OpenCoverage

kexdhc.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssh/src/kexdhc.c

Switch to Source code

Preprocessed file

Line Source Count

1 -

2 -

3 -

4 -

5 -

6 -

7 -

8 -

9 -

10 -

11 -

12 -

13 -

14 static int input_kex_dh(int, u_int32_t, struct ssh *); -

15 -

16 int -

17 kexdh_client(struct ssh *ssh) -

18 { -

19 struct kex *kex = ssh->kex; -

20 int r; -

21 const BIGNUM *pub_key; -

22 -

23 -

24 switch (kex->kex_type) { -

case

executed 20 times by 1 test: case KEX_DH_GRP1_SHA1:

Executed by:

test_kex

KEX_DH_GRP1_SHA1:

executed 20 times by 1 test: case KEX_DH_GRP1_SHA1:

Executed by:

test_kex

26 kex->dh = dh_new_group1(); -

break;

executed 20 times by 1 test: break;

Executed by:

test_kex

case

executed 20 times by 1 test: case KEX_DH_GRP14_SHA1:

Executed by:

test_kex

KEX_DH_GRP14_SHA1:

executed 20 times by 1 test: case KEX_DH_GRP14_SHA1:

Executed by:

test_kex

case

never executed: case KEX_DH_GRP14_SHA256:

KEX_DH_GRP14_SHA256:

never executed: case KEX_DH_GRP14_SHA256:

30 kex->dh = dh_new_group14(); -

break;

executed 20 times by 1 test: break;

Executed by:

test_kex

case

never executed: case KEX_DH_GRP16_SHA512:

KEX_DH_GRP16_SHA512:

never executed: case KEX_DH_GRP16_SHA512:

33 kex->dh = dh_new_group16(); -

break;

never executed: break;

case

never executed: case KEX_DH_GRP18_SHA512:

KEX_DH_GRP18_SHA512:

never executed: case KEX_DH_GRP18_SHA512:

36 kex->dh = dh_new_group18(); -

break;

never executed: break;

default

never executed: default:

39 r = -10; -

goto

never executed: goto out;

out;

never executed: goto out;

41 } -

if (kex->dh ==

kex->dh == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

((void *)0)

kex->dh == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

44 ) { -

45 r = -2; -

goto

never executed: goto out;

out;

never executed: goto out;

47 } -

48 debug("sending SSH2_MSG_KEXDH_INIT"); -

if ((

(r = dh_gen_ke...eed * 8)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0

(r = dh_gen_ke...eed * 8)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

)

0-40

goto

never executed: goto out;

out;

never executed: goto out;

51 DH_get0_key(kex->dh, &pub_key, -

52 ((void *)0) -

53 ); -

if ((

(r = sshpkt_st...ssh, 30)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshpkt_start(ssh, 30)) != 0

(r = sshpkt_st...ssh, 30)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

(

(r = sshpkt_pu...pub_key)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshpkt_put_bignum2(ssh, pub_key)) != 0

(r = sshpkt_pu...pub_key)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

(

(r = sshpkt_send(ssh)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshpkt_send(ssh)) != 0

(r = sshpkt_send(ssh)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

)

0-40

goto

never executed: goto out;

out;

never executed: goto out;

58 -

59 -

60 -

61 -

62 -

63 -

64 debug("expecting SSH2_MSG_KEXDH_REPLY"); -

65 ssh_dispatch_set(ssh, 31, &input_kex_dh); -

66 r = 0; -

out:

code before this statement executed 40 times by 1 test: out:

Executed by:

test_kex

return

executed 40 times by 1 test: return r;

Executed by:

test_kex

executed 40 times by 1 test: return r;

Executed by:

test_kex

69 } -

70 -

71 static int -

72 input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) -

73 { -

74 struct kex *kex = ssh->kex; -

75 BIGNUM *dh_server_pub = -

76 ((void *)0) -

77 , *shared_secret = -

78 ((void *)0) -

79 ; -

80 const BIGNUM *pub_key; -

81 struct sshkey *server_host_key = -

82 ((void *)0) -

83 ; -

84 u_char *kbuf = -

85 ((void *)0) -

86 , *server_host_key_blob = -

87 ((void *)0) -

88 , *signature = -

89 ((void *)0) -

90 ; -

91 u_char hash[64]; -

92 size_t klen = 0, slen, sbloblen, hashlen; -

93 int kout, r; -

94 -

if (kex->verify_host_key ==

kex->verify_ho...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

((void *)0)

kex->verify_ho...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

97 ) { -

98 r = -10; -

goto

never executed: goto out;

out;

never executed: goto out;

100 } -

101 -

102

if ((

(r = sshpkt_ge...bloblen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshpkt_get_string(ssh, &server_host_key_blob,

(r = sshpkt_ge...bloblen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

103

&sbloblen)) != 0

(r = sshpkt_ge...bloblen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

104

(

(r = sshkey_fr...ost_key)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshkey_from_blob(server_host_key_blob, sbloblen,

(r = sshkey_fr...ost_key)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

105

&server_host_key)) != 0

(r = sshkey_fr...ost_key)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

)

0-40

106

goto

never executed: goto out;

out;

never executed: goto out;

107

if (server_host_key->type != kex->hostkey_type

server_host_ke...->hostkey_type	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

108

(kex->hostkey_type == KEY_ECDSA

kex->hostkey_type == KEY_ECDSA	Description
TRUE	evaluated 10 times by 1 test Evaluated by: test_kex
FALSE	evaluated 30 times by 1 test Evaluated by: test_kex

10-30

109

server_host_key->ecdsa_nid != kex->hostkey_nid

server_host_ke...x->hostkey_nid	Description
TRUE	never evaluated
FALSE	evaluated 10 times by 1 test Evaluated by: test_kex

)) {

0-10

110 r = -13; -

111

goto

never executed: goto out;

out;

never executed: goto out;

112 } -

113

if (kex->verify_host_key(server_host_key, ssh) == -1

kex->verify_ho...ey, ssh) == -1	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

) {

0-40

114 r = -21; -

115

goto

never executed: goto out;

out;

never executed: goto out;

116 } -

117 -

118

if ((

(dh_server_pub...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

dh_server_pub = BN_new()) ==

(dh_server_pub...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

119

((void *)0)

(dh_server_pub...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

120 ) { -

121 r = -2; -

122

goto

never executed: goto out;

out;

never executed: goto out;

123 } -

124 -

125

if ((

(r = sshpkt_ge...ver_pub)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshpkt_get_bignum2(ssh, dh_server_pub)) != 0

(r = sshpkt_ge...ver_pub)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

126

(

(r = sshpkt_ge..., &slen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshpkt_get_string(ssh, &signature, &slen)) != 0

(r = sshpkt_ge..., &slen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

127

(

(r = sshpkt_get_end(ssh)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshpkt_get_end(ssh)) != 0

(r = sshpkt_get_end(ssh)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

)

0-40

128

goto

never executed: goto out;

out;

never executed: goto out;

129 -

130 -

131 -

132 -

133 -

134 -

135

if (!dh_pub_is_valid(kex->dh, dh_server_pub)

!dh_pub_is_val...dh_server_pub)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

) {

0-40

136 sshpkt_disconnect(ssh, "bad server public DH value"); -

137 r = -3; -

138

goto

never executed: goto out;

out;

never executed: goto out;

139 } -

140 -

141 klen = DH_size(kex->dh); -

142

if ((

(kbuf = malloc...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

kbuf = malloc(klen)) ==

(kbuf = malloc...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

143

((void *)0)

(kbuf = malloc...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

144 || -

145

(

(shared_secret...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

shared_secret = BN_new()) ==

(shared_secret...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

146

((void *)0)

(shared_secret...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

147 ) { -

148 r = -2; -

149

goto

never executed: goto out;

out;

never executed: goto out;

150 } -

151

if ((

(kout = DH_com... kex->dh)) < 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

kout = DH_compute_key(kbuf, dh_server_pub, kex->dh)) < 0

(kout = DH_com... kex->dh)) < 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

152

BN_bin2bn(kbuf, kout, shared_secret) ==

BN_bin2bn(kbuf...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

153

((void *)0)

BN_bin2bn(kbuf...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

154 ) { -

155 r = -22; -

156

goto

never executed: goto out;

out;

never executed: goto out;

157 } -

158 -

159 -

160 -

161 -

162 -

163 DH_get0_key(kex->dh, &pub_key, -

164 ((void *)0) -

165 ); -

166 hashlen = sizeof(hash); -

167

if ((

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = kex_dh_hash(

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

168

kex->hash_alg,

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

169

kex->client_version_string,

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

170

kex->server_version_string,

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

171

sshbuf_ptr(kex->my), sshbuf_len(kex->my),

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

172

sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

173

server_host_key_blob, sbloblen,

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

174

pub_key,

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

175

dh_server_pub,

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

176

shared_secret,

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

177

hash, &hashlen)) != 0

(r = kex_dh_ha...hashlen)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

)

0-40

178

goto

never executed: goto out;

out;

never executed: goto out;

179 -

180

if ((

(r = sshkey_ve...>compat)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,

(r = sshkey_ve...>compat)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

0-40

181

kex->hostkey_alg, ssh->compat)) != 0

(r = sshkey_ve...>compat)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

)

0-40

182

goto

never executed: goto out;

out;

never executed: goto out;

183 -

184 -

185

if (kex->session_id ==

kex->session_id == ((void *)0)	Description
TRUE	evaluated 8 times by 1 test Evaluated by: test_kex
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

8-32

186

((void *)0)

kex->session_id == ((void *)0)	Description
TRUE	evaluated 8 times by 1 test Evaluated by: test_kex
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

8-32

187 ) { -

188 kex->session_id_len = hashlen; -

189 kex->session_id = malloc(kex->session_id_len); -

190

if (kex->session_id ==

kex->session_id == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: test_kex

0-8

191

((void *)0)

kex->session_id == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: test_kex

0-8

192 ) { -

193 r = -2; -

194

goto

never executed: goto out;

out;

never executed: goto out;

195 } -

196 memcpy(kex->session_id, hash, kex->session_id_len); -

197

}

executed 8 times by 1 test: end of block

Executed by:

test_kex

198 -

199

if ((

(r = kex_deriv..._secret)) == 0	Description
TRUE	evaluated 40 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0

(r = kex_deriv..._secret)) == 0	Description
TRUE	evaluated 40 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

)

0-40

200

r = kex_send_newkeys(ssh);

executed 40 times by 1 test: r = kex_send_newkeys(ssh);

Executed by:

test_kex

201

out:

code before this statement executed 40 times by 1 test: out:

Executed by:

test_kex

202 explicit_bzero(hash, sizeof(hash)); -

203 DH_free(kex->dh); -

204 kex->dh = -

205 ((void *)0) -

206 ; -

207 BN_clear_free(dh_server_pub); -

208

if (kbuf

kbuf	Description
TRUE	evaluated 40 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

) {

0-40

209 explicit_bzero(kbuf, klen); -

210 free(kbuf); -

211

}

executed 40 times by 1 test: end of block

Executed by:

test_kex

212 BN_clear_free(shared_secret); -

213 sshkey_free(server_host_key); -

214 free(server_host_key_blob); -

215 free(signature); -

216

return

executed 40 times by 1 test: return r;

Executed by:

test_kex

executed 40 times by 1 test: return r;

Executed by:

test_kex

217 } -

Switch to Source code

Preprocessed file

Generated by Squish Coco 4.2.2