2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * Auxiliary functions for storing and retrieving various data types to/from
8 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose. Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is
11 * incompatible with the protocol description in the RFC file, it must be
12 * called by a name other than "ssh" or "Secure Shell".
15 * SSH2 packet format added by Markus Friedl
16 * Copyright (c) 2000 Markus Friedl. All rights reserved.
18 * Redistribution and use in source and binary forms, with or without
19 * modification, are permitted provided that the following conditions
21 * 1. Redistributions of source code must retain the above copyright
22 * notice, this list of conditions and the following disclaimer.
23 * 2. Redistributions in binary form must reproduce the above copyright
24 * notice, this list of conditions and the following disclaimer in the
25 * documentation and/or other materials provided with the distribution.
27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
28 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
29 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
30 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
31 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
32 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
33 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
34 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
35 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
40 RCSID("$OpenBSD: bufaux.c,v 1.36 2005/06/17 02:44:32 djm Exp $");
42 #include <openssl/bn.h>
49 * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed
50 * by (bits+7)/8 bytes of binary data, msb first.
53 buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
55 int bits = BN_num_bits(value);
56 int bin_size = (bits + 7) / 8;
57 u_char *buf = xmalloc(bin_size);
61 /* Get the value of in binary */
62 oi = BN_bn2bin(value, buf);
64 error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d",
69 /* Store the number of bits in the buffer in two bytes, msb first. */
71 buffer_append(buffer, msg, 2);
72 /* Store the binary data. */
73 buffer_append(buffer, (char *)buf, oi);
75 memset(buf, 0, bin_size);
82 buffer_put_bignum(Buffer *buffer, const BIGNUM *value)
84 if (buffer_put_bignum_ret(buffer, value) == -1)
85 fatal("buffer_put_bignum: buffer error");
89 * Retrieves an BIGNUM from the buffer.
92 buffer_get_bignum_ret(Buffer *buffer, BIGNUM *value)
97 /* Get the number for bits. */
98 if (buffer_get_ret(buffer, (char *) buf, 2) == -1) {
99 error("buffer_get_bignum_ret: invalid length");
102 bits = GET_16BIT(buf);
103 /* Compute the number of binary bytes that follow. */
104 bytes = (bits + 7) / 8;
105 if (bytes > 8 * 1024) {
106 error("buffer_get_bignum_ret: cannot handle BN of size %d", bytes);
109 if (buffer_len(buffer) < bytes) {
110 error("buffer_get_bignum_ret: input buffer too small");
113 bin = buffer_ptr(buffer);
114 BN_bin2bn(bin, bytes, value);
115 if (buffer_consume_ret(buffer, bytes) == -1) {
116 error("buffer_get_bignum_ret: buffer_consume failed");
123 buffer_get_bignum(Buffer *buffer, BIGNUM *value)
125 if (buffer_get_bignum_ret(buffer, value) == -1)
126 fatal("buffer_get_bignum: buffer error");
130 * Stores an BIGNUM in the buffer in SSH2 format.
133 buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value)
140 if (BN_is_zero(value)) {
141 buffer_put_int(buffer, 0);
145 error("buffer_put_bignum2_ret: negative numbers not supported");
148 bytes = BN_num_bytes(value) + 1; /* extra padding byte */
150 error("buffer_put_bignum2_ret: BN too small");
153 buf = xmalloc(bytes);
155 /* Get the value of in binary */
156 oi = BN_bn2bin(value, buf+1);
157 if (oi < 0 || (u_int)oi != bytes - 1) {
158 error("buffer_put_bignum2_ret: BN_bn2bin() failed: "
159 "oi %d != bin_size %d", oi, bytes);
163 hasnohigh = (buf[1] & 0x80) ? 0 : 1;
164 buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
165 memset(buf, 0, bytes);
171 buffer_put_bignum2(Buffer *buffer, const BIGNUM *value)
173 if (buffer_put_bignum2_ret(buffer, value) == -1)
174 fatal("buffer_put_bignum2: buffer error");
178 buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
183 if ((bin = buffer_get_string_ret(buffer, &len)) == NULL) {
184 error("buffer_get_bignum2_ret: invalid bignum");
188 if (len > 0 && (bin[0] & 0x80)) {
189 error("buffer_get_bignum2_ret: negative numbers not supported");
192 if (len > 8 * 1024) {
193 error("buffer_get_bignum2_ret: cannot handle BN of size %d", len);
196 BN_bin2bn(bin, len, value);
202 buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
204 if (buffer_get_bignum2_ret(buffer, value) == -1)
205 fatal("buffer_get_bignum2: buffer error");
209 * Returns integers from the buffer (msb first).
213 buffer_get_short_ret(u_short *ret, Buffer *buffer)
217 if (buffer_get_ret(buffer, (char *) buf, 2) == -1)
219 *ret = GET_16BIT(buf);
224 buffer_get_short(Buffer *buffer)
228 if (buffer_get_short_ret(&ret, buffer) == -1)
229 fatal("buffer_get_short: buffer error");
235 buffer_get_int_ret(u_int *ret, Buffer *buffer)
239 if (buffer_get_ret(buffer, (char *) buf, 4) == -1)
241 *ret = GET_32BIT(buf);
246 buffer_get_int(Buffer *buffer)
250 if (buffer_get_int_ret(&ret, buffer) == -1)
251 fatal("buffer_get_int: buffer error");
257 buffer_get_int64_ret(u_int64_t *ret, Buffer *buffer)
261 if (buffer_get_ret(buffer, (char *) buf, 8) == -1)
263 *ret = GET_64BIT(buf);
268 buffer_get_int64(Buffer *buffer)
272 if (buffer_get_int64_ret(&ret, buffer) == -1)
273 fatal("buffer_get_int: buffer error");
279 * Stores integers in the buffer, msb first.
282 buffer_put_short(Buffer *buffer, u_short value)
286 PUT_16BIT(buf, value);
287 buffer_append(buffer, buf, 2);
291 buffer_put_int(Buffer *buffer, u_int value)
295 PUT_32BIT(buf, value);
296 buffer_append(buffer, buf, 4);
300 buffer_put_int64(Buffer *buffer, u_int64_t value)
304 PUT_64BIT(buf, value);
305 buffer_append(buffer, buf, 8);
309 * Returns an arbitrary binary string from the buffer. The string cannot
310 * be longer than 256k. The returned value points to memory allocated
311 * with xmalloc; it is the responsibility of the calling function to free
312 * the data. If length_ptr is non-NULL, the length of the returned data
313 * will be stored there. A null character will be automatically appended
314 * to the returned string, and is not counted in length.
317 buffer_get_string_ret(Buffer *buffer, u_int *length_ptr)
322 /* Get the length. */
323 len = buffer_get_int(buffer);
324 if (len > 256 * 1024) {
325 error("buffer_get_string_ret: bad string length %u", len);
328 /* Allocate space for the string. Add one byte for a null character. */
329 value = xmalloc(len + 1);
330 /* Get the string. */
331 if (buffer_get_ret(buffer, value, len) == -1) {
332 error("buffer_get_string_ret: buffer_get failed");
336 /* Append a null character to make processing easier. */
338 /* Optionally return the length of the string. */
345 buffer_get_string(Buffer *buffer, u_int *length_ptr)
349 if ((ret = buffer_get_string_ret(buffer, length_ptr)) == NULL)
350 fatal("buffer_get_string: buffer error");
355 * Stores and arbitrary binary string in the buffer.
358 buffer_put_string(Buffer *buffer, const void *buf, u_int len)
360 buffer_put_int(buffer, len);
361 buffer_append(buffer, buf, len);
364 buffer_put_cstring(Buffer *buffer, const char *s)
367 fatal("buffer_put_cstring: s == NULL");
368 buffer_put_string(buffer, s, strlen(s));
372 * Returns a character from the buffer (0 - 255).
375 buffer_get_char_ret(char *ret, Buffer *buffer)
377 if (buffer_get_ret(buffer, ret, 1) == -1) {
378 error("buffer_get_char_ret: buffer_get_ret failed");
385 buffer_get_char(Buffer *buffer)
389 if (buffer_get_char_ret(&ch, buffer) == -1)
390 fatal("buffer_get_char: buffer error");
395 * Stores a character in the buffer.
398 buffer_put_char(Buffer *buffer, int value)
402 buffer_append(buffer, &ch, 1);