aboutsummaryrefslogtreecommitdiff
path: root/crypto/openssh/sshbuf-getput-crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssh/sshbuf-getput-crypto.c')
-rw-r--r--crypto/openssh/sshbuf-getput-crypto.c76
1 files changed, 16 insertions, 60 deletions
diff --git a/crypto/openssh/sshbuf-getput-crypto.c b/crypto/openssh/sshbuf-getput-crypto.c
index d0d791b50a34..2e61d3bcd809 100644
--- a/crypto/openssh/sshbuf-getput-crypto.c
+++ b/crypto/openssh/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $ */
+/* $OpenBSD: sshbuf-getput-crypto.c,v 1.8 2019/11/15 06:00:20 djm Exp $ */
/*
* Copyright (c) 2011 Damien Miller
*
@@ -23,6 +23,7 @@
#include <stdio.h>
#include <string.h>
+#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#ifdef OPENSSL_HAS_ECC
# include <openssl/ec.h>
@@ -32,41 +33,24 @@
#include "sshbuf.h"
int
-sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v)
+sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM **valp)
{
+ BIGNUM *v;
const u_char *d;
size_t len;
int r;
+ if (valp != NULL)
+ *valp = NULL;
if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0)
return r;
- if (v != NULL && BN_bin2bn(d, len, v) == NULL)
- return SSH_ERR_ALLOC_FAIL;
- return 0;
-}
-
-int
-sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v)
-{
- const u_char *d = sshbuf_ptr(buf);
- u_int16_t len_bits;
- size_t len_bytes;
-
- /* Length in bits */
- if (sshbuf_len(buf) < 2)
- return SSH_ERR_MESSAGE_INCOMPLETE;
- len_bits = PEEK_U16(d);
- len_bytes = (len_bits + 7) >> 3;
- if (len_bytes > SSHBUF_MAX_BIGNUM)
- return SSH_ERR_BIGNUM_TOO_LARGE;
- if (sshbuf_len(buf) < 2 + len_bytes)
- return SSH_ERR_MESSAGE_INCOMPLETE;
- if (v != NULL && BN_bin2bn(d + 2, len_bytes, v) == NULL)
- return SSH_ERR_ALLOC_FAIL;
- if (sshbuf_consume(buf, 2 + len_bytes) != 0) {
- SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
- SSHBUF_ABORT();
- return SSH_ERR_INTERNAL_ERROR;
+ if (valp != NULL) {
+ if ((v = BN_new()) == NULL ||
+ BN_bin2bn(d, len, v) == NULL) {
+ BN_clear_free(v);
+ return SSH_ERR_ALLOC_FAIL;
+ }
+ *valp = v;
}
return 0;
}
@@ -165,50 +149,22 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v)
return 0;
}
-int
-sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v)
-{
- int r, len_bits = BN_num_bits(v);
- size_t len_bytes = (len_bits + 7) / 8;
- u_char d[SSHBUF_MAX_BIGNUM], *dp;
-
- if (len_bits < 0 || len_bytes > SSHBUF_MAX_BIGNUM)
- return SSH_ERR_INVALID_ARGUMENT;
- if (BN_bn2bin(v, d) != (int)len_bytes)
- return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
- if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {
- explicit_bzero(d, sizeof(d));
- return r;
- }
- POKE_U16(dp, len_bits);
- if (len_bytes != 0)
- memcpy(dp + 2, d, len_bytes);
- explicit_bzero(d, sizeof(d));
- return 0;
-}
-
#ifdef OPENSSL_HAS_ECC
int
sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g)
{
u_char d[SSHBUF_MAX_ECPOINT];
- BN_CTX *bn_ctx;
size_t len;
int ret;
- if ((bn_ctx = BN_CTX_new()) == NULL)
- return SSH_ERR_ALLOC_FAIL;
if ((len = EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED,
- NULL, 0, bn_ctx)) > SSHBUF_MAX_ECPOINT) {
- BN_CTX_free(bn_ctx);
+ NULL, 0, NULL)) > SSHBUF_MAX_ECPOINT) {
return SSH_ERR_INVALID_ARGUMENT;
}
if (EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED,
- d, len, bn_ctx) != len) {
- BN_CTX_free(bn_ctx);
+ d, len, NULL) != len) {
return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
}
- BN_CTX_free(bn_ctx);
ret = sshbuf_put_string(buf, d, len);
explicit_bzero(d, len);
return ret;
@@ -221,4 +177,4 @@ sshbuf_put_eckey(struct sshbuf *buf, const EC_KEY *v)
EC_KEY_get0_group(v));
}
#endif /* OPENSSL_HAS_ECC */
-
+#endif /* WITH_OPENSSL */
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-10 16:33:59 +0000