OpenCoverage

kexgexs.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/kexgexs.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: kexgexs.c,v 1.33 2018/04/10 00:10:49 djm Exp $ */-
2/*-
3 * Copyright (c) 2000 Niels Provos. All rights reserved.-
4 * Copyright (c) 2001 Markus Friedl. All rights reserved.-
5 *-
6 * Redistribution and use in source and binary forms, with or without-
7 * modification, are permitted provided that the following conditions-
8 * are met:-
9 * 1. Redistributions of source code must retain the above copyright-
10 * notice, this list of conditions and the following disclaimer.-
11 * 2. Redistributions in binary form must reproduce the above copyright-
12 * notice, this list of conditions and the following disclaimer in the-
13 * documentation and/or other materials provided with the distribution.-
14 *-
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR-
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES-
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.-
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,-
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,-
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY-
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT-
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF-
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.-
25 */-
26-
27#include "includes.h"-
28-
29#ifdef WITH_OPENSSL-
30-
31-
32#include <stdarg.h>-
33#include <stdio.h>-
34#include <string.h>-
35#include <signal.h>-
36-
37#include <openssl/dh.h>-
38-
39#include "openbsd-compat/openssl-compat.h"-
40-
41#include "sshkey.h"-
42#include "cipher.h"-
43#include "digest.h"-
44#include "kex.h"-
45#include "log.h"-
46#include "packet.h"-
47#include "dh.h"-
48#include "ssh2.h"-
49#include "compat.h"-
50#ifdef GSSAPI-
51#include "ssh-gss.h"-
52#endif-
53#include "monitor_wrap.h"-
54#include "dispatch.h"-
55#include "ssherr.h"-
56#include "sshbuf.h"-
57#include "misc.h"-
58-
59static int input_kex_dh_gex_request(int, u_int32_t, struct ssh *);-
60static int input_kex_dh_gex_init(int, u_int32_t, struct ssh *);-
61-
62int-
63kexgex_server(struct ssh *ssh)-
64{-
65 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REQUEST,-
66 &input_kex_dh_gex_request);-
67 debug("expecting SSH2_MSG_KEX_DH_GEX_REQUEST");-
68 return 0;
executed 40 times by 1 test: return 0;
Executed by:
  • test_kex
40
69}-
70-
71static int-
72input_kex_dh_gex_request(int type, u_int32_t seq, struct ssh *ssh)-
73{-
74 struct kex *kex = ssh->kex;-
75 int r;-
76 u_int min = 0, max = 0, nbits = 0;-
77 const BIGNUM *dh_p, *dh_g;-
78-
79 debug("SSH2_MSG_KEX_DH_GEX_REQUEST received");-
80 if ((r = sshpkt_get_u32(ssh, &min)) != 0 ||
(r = sshpkt_ge...h, &min)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
81 (r = sshpkt_get_u32(ssh, &nbits)) != 0 ||
(r = sshpkt_ge... &nbits)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
82 (r = sshpkt_get_u32(ssh, &max)) != 0 ||
(r = sshpkt_ge...h, &max)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
83 (r = sshpkt_get_end(ssh)) != 0)
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
84 goto out;
never executed: goto out;
0
85 kex->nbits = nbits;-
86 kex->min = min;-
87 kex->max = max;-
88 min = MAXIMUM(DH_GRP_MIN, min);
((2048) > (min))Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
89 max = MINIMUM(DH_GRP_MAX, max);
((8192) < (max))Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
90 nbits = MAXIMUM(DH_GRP_MIN, nbits);
((2048) > (nbits))Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
91 nbits = MINIMUM(DH_GRP_MAX, nbits);
((8192) < (nbits))Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
92-
93 if (kex->max < kex->min || kex->nbits < kex->min ||
kex->max < kex->minDescription
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
kex->nbits < kex->minDescription
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
94 kex->max < kex->nbits || kex->max < DH_GRP_MIN) {
kex->max < kex->nbitsDescription
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
kex->max < 2048Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
95 r = SSH_ERR_DH_GEX_OUT_OF_RANGE;-
96 goto out;
never executed: goto out;
0
97 }-
98-
99 /* Contact privileged parent */-
100 kex->dh = PRIVSEP(choose_dh(min, nbits, max));
use_privsepDescription
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
101 if (kex->dh == NULL) {
kex->dh == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
102 sshpkt_disconnect(ssh, "no matching DH grp found");-
103 r = SSH_ERR_ALLOC_FAIL;-
104 goto out;
never executed: goto out;
0
105 }-
106 debug("SSH2_MSG_KEX_DH_GEX_GROUP sent");-
107 DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);-
108 if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_GROUP)) != 0 ||
(r = sshpkt_st...ssh, 31)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
109 (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 ||
(r = sshpkt_pu...h, dh_p)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
110 (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 ||
(r = sshpkt_pu...h, dh_g)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
111 (r = sshpkt_send(ssh)) != 0)
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
112 goto out;
never executed: goto out;
0
113-
114 /* Compute our exchange value in parallel with the client */-
115 if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
(r = dh_gen_ke...eed * 8)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
116 goto out;
never executed: goto out;
0
117-
118 debug("expecting SSH2_MSG_KEX_DH_GEX_INIT");-
119 ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_INIT, &input_kex_dh_gex_init);-
120 r = 0;-
121 out:
code before this statement executed 40 times by 1 test: out:
Executed by:
  • test_kex
40
122 return r;
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
40
123}-
124-
125static int-
126input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh)-
127{-
128 struct kex *kex = ssh->kex;-
129 BIGNUM *shared_secret = NULL, *dh_client_pub = NULL;-
130 const BIGNUM *pub_key, *dh_p, *dh_g;-
131 struct sshkey *server_host_public, *server_host_private;-
132 u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL;-
133 u_char hash[SSH_DIGEST_MAX_LENGTH];-
134 size_t sbloblen, slen;-
135 size_t klen = 0, hashlen;-
136 int kout, r;-
137-
138 if (kex->load_host_public_key == NULL ||
kex->load_host...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
139 kex->load_host_private_key == NULL) {
kex->load_host...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
140 r = SSH_ERR_INVALID_ARGUMENT;-
141 goto out;
never executed: goto out;
0
142 }-
143 server_host_public = kex->load_host_public_key(kex->hostkey_type,-
144 kex->hostkey_nid, ssh);-
145 server_host_private = kex->load_host_private_key(kex->hostkey_type,-
146 kex->hostkey_nid, ssh);-
147 if (server_host_public == NULL) {
server_host_pu...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
148 r = SSH_ERR_NO_HOSTKEY_LOADED;-
149 goto out;
never executed: goto out;
0
150 }-
151-
152 /* key, cert */-
153 if ((dh_client_pub = BN_new()) == NULL) {
(dh_client_pub...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
154 r = SSH_ERR_ALLOC_FAIL;-
155 goto out;
never executed: goto out;
0
156 }-
157 if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 ||
(r = sshpkt_ge...ent_pub)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
158 (r = sshpkt_get_end(ssh)) != 0)
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
159 goto out;
never executed: goto out;
0
160-
161 DH_get0_key(kex->dh, &pub_key, NULL);-
162 DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);-
163-
164#ifdef DEBUG_KEXDH-
165 fprintf(stderr, "dh_client_pub= ");-
166 BN_print_fp(stderr, dh_client_pub);-
167 fprintf(stderr, "\n");-
168 debug("bits %d", BN_num_bits(dh_client_pub));-
169 DHparams_print_fp(stderr, kex->dh);-
170 fprintf(stderr, "pub= ");-
171 BN_print_fp(stderr, pub_key);-
172 fprintf(stderr, "\n");-
173#endif-
174 if (!dh_pub_is_valid(kex->dh, dh_client_pub)) {
!dh_pub_is_val...dh_client_pub)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
175 sshpkt_disconnect(ssh, "bad client public DH value");-
176 r = SSH_ERR_MESSAGE_INCOMPLETE;-
177 goto out;
never executed: goto out;
0
178 }-
179-
180 klen = DH_size(kex->dh);-
181 if ((kbuf = malloc(klen)) == NULL ||
(kbuf = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
182 (shared_secret = BN_new()) == NULL) {
(shared_secret...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
183 r = SSH_ERR_ALLOC_FAIL;-
184 goto out;
never executed: goto out;
0
185 }-
186 if ((kout = DH_compute_key(kbuf, dh_client_pub, kex->dh)) < 0 ||
(kout = DH_com... kex->dh)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
187 BN_bin2bn(kbuf, kout, shared_secret) == NULL) {
BN_bin2bn(kbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
188 r = SSH_ERR_LIBCRYPTO_ERROR;-
189 goto out;
never executed: goto out;
0
190 }-
191#ifdef DEBUG_KEXDH-
192 dump_digest("shared secret", kbuf, kout);-
193#endif-
194 if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob,
(r = sshkey_to...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
195 &sbloblen)) != 0)
(r = sshkey_to...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
196 goto out;
never executed: goto out;
0
197 /* calc H */-
198 hashlen = sizeof(hash);-
199 if ((r = kexgex_hash(
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
200 kex->hash_alg,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
201 kex->client_version_string,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
202 kex->server_version_string,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
203 sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
204 sshbuf_ptr(kex->my), sshbuf_len(kex->my),
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
205 server_host_key_blob, sbloblen,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
206 kex->min, kex->nbits, kex->max,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
207 dh_p, dh_g,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
208 dh_client_pub,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
209 pub_key,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
210 shared_secret,
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
211 hash, &hashlen)) != 0)
(r = kexgex_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
212 goto out;
never executed: goto out;
0
213-
214 /* save session id := H */-
215 if (kex->session_id == NULL) {
kex->session_id == ((void *)0)Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 32 times by 1 test
Evaluated by:
  • test_kex
8-32
216 kex->session_id_len = hashlen;-
217 kex->session_id = malloc(kex->session_id_len);-
218 if (kex->session_id == NULL) {
kex->session_id == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
0-8
219 r = SSH_ERR_ALLOC_FAIL;-
220 goto out;
never executed: goto out;
0
221 }-
222 memcpy(kex->session_id, hash, kex->session_id_len);-
223 }
executed 8 times by 1 test: end of block
Executed by:
  • test_kex
8
224-
225 /* sign H */-
226 if ((r = kex->sign(server_host_private, server_host_public, &signature,
(r = kex->sign...->compat)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
227 &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
(r = kex->sign...->compat)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
228 goto out;
never executed: goto out;
0
229-
230 /* destroy_sensitive_data(); */-
231-
232 /* send server hostkey, DH pubkey 'f' and signed H */-
233 if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 ||
(r = sshpkt_st...ssh, 33)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
234 (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
(r = sshpkt_pu...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
235 (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */
(r = sshpkt_pu...pub_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
236 (r = sshpkt_put_string(ssh, signature, slen)) != 0 ||
(r = sshpkt_pu...e, slen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
237 (r = sshpkt_send(ssh)) != 0)
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
238 goto out;
never executed: goto out;
0
239-
240 if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
(r = kex_deriv..._secret)) == 0Description
TRUEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-40
241 r = kex_send_newkeys(ssh);
executed 40 times by 1 test: r = kex_send_newkeys(ssh);
Executed by:
  • test_kex
40
242 out:
code before this statement executed 40 times by 1 test: out:
Executed by:
  • test_kex
40
243 DH_free(kex->dh);-
244 kex->dh = NULL;-
245 BN_clear_free(dh_client_pub);-
246 if (kbuf) {
kbufDescription
TRUEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
0-40
247 explicit_bzero(kbuf, klen);-
248 free(kbuf);-
249 }
executed 40 times by 1 test: end of block
Executed by:
  • test_kex
40
250 BN_clear_free(shared_secret);-
251 free(server_host_key_blob);-
252 free(signature);-
253 return r;
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
40
254}-
255#endif /* WITH_OPENSSL */-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2