From bcfcb169efab1587a7cebcffff9efbf9ccac8ce8 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Tue, 5 May 2015 20:16:17 +0100 Subject: [PATCH] Const-correctness in public-key functions. Several of the functions in ssh2_signkey, and one or two SSH-1 key functions too, were still taking assorted non-const buffer parameters that had never been properly constified. Sort them all out. --- import.c | 4 ++-- ssh.c | 5 +++-- ssh.h | 22 +++++++++++----------- sshdss.c | 42 ++++++++++++++++++++++-------------------- sshecc.c | 45 +++++++++++++++++++++++---------------------- sshrsa.c | 41 +++++++++++++++++++++-------------------- 6 files changed, 82 insertions(+), 77 deletions(-) diff --git a/import.c b/import.c index 92141d3a..5481ce8f 100644 --- a/import.c +++ b/import.c @@ -1628,7 +1628,7 @@ struct ssh2_userkey *openssh_new_read(const Filename *filename, retkey = NULL; for (key_index = 0; key_index < key->nkeys; key_index++) { - unsigned char *thiskey; + const unsigned char *thiskey; int thiskeylen; /* @@ -1660,7 +1660,7 @@ struct ssh2_userkey *openssh_new_read(const Filename *filename, goto error; } - thiskey = (unsigned char *)priv; + thiskey = priv; /* * Skip over the pieces of key. diff --git a/ssh.c b/ssh.c index 5ed63cc2..aa2ebc85 100644 --- a/ssh.c +++ b/ssh.c @@ -2627,7 +2627,7 @@ static void *ssh_pkt_getdata(struct Packet *pkt, int length) return pkt->body + (pkt->savedpos - length); } static int ssh1_pkt_getrsakey(struct Packet *pkt, struct RSAKey *key, - unsigned char **keystr) + const unsigned char **keystr) { int j; @@ -3865,7 +3865,8 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, struct do_ssh1_login_state { int crLine; int len; - unsigned char *rsabuf, *keystr1, *keystr2; + unsigned char *rsabuf; + const unsigned char *keystr1, *keystr2; unsigned long supported_ciphers_mask, supported_auths_mask; int tried_publickey, tried_agent; int tis_auth_refused, ccard_auth_refused; diff --git a/ssh.h b/ssh.h index b733ffa0..a8e71313 100644 --- a/ssh.h +++ b/ssh.h @@ -131,9 +131,9 @@ struct ec_key { Bignum privateKey; }; -int makekey(unsigned char *data, int len, struct RSAKey *result, - unsigned char **keystr, int order); -int makeprivate(unsigned char *data, int len, struct RSAKey *result); +int makekey(const unsigned char *data, int len, struct RSAKey *result, + const unsigned char **keystr, int order); +int makeprivate(const unsigned char *data, int len, struct RSAKey *result); int rsaencrypt(unsigned char *data, int length, struct RSAKey *key); Bignum rsadecrypt(Bignum input, struct RSAKey *key); void rsasign(unsigned char *data, int length, struct RSAKey *key); @@ -324,14 +324,14 @@ struct ssh_kexes { }; struct ssh_signkey { - void *(*newkey) (char *data, int len); + void *(*newkey) (const char *data, int len); void (*freekey) (void *key); char *(*fmtkey) (void *key); unsigned char *(*public_blob) (void *key, int *len); unsigned char *(*private_blob) (void *key, int *len); - void *(*createkey) (unsigned char *pub_blob, int pub_len, - unsigned char *priv_blob, int priv_len); - void *(*openssh_createkey) (unsigned char **blob, int *len); + void *(*createkey) (const unsigned char *pub_blob, int pub_len, + const unsigned char *priv_blob, int priv_len); + void *(*openssh_createkey) (const unsigned char **blob, int *len); int (*openssh_fmtkey) (void *key, unsigned char *blob, int len); /* OpenSSH private key blobs, as created by openssh_fmtkey and * consumed by openssh_createkey, always (at least so far...) take @@ -342,11 +342,11 @@ struct ssh_signkey { * skip over the right number to find the next key in the file. * openssh_private_npieces gives that information. */ int openssh_private_npieces; - int (*pubkey_bits) (void *blob, int len); + int (*pubkey_bits) (const void *blob, int len); char *(*fingerprint) (void *key); - int (*verifysig) (void *key, char *sig, int siglen, - char *data, int datalen); - unsigned char *(*sign) (void *key, char *data, int datalen, + int (*verifysig) (void *key, const char *sig, int siglen, + const char *data, int datalen); + unsigned char *(*sign) (void *key, const char *data, int datalen, int *siglen); char *name; char *keytype; /* for host key cache */ diff --git a/sshdss.c b/sshdss.c index 40285a02..5633e395 100644 --- a/sshdss.c +++ b/sshdss.c @@ -37,7 +37,8 @@ static void sha512_mpint(SHA512_State * s, Bignum b) smemclr(lenbuf, sizeof(lenbuf)); } -static void getstring(char **data, int *datalen, char **p, int *length) +static void getstring(const char **data, int *datalen, + const char **p, int *length) { *p = NULL; if (*datalen < 4) @@ -53,9 +54,9 @@ static void getstring(char **data, int *datalen, char **p, int *length) *data += *length; *datalen -= *length; } -static Bignum getmp(char **data, int *datalen) +static Bignum getmp(const char **data, int *datalen) { - char *p; + const char *p; int length; Bignum b; @@ -64,18 +65,18 @@ static Bignum getmp(char **data, int *datalen) return NULL; if (p[0] & 0x80) return NULL; /* negative mp */ - b = bignum_from_bytes((unsigned char *)p, length); + b = bignum_from_bytes((const unsigned char *)p, length); return b; } -static Bignum get160(char **data, int *datalen) +static Bignum get160(const char **data, int *datalen) { Bignum b; if (*datalen < 20) return NULL; - b = bignum_from_bytes((unsigned char *)*data, 20); + b = bignum_from_bytes((const unsigned char *)*data, 20); *data += 20; *datalen -= 20; @@ -84,9 +85,9 @@ static Bignum get160(char **data, int *datalen) static void dss_freekey(void *key); /* forward reference */ -static void *dss_newkey(char *data, int len) +static void *dss_newkey(const char *data, int len) { - char *p; + const char *p; int slen; struct dss_key *dss; @@ -226,11 +227,11 @@ static char *dss_fingerprint(void *key) return ret; } -static int dss_verifysig(void *key, char *sig, int siglen, - char *data, int datalen) +static int dss_verifysig(void *key, const char *sig, int siglen, + const char *data, int datalen) { struct dss_key *dss = (struct dss_key *) key; - char *p; + const char *p; int slen; char hash[20]; Bignum r, s, w, gu1p, yu2p, gu1yu2p, u1, u2, sha, v; @@ -402,12 +403,12 @@ static unsigned char *dss_private_blob(void *key, int *len) return blob; } -static void *dss_createkey(unsigned char *pub_blob, int pub_len, - unsigned char *priv_blob, int priv_len) +static void *dss_createkey(const unsigned char *pub_blob, int pub_len, + const unsigned char *priv_blob, int priv_len) { struct dss_key *dss; - char *pb = (char *) priv_blob; - char *hash; + const char *pb = (const char *) priv_blob; + const char *hash; int hashlen; SHA_State s; unsigned char digest[20]; @@ -453,9 +454,9 @@ static void *dss_createkey(unsigned char *pub_blob, int pub_len, return dss; } -static void *dss_openssh_createkey(unsigned char **blob, int *len) +static void *dss_openssh_createkey(const unsigned char **blob, int *len) { - char **b = (char **) blob; + const char **b = (const char **) blob; struct dss_key *dss; dss = snew(struct dss_key); @@ -504,12 +505,12 @@ static int dss_openssh_fmtkey(void *key, unsigned char *blob, int len) return bloblen; } -static int dss_pubkey_bits(void *blob, int len) +static int dss_pubkey_bits(const void *blob, int len) { struct dss_key *dss; int ret; - dss = dss_newkey((char *) blob, len); + dss = dss_newkey((const char *) blob, len); if (!dss) return -1; ret = bignum_bitcount(dss->p); @@ -638,7 +639,8 @@ Bignum *dss_gen_k(const char *id_string, Bignum modulus, Bignum private_key, } } -static unsigned char *dss_sign(void *key, char *data, int datalen, int *siglen) +static unsigned char *dss_sign(void *key, const char *data, int datalen, + int *siglen) { struct dss_key *dss = (struct dss_key *) key; Bignum k, gkp, hash, kinv, hxr, r, s; diff --git a/sshecc.c b/sshecc.c index 9b2e5020..2e7bcf84 100644 --- a/sshecc.c +++ b/sshecc.c @@ -276,7 +276,7 @@ struct ec_curve *ec_p521(void) return &curve; } -static struct ec_curve *ec_name_to_curve(char *name, int len) { +static struct ec_curve *ec_name_to_curve(const char *name, int len) { if (len == 8 && !memcmp(name, "nistp", 5)) { name += 5; if (!memcmp(name, "256", 3)) { @@ -1376,7 +1376,8 @@ static void _ecdsa_sign(const Bignum privateKey, const struct ec_curve *curve, * Misc functions */ -static void getstring(char **data, int *datalen, char **p, int *length) +static void getstring(const char **data, int *datalen, + const char **p, int *length) { *p = NULL; if (*datalen < 4) @@ -1393,9 +1394,9 @@ static void getstring(char **data, int *datalen, char **p, int *length) *datalen -= *length; } -static Bignum getmp(char **data, int *datalen) +static Bignum getmp(const char **data, int *datalen) { - char *p; + const char *p; int length; getstring(data, datalen, &p, &length); @@ -1406,7 +1407,7 @@ static Bignum getmp(char **data, int *datalen) return bignum_from_bytes((unsigned char *)p, length); } -static int decodepoint(char *p, int length, struct ec_point *point) +static int decodepoint(const char *p, int length, struct ec_point *point) { if (length < 1 || p[0] != 0x04) /* Only support uncompressed point */ return 0; @@ -1444,9 +1445,9 @@ static int decodepoint(char *p, int length, struct ec_point *point) return 1; } -static int getmppoint(char **data, int *datalen, struct ec_point *point) +static int getmppoint(const char **data, int *datalen, struct ec_point *point) { - char *p; + const char *p; int length; getstring(data, datalen, &p, &length); @@ -1474,9 +1475,9 @@ static void ecdsa_freekey(void *key) sfree(ec); } -static void *ecdsa_newkey(char *data, int len) +static void *ecdsa_newkey(const char *data, int len) { - char *p; + const char *p; int slen; struct ec_key *ec; struct ec_curve *curve; @@ -1625,14 +1626,14 @@ static unsigned char *ecdsa_private_blob(void *key, int *len) return blob; } -static void *ecdsa_createkey(unsigned char *pub_blob, int pub_len, - unsigned char *priv_blob, int priv_len) +static void *ecdsa_createkey(const unsigned char *pub_blob, int pub_len, + const unsigned char *priv_blob, int priv_len) { struct ec_key *ec; struct ec_point *publicKey; - char *pb = (char *) priv_blob; + const char *pb = (const char *) priv_blob; - ec = (struct ec_key*)ecdsa_newkey((char *) pub_blob, pub_len); + ec = (struct ec_key*)ecdsa_newkey((const char *) pub_blob, pub_len); if (!ec) { return NULL; } @@ -1658,10 +1659,10 @@ static void *ecdsa_createkey(unsigned char *pub_blob, int pub_len, return ec; } -static void *ecdsa_openssh_createkey(unsigned char **blob, int *len) +static void *ecdsa_openssh_createkey(const unsigned char **blob, int *len) { - char **b = (char **) blob; - char *p; + const char **b = (const char **) blob; + const char *p; int slen; struct ec_key *ec; struct ec_curve *curve; @@ -1767,12 +1768,12 @@ static int ecdsa_openssh_fmtkey(void *key, unsigned char *blob, int len) return bloblen; } -static int ecdsa_pubkey_bits(void *blob, int len) +static int ecdsa_pubkey_bits(const void *blob, int len) { struct ec_key *ec; int ret; - ec = (struct ec_key*)ecdsa_newkey((char *) blob, len); + ec = (struct ec_key*)ecdsa_newkey((const char *) blob, len); if (!ec) return -1; ret = ec->publicKey.curve->fieldBits; @@ -1834,11 +1835,11 @@ static char *ecdsa_fingerprint(void *key) return ret; } -static int ecdsa_verifysig(void *key, char *sig, int siglen, - char *data, int datalen) +static int ecdsa_verifysig(void *key, const char *sig, int siglen, + const char *data, int datalen) { struct ec_key *ec = (struct ec_key *) key; - char *p; + const char *p; int slen; unsigned char digest[512 / 8]; int digestLen; @@ -1891,7 +1892,7 @@ static int ecdsa_verifysig(void *key, char *sig, int siglen, return ret; } -static unsigned char *ecdsa_sign(void *key, char *data, int datalen, +static unsigned char *ecdsa_sign(void *key, const char *data, int datalen, int *siglen) { struct ec_key *ec = (struct ec_key *) key; diff --git a/sshrsa.c b/sshrsa.c index 058200f4..3adccfbe 100644 --- a/sshrsa.c +++ b/sshrsa.c @@ -10,10 +10,10 @@ #include "ssh.h" #include "misc.h" -int makekey(unsigned char *data, int len, struct RSAKey *result, - unsigned char **keystr, int order) +int makekey(const unsigned char *data, int len, struct RSAKey *result, + const unsigned char **keystr, int order) { - unsigned char *p = data; + const unsigned char *p = data; int i, n; if (len < 4) @@ -59,7 +59,7 @@ int makekey(unsigned char *data, int len, struct RSAKey *result, return p - data; } -int makeprivate(unsigned char *data, int len, struct RSAKey *result) +int makeprivate(const unsigned char *data, int len, struct RSAKey *result) { return ssh1_read_bignum(data, len, &result->private_exponent); } @@ -533,7 +533,8 @@ void freersakey(struct RSAKey *key) * Implementation of the ssh-rsa signing key type. */ -static void getstring(char **data, int *datalen, char **p, int *length) +static void getstring(const char **data, int *datalen, + const char **p, int *length) { *p = NULL; if (*datalen < 4) @@ -549,9 +550,9 @@ static void getstring(char **data, int *datalen, char **p, int *length) *data += *length; *datalen -= *length; } -static Bignum getmp(char **data, int *datalen) +static Bignum getmp(const char **data, int *datalen) { - char *p; + const char *p; int length; Bignum b; @@ -564,9 +565,9 @@ static Bignum getmp(char **data, int *datalen) static void rsa2_freekey(void *key); /* forward reference */ -static void *rsa2_newkey(char *data, int len) +static void *rsa2_newkey(const char *data, int len) { - char *p; + const char *p; int slen; struct RSAKey *rsa; @@ -684,11 +685,11 @@ static unsigned char *rsa2_private_blob(void *key, int *len) return blob; } -static void *rsa2_createkey(unsigned char *pub_blob, int pub_len, - unsigned char *priv_blob, int priv_len) +static void *rsa2_createkey(const unsigned char *pub_blob, int pub_len, + const unsigned char *priv_blob, int priv_len) { struct RSAKey *rsa; - char *pb = (char *) priv_blob; + const char *pb = (const char *) priv_blob; rsa = rsa2_newkey((char *) pub_blob, pub_len); rsa->private_exponent = getmp(&pb, &priv_len); @@ -704,9 +705,9 @@ static void *rsa2_createkey(unsigned char *pub_blob, int pub_len, return rsa; } -static void *rsa2_openssh_createkey(unsigned char **blob, int *len) +static void *rsa2_openssh_createkey(const unsigned char **blob, int *len) { - char **b = (char **) blob; + const char **b = (const char **) blob; struct RSAKey *rsa; rsa = snew(struct RSAKey); @@ -762,12 +763,12 @@ static int rsa2_openssh_fmtkey(void *key, unsigned char *blob, int len) return bloblen; } -static int rsa2_pubkey_bits(void *blob, int len) +static int rsa2_pubkey_bits(const void *blob, int len) { struct RSAKey *rsa; int ret; - rsa = rsa2_newkey((char *) blob, len); + rsa = rsa2_newkey((const char *) blob, len); ret = bignum_bitcount(rsa->modulus); rsa2_freekey(rsa); @@ -840,12 +841,12 @@ static const unsigned char asn1_weird_stuff[] = { #define ASN1_LEN ( (int) sizeof(asn1_weird_stuff) ) -static int rsa2_verifysig(void *key, char *sig, int siglen, - char *data, int datalen) +static int rsa2_verifysig(void *key, const char *sig, int siglen, + const char *data, int datalen) { struct RSAKey *rsa = (struct RSAKey *) key; Bignum in, out; - char *p; + const char *p; int slen; int bytes, i, j, ret; unsigned char hash[20]; @@ -890,7 +891,7 @@ static int rsa2_verifysig(void *key, char *sig, int siglen, return ret; } -static unsigned char *rsa2_sign(void *key, char *data, int datalen, +static unsigned char *rsa2_sign(void *key, const char *data, int datalen, int *siglen) { struct RSAKey *rsa = (struct RSAKey *) key;