Antonio Larrosa
da2c6cc517
* No changes for askpass, see main package changelog for details. - Fix a dbus connection leaked in the logind patch that was missing a sd_bus_unref call (found by Matthias Gerstner): * logind_set_tty.patch - Add a patch that fixes a small memory leak when parsing the subsystem configuration option: * fix-memleak-in-process_server_config_line_depth.patch - Update to openssh 9.8p1: = Security * 1) Race condition in sshd(8) (bsc#1226642, CVE-2024-6387). A critical vulnerability in sshd(8) was present in Portable OpenSSH versions between 8.5p1 and 9.7p1 (inclusive) that may allow arbitrary code execution with root privileges. Successful exploitation has been demonstrated on 32-bit Linux/glibc systems with ASLR. Under lab conditions, the attack requires on average 6-8 hours of continuous connections up to the maximum the server will accept. Exploitation on 64-bit systems is believed to be possible but has not been demonstrated at this time. It's likely that these attacks will be improved upon. Exploitation on non-glibc systems is conceivable but has not been examined. Systems that lack ASLR or users of downstream Linux distributions that have modified OpenSSH to disable per-connection ASLR re-randomisation (yes - this is a thing, no - we don't understand why) may potentially have an easier path to exploitation. OpenBSD is not vulnerable. OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=272
451 lines
14 KiB
Diff
451 lines
14 KiB
Diff
# HG changeset patch
|
|
# Parent 1e1d5a2ab8bddfc800f570755f9ea1addcc878c1
|
|
CAVS test for KDF implementation in OpenSSH
|
|
|
|
Index: openssh-8.8p1/Makefile.in
|
|
===================================================================
|
|
--- openssh-8.8p1.orig/Makefile.in
|
|
+++ openssh-8.8p1/Makefile.in
|
|
@@ -27,6 +27,7 @@ SSH_KEYSIGN=$(libexecdir)/ssh-keysign
|
|
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
|
|
SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper
|
|
CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
|
|
+CAVSTEST_KDF=$(libexecdir)/cavstest-kdf
|
|
PRIVSEP_PATH=@PRIVSEP_PATH@
|
|
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
|
|
STRIP_OPT=@STRIP_OPT@
|
|
@@ -70,7 +71,7 @@ MKDIR_P=@MKDIR_P@
|
|
|
|
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) sshd-session$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT)
|
|
|
|
-TARGETS += cavstest-ctr$(EXEEXT)
|
|
+TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT)
|
|
|
|
XMSS_OBJS=\
|
|
ssh-xmss.o \
|
|
@@ -252,6 +253,9 @@ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(S
|
|
cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o
|
|
$(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz
|
|
|
|
+cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-kdf.o
|
|
+ $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz
|
|
+
|
|
# test driver for the loginrec code - not built by default
|
|
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
|
|
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
|
|
@@ -415,6 +419,7 @@ install-files:
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
|
|
+ $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-kdf$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-kdf$(EXEEXT)
|
|
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
|
|
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
|
|
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
|
|
Index: openssh-8.8p1/cavstest-kdf.c
|
|
===================================================================
|
|
--- /dev/null
|
|
+++ openssh-8.8p1/cavstest-kdf.c
|
|
@@ -0,0 +1,402 @@
|
|
+/*
|
|
+ * Copyright (C) 2015, Stephan Mueller <smueller@chronox.de>
|
|
+ *
|
|
+ * Redistribution and use in source and binary forms, with or without
|
|
+ * modification, are permitted provided that the following conditions
|
|
+ * are met:
|
|
+ * 1. Redistributions of source code must retain the above copyright
|
|
+ * notice, and the entire permission notice in its entirety,
|
|
+ * including the disclaimer of warranties.
|
|
+ * 2. Redistributions in binary form must reproduce the above copyright
|
|
+ * notice, this list of conditions and the following disclaimer in the
|
|
+ * documentation and/or other materials provided with the distribution.
|
|
+ * 3. The name of the author may not be used to endorse or promote
|
|
+ * products derived from this software without specific prior
|
|
+ * written permission.
|
|
+ *
|
|
+ * ALTERNATIVELY, this product may be distributed under the terms of
|
|
+ * the GNU General Public License, in which case the provisions of the GPL2
|
|
+ * are required INSTEAD OF the above restrictions. (This clause is
|
|
+ * necessary due to a potential bad interaction between the GPL and
|
|
+ * the restrictions contained in a BSD-style copyright.)
|
|
+ *
|
|
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
|
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
|
|
+ * WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE
|
|
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
|
|
+ * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
|
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
|
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
|
|
+ * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
|
|
+ * DAMAGE.
|
|
+ */
|
|
+
|
|
+#include "includes.h"
|
|
+
|
|
+#include <stdio.h>
|
|
+#include <stdlib.h>
|
|
+#include <errno.h>
|
|
+#include <sys/types.h>
|
|
+#include <string.h>
|
|
+
|
|
+#include <openssl/bn.h>
|
|
+
|
|
+#include "xmalloc.h"
|
|
+#include "ssherr.h"
|
|
+#include "sshbuf.h"
|
|
+#include "sshkey.h"
|
|
+#include "cipher.h"
|
|
+#include "kex.h"
|
|
+#include "packet.h"
|
|
+
|
|
+static int bin_char(unsigned char hex)
|
|
+{
|
|
+ if (48 <= hex && 57 >= hex)
|
|
+ return (hex - 48);
|
|
+ if (65 <= hex && 70 >= hex)
|
|
+ return (hex - 55);
|
|
+ if (97 <= hex && 102 >= hex)
|
|
+ return (hex - 87);
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+/*
|
|
+ * Convert hex representation into binary string
|
|
+ * @hex input buffer with hex representation
|
|
+ * @hexlen length of hex
|
|
+ * @bin output buffer with binary data
|
|
+ * @binlen length of already allocated bin buffer (should be at least
|
|
+ * half of hexlen -- if not, only a fraction of hexlen is converted)
|
|
+ */
|
|
+static void hex2bin(const char *hex, size_t hexlen,
|
|
+ unsigned char *bin, size_t binlen)
|
|
+{
|
|
+ size_t i = 0;
|
|
+ size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen;
|
|
+
|
|
+ for (i = 0; i < chars; i++) {
|
|
+ bin[i] = bin_char(hex[(i*2)]) << 4;
|
|
+ bin[i] |= bin_char(hex[((i*2)+1)]);
|
|
+ }
|
|
+}
|
|
+
|
|
+/*
|
|
+ * Allocate sufficient space for binary representation of hex
|
|
+ * and convert hex into bin
|
|
+ *
|
|
+ * Caller must free bin
|
|
+ * @hex input buffer with hex representation
|
|
+ * @hexlen length of hex
|
|
+ * @bin return value holding the pointer to the newly allocated buffer
|
|
+ * @binlen return value holding the allocated size of bin
|
|
+ *
|
|
+ * return: 0 on success, !0 otherwise
|
|
+ */
|
|
+static int hex2bin_alloc(const char *hex, size_t hexlen,
|
|
+ unsigned char **bin, size_t *binlen)
|
|
+{
|
|
+ unsigned char *out = NULL;
|
|
+ size_t outlen = 0;
|
|
+
|
|
+ if (!hexlen)
|
|
+ return -EINVAL;
|
|
+
|
|
+ outlen = (hexlen + 1) / 2;
|
|
+
|
|
+ out = calloc(1, outlen);
|
|
+ if (!out)
|
|
+ return -errno;
|
|
+
|
|
+ hex2bin(hex, hexlen, out, outlen);
|
|
+ *bin = out;
|
|
+ *binlen = outlen;
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+static char hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7',
|
|
+ '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
|
|
+static char hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7',
|
|
+ '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
|
|
+static char hex_char(unsigned int bin, int u)
|
|
+{
|
|
+ if (bin < sizeof(hex_char_map_l))
|
|
+ return (u) ? hex_char_map_u[bin] : hex_char_map_l[bin];
|
|
+ return 'X';
|
|
+}
|
|
+
|
|
+/*
|
|
+ * Convert binary string into hex representation
|
|
+ * @bin input buffer with binary data
|
|
+ * @binlen length of bin
|
|
+ * @hex output buffer to store hex data
|
|
+ * @hexlen length of already allocated hex buffer (should be at least
|
|
+ * twice binlen -- if not, only a fraction of binlen is converted)
|
|
+ * @u case of hex characters (0=>lower case, 1=>upper case)
|
|
+ */
|
|
+static void bin2hex(const unsigned char *bin, size_t binlen,
|
|
+ char *hex, size_t hexlen, int u)
|
|
+{
|
|
+ size_t i = 0;
|
|
+ size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen;
|
|
+
|
|
+ for (i = 0; i < chars; i++) {
|
|
+ hex[(i*2)] = hex_char((bin[i] >> 4), u);
|
|
+ hex[((i*2)+1)] = hex_char((bin[i] & 0x0f), u);
|
|
+ }
|
|
+}
|
|
+
|
|
+struct kdf_cavs {
|
|
+ unsigned char *K;
|
|
+ size_t Klen;
|
|
+ unsigned char *H;
|
|
+ size_t Hlen;
|
|
+ unsigned char *session_id;
|
|
+ size_t session_id_len;
|
|
+
|
|
+ unsigned int iv_len;
|
|
+ unsigned int ek_len;
|
|
+ unsigned int ik_len;
|
|
+};
|
|
+
|
|
+#ifdef WITH_OPENSSL
|
|
+static int
|
|
+kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
|
|
+ const BIGNUM *secret)
|
|
+{
|
|
+ struct sshbuf *shared_secret;
|
|
+ int r;
|
|
+
|
|
+ if ((shared_secret = sshbuf_new()) == NULL)
|
|
+ return SSH_ERR_ALLOC_FAIL;
|
|
+ if ((r = sshbuf_put_bignum2(shared_secret, secret)) == 0)
|
|
+ r = kex_derive_keys(ssh, hash, hashlen, shared_secret);
|
|
+ sshbuf_free(shared_secret);
|
|
+ return r;
|
|
+}
|
|
+#endif
|
|
+
|
|
+static int sshkdf_cavs(struct kdf_cavs *test)
|
|
+{
|
|
+ int ret = 0;
|
|
+ struct kex kex;
|
|
+ BIGNUM *Kbn = NULL;
|
|
+ int mode = 0;
|
|
+ struct newkeys *keys_client;
|
|
+ struct newkeys *keys_server;
|
|
+ struct ssh *ssh = NULL;
|
|
+
|
|
+#define HEXOUTLEN 500
|
|
+ char hex[HEXOUTLEN];
|
|
+
|
|
+ memset(&kex, 0, sizeof(struct kex));
|
|
+
|
|
+ Kbn = BN_new();
|
|
+ BN_bin2bn(test->K, test->Klen, Kbn);
|
|
+ if (!Kbn) {
|
|
+ printf("cannot convert K into BIGNUM\n");
|
|
+ ret = 1;
|
|
+ goto out;
|
|
+ }
|
|
+
|
|
+ kex.session_id = sshbuf_new();
|
|
+ sshbuf_put(kex.session_id, test->session_id, test->session_id_len);
|
|
+
|
|
+ /* setup kex */
|
|
+
|
|
+ /* select the right hash based on struct ssh_digest digests */
|
|
+ switch (test->ik_len) {
|
|
+ case 20:
|
|
+ kex.hash_alg = 2;
|
|
+ break;
|
|
+ case 32:
|
|
+ kex.hash_alg = 3;
|
|
+ break;
|
|
+ case 48:
|
|
+ kex.hash_alg = 4;
|
|
+ break;
|
|
+ case 64:
|
|
+ kex.hash_alg = 5;
|
|
+ break;
|
|
+ default:
|
|
+ printf("Wrong hash type %u\n", test->ik_len);
|
|
+ ret = 1;
|
|
+ goto out;
|
|
+ }
|
|
+
|
|
+ /* implement choose_enc */
|
|
+ for (mode = 0; mode < 2; mode++) {
|
|
+ kex.newkeys[mode] = calloc(1, sizeof(struct newkeys));
|
|
+ if (!kex.newkeys[mode]) {
|
|
+ printf("allocation of newkeys failed\n");
|
|
+ ret = 1;
|
|
+ goto out;
|
|
+ }
|
|
+ kex.newkeys[mode]->enc.iv_len = test->iv_len;
|
|
+ kex.newkeys[mode]->enc.key_len = test->ek_len;
|
|
+ kex.newkeys[mode]->enc.block_size = (test->iv_len == 64) ? 8 : 16;
|
|
+ kex.newkeys[mode]->mac.key_len = test->ik_len;
|
|
+ }
|
|
+
|
|
+ /* implement kex_choose_conf */
|
|
+ kex.we_need = kex.newkeys[0]->enc.key_len;
|
|
+ if (kex.we_need < kex.newkeys[0]->enc.block_size)
|
|
+ kex.we_need = kex.newkeys[0]->enc.block_size;
|
|
+ if (kex.we_need < kex.newkeys[0]->enc.iv_len)
|
|
+ kex.we_need = kex.newkeys[0]->enc.iv_len;
|
|
+ if (kex.we_need < kex.newkeys[0]->mac.key_len)
|
|
+ kex.we_need = kex.newkeys[0]->mac.key_len;
|
|
+
|
|
+ /* MODE_OUT (1) -> server to client
|
|
+ * MODE_IN (0) -> client to server */
|
|
+ kex.server = 1;
|
|
+
|
|
+ /* do it */
|
|
+ if ((ssh = ssh_packet_set_connection(NULL, -1, -1)) == NULL){
|
|
+ printf("Allocation error\n");
|
|
+ goto out;
|
|
+ }
|
|
+ ssh->kex = &kex;
|
|
+ kex_derive_keys_bn(ssh, test->H, test->Hlen, Kbn);
|
|
+
|
|
+ keys_client = kex.newkeys[0];
|
|
+ keys_server = kex.newkeys[1];
|
|
+
|
|
+ /* get data */
|
|
+ memset(hex, 0, HEXOUTLEN);
|
|
+ bin2hex(keys_client->enc.iv, (size_t)keys_client->enc.iv_len,
|
|
+ hex, HEXOUTLEN, 0);
|
|
+ printf("Initial IV (client to server) = %s\n", hex);
|
|
+
|
|
+ memset(hex, 0, HEXOUTLEN);
|
|
+ bin2hex(keys_server->enc.iv, (size_t)keys_server->enc.iv_len,
|
|
+ hex, HEXOUTLEN, 0);
|
|
+ printf("Initial IV (server to client) = %s\n", hex);
|
|
+
|
|
+ memset(hex, 0, HEXOUTLEN);
|
|
+ bin2hex(keys_client->enc.key, (size_t)keys_client->enc.key_len,
|
|
+ hex, HEXOUTLEN, 0);
|
|
+ printf("Encryption key (client to server) = %s\n", hex);
|
|
+
|
|
+ memset(hex, 0, HEXOUTLEN);
|
|
+ bin2hex(keys_server->enc.key, (size_t)keys_server->enc.key_len,
|
|
+ hex, HEXOUTLEN, 0);
|
|
+ printf("Encryption key (server to client) = %s\n", hex);
|
|
+
|
|
+ memset(hex, 0, HEXOUTLEN);
|
|
+ bin2hex(keys_client->mac.key, (size_t)keys_client->mac.key_len,
|
|
+ hex, HEXOUTLEN, 0);
|
|
+ printf("Integrity key (client to server) = %s\n", hex);
|
|
+
|
|
+ memset(hex, 0, HEXOUTLEN);
|
|
+ bin2hex(keys_server->mac.key, (size_t)keys_server->mac.key_len,
|
|
+ hex, HEXOUTLEN, 0);
|
|
+ printf("Integrity key (server to client) = %s\n", hex);
|
|
+
|
|
+out:
|
|
+ if (Kbn)
|
|
+ BN_free(Kbn);
|
|
+ if (ssh)
|
|
+ ssh_packet_close(ssh);
|
|
+ if (kex.newkeys[0])
|
|
+ free(kex.newkeys[0]);
|
|
+ if (kex.newkeys[1])
|
|
+ free(kex.newkeys[1]);
|
|
+ return ret;
|
|
+}
|
|
+
|
|
+static void usage(void)
|
|
+{
|
|
+ fprintf(stderr, "\nOpenSSH KDF CAVS Test\n\n");
|
|
+ fprintf(stderr, "Usage:\n");
|
|
+ fprintf(stderr, "\t-K\tShared secret string\n");
|
|
+ fprintf(stderr, "\t-H\tHash string\n");
|
|
+ fprintf(stderr, "\t-s\tSession ID string\n");
|
|
+ fprintf(stderr, "\t-i\tIV length to be generated\n");
|
|
+ fprintf(stderr, "\t-e\tEncryption key length to be generated\n");
|
|
+ fprintf(stderr, "\t-m\tMAC key length to be generated\n");
|
|
+}
|
|
+
|
|
+/*
|
|
+ * Test command example:
|
|
+ * ./ssh-cavs -K 0055d50f2d163cc07cd8a93cc7c3430c30ce786b572c01ad29fec7597000cf8618d664e2ec3dcbc8bb7a1a7eb7ef67f61cdaf291625da879186ac0a5cb27af571b59612d6a6e0627344d846271959fda61c78354aa498773d59762f8ca2d0215ec590d8633de921f920d41e47b3de6ab9a3d0869e1c826d0e4adebf8e3fb646a15dea20a410b44e969f4b791ed6a67f13f1b74234004d5fa5e87eff7abc32d49bbdf44d7b0107e8f10609233b7e2b7eff74a4daf25641de7553975dac6ac1e5117df6f6dbaa1c263d23a6c3e5a3d7d49ae8a828c1e333ac3f85fbbf57b5c1a45be45e43a7be1a4707eac779b8285522d1f531fe23f890fd38a004339932b93eda4 -H d3ab91a850febb417a25d892ec48ed5952c7a5de -s d3ab91a850febb417a25d892ec48ed5952c7a5de -i 8 -e 24 -m 20
|
|
+ *
|
|
+ * Expected result for example:
|
|
+ * Initial IV (client to server) = 4bb320d1679dfd3a
|
|
+ * Encryption key (client to server) = 13048cc600b9d3cf9095aa6cf8e2ff9cf1c54ca0520c89ed
|
|
+ * Integrity key (client to server) = ecef63a092b0dcc585bdc757e01b2740af57d640
|
|
+ * Initial IV (server to client) = 43dea6fdf263a308
|
|
+ * Encryption key (server to client) = 1e483c5134e901aa11fc4e0a524e7ec7b75556148a222bb0
|
|
+ * Integrity key (server to client) = 7424b05f3c44a72b4ebd281fb71f9cbe7b64d479
|
|
+ */
|
|
+int main(int argc, char *argv[])
|
|
+{
|
|
+ struct kdf_cavs test;
|
|
+ int ret = 1;
|
|
+ int opt = 0;
|
|
+
|
|
+ memset(&test, 0, sizeof(struct kdf_cavs));
|
|
+ while((opt = getopt(argc, argv, "K:H:s:i:e:m:")) != -1)
|
|
+ {
|
|
+ size_t len = 0;
|
|
+ switch(opt)
|
|
+ {
|
|
+ /*
|
|
+ * CAVS K is MPINT
|
|
+ * we want a hex (i.e. the caller must ensure the
|
|
+ * following transformations already happened):
|
|
+ * 1. cut off first four bytes
|
|
+ * 2. if most significant bit of value is
|
|
+ * 1, prepend 0 byte
|
|
+ */
|
|
+ case 'K':
|
|
+ len = strlen(optarg);
|
|
+ ret = hex2bin_alloc(optarg, len,
|
|
+ &test.K, &test.Klen);
|
|
+ if (ret)
|
|
+ goto out;
|
|
+ break;
|
|
+ case 'H':
|
|
+ len = strlen(optarg);
|
|
+ ret = hex2bin_alloc(optarg, len,
|
|
+ &test.H, &test.Hlen);
|
|
+ if (ret)
|
|
+ goto out;
|
|
+ break;
|
|
+ case 's':
|
|
+ len = strlen(optarg);
|
|
+ ret = hex2bin_alloc(optarg, len,
|
|
+ &test.session_id,
|
|
+ &test.session_id_len);
|
|
+ if (ret)
|
|
+ goto out;
|
|
+ break;
|
|
+ case 'i':
|
|
+ test.iv_len = strtoul(optarg, NULL, 10);
|
|
+ break;
|
|
+ case 'e':
|
|
+ test.ek_len = strtoul(optarg, NULL, 10);
|
|
+ break;
|
|
+ case 'm':
|
|
+ test.ik_len = strtoul(optarg, NULL, 10);
|
|
+ break;
|
|
+ default:
|
|
+ usage();
|
|
+ goto out;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ ret = sshkdf_cavs(&test);
|
|
+
|
|
+out:
|
|
+ if (test.session_id)
|
|
+ free(test.session_id);
|
|
+ if (test.K)
|
|
+ free(test.K);
|
|
+ if (test.H)
|
|
+ free(test.H);
|
|
+ return ret;
|
|
+
|
|
+}
|