diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-04-30 23:10:43 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-05-01 09:37:40 +1000 |
commit | 56912dea6ef63dae4eb1194e5d88973a7c6c5740 (patch) | |
tree | c0425585449d257a90a42efce5f602f7ce16779f | |
parent | d4084cd230f7319056559b00db8b99296dad49d5 (diff) |
upstream commit
unifdef WITH_SSH1 ok markus@
Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
-rw-r--r-- | authfd.c | 123 | ||||
-rw-r--r-- | authfile.c | 56 | ||||
-rw-r--r-- | cipher.c | 22 | ||||
-rw-r--r-- | compat.c | 7 | ||||
-rw-r--r-- | hostfile.c | 15 | ||||
-rw-r--r-- | kex.c | 43 | ||||
-rw-r--r-- | opacket.c | 20 | ||||
-rw-r--r-- | packet.c | 43 | ||||
-rw-r--r-- | readconf.c | 11 | ||||
-rw-r--r-- | ssh-add.c | 9 | ||||
-rw-r--r-- | ssh-agent.c | 173 | ||||
-rw-r--r-- | ssh-keygen.c | 9 | ||||
-rw-r--r-- | ssh-keyscan.c | 59 | ||||
-rw-r--r-- | ssh.c | 10 | ||||
-rw-r--r-- | sshconnect.c | 7 | ||||
-rw-r--r-- | sshkey.c | 380 |
16 files changed, 15 insertions, 972 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.c,v 1.100 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: authfd.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -199,43 +199,6 @@ ssh_lock_agent(int sock, int lock, const char *password) | |||
199 | return r; | 199 | return r; |
200 | } | 200 | } |
201 | 201 | ||
202 | #ifdef WITH_SSH1 | ||
203 | static int | ||
204 | deserialise_identity1(struct sshbuf *ids, struct sshkey **keyp, char **commentp) | ||
205 | { | ||
206 | struct sshkey *key; | ||
207 | int r, keybits; | ||
208 | u_int32_t bits; | ||
209 | char *comment = NULL; | ||
210 | |||
211 | if ((key = sshkey_new(KEY_RSA1)) == NULL) | ||
212 | return SSH_ERR_ALLOC_FAIL; | ||
213 | if ((r = sshbuf_get_u32(ids, &bits)) != 0 || | ||
214 | (r = sshbuf_get_bignum1(ids, key->rsa->e)) != 0 || | ||
215 | (r = sshbuf_get_bignum1(ids, key->rsa->n)) != 0 || | ||
216 | (r = sshbuf_get_cstring(ids, &comment, NULL)) != 0) | ||
217 | goto out; | ||
218 | keybits = BN_num_bits(key->rsa->n); | ||
219 | /* XXX previously we just warned here. I think we should be strict */ | ||
220 | if (keybits < 0 || bits != (u_int)keybits) { | ||
221 | r = SSH_ERR_KEY_BITS_MISMATCH; | ||
222 | goto out; | ||
223 | } | ||
224 | if (keyp != NULL) { | ||
225 | *keyp = key; | ||
226 | key = NULL; | ||
227 | } | ||
228 | if (commentp != NULL) { | ||
229 | *commentp = comment; | ||
230 | comment = NULL; | ||
231 | } | ||
232 | r = 0; | ||
233 | out: | ||
234 | sshkey_free(key); | ||
235 | free(comment); | ||
236 | return r; | ||
237 | } | ||
238 | #endif | ||
239 | 202 | ||
240 | static int | 203 | static int |
241 | deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) | 204 | deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) |
@@ -331,11 +294,6 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp) | |||
331 | for (i = 0; i < num;) { | 294 | for (i = 0; i < num;) { |
332 | switch (version) { | 295 | switch (version) { |
333 | case 1: | 296 | case 1: |
334 | #ifdef WITH_SSH1 | ||
335 | if ((r = deserialise_identity1(msg, | ||
336 | &(idl->keys[i]), &(idl->comments[i]))) != 0) | ||
337 | goto out; | ||
338 | #endif | ||
339 | break; | 297 | break; |
340 | case 2: | 298 | case 2: |
341 | if ((r = deserialise_identity2(msg, | 299 | if ((r = deserialise_identity2(msg, |
@@ -385,46 +343,6 @@ ssh_free_identitylist(struct ssh_identitylist *idl) | |||
385 | * otherwise. | 343 | * otherwise. |
386 | */ | 344 | */ |
387 | 345 | ||
388 | #ifdef WITH_SSH1 | ||
389 | int | ||
390 | ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge, | ||
391 | u_char session_id[16], u_char response[16]) | ||
392 | { | ||
393 | struct sshbuf *msg; | ||
394 | int r; | ||
395 | u_char type; | ||
396 | |||
397 | if (key->type != KEY_RSA1) | ||
398 | return SSH_ERR_INVALID_ARGUMENT; | ||
399 | if ((msg = sshbuf_new()) == NULL) | ||
400 | return SSH_ERR_ALLOC_FAIL; | ||
401 | if ((r = sshbuf_put_u8(msg, SSH_AGENTC_RSA_CHALLENGE)) != 0 || | ||
402 | (r = sshbuf_put_u32(msg, BN_num_bits(key->rsa->n))) != 0 || | ||
403 | (r = sshbuf_put_bignum1(msg, key->rsa->e)) != 0 || | ||
404 | (r = sshbuf_put_bignum1(msg, key->rsa->n)) != 0 || | ||
405 | (r = sshbuf_put_bignum1(msg, challenge)) != 0 || | ||
406 | (r = sshbuf_put(msg, session_id, 16)) != 0 || | ||
407 | (r = sshbuf_put_u32(msg, 1)) != 0) /* Response type for proto 1.1 */ | ||
408 | goto out; | ||
409 | if ((r = ssh_request_reply(sock, msg, msg)) != 0) | ||
410 | goto out; | ||
411 | if ((r = sshbuf_get_u8(msg, &type)) != 0) | ||
412 | goto out; | ||
413 | if (agent_failed(type)) { | ||
414 | r = SSH_ERR_AGENT_FAILURE; | ||
415 | goto out; | ||
416 | } else if (type != SSH_AGENT_RSA_RESPONSE) { | ||
417 | r = SSH_ERR_INVALID_FORMAT; | ||
418 | goto out; | ||
419 | } | ||
420 | if ((r = sshbuf_get(msg, response, 16)) != 0) | ||
421 | goto out; | ||
422 | r = 0; | ||
423 | out: | ||
424 | sshbuf_free(msg); | ||
425 | return r; | ||
426 | } | ||
427 | #endif | ||
428 | 346 | ||
429 | /* encode signature algoritm in flag bits, so we can keep the msg format */ | 347 | /* encode signature algoritm in flag bits, so we can keep the msg format */ |
430 | static u_int | 348 | static u_int |
@@ -494,25 +412,6 @@ ssh_agent_sign(int sock, struct sshkey *key, | |||
494 | 412 | ||
495 | /* Encode key for a message to the agent. */ | 413 | /* Encode key for a message to the agent. */ |
496 | 414 | ||
497 | #ifdef WITH_SSH1 | ||
498 | static int | ||
499 | ssh_encode_identity_rsa1(struct sshbuf *b, RSA *key, const char *comment) | ||
500 | { | ||
501 | int r; | ||
502 | |||
503 | /* To keep within the protocol: p < q for ssh. in SSL p > q */ | ||
504 | if ((r = sshbuf_put_u32(b, BN_num_bits(key->n))) != 0 || | ||
505 | (r = sshbuf_put_bignum1(b, key->n)) != 0 || | ||
506 | (r = sshbuf_put_bignum1(b, key->e)) != 0 || | ||
507 | (r = sshbuf_put_bignum1(b, key->d)) != 0 || | ||
508 | (r = sshbuf_put_bignum1(b, key->iqmp)) != 0 || | ||
509 | (r = sshbuf_put_bignum1(b, key->q)) != 0 || | ||
510 | (r = sshbuf_put_bignum1(b, key->p)) != 0 || | ||
511 | (r = sshbuf_put_cstring(b, comment)) != 0) | ||
512 | return r; | ||
513 | return 0; | ||
514 | } | ||
515 | #endif | ||
516 | 415 | ||
517 | static int | 416 | static int |
518 | ssh_encode_identity_ssh2(struct sshbuf *b, struct sshkey *key, | 417 | ssh_encode_identity_ssh2(struct sshbuf *b, struct sshkey *key, |
@@ -561,16 +460,6 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, | |||
561 | return SSH_ERR_ALLOC_FAIL; | 460 | return SSH_ERR_ALLOC_FAIL; |
562 | 461 | ||
563 | switch (key->type) { | 462 | switch (key->type) { |
564 | #ifdef WITH_SSH1 | ||
565 | case KEY_RSA1: | ||
566 | type = constrained ? | ||
567 | SSH_AGENTC_ADD_RSA_ID_CONSTRAINED : | ||
568 | SSH_AGENTC_ADD_RSA_IDENTITY; | ||
569 | if ((r = sshbuf_put_u8(msg, type)) != 0 || | ||
570 | (r = ssh_encode_identity_rsa1(msg, key->rsa, comment)) != 0) | ||
571 | goto out; | ||
572 | break; | ||
573 | #endif | ||
574 | #ifdef WITH_OPENSSL | 463 | #ifdef WITH_OPENSSL |
575 | case KEY_RSA: | 464 | case KEY_RSA: |
576 | case KEY_RSA_CERT: | 465 | case KEY_RSA_CERT: |
@@ -620,16 +509,6 @@ ssh_remove_identity(int sock, struct sshkey *key) | |||
620 | if ((msg = sshbuf_new()) == NULL) | 509 | if ((msg = sshbuf_new()) == NULL) |
621 | return SSH_ERR_ALLOC_FAIL; | 510 | return SSH_ERR_ALLOC_FAIL; |
622 | 511 | ||
623 | #ifdef WITH_SSH1 | ||
624 | if (key->type == KEY_RSA1) { | ||
625 | if ((r = sshbuf_put_u8(msg, | ||
626 | SSH_AGENTC_REMOVE_RSA_IDENTITY)) != 0 || | ||
627 | (r = sshbuf_put_u32(msg, BN_num_bits(key->rsa->n))) != 0 || | ||
628 | (r = sshbuf_put_bignum1(msg, key->rsa->e)) != 0 || | ||
629 | (r = sshbuf_put_bignum1(msg, key->rsa->n)) != 0) | ||
630 | goto out; | ||
631 | } else | ||
632 | #endif | ||
633 | if (key->type != KEY_UNSPEC) { | 512 | if (key->type != KEY_UNSPEC) { |
634 | if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) | 513 | if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) |
635 | goto out; | 514 | goto out; |
diff --git a/authfile.c b/authfile.c index 0869e5d0d..d28ae0d38 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.c,v 1.123 2017/03/26 00:18:52 deraadt Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.124 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -147,35 +147,6 @@ sshkey_load_file(int fd, struct sshbuf *blob) | |||
147 | return r; | 147 | return r; |
148 | } | 148 | } |
149 | 149 | ||
150 | #ifdef WITH_SSH1 | ||
151 | /* | ||
152 | * Loads the public part of the ssh v1 key file. Returns NULL if an error was | ||
153 | * encountered (the file does not exist or is not readable), and the key | ||
154 | * otherwise. | ||
155 | */ | ||
156 | static int | ||
157 | sshkey_load_public_rsa1(int fd, struct sshkey **keyp, char **commentp) | ||
158 | { | ||
159 | struct sshbuf *b = NULL; | ||
160 | int r; | ||
161 | |||
162 | if (keyp != NULL) | ||
163 | *keyp = NULL; | ||
164 | if (commentp != NULL) | ||
165 | *commentp = NULL; | ||
166 | |||
167 | if ((b = sshbuf_new()) == NULL) | ||
168 | return SSH_ERR_ALLOC_FAIL; | ||
169 | if ((r = sshkey_load_file(fd, b)) != 0) | ||
170 | goto out; | ||
171 | if ((r = sshkey_parse_public_rsa1_fileblob(b, keyp, commentp)) != 0) | ||
172 | goto out; | ||
173 | r = 0; | ||
174 | out: | ||
175 | sshbuf_free(b); | ||
176 | return r; | ||
177 | } | ||
178 | #endif /* WITH_SSH1 */ | ||
179 | 150 | ||
180 | /* XXX remove error() calls from here? */ | 151 | /* XXX remove error() calls from here? */ |
181 | int | 152 | int |
@@ -362,21 +333,7 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) | |||
362 | 333 | ||
363 | if ((fd = open(filename, O_RDONLY)) < 0) | 334 | if ((fd = open(filename, O_RDONLY)) < 0) |
364 | goto skip; | 335 | goto skip; |
365 | #ifdef WITH_SSH1 | ||
366 | /* try rsa1 private key */ | ||
367 | r = sshkey_load_public_rsa1(fd, keyp, commentp); | ||
368 | close(fd); | ||
369 | switch (r) { | ||
370 | case SSH_ERR_INTERNAL_ERROR: | ||
371 | case SSH_ERR_ALLOC_FAIL: | ||
372 | case SSH_ERR_INVALID_ARGUMENT: | ||
373 | case SSH_ERR_SYSTEM_ERROR: | ||
374 | case 0: | ||
375 | return r; | ||
376 | } | ||
377 | #else /* WITH_SSH1 */ | ||
378 | close(fd); | 336 | close(fd); |
379 | #endif /* WITH_SSH1 */ | ||
380 | 337 | ||
381 | /* try ssh2 public key */ | 338 | /* try ssh2 public key */ |
382 | if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) | 339 | if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) |
@@ -388,17 +345,6 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) | |||
388 | } | 345 | } |
389 | sshkey_free(pub); | 346 | sshkey_free(pub); |
390 | 347 | ||
391 | #ifdef WITH_SSH1 | ||
392 | /* try rsa1 public key */ | ||
393 | if ((pub = sshkey_new(KEY_RSA1)) == NULL) | ||
394 | return SSH_ERR_ALLOC_FAIL; | ||
395 | if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) { | ||
396 | if (keyp != NULL) | ||
397 | *keyp = pub; | ||
398 | return 0; | ||
399 | } | ||
400 | sshkey_free(pub); | ||
401 | #endif /* WITH_SSH1 */ | ||
402 | 348 | ||
403 | skip: | 349 | skip: |
404 | /* try .pub suffix */ | 350 | /* try .pub suffix */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher.c,v 1.102 2016/08/03 05:41:57 djm Exp $ */ | 1 | /* $OpenBSD: cipher.c,v 1.103 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -51,11 +51,6 @@ | |||
51 | 51 | ||
52 | #include "openbsd-compat/openssl-compat.h" | 52 | #include "openbsd-compat/openssl-compat.h" |
53 | 53 | ||
54 | #ifdef WITH_SSH1 | ||
55 | extern const EVP_CIPHER *evp_ssh1_bf(void); | ||
56 | extern const EVP_CIPHER *evp_ssh1_3des(void); | ||
57 | extern int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); | ||
58 | #endif | ||
59 | 54 | ||
60 | struct sshcipher_ctx { | 55 | struct sshcipher_ctx { |
61 | int plaintext; | 56 | int plaintext; |
@@ -87,13 +82,6 @@ struct sshcipher { | |||
87 | }; | 82 | }; |
88 | 83 | ||
89 | static const struct sshcipher ciphers[] = { | 84 | static const struct sshcipher ciphers[] = { |
90 | #ifdef WITH_SSH1 | ||
91 | { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, | ||
92 | { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, | ||
93 | # ifndef OPENSSL_NO_BF | ||
94 | { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf }, | ||
95 | # endif /* OPENSSL_NO_BF */ | ||
96 | #endif /* WITH_SSH1 */ | ||
97 | #ifdef WITH_OPENSSL | 85 | #ifdef WITH_OPENSSL |
98 | { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, | 86 | { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, |
99 | { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, | 87 | { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, |
@@ -628,10 +616,6 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) | |||
628 | memcpy(iv, cc->evp->iv, len); | 616 | memcpy(iv, cc->evp->iv, len); |
629 | break; | 617 | break; |
630 | #endif | 618 | #endif |
631 | #ifdef WITH_SSH1 | ||
632 | case SSH_CIPHER_3DES: | ||
633 | return ssh1_3des_iv(cc->evp, 0, iv, 24); | ||
634 | #endif | ||
635 | default: | 619 | default: |
636 | return SSH_ERR_INVALID_ARGUMENT; | 620 | return SSH_ERR_INVALID_ARGUMENT; |
637 | } | 621 | } |
@@ -674,10 +658,6 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) | |||
674 | memcpy(cc->evp->iv, iv, evplen); | 658 | memcpy(cc->evp->iv, iv, evplen); |
675 | break; | 659 | break; |
676 | #endif | 660 | #endif |
677 | #ifdef WITH_SSH1 | ||
678 | case SSH_CIPHER_3DES: | ||
679 | return ssh1_3des_iv(cc->evp, 1, (u_char *)iv, 24); | ||
680 | #endif | ||
681 | default: | 661 | default: |
682 | return SSH_ERR_INVALID_ARGUMENT; | 662 | return SSH_ERR_INVALID_ARGUMENT; |
683 | } | 663 | } |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: compat.c,v 1.100 2017/02/03 23:01:19 djm Exp $ */ | 1 | /* $OpenBSD: compat.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -233,11 +233,6 @@ proto_spec(const char *spec) | |||
233 | for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { | 233 | for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { |
234 | switch (atoi(p)) { | 234 | switch (atoi(p)) { |
235 | case 1: | 235 | case 1: |
236 | #ifdef WITH_SSH1 | ||
237 | if (ret == SSH_PROTO_UNKNOWN) | ||
238 | ret |= SSH_PROTO_1_PREFERRED; | ||
239 | ret |= SSH_PROTO_1; | ||
240 | #endif | ||
241 | break; | 236 | break; |
242 | case 2: | 237 | case 2: |
243 | ret |= SSH_PROTO_2; | 238 | ret |= SSH_PROTO_2; |
diff --git a/hostfile.c b/hostfile.c index e23faa969..b8f9cd143 100644 --- a/hostfile.c +++ b/hostfile.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: hostfile.c,v 1.68 2017/03/10 04:26:06 djm Exp $ */ | 1 | /* $OpenBSD: hostfile.c,v 1.69 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -789,20 +789,7 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx, | |||
789 | break; | 789 | break; |
790 | } | 790 | } |
791 | if (!hostfile_read_key(&cp, &kbits, lineinfo.key)) { | 791 | if (!hostfile_read_key(&cp, &kbits, lineinfo.key)) { |
792 | #ifdef WITH_SSH1 | ||
793 | sshkey_free(lineinfo.key); | ||
794 | lineinfo.key = sshkey_new(KEY_RSA1); | ||
795 | if (lineinfo.key == NULL) { | ||
796 | error("%s: sshkey_new fail", __func__); | ||
797 | r = SSH_ERR_ALLOC_FAIL; | ||
798 | break; | ||
799 | } | ||
800 | if (!hostfile_read_key(&cp, &kbits, | ||
801 | lineinfo.key)) | ||
802 | goto bad; | ||
803 | #else | ||
804 | goto bad; | 792 | goto bad; |
805 | #endif | ||
806 | } | 793 | } |
807 | lineinfo.keytype = lineinfo.key->type; | 794 | lineinfo.keytype = lineinfo.key->type; |
808 | lineinfo.comment = cp; | 795 | lineinfo.comment = cp; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.132 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -980,47 +980,6 @@ kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen, | |||
980 | } | 980 | } |
981 | #endif | 981 | #endif |
982 | 982 | ||
983 | #ifdef WITH_SSH1 | ||
984 | int | ||
985 | derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus, | ||
986 | u_int8_t cookie[8], u_int8_t id[16]) | ||
987 | { | ||
988 | u_int8_t hbuf[2048], sbuf[2048], obuf[SSH_DIGEST_MAX_LENGTH]; | ||
989 | struct ssh_digest_ctx *hashctx = NULL; | ||
990 | size_t hlen, slen; | ||
991 | int r; | ||
992 | |||
993 | hlen = BN_num_bytes(host_modulus); | ||
994 | slen = BN_num_bytes(server_modulus); | ||
995 | if (hlen < (512 / 8) || (u_int)hlen > sizeof(hbuf) || | ||
996 | slen < (512 / 8) || (u_int)slen > sizeof(sbuf)) | ||
997 | return SSH_ERR_KEY_BITS_MISMATCH; | ||
998 | if (BN_bn2bin(host_modulus, hbuf) <= 0 || | ||
999 | BN_bn2bin(server_modulus, sbuf) <= 0) { | ||
1000 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
1001 | goto out; | ||
1002 | } | ||
1003 | if ((hashctx = ssh_digest_start(SSH_DIGEST_MD5)) == NULL) { | ||
1004 | r = SSH_ERR_ALLOC_FAIL; | ||
1005 | goto out; | ||
1006 | } | ||
1007 | if (ssh_digest_update(hashctx, hbuf, hlen) != 0 || | ||
1008 | ssh_digest_update(hashctx, sbuf, slen) != 0 || | ||
1009 | ssh_digest_update(hashctx, cookie, 8) != 0 || | ||
1010 | ssh_digest_final(hashctx, obuf, sizeof(obuf)) != 0) { | ||
1011 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
1012 | goto out; | ||
1013 | } | ||
1014 | memcpy(id, obuf, ssh_digest_bytes(SSH_DIGEST_MD5)); | ||
1015 | r = 0; | ||
1016 | out: | ||
1017 | ssh_digest_free(hashctx); | ||
1018 | explicit_bzero(hbuf, sizeof(hbuf)); | ||
1019 | explicit_bzero(sbuf, sizeof(sbuf)); | ||
1020 | explicit_bzero(obuf, sizeof(obuf)); | ||
1021 | return r; | ||
1022 | } | ||
1023 | #endif | ||
1024 | 983 | ||
1025 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) | 984 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) |
1026 | void | 985 | void |
@@ -74,16 +74,6 @@ ssh_packet_put_raw(struct ssh *ssh, const void *buf, u_int len) | |||
74 | fatal("%s: %s", __func__, ssh_err(r)); | 74 | fatal("%s: %s", __func__, ssh_err(r)); |
75 | } | 75 | } |
76 | 76 | ||
77 | #ifdef WITH_SSH1 | ||
78 | void | ||
79 | ssh_packet_put_bignum(struct ssh *ssh, BIGNUM * value) | ||
80 | { | ||
81 | int r; | ||
82 | |||
83 | if ((r = sshpkt_put_bignum1(ssh, value)) != 0) | ||
84 | fatal("%s: %s", __func__, ssh_err(r)); | ||
85 | } | ||
86 | #endif | ||
87 | 77 | ||
88 | #ifdef WITH_OPENSSL | 78 | #ifdef WITH_OPENSSL |
89 | void | 79 | void |
@@ -150,16 +140,6 @@ ssh_packet_get_int64(struct ssh *ssh) | |||
150 | return val; | 140 | return val; |
151 | } | 141 | } |
152 | 142 | ||
153 | #ifdef WITH_SSH1 | ||
154 | void | ||
155 | ssh_packet_get_bignum(struct ssh *ssh, BIGNUM * value) | ||
156 | { | ||
157 | int r; | ||
158 | |||
159 | if ((r = sshpkt_get_bignum1(ssh, value)) != 0) | ||
160 | fatal("%s: %s", __func__, ssh_err(r)); | ||
161 | } | ||
162 | #endif | ||
163 | 143 | ||
164 | #ifdef WITH_OPENSSL | 144 | #ifdef WITH_OPENSSL |
165 | void | 145 | void |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.c,v 1.247 2017/03/11 13:07:35 markus Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.248 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -811,34 +811,7 @@ uncompress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) | |||
811 | void | 811 | void |
812 | ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) | 812 | ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) |
813 | { | 813 | { |
814 | #ifndef WITH_SSH1 | ||
815 | fatal("no SSH protocol 1 support"); | 814 | fatal("no SSH protocol 1 support"); |
816 | #else /* WITH_SSH1 */ | ||
817 | struct session_state *state = ssh->state; | ||
818 | const struct sshcipher *cipher = cipher_by_number(number); | ||
819 | int r; | ||
820 | const char *wmsg; | ||
821 | |||
822 | if (cipher == NULL) | ||
823 | fatal("%s: unknown cipher number %d", __func__, number); | ||
824 | if (keylen < 20) | ||
825 | fatal("%s: keylen too small: %d", __func__, keylen); | ||
826 | if (keylen > SSH_SESSION_KEY_LENGTH) | ||
827 | fatal("%s: keylen too big: %d", __func__, keylen); | ||
828 | memcpy(state->ssh1_key, key, keylen); | ||
829 | state->ssh1_keylen = keylen; | ||
830 | if ((r = cipher_init(&state->send_context, cipher, key, keylen, | ||
831 | NULL, 0, CIPHER_ENCRYPT)) != 0 || | ||
832 | (r = cipher_init(&state->receive_context, cipher, key, keylen, | ||
833 | NULL, 0, CIPHER_DECRYPT) != 0)) | ||
834 | fatal("%s: cipher_init failed: %s", __func__, ssh_err(r)); | ||
835 | if (!state->cipher_warning_done && | ||
836 | ((wmsg = cipher_warning_message(state->send_context)) != NULL || | ||
837 | (wmsg = cipher_warning_message(state->send_context)) != NULL)) { | ||
838 | error("Warning: %s", wmsg); | ||
839 | state->cipher_warning_done = 1; | ||
840 | } | ||
841 | #endif /* WITH_SSH1 */ | ||
842 | } | 815 | } |
843 | 816 | ||
844 | /* | 817 | /* |
@@ -2862,13 +2835,6 @@ sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g) | |||
2862 | } | 2835 | } |
2863 | #endif /* OPENSSL_HAS_ECC */ | 2836 | #endif /* OPENSSL_HAS_ECC */ |
2864 | 2837 | ||
2865 | #ifdef WITH_SSH1 | ||
2866 | int | ||
2867 | sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v) | ||
2868 | { | ||
2869 | return sshbuf_put_bignum1(ssh->state->outgoing_packet, v); | ||
2870 | } | ||
2871 | #endif /* WITH_SSH1 */ | ||
2872 | 2838 | ||
2873 | int | 2839 | int |
2874 | sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v) | 2840 | sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v) |
@@ -2930,13 +2896,6 @@ sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g) | |||
2930 | } | 2896 | } |
2931 | #endif /* OPENSSL_HAS_ECC */ | 2897 | #endif /* OPENSSL_HAS_ECC */ |
2932 | 2898 | ||
2933 | #ifdef WITH_SSH1 | ||
2934 | int | ||
2935 | sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v) | ||
2936 | { | ||
2937 | return sshbuf_get_bignum1(ssh->state->incoming_packet, v); | ||
2938 | } | ||
2939 | #endif /* WITH_SSH1 */ | ||
2940 | 2899 | ||
2941 | int | 2900 | int |
2942 | sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) | 2901 | sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) |
diff --git a/readconf.c b/readconf.c index 013c19f59..975f00ff4 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.271 2017/04/28 03:20:27 dtucker Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.272 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -208,15 +208,9 @@ static struct { | |||
208 | { "smartcarddevice", oUnsupported }, | 208 | { "smartcarddevice", oUnsupported }, |
209 | { "pkcs11provider", oUnsupported }, | 209 | { "pkcs11provider", oUnsupported }, |
210 | #endif | 210 | #endif |
211 | #ifdef WITH_SSH1 | ||
212 | { "rsaauthentication", oRSAAuthentication }, | ||
213 | { "rhostsrsaauthentication", oRhostsRSAAuthentication }, | ||
214 | { "compressionlevel", oCompressionLevel }, | ||
215 | # else | ||
216 | { "rsaauthentication", oUnsupported }, | 211 | { "rsaauthentication", oUnsupported }, |
217 | { "rhostsrsaauthentication", oUnsupported }, | 212 | { "rhostsrsaauthentication", oUnsupported }, |
218 | { "compressionlevel", oUnsupported }, | 213 | { "compressionlevel", oUnsupported }, |
219 | #endif | ||
220 | 214 | ||
221 | { "forwardagent", oForwardAgent }, | 215 | { "forwardagent", oForwardAgent }, |
222 | { "forwardx11", oForwardX11 }, | 216 | { "forwardx11", oForwardX11 }, |
@@ -2575,9 +2569,6 @@ dump_client_config(Options *o, const char *host) | |||
2575 | 2569 | ||
2576 | /* Integer options */ | 2570 | /* Integer options */ |
2577 | dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots); | 2571 | dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots); |
2578 | #ifdef WITH_SSH1 | ||
2579 | dump_cfg_int(oCompressionLevel, o->compression_level); | ||
2580 | #endif | ||
2581 | dump_cfg_int(oConnectionAttempts, o->connection_attempts); | 2572 | dump_cfg_int(oConnectionAttempts, o->connection_attempts); |
2582 | dump_cfg_int(oForwardX11Timeout, o->forward_x11_timeout); | 2573 | dump_cfg_int(oForwardX11Timeout, o->forward_x11_timeout); |
2583 | dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts); | 2574 | dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-add.c,v 1.128 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.129 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -79,9 +79,6 @@ static char *default_files[] = { | |||
79 | #endif | 79 | #endif |
80 | #endif /* WITH_OPENSSL */ | 80 | #endif /* WITH_OPENSSL */ |
81 | _PATH_SSH_CLIENT_ID_ED25519, | 81 | _PATH_SSH_CLIENT_ID_ED25519, |
82 | #ifdef WITH_SSH1 | ||
83 | _PATH_SSH_CLIENT_IDENTITY, | ||
84 | #endif | ||
85 | NULL | 82 | NULL |
86 | }; | 83 | }; |
87 | 84 | ||
@@ -363,11 +360,7 @@ list_identities(int agent_fd, int do_fp) | |||
363 | int r, had_identities = 0; | 360 | int r, had_identities = 0; |
364 | struct ssh_identitylist *idlist; | 361 | struct ssh_identitylist *idlist; |
365 | size_t i; | 362 | size_t i; |
366 | #ifdef WITH_SSH1 | ||
367 | int version = 1; | ||
368 | #else | ||
369 | int version = 2; | 363 | int version = 2; |
370 | #endif | ||
371 | 364 | ||
372 | for (; version <= 2; version++) { | 365 | for (; version <= 2; version++) { |
373 | if ((r = ssh_fetch_identitylist(agent_fd, version, | 366 | if ((r = ssh_fetch_identitylist(agent_fd, version, |
diff --git a/ssh-agent.c b/ssh-agent.c index b987562b9..6788287b7 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.218 2017/03/15 03:52:30 deraadt Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.219 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -257,16 +257,6 @@ process_request_identities(SocketEntry *e, int version) | |||
257 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 257 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
258 | TAILQ_FOREACH(id, &tab->idlist, next) { | 258 | TAILQ_FOREACH(id, &tab->idlist, next) { |
259 | if (id->key->type == KEY_RSA1) { | 259 | if (id->key->type == KEY_RSA1) { |
260 | #ifdef WITH_SSH1 | ||
261 | if ((r = sshbuf_put_u32(msg, | ||
262 | BN_num_bits(id->key->rsa->n))) != 0 || | ||
263 | (r = sshbuf_put_bignum1(msg, | ||
264 | id->key->rsa->e)) != 0 || | ||
265 | (r = sshbuf_put_bignum1(msg, | ||
266 | id->key->rsa->n)) != 0) | ||
267 | fatal("%s: buffer error: %s", | ||
268 | __func__, ssh_err(r)); | ||
269 | #endif | ||
270 | } else { | 260 | } else { |
271 | u_char *blob; | 261 | u_char *blob; |
272 | size_t blen; | 262 | size_t blen; |
@@ -289,87 +279,6 @@ process_request_identities(SocketEntry *e, int version) | |||
289 | sshbuf_free(msg); | 279 | sshbuf_free(msg); |
290 | } | 280 | } |
291 | 281 | ||
292 | #ifdef WITH_SSH1 | ||
293 | /* ssh1 only */ | ||
294 | static void | ||
295 | process_authentication_challenge1(SocketEntry *e) | ||
296 | { | ||
297 | u_char buf[32], mdbuf[16], session_id[16]; | ||
298 | u_int response_type; | ||
299 | BIGNUM *challenge; | ||
300 | Identity *id; | ||
301 | int r, len; | ||
302 | struct sshbuf *msg; | ||
303 | struct ssh_digest_ctx *md; | ||
304 | struct sshkey *key; | ||
305 | |||
306 | if ((msg = sshbuf_new()) == NULL) | ||
307 | fatal("%s: sshbuf_new failed", __func__); | ||
308 | if ((key = sshkey_new(KEY_RSA1)) == NULL) | ||
309 | fatal("%s: sshkey_new failed", __func__); | ||
310 | if ((challenge = BN_new()) == NULL) | ||
311 | fatal("%s: BN_new failed", __func__); | ||
312 | |||
313 | if ((r = sshbuf_get_u32(e->request, NULL)) != 0 || /* ignored */ | ||
314 | (r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 || | ||
315 | (r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0 || | ||
316 | (r = sshbuf_get_bignum1(e->request, challenge))) | ||
317 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
318 | |||
319 | /* Only protocol 1.1 is supported */ | ||
320 | if (sshbuf_len(e->request) == 0) | ||
321 | goto failure; | ||
322 | if ((r = sshbuf_get(e->request, session_id, sizeof(session_id))) != 0 || | ||
323 | (r = sshbuf_get_u32(e->request, &response_type)) != 0) | ||
324 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
325 | if (response_type != 1) | ||
326 | goto failure; | ||
327 | |||
328 | id = lookup_identity(key, 1); | ||
329 | if (id != NULL && (!id->confirm || confirm_key(id) == 0)) { | ||
330 | struct sshkey *private = id->key; | ||
331 | /* Decrypt the challenge using the private key. */ | ||
332 | if ((r = rsa_private_decrypt(challenge, challenge, | ||
333 | private->rsa) != 0)) { | ||
334 | fatal("%s: rsa_public_encrypt: %s", __func__, | ||
335 | ssh_err(r)); | ||
336 | goto failure; /* XXX ? */ | ||
337 | } | ||
338 | |||
339 | /* The response is MD5 of decrypted challenge plus session id */ | ||
340 | len = BN_num_bytes(challenge); | ||
341 | if (len <= 0 || len > 32) { | ||
342 | logit("%s: bad challenge length %d", __func__, len); | ||
343 | goto failure; | ||
344 | } | ||
345 | memset(buf, 0, 32); | ||
346 | BN_bn2bin(challenge, buf + 32 - len); | ||
347 | if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || | ||
348 | ssh_digest_update(md, buf, 32) < 0 || | ||
349 | ssh_digest_update(md, session_id, 16) < 0 || | ||
350 | ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0) | ||
351 | fatal("%s: md5 failed", __func__); | ||
352 | ssh_digest_free(md); | ||
353 | |||
354 | /* Send the response. */ | ||
355 | if ((r = sshbuf_put_u8(msg, SSH_AGENT_RSA_RESPONSE)) != 0 || | ||
356 | (r = sshbuf_put(msg, mdbuf, sizeof(mdbuf))) != 0) | ||
357 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
358 | goto send; | ||
359 | } | ||
360 | |||
361 | failure: | ||
362 | /* Unknown identity or protocol error. Send failure. */ | ||
363 | if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0) | ||
364 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
365 | send: | ||
366 | if ((r = sshbuf_put_stringb(e->output, msg)) != 0) | ||
367 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
368 | sshkey_free(key); | ||
369 | BN_clear_free(challenge); | ||
370 | sshbuf_free(msg); | ||
371 | } | ||
372 | #endif | ||
373 | 282 | ||
374 | static char * | 283 | static char * |
375 | agent_decode_alg(struct sshkey *key, u_int flags) | 284 | agent_decode_alg(struct sshkey *key, u_int flags) |
@@ -448,28 +357,8 @@ process_remove_identity(SocketEntry *e, int version) | |||
448 | int r, success = 0; | 357 | int r, success = 0; |
449 | struct sshkey *key = NULL; | 358 | struct sshkey *key = NULL; |
450 | u_char *blob; | 359 | u_char *blob; |
451 | #ifdef WITH_SSH1 | ||
452 | u_int bits; | ||
453 | #endif /* WITH_SSH1 */ | ||
454 | 360 | ||
455 | switch (version) { | 361 | switch (version) { |
456 | #ifdef WITH_SSH1 | ||
457 | case 1: | ||
458 | if ((key = sshkey_new(KEY_RSA1)) == NULL) { | ||
459 | error("%s: sshkey_new failed", __func__); | ||
460 | return; | ||
461 | } | ||
462 | if ((r = sshbuf_get_u32(e->request, &bits)) != 0 || | ||
463 | (r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 || | ||
464 | (r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0) | ||
465 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
466 | |||
467 | if (bits != sshkey_size(key)) | ||
468 | logit("Warning: identity keysize mismatch: " | ||
469 | "actual %u, announced %u", | ||
470 | sshkey_size(key), bits); | ||
471 | break; | ||
472 | #endif /* WITH_SSH1 */ | ||
473 | case 2: | 362 | case 2: |
474 | if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0) | 363 | if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0) |
475 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 364 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
@@ -559,45 +448,6 @@ reaper(void) | |||
559 | * XXX this and the corresponding serialisation function probably belongs | 448 | * XXX this and the corresponding serialisation function probably belongs |
560 | * in key.c | 449 | * in key.c |
561 | */ | 450 | */ |
562 | #ifdef WITH_SSH1 | ||
563 | static int | ||
564 | agent_decode_rsa1(struct sshbuf *m, struct sshkey **kp) | ||
565 | { | ||
566 | struct sshkey *k = NULL; | ||
567 | int r = SSH_ERR_INTERNAL_ERROR; | ||
568 | |||
569 | *kp = NULL; | ||
570 | if ((k = sshkey_new_private(KEY_RSA1)) == NULL) | ||
571 | return SSH_ERR_ALLOC_FAIL; | ||
572 | |||
573 | if ((r = sshbuf_get_u32(m, NULL)) != 0 || /* ignored */ | ||
574 | (r = sshbuf_get_bignum1(m, k->rsa->n)) != 0 || | ||
575 | (r = sshbuf_get_bignum1(m, k->rsa->e)) != 0 || | ||
576 | (r = sshbuf_get_bignum1(m, k->rsa->d)) != 0 || | ||
577 | (r = sshbuf_get_bignum1(m, k->rsa->iqmp)) != 0 || | ||
578 | /* SSH1 and SSL have p and q swapped */ | ||
579 | (r = sshbuf_get_bignum1(m, k->rsa->q)) != 0 || /* p */ | ||
580 | (r = sshbuf_get_bignum1(m, k->rsa->p)) != 0) /* q */ | ||
581 | goto out; | ||
582 | |||
583 | /* Generate additional parameters */ | ||
584 | if ((r = rsa_generate_additional_parameters(k->rsa)) != 0) | ||
585 | goto out; | ||
586 | /* enable blinding */ | ||
587 | if (RSA_blinding_on(k->rsa, NULL) != 1) { | ||
588 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
589 | goto out; | ||
590 | } | ||
591 | |||
592 | r = 0; /* success */ | ||
593 | out: | ||
594 | if (r == 0) | ||
595 | *kp = k; | ||
596 | else | ||
597 | sshkey_free(k); | ||
598 | return r; | ||
599 | } | ||
600 | #endif /* WITH_SSH1 */ | ||
601 | 451 | ||
602 | static void | 452 | static void |
603 | process_add_identity(SocketEntry *e, int version) | 453 | process_add_identity(SocketEntry *e, int version) |
@@ -613,11 +463,6 @@ process_add_identity(SocketEntry *e, int version) | |||
613 | int r = SSH_ERR_INTERNAL_ERROR; | 463 | int r = SSH_ERR_INTERNAL_ERROR; |
614 | 464 | ||
615 | switch (version) { | 465 | switch (version) { |
616 | #ifdef WITH_SSH1 | ||
617 | case 1: | ||
618 | r = agent_decode_rsa1(e->request, &k); | ||
619 | break; | ||
620 | #endif /* WITH_SSH1 */ | ||
621 | case 2: | 466 | case 2: |
622 | r = sshkey_private_deserialize(e->request, &k); | 467 | r = sshkey_private_deserialize(e->request, &k); |
623 | break; | 468 | break; |
@@ -912,22 +757,6 @@ process_message(SocketEntry *e) | |||
912 | case SSH_AGENTC_UNLOCK: | 757 | case SSH_AGENTC_UNLOCK: |
913 | process_lock_agent(e, type == SSH_AGENTC_LOCK); | 758 | process_lock_agent(e, type == SSH_AGENTC_LOCK); |
914 | break; | 759 | break; |
915 | #ifdef WITH_SSH1 | ||
916 | /* ssh1 */ | ||
917 | case SSH_AGENTC_RSA_CHALLENGE: | ||
918 | process_authentication_challenge1(e); | ||
919 | break; | ||
920 | case SSH_AGENTC_REQUEST_RSA_IDENTITIES: | ||
921 | process_request_identities(e, 1); | ||
922 | break; | ||
923 | case SSH_AGENTC_ADD_RSA_IDENTITY: | ||
924 | case SSH_AGENTC_ADD_RSA_ID_CONSTRAINED: | ||
925 | process_add_identity(e, 1); | ||
926 | break; | ||
927 | case SSH_AGENTC_REMOVE_RSA_IDENTITY: | ||
928 | process_remove_identity(e, 1); | ||
929 | break; | ||
930 | #endif | ||
931 | case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: | 760 | case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: |
932 | process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */ | 761 | process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */ |
933 | break; | 762 | break; |
diff --git a/ssh-keygen.c b/ssh-keygen.c index c0d2d5942..70d421844 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.300 2017/04/29 04:12:25 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.301 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -987,9 +987,6 @@ do_gen_all_hostkeys(struct passwd *pw) | |||
987 | char *path; | 987 | char *path; |
988 | } key_types[] = { | 988 | } key_types[] = { |
989 | #ifdef WITH_OPENSSL | 989 | #ifdef WITH_OPENSSL |
990 | #ifdef WITH_SSH1 | ||
991 | { "rsa1", "RSA1", _PATH_HOST_KEY_FILE }, | ||
992 | #endif /* WITH_SSH1 */ | ||
993 | { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, | 990 | { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, |
994 | { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, | 991 | { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, |
995 | #ifdef OPENSSL_HAS_ECC | 992 | #ifdef OPENSSL_HAS_ECC |
@@ -2244,11 +2241,7 @@ do_check_krl(struct passwd *pw, int argc, char **argv) | |||
2244 | exit(ret); | 2241 | exit(ret); |
2245 | } | 2242 | } |
2246 | 2243 | ||
2247 | #ifdef WITH_SSH1 | ||
2248 | # define RSA1_USAGE " | rsa1" | ||
2249 | #else | ||
2250 | # define RSA1_USAGE "" | 2244 | # define RSA1_USAGE "" |
2251 | #endif | ||
2252 | 2245 | ||
2253 | static void | 2246 | static void |
2254 | usage(void) | 2247 | usage(void) |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 1f95239a3..3231ee342 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keyscan.c,v 1.109 2017/03/10 04:26:06 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.110 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | * | 4 | * |
@@ -187,52 +187,6 @@ strnnsep(char **stringp, char *delim) | |||
187 | return (tok); | 187 | return (tok); |
188 | } | 188 | } |
189 | 189 | ||
190 | #ifdef WITH_SSH1 | ||
191 | static struct sshkey * | ||
192 | keygrab_ssh1(con *c) | ||
193 | { | ||
194 | static struct sshkey *rsa; | ||
195 | static struct sshbuf *msg; | ||
196 | int r; | ||
197 | u_char type; | ||
198 | |||
199 | if (rsa == NULL) { | ||
200 | if ((rsa = sshkey_new(KEY_RSA1)) == NULL) { | ||
201 | error("%s: sshkey_new failed", __func__); | ||
202 | return NULL; | ||
203 | } | ||
204 | if ((msg = sshbuf_new()) == NULL) | ||
205 | fatal("%s: sshbuf_new failed", __func__); | ||
206 | } | ||
207 | if ((r = sshbuf_put(msg, c->c_data, c->c_plen)) != 0 || | ||
208 | (r = sshbuf_consume(msg, 8 - (c->c_plen & 7))) != 0 || /* padding */ | ||
209 | (r = sshbuf_get_u8(msg, &type)) != 0) | ||
210 | goto buf_err; | ||
211 | if (type != (int) SSH_SMSG_PUBLIC_KEY) { | ||
212 | error("%s: invalid packet type", c->c_name); | ||
213 | sshbuf_reset(msg); | ||
214 | return NULL; | ||
215 | } | ||
216 | if ((r = sshbuf_consume(msg, 8)) != 0 || /* cookie */ | ||
217 | /* server key */ | ||
218 | (r = sshbuf_get_u32(msg, NULL)) != 0 || | ||
219 | (r = sshbuf_get_bignum1(msg, NULL)) != 0 || | ||
220 | (r = sshbuf_get_bignum1(msg, NULL)) != 0 || | ||
221 | /* host key */ | ||
222 | (r = sshbuf_get_u32(msg, NULL)) != 0 || | ||
223 | (r = sshbuf_get_bignum1(msg, rsa->rsa->e)) != 0 || | ||
224 | (r = sshbuf_get_bignum1(msg, rsa->rsa->n)) != 0) { | ||
225 | buf_err: | ||
226 | error("%s: buffer error: %s", __func__, ssh_err(r)); | ||
227 | sshbuf_reset(msg); | ||
228 | return NULL; | ||
229 | } | ||
230 | |||
231 | sshbuf_reset(msg); | ||
232 | |||
233 | return (rsa); | ||
234 | } | ||
235 | #endif | ||
236 | 190 | ||
237 | static int | 191 | static int |
238 | key_print_wrapper(struct sshkey *hostkey, struct ssh *ssh) | 192 | key_print_wrapper(struct sshkey *hostkey, struct ssh *ssh) |
@@ -585,12 +539,6 @@ conread(int s) | |||
585 | c->c_data = xmalloc(c->c_len); | 539 | c->c_data = xmalloc(c->c_len); |
586 | c->c_status = CS_KEYS; | 540 | c->c_status = CS_KEYS; |
587 | break; | 541 | break; |
588 | #ifdef WITH_SSH1 | ||
589 | case CS_KEYS: | ||
590 | keyprint(c, keygrab_ssh1(c)); | ||
591 | confree(s); | ||
592 | return; | ||
593 | #endif | ||
594 | default: | 542 | default: |
595 | fatal("conread: invalid status %d", c->c_status); | 543 | fatal("conread: invalid status %d", c->c_status); |
596 | break; | 544 | break; |
@@ -756,11 +704,6 @@ main(int argc, char **argv) | |||
756 | int type = sshkey_type_from_name(tname); | 704 | int type = sshkey_type_from_name(tname); |
757 | 705 | ||
758 | switch (type) { | 706 | switch (type) { |
759 | #ifdef WITH_SSH1 | ||
760 | case KEY_RSA1: | ||
761 | get_keytypes |= KT_RSA1; | ||
762 | break; | ||
763 | #endif | ||
764 | case KEY_DSA: | 707 | case KEY_DSA: |
765 | get_keytypes |= KT_DSA; | 708 | get_keytypes |= KT_DSA; |
766 | break; | 709 | break; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.452 2017/04/28 03:20:27 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.453 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -690,11 +690,7 @@ main(int ac, char **av) | |||
690 | else if (strcmp(optarg, "key-plain") == 0) | 690 | else if (strcmp(optarg, "key-plain") == 0) |
691 | cp = sshkey_alg_list(0, 1, 0, '\n'); | 691 | cp = sshkey_alg_list(0, 1, 0, '\n'); |
692 | else if (strcmp(optarg, "protocol-version") == 0) { | 692 | else if (strcmp(optarg, "protocol-version") == 0) { |
693 | #ifdef WITH_SSH1 | ||
694 | cp = xstrdup("1\n2"); | ||
695 | #else | ||
696 | cp = xstrdup("2"); | 693 | cp = xstrdup("2"); |
697 | #endif | ||
698 | } | 694 | } |
699 | if (cp == NULL) | 695 | if (cp == NULL) |
700 | fatal("Unsupported query \"%s\"", optarg); | 696 | fatal("Unsupported query \"%s\"", optarg); |
@@ -1304,10 +1300,6 @@ main(int ac, char **av) | |||
1304 | sensitive_data.keys[i] = NULL; | 1300 | sensitive_data.keys[i] = NULL; |
1305 | 1301 | ||
1306 | PRIV_START; | 1302 | PRIV_START; |
1307 | #if WITH_SSH1 | ||
1308 | sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, | ||
1309 | _PATH_HOST_KEY_FILE, "", NULL, NULL); | ||
1310 | #endif | ||
1311 | #ifdef OPENSSL_HAS_ECC | 1303 | #ifdef OPENSSL_HAS_ECC |
1312 | sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, | 1304 | sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, |
1313 | _PATH_HOST_ECDSA_KEY_FILE, "", NULL); | 1305 | _PATH_HOST_ECDSA_KEY_FILE, "", NULL); |
diff --git a/sshconnect.c b/sshconnect.c index 948b638ad..26ffbc802 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.c,v 1.273 2017/03/10 03:22:40 dtucker Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.274 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1382,12 +1382,7 @@ ssh_login(Sensitive *sensitive, const char *orighost, | |||
1382 | ssh_kex2(host, hostaddr, port); | 1382 | ssh_kex2(host, hostaddr, port); |
1383 | ssh_userauth2(local_user, server_user, host, sensitive); | 1383 | ssh_userauth2(local_user, server_user, host, sensitive); |
1384 | } else { | 1384 | } else { |
1385 | #ifdef WITH_SSH1 | ||
1386 | ssh_kex(host, hostaddr); | ||
1387 | ssh_userauth1(local_user, server_user, host, sensitive); | ||
1388 | #else | ||
1389 | fatal("ssh1 is not supported"); | 1385 | fatal("ssh1 is not supported"); |
1390 | #endif | ||
1391 | } | 1386 | } |
1392 | free(local_user); | 1387 | free(local_user); |
1393 | } | 1388 | } |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.45 2017/03/10 04:07:20 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.46 2017/04/30 23:10:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -89,9 +89,6 @@ static const struct keytype keytypes[] = { | |||
89 | { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", | 89 | { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", |
90 | KEY_ED25519_CERT, 0, 1, 0 }, | 90 | KEY_ED25519_CERT, 0, 1, 0 }, |
91 | #ifdef WITH_OPENSSL | 91 | #ifdef WITH_OPENSSL |
92 | # ifdef WITH_SSH1 | ||
93 | { NULL, "RSA1", KEY_RSA1, 0, 0, 0 }, | ||
94 | # endif | ||
95 | { "ssh-rsa", "RSA", KEY_RSA, 0, 0, 0 }, | 92 | { "ssh-rsa", "RSA", KEY_RSA, 0, 0, 0 }, |
96 | { "rsa-sha2-256", "RSA", KEY_RSA, 0, 0, 1 }, | 93 | { "rsa-sha2-256", "RSA", KEY_RSA, 0, 0, 1 }, |
97 | { "rsa-sha2-512", "RSA", KEY_RSA, 0, 0, 1 }, | 94 | { "rsa-sha2-512", "RSA", KEY_RSA, 0, 0, 1 }, |
@@ -1194,39 +1191,6 @@ sshkey_fingerprint(const struct sshkey *k, int dgst_alg, | |||
1194 | return retval; | 1191 | return retval; |
1195 | } | 1192 | } |
1196 | 1193 | ||
1197 | #ifdef WITH_SSH1 | ||
1198 | /* | ||
1199 | * Reads a multiple-precision integer in decimal from the buffer, and advances | ||
1200 | * the pointer. The integer must already be initialized. This function is | ||
1201 | * permitted to modify the buffer. This leaves *cpp to point just beyond the | ||
1202 | * last processed character. | ||
1203 | */ | ||
1204 | static int | ||
1205 | read_decimal_bignum(char **cpp, BIGNUM *v) | ||
1206 | { | ||
1207 | char *cp; | ||
1208 | size_t e; | ||
1209 | int skip = 1; /* skip white space */ | ||
1210 | |||
1211 | cp = *cpp; | ||
1212 | while (*cp == ' ' || *cp == '\t') | ||
1213 | cp++; | ||
1214 | e = strspn(cp, "0123456789"); | ||
1215 | if (e == 0) | ||
1216 | return SSH_ERR_INVALID_FORMAT; | ||
1217 | if (e > SSHBUF_MAX_BIGNUM * 3) | ||
1218 | return SSH_ERR_BIGNUM_TOO_LARGE; | ||
1219 | if (cp[e] == '\0') | ||
1220 | skip = 0; | ||
1221 | else if (strchr(" \t\r\n", cp[e]) == NULL) | ||
1222 | return SSH_ERR_INVALID_FORMAT; | ||
1223 | cp[e] = '\0'; | ||
1224 | if (BN_dec2bn(&v, cp) <= 0) | ||
1225 | return SSH_ERR_INVALID_FORMAT; | ||
1226 | *cpp = cp + e + skip; | ||
1227 | return 0; | ||
1228 | } | ||
1229 | #endif /* WITH_SSH1 */ | ||
1230 | 1194 | ||
1231 | /* returns 0 ok, and < 0 error */ | 1195 | /* returns 0 ok, and < 0 error */ |
1232 | int | 1196 | int |
@@ -1237,9 +1201,6 @@ sshkey_read(struct sshkey *ret, char **cpp) | |||
1237 | char *ep, *cp, *space; | 1201 | char *ep, *cp, *space; |
1238 | int r, type, curve_nid = -1; | 1202 | int r, type, curve_nid = -1; |
1239 | struct sshbuf *blob; | 1203 | struct sshbuf *blob; |
1240 | #ifdef WITH_SSH1 | ||
1241 | u_long bits; | ||
1242 | #endif /* WITH_SSH1 */ | ||
1243 | 1204 | ||
1244 | if (ret == NULL) | 1205 | if (ret == NULL) |
1245 | return SSH_ERR_INVALID_ARGUMENT; | 1206 | return SSH_ERR_INVALID_ARGUMENT; |
@@ -1248,23 +1209,6 @@ sshkey_read(struct sshkey *ret, char **cpp) | |||
1248 | 1209 | ||
1249 | switch (ret->type) { | 1210 | switch (ret->type) { |
1250 | case KEY_RSA1: | 1211 | case KEY_RSA1: |
1251 | #ifdef WITH_SSH1 | ||
1252 | /* Get number of bits. */ | ||
1253 | bits = strtoul(cp, &ep, 10); | ||
1254 | if (*cp == '\0' || strchr(" \t\r\n", *ep) == NULL || | ||
1255 | bits == 0 || bits > SSHBUF_MAX_BIGNUM * 8) | ||
1256 | return SSH_ERR_INVALID_FORMAT; /* Bad bit count... */ | ||
1257 | /* Get public exponent, public modulus. */ | ||
1258 | if ((r = read_decimal_bignum(&ep, ret->rsa->e)) < 0) | ||
1259 | return r; | ||
1260 | if ((r = read_decimal_bignum(&ep, ret->rsa->n)) < 0) | ||
1261 | return r; | ||
1262 | /* validate the claimed number of bits */ | ||
1263 | if (BN_num_bits(ret->rsa->n) != (int)bits) | ||
1264 | return SSH_ERR_KEY_BITS_MISMATCH; | ||
1265 | *cpp = ep; | ||
1266 | retval = 0; | ||
1267 | #endif /* WITH_SSH1 */ | ||
1268 | break; | 1212 | break; |
1269 | case KEY_UNSPEC: | 1213 | case KEY_UNSPEC: |
1270 | case KEY_RSA: | 1214 | case KEY_RSA: |
@@ -1422,36 +1366,6 @@ static int | |||
1422 | sshkey_format_rsa1(const struct sshkey *key, struct sshbuf *b) | 1366 | sshkey_format_rsa1(const struct sshkey *key, struct sshbuf *b) |
1423 | { | 1367 | { |
1424 | int r = SSH_ERR_INTERNAL_ERROR; | 1368 | int r = SSH_ERR_INTERNAL_ERROR; |
1425 | #ifdef WITH_SSH1 | ||
1426 | u_int bits = 0; | ||
1427 | char *dec_e = NULL, *dec_n = NULL; | ||
1428 | |||
1429 | if (key->rsa == NULL || key->rsa->e == NULL || | ||
1430 | key->rsa->n == NULL) { | ||
1431 | r = SSH_ERR_INVALID_ARGUMENT; | ||
1432 | goto out; | ||
1433 | } | ||
1434 | if ((dec_e = BN_bn2dec(key->rsa->e)) == NULL || | ||
1435 | (dec_n = BN_bn2dec(key->rsa->n)) == NULL) { | ||
1436 | r = SSH_ERR_ALLOC_FAIL; | ||
1437 | goto out; | ||
1438 | } | ||
1439 | /* size of modulus 'n' */ | ||
1440 | if ((bits = BN_num_bits(key->rsa->n)) <= 0) { | ||
1441 | r = SSH_ERR_INVALID_ARGUMENT; | ||
1442 | goto out; | ||
1443 | } | ||
1444 | if ((r = sshbuf_putf(b, "%u %s %s", bits, dec_e, dec_n)) != 0) | ||
1445 | goto out; | ||
1446 | |||
1447 | /* Success */ | ||
1448 | r = 0; | ||
1449 | out: | ||
1450 | if (dec_e != NULL) | ||
1451 | OPENSSL_free(dec_e); | ||
1452 | if (dec_n != NULL) | ||
1453 | OPENSSL_free(dec_n); | ||
1454 | #endif /* WITH_SSH1 */ | ||
1455 | 1369 | ||
1456 | return r; | 1370 | return r; |
1457 | } | 1371 | } |
@@ -3404,105 +3318,6 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, | |||
3404 | return r; | 3318 | return r; |
3405 | } | 3319 | } |
3406 | 3320 | ||
3407 | #if WITH_SSH1 | ||
3408 | /* | ||
3409 | * Serialises the authentication (private) key to a blob, encrypting it with | ||
3410 | * passphrase. The identification of the blob (lowest 64 bits of n) will | ||
3411 | * precede the key to provide identification of the key without needing a | ||
3412 | * passphrase. | ||
3413 | */ | ||
3414 | static int | ||
3415 | sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob, | ||
3416 | const char *passphrase, const char *comment) | ||
3417 | { | ||
3418 | struct sshbuf *buffer = NULL, *encrypted = NULL; | ||
3419 | u_char buf[8]; | ||
3420 | int r, cipher_num; | ||
3421 | struct sshcipher_ctx *ciphercontext = NULL; | ||
3422 | const struct sshcipher *cipher; | ||
3423 | u_char *cp; | ||
3424 | |||
3425 | /* | ||
3426 | * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting | ||
3427 | * to another cipher; otherwise use SSH_AUTHFILE_CIPHER. | ||
3428 | */ | ||
3429 | cipher_num = (strcmp(passphrase, "") == 0) ? | ||
3430 | SSH_CIPHER_NONE : SSH_CIPHER_3DES; | ||
3431 | if ((cipher = cipher_by_number(cipher_num)) == NULL) | ||
3432 | return SSH_ERR_INTERNAL_ERROR; | ||
3433 | |||
3434 | /* This buffer is used to build the secret part of the private key. */ | ||
3435 | if ((buffer = sshbuf_new()) == NULL) | ||
3436 | return SSH_ERR_ALLOC_FAIL; | ||
3437 | |||
3438 | /* Put checkbytes for checking passphrase validity. */ | ||
3439 | if ((r = sshbuf_reserve(buffer, 4, &cp)) != 0) | ||
3440 | goto out; | ||
3441 | arc4random_buf(cp, 2); | ||
3442 | memcpy(cp + 2, cp, 2); | ||
3443 | |||
3444 | /* | ||
3445 | * Store the private key (n and e will not be stored because they | ||
3446 | * will be stored in plain text, and storing them also in encrypted | ||
3447 | * format would just give known plaintext). | ||
3448 | * Note: q and p are stored in reverse order to SSL. | ||
3449 | */ | ||
3450 | if ((r = sshbuf_put_bignum1(buffer, key->rsa->d)) != 0 || | ||
3451 | (r = sshbuf_put_bignum1(buffer, key->rsa->iqmp)) != 0 || | ||
3452 | (r = sshbuf_put_bignum1(buffer, key->rsa->q)) != 0 || | ||
3453 | (r = sshbuf_put_bignum1(buffer, key->rsa->p)) != 0) | ||
3454 | goto out; | ||
3455 | |||
3456 | /* Pad the part to be encrypted to a size that is a multiple of 8. */ | ||
3457 | explicit_bzero(buf, 8); | ||
3458 | if ((r = sshbuf_put(buffer, buf, 8 - (sshbuf_len(buffer) % 8))) != 0) | ||
3459 | goto out; | ||
3460 | |||
3461 | /* This buffer will be used to contain the data in the file. */ | ||
3462 | if ((encrypted = sshbuf_new()) == NULL) { | ||
3463 | r = SSH_ERR_ALLOC_FAIL; | ||
3464 | goto out; | ||
3465 | } | ||
3466 | |||
3467 | /* First store keyfile id string. */ | ||
3468 | if ((r = sshbuf_put(encrypted, LEGACY_BEGIN, | ||
3469 | sizeof(LEGACY_BEGIN))) != 0) | ||
3470 | goto out; | ||
3471 | |||
3472 | /* Store cipher type and "reserved" field. */ | ||
3473 | if ((r = sshbuf_put_u8(encrypted, cipher_num)) != 0 || | ||
3474 | (r = sshbuf_put_u32(encrypted, 0)) != 0) | ||
3475 | goto out; | ||
3476 | |||
3477 | /* Store public key. This will be in plain text. */ | ||
3478 | if ((r = sshbuf_put_u32(encrypted, BN_num_bits(key->rsa->n))) != 0 || | ||
3479 | (r = sshbuf_put_bignum1(encrypted, key->rsa->n)) != 0 || | ||
3480 | (r = sshbuf_put_bignum1(encrypted, key->rsa->e)) != 0 || | ||
3481 | (r = sshbuf_put_cstring(encrypted, comment)) != 0) | ||
3482 | goto out; | ||
3483 | |||
3484 | /* Allocate space for the private part of the key in the buffer. */ | ||
3485 | if ((r = sshbuf_reserve(encrypted, sshbuf_len(buffer), &cp)) != 0) | ||
3486 | goto out; | ||
3487 | |||
3488 | if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, | ||
3489 | CIPHER_ENCRYPT)) != 0) | ||
3490 | goto out; | ||
3491 | if ((r = cipher_crypt(ciphercontext, 0, cp, | ||
3492 | sshbuf_ptr(buffer), sshbuf_len(buffer), 0, 0)) != 0) | ||
3493 | goto out; | ||
3494 | |||
3495 | r = sshbuf_putb(blob, encrypted); | ||
3496 | |||
3497 | out: | ||
3498 | cipher_free(ciphercontext); | ||
3499 | explicit_bzero(buf, sizeof(buf)); | ||
3500 | sshbuf_free(buffer); | ||
3501 | sshbuf_free(encrypted); | ||
3502 | |||
3503 | return r; | ||
3504 | } | ||
3505 | #endif /* WITH_SSH1 */ | ||
3506 | 3321 | ||
3507 | #ifdef WITH_OPENSSL | 3322 | #ifdef WITH_OPENSSL |
3508 | /* convert SSH v2 key in OpenSSL PEM format */ | 3323 | /* convert SSH v2 key in OpenSSL PEM format */ |
@@ -3565,11 +3380,6 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, | |||
3565 | int force_new_format, const char *new_format_cipher, int new_format_rounds) | 3380 | int force_new_format, const char *new_format_cipher, int new_format_rounds) |
3566 | { | 3381 | { |
3567 | switch (key->type) { | 3382 | switch (key->type) { |
3568 | #ifdef WITH_SSH1 | ||
3569 | case KEY_RSA1: | ||
3570 | return sshkey_private_rsa1_to_blob(key, blob, | ||
3571 | passphrase, comment); | ||
3572 | #endif /* WITH_SSH1 */ | ||
3573 | #ifdef WITH_OPENSSL | 3383 | #ifdef WITH_OPENSSL |
3574 | case KEY_DSA: | 3384 | case KEY_DSA: |
3575 | case KEY_ECDSA: | 3385 | case KEY_ECDSA: |
@@ -3589,182 +3399,6 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, | |||
3589 | } | 3399 | } |
3590 | } | 3400 | } |
3591 | 3401 | ||
3592 | #ifdef WITH_SSH1 | ||
3593 | /* | ||
3594 | * Parse the public, unencrypted portion of a RSA1 key. | ||
3595 | */ | ||
3596 | int | ||
3597 | sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, | ||
3598 | struct sshkey **keyp, char **commentp) | ||
3599 | { | ||
3600 | int r; | ||
3601 | struct sshkey *pub = NULL; | ||
3602 | struct sshbuf *copy = NULL; | ||
3603 | |||
3604 | if (keyp != NULL) | ||
3605 | *keyp = NULL; | ||
3606 | if (commentp != NULL) | ||
3607 | *commentp = NULL; | ||
3608 | |||
3609 | /* Check that it is at least big enough to contain the ID string. */ | ||
3610 | if (sshbuf_len(blob) < sizeof(LEGACY_BEGIN)) | ||
3611 | return SSH_ERR_INVALID_FORMAT; | ||
3612 | |||
3613 | /* | ||
3614 | * Make sure it begins with the id string. Consume the id string | ||
3615 | * from the buffer. | ||
3616 | */ | ||
3617 | if (memcmp(sshbuf_ptr(blob), LEGACY_BEGIN, sizeof(LEGACY_BEGIN)) != 0) | ||
3618 | return SSH_ERR_INVALID_FORMAT; | ||
3619 | /* Make a working copy of the keyblob and skip past the magic */ | ||
3620 | if ((copy = sshbuf_fromb(blob)) == NULL) | ||
3621 | return SSH_ERR_ALLOC_FAIL; | ||
3622 | if ((r = sshbuf_consume(copy, sizeof(LEGACY_BEGIN))) != 0) | ||
3623 | goto out; | ||
3624 | |||
3625 | /* Skip cipher type, reserved data and key bits. */ | ||
3626 | if ((r = sshbuf_get_u8(copy, NULL)) != 0 || /* cipher type */ | ||
3627 | (r = sshbuf_get_u32(copy, NULL)) != 0 || /* reserved */ | ||
3628 | (r = sshbuf_get_u32(copy, NULL)) != 0) /* key bits */ | ||
3629 | goto out; | ||
3630 | |||
3631 | /* Read the public key from the buffer. */ | ||
3632 | if ((pub = sshkey_new(KEY_RSA1)) == NULL || | ||
3633 | (r = sshbuf_get_bignum1(copy, pub->rsa->n)) != 0 || | ||
3634 | (r = sshbuf_get_bignum1(copy, pub->rsa->e)) != 0) | ||
3635 | goto out; | ||
3636 | |||
3637 | /* Finally, the comment */ | ||
3638 | if ((r = sshbuf_get_string(copy, (u_char**)commentp, NULL)) != 0) | ||
3639 | goto out; | ||
3640 | |||
3641 | /* The encrypted private part is not parsed by this function. */ | ||
3642 | |||
3643 | r = 0; | ||
3644 | if (keyp != NULL) { | ||
3645 | *keyp = pub; | ||
3646 | pub = NULL; | ||
3647 | } | ||
3648 | out: | ||
3649 | sshbuf_free(copy); | ||
3650 | sshkey_free(pub); | ||
3651 | return r; | ||
3652 | } | ||
3653 | |||
3654 | static int | ||
3655 | sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | ||
3656 | struct sshkey **keyp, char **commentp) | ||
3657 | { | ||
3658 | int r; | ||
3659 | u_int16_t check1, check2; | ||
3660 | u_int8_t cipher_type; | ||
3661 | struct sshbuf *decrypted = NULL, *copy = NULL; | ||
3662 | u_char *cp; | ||
3663 | char *comment = NULL; | ||
3664 | struct sshcipher_ctx *ciphercontext = NULL; | ||
3665 | const struct sshcipher *cipher; | ||
3666 | struct sshkey *prv = NULL; | ||
3667 | |||
3668 | if (keyp != NULL) | ||
3669 | *keyp = NULL; | ||
3670 | if (commentp != NULL) | ||
3671 | *commentp = NULL; | ||
3672 | |||
3673 | /* Check that it is at least big enough to contain the ID string. */ | ||
3674 | if (sshbuf_len(blob) < sizeof(LEGACY_BEGIN)) | ||
3675 | return SSH_ERR_INVALID_FORMAT; | ||
3676 | |||
3677 | /* | ||
3678 | * Make sure it begins with the id string. Consume the id string | ||
3679 | * from the buffer. | ||
3680 | */ | ||
3681 | if (memcmp(sshbuf_ptr(blob), LEGACY_BEGIN, sizeof(LEGACY_BEGIN)) != 0) | ||
3682 | return SSH_ERR_INVALID_FORMAT; | ||
3683 | |||
3684 | if ((prv = sshkey_new_private(KEY_RSA1)) == NULL) { | ||
3685 | r = SSH_ERR_ALLOC_FAIL; | ||
3686 | goto out; | ||
3687 | } | ||
3688 | if ((copy = sshbuf_fromb(blob)) == NULL || | ||
3689 | (decrypted = sshbuf_new()) == NULL) { | ||
3690 | r = SSH_ERR_ALLOC_FAIL; | ||
3691 | goto out; | ||
3692 | } | ||
3693 | if ((r = sshbuf_consume(copy, sizeof(LEGACY_BEGIN))) != 0) | ||
3694 | goto out; | ||
3695 | |||
3696 | /* Read cipher type. */ | ||
3697 | if ((r = sshbuf_get_u8(copy, &cipher_type)) != 0 || | ||
3698 | (r = sshbuf_get_u32(copy, NULL)) != 0) /* reserved */ | ||
3699 | goto out; | ||
3700 | |||
3701 | /* Read the public key and comment from the buffer. */ | ||
3702 | if ((r = sshbuf_get_u32(copy, NULL)) != 0 || /* key bits */ | ||
3703 | (r = sshbuf_get_bignum1(copy, prv->rsa->n)) != 0 || | ||
3704 | (r = sshbuf_get_bignum1(copy, prv->rsa->e)) != 0 || | ||
3705 | (r = sshbuf_get_cstring(copy, &comment, NULL)) != 0) | ||
3706 | goto out; | ||
3707 | |||
3708 | /* Check that it is a supported cipher. */ | ||
3709 | cipher = cipher_by_number(cipher_type); | ||
3710 | if (cipher == NULL) { | ||
3711 | r = SSH_ERR_KEY_UNKNOWN_CIPHER; | ||
3712 | goto out; | ||
3713 | } | ||
3714 | /* Initialize space for decrypted data. */ | ||
3715 | if ((r = sshbuf_reserve(decrypted, sshbuf_len(copy), &cp)) != 0) | ||
3716 | goto out; | ||
3717 | |||
3718 | /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ | ||
3719 | if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, | ||
3720 | CIPHER_DECRYPT)) != 0) | ||
3721 | goto out; | ||
3722 | if ((r = cipher_crypt(ciphercontext, 0, cp, | ||
3723 | sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0) | ||
3724 | goto out; | ||
3725 | |||
3726 | if ((r = sshbuf_get_u16(decrypted, &check1)) != 0 || | ||
3727 | (r = sshbuf_get_u16(decrypted, &check2)) != 0) | ||
3728 | goto out; | ||
3729 | if (check1 != check2) { | ||
3730 | r = SSH_ERR_KEY_WRONG_PASSPHRASE; | ||
3731 | goto out; | ||
3732 | } | ||
3733 | |||
3734 | /* Read the rest of the private key. */ | ||
3735 | if ((r = sshbuf_get_bignum1(decrypted, prv->rsa->d)) != 0 || | ||
3736 | (r = sshbuf_get_bignum1(decrypted, prv->rsa->iqmp)) != 0 || | ||
3737 | (r = sshbuf_get_bignum1(decrypted, prv->rsa->q)) != 0 || | ||
3738 | (r = sshbuf_get_bignum1(decrypted, prv->rsa->p)) != 0) | ||
3739 | goto out; | ||
3740 | |||
3741 | /* calculate p-1 and q-1 */ | ||
3742 | if ((r = rsa_generate_additional_parameters(prv->rsa)) != 0) | ||
3743 | goto out; | ||
3744 | |||
3745 | /* enable blinding */ | ||
3746 | if (RSA_blinding_on(prv->rsa, NULL) != 1) { | ||
3747 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
3748 | goto out; | ||
3749 | } | ||
3750 | r = 0; | ||
3751 | if (keyp != NULL) { | ||
3752 | *keyp = prv; | ||
3753 | prv = NULL; | ||
3754 | } | ||
3755 | if (commentp != NULL) { | ||
3756 | *commentp = comment; | ||
3757 | comment = NULL; | ||
3758 | } | ||
3759 | out: | ||
3760 | cipher_free(ciphercontext); | ||
3761 | free(comment); | ||
3762 | sshkey_free(prv); | ||
3763 | sshbuf_free(copy); | ||
3764 | sshbuf_free(decrypted); | ||
3765 | return r; | ||
3766 | } | ||
3767 | #endif /* WITH_SSH1 */ | ||
3768 | 3402 | ||
3769 | #ifdef WITH_OPENSSL | 3403 | #ifdef WITH_OPENSSL |
3770 | static int | 3404 | static int |
@@ -3910,11 +3544,6 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, | |||
3910 | *commentp = NULL; | 3544 | *commentp = NULL; |
3911 | 3545 | ||
3912 | switch (type) { | 3546 | switch (type) { |
3913 | #ifdef WITH_SSH1 | ||
3914 | case KEY_RSA1: | ||
3915 | return sshkey_parse_private_rsa1(blob, passphrase, | ||
3916 | keyp, commentp); | ||
3917 | #endif /* WITH_SSH1 */ | ||
3918 | #ifdef WITH_OPENSSL | 3547 | #ifdef WITH_OPENSSL |
3919 | case KEY_DSA: | 3548 | case KEY_DSA: |
3920 | case KEY_ECDSA: | 3549 | case KEY_ECDSA: |
@@ -3951,13 +3580,6 @@ sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, | |||
3951 | if (commentp != NULL) | 3580 | if (commentp != NULL) |
3952 | *commentp = NULL; | 3581 | *commentp = NULL; |
3953 | 3582 | ||
3954 | #ifdef WITH_SSH1 | ||
3955 | /* it's a SSH v1 key if the public key part is readable */ | ||
3956 | if (sshkey_parse_public_rsa1_fileblob(buffer, NULL, NULL) == 0) { | ||
3957 | return sshkey_parse_private_fileblob_type(buffer, KEY_RSA1, | ||
3958 | passphrase, keyp, commentp); | ||
3959 | } | ||
3960 | #endif /* WITH_SSH1 */ | ||
3961 | return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, | 3583 | return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, |
3962 | passphrase, keyp, commentp); | 3584 | passphrase, keyp, commentp); |
3963 | } | 3585 | } |