Commit Graph

28 Commits

Author SHA1 Message Date
djm@openbsd.org b4d4eda633 upstream: some finesse to fix RSA-SHA2 certificate authentication
for certs hosted in ssh-agent

OpenBSD-Commit-ID: e5fd5edd726137dda2d020e1cdebc464110a010f
2018-07-03 23:26:47 +10:00
djm@openbsd.org 4ba0d54794 upstream: Improve strictness and control over RSA-SHA2 signature
In ssh, when an agent fails to return a RSA-SHA2 signature when
requested and falls back to RSA-SHA1 instead, retry the signature to
ensure that the public key algorithm sent in the SSH_MSG_USERAUTH
matches the one in the signature itself.

In sshd, strictly enforce that the public key algorithm sent in the
SSH_MSG_USERAUTH message matches what appears in the signature.

Make the sshd_config PubkeyAcceptedKeyTypes and
HostbasedAcceptedKeyTypes options control accepted signature algorithms
(previously they selected supported key types). This allows these
options to ban RSA-SHA1 in favour of RSA-SHA2.

Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and
"rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures
with certificate keys.

feedback and ok markus@

OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
2018-07-03 23:26:36 +10:00
Darren Tucker 1323f120d0 Check for attributes on prototype args.
Some compilers (gcc 2.9.53, 3.0 and probably others, see gcc bug #3481)
do not accept __attribute__ on function pointer prototype args.  Check for
this and hide them if they're not accepted.
2018-02-27 08:51:56 +11:00
markus@openbsd.org 1b11ea7c58 upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@

OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
2018-02-26 11:40:41 +11:00
djm@openbsd.org 04c7e28f83 upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@

OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-12-19 15:21:37 +11:00
djm@openbsd.org 931c78dfd7 upstream commit
sshkey_sigtype() function to return the type of a
signature; ok markus@

OpenBSD-Commit-ID: d3772b065ad6eed97285589bfb544befed9032e8
2017-12-19 15:20:44 +11:00
djm@openbsd.org 83fa3a0448 upstream commit
remove post-SSHv1 removal dead code from rsa.c and merge
the remaining bit that it still used into ssh-rsa.c; ok markus

Upstream-ID: ac8a048d24dcd89594b0052ea5e3404b473bfa2f
2017-07-21 14:17:32 +10:00
djm@openbsd.org a98339edbc upstream commit
Allow ssh-keygen to use a key held in ssh-agent as a CA when
signing certificates. bz#2377 ok markus

Upstream-ID: fb42e920b592edcbb5b50465739a867c09329c8f
2017-06-28 11:13:19 +10:00
djm@openbsd.org 6026f48dfc upstream commit
missing prototype.

Upstream-ID: f443d2be9910fd2165a0667956d03343c46f66c9
2017-06-13 22:15:08 +10:00
djm@openbsd.org bd636f4091 upstream commit
Refuse RSA keys <1024 bits in length. Improve reporting
for keys that do not meet this requirement. ok markus@

Upstream-ID: b385e2a7b13b1484792ee681daaf79e1e203df6c
2017-05-08 09:21:22 +10:00
naddy@openbsd.org 768405fddf upstream commit
remove miscellaneous SSH1 leftovers; ok markus@

Upstream-ID: af23696022ae4d45a1abc2fb8b490d8d9dd63b7c
2017-05-08 09:18:27 +10:00
djm@openbsd.org 873d3e7d9a upstream commit
remove KEY_RSA1

ok markus@

Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
2017-05-01 10:05:01 +10:00
djm@openbsd.org 183ba55aaa upstream commit
fix regression in 7.4 server-sig-algs, where we were
accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
Goncalves; ok dtucker@

Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
2017-03-10 15:35:39 +11:00
djm@openbsd.org 130f5df4fa upstream commit
list all supported signature algorithms in the
server-sig-algs Reported by mb AT smartftp.com in bz#2547 and (independantly)
Ron Frederick; ok markus@

Upstream-ID: ddf702d721f54646b11ef2cee6d916666cb685cd
2016-09-13 09:33:24 +10:00
djm@openbsd.org 57464e3934 upstream commit
support SHA256 and SHA512 RSA signatures in certificates;
 ok markus@

Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
2016-05-02 20:35:05 +10:00
markus@openbsd.org 76c9fbbe35 upstream commit
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
 (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
 draft-ssh-ext-info-04.txt; with & ok djm@

Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2015-12-07 12:38:58 +11:00
djm@openbsd.org 499cf36fec upstream commit
move the certificate validity formatting code to
 sshkey.[ch]

Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
2015-11-19 12:11:37 +11:00
tim@openbsd.org 3c019a936b upstream commit
- Fix error message: passphrase needs to be at least 5
 characters, not 4. - Remove unused function argument. - Remove two
 unnecessary variables.

OK djm@

Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30
2015-09-16 17:52:09 +10:00
djm@openbsd.org 57e8e229ba upstream commit
backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this
 release; problems spotted by sthen@ ok deraadt@ markus@

Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822
2015-08-05 10:08:39 +10:00
djm@openbsd.org c65a7aa6c4 upstream commit
another SSH_RSA_MINIMUM_MODULUS_SIZE that needed
 cranking

Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1
2015-07-15 15:36:21 +10:00
djm@openbsd.org c28fc62d78 upstream commit
delete support for legacy v00 certificates; "sure"
 markus@ dtucker@

Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
2015-07-15 15:35:09 +10:00
djm@openbsd.org d80fbe41a5 upstream commit
refactor: split base64 encoding of pubkey into its own
 sshkey_to_base64() function and out of sshkey_write(); ok markus@

Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a
2015-05-21 15:06:06 +10:00
djm@openbsd.org 60b1825262 upstream commit
small refactor and add some convenience functions; ok
 markus
2015-01-27 00:00:36 +11:00
djm@openbsd.org 1f729f0614 upstream commit
add sshd_config HostbasedAcceptedKeyTypes and
 PubkeyAcceptedKeyTypes options to allow sshd to control what public key types
 will be accepted. Currently defaults to all. Feedback & ok markus@
2015-01-13 19:27:18 +11:00
djm@openbsd.org 1195f4cb07 upstream commit
deprecate key_load_private_pem() and
 sshkey_load_private_pem() interfaces. Refactor the generic key loading API to
 not require pathnames to be specified (they weren't really used).

Fixes a few other things en passant:

Makes ed25519 keys work for hostbased authentication (ssh-keysign
previously used the PEM-only routines).

Fixes key comment regression bz#2306: key pathnames were being lost as
comment fields.

ok markus@
2015-01-09 00:17:12 +11:00
djm@openbsd.org 56d1c83cdd upstream commit
Add FingerprintHash option to control algorithm used for
 key fingerprints. Default changes from MD5 to SHA256 and format from hex to
 base64.

Feedback and ok naddy@ markus@
2014-12-22 09:32:29 +11:00
Damien Miller f0935698f0 - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC 2014-08-20 11:06:50 +10:00
Damien Miller 8668706d0f - djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
     [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
     [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
     [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
     [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
     [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
     [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
     [sshconnect2.c sshd.c sshkey.c sshkey.h
     [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
     New key API: refactor key-related functions to be more library-like,
     existing API is offered as a set of wrappers.

     with and ok markus@

     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
     Dempsky and Ron Bowes for a detailed review a few months ago.

     NB. This commit also removes portable OpenSSH support for OpenSSL
     <0.9.8e.
2014-07-02 15:28:02 +10:00