OpenCoverage

ssh-pkcs11-client.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssh/src/ssh-pkcs11-client.c

Switch to Source code

Preprocessed file

Line Source Count

1 -

2 -

3 -

4 -

5 -

6 -

7 int fd = -1; -

8 pid_t pid = -1; -

9 -

10 static void -

11 send_msg(struct sshbuf *m) -

12 { -

13 u_char buf[4]; -

14 size_t mlen = sshbuf_len(m); -

15 int r; -

16 -

17 do { const u_int32_t __v = (mlen); ((u_char *)(buf))[0] = (__v >> 24) & 0xff; ((u_char *)(buf))[1] = (__v >> 16) & 0xff; ((u_char *)(buf))[2] = (__v >> 8) & 0xff; ((u_char *)(buf))[3] = __v & 0xff; } while (0); -

if (atomicio((ssize_t (*)(int, void *, size_t))write, fd, buf, 4) != 4

atomicio((ssiz..., buf, 4) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

atomicio((ssize_t (*)(int, void *, size_t))write, fd, sshbuf_mutable_ptr(m),

atomicio((ssiz... sshbuf_len(m)	Description
TRUE	never evaluated
FALSE	never evaluated

sshbuf_len(m)) != sshbuf_len(m)

atomicio((ssiz... sshbuf_len(m)	Description
TRUE	never evaluated
FALSE	never evaluated

)

error("write to helper failed");

never executed: error("write to helper failed");

if ((

(r = sshbuf_co...m, mlen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_consume(m, mlen)) != 0

(r = sshbuf_co...m, mlen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

}

never executed: end of block

25 -

26 static int -

27 recv_msg(struct sshbuf *m) -

28 { -

29 u_int l, len; -

30 u_char c, buf[1024]; -

31 int r; -

32 -

if ((

(len = atomici... buf, 4)) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

len = atomicio(read, fd, buf, 4)) != 4

(len = atomici... buf, 4)) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

) {

34 error("read from helper failed: %u", len); -

return

never executed: return (0);

(0);

never executed: return (0);

36 } -

37 len = (((u_int32_t)(((const u_char *)(buf))[0]) << 24) | ((u_int32_t)(((const u_char *)(buf))[1]) << 16) | ((u_int32_t)(((const u_char *)(buf))[2]) << 8) | (u_int32_t)(((const u_char *)(buf))[3])); -

if (len > 256 * 1024

len > 256 * 1024	Description
TRUE	never evaluated
FALSE	never evaluated

)

fatal("response too long: %u", len);

never executed: fatal("response too long: %u", len);

40 -

41 sshbuf_reset(m); -

while (len > 0

len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

43 l = len; -

if (l > sizeof(buf)

l > sizeof(buf)	Description
TRUE	never evaluated
FALSE	never evaluated

)

l = sizeof(buf);

never executed: l = sizeof(buf);

if (atomicio(read, fd, buf, l) != l

atomicio(read,..., buf, l) != l	Description
TRUE	never evaluated
FALSE	never evaluated

) {

47 error("response from helper failed."); -

return

never executed: return (0);

(0);

never executed: return (0);

49 } -

if ((

(r = sshbuf_pu... buf, l)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put(m, buf, l)) != 0

(r = sshbuf_pu... buf, l)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

52 len -= l; -

}

never executed: end of block

if ((

(r = sshbuf_ge...8(m, &c)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_get_u8(m, &c)) != 0

(r = sshbuf_ge...8(m, &c)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

return

never executed: return c;

57 } -

58 -

59 int -

60 pkcs11_init(int interactive) -

61 { -

return

never executed: return (0);

(0);

never executed: return (0);

63 } -

64 -

65 void -

66 pkcs11_terminate(void) -

67 { -

if (fd >= 0

fd >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

close(fd);

never executed: close(fd);

}

never executed: end of block

71 -

72 static int -

73 pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, -

74 int padding) -

75 { -

76 struct sshkey key; -

77 u_char *blob, *signature = -

78 ((void *)0) -

79 ; -

80 size_t blen, slen = 0; -

81 int r, ret = -1; -

82 struct sshbuf *msg; -

83 -

if (padding !=

padding != 1	Description
TRUE	never evaluated
FALSE	never evaluated

padding != 1	Description
TRUE	never evaluated
FALSE	never evaluated

86 ) -

return

never executed: return (-1);

(-1);

never executed: return (-1);

88 key.type = KEY_RSA; -

89 key.rsa = rsa; -

if ((

(r = sshkey_to..., &blen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshkey_to_blob(&key, &blob, &blen)) != 0

(r = sshkey_to..., &blen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

91 error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); -

return

never executed: return -1;

-1;

never executed: return -1;

93 } -

if ((

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

msg = sshbuf_new()) ==

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

((void *)0)

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

96 ) -

fatal("%s: sshbuf_new failed", __func__);

never executed: fatal("%s: sshbuf_new failed", __func__);

if ((

(r = sshbuf_pu...msg, 13)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_u8(msg, 13)) != 0

(r = sshbuf_pu...msg, 13)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

(

(r = sshbuf_pu...b, blen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_string(msg, blob, blen)) != 0

(r = sshbuf_pu...b, blen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

100

(

(r = sshbuf_pu...m, flen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_string(msg, from, flen)) != 0

(r = sshbuf_pu...m, flen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

101

(

(r = sshbuf_pu...(msg, 0)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_u32(msg, 0)) != 0

(r = sshbuf_pu...(msg, 0)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

102

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

103 free(blob); -

104 send_msg(msg); -

105 sshbuf_reset(msg); -

106 -

107

if (recv_msg(msg) == 14

recv_msg(msg) == 14	Description
TRUE	never evaluated
FALSE	never evaluated

) {

108

if ((

(r = sshbuf_ge..., &slen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_get_string(msg, &signature, &slen)) != 0

(r = sshbuf_ge..., &slen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

109

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

110

if (slen <= (size_t)RSA_size(rsa)

slen <= (size_t)RSA_size(rsa)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

111 memcpy(to, signature, slen); -

112 ret = slen; -

113

}

never executed: end of block

114 free(signature); -

115

}

never executed: end of block

116 sshbuf_free(msg); -

117

return

never executed: return (ret);

(ret);

never executed: return (ret);

118 } -

119 -

120 -

121 static int -

122 wrap_key(RSA *rsa) -

123 { -

124 static RSA_METHOD *helper_rsa; -

125 -

126

if ((

(helper_rsa = ...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

helper_rsa = RSA_meth_dup(RSA_get_default_method())) ==

(helper_rsa = ...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

127

((void *)0)

(helper_rsa = ...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

128 ) -

129

fatal("%s: RSA_meth_dup failed", __func__);

never executed: fatal("%s: RSA_meth_dup failed", __func__);

130

if (!RSA_meth_set1_name(helper_rsa, "ssh-pkcs11-helper")

!RSA_meth_set1...kcs11-helper")	Description
TRUE	never evaluated
FALSE	never evaluated

131

!RSA_meth_set_priv_enc(helper_rsa, pkcs11_rsa_private_encrypt)

!RSA_meth_set_...ivate_encrypt)	Description
TRUE	never evaluated
FALSE	never evaluated

)

132

fatal("%s: failed to prepare method", __func__);

never executed: fatal("%s: failed to prepare method", __func__);

133 RSA_set_method(rsa, helper_rsa); -

134

return

never executed: return (0);

(0);

never executed: return (0);

135 } -

136 -

137 static int -

138 pkcs11_start_helper(void) -

139 { -

140 int pair[2]; -

141 -

142

if (socketpair(

socketpair( 1 ...0, pair) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

143

socketpair( 1 ...0, pair) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

144

socketpair( 1 ...0, pair) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

145

SOCK_STREAM

socketpair( 1 ...0, pair) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

146

, 0, pair) == -1

socketpair( 1 ...0, pair) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

147 error("socketpair: %s", strerror( -

148 (*__errno_location ()) -

149 )); -

150

return

never executed: return (-1);

(-1);

never executed: return (-1);

151 } -

152

if ((

(pid = fork()) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

pid = fork()) == -1

(pid = fork()) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

153 error("fork: %s", strerror( -

154 (*__errno_location ()) -

155 )); -

156

return

never executed: return (-1);

(-1);

never executed: return (-1);

157

} else if (pid == 0

pid == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

158

if ((

(dup2(pair[1], 0 ) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

dup2(pair[1],

(dup2(pair[1], 0 ) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

159

(dup2(pair[1], 0 ) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

160

) == -1)

(dup2(pair[1], 0 ) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

161

(

(dup2(pair[1], 1 ) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

dup2(pair[1],

(dup2(pair[1], 1 ) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

162

(dup2(pair[1], 1 ) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

163

) == -1)

(dup2(pair[1], 1 ) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

164 fprintf( -

165 stderr -

166 , "dup2: %s\n", strerror( -

167 (*__errno_location ()) -

168 )); -

169 _exit(1); -

170

}

never executed: end of block

171 close(pair[0]); -

172 close(pair[1]); -

173 execlp("/var/tmp/openssh-test/libexec/ssh-pkcs11-helper", "/var/tmp/openssh-test/libexec/ssh-pkcs11-helper", -

174 (char *) -

175 ((void *)0) -

176 ); -

177 fprintf( -

178 stderr -

179 , "exec: %s: %s\n", "/var/tmp/openssh-test/libexec/ssh-pkcs11-helper", -

180 strerror( -

181 (*__errno_location ()) -

182 )); -

183 _exit(1); -

184

}

never executed: end of block

185 close(pair[1]); -

186 fd = pair[0]; -

187

return

never executed: return (0);

(0);

never executed: return (0);

188 } -

189 -

190 int -

191 pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp) -

192 { -

193 struct sshkey *k; -

194 int r; -

195 u_char *blob; -

196 size_t blen; -

197 u_int nkeys, i; -

198 struct sshbuf *msg; -

199 -

200

if (fd < 0

fd < 0	Description
TRUE	never evaluated
FALSE	never evaluated

&& pkcs11_start_helper() < 0

pkcs11_start_helper() < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

201

return

never executed: return (-1);

(-1);

never executed: return (-1);

202 -

203

if ((

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

msg = sshbuf_new()) ==

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

204

((void *)0)

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

205 ) -

206

fatal("%s: sshbuf_new failed", __func__);

never executed: fatal("%s: sshbuf_new failed", __func__);

207

if ((

(r = sshbuf_pu...msg, 20)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_u8(msg, 20)) != 0

(r = sshbuf_pu...msg, 20)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

208

(

(r = sshbuf_pu...g, name)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_cstring(msg, name)) != 0

(r = sshbuf_pu...g, name)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

209

(

(r = sshbuf_pu...sg, pin)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_cstring(msg, pin)) != 0

(r = sshbuf_pu...sg, pin)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

210

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

211 send_msg(msg); -

212 sshbuf_reset(msg); -

213 -

214

if (recv_msg(msg) == 12

recv_msg(msg) == 12	Description
TRUE	never evaluated
FALSE	never evaluated

) {

215

if ((

(r = sshbuf_ge... &nkeys)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_get_u32(msg, &nkeys)) != 0

(r = sshbuf_ge... &nkeys)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

216

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

217 *keysp = xcalloc(nkeys, sizeof(struct sshkey *)); -

218

for (i = 0; i < nkeys

i < nkeys	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

219 -

220

if ((

(r = sshbuf_ge..., &blen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_get_string(msg, &blob, &blen)) != 0

(r = sshbuf_ge..., &blen)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

221

(

(r = sshbuf_ge...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_get_string_direct(msg,

(r = sshbuf_ge...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

222

((void *)0)

(r = sshbuf_ge...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

223

(r = sshbuf_ge...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

224

((void *)0)

(r = sshbuf_ge...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

225

)) != 0

(r = sshbuf_ge...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

226

fatal("%s: buffer error: %s",

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

227

__func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

228

if ((

(r = sshkey_fr...len, &k)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshkey_from_blob(blob, blen, &k)) != 0

(r = sshkey_fr...len, &k)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

229

fatal("%s: bad key: %s", __func__, ssh_err(r));

never executed: fatal("%s: bad key: %s", __func__, ssh_err(r));

230 wrap_key(k->rsa); -

231 (*keysp)[i] = k; -

232 free(blob); -

233

}

never executed: end of block

234

}

never executed: end of block

else {

235 nkeys = -1; -

236

}

never executed: end of block

237 sshbuf_free(msg); -

238

return

never executed: return (nkeys);

(nkeys);

never executed: return (nkeys);

239 } -

240 -

241 int -

242 pkcs11_del_provider(char *name) -

243 { -

244 int r, ret = -1; -

245 struct sshbuf *msg; -

246 -

247

if ((

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

msg = sshbuf_new()) ==

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

248

((void *)0)

(msg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

249 ) -

250

fatal("%s: sshbuf_new failed", __func__);

never executed: fatal("%s: sshbuf_new failed", __func__);

251

if ((

(r = sshbuf_pu...msg, 21)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_u8(msg, 21)) != 0

(r = sshbuf_pu...msg, 21)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

252

(

(r = sshbuf_pu...g, name)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_cstring(msg, name)) != 0

(r = sshbuf_pu...g, name)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

253

(

(r = sshbuf_pu...msg, "")) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_cstring(msg, "")) != 0

(r = sshbuf_pu...msg, "")) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

254

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

255 send_msg(msg); -

256 sshbuf_reset(msg); -

257 -

258

if (recv_msg(msg) == 6

recv_msg(msg) == 6	Description
TRUE	never evaluated
FALSE	never evaluated

)

259

ret = 0;

never executed: ret = 0;

260 sshbuf_free(msg); -

261

return

never executed: return (ret);

(ret);

never executed: return (ret);

262 } -

Switch to Source code

Preprocessed file

Generated by Squish Coco 4.2.2