File: | src/usr.bin/ssh/ssh-keysign/../ssh-ed25519.c |
Warning: | line 56, column 7 Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: ssh-ed25519.c,v 1.9 2020/10/18 11:32:02 djm Exp $ */ |
2 | /* |
3 | * Copyright (c) 2013 Markus Friedl <markus@openbsd.org> |
4 | * |
5 | * Permission to use, copy, modify, and distribute this software for any |
6 | * purpose with or without fee is hereby granted, provided that the above |
7 | * copyright notice and this permission notice appear in all copies. |
8 | * |
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | */ |
17 | #define SSHKEY_INTERNAL |
18 | #include <sys/types.h> |
19 | #include <limits.h> |
20 | |
21 | #include "crypto_api.h" |
22 | |
23 | #include <string.h> |
24 | #include <stdarg.h> |
25 | |
26 | #include "log.h" |
27 | #include "sshbuf.h" |
28 | #include "sshkey.h" |
29 | #include "ssherr.h" |
30 | #include "ssh.h" |
31 | |
32 | int |
33 | ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, |
34 | const u_char *data, size_t datalen, u_int compat) |
35 | { |
36 | u_char *sig = NULL((void *)0); |
37 | size_t slen = 0, len; |
38 | unsigned long long smlen; |
39 | int r, ret; |
40 | struct sshbuf *b = NULL((void *)0); |
41 | |
42 | if (lenp != NULL((void *)0)) |
43 | *lenp = 0; |
44 | if (sigp != NULL((void *)0)) |
45 | *sigp = NULL((void *)0); |
46 | |
47 | if (key == NULL((void *)0) || |
48 | sshkey_type_plain(key->type) != KEY_ED25519 || |
49 | key->ed25519_sk == NULL((void *)0) || |
50 | datalen >= INT_MAX2147483647 - crypto_sign_ed25519_BYTES64U) |
51 | return SSH_ERR_INVALID_ARGUMENT-10; |
52 | smlen = slen = datalen + crypto_sign_ed25519_BYTES64U; |
53 | if ((sig = malloc(slen)) == NULL((void *)0)) |
54 | return SSH_ERR_ALLOC_FAIL-2; |
55 | |
56 | if ((ret = crypto_sign_ed25519(sig, &smlen, data, datalen, |
Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret' | |
57 | key->ed25519_sk)) != 0 || smlen <= datalen) { |
58 | r = SSH_ERR_INVALID_ARGUMENT-10; /* XXX better error? */ |
59 | goto out; |
60 | } |
61 | /* encode signature */ |
62 | if ((b = sshbuf_new()) == NULL((void *)0)) { |
63 | r = SSH_ERR_ALLOC_FAIL-2; |
64 | goto out; |
65 | } |
66 | if ((r = sshbuf_put_cstring(b, "ssh-ed25519")) != 0 || |
67 | (r = sshbuf_put_string(b, sig, smlen - datalen)) != 0) |
68 | goto out; |
69 | len = sshbuf_len(b); |
70 | if (sigp != NULL((void *)0)) { |
71 | if ((*sigp = malloc(len)) == NULL((void *)0)) { |
72 | r = SSH_ERR_ALLOC_FAIL-2; |
73 | goto out; |
74 | } |
75 | memcpy(*sigp, sshbuf_ptr(b), len); |
76 | } |
77 | if (lenp != NULL((void *)0)) |
78 | *lenp = len; |
79 | /* success */ |
80 | r = 0; |
81 | out: |
82 | sshbuf_free(b); |
83 | if (sig != NULL((void *)0)) |
84 | freezero(sig, slen); |
85 | |
86 | return r; |
87 | } |
88 | |
89 | int |
90 | ssh_ed25519_verify(const struct sshkey *key, |
91 | const u_char *signature, size_t signaturelen, |
92 | const u_char *data, size_t datalen, u_int compat) |
93 | { |
94 | struct sshbuf *b = NULL((void *)0); |
95 | char *ktype = NULL((void *)0); |
96 | const u_char *sigblob; |
97 | u_char *sm = NULL((void *)0), *m = NULL((void *)0); |
98 | size_t len; |
99 | unsigned long long smlen = 0, mlen = 0; |
100 | int r, ret; |
101 | |
102 | if (key == NULL((void *)0) || |
103 | sshkey_type_plain(key->type) != KEY_ED25519 || |
104 | key->ed25519_pk == NULL((void *)0) || |
105 | datalen >= INT_MAX2147483647 - crypto_sign_ed25519_BYTES64U || |
106 | signature == NULL((void *)0) || signaturelen == 0) |
107 | return SSH_ERR_INVALID_ARGUMENT-10; |
108 | |
109 | if ((b = sshbuf_from(signature, signaturelen)) == NULL((void *)0)) |
110 | return SSH_ERR_ALLOC_FAIL-2; |
111 | if ((r = sshbuf_get_cstring(b, &ktype, NULL((void *)0))) != 0 || |
112 | (r = sshbuf_get_string_direct(b, &sigblob, &len)) != 0) |
113 | goto out; |
114 | if (strcmp("ssh-ed25519", ktype) != 0) { |
115 | r = SSH_ERR_KEY_TYPE_MISMATCH-13; |
116 | goto out; |
117 | } |
118 | if (sshbuf_len(b) != 0) { |
119 | r = SSH_ERR_UNEXPECTED_TRAILING_DATA-23; |
120 | goto out; |
121 | } |
122 | if (len > crypto_sign_ed25519_BYTES64U) { |
123 | r = SSH_ERR_INVALID_FORMAT-4; |
124 | goto out; |
125 | } |
126 | if (datalen >= SIZE_MAX0xffffffffffffffffUL - len) { |
127 | r = SSH_ERR_INVALID_ARGUMENT-10; |
128 | goto out; |
129 | } |
130 | smlen = len + datalen; |
131 | mlen = smlen; |
132 | if ((sm = malloc(smlen)) == NULL((void *)0) || (m = malloc(mlen)) == NULL((void *)0)) { |
133 | r = SSH_ERR_ALLOC_FAIL-2; |
134 | goto out; |
135 | } |
136 | memcpy(sm, sigblob, len); |
137 | memcpy(sm+len, data, datalen); |
138 | if ((ret = crypto_sign_ed25519_open(m, &mlen, sm, smlen, |
139 | key->ed25519_pk)) != 0) { |
140 | debug2_f("crypto_sign_ed25519_open failed: %d", ret)sshlog("/usr/src/usr.bin/ssh/ssh-keysign/../ssh-ed25519.c", __func__ , 140, 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "crypto_sign_ed25519_open failed: %d" , ret); |
141 | } |
142 | if (ret != 0 || mlen != datalen) { |
143 | r = SSH_ERR_SIGNATURE_INVALID-21; |
144 | goto out; |
145 | } |
146 | /* XXX compare 'm' and 'data' ? */ |
147 | /* success */ |
148 | r = 0; |
149 | out: |
150 | if (sm != NULL((void *)0)) |
151 | freezero(sm, smlen); |
152 | if (m != NULL((void *)0)) |
153 | freezero(m, smlen); /* NB mlen may be invalid if r != 0 */ |
154 | sshbuf_free(b); |
155 | free(ktype); |
156 | return r; |
157 | } |