summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-12-18 02:25:15 +0000
committerDamien Miller <djm@mindrot.org>2017-12-19 15:21:37 +1100
commit04c7e28f83062dc42f2380d1bb3a6bf0190852c0 (patch)
treebc2c59d39a33aba84e0576039474668ada2546d2
parent931c78dfd7fe30669681a59e536bbe66535f3ee9 (diff)
upstream commit
pass negotiated signing algorithm though to sshkey_verify() and check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
Diffstat
-rw-r--r--auth2-hostbased.c4
-rw-r--r--auth2-pubkey.c4
-rw-r--r--clientloop.c5
-rw-r--r--hash.c2
-rw-r--r--kexc25519c.c4
-rw-r--r--kexdhc.c4
-rw-r--r--kexecdhc.c4
-rw-r--r--kexgexc.c4
-rw-r--r--key.c17
-rw-r--r--key.h3
-rw-r--r--krl.c4
-rw-r--r--monitor.c8
-rw-r--r--monitor_wrap.c5
-rw-r--r--monitor_wrap.h4
-rw-r--r--serverloop.c5
-rw-r--r--ssh-keygen.c4
-rw-r--r--ssh-rsa.c19
-rw-r--r--sshkey.c9
-rw-r--r--sshkey.h7
19 files changed, 58 insertions, 58 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 92758b38c..8112cfaa3 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-hostbased.c,v 1.31 2017/06/24 06:34:38 djm Exp $ */ 1/* $OpenBSD: auth2-hostbased.c,v 1.32 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -144,7 +144,7 @@ userauth_hostbased(struct ssh *ssh)
144 authenticated = 0; 144 authenticated = 0;
145 if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && 145 if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
146 PRIVSEP(sshkey_verify(key, sig, slen, 146 PRIVSEP(sshkey_verify(key, sig, slen,
147 sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0) 147 sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0)
148 authenticated = 1; 148 authenticated = 1;
149 149
150 auth2_record_key(authctxt, authenticated, key); 150 auth2_record_key(authctxt, authenticated, key);
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 169839b01..0707b8ab3 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-pubkey.c,v 1.71 2017/09/07 23:48:09 djm Exp $ */ 1/* $OpenBSD: auth2-pubkey.c,v 1.72 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -198,7 +198,7 @@ userauth_pubkey(struct ssh *ssh)
198 authenticated = 0; 198 authenticated = 0;
199 if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) && 199 if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) &&
200 PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b), 200 PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b),
201 sshbuf_len(b), ssh->compat)) == 0) { 201 sshbuf_len(b), pkalg, ssh->compat)) == 0) {
202 authenticated = 1; 202 authenticated = 1;
203 } 203 }
204 sshbuf_free(b); 204 sshbuf_free(b);
diff --git a/clientloop.c b/clientloop.c
index e3824ccd9..3ce5d930e 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.c,v 1.307 2017/11/25 05:58:47 dtucker Exp $ */ 1/* $OpenBSD: clientloop.c,v 1.308 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1934,7 +1934,8 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type,
1934 goto out; 1934 goto out;
1935 } 1935 }
1936 if ((r = sshkey_verify(ctx->keys[i], sig, siglen, 1936 if ((r = sshkey_verify(ctx->keys[i], sig, siglen,
1937 sshbuf_ptr(signdata), sshbuf_len(signdata), 0)) != 0) { 1937 sshbuf_ptr(signdata), sshbuf_len(signdata),
1938 ssh->kex->hostkey_alg, 0)) != 0) {
1938 error("%s: server gave bad signature for %s key %zu", 1939 error("%s: server gave bad signature for %s key %zu",
1939 __func__, sshkey_type(ctx->keys[i]), i); 1940 __func__, sshkey_type(ctx->keys[i]), i);
1940 goto out; 1941 goto out;
diff --git a/hash.c b/hash.c
index bc87808a3..21f464e67 100644
--- a/hash.c
+++ b/hash.c
@@ -1,5 +1,7 @@
1/* $OpenBSD: hash.c,v 1.4 2017/12/14 21:07:39 naddy Exp $ */ 1/* $OpenBSD: hash.c,v 1.4 2017/12/14 21:07:39 naddy Exp $ */
2 2
3#include "includes.h"
4
3#include "crypto_api.h" 5#include "crypto_api.h"
4 6
5#include <stdarg.h> 7#include <stdarg.h>
diff --git a/kexc25519c.c b/kexc25519c.c
index e488013e9..a8d92149c 100644
--- a/kexc25519c.c
+++ b/kexc25519c.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexc25519c.c,v 1.8 2017/05/31 04:17:12 djm Exp $ */ 1/* $OpenBSD: kexc25519c.c,v 1.9 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -141,7 +141,7 @@ input_kex_c25519_reply(int type, u_int32_t seq, struct ssh *ssh)
141 goto out; 141 goto out;
142 142
143 if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen, 143 if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
144 ssh->compat)) != 0) 144 kex->hostkey_alg, ssh->compat)) != 0)
145 goto out; 145 goto out;
146 146
147 /* save session id */ 147 /* save session id */
diff --git a/kexdhc.c b/kexdhc.c
index 9864ee2ec..5e1a353a5 100644
--- a/kexdhc.c
+++ b/kexdhc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexdhc.c,v 1.20 2017/05/30 14:23:52 markus Exp $ */ 1/* $OpenBSD: kexdhc.c,v 1.21 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -183,7 +183,7 @@ input_kex_dh(int type, u_int32_t seq, struct ssh *ssh)
183 goto out; 183 goto out;
184 184
185 if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen, 185 if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
186 ssh->compat)) != 0) 186 kex->hostkey_alg, ssh->compat)) != 0)
187 goto out; 187 goto out;
188 188
189 /* save session id */ 189 /* save session id */
diff --git a/kexecdhc.c b/kexecdhc.c
index d8a8b660f..67669b3bf 100644
--- a/kexecdhc.c
+++ b/kexecdhc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexecdhc.c,v 1.11 2017/05/30 14:23:52 markus Exp $ */ 1/* $OpenBSD: kexecdhc.c,v 1.12 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -188,7 +188,7 @@ input_kex_ecdh_reply(int type, u_int32_t seq, struct ssh *ssh)
188 goto out; 188 goto out;
189 189
190 if ((r = sshkey_verify(server_host_key, signature, slen, hash, 190 if ((r = sshkey_verify(server_host_key, signature, slen, hash,
191 hashlen, ssh->compat)) != 0) 191 hashlen, kex->hostkey_alg, ssh->compat)) != 0)
192 goto out; 192 goto out;
193 193
194 /* save session id */ 194 /* save session id */
diff --git a/kexgexc.c b/kexgexc.c
index cd1128752..6f8cf48a6 100644
--- a/kexgexc.c
+++ b/kexgexc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexgexc.c,v 1.25 2017/05/30 14:23:52 markus Exp $ */ 1/* $OpenBSD: kexgexc.c,v 1.26 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -230,7 +230,7 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh)
230 goto out; 230 goto out;
231 231
232 if ((r = sshkey_verify(server_host_key, signature, slen, hash, 232 if ((r = sshkey_verify(server_host_key, signature, slen, hash,
233 hashlen, ssh->compat)) != 0) 233 hashlen, kex->hostkey_alg, ssh->compat)) != 0)
234 goto out; 234 goto out;
235 235
236 /* save session id */ 236 /* save session id */
diff --git a/key.c b/key.c
index 6e338c495..a05fdd3c0 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */ 1/* $OpenBSD: key.c,v 1.132 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * placed in the public domain 3 * placed in the public domain
4 */ 4 */
@@ -95,21 +95,6 @@ key_sign(const Key *key, u_char **sigp, u_int *lenp,
95 return 0; 95 return 0;
96} 96}
97 97
98int
99key_verify(const Key *key, const u_char *signature, u_int signaturelen,
100 const u_char *data, u_int datalen)
101{
102 int r;
103
104 if ((r = sshkey_verify(key, signature, signaturelen,
105 data, datalen, datafellows)) != 0) {
106 fatal_on_fatal_errors(r, __func__, 0);
107 error("%s: %s", __func__, ssh_err(r));
108 return r == SSH_ERR_SIGNATURE_INVALID ? 0 : -1;
109 }
110 return 1;
111}
112
113Key * 98Key *
114key_demote(const Key *k) 99key_demote(const Key *k)
115{ 100{
diff --git a/key.h b/key.h
index a14f37037..fd59cbf54 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: key.h,v 1.51 2017/05/30 14:16:41 markus Exp $ */ 1/* $OpenBSD: key.h,v 1.52 2017/12/18 02:25:15 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -58,7 +58,6 @@ int key_to_blob(const Key *, u_char **, u_int *);
58 58
59int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int, 59int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int,
60 const char *); 60 const char *);
61int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
62 61
63/* authfile.c */ 62/* authfile.c */
64Key *key_load_cert(const char *); 63Key *key_load_cert(const char *);
diff --git a/krl.c b/krl.c
index 086fc20e5..379153247 100644
--- a/krl.c
+++ b/krl.c
@@ -14,7 +14,7 @@
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16 16
17/* $OpenBSD: krl.c,v 1.40 2017/05/31 09:15:42 deraadt Exp $ */ 17/* $OpenBSD: krl.c,v 1.41 2017/12/18 02:25:15 djm Exp $ */
18 18
19#include "includes.h" 19#include "includes.h"
20 20
@@ -1014,7 +1014,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,
1014 } 1014 }
1015 /* Check signature over entire KRL up to this point */ 1015 /* Check signature over entire KRL up to this point */
1016 if ((r = sshkey_verify(key, blob, blen, 1016 if ((r = sshkey_verify(key, blob, blen,
1017 sshbuf_ptr(buf), sig_off, 0)) != 0) 1017 sshbuf_ptr(buf), sig_off, NULL, 0)) != 0)
1018 goto out; 1018 goto out;
1019 /* Check if this key has already signed this KRL */ 1019 /* Check if this key has already signed this KRL */
1020 for (i = 0; i < nca_used; i++) { 1020 for (i = 0; i < nca_used; i++) {
diff --git a/monitor.c b/monitor.c
index a0ad9857d..5b8f0ef65 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.175 2017/10/05 15:52:03 djm Exp $ */ 1/* $OpenBSD: monitor.c,v 1.176 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1339,12 +1339,14 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
1339{ 1339{
1340 struct sshkey *key; 1340 struct sshkey *key;
1341 u_char *signature, *data, *blob; 1341 u_char *signature, *data, *blob;
1342 char *sigalg;
1342 size_t signaturelen, datalen, bloblen; 1343 size_t signaturelen, datalen, bloblen;
1343 int r, ret, valid_data = 0, encoded_ret; 1344 int r, ret, valid_data = 0, encoded_ret;
1344 1345
1345 if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || 1346 if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
1346 (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 || 1347 (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||
1347 (r = sshbuf_get_string(m, &data, &datalen)) != 0) 1348 (r = sshbuf_get_string(m, &data, &datalen)) != 0 ||
1349 (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0)
1348 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 1350 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1349 1351
1350 if (hostbased_cuser == NULL || hostbased_chost == NULL || 1352 if (hostbased_cuser == NULL || hostbased_chost == NULL ||
@@ -1373,7 +1375,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
1373 fatal("%s: bad signature data blob", __func__); 1375 fatal("%s: bad signature data blob", __func__);
1374 1376
1375 ret = sshkey_verify(key, signature, signaturelen, data, datalen, 1377 ret = sshkey_verify(key, signature, signaturelen, data, datalen,
1376 active_state->compat); 1378 sigalg, active_state->compat);
1377 debug3("%s: %s %p signature %s", __func__, auth_method, key, 1379 debug3("%s: %s %p signature %s", __func__, auth_method, key,
1378 (ret == 0) ? "verified" : "unverified"); 1380 (ret == 0) ? "verified" : "unverified");
1379 auth2_record_key(authctxt, ret == 0, key); 1381 auth2_record_key(authctxt, ret == 0, key);
diff --git a/monitor_wrap.c b/monitor_wrap.c
index a46628fb1..502d41687 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.c,v 1.95 2017/10/05 15:52:03 djm Exp $ */ 1/* $OpenBSD: monitor_wrap.c,v 1.96 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -441,7 +441,7 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host,
441 441
442int 442int
443mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, 443mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
444 const u_char *data, size_t datalen, u_int compat) 444 const u_char *data, size_t datalen, const char *sigalg, u_int compat)
445{ 445{
446 Buffer m; 446 Buffer m;
447 u_char *blob; 447 u_char *blob;
@@ -458,6 +458,7 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
458 buffer_put_string(&m, blob, len); 458 buffer_put_string(&m, blob, len);
459 buffer_put_string(&m, sig, siglen); 459 buffer_put_string(&m, sig, siglen);
460 buffer_put_string(&m, data, datalen); 460 buffer_put_string(&m, data, datalen);
461 buffer_put_cstring(&m, sigalg);
461 free(blob); 462 free(blob);
462 463
463 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); 464 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);
diff --git a/monitor_wrap.h b/monitor_wrap.h
index 9e032d204..f5af1e819 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.h,v 1.35 2017/05/31 08:09:45 markus Exp $ */ 1/* $OpenBSD: monitor_wrap.h,v 1.36 2017/12/18 02:25:15 djm Exp $ */
2 2
3/* 3/*
4 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 4 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -51,7 +51,7 @@ int mm_user_key_allowed(struct passwd *, struct sshkey *, int);
51int mm_hostbased_key_allowed(struct passwd *, const char *, 51int mm_hostbased_key_allowed(struct passwd *, const char *,
52 const char *, struct sshkey *); 52 const char *, struct sshkey *);
53int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, 53int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
54 const u_char *, size_t, u_int); 54 const u_char *, size_t, const char *, u_int);
55 55
56#ifdef GSSAPI 56#ifdef GSSAPI
57OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); 57OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
diff --git a/serverloop.c b/serverloop.c
index 464c07d2f..fb2980568 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: serverloop.c,v 1.200 2017/12/10 05:55:29 dtucker Exp $ */ 1/* $OpenBSD: serverloop.c,v 1.201 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -715,7 +715,8 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp)
715 ssh->kex->session_id, ssh->kex->session_id_len)) != 0 || 715 ssh->kex->session_id, ssh->kex->session_id_len)) != 0 ||
716 (r = sshkey_puts(key, sigbuf)) != 0 || 716 (r = sshkey_puts(key, sigbuf)) != 0 ||
717 (r = ssh->kex->sign(key_prv, key_pub, &sig, &slen, 717 (r = ssh->kex->sign(key_prv, key_pub, &sig, &slen,
718 sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), NULL, 0)) != 0 || 718 sshbuf_ptr(sigbuf), sshbuf_len(sigbuf),
719 ssh->kex->hostkey_alg, 0)) != 0 ||
719 (r = sshbuf_put_string(resp, sig, slen)) != 0) { 720 (r = sshbuf_put_string(resp, sig, slen)) != 0) {
720 error("%s: couldn't prepare signature: %s", 721 error("%s: couldn't prepare signature: %s",
721 __func__, ssh_err(r)); 722 __func__, ssh_err(r));
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 02f9b3fb8..d2736eee2 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.308 2017/11/03 05:14:04 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.309 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -539,7 +539,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
539 539
540 /* try the key */ 540 /* try the key */
541 if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 || 541 if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 ||
542 sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) { 542 sshkey_verify(key, sig, slen, data, sizeof(data), NULL, 0) != 0) {
543 sshkey_free(key); 543 sshkey_free(key);
544 free(sig); 544 free(sig);
545 return NULL; 545 return NULL;
diff --git a/ssh-rsa.c b/ssh-rsa.c
index f570ae6d4..9b4de8e8d 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-rsa.c,v 1.62 2017/07/01 13:50:45 djm Exp $ */ 1/* $OpenBSD: ssh-rsa.c,v 1.63 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> 3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
4 * 4 *
@@ -198,9 +198,10 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
198 198
199int 199int
200ssh_rsa_verify(const struct sshkey *key, 200ssh_rsa_verify(const struct sshkey *key,
201 const u_char *sig, size_t siglen, const u_char *data, size_t datalen) 201 const u_char *sig, size_t siglen, const u_char *data, size_t datalen,
202 const char *alg)
202{ 203{
203 char *ktype = NULL; 204 char *sigtype = NULL;
204 int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; 205 int hash_alg, ret = SSH_ERR_INTERNAL_ERROR;
205 size_t len, diff, modlen, dlen; 206 size_t len, diff, modlen, dlen;
206 struct sshbuf *b = NULL; 207 struct sshbuf *b = NULL;
@@ -215,11 +216,17 @@ ssh_rsa_verify(const struct sshkey *key,
215 216
216 if ((b = sshbuf_from(sig, siglen)) == NULL) 217 if ((b = sshbuf_from(sig, siglen)) == NULL)
217 return SSH_ERR_ALLOC_FAIL; 218 return SSH_ERR_ALLOC_FAIL;
218 if (sshbuf_get_cstring(b, &ktype, NULL) != 0) { 219 if (sshbuf_get_cstring(b, &sigtype, NULL) != 0) {
219 ret = SSH_ERR_INVALID_FORMAT; 220 ret = SSH_ERR_INVALID_FORMAT;
220 goto out; 221 goto out;
221 } 222 }
222 if ((hash_alg = rsa_hash_alg_from_ident(ktype)) == -1) { 223 /* XXX djm: need cert types that reliably yield SHA-2 signatures */
224 if (alg != NULL && strcmp(alg, sigtype) != 0 &&
225 strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) {
226 ret = SSH_ERR_SIGNATURE_INVALID;
227 goto out;
228 }
229 if ((hash_alg = rsa_hash_alg_from_ident(sigtype)) == -1) {
223 ret = SSH_ERR_KEY_TYPE_MISMATCH; 230 ret = SSH_ERR_KEY_TYPE_MISMATCH;
224 goto out; 231 goto out;
225 } 232 }
@@ -263,7 +270,7 @@ ssh_rsa_verify(const struct sshkey *key,
263 explicit_bzero(sigblob, len); 270 explicit_bzero(sigblob, len);
264 free(sigblob); 271 free(sigblob);
265 } 272 }
266 free(ktype); 273 free(sigtype);
267 sshbuf_free(b); 274 sshbuf_free(b);
268 explicit_bzero(digest, sizeof(digest)); 275 explicit_bzero(digest, sizeof(digest));
269 return ret; 276 return ret;
diff --git a/sshkey.c b/sshkey.c
index 19f26a117..91e0073ff 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.58 2017/12/18 02:22:29 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.59 2017/12/18 02:25:15 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -1814,7 +1814,7 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf)
1814 goto out; 1814 goto out;
1815 } 1815 }
1816 if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, 1816 if ((ret = sshkey_verify(key->cert->signature_key, sig, slen,
1817 sshbuf_ptr(key->cert->certblob), signed_len, 0)) != 0) 1817 sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0)) != 0)
1818 goto out; 1818 goto out;
1819 1819
1820 /* Success */ 1820 /* Success */
@@ -2109,11 +2109,12 @@ sshkey_sign(const struct sshkey *key,
2109 2109
2110/* 2110/*
2111 * ssh_key_verify returns 0 for a correct signature and < 0 on error. 2111 * ssh_key_verify returns 0 for a correct signature and < 0 on error.
2112 * If "alg" specified, then the signature must use that algorithm.
2112 */ 2113 */
2113int 2114int
2114sshkey_verify(const struct sshkey *key, 2115sshkey_verify(const struct sshkey *key,
2115 const u_char *sig, size_t siglen, 2116 const u_char *sig, size_t siglen,
2116 const u_char *data, size_t dlen, u_int compat) 2117 const u_char *data, size_t dlen, const char *alg, u_int compat)
2117{ 2118{
2118 if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) 2119 if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE)
2119 return SSH_ERR_INVALID_ARGUMENT; 2120 return SSH_ERR_INVALID_ARGUMENT;
@@ -2129,7 +2130,7 @@ sshkey_verify(const struct sshkey *key,
2129# endif /* OPENSSL_HAS_ECC */ 2130# endif /* OPENSSL_HAS_ECC */
2130 case KEY_RSA_CERT: 2131 case KEY_RSA_CERT:
2131 case KEY_RSA: 2132 case KEY_RSA:
2132 return ssh_rsa_verify(key, sig, siglen, data, dlen); 2133 return ssh_rsa_verify(key, sig, siglen, data, dlen, alg);
2133#endif /* WITH_OPENSSL */ 2134#endif /* WITH_OPENSSL */
2134 case KEY_ED25519: 2135 case KEY_ED25519:
2135 case KEY_ED25519_CERT: 2136 case KEY_ED25519_CERT:
diff --git a/sshkey.h b/sshkey.h
index b5346a92d..7efa16ff9 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.h,v 1.22 2017/12/18 02:22:29 djm Exp $ */ 1/* $OpenBSD: sshkey.h,v 1.23 2017/12/18 02:25:15 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -178,7 +178,7 @@ int sshkey_sigtype(const u_char *, size_t, char **);
178int sshkey_sign(const struct sshkey *, u_char **, size_t *, 178int sshkey_sign(const struct sshkey *, u_char **, size_t *,
179 const u_char *, size_t, const char *, u_int); 179 const u_char *, size_t, const char *, u_int);
180int sshkey_verify(const struct sshkey *, const u_char *, size_t, 180int sshkey_verify(const struct sshkey *, const u_char *, size_t,
181 const u_char *, size_t, u_int); 181 const u_char *, size_t, const char *, u_int);
182 182
183/* for debug */ 183/* for debug */
184void sshkey_dump_ec_point(const EC_GROUP *, const EC_POINT *); 184void sshkey_dump_ec_point(const EC_GROUP *, const EC_POINT *);
@@ -205,7 +205,8 @@ int ssh_rsa_sign(const struct sshkey *key,
205 u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, 205 u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,
206 const char *ident); 206 const char *ident);
207int ssh_rsa_verify(const struct sshkey *key, 207int ssh_rsa_verify(const struct sshkey *key,
208 const u_char *sig, size_t siglen, const u_char *data, size_t datalen); 208 const u_char *sig, size_t siglen, const u_char *data, size_t datalen,
209 const char *alg);
209int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, 210int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
210 const u_char *data, size_t datalen, u_int compat); 211 const u_char *data, size_t datalen, u_int compat);
211int ssh_dss_verify(const struct sshkey *key, 212int ssh_dss_verify(const struct sshkey *key,
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 22:44:46 +0000