1/* 2 * Copyright (c) 2012 Damien Miller <djm@mindrot.org> 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 |
17/* $OpenBSD: krl.c,v 1.37 2015/12/31 00:33:52 djm Exp $ */ |
18 19#include "includes.h" 20 21#include <sys/param.h> /* MIN */ 22#include <sys/types.h> 23#include <openbsd-compat/sys-tree.h> 24#include <openbsd-compat/sys-queue.h> 25 --- 692 unchanged lines hidden (view full) --- 718 719 if ((sect = sshbuf_new()) == NULL) 720 return SSH_ERR_ALLOC_FAIL; 721 722 /* Store the header */ 723 if ((r = sshbuf_put(buf, KRL_MAGIC, sizeof(KRL_MAGIC) - 1)) != 0 || 724 (r = sshbuf_put_u32(buf, KRL_FORMAT_VERSION)) != 0 || 725 (r = sshbuf_put_u64(buf, krl->krl_version)) != 0 || |
726 (r = sshbuf_put_u64(buf, krl->generated_date)) != 0 || |
727 (r = sshbuf_put_u64(buf, krl->flags)) != 0 || 728 (r = sshbuf_put_string(buf, NULL, 0)) != 0 || 729 (r = sshbuf_put_cstring(buf, krl->comment)) != 0) 730 goto out; 731 732 /* Store sections for revoked certificates */ 733 TAILQ_FOREACH(rc, &krl->revoked_certs, entry) { 734 sshbuf_reset(sect); --- 32 unchanged lines hidden (view full) --- 767 for (i = 0; i < nsign_keys; i++) { 768 KRL_DBG(("%s: signature key %s", __func__, 769 sshkey_ssh_name(sign_keys[i]))); 770 if ((r = sshbuf_put_u8(buf, KRL_SECTION_SIGNATURE)) != 0 || 771 (r = sshkey_puts(sign_keys[i], buf)) != 0) 772 goto out; 773 774 if ((r = sshkey_sign(sign_keys[i], &sblob, &slen, |
775 sshbuf_ptr(buf), sshbuf_len(buf), NULL, 0)) != 0) |
776 goto out; 777 KRL_DBG(("%s: signature sig len %zu", __func__, slen)); 778 if ((r = sshbuf_put_string(buf, sblob, slen)) != 0) 779 goto out; 780 } 781 782 r = 0; 783 out: --- 37 unchanged lines hidden (view full) --- 821 /* Header: key, reserved */ 822 if ((r = sshbuf_get_string_direct(buf, &blob, &blen)) != 0 || 823 (r = sshbuf_skip_string(buf)) != 0) 824 goto out; 825 if (blen != 0 && (r = sshkey_from_blob(blob, blen, &ca_key)) != 0) 826 goto out; 827 828 while (sshbuf_len(buf) > 0) { |
829 sshbuf_free(subsect); 830 subsect = NULL; |
831 if ((r = sshbuf_get_u8(buf, &type)) != 0 || 832 (r = sshbuf_froms(buf, &subsect)) != 0) 833 goto out; 834 KRL_DBG(("%s: subsection type 0x%02x", __func__, type)); 835 /* sshbuf_dump(subsect, stderr); */ 836 837 switch (type) { 838 case KRL_SECTION_CERT_SERIAL_LIST: --- 171 unchanged lines hidden (view full) --- 1010 sig_off = sshbuf_len(buf) - sshbuf_len(copy); 1011 /* Second string component is the signature itself */ 1012 if ((r = sshbuf_get_string_direct(copy, &blob, &blen)) != 0) { 1013 r = SSH_ERR_INVALID_FORMAT; 1014 goto out; 1015 } 1016 /* Check signature over entire KRL up to this point */ 1017 if ((r = sshkey_verify(key, blob, blen, |
1018 sshbuf_ptr(buf), sig_off, 0)) != 0) |
1019 goto out; 1020 /* Check if this key has already signed this KRL */ 1021 for (i = 0; i < nca_used; i++) { 1022 if (sshkey_equal(ca_used[i], key)) { 1023 error("KRL signed more than once with " 1024 "the same key"); 1025 r = SSH_ERR_INVALID_FORMAT; 1026 goto out; --- 4 unchanged lines hidden (view full) --- 1031 sizeof(*ca_used)); 1032 if (tmp_ca_used == NULL) { 1033 r = SSH_ERR_ALLOC_FAIL; 1034 goto out; 1035 } 1036 ca_used = tmp_ca_used; 1037 ca_used[nca_used++] = key; 1038 key = NULL; |
1039 } 1040 1041 if (sshbuf_len(copy) != 0) { 1042 /* Shouldn't happen */ 1043 r = SSH_ERR_INTERNAL_ERROR; 1044 goto out; 1045 } 1046 --- 4 unchanged lines hidden (view full) --- 1051 sshbuf_free(copy); 1052 if ((copy = sshbuf_fromb(buf)) == NULL) { 1053 r = SSH_ERR_ALLOC_FAIL; 1054 goto out; 1055 } 1056 if ((r = sshbuf_consume(copy, sects_off)) != 0) 1057 goto out; 1058 while (sshbuf_len(copy) > 0) { |
1059 sshbuf_free(sect); 1060 sect = NULL; |
1061 if ((r = sshbuf_get_u8(copy, &type)) != 0 || 1062 (r = sshbuf_froms(copy, §)) != 0) 1063 goto out; 1064 KRL_DBG(("%s: second pass, section 0x%02x", __func__, type)); 1065 1066 switch (type) { 1067 case KRL_SECTION_CERTIFICATES: 1068 if ((r = parse_revoked_certs(sect, krl)) != 0) --- 26 unchanged lines hidden (view full) --- 1095 if ((r = sshbuf_skip_string(copy)) != 0) 1096 goto out; 1097 break; 1098 default: 1099 error("Unsupported KRL section %u", type); 1100 r = SSH_ERR_INVALID_FORMAT; 1101 goto out; 1102 } |
1103 if (sect != NULL && sshbuf_len(sect) > 0) { |
1104 error("KRL section contains unparsed data"); 1105 r = SSH_ERR_INVALID_FORMAT; 1106 goto out; 1107 } 1108 } 1109 1110 /* Check that the key(s) used to sign the KRL weren't revoked */ 1111 sig_seen = 0; --- 187 unchanged lines hidden --- |