Add a small helper for ssh_buffer to ensure that the buffer has a
certain amount of space already preallocated. This can be useful in case
it is known how much data is going to be added to a buffer, to avoid
multiple reallocations.
Make use of it in few places in the library.
Signed-off-by: Pino Toscano <ptoscano@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
torture_connect_double test case used to test the connect only up
to key exchange phase, but not after the new keys are stated to be
used for communication. The keys from previous connectoin were not
cleaned up from the previous invocation as well as the seqence
number was not reset and therefore any further packet was failing
with length-check errors or MAC errors.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Fix the build for mbedTLS:
* set HAVE_CHACHA for non-mbedTLS builds
* only compile chachapoly.c when HAVE_CHACHA
* use empty CHACHA20 in src/kex.c unless HAVE_CHACHA
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
In 06b9901e64f1ea2a1141115e5645552034d25850, invocations of `set_decrypt_key`
and `set_encrypt_key` were moved into the `ssh_packet_newkeys` callback, away
from the packet decrypt and encrypt functions.
Remove the extra `set_decrypt_key` for the case that an `aead_decrypt_length`
is not NULL. At this time, only the chacha20-poly1305@openssh.com cipher
is affected by this change.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
With this change there is less code specific to the
chacha20-poly1305 cipher found in src/wrapper.c.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The local `rc` variable here is never set. Fix a warning that is
emitted due to `-Wunused-variable`.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Avoid setting keys on every packet decrypt or encrypt operation.
Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
If you want modelines use my vim plugin:
https://github.com/cryptomilk/git-modeline.vim
git config --add vim.modeline "ts=4 sw=4 et"
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Fix two memory leaks in `ssh_get_pubkey_hash` for some error paths.
The local `h` buffer and `ctx` MD5 context each must be free'd for
the SSH_ERROR cases.
Introduced with 16217454d576511f37f39c3169963629f9d5082f.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Fix `ssh_get_pubkey_hash` indentation to use softabs
with 4 spaces. No change in behavior.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Ensure to provide the `ssh_string` pubkey blob to the buffer packing
routine when computing the SSH_MSG_KEXDH_REPLY message, rather than
the new `ssh_key` type.
Introduced with 16217454d576511f37f39c3169963629f9d5082f.
Testing done: with this change, the `pkd_hello` test is passing on a
mbedTLS build for me. Previously it would segfault during pubkey
exchange with "ecdh-sha2-nistp256".
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Ensure to provide the `ssh_string` pubkey blob to the buffer packing
routine when computing the SSH_MSG_KEXDH_REPLY message, rather than
the new `ssh_key` type.
Introduced with 16217454d576511f37f39c3169963629f9d5082f.
Testing done: with this change, the `pkd_hello` test is passing on a
libgcrypt build for me. Previously it would segfault during pubkey
exchange with "ecdh-sha2-nistp256".
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Ensure to provide the `ssh_string` pubkey blob to the buffer packing
routine when computing the SSH_MSG_KEXDH_REPLY message, rather than
the new `ssh_key` type.
Introduced with 16217454d576511f37f39c3169963629f9d5082f.
Testing done: with this change, `pkd_hello` test is passing on an
OpenSSL 1.1.0 build for me. Previously it would segfault during
pubkey exchange with "ecdh-sha2-nistp256".
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
