

}

if (match_pattern_list(sigtype, RSA_SIGN_ALLOWED, 0) != 1) {

Line 365

Line 364

}

if ((r = sshkey_verify(key, sig, siglen, sshbuf_ptr(toverify),

sshbuf_len(toverify), NULL, 0, sig_details)) != 0) {

error("Signature verification failed: %s", ssh_err(r));

error_r(r, "Signature verification failed");

goto done;

}

Line 398

Line 397

if ((r = sshsig_check_hashalg(hashalg)) != 0)

return r;

if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) {

error("%s: can't look up hash algorithm %s",

error_f("can't look up hash algorithm %s", hashalg);

__func__, hashalg);

return SSH_ERR_INTERNAL_ERROR;

}

if ((r = ssh_digest_buffer(alg, m, hash, sizeof(hash))) != 0) {

error("%s: ssh_digest_buffer failed: %s", __func__, ssh_err(r));

error_fr(r, "ssh_digest_buffer");

return r;

}

if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) {

debug3("%s: final hash: %s", __func__, hex);

debug3_f("final hash: %s", hex);

freezero(hex, strlen(hex));

}

if ((b = sshbuf_new()) == NULL) {

Line 415

Line 413

goto out;

}

if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) {

error("%s: sshbuf_put: %s", __func__, ssh_err(r));

error_fr(r, "sshbuf_put");

goto out;

}

*bp = b;

Line 442

Line 440

if (out != NULL)

*out = NULL;

if ((r = hash_buffer(message, hashalg, &b)) != 0) {

error("%s: hash_buffer failed: %s", __func__, ssh_err(r));

error_fr(r, "hash buffer");

goto out;

}

if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, sk_pin, b,

Line 470

Line 468

*sign_keyp = NULL;

if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0)

return r;

debug("%s: signature made with hash \"%s\"", __func__, hashalg);

debug_f("signature made with hash \"%s\"", hashalg);

if ((r = hash_buffer(message, hashalg, &b)) != 0) {

error("%s: hash_buffer failed: %s", __func__, ssh_err(r));

error_fr(r, "hash buffer");

goto out;

}

if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace,

Line 501

Line 499

if ((r = sshsig_check_hashalg(hashalg)) != 0)

return r;

if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) {

error("%s: can't look up hash algorithm %s",

error_f("can't look up hash algorithm %s", hashalg);

__func__, hashalg);

return SSH_ERR_INTERNAL_ERROR;

}

if ((ctx = ssh_digest_start(alg)) == NULL) {

error("%s: ssh_digest_start failed", __func__);

error_f("ssh_digest_start failed");

return SSH_ERR_INTERNAL_ERROR;

}

for (;;) {

Line 514

Line 511

if (errno == EINTR || errno == EAGAIN)

continue;

oerrno = errno;

error("%s: read: %s", __func__, strerror(errno));

error_f("read: %s", strerror(errno));

ssh_digest_free(ctx);

errno = oerrno;

r = SSH_ERR_SYSTEM_ERROR;

goto out;

} else if (n == 0) {

debug2("%s: hashed %zu bytes", __func__, total);

debug2_f("hashed %zu bytes", total);

break; /* EOF */

}

total += (size_t)n;

if ((r = ssh_digest_update(ctx, rbuf, (size_t)n)) != 0) {

error("%s: ssh_digest_update: %s",

error_fr(r, "ssh_digest_update");

__func__, ssh_err(r));

goto out;

}

if ((r = ssh_digest_final(ctx, hash, sizeof(hash))) != 0) {

error("%s: ssh_digest_final: %s", __func__, ssh_err(r));

error_fr(r, "ssh_digest_final");

goto out;

}

if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) {

debug3("%s: final hash: %s", __func__, hex);

debug3_f("final hash: %s", hex);

freezero(hex, strlen(hex));

}

if ((b = sshbuf_new()) == NULL) {

Line 543

Line 539

goto out;

}

if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) {

error("%s: sshbuf_put: %s", __func__, ssh_err(r));

error_fr(r, "sshbuf_put");

goto out;

}

*bp = b;

Line 571

Line 567

if (out != NULL)

*out = NULL;

if ((r = hash_file(fd, hashalg, &b)) != 0) {

error("%s: hash_file failed: %s", __func__, ssh_err(r));

error_fr(r, "hash_file");

return r;

}

if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, sk_pin, b,

Line 599

Line 595

*sign_keyp = NULL;

if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0)

return r;

debug("%s: signature made with hash \"%s\"", __func__, hashalg);

debug_f("signature made with hash \"%s\"", hashalg);

if ((r = hash_file(fd, hashalg, &b)) != 0) {

error("%s: hash_file failed: %s", __func__, ssh_err(r));

error_fr(r, "hash_file");

goto out;

}

if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace,

Line 711

Line 707

goto out;

}

if ((principals = strdup(tmp)) == NULL) {

error("%s: strdup failed", __func__);

error_f("strdup failed");

r = SSH_ERR_ALLOC_FAIL;

goto out;

}

Line 726

Line 722

r = SSH_ERR_KEY_NOT_FOUND;

goto out;

}

debug("%s: %s:%lu: matched principal \"%s\"",

debug_f("%s:%lu: matched principal \"%s\"",

__func__, path, linenum, required_principal);

path, linenum, required_principal);

}

if ((key = sshkey_new(KEY_UNSPEC)) == NULL) {

error("%s: sshkey_new failed", __func__);

error_f("sshkey_new failed");

r = SSH_ERR_ALLOC_FAIL;

goto out;

}

Line 902

Line 898

}

if ((r = sshbuf_putf(nprincipals, "%s%s",

sshbuf_len(nprincipals) != 0 ? "," : "", cp)) != 0) {

error("%s: buffer error", __func__);

error_f("buffer error");

goto out;

}

Line 912

Line 908

goto out;

}

if ((principals = sshbuf_dup_string(nprincipals)) == NULL) {

error("%s: buffer error", __func__);

error_f("buffer error");

goto out;

}

/* success */

Line 954

Line 950

if ((r = cert_filter_principals(path, linenum,

&principals, sign_key)) != 0) {

/* error already displayed */

debug("%s:%lu: cert_filter_principals: %s",

debug_r(r, "%s:%lu: cert_filter_principals",

path, linenum, ssh_err(r));

path, linenum);

goto done;

}

debug("%s:%lu: matched certificate CA key", path, linenum);