Check RSA1 keys without the need for a separate blacklist. Thanks to

Simon Tatham for the idea.

4 files changed, 23 insertions, 6 deletions

diff --git a/authfile.c b/authfile.c
index 5348a014d..a18509a50 100644
--- a/authfile.c
+++ b/authfile.c
@@ -693,6 +693,7 @@ blacklist_filename(const Key *key)
 int
 blacklisted_key(const Key *key)
 {
+        Key *public;
         char *blacklist_file;
         int fd = -1;
         char *dgst_hex = NULL;
@@ -704,13 +705,17 @@ blacklisted_key(const Key *key)
         off_t start, lower, upper;
         int ret = 0;
 
-        blacklist_file = blacklist_filename(key);
+        public = key_demote(key);
+        if (public->type == KEY_RSA1)
+                public->type = KEY_RSA;
+
+        blacklist_file = blacklist_filename(public);
         debug("Checking blacklist file %s", blacklist_file);
         fd = open(blacklist_file, O_RDONLY);
         if (fd < 0)
                 goto out;
 
-        dgst_hex = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
+        dgst_hex = key_fingerprint(public, SSH_FP_MD5, SSH_FP_HEX);
         /* Remove all colons */
         dgst_packed = xcalloc(1, strlen(dgst_hex) + 1);
         for (i = 0, p = dgst_packed; dgst_hex[i]; i++)
@@ -786,5 +791,6 @@ out:
         if (fd >= 0)
                 close(fd);
         xfree(blacklist_file);
+        key_free(public);
         return ret;
 }
diff --git a/debian/changelog b/debian/changelog
index be81951e5..29f80cc8b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,8 @@ openssh (1:4.7p1-11) UNRELEASED; urgency=low
   * Fix typo in ssh/vulnerable_host_keys message (thanks, Esko Arajärvi).
   * debconf template translations:
     - Update Finnish (thanks, Esko Arajärvi; closes: #481530).
+  * Check RSA1 keys without the need for a separate blacklist. Thanks to
+    Simon Tatham for the idea.
 
  -- Colin Watson <cjwatson@debian.org>  Sat, 17 May 2008 08:48:45 +0200
 
diff --git a/ssh-vulnkey.1 b/ssh-vulnkey.1
index 41de104de..73570fcad 100644
--- a/ssh-vulnkey.1
+++ b/ssh-vulnkey.1
@@ -166,13 +166,15 @@ If present, contains the protocol version 1 RSA identity of the system.
 .It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH
 If present, lists the blacklisted keys of type
 .Ar TYPE
-.Pf ( Dq RSA1 ,
-.Dq RSA ,
+.Pf ( Dq RSA
 or
 .Dq DSA )
 and bit length
 .Ar LENGTH .
 The format of this file is described above.
+RSA1 keys are converted to RSA before being checked in the blacklist.
+Note that the fingerprints of RSA1 keys are computed differently, so you
+will not be able to find them in the blacklist by hand.
 .El
 .Sh SEE ALSO
 .Xr ssh-keygen 1 ,
diff --git a/ssh-vulnkey.c b/ssh-vulnkey.c
index 3297c431a..f13eb1619 100644
--- a/ssh-vulnkey.c
+++ b/ssh-vulnkey.c
@@ -86,21 +86,28 @@ describe_key(const char *msg, const Key *key, const char *comment)
 int
 do_key(const Key *key, const char *comment)
 {
+        Key *public;
         char *blacklist_file;
         struct stat st;
         int ret = 1;
 
-        blacklist_file = blacklist_filename(key);
+        public = key_demote(key);
+        if (public->type == KEY_RSA1)
+                public->type = KEY_RSA;
+
+        blacklist_file = blacklist_filename(public);
         if (stat(blacklist_file, &st) < 0)
                 describe_key("Unknown (no blacklist information)",
                     key, comment);
-        else if (blacklisted_key(key)) {
+        else if (blacklisted_key(public)) {
                 describe_key("COMPROMISED", key, comment);
                 ret = 0;
         } else
                 describe_key("Not blacklisted", key, comment);
         xfree(blacklist_file);
 
+        key_free(public);
+
         return ret;
 }