diff options
| author | Darren Tucker <dtucker@cvs.openbsd.org> | 2020-10-19 22:49:24 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2020-10-19 22:49:24 +0000 |
| commit | f758a0c354e627e6b597255149eabb4452f86303 (patch) | |
| tree | 42623c3bf7ccca9669aa5d53836efd2737ca1f82 /usr.bin/ssh | |
| parent | b08d7f25156cb96c664cf4bbec1fc1db4c58f45c (diff) | |
Adapt XMSS to new logging infrastructure. With markus@, ok djm@.
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/authfd.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-xmss.c | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/sshkey-xmss.c | 18 | ||||
| -rw-r--r-- | usr.bin/ssh/sshkey-xmss.h | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/sshkey.c | 10 | ||||
| -rw-r--r-- | usr.bin/ssh/sshkey.h | 9 |
6 files changed, 27 insertions, 26 deletions
diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c index ab5b2b705b8..ff32732a406 100644 --- a/usr.bin/ssh/authfd.c +++ b/usr.bin/ssh/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.124 2020/06/26 05:03:36 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.125 2020/10/19 22:49:23 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -506,7 +506,7 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, SSH2_AGENTC_ADD_IDENTITY; if ((r = sshbuf_put_u8(msg, type)) != 0 || (r = sshkey_private_serialize_maxsign(key, msg, maxsign, - NULL)) != 0 || + 0)) != 0 || (r = sshbuf_put_cstring(msg, comment)) != 0) goto out; break; diff --git a/usr.bin/ssh/ssh-xmss.c b/usr.bin/ssh/ssh-xmss.c index 9782670dda0..4651ef16139 100644 --- a/usr.bin/ssh/ssh-xmss.c +++ b/usr.bin/ssh/ssh-xmss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-xmss.c,v 1.3 2020/10/18 11:32:02 djm Exp $*/ +/* $OpenBSD: ssh-xmss.c,v 1.4 2020/10/19 22:49:23 dtucker Exp $*/ /* * Copyright (c) 2017 Stefan-Lukas Gazdag. * Copyright (c) 2017 Markus Friedl. @@ -59,7 +59,7 @@ ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, smlen = slen = datalen + required_siglen; if ((sig = malloc(slen)) == NULL) return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_xmss_get_state(key, error)) != 0) + if ((r = sshkey_xmss_get_state(key, 1)) != 0) goto out; if ((ret = xmss_sign(key->xmss_sk, sshkey_xmss_bds_state(key), sig, &smlen, data, datalen, sshkey_xmss_params(key))) != 0 || smlen <= datalen) { @@ -87,7 +87,7 @@ ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, /* success */ r = 0; out: - if ((ret = sshkey_xmss_update_state(key, error)) != 0) { + if ((ret = sshkey_xmss_update_state(key, 1)) != 0) { /* discard signature since we cannot update the state */ if (r == 0 && sigp != NULL && *sigp != NULL) { explicit_bzero(*sigp, len); diff --git a/usr.bin/ssh/sshkey-xmss.c b/usr.bin/ssh/sshkey-xmss.c index 91779a2133b..3ef1705e335 100644 --- a/usr.bin/ssh/sshkey-xmss.c +++ b/usr.bin/ssh/sshkey-xmss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey-xmss.c,v 1.8 2019/11/13 07:53:10 markus Exp $ */ +/* $OpenBSD: sshkey-xmss.c,v 1.9 2020/10/19 22:49:23 dtucker Exp $ */ /* * Copyright (c) 2017 Markus Friedl. All rights reserved. * @@ -39,6 +39,7 @@ #include "sshkey.h" #include "sshkey-xmss.h" #include "atomicio.h" +#include "log.h" #include "xmss_fast.h" @@ -73,7 +74,7 @@ int sshkey_xmss_init_bds_state(struct sshkey *); int sshkey_xmss_init_enc_key(struct sshkey *, const char *); void sshkey_xmss_free_bds(struct sshkey *); int sshkey_xmss_get_state_from_file(struct sshkey *, const char *, - int *, sshkey_printfn *); + int *, int); int sshkey_xmss_encrypt_state(const struct sshkey *, struct sshbuf *, struct sshbuf **); int sshkey_xmss_decrypt_state(const struct sshkey *, struct sshbuf *, @@ -81,7 +82,8 @@ int sshkey_xmss_decrypt_state(const struct sshkey *, struct sshbuf *, int sshkey_xmss_serialize_enc_key(const struct sshkey *, struct sshbuf *); int sshkey_xmss_deserialize_enc_key(struct sshkey *, struct sshbuf *); -#define PRINT(s...) do { if (pr) pr(s); } while (0) +#define PRINT(...) do { if (printerror) sshlog(__FILE__, __func__, __LINE__, \ + 0, SYSLOG_LEVEL_ERROR, __VA_ARGS__); } while (0) int sshkey_xmss_init(struct sshkey *key, const char *name) @@ -386,7 +388,7 @@ sshkey_xmss_generate_private_key(struct sshkey *k, u_int bits) int sshkey_xmss_get_state_from_file(struct sshkey *k, const char *filename, - int *have_file, sshkey_printfn *pr) + int *have_file, int printerror) { struct sshbuf *b = NULL, *enc = NULL; int ret = SSH_ERR_SYSTEM_ERROR, r, fd = -1; @@ -434,7 +436,7 @@ done: } int -sshkey_xmss_get_state(const struct sshkey *k, sshkey_printfn *pr) +sshkey_xmss_get_state(const struct sshkey *k, int printerror) { struct ssh_xmss_state *state = k->xmss_state; u_int32_t idx = 0; @@ -487,9 +489,9 @@ sshkey_xmss_get_state(const struct sshkey *k, sshkey_printfn *pr) } /* XXX no longer const */ if ((r = sshkey_xmss_get_state_from_file((struct sshkey *)k, - statefile, &have_state, pr)) != 0) { + statefile, &have_state, printerror)) != 0) { if ((r = sshkey_xmss_get_state_from_file((struct sshkey *)k, - ostatefile, &have_ostate, pr)) == 0) { + ostatefile, &have_ostate, printerror)) == 0) { state->allow_update = 1; r = sshkey_xmss_forward_state(k, 1); state->idx = PEEK_U32(k->xmss_sk); @@ -557,7 +559,7 @@ sshkey_xmss_forward_state(const struct sshkey *k, u_int32_t reserve) } int -sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr) +sshkey_xmss_update_state(const struct sshkey *k, int printerror) { struct ssh_xmss_state *state = k->xmss_state; struct sshbuf *b = NULL, *enc = NULL; diff --git a/usr.bin/ssh/sshkey-xmss.h b/usr.bin/ssh/sshkey-xmss.h index b9f8ead1047..bf52d293c3a 100644 --- a/usr.bin/ssh/sshkey-xmss.h +++ b/usr.bin/ssh/sshkey-xmss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey-xmss.h,v 1.1 2018/02/23 15:58:38 markus Exp $ */ +/* $OpenBSD: sshkey-xmss.h,v 1.2 2020/10/19 22:49:23 dtucker Exp $ */ /* * Copyright (c) 2017 Markus Friedl. All rights reserved. * @@ -47,10 +47,10 @@ int sshkey_xmss_deserialize_pk_info(struct sshkey *, struct sshbuf *); int sshkey_xmss_siglen(const struct sshkey *, size_t *); void *sshkey_xmss_params(const struct sshkey *); void *sshkey_xmss_bds_state(const struct sshkey *); -int sshkey_xmss_get_state(const struct sshkey *, sshkey_printfn *); +int sshkey_xmss_get_state(const struct sshkey *, int); int sshkey_xmss_enable_maxsign(struct sshkey *, u_int32_t); int sshkey_xmss_forward_state(const struct sshkey *, u_int32_t); -int sshkey_xmss_update_state(const struct sshkey *, sshkey_printfn *); +int sshkey_xmss_update_state(const struct sshkey *, int); u_int32_t sshkey_xmss_signatures_left(const struct sshkey *); #endif /* SSHKEY_XMSS_H */ diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c index c795e3901ab..68c9e81ec45 100644 --- a/usr.bin/ssh/sshkey.c +++ b/usr.bin/ssh/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.111 2020/08/27 01:06:19 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.112 2020/10/19 22:49:23 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -4627,7 +4627,7 @@ sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob, int type, */ int sshkey_private_serialize_maxsign(struct sshkey *k, struct sshbuf *b, - u_int32_t maxsign, sshkey_printfn *pr) + u_int32_t maxsign, int printerror) { int r, rupdate; @@ -4635,14 +4635,14 @@ sshkey_private_serialize_maxsign(struct sshkey *k, struct sshbuf *b, sshkey_type_plain(k->type) != KEY_XMSS) return sshkey_private_serialize_opt(k, b, SSHKEY_SERIALIZE_DEFAULT); - if ((r = sshkey_xmss_get_state(k, pr)) != 0 || + if ((r = sshkey_xmss_get_state(k, printerror)) != 0 || (r = sshkey_private_serialize_opt(k, b, SSHKEY_SERIALIZE_STATE)) != 0 || (r = sshkey_xmss_forward_state(k, maxsign)) != 0) goto out; r = 0; out: - if ((rupdate = sshkey_xmss_update_state(k, pr)) != 0) { + if ((rupdate = sshkey_xmss_update_state(k, printerror)) != 0) { if (r == 0) r = rupdate; } @@ -4681,7 +4681,7 @@ sshkey_set_filename(struct sshkey *k, const char *filename) #else int sshkey_private_serialize_maxsign(struct sshkey *k, struct sshbuf *b, - u_int32_t maxsign, sshkey_printfn *pr) + u_int32_t maxsign, int printerror) { return sshkey_private_serialize_opt(k, b, SSHKEY_SERIALIZE_DEFAULT); } diff --git a/usr.bin/ssh/sshkey.h b/usr.bin/ssh/sshkey.h index dc79c086dfb..df3ceee67a2 100644 --- a/usr.bin/ssh/sshkey.h +++ b/usr.bin/ssh/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.46 2020/08/27 01:06:19 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.47 2020/10/19 22:49:23 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -261,13 +261,12 @@ int sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob, int ssh_rsa_complete_crt_parameters(struct sshkey *, const BIGNUM *); /* stateful keys (e.g. XMSS) */ -typedef void sshkey_printfn(const char *, ...) __attribute__((format(printf, 1, 2))); int sshkey_set_filename(struct sshkey *, const char *); int sshkey_enable_maxsign(struct sshkey *, u_int32_t); u_int32_t sshkey_signatures_left(const struct sshkey *); -int sshkey_forward_state(const struct sshkey *, u_int32_t, sshkey_printfn *); -int sshkey_private_serialize_maxsign(struct sshkey *key, struct sshbuf *buf, - u_int32_t maxsign, sshkey_printfn *pr); +int sshkey_forward_state(const struct sshkey *, u_int32_t, int); +int sshkey_private_serialize_maxsign(struct sshkey *key, + struct sshbuf *buf, u_int32_t maxsign, int); void sshkey_sig_details_free(struct sshkey_sig_details *); |