- markus@cvs.openbsd.org 2014/01/27 19:18:54
[auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] replace openssl MD5 with our ssh_digest_*; ok djm@
This commit is contained in:
parent
4e8d937af7
commit
4a1c7aa640
|
@ -4,6 +4,9 @@
|
|||
[Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h]
|
||||
replace openssl HMAC with an implementation based on our ssh_digest_*
|
||||
ok and feedback djm@
|
||||
- markus@cvs.openbsd.org 2014/01/27 19:18:54
|
||||
[auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c]
|
||||
replace openssl MD5 with our ssh_digest_*; ok djm@
|
||||
|
||||
20140131
|
||||
- (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)
|
||||
|
|
22
auth-rsa.c
22
auth-rsa.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */
|
||||
/* $OpenBSD: auth-rsa.c,v 1.86 2014/01/27 19:18:54 markus Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -20,7 +20,6 @@
|
|||
#include <sys/stat.h>
|
||||
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/md5.h>
|
||||
|
||||
#include <pwd.h>
|
||||
#include <stdio.h>
|
||||
|
@ -48,6 +47,8 @@
|
|||
#include "ssh.h"
|
||||
#include "misc.h"
|
||||
|
||||
#include "digest.h"
|
||||
|
||||
/* import */
|
||||
extern ServerOptions options;
|
||||
|
||||
|
@ -91,12 +92,13 @@ int
|
|||
auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
|
||||
{
|
||||
u_char buf[32], mdbuf[16];
|
||||
MD5_CTX md;
|
||||
struct ssh_digest_ctx *md;
|
||||
int len;
|
||||
|
||||
/* don't allow short keys */
|
||||
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
|
||||
error("auth_rsa_verify_response: RSA modulus too small: %d < minimum %d bits",
|
||||
error("%s: RSA modulus too small: %d < minimum %d bits",
|
||||
__func__,
|
||||
BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE);
|
||||
return (0);
|
||||
}
|
||||
|
@ -104,13 +106,15 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
|
|||
/* The response is MD5 of decrypted challenge plus session id. */
|
||||
len = BN_num_bytes(challenge);
|
||||
if (len <= 0 || len > 32)
|
||||
fatal("auth_rsa_verify_response: bad challenge length %d", len);
|
||||
fatal("%s: bad challenge length %d", __func__, len);
|
||||
memset(buf, 0, 32);
|
||||
BN_bn2bin(challenge, buf + 32 - len);
|
||||
MD5_Init(&md);
|
||||
MD5_Update(&md, buf, 32);
|
||||
MD5_Update(&md, session_id, 16);
|
||||
MD5_Final(mdbuf, &md);
|
||||
if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
|
||||
ssh_digest_update(md, buf, 32) < 0 ||
|
||||
ssh_digest_update(md, session_id, 16) < 0 ||
|
||||
ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
|
||||
fatal("%s: md5 failed", __func__);
|
||||
ssh_digest_free(md);
|
||||
|
||||
/* Verify that the response is the original challenge. */
|
||||
if (timingsafe_bcmp(response, mdbuf, 16) != 0) {
|
||||
|
|
14
cipher.c
14
cipher.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: cipher.c,v 1.94 2014/01/25 10:12:50 dtucker Exp $ */
|
||||
/* $OpenBSD: cipher.c,v 1.95 2014/01/27 19:18:54 markus Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -39,8 +39,6 @@
|
|||
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <openssl/md5.h>
|
||||
|
||||
#include <string.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
|
@ -49,6 +47,8 @@
|
|||
#include "log.h"
|
||||
#include "misc.h"
|
||||
#include "cipher.h"
|
||||
#include "buffer.h"
|
||||
#include "digest.h"
|
||||
|
||||
/* compatibility with old or broken OpenSSL versions */
|
||||
#include "openbsd-compat/openssl-compat.h"
|
||||
|
@ -436,17 +436,15 @@ void
|
|||
cipher_set_key_string(CipherContext *cc, const Cipher *cipher,
|
||||
const char *passphrase, int do_encrypt)
|
||||
{
|
||||
MD5_CTX md;
|
||||
u_char digest[16];
|
||||
|
||||
MD5_Init(&md);
|
||||
MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase));
|
||||
MD5_Final(digest, &md);
|
||||
if (ssh_digest_memory(SSH_DIGEST_MD5, passphrase, strlen(passphrase),
|
||||
digest, sizeof(digest)) < 0)
|
||||
fatal("%s: md5 failed", __func__);
|
||||
|
||||
cipher_init(cc, cipher, digest, 16, NULL, 0, do_encrypt);
|
||||
|
||||
memset(digest, 0, sizeof(digest));
|
||||
memset(&md, 0, sizeof(md));
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
16
ssh-agent.c
16
ssh-agent.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh-agent.c,v 1.181 2013/12/19 01:19:41 djm Exp $ */
|
||||
/* $OpenBSD: ssh-agent.c,v 1.182 2014/01/27 19:18:54 markus Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -50,7 +50,6 @@
|
|||
#include "openbsd-compat/sys-queue.h"
|
||||
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/md5.h>
|
||||
#include "openbsd-compat/openssl-compat.h"
|
||||
|
||||
#include <errno.h>
|
||||
|
@ -75,6 +74,7 @@
|
|||
#include "compat.h"
|
||||
#include "log.h"
|
||||
#include "misc.h"
|
||||
#include "digest.h"
|
||||
|
||||
#ifdef ENABLE_PKCS11
|
||||
#include "ssh-pkcs11.h"
|
||||
|
@ -248,7 +248,7 @@ process_authentication_challenge1(SocketEntry *e)
|
|||
Identity *id;
|
||||
int i, len;
|
||||
Buffer msg;
|
||||
MD5_CTX md;
|
||||
struct ssh_digest_ctx *md;
|
||||
Key *key;
|
||||
|
||||
buffer_init(&msg);
|
||||
|
@ -284,10 +284,12 @@ process_authentication_challenge1(SocketEntry *e)
|
|||
}
|
||||
memset(buf, 0, 32);
|
||||
BN_bn2bin(challenge, buf + 32 - len);
|
||||
MD5_Init(&md);
|
||||
MD5_Update(&md, buf, 32);
|
||||
MD5_Update(&md, session_id, 16);
|
||||
MD5_Final(mdbuf, &md);
|
||||
if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
|
||||
ssh_digest_update(md, buf, 32) < 0 ||
|
||||
ssh_digest_update(md, session_id, 16) < 0 ||
|
||||
ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
|
||||
fatal("%s: md5 failed", __func__);
|
||||
ssh_digest_free(md);
|
||||
|
||||
/* Send the response. */
|
||||
buffer_put_char(&msg, SSH_AGENT_RSA_RESPONSE);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: sshconnect1.c,v 1.72 2013/09/02 22:00:34 deraadt Exp $ */
|
||||
/* $OpenBSD: sshconnect1.c,v 1.73 2014/01/27 19:18:54 markus Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -19,7 +19,6 @@
|
|||
#include <sys/socket.h>
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/md5.h>
|
||||
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
|
@ -47,6 +46,7 @@
|
|||
#include "canohost.h"
|
||||
#include "hostfile.h"
|
||||
#include "auth.h"
|
||||
#include "digest.h"
|
||||
|
||||
/* Session id for the current session. */
|
||||
u_char session_id[16];
|
||||
|
@ -161,7 +161,7 @@ static void
|
|||
respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv)
|
||||
{
|
||||
u_char buf[32], response[16];
|
||||
MD5_CTX md;
|
||||
struct ssh_digest_ctx *md;
|
||||
int i, len;
|
||||
|
||||
/* Decrypt the challenge using the private key. */
|
||||
|
@ -179,10 +179,12 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv)
|
|||
|
||||
memset(buf, 0, sizeof(buf));
|
||||
BN_bn2bin(challenge, buf + sizeof(buf) - len);
|
||||
MD5_Init(&md);
|
||||
MD5_Update(&md, buf, 32);
|
||||
MD5_Update(&md, session_id, 16);
|
||||
MD5_Final(response, &md);
|
||||
if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
|
||||
ssh_digest_update(md, buf, 32) < 0 ||
|
||||
ssh_digest_update(md, session_id, 16) < 0 ||
|
||||
ssh_digest_final(md, response, sizeof(response)) < 0)
|
||||
fatal("%s: md5 failed", __func__);
|
||||
ssh_digest_free(md);
|
||||
|
||||
debug("Sending response to host key RSA challenge.");
|
||||
|
||||
|
|
30
sshd.c
30
sshd.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: sshd.c,v 1.414 2014/01/09 23:26:48 djm Exp $ */
|
||||
/* $OpenBSD: sshd.c,v 1.415 2014/01/27 19:18:54 markus Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -74,7 +74,6 @@
|
|||
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/md5.h>
|
||||
#include <openssl/rand.h>
|
||||
#include "openbsd-compat/openssl-compat.h"
|
||||
|
||||
|
@ -96,6 +95,7 @@
|
|||
#include "uidswap.h"
|
||||
#include "compat.h"
|
||||
#include "cipher.h"
|
||||
#include "digest.h"
|
||||
#include "key.h"
|
||||
#include "kex.h"
|
||||
#include "dh.h"
|
||||
|
@ -2360,19 +2360,25 @@ do_ssh1_kex(void)
|
|||
if (rsafail) {
|
||||
int bytes = BN_num_bytes(session_key_int);
|
||||
u_char *buf = xmalloc(bytes);
|
||||
MD5_CTX md;
|
||||
struct ssh_digest_ctx *md;
|
||||
|
||||
logit("do_connection: generating a fake encryption key");
|
||||
BN_bn2bin(session_key_int, buf);
|
||||
MD5_Init(&md);
|
||||
MD5_Update(&md, buf, bytes);
|
||||
MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH);
|
||||
MD5_Final(session_key, &md);
|
||||
MD5_Init(&md);
|
||||
MD5_Update(&md, session_key, 16);
|
||||
MD5_Update(&md, buf, bytes);
|
||||
MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH);
|
||||
MD5_Final(session_key + 16, &md);
|
||||
if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
|
||||
ssh_digest_update(md, buf, bytes) < 0 ||
|
||||
ssh_digest_update(md, sensitive_data.ssh1_cookie,
|
||||
SSH_SESSION_KEY_LENGTH) < 0 ||
|
||||
ssh_digest_final(md, session_key, sizeof(session_key)) < 0)
|
||||
fatal("%s: md5 failed", __func__);
|
||||
ssh_digest_free(md);
|
||||
if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
|
||||
ssh_digest_update(md, session_key, 16) < 0 ||
|
||||
ssh_digest_update(md, sensitive_data.ssh1_cookie,
|
||||
SSH_SESSION_KEY_LENGTH) < 0 ||
|
||||
ssh_digest_final(md, session_key + 16,
|
||||
sizeof(session_key) - 16) < 0)
|
||||
fatal("%s: md5 failed", __func__);
|
||||
ssh_digest_free(md);
|
||||
memset(buf, 0, bytes);
|
||||
free(buf);
|
||||
for (i = 0; i < 16; i++)
|
||||
|
|
Loading…
Reference in New Issue