OpenCoverage

ssh-ed25519.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/ssh-ed25519.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: ssh-ed25519.c,v 1.7 2016/04/21 06:08:02 djm Exp $ */-
2/*-
3 * Copyright (c) 2013 Markus Friedl <markus@openbsd.org>-
4 *-
5 * Permission to use, copy, modify, and distribute this software for any-
6 * purpose with or without fee is hereby granted, provided that the above-
7 * copyright notice and this permission notice appear in all copies.-
8 *-
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES-
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF-
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR-
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES-
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN-
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF-
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.-
16 */-
17-
18#include "includes.h"-
19-
20#include <sys/types.h>-
21#include <limits.h>-
22-
23#include "crypto_api.h"-
24-
25#include <string.h>-
26#include <stdarg.h>-
27-
28#include "log.h"-
29#include "sshbuf.h"-
30#define SSHKEY_INTERNAL-
31#include "sshkey.h"-
32#include "ssherr.h"-
33#include "ssh.h"-
34-
35int-
36ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,-
37 const u_char *data, size_t datalen, u_int compat)-
38{-
39 u_char *sig = NULL;-
40 size_t slen = 0, len;-
41 unsigned long long smlen;-
42 int r, ret;-
43 struct sshbuf *b = NULL;-
44-
45 if (lenp != NULL)
lenp != ((void *)0)Description
TRUEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
FALSEnever evaluated
0-65
46 *lenp = 0;
executed 65 times by 2 tests: *lenp = 0;
Executed by:
  • test_kex
  • test_sshkey
65
47 if (sigp != NULL)
sigp != ((void *)0)Description
TRUEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
FALSEnever evaluated
0-65
48 *sigp = NULL;
executed 65 times by 2 tests: *sigp = ((void *)0) ;
Executed by:
  • test_kex
  • test_sshkey
65
49-
50 if (key == NULL ||
key == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
51 sshkey_type_plain(key->type) != KEY_ED25519 ||
sshkey_type_pl...!= KEY_ED25519Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
52 key->ed25519_sk == NULL ||
key->ed25519_sk == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
53 datalen >= INT_MAX - crypto_sign_ed25519_BYTES)
datalen >= 0x7fffffff - 64UDescription
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
54 return SSH_ERR_INVALID_ARGUMENT;
never executed: return -10;
0
55 smlen = slen = datalen + crypto_sign_ed25519_BYTES;-
56 if ((sig = malloc(slen)) == NULL)
(sig = malloc(...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
57 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
58-
59 if ((ret = crypto_sign_ed25519(sig, &smlen, data, datalen,
(ret = crypto_...5519_sk)) != 0Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
60 key->ed25519_sk)) != 0 || smlen <= datalen) {
(ret = crypto_...5519_sk)) != 0Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
smlen <= datalenDescription
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
61 r = SSH_ERR_INVALID_ARGUMENT; /* XXX better error? */-
62 goto out;
never executed: goto out;
0
63 }-
64 /* encode signature */-
65 if ((b = sshbuf_new()) == NULL) {
(b = sshbuf_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
66 r = SSH_ERR_ALLOC_FAIL;-
67 goto out;
never executed: goto out;
0
68 }-
69 if ((r = sshbuf_put_cstring(b, "ssh-ed25519")) != 0 ||
(r = sshbuf_pu...d25519")) != 0Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
70 (r = sshbuf_put_string(b, sig, smlen - datalen)) != 0)
(r = sshbuf_pu...datalen)) != 0Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
71 goto out;
never executed: goto out;
0
72 len = sshbuf_len(b);-
73 if (sigp != NULL) {
sigp != ((void *)0)Description
TRUEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
FALSEnever evaluated
0-65
74 if ((*sigp = malloc(len)) == NULL) {
(*sigp = mallo...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-65
75 r = SSH_ERR_ALLOC_FAIL;-
76 goto out;
never executed: goto out;
0
77 }-
78 memcpy(*sigp, sshbuf_ptr(b), len);-
79 }
executed 65 times by 2 tests: end of block
Executed by:
  • test_kex
  • test_sshkey
65
80 if (lenp != NULL)
lenp != ((void *)0)Description
TRUEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
FALSEnever evaluated
0-65
81 *lenp = len;
executed 65 times by 2 tests: *lenp = len;
Executed by:
  • test_kex
  • test_sshkey
65
82 /* success */-
83 r = 0;-
84 out:
code before this statement executed 65 times by 2 tests: out:
Executed by:
  • test_kex
  • test_sshkey
65
85 sshbuf_free(b);-
86 if (sig != NULL) {
sig != ((void *)0)Description
TRUEevaluated 65 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
FALSEnever evaluated
0-65
87 explicit_bzero(sig, slen);-
88 free(sig);-
89 }
executed 65 times by 2 tests: end of block
Executed by:
  • test_kex
  • test_sshkey
65
90-
91 return r;
executed 65 times by 2 tests: return r;
Executed by:
  • test_kex
  • test_sshkey
65
92}-
93-
94int-
95ssh_ed25519_verify(const struct sshkey *key,-
96 const u_char *signature, size_t signaturelen,-
97 const u_char *data, size_t datalen, u_int compat)-
98{-
99 struct sshbuf *b = NULL;-
100 char *ktype = NULL;-
101 const u_char *sigblob;-
102 u_char *sm = NULL, *m = NULL;-
103 size_t len;-
104 unsigned long long smlen = 0, mlen = 0;-
105 int r, ret;-
106-
107 if (key == NULL ||
key == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 18033 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-18033
108 sshkey_type_plain(key->type) != KEY_ED25519 ||
sshkey_type_pl...!= KEY_ED25519Description
TRUEnever evaluated
FALSEevaluated 18033 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-18033
109 key->ed25519_pk == NULL ||
key->ed25519_pk == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 18033 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-18033
110 datalen >= INT_MAX - crypto_sign_ed25519_BYTES ||
datalen >= 0x7fffffff - 64UDescription
TRUEnever evaluated
FALSEevaluated 18033 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-18033
111 signature == NULL || signaturelen == 0)
signature == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 18033 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
signaturelen == 0Description
TRUEnever evaluated
FALSEevaluated 18033 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-18033
112 return SSH_ERR_INVALID_ARGUMENT;
never executed: return -10;
0
113-
114 if ((b = sshbuf_from(signature, signaturelen)) == NULL)
(b = sshbuf_fr...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 18033 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-18033
115 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
116 if ((r = sshbuf_get_cstring(b, &ktype, NULL)) != 0 ||
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEevaluated 871 times by 1 test
Evaluated by:
  • test_sshkey
FALSEevaluated 17162 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
871-17162
117 (r = sshbuf_get_string_direct(b, &sigblob, &len)) != 0)
(r = sshbuf_ge...b, &len)) != 0Description
TRUEevaluated 845 times by 1 test
Evaluated by:
  • test_sshkey
FALSEevaluated 16317 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
845-16317
118 goto out;
executed 1716 times by 1 test: goto out;
Executed by:
  • test_sshkey
1716
119 if (strcmp("ssh-ed25519", ktype) != 0) {
never executed: __result = (((const unsigned char *) (const char *) ( "ssh-ed25519" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( ktype ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEevaluated 1914 times by 1 test
Evaluated by:
  • test_sshkey
FALSEevaluated 14403 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0-14403
120 r = SSH_ERR_KEY_TYPE_MISMATCH;-
121 goto out;
executed 1914 times by 1 test: goto out;
Executed by:
  • test_sshkey
1914
122 }-
123 if (sshbuf_len(b) != 0) {
sshbuf_len(b) != 0Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • test_sshkey
FALSEevaluated 14399 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
4-14399
124 r = SSH_ERR_UNEXPECTED_TRAILING_DATA;-
125 goto out;
executed 4 times by 1 test: goto out;
Executed by:
  • test_sshkey
4
126 }-
127 if (len > crypto_sign_ed25519_BYTES) {
len > 64UDescription
TRUEnever evaluated
FALSEevaluated 14399 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-14399
128 r = SSH_ERR_INVALID_FORMAT;-
129 goto out;
never executed: goto out;
0
130 }-
131 if (datalen >= SIZE_MAX - len) {
datalen >= (18...51615UL) - lenDescription
TRUEnever evaluated
FALSEevaluated 14399 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-14399
132 r = SSH_ERR_INVALID_ARGUMENT;-
133 goto out;
never executed: goto out;
0
134 }-
135 smlen = len + datalen;-
136 mlen = smlen;-
137 if ((sm = malloc(smlen)) == NULL || (m = malloc(mlen)) == NULL) {
(sm = malloc(s...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 14399 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
(m = malloc(ml...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 14399 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-14399
138 r = SSH_ERR_ALLOC_FAIL;-
139 goto out;
never executed: goto out;
0
140 }-
141 memcpy(sm, sigblob, len);-
142 memcpy(sm+len, data, datalen);-
143 if ((ret = crypto_sign_ed25519_open(m, &mlen, sm, smlen,
(ret = crypto_...5519_pk)) != 0Description
TRUEevaluated 14324 times by 1 test
Evaluated by:
  • test_sshkey
FALSEevaluated 75 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
75-14324
144 key->ed25519_pk)) != 0) {
(ret = crypto_...5519_pk)) != 0Description
TRUEevaluated 14324 times by 1 test
Evaluated by:
  • test_sshkey
FALSEevaluated 75 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
75-14324
145 debug2("%s: crypto_sign_ed25519_open failed: %d",-
146 __func__, ret);-
147 }
executed 14324 times by 1 test: end of block
Executed by:
  • test_sshkey
14324
148 if (ret != 0 || mlen != datalen) {
ret != 0Description
TRUEevaluated 14324 times by 1 test
Evaluated by:
  • test_sshkey
FALSEevaluated 75 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
mlen != datalenDescription
TRUEnever evaluated
FALSEevaluated 75 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
0-14324
149 r = SSH_ERR_SIGNATURE_INVALID;-
150 goto out;
executed 14324 times by 1 test: goto out;
Executed by:
  • test_sshkey
14324
151 }-
152 /* XXX compare 'm' and 'data' ? */-
153 /* success */-
154 r = 0;-
155 out:
code before this statement executed 75 times by 2 tests: out:
Executed by:
  • test_kex
  • test_sshkey
75
156 if (sm != NULL) {
sm != ((void *)0)Description
TRUEevaluated 14399 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
FALSEevaluated 3634 times by 1 test
Evaluated by:
  • test_sshkey
3634-14399
157 explicit_bzero(sm, smlen);-
158 free(sm);-
159 }
executed 14399 times by 2 tests: end of block
Executed by:
  • test_kex
  • test_sshkey
14399
160 if (m != NULL) {
m != ((void *)0)Description
TRUEevaluated 14399 times by 2 tests
Evaluated by:
  • test_kex
  • test_sshkey
FALSEevaluated 3634 times by 1 test
Evaluated by:
  • test_sshkey
3634-14399
161 explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */-
162 free(m);-
163 }
executed 14399 times by 2 tests: end of block
Executed by:
  • test_kex
  • test_sshkey
14399
164 sshbuf_free(b);-
165 free(ktype);-
166 return r;
executed 18033 times by 2 tests: return r;
Executed by:
  • test_kex
  • test_sshkey
18033
167}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2