OpenCoverage

ssh-dss.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssh/src/ssh-dss.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* $OpenBSD: ssh-dss.c,v 1.37 2018/02/07 02:06:51 jsing Exp $ */ -

2 /* -

4 * -

5 * Redistribution and use in source and binary forms, with or without -

6 * modification, are permitted provided that the following conditions -

7 * are met: -

8 * 1. Redistributions of source code must retain the above copyright -

9 * notice, this list of conditions and the following disclaimer. -

10 * 2. Redistributions in binary form must reproduce the above copyright -

11 * notice, this list of conditions and the following disclaimer in the -

12 * documentation and/or other materials provided with the distribution. -

13 * -

14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -

15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -

16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -

17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -

18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -

19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -

20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -

21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -

22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -

23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -

24 */ -

25 -

26 #include "includes.h" -

27 -

28 #ifdef WITH_OPENSSL -

29 -

30 #include <sys/types.h> -

31 -

32 #include <openssl/bn.h> -

33 #include <openssl/dsa.h> -

34 #include <openssl/evp.h> -

35 -

36 #include <stdarg.h> -

37 #include <string.h> -

38 -

39 #include "sshbuf.h" -

40 #include "compat.h" -

41 #include "ssherr.h" -

42 #include "digest.h" -

43 #define SSHKEY_INTERNAL -

44 #include "sshkey.h" -

45 -

46 #include "openbsd-compat/openssl-compat.h" -

47 -

48 #define INTBLOB_LEN 20 -

49 #define SIGBLOB_LEN (2*INTBLOB_LEN) -

50 -

51 int -

52 ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, -

53 const u_char *data, size_t datalen, u_int compat) -

54 { -

55 DSA_SIG *sig = NULL; -

56 const BIGNUM *sig_r, *sig_s; -

57 u_char digest[SSH_DIGEST_MAX_LENGTH], sigblob[SIGBLOB_LEN]; -

58 size_t rlen, slen, len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); -

59 struct sshbuf *b = NULL; -

60 int ret = SSH_ERR_INVALID_ARGUMENT; -

61 -

if (lenp != NULL)

lenp != ((void *)0)	Description
TRUE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey
FALSE	never evaluated

0-65

*lenp = 0;

executed 65 times by 3 tests: *lenp = 0;

Executed by:

ssh-keygen
test_kex
test_sshkey

if (sigp != NULL)

sigp != ((void *)0)	Description
TRUE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey
FALSE	never evaluated

0-65

*sigp = NULL;

executed 65 times by 3 tests: *sigp = ((void *)0) ;

Executed by:

ssh-keygen
test_kex
test_sshkey

66 -

if (key == NULL || key->dsa == NULL ||

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

key->dsa == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

sshkey_type_plain(key->type) != KEY_DSA)

sshkey_type_pl...pe) != KEY_DSA	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

return SSH_ERR_INVALID_ARGUMENT;

never executed: return -10;

if (dlen == 0)

dlen == 0	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

return SSH_ERR_INTERNAL_ERROR;

never executed: return -1;

72 -

if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen,

(ret = ssh_dig...digest))) != 0	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

digest, sizeof(digest))) != 0)

(ret = ssh_dig...digest))) != 0	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

goto out;

never executed: goto out;

76 -

if ((sig = DSA_do_sign(digest, dlen, key->dsa)) == NULL) {

(sig = DSA_do_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

78 ret = SSH_ERR_LIBCRYPTO_ERROR; -

goto out;

never executed: goto out;

80 } -

81 -

82 DSA_SIG_get0(sig, &sig_r, &sig_s); -

83 rlen = BN_num_bytes(sig_r); -

84 slen = BN_num_bytes(sig_s); -

if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {

rlen > 20	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

slen > 20	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

86 ret = SSH_ERR_INTERNAL_ERROR; -

goto out;

never executed: goto out;

88 } -

89 explicit_bzero(sigblob, SIGBLOB_LEN); -

90 BN_bn2bin(sig_r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen); -

91 BN_bn2bin(sig_s, sigblob + SIGBLOB_LEN - slen); -

92 -

if ((b = sshbuf_new()) == NULL) {

(b = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

94 ret = SSH_ERR_ALLOC_FAIL; -

goto out;

never executed: goto out;

96 } -

if ((ret = sshbuf_put_cstring(b, "ssh-dss")) != 0 ||

(ret = sshbuf_...sh-dss")) != 0	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

(ret = sshbuf_put_string(b, sigblob, SIGBLOB_LEN)) != 0)

(ret = sshbuf_... (2*20))) != 0	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

goto out;

never executed: goto out;

100 -

101 len = sshbuf_len(b); -

102

if (sigp != NULL) {

sigp != ((void *)0)	Description
TRUE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey
FALSE	never evaluated

0-65

103

if ((*sigp = malloc(len)) == NULL) {

(sigp = mallo...== ((void )0)	Description
TRUE	never evaluated
FALSE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-65

104 ret = SSH_ERR_ALLOC_FAIL; -

105

goto out;

never executed: goto out;

106 } -

107 memcpy(*sigp, sshbuf_ptr(b), len); -

108

}

executed 65 times by 3 tests: end of block

Executed by:

ssh-keygen
test_kex
test_sshkey

109

if (lenp != NULL)

lenp != ((void *)0)	Description
TRUE	evaluated 65 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey
FALSE	never evaluated

0-65

110

*lenp = len;

executed 65 times by 3 tests: *lenp = len;

Executed by:

ssh-keygen
test_kex
test_sshkey

111 ret = 0; -

112

out:

code before this statement executed 65 times by 3 tests: out:

Executed by:

ssh-keygen
test_kex
test_sshkey

113 explicit_bzero(digest, sizeof(digest)); -

114 DSA_SIG_free(sig); -

115 sshbuf_free(b); -

116

return ret;

executed 65 times by 3 tests: return ret;

Executed by:

ssh-keygen
test_kex
test_sshkey

117 } -

118 -

119 int -

120 ssh_dss_verify(const struct sshkey *key, -

121 const u_char *signature, size_t signaturelen, -

122 const u_char *data, size_t datalen, u_int compat) -

123 { -

124 DSA_SIG *sig = NULL; -

125 BIGNUM *sig_r = NULL, *sig_s = NULL; -

126 u_char digest[SSH_DIGEST_MAX_LENGTH], *sigblob = NULL; -

127 size_t len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1); -

128 int ret = SSH_ERR_INTERNAL_ERROR; -

129 struct sshbuf *b = NULL; -

130 char *ktype = NULL; -

131 -

132

if (key == NULL || key->dsa == NULL ||

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3684 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

key->dsa == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3684 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-3684

133

sshkey_type_plain(key->type) != KEY_DSA ||

sshkey_type_pl...pe) != KEY_DSA	Description
TRUE	never evaluated
FALSE	evaluated 3684 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-3684

134

signature == NULL || signaturelen == 0)

signature == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3684 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

signaturelen == 0	Description
TRUE	never evaluated
FALSE	evaluated 3684 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-3684

135

return SSH_ERR_INVALID_ARGUMENT;

never executed: return -10;

136

if (dlen == 0)

dlen == 0	Description
TRUE	never evaluated
FALSE	evaluated 3684 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-3684

137

return SSH_ERR_INTERNAL_ERROR;

never executed: return -1;

138 -

139 /* fetch signature */ -

140

if ((b = sshbuf_from(signature, signaturelen)) == NULL)

(b = sshbuf_fr...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3684 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-3684

141

return SSH_ERR_ALLOC_FAIL;

never executed: return -2;

142

if (sshbuf_get_cstring(b, &ktype, NULL) != 0 ||

sshbuf_get_cst...id *)0) ) != 0	Description
TRUE	evaluated 517 times by 1 test Evaluated by: test_sshkey
FALSE	evaluated 3167 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

517-3167

143

sshbuf_get_string(b, &sigblob, &len) != 0) {

sshbuf_get_str...ob, &len) != 0	Description
TRUE	evaluated 469 times by 1 test Evaluated by: test_sshkey
FALSE	evaluated 2698 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

469-2698

144 ret = SSH_ERR_INVALID_FORMAT; -

145

goto out;

executed 986 times by 1 test: goto out;

Executed by:

test_sshkey

986

146 } -

147

if (strcmp("ssh-dss", ktype) != 0) {

never executed: __result = (((const unsigned char *) (const char *) ( "ssh-dss" ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( ktype ))[3] - __s2[3]);

never executed: end of block

__extension__ ... )))); }) != 0	Description
TRUE	evaluated 665 times by 1 test Evaluated by: test_sshkey
FALSE	evaluated 2033 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-2033

148 ret = SSH_ERR_KEY_TYPE_MISMATCH; -

149

goto out;

executed 665 times by 1 test: goto out;

Executed by:

test_sshkey

665

150 } -

151

if (sshbuf_len(b) != 0) {

sshbuf_len(b) != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: test_sshkey
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

2-2031

152 ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; -

153

goto out;

executed 2 times by 1 test: goto out;

Executed by:

test_sshkey

154 } -

155 -

156

if (len != SIGBLOB_LEN) {

len != (2*20)	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

157 ret = SSH_ERR_INVALID_FORMAT; -

158

goto out;

never executed: goto out;

159 } -

160 -

161 /* parse signature */ -

162

if ((sig = DSA_SIG_new()) == NULL ||

(sig = DSA_SIG...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

163

(sig_r = BN_new()) == NULL ||

(sig_r = BN_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

164

(sig_s = BN_new()) == NULL) {

(sig_s = BN_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

165 ret = SSH_ERR_ALLOC_FAIL; -

166

goto out;

never executed: goto out;

167 } -

168

if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig_r) == NULL) ||

(BN_bin2bn(sig... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

169

(BN_bin2bn(sigblob + INTBLOB_LEN, INTBLOB_LEN, sig_s) == NULL)) {

(BN_bin2bn(sig... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

170 ret = SSH_ERR_LIBCRYPTO_ERROR; -

171

goto out;

never executed: goto out;

172 } -

173

if (!DSA_SIG_set0(sig, sig_r, sig_s)) {

!DSA_SIG_set0(... sig_r, sig_s)	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

174 ret = SSH_ERR_LIBCRYPTO_ERROR; -

175

goto out;

never executed: goto out;

176 } -

177 sig_r = sig_s = NULL; /* transferred */ -

178 -

179 /* sha1 the data */ -

180

if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen,

(ret = ssh_dig...digest))) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

181

digest, sizeof(digest))) != 0)

(ret = ssh_dig...digest))) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2031 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey

0-2031

182

goto out;

never executed: goto out;

183 -

184 switch (DSA_do_verify(digest, dlen, sig, key->dsa)) { -

185

case 1:

executed 65 times by 3 tests: case 1:

Executed by:

ssh-keygen
test_kex
test_sshkey

186 ret = 0; -

187

break;

executed 65 times by 3 tests: break;

Executed by:

ssh-keygen
test_kex
test_sshkey

188

case 0:

executed 1966 times by 1 test: case 0:

Executed by:

test_sshkey

1966

189 ret = SSH_ERR_SIGNATURE_INVALID; -

190

goto out;

executed 1966 times by 1 test: goto out;

Executed by:

test_sshkey

1966

191

default:

never executed: default:

192 ret = SSH_ERR_LIBCRYPTO_ERROR; -

193

goto out;

never executed: goto out;

194 } -

195 -

196

out:

code before this statement executed 65 times by 3 tests: out:

Executed by:

ssh-keygen
test_kex
test_sshkey

197 explicit_bzero(digest, sizeof(digest)); -

198 DSA_SIG_free(sig); -

199 BN_clear_free(sig_r); -

200 BN_clear_free(sig_s); -

201 sshbuf_free(b); -

202 free(ktype); -

203

if (sigblob != NULL) {

sigblob != ((void *)0)	Description
TRUE	evaluated 2698 times by 3 tests Evaluated by: ssh-keygen test_kex test_sshkey
FALSE	evaluated 986 times by 1 test Evaluated by: test_sshkey

986-2698

204 explicit_bzero(sigblob, len); -

205 free(sigblob); -

206

}

executed 2698 times by 3 tests: end of block

Executed by:

ssh-keygen
test_kex
test_sshkey

2698

207

return ret;

executed 3684 times by 3 tests: return ret;

Executed by:

ssh-keygen
test_kex
test_sshkey

3684

208 } -

209 #endif /* WITH_OPENSSL */ -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2