~sircmpwn/hare-ssh

9b75ebb354c511940631e814d6315144c1a8e0d4 — Armin Preiml 6 months ago 4d475c1
s/SIZE/SZ
M format/ssh/bcrypt.ha => format/ssh/bcrypt.ha +6 -6
@@ 23,18 23,18 @@ use hash;
use strings;

def BCRYPT_WORDS: size = 8;
def BCRYPT_HASHSIZE: size = BCRYPT_WORDS * 4;
def BCRYPT_HASHSZ: size = BCRYPT_WORDS * 4;

// Performs the silly OpenBSD-specific bcrypt key derivation function. See
// openbsd-compat/bcrypt_pbkdf.c in the OpenSSH portable tree.
fn bcrypt_pbkdf(key: []u8, pass: []u8, salt: []u8, rounds: uint) void = {
	// Same sanity checks as OpenBSD
	assert(rounds >= 1 && len(pass) != 0 && len(salt) != 0
		&& len(key) != 0 && len(key) <= BCRYPT_HASHSIZE * BCRYPT_HASHSIZE
		&& len(key) != 0 && len(key) <= BCRYPT_HASHSZ * BCRYPT_HASHSZ
		&& len(salt) <= 1 << 20);

	let out: [BCRYPT_HASHSIZE]u8 = [0...];
	let tmpout: [BCRYPT_HASHSIZE]u8 = [0...];
	let out: [BCRYPT_HASHSZ]u8 = [0...];
	let tmpout: [BCRYPT_HASHSZ]u8 = [0...];
	defer bytes::zero(out);
	defer bytes::zero(tmpout);



@@ 45,12 45,12 @@ fn bcrypt_pbkdf(key: []u8, pass: []u8, salt: []u8, rounds: uint) void = {
	defer free(countsalt);
	countsalt[..len(salt)] = salt[..];

	let shapass: [sha512::SIZE]u8 = [0...];
	let shapass: [sha512::SZ]u8 = [0...];
	const sha = sha512::sha512();
	hash::write(&sha, pass);
	hash::sum(&sha, shapass);

	let shasalt: [sha512::SIZE]u8 = [0...];
	let shasalt: [sha512::SZ]u8 = [0...];
	let keylen = len(key);
	for (let count = 1u32; keylen > 0; count += 1) {
		countsalt[len(salt) + 0] = (count >> 24): u8;

M format/ssh/cipher.ha => format/ssh/cipher.ha +2 -2
@@ 16,7 16,7 @@ type cipher = struct {
const ciphers: [_]cipher = [
	cipher {
		name = "aes256-ctr",
		bufsiz = aes::CTR_BUFSIZE,
		bufsiz = aes::CTR_BUFSZ,
		keylen = 32,
		ivlen = 16,
		authlen = 0,


@@ 36,7 36,7 @@ fn getcipher(name: str) (const *cipher | badcipher) = {
type aes256ctr = struct {
	st: cipher::ctr_stream,
	block: aes::block,
	buf: [aes::CTR_BUFSIZE]u8,
	buf: [aes::CTR_BUFSZ]u8,
};

fn aes256ctr_init(handle: io::handle, key: []u8, iv: []u8) *io::stream = {

M format/ssh/rsa.ha => format/ssh/rsa.ha +7 -7
@@ 56,7 56,7 @@ fn rsa_decodepub(key: *key, src: io::handle) (void | error) = {
	defer free(pub.n);

	assert(len(key.pubkey) == 0, "can not reassign keys");
	key.pubkey = alloc([0...], rsa::PUBKEYSIZE);
	key.pubkey = alloc([0...], rsa::PUBKEYSZ);
	match (rsa::pubkey_init(key.pubkey, pub)) {
	case size =>
		yield;


@@ 113,7 113,7 @@ fn rsa_decoderawpub(key: *key, src: io::handle) (void | error) = {
	defer free(pub.e);

	assert(len(key.pubkey) == 0, "can not reassign keys");
	key.pubkey = alloc([0...], rsa::PUBKEYSIZE);
	key.pubkey = alloc([0...], rsa::PUBKEYSZ);
	match (rsa::pubkey_init(key.pubkey, pub)) {
	case size =>
		yield;


@@ 169,7 169,7 @@ fn rsa_decoderawpriv(key: *key, src: io::handle) (void | error) = {
	assert(len(key.pubkey) > 0, "pubkey required when decoding privkey");
	let pubp = rsa::pubkey_params(key.pubkey);

	key.privkey = alloc([0...], rsa::PRIVKEYSIZE);
	key.privkey = alloc([0...], rsa::PRIVKEYSZ);
	match (rsa::privkey_initd(key.privkey, priv, d, pubp.n)) {
	case size =>
		yield;


@@ 189,13 189,13 @@ fn rsa_sign(key: *const key, sink: io::handle, msg: []u8) (void | io::error) = {
	let sig: []u8 = alloc([0...], nsize);
	defer free(sig);

	let msghash: [sha512::SIZE]u8 = [0...];
	let msghash: [sha512::SZ]u8 = [0...];
	let h = sha512::sha512();
	io::writeall(&h, msg)!;
	hash::sum(&h, msghash);
	hash::close(&h);

	let buf: [rsa::PKCS1_SIGNBUFSIZE]u8 = [0...];
	let buf: [rsa::PKCS1_SIGNBUFSZ]u8 = [0...];
	match (rsa::pkcs1_sign(key.privkey, msghash,
			sig, rsa::pkcs1_hashalgo::SHA512, buf)) {
	case rsa::error =>


@@ 219,13 219,13 @@ fn rsa_verify(key: *const key, src: io::handle, msg: []u8) (void | error) = {
	const sig = readslice(src)?;
	defer free(sig);

	let msghash: [sha512::SIZE]u8 = [0...];
	let msghash: [sha512::SZ]u8 = [0...];
	let h = sha512::sha512();
	io::writeall(&h, msg)!;
	hash::sum(&h, msghash);
	hash::close(&h);

	let buf: [rsa::PKCS1_VERIFYBUFSIZE]u8 = [0...];
	let buf: [rsa::PKCS1_VERIFYBUFSZ]u8 = [0...];
	match (rsa::pkcs1_verify(key.pubkey, msghash,
			sig, rsa::pkcs1_hashalgo::SHA512, buf)) {
	case rsa::error =>

M net/ssh/agent/agent.ha => net/ssh/agent/agent.ha +1 -1
@@ 38,7 38,7 @@ export fn agent_finish(agent: *agent) void = {
// Reads the next message from an SSH agent socket, returning either a message,
// an error, or void if more data is required to read the full message.
export fn readmsg(agent: *agent) (message | io::EOF | void | error) = {
	let buf: [os::BUFSIZ]u8 = [0...];
	let buf: [os::BUFSZ]u8 = [0...];
	const z = match (io::read(agent.fd, buf)?) {
	case let sz: size =>
		yield sz;

M net/ssh/cipher.ha => net/ssh/cipher.ha +2 -2
@@ 96,7 96,7 @@ type aes_ctr = struct {
	cipher,
	ct: aes::block,
	ctr: cipher::ctr_stream,
	ctrbuf: [aes::CTR_BUFSIZE]u8,
	ctrbuf: [aes::CTR_BUFSZ]u8,
};

fn aes256_ctr_init(


@@ 113,7 113,7 @@ fn aes256_ctr_init(
		ctr = *(&([0...]: [size(cipher::ctr_stream)]u8): *cipher::ctr_stream),
		...,
	});
	let iv: [aes::BLOCKSIZE]u8 = [0...];
	let iv: [aes::BLOCKSZ]u8 = [0...];
	let key: [32]u8 = [0...];
	const shared = kex_shared(kex);
	kex_hash(client, kex, hash_type::IV_CLIENT_SERVER, shared, iv);

M net/ssh/client.ha => net/ssh/client.ha +5 -5
@@ 12,7 12,7 @@ use types;
// The maximum size of an ordinary SSH packet. Some packets may be larger. This
// is the maximum amount of memory which is dynamically allocated per client by
// the implementation.
export def MAX_PACKETSIZE: size = 35000;
export def MAX_PACKETSZ: size = 35000;

export type client_state = enum {
	VEREXCH,


@@ 61,8 61,8 @@ export fn newclient(conn: io::handle) (client | error) = {
		conn = conn,
		cipherconn = io::empty,
		state = client_state::VEREXCH,
		rbuf = alloc([], os::BUFSIZ),
		wbuf = alloc([], os::BUFSIZ),
		rbuf = alloc([], os::BUFSZ),
		wbuf = alloc([], os::BUFSZ),
		rptr = 0,
		exchash = [],
		client_version = strings::dup(protoversion),


@@ 112,7 112,7 @@ export fn client_finish(client: *client) void = {
};

fn client_verexch(client: *client) (void | error) = {
	let buf: [os::BUFSIZ]u8 = [0...];
	let buf: [os::BUFSZ]u8 = [0...];
	const z = match (io::read(client.conn, buf)?) {
	case let z: size =>
		yield z;


@@ 222,7 222,7 @@ fn client_read(client: *client) (packet | io::EOF | error) = {
		return r;
	};

	let buf: [os::BUFSIZ]u8 = [0...];
	let buf: [os::BUFSZ]u8 = [0...];
	const z = match (io::read(client.conn, buf)?) {
	case io::EOF =>
		return io::EOF;

M net/ssh/kex.ha => net/ssh/kex.ha +1 -1
@@ 164,7 164,7 @@ fn curve25519_sha256_derivekey(
			writempint(&buf, shared)!;

			const sha = sha256::sha256();
			let exchash: [sha256::SIZE]u8 = [0...];
			let exchash: [sha256::SZ]u8 = [0...];
			hash::write(&sha, memio::buffer(&buf));
			hash::sum(&sha, exchash);
			client.exchash = alloc(exchash...);

M net/ssh/mac.ha => net/ssh/mac.ha +1 -1
@@ 113,7 113,7 @@ fn hmac_sha1_96_init(key: []u8) *mac::mac = {

fn hmac_sha1_96_sum(mac: *mac::mac, out: []u8) void = {
	const mac = mac: *hmac_sha1;
	let macbuf: [sha1::SIZE]u8 = [0...];
	let macbuf: [sha1::SZ]u8 = [0...];
	mac::sum(&mac.mac, macbuf);
	out[..12] = macbuf[..12];
};

M net/ssh/proto.ha => net/ssh/proto.ha +1 -1
@@ 49,7 49,7 @@ fn writeu32(out: io::handle, val: u32) (void | io::error) = {

fn readslice(src: *memio::stream) ([]u8 | protoerror) = {
	const length = readu32(src)?;
	if (length > MAX_PACKETSIZE) {
	if (length > MAX_PACKETSZ) {
		return protoerror;
	};
	if (length == 0) {