tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: pkcs11: switch to sshbuf API; ok djm@ 

OpenBSD-Commit-ID: 98cc4e800f1617c51caf59a6cb3006f14492db79
This commit is contained in:
markus@openbsd.org 2018-07-09 20:39:28 +00:00 committed by Damien Miller
parent 168b46f405
commit ff55f4ad89
1 changed files with 79 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
ssh-pkcs11-client.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-pkcs11-client.c,v 1.8 2018/02/05 05:37:46 tb Exp $ */ /* $OpenBSD: ssh-pkcs11-client.c,v 1.9 2018/07/09 20:39:28 markus Exp $ */
/* /*
* Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2010 Markus Friedl. All rights reserved.
* *
@ -34,13 +34,14 @@
#include "pathnames.h" #include "pathnames.h"
#include "xmalloc.h" #include "xmalloc.h"
#include "buffer.h" #include "sshbuf.h"
#include "log.h" #include "log.h"
#include "misc.h" #include "misc.h"
#include "key.h" #include "sshkey.h"
#include "authfd.h" #include "authfd.h"
#include "atomicio.h" #include "atomicio.h"
#include "ssh-pkcs11.h" #include "ssh-pkcs11.h"
#include "ssherr.h"
/* borrows code from sftp-server and ssh-agent */ /* borrows code from sftp-server and ssh-agent */
@ -48,34 +49,37 @@ int fd = -1;
pid_t pid = -1; pid_t pid = -1;
static void static void
send_msg(Buffer *m) send_msg(struct sshbuf *m)
{ {
u_char buf[4]; u_char buf[4];
int mlen = buffer_len(m); size_t mlen = sshbuf_len(m);
int r;
put_u32(buf, mlen); POKE_U32(buf, mlen);
if (atomicio(vwrite, fd, buf, 4) != 4 || if (atomicio(vwrite, fd, buf, 4) != 4 ||
atomicio(vwrite, fd, buffer_ptr(m), atomicio(vwrite, fd, (u_char *)sshbuf_ptr(m),
buffer_len(m)) != buffer_len(m)) sshbuf_len(m)) != sshbuf_len(m))
error("write to helper failed"); error("write to helper failed");
buffer_consume(m, mlen); if ((r = sshbuf_consume(m, mlen)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
} }
static int static int
recv_msg(Buffer *m) recv_msg(struct sshbuf *m)
{ {
u_int l, len; u_int l, len;
u_char buf[1024]; u_char c, buf[1024];
int r;
if ((len = atomicio(read, fd, buf, 4)) != 4) { if ((len = atomicio(read, fd, buf, 4)) != 4) {
error("read from helper failed: %u", len); error("read from helper failed: %u", len);
return (0); /* XXX */ return (0); /* XXX */
} }
len = get_u32(buf); len = PEEK_U32(buf);
if (len > 256 * 1024) if (len > 256 * 1024)
fatal("response too long: %u", len); fatal("response too long: %u", len);
/* read len bytes into m */ /* read len bytes into m */
buffer_clear(m); sshbuf_reset(m);
while (len > 0) { while (len > 0) {
l = len; l = len;
if (l > sizeof(buf)) if (l > sizeof(buf))
@ -84,10 +88,13 @@ recv_msg(Buffer *m)
error("response from helper failed."); error("response from helper failed.");
return (0); /* XXX */ return (0); /* XXX */
} }
buffer_append(m, buf, l); if ((r = sshbuf_put(m, buf, l)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
len -= l; len -= l;
} }
return (buffer_get_char(m)); if ((r = sshbuf_get_u8(m, &c)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
return c;
} }
int int
@ -109,34 +116,39 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
{ {
struct sshkey key; /* XXX */ struct sshkey key; /* XXX */
u_char *blob, *signature = NULL; u_char *blob, *signature = NULL;
u_int blen, slen = 0; size_t blen, slen = 0;
int ret = -1; int r, ret = -1;
Buffer msg; struct sshbuf *msg;
if (padding != RSA_PKCS1_PADDING) if (padding != RSA_PKCS1_PADDING)
return (-1); return (-1);
key.type = KEY_RSA; key.type = KEY_RSA;
key.rsa = rsa; key.rsa = rsa;
if (key_to_blob(&key, &blob, &blen) == 0) if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) {
error("%s: sshkey_to_blob: %s", __func__, ssh_err(r));
return -1; return -1;
buffer_init(&msg); }
buffer_put_char(&msg, SSH2_AGENTC_SIGN_REQUEST); if ((msg = sshbuf_new()) == NULL)
buffer_put_string(&msg, blob, blen); fatal("%s: sshbuf_new failed", __func__);
buffer_put_string(&msg, from, flen); if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
buffer_put_int(&msg, 0); (r = sshbuf_put_string(msg, blob, blen)) != 0 ||
(r = sshbuf_put_string(msg, from, flen)) != 0 ||
(r = sshbuf_put_u32(msg, 0)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
free(blob); free(blob);
send_msg(&msg); send_msg(msg);
buffer_clear(&msg); sshbuf_reset(msg);
if (recv_msg(&msg) == SSH2_AGENT_SIGN_RESPONSE) { if (recv_msg(msg) == SSH2_AGENT_SIGN_RESPONSE) {
signature = buffer_get_string(&msg, &slen); if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0)
if (slen <= (u_int)RSA_size(rsa)) { fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (slen <= (size_t)RSA_size(rsa)) {
memcpy(to, signature, slen); memcpy(to, signature, slen);
ret = slen; ret = slen;
} }
free(signature); free(signature);
} }
buffer_free(&msg); sshbuf_free(msg);
return (ret); return (ret);
} }
@ -185,31 +197,39 @@ pkcs11_start_helper(void)
} }
int int
pkcs11_add_provider(char *name, char *pin, Key ***keysp) pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp)
{ {
struct sshkey *k; struct sshkey *k;
int i, nkeys; int r;
u_char *blob; u_char *blob;
u_int blen; size_t blen;
Buffer msg; u_int nkeys, i;
struct sshbuf *msg;
if (fd < 0 && pkcs11_start_helper() < 0) if (fd < 0 && pkcs11_start_helper() < 0)
return (-1); return (-1);
buffer_init(&msg); if ((msg = sshbuf_new()) == NULL)
buffer_put_char(&msg, SSH_AGENTC_ADD_SMARTCARD_KEY); fatal("%s: sshbuf_new failed", __func__);
buffer_put_cstring(&msg, name); if ((r = sshbuf_put_u8(msg, SSH_AGENTC_ADD_SMARTCARD_KEY)) != 0 ||
buffer_put_cstring(&msg, pin); (r = sshbuf_put_cstring(msg, name)) != 0 ||
send_msg(&msg); (r = sshbuf_put_cstring(msg, pin)) != 0)
buffer_clear(&msg); fatal("%s: buffer error: %s", __func__, ssh_err(r));
send_msg(msg);
sshbuf_reset(msg);
if (recv_msg(&msg) == SSH2_AGENT_IDENTITIES_ANSWER) { if (recv_msg(msg) == SSH2_AGENT_IDENTITIES_ANSWER) {
nkeys = buffer_get_int(&msg); if ((r = sshbuf_get_u32(msg, &nkeys)) != 0)
*keysp = xcalloc(nkeys, sizeof(Key *)); fatal("%s: buffer error: %s", __func__, ssh_err(r));
*keysp = xcalloc(nkeys, sizeof(struct sshkey *));
for (i = 0; i < nkeys; i++) { for (i = 0; i < nkeys; i++) {
blob = buffer_get_string(&msg, &blen); /* XXX clean up properly instead of fatal() */
free(buffer_get_string(&msg, NULL)); if ((r = sshbuf_get_string(msg, &blob, &blen)) != 0 ||
k = key_from_blob(blob, blen); (r = sshbuf_skip_string(msg)) != 0)
fatal("%s: buffer error: %s",
__func__, ssh_err(r));
if ((r = sshkey_from_blob(blob, blen, &k)) != 0)
fatal("%s: bad key: %s", __func__, ssh_err(r));
wrap_key(k->rsa); wrap_key(k->rsa);
(*keysp)[i] = k; (*keysp)[i] = k;
free(blob); free(blob);
@ -217,26 +237,28 @@ pkcs11_add_provider(char *name, char *pin, Key ***keysp)
} else { } else {
nkeys = -1; nkeys = -1;
} }
buffer_free(&msg); sshbuf_free(msg);
return (nkeys); return (nkeys);
} }
int int
pkcs11_del_provider(char *name) pkcs11_del_provider(char *name)
{ {
int ret = -1; int r, ret = -1;
Buffer msg; struct sshbuf *msg;
buffer_init(&msg); if ((msg = sshbuf_new()) == NULL)
buffer_put_char(&msg, SSH_AGENTC_REMOVE_SMARTCARD_KEY); fatal("%s: sshbuf_new failed", __func__);
buffer_put_cstring(&msg, name); if ((r = sshbuf_put_u8(msg, SSH_AGENTC_REMOVE_SMARTCARD_KEY)) != 0 ||
buffer_put_cstring(&msg, ""); (r = sshbuf_put_cstring(msg, name)) != 0 ||
send_msg(&msg); (r = sshbuf_put_cstring(msg, "")) != 0)
buffer_clear(&msg); fatal("%s: buffer error: %s", __func__, ssh_err(r));
send_msg(msg);
sshbuf_reset(msg);
if (recv_msg(&msg) == SSH_AGENT_SUCCESS) if (recv_msg(msg) == SSH_AGENT_SUCCESS)
ret = 0; ret = 0;
buffer_free(&msg); sshbuf_free(msg);
return (ret); return (ret);
} }