avoid BIGNUM in KRL code by using a simple bitmap;

feedback and ok markus

diff --git a/usr.bin/ssh/bitmap.c b/usr.bin/ssh/bitmap.c
new file mode 100644 (file)
index 0000000..cd9df8c
--- /dev/null
+++ b/usr.bin/ssh/bitmap.c
@@ -0,0 +1,387 @@
+/*
+ * Copyright (c) 2015 Damien Miller <djm@mindrot.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/types.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "bitmap.h"
+
+#define BITMAP_WTYPE   u_int
+#define BITMAP_MAX     (1<<24)
+#define BITMAP_BYTES   (sizeof(BITMAP_WTYPE))
+#define BITMAP_BITS    (sizeof(BITMAP_WTYPE) * 8)
+#define BITMAP_WMASK   ((BITMAP_WTYPE)BITMAP_BITS - 1)
+struct bitmap {
+       BITMAP_WTYPE *d;
+       size_t len; /* number of words allocated */
+       size_t top; /* index of top word allocated */
+};
+
+struct bitmap *
+bitmap_new(void)
+{
+       struct bitmap *ret;
+
+       if ((ret = calloc(1, sizeof(*ret))) == NULL)
+               return NULL;
+       if ((ret->d = calloc(1, BITMAP_BYTES)) == NULL) {
+               free(ret);
+               return NULL;
+       }
+       ret->len = 1;
+       ret->top = 0;
+       return ret;
+}
+
+void
+bitmap_free(struct bitmap *b)
+{
+       if (b != NULL && b->d != NULL) {
+               memset(b->d, 0, b->len);
+               free(b->d);
+       }
+       free(b);
+}
+
+void
+bitmap_zero(struct bitmap *b)
+{
+       memset(b->d, 0, b->len * BITMAP_BYTES);
+       b->top = 0;
+}
+
+int
+bitmap_test_bit(struct bitmap *b, u_int n)
+{
+       if (b->top >= b->len)
+               return 0; /* invalid */
+       if (b->len == 0 || (n / BITMAP_BITS) > b->top)
+               return 0;
+       return (b->d[n / BITMAP_BITS] >> (n & BITMAP_WMASK)) & 1;
+}
+
+static int
+reserve(struct bitmap *b, u_int n)
+{
+       BITMAP_WTYPE *tmp;
+       size_t nlen;
+
+       if (b->top >= b->len || n > BITMAP_MAX)
+               return -1; /* invalid */
+       nlen = (n / BITMAP_BITS) + 1;
+       if (b->len < nlen) {
+               if ((tmp = reallocarray(b->d, nlen, BITMAP_BYTES)) == NULL)
+                       return -1;
+               b->d = tmp;
+               memset(b->d + b->len, 0, (nlen - b->len) * BITMAP_BYTES);
+               b->len = nlen;
+       }
+       return 0;
+}
+
+int
+bitmap_set_bit(struct bitmap *b, u_int n)
+{
+       int r;
+       size_t offset;
+
+       if ((r = reserve(b, n)) != 0)
+               return r;
+       offset = n / BITMAP_BITS;
+       if (offset > b->top)
+               b->top = offset;
+       b->d[offset] |= (BITMAP_WTYPE)1 << (n & BITMAP_WMASK);
+       return 0;
+}
+
+/* Resets b->top to point to the most significant bit set in b->d */
+static void
+retop(struct bitmap *b)
+{
+       if (b->top >= b->len)
+               return;
+       while (b->top > 0 && b->d[b->top] == 0)
+               b->top--;
+}
+
+void
+bitmap_clear_bit(struct bitmap *b, u_int n)
+{
+       size_t offset;
+
+       if (b->top >= b->len || n > BITMAP_MAX)
+               return; /* invalid */
+       offset = n / BITMAP_BITS;
+       if (offset > b->top)
+               return;
+       b->d[offset] &= ~((BITMAP_WTYPE)1 << (n & BITMAP_WMASK));
+       /* The top may have changed as a result of the clear */
+       retop(b);
+}
+
+size_t
+bitmap_nbits(struct bitmap *b)
+{
+       size_t bits;
+       BITMAP_WTYPE w;
+
+       retop(b);
+       if (b->top >= b->len)
+               return 0; /* invalid */
+       if (b->len == 0 || (b->top == 0 && b->d[0] == 0))
+               return 0;
+       /* Find MSB set */
+       w = b->d[b->top];
+       bits = (b->top + 1) * BITMAP_BITS;
+       while (!(w & ((BITMAP_WTYPE)1 << (BITMAP_BITS - 1)))) {
+               w <<= 1;
+               bits--;
+       }
+       return bits;
+                       
+}
+
+size_t
+bitmap_nbytes(struct bitmap *b)
+{
+       return (bitmap_nbits(b) + 7) / 8;
+}
+
+int
+bitmap_to_string(struct bitmap *b, void *p, size_t l)
+{
+       u_char *s = (u_char *)p;
+       size_t i, j, k, need = bitmap_nbytes(b);
+
+       if (l < need || b->top >= b->len)
+               return -1;
+       if (l > need)
+               l = need;
+       /* Put the bytes from LSB backwards */
+       for (i = k = 0; i < b->top + 1; i++) {
+               for (j = 0; j < BITMAP_BYTES; j++) {
+                       if (k >= l)
+                               break;
+                       s[need - 1 - k++] = (b->d[i] >> (j * 8)) & 0xff;
+               }
+       }
+               
+       return 0;
+}
+
+int
+bitmap_from_string(struct bitmap *b, const void *p, size_t l)
+{
+       int r;
+       size_t i, offset, shift;
+       u_char *s = (u_char *)p;
+
+       if (l > BITMAP_MAX / 8)
+               return -1;
+       if ((r = reserve(b, l * 8)) != 0)
+               return r;
+       bitmap_zero(b);
+       if (l == 0)
+               return 0;
+       b->top = offset = ((l + (BITMAP_BYTES - 1)) / BITMAP_BYTES) - 1;
+       shift = ((l + (BITMAP_BYTES - 1)) % BITMAP_BYTES) * 8;
+       for (i = 0; i < l; i++) {
+               b->d[offset] |= (BITMAP_WTYPE)s[i] << shift;
+               if (shift == 0) {
+                       offset--;
+                       shift = BITMAP_BITS - 8;
+               } else
+                       shift -= 8;
+       }
+       retop(b);
+       return 0;
+}
+
+#ifdef BITMAP_TEST
+
+/* main() test against OpenSSL BN */
+#include <err.h>
+#include <openssl/bn.h>
+#include <stdio.h>
+#include <stdarg.h>
+
+#define LIM 131
+#define FAIL(...) fail(__FILE__, __LINE__, __VA_ARGS__)
+
+void
+bitmap_dump(struct bitmap *b, FILE *f)
+{
+       size_t i;
+
+       fprintf(f, "bitmap %p len=%zu top=%zu d =", b, b->len, b->top);
+       for (i = 0; i < b->len; i++) {
+               fprintf(f, " %0*llx", (int)BITMAP_BITS / 4,
+                   (unsigned long long)b->d[i]);
+       }
+       fputc('\n', f);
+}
+
+static void
+fail(char *file, int line, char *fmt, ...)
+{
+       va_list ap;
+
+       fprintf(stderr, "%s:%d ", file, line);
+       va_start(ap, fmt);
+       vfprintf(stderr, fmt, ap);
+       va_end(ap);
+       fputc('\n', stdout);
+       /* abort(); */
+       exit(1);
+}
+
+static void
+dump(const char *s, const u_char *buf, size_t l)
+{
+       size_t i;
+
+       fprintf(stderr, "%s len %zu = ", s, l);
+       for (i = 0; i < l; i++)
+               fprintf(stderr, "%02x ", buf[i]);
+       fputc('\n', stderr);
+}
+
+int main(void) {
+       struct bitmap *b = bitmap_new();
+       BIGNUM *bn = BN_new();
+       size_t len;
+       int i, j, k, n;
+       u_char bbuf[1024], bnbuf[1024];
+       int r;
+
+       for (i = -1; i < LIM; i++) {
+               fputc('i', stdout);
+               fflush(stdout);
+               for (j = -1; j < LIM; j++) {
+                       for (k = -1; k < LIM; k++) {
+                               bitmap_zero(b);
+                               BN_clear(bn);
+                               /* Test setting bits */
+                               if (i > 0 && bitmap_set_bit(b, i) != 0)
+                                       FAIL("bitmap_set_bit %d fail", i);
+                               if (j > 0 && bitmap_set_bit(b, j) != 0)
+                                       FAIL("bitmap_set_bit %d fail", j);
+                               if (k > 0 && bitmap_set_bit(b, k) != 0)
+                                       FAIL("bitmap_set_bit %d fail", k);
+                               if ((i > 0 && BN_set_bit(bn, i) != 1) ||
+                                   (j > 0 && BN_set_bit(bn, j) != 1) ||
+                                   (k > 0 && BN_set_bit(bn, k) != 1))
+                                       FAIL("BN_set_bit fail");
+                               for (n = 0; n < LIM; n++) {
+                                       if (BN_is_bit_set(bn, n) !=
+                                           bitmap_test_bit(b, n)) {
+                                               FAIL("miss %d/%d/%d %d "
+                                                   "%d %d", i, j, k, n,
+                                                   BN_is_bit_set(bn, n),
+                                                   bitmap_test_bit(b, n));
+                                       }
+                               }
+                               /* Test length calculations */
+                               if (BN_num_bytes(bn) != (int)bitmap_nbytes(b)) {
+                                       FAIL("bytes %d/%d/%d %d != %zu",
+                                           i, j, k, BN_num_bytes(bn),
+                                           bitmap_nbytes(b));
+                               }
+                               if (BN_num_bits(bn) != (int)bitmap_nbits(b)) {
+                                       FAIL("bits %d/%d/%d %d != %zu",
+                                           i, j, k, BN_num_bits(bn),
+                                           bitmap_nbits(b));
+                               }
+                               /* Test serialisation */
+                               len = bitmap_nbytes(b);
+                               memset(bbuf, 0xfc, sizeof(bbuf));
+                               if (bitmap_to_string(b, bbuf,
+                                   sizeof(bbuf)) != 0)
+                                       FAIL("bitmap_to_string %d/%d/%d",
+                                           i, j, k);
+                               for (n = len; n < (int)sizeof(bbuf); n++) {
+                                       if (bbuf[n] != 0xfc)
+                                               FAIL("bad string "
+                                                   "%d/%d/%d %d 0x%02x",
+                                                   i, j, k, n, bbuf[n]);
+                               }
+                               if ((r = BN_bn2bin(bn, bnbuf)) < 0)
+                                       FAIL("BN_bn2bin %d/%d/%d",
+                                           i, j, k);
+                               if ((size_t)r != len)
+                                       FAIL("len bad %d/%d/%d", i, j, k);
+                               if (memcmp(bbuf, bnbuf, len) != 0) {
+                                       dump("bbuf", bbuf, sizeof(bbuf));
+                                       dump("bnbuf", bnbuf, sizeof(bnbuf));
+                                       FAIL("buf bad %d/%d/%d", i, j, k);
+                               }
+                               /* Test deserialisation */
+                               bitmap_zero(b);
+                               if (bitmap_from_string(b, bnbuf, len) != 0)
+                                       FAIL("bitmap_to_string %d/%d/%d",
+                                           i, j, k);
+                               for (n = 0; n < LIM; n++) {
+                                       if (BN_is_bit_set(bn, n) !=
+                                           bitmap_test_bit(b, n)) {
+                                               FAIL("miss %d/%d/%d %d "
+                                                   "%d %d", i, j, k, n,
+                                                   BN_is_bit_set(bn, n),
+                                                   bitmap_test_bit(b, n));
+                                       }
+                               }
+                               /* Test clearing bits */
+                               for (n = 0; n < LIM; n++) {
+                                       if (bitmap_set_bit(b, n) != 0) {
+                                               bitmap_dump(b, stderr);
+                                               FAIL("bitmap_set_bit %d "
+                                                   "fail", n);
+                                       }
+                                       if (BN_set_bit(bn, n) != 1)
+                                               FAIL("BN_set_bit fail");
+                               }
+                               if (i > 0) {
+                                       bitmap_clear_bit(b, i);
+                                       BN_clear_bit(bn, i);
+                               }
+                               if (j > 0) {
+                                       bitmap_clear_bit(b, j);
+                                       BN_clear_bit(bn, j);
+                               }
+                               if (k > 0) {
+                                       bitmap_clear_bit(b, k);
+                                       BN_clear_bit(bn, k);
+                               }
+                               for (n = 0; n < LIM; n++) {
+                                       if (BN_is_bit_set(bn, n) !=
+                                           bitmap_test_bit(b, n)) {
+                                               bitmap_dump(b, stderr);
+                                               FAIL("cmiss %d/%d/%d %d "
+                                                   "%d %d", i, j, k, n,
+                                                   BN_is_bit_set(bn, n),
+                                                   bitmap_test_bit(b, n));
+                                       }
+                               }
+                       }
+               }
+       }
+       fputc('\n', stdout);
+       bitmap_free(b);
+       BN_free(bn);
+
+       return 0;
+}
+#endif

diff --git a/usr.bin/ssh/bitmap.h b/usr.bin/ssh/bitmap.h
new file mode 100644 (file)
index 0000000..c1bb174
--- /dev/null
+++ b/usr.bin/ssh/bitmap.h
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2015 Damien Miller <djm@mindrot.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef _BITMAP_H
+#define _BITMAP_H
+
+#include <sys/types.h>
+
+/* Simple bit vector routines */
+
+struct bitmap;
+
+/* Allocate a new bitmap. Returns NULL on allocation failure. */
+struct bitmap *bitmap_new(void);
+
+/* Free a bitmap */
+void bitmap_free(struct bitmap *b);
+
+/* Zero an existing bitmap */
+void bitmap_zero(struct bitmap *b);
+
+/* Test whether a bit is set in a bitmap. */
+int bitmap_test_bit(struct bitmap *b, u_int n);
+
+/* Set a bit in a bitmap. Returns 0 on success or -1 on error */
+int bitmap_set_bit(struct bitmap *b, u_int n);
+
+/* Clear a bit in a bitmap */
+void bitmap_clear_bit(struct bitmap *b, u_int n);
+
+/* Return the number of bits in a bitmap (i.e. the position of the MSB) */
+size_t bitmap_nbits(struct bitmap *b);
+
+/* Return the number of bytes needed to represent a bitmap */
+size_t bitmap_nbytes(struct bitmap *b);
+
+/* Convert a bitmap to a big endian byte string */
+int bitmap_to_string(struct bitmap *b, void *p, size_t l);
+
+/* Convert a big endian byte string to a bitmap */
+int bitmap_from_string(struct bitmap *b, const void *p, size_t l);
+
+#endif /* _BITMAP_H */

diff --git a/usr.bin/ssh/krl.c b/usr.bin/ssh/krl.c
index ef8049d..b90ffac 100644 (file)
--- a/usr.bin/ssh/krl.c
+++ b/usr.bin/ssh/krl.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: krl.c,v 1.25 2015/01/13 19:04:35 djm Exp $ */
+/* $OpenBSD: krl.c,v 1.26 2015/01/14 15:02:39 djm Exp $ */
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -35,6 +35,7 @@
 #include "misc.h"
 #include "log.h"
 #include "digest.h"
+#include "bitmap.h"
 
 #include "krl.h"
 
@@ -517,6 +518,25 @@ choose_next_state(int current_state, u_int64_t contig, int final,
        return new_state;
 }
 
+static int
+put_bitmap(struct sshbuf *buf, struct bitmap *bitmap)
+{
+       size_t len;
+       u_char *blob;
+       int r;
+
+       len = bitmap_nbytes(bitmap);
+       if ((blob = malloc(len)) == NULL)
+               return SSH_ERR_ALLOC_FAIL;
+       if (bitmap_to_string(bitmap, blob, len) != 0) {
+               free(blob);
+               return SSH_ERR_INTERNAL_ERROR;
+       }
+       r = sshbuf_put_bignum2_bytes(buf, blob, len);
+       free(blob);
+       return r;
+}
+
 /* Generate a KRL_SECTION_CERTIFICATES KRL section */
 static int
 revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf)
@@ -527,7 +547,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf)
        struct revoked_key_id *rki;
        int next_state, state = 0;
        struct sshbuf *sect;
-       BIGNUM *bitmap = NULL;
+       struct bitmap *bitmap = NULL;
 
        if ((sect = sshbuf_new()) == NULL)
                return SSH_ERR_ALLOC_FAIL;
@@ -570,9 +590,9 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf)
                        case KRL_SECTION_CERT_SERIAL_RANGE:
                                break;
                        case KRL_SECTION_CERT_SERIAL_BITMAP:
-                               if ((r = sshbuf_put_bignum2(sect, bitmap)) != 0)
+                               if ((r = put_bitmap(sect, bitmap)) != 0)
                                        goto out;
-                               BN_free(bitmap);
+                               bitmap_free(bitmap);
                                bitmap = NULL;
                                break;
                        }
@@ -593,7 +613,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf)
                        case KRL_SECTION_CERT_SERIAL_RANGE:
                                break;
                        case KRL_SECTION_CERT_SERIAL_BITMAP:
-                               if ((bitmap = BN_new()) == NULL) {
+                               if ((bitmap = bitmap_new()) == NULL) {
                                        r = SSH_ERR_ALLOC_FAIL;
                                        goto out;
                                }
@@ -624,8 +644,8 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf)
                                goto out;
                        }
                        for (i = 0; i < contig; i++) {
-                               if (BN_set_bit(bitmap,
-                                   rs->lo + i - bitmap_start) != 1) {
+                               if (bitmap_set_bit(bitmap,
+                                   rs->lo + i - bitmap_start) != 0) {
                                        r = SSH_ERR_ALLOC_FAIL;
                                        goto out;
                                }
@@ -643,9 +663,9 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf)
                case KRL_SECTION_CERT_SERIAL_RANGE:
                        break;
                case KRL_SECTION_CERT_SERIAL_BITMAP:
-                       if ((r = sshbuf_put_bignum2(sect, bitmap)) != 0)
+                       if ((r = put_bitmap(sect, bitmap)) != 0)
                                goto out;
-                       BN_free(bitmap);
+                       bitmap_free(bitmap);
                        bitmap = NULL;
                        break;
                }
@@ -669,8 +689,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf)
        }
        r = 0;
  out:
-       if (bitmap != NULL)
-               BN_free(bitmap);
+       bitmap_free(bitmap);
        sshbuf_free(sect);
        return r;
 }
@@ -782,13 +801,13 @@ format_timestamp(u_int64_t timestamp, char *ts, size_t nts)
 static int
 parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl)
 {
-       int r = SSH_ERR_INTERNAL_ERROR, nbits;
+       int r = SSH_ERR_INTERNAL_ERROR;
        u_char type;
        const u_char *blob;
-       size_t blen;
+       size_t blen, nbits;
        struct sshbuf *subsect = NULL;
        u_int64_t serial, serial_lo, serial_hi;
-       BIGNUM *bitmap = NULL;
+       struct bitmap *bitmap = NULL;
        char *key_id = NULL;
        struct sshkey *ca_key = NULL;
 
@@ -832,31 +851,32 @@ parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl)
                                goto out;
                        break;
                case KRL_SECTION_CERT_SERIAL_BITMAP:
-                       if ((bitmap = BN_new()) == NULL) {
+                       if ((bitmap = bitmap_new()) == NULL) {
                                r = SSH_ERR_ALLOC_FAIL;
                                goto out;
                        }
                        if ((r = sshbuf_get_u64(subsect, &serial_lo)) != 0 ||
-                           (r = sshbuf_get_bignum2(subsect, bitmap)) != 0)
+                           (r = sshbuf_get_bignum2_bytes_direct(subsect,
+                           &blob, &blen)) != 0)
                                goto out;
-                       if ((nbits = BN_num_bits(bitmap)) < 0) {
-                               error("%s: bitmap bits < 0", __func__);
+                       if (bitmap_from_string(bitmap, blob, blen) != 0) {
                                r = SSH_ERR_INVALID_FORMAT;
                                goto out;
                        }
+                       nbits = bitmap_nbits(bitmap);
                        for (serial = 0; serial < (u_int64_t)nbits; serial++) {
                                if (serial > 0 && serial_lo + serial == 0) {
                                        error("%s: bitmap wraps u64", __func__);
                                        r = SSH_ERR_INVALID_FORMAT;
                                        goto out;
                                }
-                               if (!BN_is_bit_set(bitmap, serial))
+                               if (!bitmap_test_bit(bitmap, serial))
                                        continue;
                                if ((r = ssh_krl_revoke_cert_by_serial(krl,
                                    ca_key, serial_lo + serial)) != 0)
                                        goto out;
                        }
-                       BN_free(bitmap);
+                       bitmap_free(bitmap);
                        bitmap = NULL;
                        break;
                case KRL_SECTION_CERT_KEY_ID:
@@ -886,7 +906,7 @@ parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl)
        r = 0;
  out:
        if (bitmap != NULL)
-               BN_free(bitmap);
+               bitmap_free(bitmap);
        free(key_id);
        sshkey_free(ca_key);
        sshbuf_free(subsect);

diff --git a/usr.bin/ssh/lib/Makefile b/usr.bin/ssh/lib/Makefile
index c45f55f..ba2bd30 100644 (file)
--- a/usr.bin/ssh/lib/Makefile
+++ b/usr.bin/ssh/lib/Makefile
@@ -1,4 +1,4 @@
-#      $OpenBSD: Makefile,v 1.79 2014/06/24 01:13:22 djm Exp $
+#      $OpenBSD: Makefile,v 1.80 2015/01/14 15:02:39 djm Exp $
 
 .PATH:         ${.CURDIR}/..
 .include "${.CURDIR}/../Makefile.inc"
@@ -11,7 +11,9 @@ LIB_SRCS= \
        sshbuf.c \
        sshbuf-getput-basic.c \
        sshbuf-misc.c \
-       sshkey.c
+       sshkey.c \
+       bitmap.c \
+       krl.c
 
 .if (${OPENSSL:L} == "yes")
 LIB_SRCS+=     sshbuf-getput-crypto.c digest-openssl.c
@@ -34,8 +36,7 @@ SRCS= ${LIB_SRCS} \
 .if (${OPENSSL:L} == "yes")
 SRCS+= bufec.c bufbn.c cipher-3des1.c cipher-bf1.c rsa.c \
        ssh-dss.c ssh-rsa.c ssh-ecdsa.c dh.c kexdh.c kexgex.c kexecdh.c \
-       kexdhc.c kexgexc.c kexecdhc.c ssh-pkcs11.c \
-       krl.c
+       kexdhc.c kexgexc.c kexecdhc.c ssh-pkcs11.c
 .else
 SRCS+= rijndael.c cipher-aesctr.c
 .endif

diff --git a/usr.bin/ssh/sshbuf-getput-basic.c b/usr.bin/ssh/sshbuf-getput-basic.c
index bc2e2f9..304da2d 100644 (file)
--- a/usr.bin/ssh/sshbuf-getput-basic.c
+++ b/usr.bin/ssh/sshbuf-getput-basic.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: sshbuf-getput-basic.c,v 1.3 2015/01/12 15:18:07 djm Exp $     */
+/*     $OpenBSD: sshbuf-getput-basic.c,v 1.4 2015/01/14 15:02:39 djm Exp $     */
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -422,3 +422,39 @@ sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len)
                memcpy(d + 4 + prepend, s, len);
        return 0;
 }
+
+int
+sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
+    const u_char **valp, size_t *lenp)
+{
+       const u_char *d;
+       size_t len, olen;
+       int r;
+
+       if ((r = sshbuf_peek_string_direct(buf, &d, &olen)) < 0)
+               return r;
+       len = olen;
+       /* Refuse negative (MSB set) bignums */
+       if ((len != 0 && (*d & 0x80) != 0))
+               return SSH_ERR_BIGNUM_IS_NEGATIVE;
+       /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */
+       if (len > SSHBUF_MAX_BIGNUM + 1 ||
+           (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0))
+               return SSH_ERR_BIGNUM_TOO_LARGE;
+       /* Trim leading zeros */
+       while (len > 0 && *d == 0x00) {
+               d++;
+               len--;
+       }
+       if (valp != 0)
+               *valp = d;
+       if (lenp != NULL)
+               *lenp = len;
+       if (sshbuf_consume(buf, olen + 4) != 0) {
+               /* Shouldn't happen */
+               SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
+               SSHBUF_ABORT();
+               return SSH_ERR_INTERNAL_ERROR;
+       }
+       return 0;
+}

diff --git a/usr.bin/ssh/sshbuf-getput-crypto.c b/usr.bin/ssh/sshbuf-getput-crypto.c
index f086cae..aa2a922 100644 (file)
--- a/usr.bin/ssh/sshbuf-getput-crypto.c
+++ b/usr.bin/ssh/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: sshbuf-getput-crypto.c,v 1.3 2015/01/12 15:18:07 djm Exp $    */
+/*     $OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $    */
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -34,24 +34,10 @@ sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v)
        size_t len;
        int r;
 
-       if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0)
+       if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0)
                return r;
-       /* Refuse negative (MSB set) bignums */
-       if ((len != 0 && (*d & 0x80) != 0))
-               return SSH_ERR_BIGNUM_IS_NEGATIVE;
-       /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */
-       if (len > SSHBUF_MAX_BIGNUM + 1 ||
-           (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0))
-               return SSH_ERR_BIGNUM_TOO_LARGE;
        if (v != NULL && BN_bin2bn(d, len, v) == NULL)
                return SSH_ERR_ALLOC_FAIL;
-       /* Consume the string */
-       if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) {
-               /* Shouldn't happen */
-               SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
-               SSHBUF_ABORT();
-               return SSH_ERR_INTERNAL_ERROR;
-       }
        return 0;
 }
 

diff --git a/usr.bin/ssh/sshbuf.h b/usr.bin/ssh/sshbuf.h
index 6f58b3e..ce43e0a 100644 (file)
--- a/usr.bin/ssh/sshbuf.h
+++ b/usr.bin/ssh/sshbuf.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: sshbuf.h,v 1.3 2014/06/24 01:13:21 djm Exp $  */
+/*     $OpenBSD: sshbuf.h,v 1.4 2015/01/14 15:02:39 djm Exp $  */
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -206,6 +206,8 @@ int sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp,
  */
 int    sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v);
 int    sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v);
+int    sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
+           const u_char **valp, size_t *lenp);
 int    sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v);
 int    sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v);
 int    sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len);