1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00

Replace more (pointer, length) arg pairs with ptrlen.

The abstract method ssh_key_sign(), and the concrete functions
ssh_rsakex_newkey() and rsa_ssh1_public_blob_len(), now each take a
ptrlen argument in place of a separate pointer and length pair.

Partly that's because I'm generally preferring ptrlens these days and
it keeps argument lists short and tidy-looking, but mostly it's
because it will make those functions easier to wrap in my upcoming
test system.
This commit is contained in:
Simon Tatham 2019-01-01 21:07:48 +00:00
parent febef916a5
commit a2d1c211a7
8 changed files with 27 additions and 29 deletions

View File

@ -352,7 +352,7 @@ void pageant_handle_msg(BinarySink *bs,
}
signature = strbuf_new();
ssh_key_sign(key->key, sigdata.ptr, sigdata.len, flags,
ssh_key_sign(key->key, sigdata, flags,
BinarySink_UPCAST(signature));
put_byte(bs, SSH2_AGENT_SIGN_RESPONSE);
@ -1086,7 +1086,8 @@ int pageant_add_keyfile(Filename *filename, const char *passphrase,
}
/* Now skip over public blob */
if (type == SSH_KEYTYPE_SSH1) {
int n = rsa_ssh1_public_blob_len(p, keylistlen);
int n = rsa_ssh1_public_blob_len(
make_ptrlen(p, keylistlen));
if (n < 0) {
*retstr = dupstr("Received broken key list from agent");
sfree(keylist);

11
ssh.h
View File

@ -511,7 +511,7 @@ char *rsa_ssh1_fingerprint(struct RSAKey *key);
bool rsa_verify(struct RSAKey *key);
void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
RsaSsh1Order order);
int rsa_ssh1_public_blob_len(void *data, int maxlen);
int rsa_ssh1_public_blob_len(ptrlen data);
void freersapriv(struct RSAKey *key);
void freersakey(struct RSAKey *key);
@ -532,7 +532,7 @@ struct ssh_hashalg;
struct ssh_rsa_kex_extra {
int minklen;
};
struct RSAKey *ssh_rsakex_newkey(const void *data, int len);
struct RSAKey *ssh_rsakex_newkey(ptrlen data);
void ssh_rsakex_freekey(struct RSAKey *key);
int ssh_rsakex_klen(struct RSAKey *key);
void ssh_rsakex_encrypt(const struct ssh_hashalg *h,
@ -776,8 +776,7 @@ struct ssh_keyalg {
/* Methods that operate on an existing ssh_key */
void (*freekey) (ssh_key *key);
void (*sign) (ssh_key *key, const void *data, int datalen,
unsigned flags, BinarySink *);
void (*sign) (ssh_key *key, ptrlen data, unsigned flags, BinarySink *);
bool (*verify) (ssh_key *key, ptrlen sig, ptrlen data);
void (*public_blob)(ssh_key *key, BinarySink *);
void (*private_blob)(ssh_key *key, BinarySink *);
@ -799,8 +798,8 @@ struct ssh_keyalg {
#define ssh_key_new_priv_openssh(alg, bs) ((alg)->new_priv_openssh(alg, bs))
#define ssh_key_free(key) ((key)->vt->freekey(key))
#define ssh_key_sign(key, data, len, flags, bs) \
((key)->vt->sign(key, data, len, flags, bs))
#define ssh_key_sign(key, data, flags, bs) \
((key)->vt->sign(key, data, flags, bs))
#define ssh_key_verify(key, sig, data) ((key)->vt->verify(key, sig, data))
#define ssh_key_public_blob(key, bs) ((key)->vt->public_blob(key, bs))
#define ssh_key_private_blob(key, bs) ((key)->vt->private_blob(key, bs))

View File

@ -537,7 +537,7 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted)
rsakeydata = get_string(pktin);
s->rsa_kex_key = ssh_rsakex_newkey(rsakeydata.ptr, rsakeydata.len);
s->rsa_kex_key = ssh_rsakex_newkey(rsakeydata);
if (!s->rsa_kex_key) {
ssh_proto_error(s->ppl.ssh,
"Unable to parse RSA public key packet");

View File

@ -28,8 +28,9 @@ static strbuf *finalise_and_sign_exhash(struct ssh2_transport_state *s)
strbuf *sb;
ssh2transport_finalise_exhash(s);
sb = strbuf_new();
ssh_key_sign(s->hkey, s->exchange_hash, s->kex_alg->hash->hlen, 0,
BinarySink_UPCAST(sb));
ssh_key_sign(
s->hkey, make_ptrlen(s->exchange_hash, s->kex_alg->hash->hlen),
0, BinarySink_UPCAST(sb));
return sb;
}

View File

@ -890,7 +890,7 @@ static void ssh2_userauth_process_queue(PacketProtocolLayer *ppl)
put_data(sigdata, s->pktout->data + 5,
s->pktout->length - 5);
sigblob = strbuf_new();
ssh_key_sign(key->key, sigdata->s, sigdata->len, 0,
ssh_key_sign(key->key, ptrlen_from_strbuf(sigdata), 0,
BinarySink_UPCAST(sigblob));
strbuf_free(sigdata);
ssh2_userauth_add_sigblob(

View File

@ -416,14 +416,13 @@ mp_int *dss_gen_k(const char *id_string, mp_int *modulus,
return k;
}
static void dss_sign(ssh_key *key, const void *data, int datalen,
unsigned flags, BinarySink *bs)
static void dss_sign(ssh_key *key, ptrlen data, unsigned flags, BinarySink *bs)
{
struct dss_key *dss = container_of(key, struct dss_key, sshk);
unsigned char digest[20];
int i;
SHA_Simple(data, datalen, digest);
SHA_Simple(data.ptr, data.len, digest);
mp_int *k = dss_gen_k("DSA deterministic k generator", dss->q, dss->x,
digest, sizeof(digest));

View File

@ -979,7 +979,7 @@ static bool eddsa_verify(ssh_key *key, ptrlen sig, ptrlen data)
return valid;
}
static void ecdsa_sign(ssh_key *key, const void *data, int datalen,
static void ecdsa_sign(ssh_key *key, ptrlen data,
unsigned flags, BinarySink *bs)
{
struct ecdsa_key *ek = container_of(key, struct ecdsa_key, sshk);
@ -987,15 +987,14 @@ static void ecdsa_sign(ssh_key *key, const void *data, int datalen,
(const struct ecsign_extra *)ek->sshk.vt->extra;
assert(ek->privateKey);
mp_int *z = ecdsa_signing_exponent_from_data(
ek->curve, extra, make_ptrlen(data, datalen));
mp_int *z = ecdsa_signing_exponent_from_data(ek->curve, extra, data);
/* Generate k between 1 and curve->n, using the same deterministic
* k generation system we use for conventional DSA. */
mp_int *k;
{
unsigned char digest[20];
SHA_Simple(data, datalen, digest);
SHA_Simple(data.ptr, data.len, digest);
k = dss_gen_k(
"ECDSA deterministic k generator", ek->curve->w.G_order,
ek->privateKey, digest, sizeof(digest));
@ -1033,7 +1032,7 @@ static void ecdsa_sign(ssh_key *key, const void *data, int datalen,
mp_free(s);
}
static void eddsa_sign(ssh_key *key, const void *data, int datalen,
static void eddsa_sign(ssh_key *key, ptrlen data,
unsigned flags, BinarySink *bs)
{
struct eddsa_key *ek = container_of(key, struct eddsa_key, sshk);
@ -1076,7 +1075,7 @@ static void eddsa_sign(ssh_key *key, const void *data, int datalen,
h = ssh_hash_new(extra->hash);
put_data(h, hash + ek->curve->fieldBytes,
extra->hash->hlen - ek->curve->fieldBytes);
put_data(h, data, datalen);
put_datapl(h, data);
ssh_hash_final(h, hash);
mp_int *log_r_unreduced = mp_from_bytes_le(
make_ptrlen(hash, extra->hash->hlen));
@ -1097,7 +1096,7 @@ static void eddsa_sign(ssh_key *key, const void *data, int datalen,
* eddsa_verify does.
*/
mp_int *H = eddsa_signing_exponent_from_data(
ek, extra, ptrlen_from_strbuf(r_enc), make_ptrlen(data, datalen));
ek, extra, ptrlen_from_strbuf(r_enc), data);
/* And then s = (log(r) + H*a) mod order(G). */
mp_int *Ha = mp_modmul(H, a, ek->curve->e.G_order);

View File

@ -315,11 +315,11 @@ void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
}
/* Given an SSH-1 public key blob, determine its length. */
int rsa_ssh1_public_blob_len(void *data, int maxlen)
int rsa_ssh1_public_blob_len(ptrlen data)
{
BinarySource src[1];
BinarySource_BARE_INIT(src, data, maxlen);
BinarySource_BARE_INIT(src, data.ptr, data.len);
/* Expect a length word, then exponent and modulus. (It doesn't
* even matter which order.) */
@ -638,7 +638,7 @@ static bool rsa2_verify(ssh_key *key, ptrlen sig, ptrlen data)
return diff == 0;
}
static void rsa2_sign(ssh_key *key, const void *data, int datalen,
static void rsa2_sign(ssh_key *key, ptrlen data,
unsigned flags, BinarySink *bs)
{
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
@ -661,8 +661,7 @@ static void rsa2_sign(ssh_key *key, const void *data, int datalen,
nbytes = (mp_get_nbits(rsa->modulus) + 7) / 8;
bytes = rsa_pkcs1_signature_string(
nbytes, halg, make_ptrlen(data, datalen));
bytes = rsa_pkcs1_signature_string(nbytes, halg, data);
in = mp_from_bytes_be(make_ptrlen(bytes, nbytes));
smemclr(bytes, nbytes);
sfree(bytes);
@ -700,9 +699,9 @@ const ssh_keyalg ssh_rsa = {
SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512,
};
struct RSAKey *ssh_rsakex_newkey(const void *data, int len)
struct RSAKey *ssh_rsakex_newkey(ptrlen data)
{
ssh_key *sshk = rsa2_new_pub(&ssh_rsa, make_ptrlen(data, len));
ssh_key *sshk = rsa2_new_pub(&ssh_rsa, data);
if (!sshk)
return NULL;
return container_of(sshk, struct RSAKey, sshk);