=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshsig.c,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- src/usr.bin/ssh/sshsig.c 2020/08/31 00:17:41 1.17 +++ src/usr.bin/ssh/sshsig.c 2020/10/18 11:32:02 1.18 @@ -1,4 +1,4 @@ -/* $OpenBSD: sshsig.c,v 1.17 2020/08/31 00:17:41 djm Exp $ */ +/* $OpenBSD: sshsig.c,v 1.18 2020/10/18 11:32:02 djm Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -52,27 +52,26 @@ *out = NULL; if ((buf = sshbuf_new()) == NULL) { - error("%s: sshbuf_new failed", __func__); + error_f("sshbuf_new failed"); r = SSH_ERR_ALLOC_FAIL; goto out; } if ((r = sshbuf_put(buf, BEGIN_SIGNATURE, sizeof(BEGIN_SIGNATURE)-1)) != 0) { - error("%s: sshbuf_putf failed: %s", __func__, ssh_err(r)); + error_fr(r, "sshbuf_putf"); goto out; } if ((r = sshbuf_dtob64(blob, buf, 1)) != 0) { - error("%s: Couldn't base64 encode signature blob: %s", - __func__, ssh_err(r)); + error_fr(r, "base64 encode signature"); goto out; } if ((r = sshbuf_put(buf, END_SIGNATURE, sizeof(END_SIGNATURE)-1)) != 0 || (r = sshbuf_put_u8(buf, '\n')) != 0) { - error("%s: sshbuf_put failed: %s", __func__, ssh_err(r)); + error_fr(r, "sshbuf_put"); goto out; } /* success */ @@ -94,7 +93,7 @@ char *b64 = NULL; if ((sbuf = sshbuf_fromb(sig)) == NULL) { - error("%s: sshbuf_fromb failed", __func__); + error_f("sshbuf_fromb failed"); return SSH_ERR_ALLOC_FAIL; } @@ -105,7 +104,7 @@ } if ((r = sshbuf_consume(sbuf, sizeof(BEGIN_SIGNATURE)-1)) != 0) { - error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r)); + error_fr(r, "consume"); goto done; } @@ -116,24 +115,24 @@ } if ((r = sshbuf_consume_end(sbuf, sshbuf_len(sbuf)-eoffset)) != 0) { - error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r)); + error_fr(r, "consume"); goto done; } if ((b64 = sshbuf_dup_string(sbuf)) == NULL) { - error("%s: sshbuf_dup_string failed", __func__); + error_f("sshbuf_dup_string failed"); r = SSH_ERR_ALLOC_FAIL; goto done; } if ((buf = sshbuf_new()) == NULL) { - error("%s: sshbuf_new() failed", __func__); + error_f("sshbuf_new() failed"); r = SSH_ERR_ALLOC_FAIL; goto done; } if ((r = sshbuf_b64tod(buf, b64)) != 0) { - error("Couldn't decode signature: %s", ssh_err(r)); + error_fr(r, "decode base64"); goto done; } @@ -163,7 +162,7 @@ if ((tosign = sshbuf_new()) == NULL || (blob = sshbuf_new()) == NULL) { - error("%s: sshbuf_new failed", __func__); + error_f("sshbuf_new failed"); r = SSH_ERR_ALLOC_FAIL; goto done; } @@ -173,7 +172,7 @@ (r = sshbuf_put_string(tosign, NULL, 0)) != 0 || /* reserved */ (r = sshbuf_put_cstring(tosign, hashalg)) != 0 || (r = sshbuf_put_stringb(tosign, h_message)) != 0) { - error("Couldn't construct message to sign: %s", ssh_err(r)); + error_fr(r, "assemble message to sign"); goto done; } @@ -185,14 +184,14 @@ if ((r = signer(key, &sig, &slen, sshbuf_ptr(tosign), sshbuf_len(tosign), sign_alg, sk_provider, sk_pin, 0, signer_ctx)) != 0) { - error("Couldn't sign message: %s", ssh_err(r)); + error_r(r, "Couldn't sign message (signer)"); goto done; } } else { if ((r = sshkey_sign(key, &sig, &slen, sshbuf_ptr(tosign), sshbuf_len(tosign), sign_alg, sk_provider, sk_pin, 0)) != 0) { - error("Couldn't sign message: %s", ssh_err(r)); + error_r(r, "Couldn't sign message"); goto done; } } @@ -204,7 +203,7 @@ (r = sshbuf_put_string(blob, NULL, 0)) != 0 || /* reserved */ (r = sshbuf_put_cstring(blob, hashalg)) != 0 || (r = sshbuf_put_string(blob, sig, slen)) != 0) { - error("Couldn't populate blob: %s", ssh_err(r)); + error_fr(r, "assemble signature object"); goto done; } @@ -248,7 +247,7 @@ if (hashalg == NULL || match_pattern_list(hashalg, HASHALG_ALLOWED, 0) == 1) return 0; - error("%s: unsupported hash algorithm \"%.100s\"", __func__, hashalg); + error_f("unsupported hash algorithm \"%.100s\"", hashalg); return SSH_ERR_SIGN_ALG_UNSUPPORTED; } @@ -270,7 +269,7 @@ (r = sshbuf_get_string(buf, NULL, NULL)) != 0 || (r = sshbuf_get_cstring(buf, &hashalg, NULL)) != 0 || (r = sshbuf_get_string_direct(buf, NULL, NULL)) != 0) { - error("Couldn't parse signature blob: %s", ssh_err(r)); + error_fr(r, "parse signature object"); goto done; } @@ -296,14 +295,14 @@ char *got_namespace = NULL, *sigtype = NULL, *sig_hashalg = NULL; size_t siglen; - debug("%s: verify message length %zu", __func__, sshbuf_len(h_message)); + debug_f("verify message length %zu", sshbuf_len(h_message)); if (sig_details != NULL) *sig_details = NULL; if (sign_keyp != NULL) *sign_keyp = NULL; if ((toverify = sshbuf_new()) == NULL) { - error("%s: sshbuf_new failed", __func__); + error_f("sshbuf_new failed"); r = SSH_ERR_ALLOC_FAIL; goto done; } @@ -313,7 +312,7 @@ (r = sshbuf_put_string(toverify, NULL, 0)) != 0 || /* reserved */ (r = sshbuf_put_cstring(toverify, hashalg)) != 0 || (r = sshbuf_put_stringb(toverify, h_message)) != 0) { - error("Couldn't construct message to verify: %s", ssh_err(r)); + error_fr(r, "assemble message to verify"); goto done; } @@ -325,7 +324,7 @@ (r = sshbuf_get_string(signature, NULL, NULL)) != 0 || (r = sshbuf_get_cstring(signature, &sig_hashalg, NULL)) != 0 || (r = sshbuf_get_string_direct(signature, &sig, &siglen)) != 0) { - error("Couldn't parse signature blob: %s", ssh_err(r)); + error_fr(r, "parse signature object"); goto done; } @@ -337,23 +336,23 @@ if (strcmp(expect_namespace, got_namespace) != 0) { error("Couldn't verify signature: namespace does not match"); - debug("%s: expected namespace \"%s\" received \"%s\"", - __func__, expect_namespace, got_namespace); + debug_f("expected namespace \"%s\" received \"%s\"", + expect_namespace, got_namespace); r = SSH_ERR_SIGNATURE_INVALID; goto done; } if (strcmp(hashalg, sig_hashalg) != 0) { error("Couldn't verify signature: hash algorithm mismatch"); - debug("%s: expected algorithm \"%s\" received \"%s\"", - __func__, hashalg, sig_hashalg); + debug_f("expected algorithm \"%s\" received \"%s\"", + hashalg, sig_hashalg); r = SSH_ERR_SIGNATURE_INVALID; goto done; } /* Ensure that RSA keys use an acceptable signature algorithm */ if (sshkey_type_plain(key->type) == KEY_RSA) { if ((r = sshkey_get_sigtype(sig, siglen, &sigtype)) != 0) { - error("Couldn't verify signature: unable to get " - "signature type: %s", ssh_err(r)); + error_r(r, "Couldn't verify signature: unable to get " + "signature type"); goto done; } if (match_pattern_list(sigtype, RSA_SIGN_ALLOWED, 0) != 1) { @@ -365,7 +364,7 @@ } if ((r = sshkey_verify(key, sig, siglen, sshbuf_ptr(toverify), sshbuf_len(toverify), NULL, 0, sig_details)) != 0) { - error("Signature verification failed: %s", ssh_err(r)); + error_r(r, "Signature verification failed"); goto done; } @@ -398,16 +397,15 @@ if ((r = sshsig_check_hashalg(hashalg)) != 0) return r; if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) { - error("%s: can't look up hash algorithm %s", - __func__, hashalg); + error_f("can't look up hash algorithm %s", hashalg); return SSH_ERR_INTERNAL_ERROR; } if ((r = ssh_digest_buffer(alg, m, hash, sizeof(hash))) != 0) { - error("%s: ssh_digest_buffer failed: %s", __func__, ssh_err(r)); + error_fr(r, "ssh_digest_buffer"); return r; } if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) { - debug3("%s: final hash: %s", __func__, hex); + debug3_f("final hash: %s", hex); freezero(hex, strlen(hex)); } if ((b = sshbuf_new()) == NULL) { @@ -415,7 +413,7 @@ goto out; } if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) { - error("%s: sshbuf_put: %s", __func__, ssh_err(r)); + error_fr(r, "sshbuf_put"); goto out; } *bp = b; @@ -442,7 +440,7 @@ if (out != NULL) *out = NULL; if ((r = hash_buffer(message, hashalg, &b)) != 0) { - error("%s: hash_buffer failed: %s", __func__, ssh_err(r)); + error_fr(r, "hash buffer"); goto out; } if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, sk_pin, b, @@ -470,9 +468,9 @@ *sign_keyp = NULL; if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0) return r; - debug("%s: signature made with hash \"%s\"", __func__, hashalg); + debug_f("signature made with hash \"%s\"", hashalg); if ((r = hash_buffer(message, hashalg, &b)) != 0) { - error("%s: hash_buffer failed: %s", __func__, ssh_err(r)); + error_fr(r, "hash buffer"); goto out; } if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace, @@ -501,12 +499,11 @@ if ((r = sshsig_check_hashalg(hashalg)) != 0) return r; if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) { - error("%s: can't look up hash algorithm %s", - __func__, hashalg); + error_f("can't look up hash algorithm %s", hashalg); return SSH_ERR_INTERNAL_ERROR; } if ((ctx = ssh_digest_start(alg)) == NULL) { - error("%s: ssh_digest_start failed", __func__); + error_f("ssh_digest_start failed"); return SSH_ERR_INTERNAL_ERROR; } for (;;) { @@ -514,28 +511,27 @@ if (errno == EINTR || errno == EAGAIN) continue; oerrno = errno; - error("%s: read: %s", __func__, strerror(errno)); + error_f("read: %s", strerror(errno)); ssh_digest_free(ctx); errno = oerrno; r = SSH_ERR_SYSTEM_ERROR; goto out; } else if (n == 0) { - debug2("%s: hashed %zu bytes", __func__, total); + debug2_f("hashed %zu bytes", total); break; /* EOF */ } total += (size_t)n; if ((r = ssh_digest_update(ctx, rbuf, (size_t)n)) != 0) { - error("%s: ssh_digest_update: %s", - __func__, ssh_err(r)); + error_fr(r, "ssh_digest_update"); goto out; } } if ((r = ssh_digest_final(ctx, hash, sizeof(hash))) != 0) { - error("%s: ssh_digest_final: %s", __func__, ssh_err(r)); + error_fr(r, "ssh_digest_final"); goto out; } if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) { - debug3("%s: final hash: %s", __func__, hex); + debug3_f("final hash: %s", hex); freezero(hex, strlen(hex)); } if ((b = sshbuf_new()) == NULL) { @@ -543,7 +539,7 @@ goto out; } if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) { - error("%s: sshbuf_put: %s", __func__, ssh_err(r)); + error_fr(r, "sshbuf_put"); goto out; } *bp = b; @@ -571,7 +567,7 @@ if (out != NULL) *out = NULL; if ((r = hash_file(fd, hashalg, &b)) != 0) { - error("%s: hash_file failed: %s", __func__, ssh_err(r)); + error_fr(r, "hash_file"); return r; } if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, sk_pin, b, @@ -599,9 +595,9 @@ *sign_keyp = NULL; if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0) return r; - debug("%s: signature made with hash \"%s\"", __func__, hashalg); + debug_f("signature made with hash \"%s\"", hashalg); if ((r = hash_file(fd, hashalg, &b)) != 0) { - error("%s: hash_file failed: %s", __func__, ssh_err(r)); + error_fr(r, "hash_file"); goto out; } if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace, @@ -711,7 +707,7 @@ goto out; } if ((principals = strdup(tmp)) == NULL) { - error("%s: strdup failed", __func__); + error_f("strdup failed"); r = SSH_ERR_ALLOC_FAIL; goto out; } @@ -726,12 +722,12 @@ r = SSH_ERR_KEY_NOT_FOUND; goto out; } - debug("%s: %s:%lu: matched principal \"%s\"", - __func__, path, linenum, required_principal); + debug_f("%s:%lu: matched principal \"%s\"", + path, linenum, required_principal); } if ((key = sshkey_new(KEY_UNSPEC)) == NULL) { - error("%s: sshkey_new failed", __func__); + error_f("sshkey_new failed"); r = SSH_ERR_ALLOC_FAIL; goto out; } @@ -902,7 +898,7 @@ } if ((r = sshbuf_putf(nprincipals, "%s%s", sshbuf_len(nprincipals) != 0 ? "," : "", cp)) != 0) { - error("%s: buffer error", __func__); + error_f("buffer error"); goto out; } } @@ -912,7 +908,7 @@ goto out; } if ((principals = sshbuf_dup_string(nprincipals)) == NULL) { - error("%s: buffer error", __func__); + error_f("buffer error"); goto out; } /* success */ @@ -954,8 +950,8 @@ if ((r = cert_filter_principals(path, linenum, &principals, sign_key)) != 0) { /* error already displayed */ - debug("%s:%lu: cert_filter_principals: %s", - path, linenum, ssh_err(r)); + debug_r(r, "%s:%lu: cert_filter_principals", + path, linenum); goto done; } debug("%s:%lu: matched certificate CA key", path, linenum);