summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-04-30 23:10:43 +0000
committerDamien Miller <djm@mindrot.org>2017-05-01 09:37:40 +1000
commit56912dea6ef63dae4eb1194e5d88973a7c6c5740 (patch)
treec0425585449d257a90a42efce5f602f7ce16779f
parentd4084cd230f7319056559b00db8b99296dad49d5 (diff)
upstream commit
unifdef WITH_SSH1 ok markus@ Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
Diffstat
-rw-r--r--authfd.c123
-rw-r--r--authfile.c56
-rw-r--r--cipher.c22
-rw-r--r--compat.c7
-rw-r--r--hostfile.c15
-rw-r--r--kex.c43
-rw-r--r--opacket.c20
-rw-r--r--packet.c43
-rw-r--r--readconf.c11
-rw-r--r--ssh-add.c9
-rw-r--r--ssh-agent.c173
-rw-r--r--ssh-keygen.c9
-rw-r--r--ssh-keyscan.c59
-rw-r--r--ssh.c10
-rw-r--r--sshconnect.c7
-rw-r--r--sshkey.c380
16 files changed, 15 insertions, 972 deletions
diff --git a/authfd.c b/authfd.c
index a634bcb81..915a6da48 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.c,v 1.100 2015/12/04 16:41:28 markus Exp $ */ 1/* $OpenBSD: authfd.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -199,43 +199,6 @@ ssh_lock_agent(int sock, int lock, const char *password)
199 return r; 199 return r;
200} 200}
201 201
202#ifdef WITH_SSH1
203static int
204deserialise_identity1(struct sshbuf *ids, struct sshkey **keyp, char **commentp)
205{
206 struct sshkey *key;
207 int r, keybits;
208 u_int32_t bits;
209 char *comment = NULL;
210
211 if ((key = sshkey_new(KEY_RSA1)) == NULL)
212 return SSH_ERR_ALLOC_FAIL;
213 if ((r = sshbuf_get_u32(ids, &bits)) != 0 ||
214 (r = sshbuf_get_bignum1(ids, key->rsa->e)) != 0 ||
215 (r = sshbuf_get_bignum1(ids, key->rsa->n)) != 0 ||
216 (r = sshbuf_get_cstring(ids, &comment, NULL)) != 0)
217 goto out;
218 keybits = BN_num_bits(key->rsa->n);
219 /* XXX previously we just warned here. I think we should be strict */
220 if (keybits < 0 || bits != (u_int)keybits) {
221 r = SSH_ERR_KEY_BITS_MISMATCH;
222 goto out;
223 }
224 if (keyp != NULL) {
225 *keyp = key;
226 key = NULL;
227 }
228 if (commentp != NULL) {
229 *commentp = comment;
230 comment = NULL;
231 }
232 r = 0;
233 out:
234 sshkey_free(key);
235 free(comment);
236 return r;
237}
238#endif
239 202
240static int 203static int
241deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) 204deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp)
@@ -331,11 +294,6 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
331 for (i = 0; i < num;) { 294 for (i = 0; i < num;) {
332 switch (version) { 295 switch (version) {
333 case 1: 296 case 1:
334#ifdef WITH_SSH1
335 if ((r = deserialise_identity1(msg,
336 &(idl->keys[i]), &(idl->comments[i]))) != 0)
337 goto out;
338#endif
339 break; 297 break;
340 case 2: 298 case 2:
341 if ((r = deserialise_identity2(msg, 299 if ((r = deserialise_identity2(msg,
@@ -385,46 +343,6 @@ ssh_free_identitylist(struct ssh_identitylist *idl)
385 * otherwise. 343 * otherwise.
386 */ 344 */
387 345
388#ifdef WITH_SSH1
389int
390ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge,
391 u_char session_id[16], u_char response[16])
392{
393 struct sshbuf *msg;
394 int r;
395 u_char type;
396
397 if (key->type != KEY_RSA1)
398 return SSH_ERR_INVALID_ARGUMENT;
399 if ((msg = sshbuf_new()) == NULL)
400 return SSH_ERR_ALLOC_FAIL;
401 if ((r = sshbuf_put_u8(msg, SSH_AGENTC_RSA_CHALLENGE)) != 0 ||
402 (r = sshbuf_put_u32(msg, BN_num_bits(key->rsa->n))) != 0 ||
403 (r = sshbuf_put_bignum1(msg, key->rsa->e)) != 0 ||
404 (r = sshbuf_put_bignum1(msg, key->rsa->n)) != 0 ||
405 (r = sshbuf_put_bignum1(msg, challenge)) != 0 ||
406 (r = sshbuf_put(msg, session_id, 16)) != 0 ||
407 (r = sshbuf_put_u32(msg, 1)) != 0) /* Response type for proto 1.1 */
408 goto out;
409 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
410 goto out;
411 if ((r = sshbuf_get_u8(msg, &type)) != 0)
412 goto out;
413 if (agent_failed(type)) {
414 r = SSH_ERR_AGENT_FAILURE;
415 goto out;
416 } else if (type != SSH_AGENT_RSA_RESPONSE) {
417 r = SSH_ERR_INVALID_FORMAT;
418 goto out;
419 }
420 if ((r = sshbuf_get(msg, response, 16)) != 0)
421 goto out;
422 r = 0;
423 out:
424 sshbuf_free(msg);
425 return r;
426}
427#endif
428 346
429/* encode signature algoritm in flag bits, so we can keep the msg format */ 347/* encode signature algoritm in flag bits, so we can keep the msg format */
430static u_int 348static u_int
@@ -494,25 +412,6 @@ ssh_agent_sign(int sock, struct sshkey *key,
494 412
495/* Encode key for a message to the agent. */ 413/* Encode key for a message to the agent. */
496 414
497#ifdef WITH_SSH1
498static int
499ssh_encode_identity_rsa1(struct sshbuf *b, RSA *key, const char *comment)
500{
501 int r;
502
503 /* To keep within the protocol: p < q for ssh. in SSL p > q */
504 if ((r = sshbuf_put_u32(b, BN_num_bits(key->n))) != 0 ||
505 (r = sshbuf_put_bignum1(b, key->n)) != 0 ||
506 (r = sshbuf_put_bignum1(b, key->e)) != 0 ||
507 (r = sshbuf_put_bignum1(b, key->d)) != 0 ||
508 (r = sshbuf_put_bignum1(b, key->iqmp)) != 0 ||
509 (r = sshbuf_put_bignum1(b, key->q)) != 0 ||
510 (r = sshbuf_put_bignum1(b, key->p)) != 0 ||
511 (r = sshbuf_put_cstring(b, comment)) != 0)
512 return r;
513 return 0;
514}
515#endif
516 415
517static int 416static int
518ssh_encode_identity_ssh2(struct sshbuf *b, struct sshkey *key, 417ssh_encode_identity_ssh2(struct sshbuf *b, struct sshkey *key,
@@ -561,16 +460,6 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment,
561 return SSH_ERR_ALLOC_FAIL; 460 return SSH_ERR_ALLOC_FAIL;
562 461
563 switch (key->type) { 462 switch (key->type) {
564#ifdef WITH_SSH1
565 case KEY_RSA1:
566 type = constrained ?
567 SSH_AGENTC_ADD_RSA_ID_CONSTRAINED :
568 SSH_AGENTC_ADD_RSA_IDENTITY;
569 if ((r = sshbuf_put_u8(msg, type)) != 0 ||
570 (r = ssh_encode_identity_rsa1(msg, key->rsa, comment)) != 0)
571 goto out;
572 break;
573#endif
574#ifdef WITH_OPENSSL 463#ifdef WITH_OPENSSL
575 case KEY_RSA: 464 case KEY_RSA:
576 case KEY_RSA_CERT: 465 case KEY_RSA_CERT:
@@ -620,16 +509,6 @@ ssh_remove_identity(int sock, struct sshkey *key)
620 if ((msg = sshbuf_new()) == NULL) 509 if ((msg = sshbuf_new()) == NULL)
621 return SSH_ERR_ALLOC_FAIL; 510 return SSH_ERR_ALLOC_FAIL;
622 511
623#ifdef WITH_SSH1
624 if (key->type == KEY_RSA1) {
625 if ((r = sshbuf_put_u8(msg,
626 SSH_AGENTC_REMOVE_RSA_IDENTITY)) != 0 ||
627 (r = sshbuf_put_u32(msg, BN_num_bits(key->rsa->n))) != 0 ||
628 (r = sshbuf_put_bignum1(msg, key->rsa->e)) != 0 ||
629 (r = sshbuf_put_bignum1(msg, key->rsa->n)) != 0)
630 goto out;
631 } else
632#endif
633 if (key->type != KEY_UNSPEC) { 512 if (key->type != KEY_UNSPEC) {
634 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) 513 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0)
635 goto out; 514 goto out;
diff --git a/authfile.c b/authfile.c
index 0869e5d0d..d28ae0d38 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfile.c,v 1.123 2017/03/26 00:18:52 deraadt Exp $ */ 1/* $OpenBSD: authfile.c,v 1.124 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
4 * 4 *
@@ -147,35 +147,6 @@ sshkey_load_file(int fd, struct sshbuf *blob)
147 return r; 147 return r;
148} 148}
149 149
150#ifdef WITH_SSH1
151/*
152 * Loads the public part of the ssh v1 key file. Returns NULL if an error was
153 * encountered (the file does not exist or is not readable), and the key
154 * otherwise.
155 */
156static int
157sshkey_load_public_rsa1(int fd, struct sshkey **keyp, char **commentp)
158{
159 struct sshbuf *b = NULL;
160 int r;
161
162 if (keyp != NULL)
163 *keyp = NULL;
164 if (commentp != NULL)
165 *commentp = NULL;
166
167 if ((b = sshbuf_new()) == NULL)
168 return SSH_ERR_ALLOC_FAIL;
169 if ((r = sshkey_load_file(fd, b)) != 0)
170 goto out;
171 if ((r = sshkey_parse_public_rsa1_fileblob(b, keyp, commentp)) != 0)
172 goto out;
173 r = 0;
174 out:
175 sshbuf_free(b);
176 return r;
177}
178#endif /* WITH_SSH1 */
179 150
180/* XXX remove error() calls from here? */ 151/* XXX remove error() calls from here? */
181int 152int
@@ -362,21 +333,7 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
362 333
363 if ((fd = open(filename, O_RDONLY)) < 0) 334 if ((fd = open(filename, O_RDONLY)) < 0)
364 goto skip; 335 goto skip;
365#ifdef WITH_SSH1
366 /* try rsa1 private key */
367 r = sshkey_load_public_rsa1(fd, keyp, commentp);
368 close(fd);
369 switch (r) {
370 case SSH_ERR_INTERNAL_ERROR:
371 case SSH_ERR_ALLOC_FAIL:
372 case SSH_ERR_INVALID_ARGUMENT:
373 case SSH_ERR_SYSTEM_ERROR:
374 case 0:
375 return r;
376 }
377#else /* WITH_SSH1 */
378 close(fd); 336 close(fd);
379#endif /* WITH_SSH1 */
380 337
381 /* try ssh2 public key */ 338 /* try ssh2 public key */
382 if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) 339 if ((pub = sshkey_new(KEY_UNSPEC)) == NULL)
@@ -388,17 +345,6 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
388 } 345 }
389 sshkey_free(pub); 346 sshkey_free(pub);
390 347
391#ifdef WITH_SSH1
392 /* try rsa1 public key */
393 if ((pub = sshkey_new(KEY_RSA1)) == NULL)
394 return SSH_ERR_ALLOC_FAIL;
395 if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) {
396 if (keyp != NULL)
397 *keyp = pub;
398 return 0;
399 }
400 sshkey_free(pub);
401#endif /* WITH_SSH1 */
402 348
403 skip: 349 skip:
404 /* try .pub suffix */ 350 /* try .pub suffix */
diff --git a/cipher.c b/cipher.c
index 2def333b1..2df2b84bc 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher.c,v 1.102 2016/08/03 05:41:57 djm Exp $ */ 1/* $OpenBSD: cipher.c,v 1.103 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -51,11 +51,6 @@
51 51
52#include "openbsd-compat/openssl-compat.h" 52#include "openbsd-compat/openssl-compat.h"
53 53
54#ifdef WITH_SSH1
55extern const EVP_CIPHER *evp_ssh1_bf(void);
56extern const EVP_CIPHER *evp_ssh1_3des(void);
57extern int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
58#endif
59 54
60struct sshcipher_ctx { 55struct sshcipher_ctx {
61 int plaintext; 56 int plaintext;
@@ -87,13 +82,6 @@ struct sshcipher {
87}; 82};
88 83
89static const struct sshcipher ciphers[] = { 84static const struct sshcipher ciphers[] = {
90#ifdef WITH_SSH1
91 { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc },
92 { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des },
93# ifndef OPENSSL_NO_BF
94 { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf },
95# endif /* OPENSSL_NO_BF */
96#endif /* WITH_SSH1 */
97#ifdef WITH_OPENSSL 85#ifdef WITH_OPENSSL
98 { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, 86 { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null },
99 { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, 87 { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc },
@@ -628,10 +616,6 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
628 memcpy(iv, cc->evp->iv, len); 616 memcpy(iv, cc->evp->iv, len);
629 break; 617 break;
630#endif 618#endif
631#ifdef WITH_SSH1
632 case SSH_CIPHER_3DES:
633 return ssh1_3des_iv(cc->evp, 0, iv, 24);
634#endif
635 default: 619 default:
636 return SSH_ERR_INVALID_ARGUMENT; 620 return SSH_ERR_INVALID_ARGUMENT;
637 } 621 }
@@ -674,10 +658,6 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
674 memcpy(cc->evp->iv, iv, evplen); 658 memcpy(cc->evp->iv, iv, evplen);
675 break; 659 break;
676#endif 660#endif
677#ifdef WITH_SSH1
678 case SSH_CIPHER_3DES:
679 return ssh1_3des_iv(cc->evp, 1, (u_char *)iv, 24);
680#endif
681 default: 661 default:
682 return SSH_ERR_INVALID_ARGUMENT; 662 return SSH_ERR_INVALID_ARGUMENT;
683 } 663 }
diff --git a/compat.c b/compat.c
index 1e80cfa9a..aa50d2ce8 100644
--- a/compat.c
+++ b/compat.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: compat.c,v 1.100 2017/02/03 23:01:19 djm Exp $ */ 1/* $OpenBSD: compat.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -233,11 +233,6 @@ proto_spec(const char *spec)
233 for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { 233 for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) {
234 switch (atoi(p)) { 234 switch (atoi(p)) {
235 case 1: 235 case 1:
236#ifdef WITH_SSH1
237 if (ret == SSH_PROTO_UNKNOWN)
238 ret |= SSH_PROTO_1_PREFERRED;
239 ret |= SSH_PROTO_1;
240#endif
241 break; 236 break;
242 case 2: 237 case 2:
243 ret |= SSH_PROTO_2; 238 ret |= SSH_PROTO_2;
diff --git a/hostfile.c b/hostfile.c
index e23faa969..b8f9cd143 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: hostfile.c,v 1.68 2017/03/10 04:26:06 djm Exp $ */ 1/* $OpenBSD: hostfile.c,v 1.69 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -789,20 +789,7 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx,
789 break; 789 break;
790 } 790 }
791 if (!hostfile_read_key(&cp, &kbits, lineinfo.key)) { 791 if (!hostfile_read_key(&cp, &kbits, lineinfo.key)) {
792#ifdef WITH_SSH1
793 sshkey_free(lineinfo.key);
794 lineinfo.key = sshkey_new(KEY_RSA1);
795 if (lineinfo.key == NULL) {
796 error("%s: sshkey_new fail", __func__);
797 r = SSH_ERR_ALLOC_FAIL;
798 break;
799 }
800 if (!hostfile_read_key(&cp, &kbits,
801 lineinfo.key))
802 goto bad;
803#else
804 goto bad; 792 goto bad;
805#endif
806 } 793 }
807 lineinfo.keytype = lineinfo.key->type; 794 lineinfo.keytype = lineinfo.key->type;
808 lineinfo.comment = cp; 795 lineinfo.comment = cp;
diff --git a/kex.c b/kex.c
index 98c0597a9..9a40759c1 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */ 1/* $OpenBSD: kex.c,v 1.132 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -980,47 +980,6 @@ kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
980} 980}
981#endif 981#endif
982 982
983#ifdef WITH_SSH1
984int
985derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus,
986 u_int8_t cookie[8], u_int8_t id[16])
987{
988 u_int8_t hbuf[2048], sbuf[2048], obuf[SSH_DIGEST_MAX_LENGTH];
989 struct ssh_digest_ctx *hashctx = NULL;
990 size_t hlen, slen;
991 int r;
992
993 hlen = BN_num_bytes(host_modulus);
994 slen = BN_num_bytes(server_modulus);
995 if (hlen < (512 / 8) || (u_int)hlen > sizeof(hbuf) ||
996 slen < (512 / 8) || (u_int)slen > sizeof(sbuf))
997 return SSH_ERR_KEY_BITS_MISMATCH;
998 if (BN_bn2bin(host_modulus, hbuf) <= 0 ||
999 BN_bn2bin(server_modulus, sbuf) <= 0) {
1000 r = SSH_ERR_LIBCRYPTO_ERROR;
1001 goto out;
1002 }
1003 if ((hashctx = ssh_digest_start(SSH_DIGEST_MD5)) == NULL) {
1004 r = SSH_ERR_ALLOC_FAIL;
1005 goto out;
1006 }
1007 if (ssh_digest_update(hashctx, hbuf, hlen) != 0 ||
1008 ssh_digest_update(hashctx, sbuf, slen) != 0 ||
1009 ssh_digest_update(hashctx, cookie, 8) != 0 ||
1010 ssh_digest_final(hashctx, obuf, sizeof(obuf)) != 0) {
1011 r = SSH_ERR_LIBCRYPTO_ERROR;
1012 goto out;
1013 }
1014 memcpy(id, obuf, ssh_digest_bytes(SSH_DIGEST_MD5));
1015 r = 0;
1016 out:
1017 ssh_digest_free(hashctx);
1018 explicit_bzero(hbuf, sizeof(hbuf));
1019 explicit_bzero(sbuf, sizeof(sbuf));
1020 explicit_bzero(obuf, sizeof(obuf));
1021 return r;
1022}
1023#endif
1024 983
1025#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) 984#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)
1026void 985void
diff --git a/opacket.c b/opacket.c
index 5970dd377..ad244b452 100644
--- a/opacket.c
+++ b/opacket.c
@@ -74,16 +74,6 @@ ssh_packet_put_raw(struct ssh *ssh, const void *buf, u_int len)
74 fatal("%s: %s", __func__, ssh_err(r)); 74 fatal("%s: %s", __func__, ssh_err(r));
75} 75}
76 76
77#ifdef WITH_SSH1
78void
79ssh_packet_put_bignum(struct ssh *ssh, BIGNUM * value)
80{
81 int r;
82
83 if ((r = sshpkt_put_bignum1(ssh, value)) != 0)
84 fatal("%s: %s", __func__, ssh_err(r));
85}
86#endif
87 77
88#ifdef WITH_OPENSSL 78#ifdef WITH_OPENSSL
89void 79void
@@ -150,16 +140,6 @@ ssh_packet_get_int64(struct ssh *ssh)
150 return val; 140 return val;
151} 141}
152 142
153#ifdef WITH_SSH1
154void
155ssh_packet_get_bignum(struct ssh *ssh, BIGNUM * value)
156{
157 int r;
158
159 if ((r = sshpkt_get_bignum1(ssh, value)) != 0)
160 fatal("%s: %s", __func__, ssh_err(r));
161}
162#endif
163 143
164#ifdef WITH_OPENSSL 144#ifdef WITH_OPENSSL
165void 145void
diff --git a/packet.c b/packet.c
index 2f3a2ec70..5d25ae61d 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.c,v 1.247 2017/03/11 13:07:35 markus Exp $ */ 1/* $OpenBSD: packet.c,v 1.248 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -811,34 +811,7 @@ uncompress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out)
811void 811void
812ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) 812ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number)
813{ 813{
814#ifndef WITH_SSH1
815 fatal("no SSH protocol 1 support"); 814 fatal("no SSH protocol 1 support");
816#else /* WITH_SSH1 */
817 struct session_state *state = ssh->state;
818 const struct sshcipher *cipher = cipher_by_number(number);
819 int r;
820 const char *wmsg;
821
822 if (cipher == NULL)
823 fatal("%s: unknown cipher number %d", __func__, number);
824 if (keylen < 20)
825 fatal("%s: keylen too small: %d", __func__, keylen);
826 if (keylen > SSH_SESSION_KEY_LENGTH)
827 fatal("%s: keylen too big: %d", __func__, keylen);
828 memcpy(state->ssh1_key, key, keylen);
829 state->ssh1_keylen = keylen;
830 if ((r = cipher_init(&state->send_context, cipher, key, keylen,
831 NULL, 0, CIPHER_ENCRYPT)) != 0 ||
832 (r = cipher_init(&state->receive_context, cipher, key, keylen,
833 NULL, 0, CIPHER_DECRYPT) != 0))
834 fatal("%s: cipher_init failed: %s", __func__, ssh_err(r));
835 if (!state->cipher_warning_done &&
836 ((wmsg = cipher_warning_message(state->send_context)) != NULL ||
837 (wmsg = cipher_warning_message(state->send_context)) != NULL)) {
838 error("Warning: %s", wmsg);
839 state->cipher_warning_done = 1;
840 }
841#endif /* WITH_SSH1 */
842} 815}
843 816
844/* 817/*
@@ -2862,13 +2835,6 @@ sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g)
2862} 2835}
2863#endif /* OPENSSL_HAS_ECC */ 2836#endif /* OPENSSL_HAS_ECC */
2864 2837
2865#ifdef WITH_SSH1
2866int
2867sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v)
2868{
2869 return sshbuf_put_bignum1(ssh->state->outgoing_packet, v);
2870}
2871#endif /* WITH_SSH1 */
2872 2838
2873int 2839int
2874sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v) 2840sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v)
@@ -2930,13 +2896,6 @@ sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
2930} 2896}
2931#endif /* OPENSSL_HAS_ECC */ 2897#endif /* OPENSSL_HAS_ECC */
2932 2898
2933#ifdef WITH_SSH1
2934int
2935sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v)
2936{
2937 return sshbuf_get_bignum1(ssh->state->incoming_packet, v);
2938}
2939#endif /* WITH_SSH1 */
2940 2899
2941int 2900int
2942sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) 2901sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v)
diff --git a/readconf.c b/readconf.c
index 013c19f59..975f00ff4 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.271 2017/04/28 03:20:27 dtucker Exp $ */ 1/* $OpenBSD: readconf.c,v 1.272 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -208,15 +208,9 @@ static struct {
208 { "smartcarddevice", oUnsupported }, 208 { "smartcarddevice", oUnsupported },
209 { "pkcs11provider", oUnsupported }, 209 { "pkcs11provider", oUnsupported },
210#endif 210#endif
211#ifdef WITH_SSH1
212 { "rsaauthentication", oRSAAuthentication },
213 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
214 { "compressionlevel", oCompressionLevel },
215# else
216 { "rsaauthentication", oUnsupported }, 211 { "rsaauthentication", oUnsupported },
217 { "rhostsrsaauthentication", oUnsupported }, 212 { "rhostsrsaauthentication", oUnsupported },
218 { "compressionlevel", oUnsupported }, 213 { "compressionlevel", oUnsupported },
219#endif
220 214
221 { "forwardagent", oForwardAgent }, 215 { "forwardagent", oForwardAgent },
222 { "forwardx11", oForwardX11 }, 216 { "forwardx11", oForwardX11 },
@@ -2575,9 +2569,6 @@ dump_client_config(Options *o, const char *host)
2575 2569
2576 /* Integer options */ 2570 /* Integer options */
2577 dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots); 2571 dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots);
2578#ifdef WITH_SSH1
2579 dump_cfg_int(oCompressionLevel, o->compression_level);
2580#endif
2581 dump_cfg_int(oConnectionAttempts, o->connection_attempts); 2572 dump_cfg_int(oConnectionAttempts, o->connection_attempts);
2582 dump_cfg_int(oForwardX11Timeout, o->forward_x11_timeout); 2573 dump_cfg_int(oForwardX11Timeout, o->forward_x11_timeout);
2583 dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts); 2574 dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts);
diff --git a/ssh-add.c b/ssh-add.c
index fb9a53e64..37ce56dfd 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-add.c,v 1.128 2016/02/15 09:47:49 dtucker Exp $ */ 1/* $OpenBSD: ssh-add.c,v 1.129 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -79,9 +79,6 @@ static char *default_files[] = {
79#endif 79#endif
80#endif /* WITH_OPENSSL */ 80#endif /* WITH_OPENSSL */
81 _PATH_SSH_CLIENT_ID_ED25519, 81 _PATH_SSH_CLIENT_ID_ED25519,
82#ifdef WITH_SSH1
83 _PATH_SSH_CLIENT_IDENTITY,
84#endif
85 NULL 82 NULL
86}; 83};
87 84
@@ -363,11 +360,7 @@ list_identities(int agent_fd, int do_fp)
363 int r, had_identities = 0; 360 int r, had_identities = 0;
364 struct ssh_identitylist *idlist; 361 struct ssh_identitylist *idlist;
365 size_t i; 362 size_t i;
366#ifdef WITH_SSH1
367 int version = 1;
368#else
369 int version = 2; 363 int version = 2;
370#endif
371 364
372 for (; version <= 2; version++) { 365 for (; version <= 2; version++) {
373 if ((r = ssh_fetch_identitylist(agent_fd, version, 366 if ((r = ssh_fetch_identitylist(agent_fd, version,
diff --git a/ssh-agent.c b/ssh-agent.c
index b987562b9..6788287b7 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-agent.c,v 1.218 2017/03/15 03:52:30 deraadt Exp $ */ 1/* $OpenBSD: ssh-agent.c,v 1.219 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -257,16 +257,6 @@ process_request_identities(SocketEntry *e, int version)
257 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 257 fatal("%s: buffer error: %s", __func__, ssh_err(r));
258 TAILQ_FOREACH(id, &tab->idlist, next) { 258 TAILQ_FOREACH(id, &tab->idlist, next) {
259 if (id->key->type == KEY_RSA1) { 259 if (id->key->type == KEY_RSA1) {
260#ifdef WITH_SSH1
261 if ((r = sshbuf_put_u32(msg,
262 BN_num_bits(id->key->rsa->n))) != 0 ||
263 (r = sshbuf_put_bignum1(msg,
264 id->key->rsa->e)) != 0 ||
265 (r = sshbuf_put_bignum1(msg,
266 id->key->rsa->n)) != 0)
267 fatal("%s: buffer error: %s",
268 __func__, ssh_err(r));
269#endif
270 } else { 260 } else {
271 u_char *blob; 261 u_char *blob;
272 size_t blen; 262 size_t blen;
@@ -289,87 +279,6 @@ process_request_identities(SocketEntry *e, int version)
289 sshbuf_free(msg); 279 sshbuf_free(msg);
290} 280}
291 281
292#ifdef WITH_SSH1
293/* ssh1 only */
294static void
295process_authentication_challenge1(SocketEntry *e)
296{
297 u_char buf[32], mdbuf[16], session_id[16];
298 u_int response_type;
299 BIGNUM *challenge;
300 Identity *id;
301 int r, len;
302 struct sshbuf *msg;
303 struct ssh_digest_ctx *md;
304 struct sshkey *key;
305
306 if ((msg = sshbuf_new()) == NULL)
307 fatal("%s: sshbuf_new failed", __func__);
308 if ((key = sshkey_new(KEY_RSA1)) == NULL)
309 fatal("%s: sshkey_new failed", __func__);
310 if ((challenge = BN_new()) == NULL)
311 fatal("%s: BN_new failed", __func__);
312
313 if ((r = sshbuf_get_u32(e->request, NULL)) != 0 || /* ignored */
314 (r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 ||
315 (r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0 ||
316 (r = sshbuf_get_bignum1(e->request, challenge)))
317 fatal("%s: buffer error: %s", __func__, ssh_err(r));
318
319 /* Only protocol 1.1 is supported */
320 if (sshbuf_len(e->request) == 0)
321 goto failure;
322 if ((r = sshbuf_get(e->request, session_id, sizeof(session_id))) != 0 ||
323 (r = sshbuf_get_u32(e->request, &response_type)) != 0)
324 fatal("%s: buffer error: %s", __func__, ssh_err(r));
325 if (response_type != 1)
326 goto failure;
327
328 id = lookup_identity(key, 1);
329 if (id != NULL && (!id->confirm || confirm_key(id) == 0)) {
330 struct sshkey *private = id->key;
331 /* Decrypt the challenge using the private key. */
332 if ((r = rsa_private_decrypt(challenge, challenge,
333 private->rsa) != 0)) {
334 fatal("%s: rsa_public_encrypt: %s", __func__,
335 ssh_err(r));
336 goto failure; /* XXX ? */
337 }
338
339 /* The response is MD5 of decrypted challenge plus session id */
340 len = BN_num_bytes(challenge);
341 if (len <= 0 || len > 32) {
342 logit("%s: bad challenge length %d", __func__, len);
343 goto failure;
344 }
345 memset(buf, 0, 32);
346 BN_bn2bin(challenge, buf + 32 - len);
347 if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
348 ssh_digest_update(md, buf, 32) < 0 ||
349 ssh_digest_update(md, session_id, 16) < 0 ||
350 ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
351 fatal("%s: md5 failed", __func__);
352 ssh_digest_free(md);
353
354 /* Send the response. */
355 if ((r = sshbuf_put_u8(msg, SSH_AGENT_RSA_RESPONSE)) != 0 ||
356 (r = sshbuf_put(msg, mdbuf, sizeof(mdbuf))) != 0)
357 fatal("%s: buffer error: %s", __func__, ssh_err(r));
358 goto send;
359 }
360
361 failure:
362 /* Unknown identity or protocol error. Send failure. */
363 if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0)
364 fatal("%s: buffer error: %s", __func__, ssh_err(r));
365 send:
366 if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
367 fatal("%s: buffer error: %s", __func__, ssh_err(r));
368 sshkey_free(key);
369 BN_clear_free(challenge);
370 sshbuf_free(msg);
371}
372#endif
373 282
374static char * 283static char *
375agent_decode_alg(struct sshkey *key, u_int flags) 284agent_decode_alg(struct sshkey *key, u_int flags)
@@ -448,28 +357,8 @@ process_remove_identity(SocketEntry *e, int version)
448 int r, success = 0; 357 int r, success = 0;
449 struct sshkey *key = NULL; 358 struct sshkey *key = NULL;
450 u_char *blob; 359 u_char *blob;
451#ifdef WITH_SSH1
452 u_int bits;
453#endif /* WITH_SSH1 */
454 360
455 switch (version) { 361 switch (version) {
456#ifdef WITH_SSH1
457 case 1:
458 if ((key = sshkey_new(KEY_RSA1)) == NULL) {
459 error("%s: sshkey_new failed", __func__);
460 return;
461 }
462 if ((r = sshbuf_get_u32(e->request, &bits)) != 0 ||
463 (r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 ||
464 (r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0)
465 fatal("%s: buffer error: %s", __func__, ssh_err(r));
466
467 if (bits != sshkey_size(key))
468 logit("Warning: identity keysize mismatch: "
469 "actual %u, announced %u",
470 sshkey_size(key), bits);
471 break;
472#endif /* WITH_SSH1 */
473 case 2: 362 case 2:
474 if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0) 363 if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0)
475 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 364 fatal("%s: buffer error: %s", __func__, ssh_err(r));
@@ -559,45 +448,6 @@ reaper(void)
559 * XXX this and the corresponding serialisation function probably belongs 448 * XXX this and the corresponding serialisation function probably belongs
560 * in key.c 449 * in key.c
561 */ 450 */
562#ifdef WITH_SSH1
563static int
564agent_decode_rsa1(struct sshbuf *m, struct sshkey **kp)
565{
566 struct sshkey *k = NULL;
567 int r = SSH_ERR_INTERNAL_ERROR;
568
569 *kp = NULL;
570 if ((k = sshkey_new_private(KEY_RSA1)) == NULL)
571 return SSH_ERR_ALLOC_FAIL;
572
573 if ((r = sshbuf_get_u32(m, NULL)) != 0 || /* ignored */
574 (r = sshbuf_get_bignum1(m, k->rsa->n)) != 0 ||
575 (r = sshbuf_get_bignum1(m, k->rsa->e)) != 0 ||
576 (r = sshbuf_get_bignum1(m, k->rsa->d)) != 0 ||
577 (r = sshbuf_get_bignum1(m, k->rsa->iqmp)) != 0 ||
578 /* SSH1 and SSL have p and q swapped */
579 (r = sshbuf_get_bignum1(m, k->rsa->q)) != 0 || /* p */
580 (r = sshbuf_get_bignum1(m, k->rsa->p)) != 0) /* q */
581 goto out;
582
583 /* Generate additional parameters */
584 if ((r = rsa_generate_additional_parameters(k->rsa)) != 0)
585 goto out;
586 /* enable blinding */
587 if (RSA_blinding_on(k->rsa, NULL) != 1) {
588 r = SSH_ERR_LIBCRYPTO_ERROR;
589 goto out;
590 }
591
592 r = 0; /* success */
593 out:
594 if (r == 0)
595 *kp = k;
596 else
597 sshkey_free(k);
598 return r;
599}
600#endif /* WITH_SSH1 */
601 451
602static void 452static void
603process_add_identity(SocketEntry *e, int version) 453process_add_identity(SocketEntry *e, int version)
@@ -613,11 +463,6 @@ process_add_identity(SocketEntry *e, int version)
613 int r = SSH_ERR_INTERNAL_ERROR; 463 int r = SSH_ERR_INTERNAL_ERROR;
614 464
615 switch (version) { 465 switch (version) {
616#ifdef WITH_SSH1
617 case 1:
618 r = agent_decode_rsa1(e->request, &k);
619 break;
620#endif /* WITH_SSH1 */
621 case 2: 466 case 2:
622 r = sshkey_private_deserialize(e->request, &k); 467 r = sshkey_private_deserialize(e->request, &k);
623 break; 468 break;
@@ -912,22 +757,6 @@ process_message(SocketEntry *e)
912 case SSH_AGENTC_UNLOCK: 757 case SSH_AGENTC_UNLOCK:
913 process_lock_agent(e, type == SSH_AGENTC_LOCK); 758 process_lock_agent(e, type == SSH_AGENTC_LOCK);
914 break; 759 break;
915#ifdef WITH_SSH1
916 /* ssh1 */
917 case SSH_AGENTC_RSA_CHALLENGE:
918 process_authentication_challenge1(e);
919 break;
920 case SSH_AGENTC_REQUEST_RSA_IDENTITIES:
921 process_request_identities(e, 1);
922 break;
923 case SSH_AGENTC_ADD_RSA_IDENTITY:
924 case SSH_AGENTC_ADD_RSA_ID_CONSTRAINED:
925 process_add_identity(e, 1);
926 break;
927 case SSH_AGENTC_REMOVE_RSA_IDENTITY:
928 process_remove_identity(e, 1);
929 break;
930#endif
931 case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: 760 case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:
932 process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */ 761 process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */
933 break; 762 break;
diff --git a/ssh-keygen.c b/ssh-keygen.c
index c0d2d5942..70d421844 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.300 2017/04/29 04:12:25 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.301 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -987,9 +987,6 @@ do_gen_all_hostkeys(struct passwd *pw)
987 char *path; 987 char *path;
988 } key_types[] = { 988 } key_types[] = {
989#ifdef WITH_OPENSSL 989#ifdef WITH_OPENSSL
990#ifdef WITH_SSH1
991 { "rsa1", "RSA1", _PATH_HOST_KEY_FILE },
992#endif /* WITH_SSH1 */
993 { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, 990 { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE },
994 { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, 991 { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE },
995#ifdef OPENSSL_HAS_ECC 992#ifdef OPENSSL_HAS_ECC
@@ -2244,11 +2241,7 @@ do_check_krl(struct passwd *pw, int argc, char **argv)
2244 exit(ret); 2241 exit(ret);
2245} 2242}
2246 2243
2247#ifdef WITH_SSH1
2248# define RSA1_USAGE " | rsa1"
2249#else
2250# define RSA1_USAGE "" 2244# define RSA1_USAGE ""
2251#endif
2252 2245
2253static void 2246static void
2254usage(void) 2247usage(void)
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 1f95239a3..3231ee342 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keyscan.c,v 1.109 2017/03/10 04:26:06 djm Exp $ */ 1/* $OpenBSD: ssh-keyscan.c,v 1.110 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4 * 4 *
@@ -187,52 +187,6 @@ strnnsep(char **stringp, char *delim)
187 return (tok); 187 return (tok);
188} 188}
189 189
190#ifdef WITH_SSH1
191static struct sshkey *
192keygrab_ssh1(con *c)
193{
194 static struct sshkey *rsa;
195 static struct sshbuf *msg;
196 int r;
197 u_char type;
198
199 if (rsa == NULL) {
200 if ((rsa = sshkey_new(KEY_RSA1)) == NULL) {
201 error("%s: sshkey_new failed", __func__);
202 return NULL;
203 }
204 if ((msg = sshbuf_new()) == NULL)
205 fatal("%s: sshbuf_new failed", __func__);
206 }
207 if ((r = sshbuf_put(msg, c->c_data, c->c_plen)) != 0 ||
208 (r = sshbuf_consume(msg, 8 - (c->c_plen & 7))) != 0 || /* padding */
209 (r = sshbuf_get_u8(msg, &type)) != 0)
210 goto buf_err;
211 if (type != (int) SSH_SMSG_PUBLIC_KEY) {
212 error("%s: invalid packet type", c->c_name);
213 sshbuf_reset(msg);
214 return NULL;
215 }
216 if ((r = sshbuf_consume(msg, 8)) != 0 || /* cookie */
217 /* server key */
218 (r = sshbuf_get_u32(msg, NULL)) != 0 ||
219 (r = sshbuf_get_bignum1(msg, NULL)) != 0 ||
220 (r = sshbuf_get_bignum1(msg, NULL)) != 0 ||
221 /* host key */
222 (r = sshbuf_get_u32(msg, NULL)) != 0 ||
223 (r = sshbuf_get_bignum1(msg, rsa->rsa->e)) != 0 ||
224 (r = sshbuf_get_bignum1(msg, rsa->rsa->n)) != 0) {
225 buf_err:
226 error("%s: buffer error: %s", __func__, ssh_err(r));
227 sshbuf_reset(msg);
228 return NULL;
229 }
230
231 sshbuf_reset(msg);
232
233 return (rsa);
234}
235#endif
236 190
237static int 191static int
238key_print_wrapper(struct sshkey *hostkey, struct ssh *ssh) 192key_print_wrapper(struct sshkey *hostkey, struct ssh *ssh)
@@ -585,12 +539,6 @@ conread(int s)
585 c->c_data = xmalloc(c->c_len); 539 c->c_data = xmalloc(c->c_len);
586 c->c_status = CS_KEYS; 540 c->c_status = CS_KEYS;
587 break; 541 break;
588#ifdef WITH_SSH1
589 case CS_KEYS:
590 keyprint(c, keygrab_ssh1(c));
591 confree(s);
592 return;
593#endif
594 default: 542 default:
595 fatal("conread: invalid status %d", c->c_status); 543 fatal("conread: invalid status %d", c->c_status);
596 break; 544 break;
@@ -756,11 +704,6 @@ main(int argc, char **argv)
756 int type = sshkey_type_from_name(tname); 704 int type = sshkey_type_from_name(tname);
757 705
758 switch (type) { 706 switch (type) {
759#ifdef WITH_SSH1
760 case KEY_RSA1:
761 get_keytypes |= KT_RSA1;
762 break;
763#endif
764 case KEY_DSA: 707 case KEY_DSA:
765 get_keytypes |= KT_DSA; 708 get_keytypes |= KT_DSA;
766 break; 709 break;
diff --git a/ssh.c b/ssh.c
index 5db6ff25e..38c8e837f 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.452 2017/04/28 03:20:27 dtucker Exp $ */ 1/* $OpenBSD: ssh.c,v 1.453 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -690,11 +690,7 @@ main(int ac, char **av)
690 else if (strcmp(optarg, "key-plain") == 0) 690 else if (strcmp(optarg, "key-plain") == 0)
691 cp = sshkey_alg_list(0, 1, 0, '\n'); 691 cp = sshkey_alg_list(0, 1, 0, '\n');
692 else if (strcmp(optarg, "protocol-version") == 0) { 692 else if (strcmp(optarg, "protocol-version") == 0) {
693#ifdef WITH_SSH1
694 cp = xstrdup("1\n2");
695#else
696 cp = xstrdup("2"); 693 cp = xstrdup("2");
697#endif
698 } 694 }
699 if (cp == NULL) 695 if (cp == NULL)
700 fatal("Unsupported query \"%s\"", optarg); 696 fatal("Unsupported query \"%s\"", optarg);
@@ -1304,10 +1300,6 @@ main(int ac, char **av)
1304 sensitive_data.keys[i] = NULL; 1300 sensitive_data.keys[i] = NULL;
1305 1301
1306 PRIV_START; 1302 PRIV_START;
1307#if WITH_SSH1
1308 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,
1309 _PATH_HOST_KEY_FILE, "", NULL, NULL);
1310#endif
1311#ifdef OPENSSL_HAS_ECC 1303#ifdef OPENSSL_HAS_ECC
1312 sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, 1304 sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA,
1313 _PATH_HOST_ECDSA_KEY_FILE, "", NULL); 1305 _PATH_HOST_ECDSA_KEY_FILE, "", NULL);
diff --git a/sshconnect.c b/sshconnect.c
index 948b638ad..26ffbc802 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect.c,v 1.273 2017/03/10 03:22:40 dtucker Exp $ */ 1/* $OpenBSD: sshconnect.c,v 1.274 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1382,12 +1382,7 @@ ssh_login(Sensitive *sensitive, const char *orighost,
1382 ssh_kex2(host, hostaddr, port); 1382 ssh_kex2(host, hostaddr, port);
1383 ssh_userauth2(local_user, server_user, host, sensitive); 1383 ssh_userauth2(local_user, server_user, host, sensitive);
1384 } else { 1384 } else {
1385#ifdef WITH_SSH1
1386 ssh_kex(host, hostaddr);
1387 ssh_userauth1(local_user, server_user, host, sensitive);
1388#else
1389 fatal("ssh1 is not supported"); 1385 fatal("ssh1 is not supported");
1390#endif
1391 } 1386 }
1392 free(local_user); 1387 free(local_user);
1393} 1388}
diff --git a/sshkey.c b/sshkey.c
index 3c487849e..045f1284f 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.45 2017/03/10 04:07:20 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.46 2017/04/30 23:10:43 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -89,9 +89,6 @@ static const struct keytype keytypes[] = {
89 { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", 89 { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT",
90 KEY_ED25519_CERT, 0, 1, 0 }, 90 KEY_ED25519_CERT, 0, 1, 0 },
91#ifdef WITH_OPENSSL 91#ifdef WITH_OPENSSL
92# ifdef WITH_SSH1
93 { NULL, "RSA1", KEY_RSA1, 0, 0, 0 },
94# endif
95 { "ssh-rsa", "RSA", KEY_RSA, 0, 0, 0 }, 92 { "ssh-rsa", "RSA", KEY_RSA, 0, 0, 0 },
96 { "rsa-sha2-256", "RSA", KEY_RSA, 0, 0, 1 }, 93 { "rsa-sha2-256", "RSA", KEY_RSA, 0, 0, 1 },
97 { "rsa-sha2-512", "RSA", KEY_RSA, 0, 0, 1 }, 94 { "rsa-sha2-512", "RSA", KEY_RSA, 0, 0, 1 },
@@ -1194,39 +1191,6 @@ sshkey_fingerprint(const struct sshkey *k, int dgst_alg,
1194 return retval; 1191 return retval;
1195} 1192}
1196 1193
1197#ifdef WITH_SSH1
1198/*
1199 * Reads a multiple-precision integer in decimal from the buffer, and advances
1200 * the pointer. The integer must already be initialized. This function is
1201 * permitted to modify the buffer. This leaves *cpp to point just beyond the
1202 * last processed character.
1203 */
1204static int
1205read_decimal_bignum(char **cpp, BIGNUM *v)
1206{
1207 char *cp;
1208 size_t e;
1209 int skip = 1; /* skip white space */
1210
1211 cp = *cpp;
1212 while (*cp == ' ' || *cp == '\t')
1213 cp++;
1214 e = strspn(cp, "0123456789");
1215 if (e == 0)
1216 return SSH_ERR_INVALID_FORMAT;
1217 if (e > SSHBUF_MAX_BIGNUM * 3)
1218 return SSH_ERR_BIGNUM_TOO_LARGE;
1219 if (cp[e] == '\0')
1220 skip = 0;
1221 else if (strchr(" \t\r\n", cp[e]) == NULL)
1222 return SSH_ERR_INVALID_FORMAT;
1223 cp[e] = '\0';
1224 if (BN_dec2bn(&v, cp) <= 0)
1225 return SSH_ERR_INVALID_FORMAT;
1226 *cpp = cp + e + skip;
1227 return 0;
1228}
1229#endif /* WITH_SSH1 */
1230 1194
1231/* returns 0 ok, and < 0 error */ 1195/* returns 0 ok, and < 0 error */
1232int 1196int
@@ -1237,9 +1201,6 @@ sshkey_read(struct sshkey *ret, char **cpp)
1237 char *ep, *cp, *space; 1201 char *ep, *cp, *space;
1238 int r, type, curve_nid = -1; 1202 int r, type, curve_nid = -1;
1239 struct sshbuf *blob; 1203 struct sshbuf *blob;
1240#ifdef WITH_SSH1
1241 u_long bits;
1242#endif /* WITH_SSH1 */
1243 1204
1244 if (ret == NULL) 1205 if (ret == NULL)
1245 return SSH_ERR_INVALID_ARGUMENT; 1206 return SSH_ERR_INVALID_ARGUMENT;
@@ -1248,23 +1209,6 @@ sshkey_read(struct sshkey *ret, char **cpp)
1248 1209
1249 switch (ret->type) { 1210 switch (ret->type) {
1250 case KEY_RSA1: 1211 case KEY_RSA1:
1251#ifdef WITH_SSH1
1252 /* Get number of bits. */
1253 bits = strtoul(cp, &ep, 10);
1254 if (*cp == '\0' || strchr(" \t\r\n", *ep) == NULL ||
1255 bits == 0 || bits > SSHBUF_MAX_BIGNUM * 8)
1256 return SSH_ERR_INVALID_FORMAT; /* Bad bit count... */
1257 /* Get public exponent, public modulus. */
1258 if ((r = read_decimal_bignum(&ep, ret->rsa->e)) < 0)
1259 return r;
1260 if ((r = read_decimal_bignum(&ep, ret->rsa->n)) < 0)
1261 return r;
1262 /* validate the claimed number of bits */
1263 if (BN_num_bits(ret->rsa->n) != (int)bits)
1264 return SSH_ERR_KEY_BITS_MISMATCH;
1265 *cpp = ep;
1266 retval = 0;
1267#endif /* WITH_SSH1 */
1268 break; 1212 break;
1269 case KEY_UNSPEC: 1213 case KEY_UNSPEC:
1270 case KEY_RSA: 1214 case KEY_RSA:
@@ -1422,36 +1366,6 @@ static int
1422sshkey_format_rsa1(const struct sshkey *key, struct sshbuf *b) 1366sshkey_format_rsa1(const struct sshkey *key, struct sshbuf *b)
1423{ 1367{
1424 int r = SSH_ERR_INTERNAL_ERROR; 1368 int r = SSH_ERR_INTERNAL_ERROR;
1425#ifdef WITH_SSH1
1426 u_int bits = 0;
1427 char *dec_e = NULL, *dec_n = NULL;
1428
1429 if (key->rsa == NULL || key->rsa->e == NULL ||
1430 key->rsa->n == NULL) {
1431 r = SSH_ERR_INVALID_ARGUMENT;
1432 goto out;
1433 }
1434 if ((dec_e = BN_bn2dec(key->rsa->e)) == NULL ||
1435 (dec_n = BN_bn2dec(key->rsa->n)) == NULL) {
1436 r = SSH_ERR_ALLOC_FAIL;
1437 goto out;
1438 }
1439 /* size of modulus 'n' */
1440 if ((bits = BN_num_bits(key->rsa->n)) <= 0) {
1441 r = SSH_ERR_INVALID_ARGUMENT;
1442 goto out;
1443 }
1444 if ((r = sshbuf_putf(b, "%u %s %s", bits, dec_e, dec_n)) != 0)
1445 goto out;
1446
1447 /* Success */
1448 r = 0;
1449 out:
1450 if (dec_e != NULL)
1451 OPENSSL_free(dec_e);
1452 if (dec_n != NULL)
1453 OPENSSL_free(dec_n);
1454#endif /* WITH_SSH1 */
1455 1369
1456 return r; 1370 return r;
1457} 1371}
@@ -3404,105 +3318,6 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase,
3404 return r; 3318 return r;
3405} 3319}
3406 3320
3407#if WITH_SSH1
3408/*
3409 * Serialises the authentication (private) key to a blob, encrypting it with
3410 * passphrase. The identification of the blob (lowest 64 bits of n) will
3411 * precede the key to provide identification of the key without needing a
3412 * passphrase.
3413 */
3414static int
3415sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob,
3416 const char *passphrase, const char *comment)
3417{
3418 struct sshbuf *buffer = NULL, *encrypted = NULL;
3419 u_char buf[8];
3420 int r, cipher_num;
3421 struct sshcipher_ctx *ciphercontext = NULL;
3422 const struct sshcipher *cipher;
3423 u_char *cp;
3424
3425 /*
3426 * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting
3427 * to another cipher; otherwise use SSH_AUTHFILE_CIPHER.
3428 */
3429 cipher_num = (strcmp(passphrase, "") == 0) ?
3430 SSH_CIPHER_NONE : SSH_CIPHER_3DES;
3431 if ((cipher = cipher_by_number(cipher_num)) == NULL)
3432 return SSH_ERR_INTERNAL_ERROR;
3433
3434 /* This buffer is used to build the secret part of the private key. */
3435 if ((buffer = sshbuf_new()) == NULL)
3436 return SSH_ERR_ALLOC_FAIL;
3437
3438 /* Put checkbytes for checking passphrase validity. */
3439 if ((r = sshbuf_reserve(buffer, 4, &cp)) != 0)
3440 goto out;
3441 arc4random_buf(cp, 2);
3442 memcpy(cp + 2, cp, 2);
3443
3444 /*
3445 * Store the private key (n and e will not be stored because they
3446 * will be stored in plain text, and storing them also in encrypted
3447 * format would just give known plaintext).
3448 * Note: q and p are stored in reverse order to SSL.
3449 */
3450 if ((r = sshbuf_put_bignum1(buffer, key->rsa->d)) != 0 ||
3451 (r = sshbuf_put_bignum1(buffer, key->rsa->iqmp)) != 0 ||
3452 (r = sshbuf_put_bignum1(buffer, key->rsa->q)) != 0 ||
3453 (r = sshbuf_put_bignum1(buffer, key->rsa->p)) != 0)
3454 goto out;
3455
3456 /* Pad the part to be encrypted to a size that is a multiple of 8. */
3457 explicit_bzero(buf, 8);
3458 if ((r = sshbuf_put(buffer, buf, 8 - (sshbuf_len(buffer) % 8))) != 0)
3459 goto out;
3460
3461 /* This buffer will be used to contain the data in the file. */
3462 if ((encrypted = sshbuf_new()) == NULL) {
3463 r = SSH_ERR_ALLOC_FAIL;
3464 goto out;
3465 }
3466
3467 /* First store keyfile id string. */
3468 if ((r = sshbuf_put(encrypted, LEGACY_BEGIN,
3469 sizeof(LEGACY_BEGIN))) != 0)
3470 goto out;
3471
3472 /* Store cipher type and "reserved" field. */
3473 if ((r = sshbuf_put_u8(encrypted, cipher_num)) != 0 ||
3474 (r = sshbuf_put_u32(encrypted, 0)) != 0)
3475 goto out;
3476
3477 /* Store public key. This will be in plain text. */
3478 if ((r = sshbuf_put_u32(encrypted, BN_num_bits(key->rsa->n))) != 0 ||
3479 (r = sshbuf_put_bignum1(encrypted, key->rsa->n)) != 0 ||
3480 (r = sshbuf_put_bignum1(encrypted, key->rsa->e)) != 0 ||
3481 (r = sshbuf_put_cstring(encrypted, comment)) != 0)
3482 goto out;
3483
3484 /* Allocate space for the private part of the key in the buffer. */
3485 if ((r = sshbuf_reserve(encrypted, sshbuf_len(buffer), &cp)) != 0)
3486 goto out;
3487
3488 if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase,
3489 CIPHER_ENCRYPT)) != 0)
3490 goto out;
3491 if ((r = cipher_crypt(ciphercontext, 0, cp,
3492 sshbuf_ptr(buffer), sshbuf_len(buffer), 0, 0)) != 0)
3493 goto out;
3494
3495 r = sshbuf_putb(blob, encrypted);
3496
3497 out:
3498 cipher_free(ciphercontext);
3499 explicit_bzero(buf, sizeof(buf));
3500 sshbuf_free(buffer);
3501 sshbuf_free(encrypted);
3502
3503 return r;
3504}
3505#endif /* WITH_SSH1 */
3506 3321
3507#ifdef WITH_OPENSSL 3322#ifdef WITH_OPENSSL
3508/* convert SSH v2 key in OpenSSL PEM format */ 3323/* convert SSH v2 key in OpenSSL PEM format */
@@ -3565,11 +3380,6 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob,
3565 int force_new_format, const char *new_format_cipher, int new_format_rounds) 3380 int force_new_format, const char *new_format_cipher, int new_format_rounds)
3566{ 3381{
3567 switch (key->type) { 3382 switch (key->type) {
3568#ifdef WITH_SSH1
3569 case KEY_RSA1:
3570 return sshkey_private_rsa1_to_blob(key, blob,
3571 passphrase, comment);
3572#endif /* WITH_SSH1 */
3573#ifdef WITH_OPENSSL 3383#ifdef WITH_OPENSSL
3574 case KEY_DSA: 3384 case KEY_DSA:
3575 case KEY_ECDSA: 3385 case KEY_ECDSA:
@@ -3589,182 +3399,6 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob,
3589 } 3399 }
3590} 3400}
3591 3401
3592#ifdef WITH_SSH1
3593/*
3594 * Parse the public, unencrypted portion of a RSA1 key.
3595 */
3596int
3597sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob,
3598 struct sshkey **keyp, char **commentp)
3599{
3600 int r;
3601 struct sshkey *pub = NULL;
3602 struct sshbuf *copy = NULL;
3603
3604 if (keyp != NULL)
3605 *keyp = NULL;
3606 if (commentp != NULL)
3607 *commentp = NULL;
3608
3609 /* Check that it is at least big enough to contain the ID string. */
3610 if (sshbuf_len(blob) < sizeof(LEGACY_BEGIN))
3611 return SSH_ERR_INVALID_FORMAT;
3612
3613 /*
3614 * Make sure it begins with the id string. Consume the id string
3615 * from the buffer.
3616 */
3617 if (memcmp(sshbuf_ptr(blob), LEGACY_BEGIN, sizeof(LEGACY_BEGIN)) != 0)
3618 return SSH_ERR_INVALID_FORMAT;
3619 /* Make a working copy of the keyblob and skip past the magic */
3620 if ((copy = sshbuf_fromb(blob)) == NULL)
3621 return SSH_ERR_ALLOC_FAIL;
3622 if ((r = sshbuf_consume(copy, sizeof(LEGACY_BEGIN))) != 0)
3623 goto out;
3624
3625 /* Skip cipher type, reserved data and key bits. */
3626 if ((r = sshbuf_get_u8(copy, NULL)) != 0 || /* cipher type */
3627 (r = sshbuf_get_u32(copy, NULL)) != 0 || /* reserved */
3628 (r = sshbuf_get_u32(copy, NULL)) != 0) /* key bits */
3629 goto out;
3630
3631 /* Read the public key from the buffer. */
3632 if ((pub = sshkey_new(KEY_RSA1)) == NULL ||
3633 (r = sshbuf_get_bignum1(copy, pub->rsa->n)) != 0 ||
3634 (r = sshbuf_get_bignum1(copy, pub->rsa->e)) != 0)
3635 goto out;
3636
3637 /* Finally, the comment */
3638 if ((r = sshbuf_get_string(copy, (u_char**)commentp, NULL)) != 0)
3639 goto out;
3640
3641 /* The encrypted private part is not parsed by this function. */
3642
3643 r = 0;
3644 if (keyp != NULL) {
3645 *keyp = pub;
3646 pub = NULL;
3647 }
3648 out:
3649 sshbuf_free(copy);
3650 sshkey_free(pub);
3651 return r;
3652}
3653
3654static int
3655sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase,
3656 struct sshkey **keyp, char **commentp)
3657{
3658 int r;
3659 u_int16_t check1, check2;
3660 u_int8_t cipher_type;
3661 struct sshbuf *decrypted = NULL, *copy = NULL;
3662 u_char *cp;
3663 char *comment = NULL;
3664 struct sshcipher_ctx *ciphercontext = NULL;
3665 const struct sshcipher *cipher;
3666 struct sshkey *prv = NULL;
3667
3668 if (keyp != NULL)
3669 *keyp = NULL;
3670 if (commentp != NULL)
3671 *commentp = NULL;
3672
3673 /* Check that it is at least big enough to contain the ID string. */
3674 if (sshbuf_len(blob) < sizeof(LEGACY_BEGIN))
3675 return SSH_ERR_INVALID_FORMAT;
3676
3677 /*
3678 * Make sure it begins with the id string. Consume the id string
3679 * from the buffer.
3680 */
3681 if (memcmp(sshbuf_ptr(blob), LEGACY_BEGIN, sizeof(LEGACY_BEGIN)) != 0)
3682 return SSH_ERR_INVALID_FORMAT;
3683
3684 if ((prv = sshkey_new_private(KEY_RSA1)) == NULL) {
3685 r = SSH_ERR_ALLOC_FAIL;
3686 goto out;
3687 }
3688 if ((copy = sshbuf_fromb(blob)) == NULL ||
3689 (decrypted = sshbuf_new()) == NULL) {
3690 r = SSH_ERR_ALLOC_FAIL;
3691 goto out;
3692 }
3693 if ((r = sshbuf_consume(copy, sizeof(LEGACY_BEGIN))) != 0)
3694 goto out;
3695
3696 /* Read cipher type. */
3697 if ((r = sshbuf_get_u8(copy, &cipher_type)) != 0 ||
3698 (r = sshbuf_get_u32(copy, NULL)) != 0) /* reserved */
3699 goto out;
3700
3701 /* Read the public key and comment from the buffer. */
3702 if ((r = sshbuf_get_u32(copy, NULL)) != 0 || /* key bits */
3703 (r = sshbuf_get_bignum1(copy, prv->rsa->n)) != 0 ||
3704 (r = sshbuf_get_bignum1(copy, prv->rsa->e)) != 0 ||
3705 (r = sshbuf_get_cstring(copy, &comment, NULL)) != 0)
3706 goto out;
3707
3708 /* Check that it is a supported cipher. */
3709 cipher = cipher_by_number(cipher_type);
3710 if (cipher == NULL) {
3711 r = SSH_ERR_KEY_UNKNOWN_CIPHER;
3712 goto out;
3713 }
3714 /* Initialize space for decrypted data. */
3715 if ((r = sshbuf_reserve(decrypted, sshbuf_len(copy), &cp)) != 0)
3716 goto out;
3717
3718 /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */
3719 if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase,
3720 CIPHER_DECRYPT)) != 0)
3721 goto out;
3722 if ((r = cipher_crypt(ciphercontext, 0, cp,
3723 sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0)
3724 goto out;
3725
3726 if ((r = sshbuf_get_u16(decrypted, &check1)) != 0 ||
3727 (r = sshbuf_get_u16(decrypted, &check2)) != 0)
3728 goto out;
3729 if (check1 != check2) {
3730 r = SSH_ERR_KEY_WRONG_PASSPHRASE;
3731 goto out;
3732 }
3733
3734 /* Read the rest of the private key. */
3735 if ((r = sshbuf_get_bignum1(decrypted, prv->rsa->d)) != 0 ||
3736 (r = sshbuf_get_bignum1(decrypted, prv->rsa->iqmp)) != 0 ||
3737 (r = sshbuf_get_bignum1(decrypted, prv->rsa->q)) != 0 ||
3738 (r = sshbuf_get_bignum1(decrypted, prv->rsa->p)) != 0)
3739 goto out;
3740
3741 /* calculate p-1 and q-1 */
3742 if ((r = rsa_generate_additional_parameters(prv->rsa)) != 0)
3743 goto out;
3744
3745 /* enable blinding */
3746 if (RSA_blinding_on(prv->rsa, NULL) != 1) {
3747 r = SSH_ERR_LIBCRYPTO_ERROR;
3748 goto out;
3749 }
3750 r = 0;
3751 if (keyp != NULL) {
3752 *keyp = prv;
3753 prv = NULL;
3754 }
3755 if (commentp != NULL) {
3756 *commentp = comment;
3757 comment = NULL;
3758 }
3759 out:
3760 cipher_free(ciphercontext);
3761 free(comment);
3762 sshkey_free(prv);
3763 sshbuf_free(copy);
3764 sshbuf_free(decrypted);
3765 return r;
3766}
3767#endif /* WITH_SSH1 */
3768 3402
3769#ifdef WITH_OPENSSL 3403#ifdef WITH_OPENSSL
3770static int 3404static int
@@ -3910,11 +3544,6 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
3910 *commentp = NULL; 3544 *commentp = NULL;
3911 3545
3912 switch (type) { 3546 switch (type) {
3913#ifdef WITH_SSH1
3914 case KEY_RSA1:
3915 return sshkey_parse_private_rsa1(blob, passphrase,
3916 keyp, commentp);
3917#endif /* WITH_SSH1 */
3918#ifdef WITH_OPENSSL 3547#ifdef WITH_OPENSSL
3919 case KEY_DSA: 3548 case KEY_DSA:
3920 case KEY_ECDSA: 3549 case KEY_ECDSA:
@@ -3951,13 +3580,6 @@ sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase,
3951 if (commentp != NULL) 3580 if (commentp != NULL)
3952 *commentp = NULL; 3581 *commentp = NULL;
3953 3582
3954#ifdef WITH_SSH1
3955 /* it's a SSH v1 key if the public key part is readable */
3956 if (sshkey_parse_public_rsa1_fileblob(buffer, NULL, NULL) == 0) {
3957 return sshkey_parse_private_fileblob_type(buffer, KEY_RSA1,
3958 passphrase, keyp, commentp);
3959 }
3960#endif /* WITH_SSH1 */
3961 return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, 3583 return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC,
3962 passphrase, keyp, commentp); 3584 passphrase, keyp, commentp);
3963} 3585}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 07:41:17 +0000