- (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal

[openssh.git] / bufaux.c

diff --git a/bufaux.c b/bufaux.c
index 7dafed26e59ae657e0509a4f482edf9f22adb425..bf148316d10be51202df8d6ebc0c086d5a92aec5 100644 (file)
--- a/bufaux.c
+++ b/bufaux.c
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: bufaux.c,v 1.23 2002/03/18 17:25:29 provos Exp $");
+RCSID("$OpenBSD: bufaux.c,v 1.32 2004/02/23 15:12:46 markus Exp $");
 
 #include <openssl/bn.h>
 #include "bufaux.h"
@@ -50,7 +50,7 @@ RCSID("$OpenBSD: bufaux.c,v 1.23 2002/03/18 17:25:29 provos Exp $");
  * by (bits+7)/8 bytes of binary data, msb first.
  */
 void
-buffer_put_bignum(Buffer *buffer, BIGNUM *value)
+buffer_put_bignum(Buffer *buffer, const BIGNUM *value)
 {
        int bits = BN_num_bits(value);
        int bin_size = (bits + 7) / 8;
@@ -80,7 +80,7 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value)
 void
 buffer_get_bignum(Buffer *buffer, BIGNUM *value)
 {
-       int bits, bytes;
+       u_int bits, bytes;
        u_char buf[2], *bin;
 
        /* Get the number for bits. */
@@ -88,6 +88,8 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value)
        bits = GET_16BIT(buf);
        /* Compute the number of binary bytes that follow. */
        bytes = (bits + 7) / 8;
+       if (bytes > 8 * 1024)
+               fatal("buffer_get_bignum: cannot handle BN of size %d", bytes);
        if (buffer_len(buffer) < bytes)
                fatal("buffer_get_bignum: input buffer too small");
        bin = buffer_ptr(buffer);
@@ -99,30 +101,30 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value)
  * Stores an BIGNUM in the buffer in SSH2 format.
  */
 void
-buffer_put_bignum2(Buffer *buffer, BIGNUM *value)
+buffer_put_bignum2(Buffer *buffer, const BIGNUM *value)
 {
-       int bytes = BN_num_bytes(value) + 1;
-       u_char *buf = xmalloc(bytes);
+       u_int bytes;
+       u_char *buf;
        int oi;
-       int hasnohigh = 0;
+       u_int hasnohigh = 0;
+
+       if (BN_is_zero(value)) {
+               buffer_put_int(buffer, 0);
+               return;
+       }
+       if (value->neg)
+               fatal("buffer_put_bignum2: negative numbers not supported");
+       bytes = BN_num_bytes(value) + 1; /* extra padding byte */
+       if (bytes < 2)
+               fatal("buffer_put_bignum2: BN too small");
+       buf = xmalloc(bytes);
        buf[0] = '\0';
        /* Get the value of in binary */
        oi = BN_bn2bin(value, buf+1);
        if (oi != bytes-1)
-               fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d",
-                   oi, bytes);
+               fatal("buffer_put_bignum2: BN_bn2bin() failed: "
+                   "oi %d != bin_size %d", oi, bytes);
        hasnohigh = (buf[1] & 0x80) ? 0 : 1;
-       if (value->neg) {
-               /**XXX should be two's-complement */
-               int i, carry;
-               u_char *uc = buf;
-               log("negativ!");
-               for (i = bytes-1, carry = 1; i>=0; i--) {
-                       uc[i] ^= 0xff;
-                       if (carry)
-                               carry = !++uc[i];
-               }
-       }
        buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
        memset(buf, 0, bytes);
        xfree(buf);
@@ -131,54 +133,77 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value)
 void
 buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
 {
-       /**XXX should be two's-complement */
-       int len;
-       u_char *bin = buffer_get_string(buffer, (u_int *)&len);
+       u_int len;
+       u_char *bin = buffer_get_string(buffer, &len);
+
+       if (len > 0 && (bin[0] & 0x80))
+               fatal("buffer_get_bignum2: negative numbers not supported");
+       if (len > 8 * 1024)
+               fatal("buffer_get_bignum2: cannot handle BN of size %d", len);
        BN_bin2bn(bin, len, value);
        xfree(bin);
 }
 
 /*
- * Returns an integer from the buffer (4 bytes, msb first).
+ * Returns integers from the buffer (msb first).
  */
+
+u_short
+buffer_get_short(Buffer *buffer)
+{
+       u_char buf[2];
+
+       buffer_get(buffer, (char *) buf, 2);
+       return GET_16BIT(buf);
+}
+
 u_int
 buffer_get_int(Buffer *buffer)
 {
        u_char buf[4];
+
        buffer_get(buffer, (char *) buf, 4);
        return GET_32BIT(buf);
 }
 
-#ifdef HAVE_U_INT64_T
 u_int64_t
 buffer_get_int64(Buffer *buffer)
 {
        u_char buf[8];
+
        buffer_get(buffer, (char *) buf, 8);
        return GET_64BIT(buf);
 }
-#endif
 
 /*
- * Stores an integer in the buffer in 4 bytes, msb first.
+ * Stores integers in the buffer, msb first.
  */
+void
+buffer_put_short(Buffer *buffer, u_short value)
+{
+       char buf[2];
+
+       PUT_16BIT(buf, value);
+       buffer_append(buffer, buf, 2);
+}
+
 void
 buffer_put_int(Buffer *buffer, u_int value)
 {
        char buf[4];
+
        PUT_32BIT(buf, value);
        buffer_append(buffer, buf, 4);
 }
 
-#ifdef HAVE_U_INT64_T
 void
 buffer_put_int64(Buffer *buffer, u_int64_t value)
 {
        char buf[8];
+
        PUT_64BIT(buf, value);
        buffer_append(buffer, buf, 8);
 }
-#endif
 
 /*
  * Returns an arbitrary binary string from the buffer.  The string cannot
@@ -191,12 +216,13 @@ buffer_put_int64(Buffer *buffer, u_int64_t value)
 void *
 buffer_get_string(Buffer *buffer, u_int *length_ptr)
 {
-       u_int len;
        u_char *value;
+       u_int len;
+
        /* Get the length. */
        len = buffer_get_int(buffer);
        if (len > 256 * 1024)
-               fatal("Received packet with bad string length %d", len);
+               fatal("buffer_get_string: bad string length %u", len);
        /* Allocate space for the string.  Add one byte for a null character. */
        value = xmalloc(len + 1);
        /* Get the string. */
@@ -233,6 +259,7 @@ int
 buffer_get_char(Buffer *buffer)
 {
        char ch;
+
        buffer_get(buffer, &ch, 1);
        return (u_char) ch;
 }
@@ -244,5 +271,6 @@ void
 buffer_put_char(Buffer *buffer, int value)
 {
        char ch = value;
+
        buffer_append(buffer, &ch, 1);
 }