From dca9e784518479c474ce80c2d7d9308b7565c148 Mon Sep 17 00:00:00 2001
From: claudio <claudio@openbsd.org>
Date: Fri, 28 Jul 2023 11:23:03 +0000
Subject: [PATCH] Implement print_hexbuf() to hexdump the contents of an ibuf.
 OK tb@

---
 sbin/iked/iked.h      |  3 ++-
 sbin/iked/ikev2.c     | 30 +++++++++++++-----------------
 sbin/iked/ikev2_msg.c | 18 +++++++++---------
 sbin/iked/util.c      |  8 +++++++-
 4 files changed, 31 insertions(+), 28 deletions(-)

diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h
index 7b56e565583..2c7fbe14af3 100644
--- a/sbin/iked/iked.h
+++ b/sbin/iked/iked.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: iked.h,v 1.222 2023/07/18 15:07:41 claudio Exp $	*/
+/*	$OpenBSD: iked.h,v 1.223 2023/07/28 11:23:03 claudio Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -1242,6 +1242,7 @@ const char *
 void	 lc_idtype(char *);
 void	 print_hex(const uint8_t *, off_t, size_t);
 void	 print_hexval(const uint8_t *, off_t, size_t);
+void	 print_hexbuf(struct ibuf *);
 const char *
 	 print_bits(unsigned short, unsigned char *);
 int	 sockaddr_cmp(struct sockaddr *, struct sockaddr *, int);
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c
index d255cd7ae3c..81df7a28e6f 100644
--- a/sbin/iked/ikev2.c
+++ b/sbin/iked/ikev2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev2.c,v 1.375 2023/07/28 07:31:38 claudio Exp $	*/
+/*	$OpenBSD: ikev2.c,v 1.376 2023/07/28 11:23:03 claudio Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -1443,7 +1443,7 @@ ikev2_init_ike_sa_peer(struct iked *env, struct iked_policy *pol,
 
 		log_debug("%s: added cookie, len %zu", __func__,
 		    ibuf_size(cookie));
-		print_hex(ibuf_data(cookie), 0, ibuf_size(cookie));
+		print_hexbuf(cookie);
 
 		if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_SA) == -1)
 			goto done;
@@ -5738,7 +5738,7 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key)
 
 	log_debug("%s: DHSECRET with %zu bytes", SPI_SA(sa, __func__),
 	    ibuf_length(dhsecret));
-	print_hex(ibuf_data(dhsecret), 0, ibuf_length(dhsecret));
+	print_hexbuf(dhsecret);
 
 	if (!key) {
 		/*
@@ -5810,7 +5810,7 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key)
 	}
 
 	log_debug("%s: S with %zu bytes", SPI_SA(sa, __func__), ibuf_length(s));
-	print_hex(ibuf_data(s), 0, ibuf_length(s));
+	print_hexbuf(s);
 
 	/*
 	 * Get the size of the key material we need and the number
@@ -5850,31 +5850,27 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key)
 
 	log_debug("%s: SK_d with %zu bytes", __func__,
 	    ibuf_length(sa->sa_key_d));
-	print_hex(ibuf_data(sa->sa_key_d), 0, ibuf_length(sa->sa_key_d));
+	print_hexbuf(sa->sa_key_d);
 	if (!isaead) {
 		log_debug("%s: SK_ai with %zu bytes", __func__,
 		    ibuf_length(sa->sa_key_iauth));
-		print_hex(ibuf_data(sa->sa_key_iauth), 0,
-		    ibuf_length(sa->sa_key_iauth));
+		print_hexbuf(sa->sa_key_iauth);
 		log_debug("%s: SK_ar with %zu bytes", __func__,
 		    ibuf_length(sa->sa_key_rauth));
-		print_hex(ibuf_data(sa->sa_key_rauth), 0,
-		    ibuf_length(sa->sa_key_rauth));
+		print_hexbuf(sa->sa_key_rauth);
 	}
 	log_debug("%s: SK_ei with %zu bytes", __func__,
 	    ibuf_length(sa->sa_key_iencr));
-	print_hex(ibuf_data(sa->sa_key_iencr), 0,
-	    ibuf_length(sa->sa_key_iencr));
+	print_hexbuf(sa->sa_key_iencr);
 	log_debug("%s: SK_er with %zu bytes", __func__,
 	    ibuf_length(sa->sa_key_rencr));
-	print_hex(ibuf_data(sa->sa_key_rencr), 0,
-	    ibuf_length(sa->sa_key_rencr));
+	print_hexbuf(sa->sa_key_rencr);
 	log_debug("%s: SK_pi with %zu bytes", __func__,
 	    ibuf_length(sa->sa_key_iprf));
-	print_hex(ibuf_data(sa->sa_key_iprf), 0, ibuf_length(sa->sa_key_iprf));
+	print_hexbuf(sa->sa_key_iprf);
 	log_debug("%s: SK_pr with %zu bytes", __func__,
 	    ibuf_length(sa->sa_key_rprf));
-	print_hex(ibuf_data(sa->sa_key_rprf), 0, ibuf_length(sa->sa_key_rprf));
+	print_hexbuf(sa->sa_key_rprf);
 
 	ret = 0;
 
@@ -5954,11 +5950,11 @@ ikev2_prfplus(struct iked_hash *prf, struct ibuf *key, struct ibuf *seed,
 
 		log_debug("%s: T%d with %zu bytes", __func__,
 		    pad, ibuf_length(t1));
-		print_hex(ibuf_data(t1), 0, ibuf_length(t1));
+		print_hexbuf(t1);
 	}
 
 	log_debug("%s: Tn with %zu bytes", __func__, ibuf_length(t));
-	print_hex(ibuf_data(t), 0, ibuf_length(t));
+	print_hexbuf(t);
 
 	ibuf_free(t1);
 
diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c
index 79865b21e8b..53d6a149546 100644
--- a/sbin/iked/ikev2_msg.c
+++ b/sbin/iked/ikev2_msg.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev2_msg.c,v 1.98 2023/07/28 07:31:38 claudio Exp $	*/
+/*	$OpenBSD: ikev2_msg.c,v 1.99 2023/07/28 11:23:03 claudio Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -446,7 +446,7 @@ ikev2_msg_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf *src,
 		goto done;
 
 	log_debug("%s: padded length %zu", __func__, ibuf_size(src));
-	print_hex(ibuf_data(src), 0, ibuf_size(src));
+	print_hexbuf(src);
 
 	cipher_setkey(sa->sa_encr, ibuf_data(encr), ibuf_length(encr));
 	cipher_setiv(sa->sa_encr, NULL, 0);	/* XXX ivlen */
@@ -489,7 +489,7 @@ ikev2_msg_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf *src,
 
 	log_debug("%s: length %zu, padding %d, output length %zu",
 	    __func__, len + sizeof(pad), pad, ibuf_size(dst));
-	print_hex(ibuf_data(dst), 0, ibuf_size(dst));
+	print_hexbuf(dst);
 
 	ibuf_free(src);
 	ibuf_free(out);
@@ -510,7 +510,7 @@ ikev2_msg_integr(struct iked *env, struct iked_sa *sa, struct ibuf *src)
 	uint8_t			*ptr;
 
 	log_debug("%s: message length %zu", __func__, ibuf_size(src));
-	print_hex(ibuf_data(src), 0, ibuf_size(src));
+	print_hexbuf(src);
 
 	if (sa == NULL ||
 	    sa->sa_encr == NULL ||
@@ -557,7 +557,7 @@ ikev2_msg_integr(struct iked *env, struct iked_sa *sa, struct ibuf *src)
 		goto done;
 	memcpy(ptr, ibuf_data(tmp), integrlen);
 
-	print_hex(ibuf_data(tmp), 0, ibuf_size(tmp));
+	print_hexbuf(tmp);
 
 	ret = 0;
  done:
@@ -580,7 +580,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa,
 	    sa->sa_encr == NULL ||
 	    sa->sa_integr == NULL) {
 		log_debug("%s: invalid SA", __func__);
-		print_hex(ibuf_data(src), 0, ibuf_size(src));
+		print_hexbuf(src);
 		goto done;
 	}
 
@@ -699,7 +699,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa,
 
 	log_debug("%s: decrypted payload length %zd/%zd padding %d",
 	    __func__, outlen, encrlen, pad);
-	print_hex(ibuf_data(out), 0, ibuf_size(out));
+	print_hexbuf(out);
 
 	/* Strip padding and padding length */
 	if (ibuf_setsize(out, outlen - pad - 1) != 0)
@@ -900,7 +900,7 @@ ikev2_send_encrypted_fragments(struct iked *env, struct iked_sa *sa,
 		log_debug("%s: Fragment %zu of %zu has size of %zu bytes.",
 		    __func__, frag_num, frag_total,
 		    ibuf_size(buf) - sizeof(*hdr));
-		print_hex(ibuf_data(buf), 0,  ibuf_size(buf));
+		print_hexbuf(buf);
 
 		resp.msg_data = buf;
 		resp.msg_sa = sa;
@@ -986,7 +986,7 @@ ikev2_msg_auth(struct iked *env, struct iked_sa *sa, int response)
 	log_debug("%s: %s auth data length %zu",
 	    __func__, response ? "responder" : "initiator",
 	    ibuf_size(authmsg));
-	print_hex(ibuf_data(authmsg), 0, ibuf_size(authmsg));
+	print_hexbuf(authmsg);
 
 	return (authmsg);
 
diff --git a/sbin/iked/util.c b/sbin/iked/util.c
index 586233abea5..c3c0c3e2900 100644
--- a/sbin/iked/util.c
+++ b/sbin/iked/util.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: util.c,v 1.42 2023/06/16 10:28:43 tb Exp $	*/
+/*	$OpenBSD: util.c,v 1.43 2023/07/28 11:23:03 claudio Exp $	*/
 
 /*
  * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
@@ -499,6 +499,12 @@ print_hexval(const uint8_t *buf, off_t offset, size_t length)
 	print_debug("\n");
 }
 
+void
+print_hexbuf(struct ibuf *ibuf)
+{
+	print_hex(ibuf_data(ibuf), 0, ibuf_size(ibuf));
+}
+
 const char *
 print_bits(unsigned short v, unsigned char *bits)
 {
-- 
2.20.1