summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2013-11-09 18:39:25 +1100
committerDarren Tucker <dtucker@zip.com.au>2013-11-09 18:39:25 +1100
commit37bcef51b3d9d496caecea6394814d2f49a1357f (patch)
treec564402d96ca797f8b0248552ef78f4f9408ef8c
parent6e2fe81f926d995bae4be4a6b5b3c88c1c525187 (diff)
- (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the latter actually works before using it. Fedora (at least) has NID_secp521r1 that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
-rw-r--r--ChangeLog4
-rw-r--r--configure.ac122
-rw-r--r--kex.c2
-rw-r--r--key.c14
-rw-r--r--myproposal.h12
5 files changed, 133 insertions, 21 deletions
diff --git a/ChangeLog b/ChangeLog
index a6360197b..c8f249581 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,10 @@
4 [regress/test-exec.sh regress/rekey.sh] 4 [regress/test-exec.sh regress/rekey.sh]
5 Use smaller test data files to speed up tests. Grow test datafiles 5 Use smaller test data files to speed up tests. Grow test datafiles
6 where necessary for a specific test. 6 where necessary for a specific test.
7 - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
8 NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
9 latter actually works before using it. Fedora (at least) has NID_secp521r1
10 that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
7 11
820131108 1220131108
9 - (dtucker) OpenBSD CVS Sync 13 - (dtucker) OpenBSD CVS Sync
diff --git a/configure.ac b/configure.ac
index e31147c24..5d4793cae 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.540 2013/11/08 13:17:41 dtucker Exp $ 1# $Id: configure.ac,v 1.541 2013/11/09 07:39:25 dtucker Exp $
2# 2#
3# Copyright (c) 1999-2004 Damien Miller 3# Copyright (c) 1999-2004 Damien Miller
4# 4#
@@ -15,7 +15,7 @@
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 16
17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) 17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
18AC_REVISION($Revision: 1.540 $) 18AC_REVISION($Revision: 1.541 $)
19AC_CONFIG_SRCDIR([ssh.c]) 19AC_CONFIG_SRCDIR([ssh.c])
20AC_LANG([C]) 20AC_LANG([C])
21 21
@@ -2450,7 +2450,49 @@ AC_CHECK_FUNCS([SHA256_Update EVP_sha256], ,
2450) 2450)
2451 2451
2452# Check complete ECC support in OpenSSL 2452# Check complete ECC support in OpenSSL
2453AC_MSG_CHECKING([whether OpenSSL has complete ECC support]) 2453AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1])
2454AC_LINK_IFELSE(
2455 [AC_LANG_PROGRAM([[
2456#include <openssl/ec.h>
2457#include <openssl/ecdh.h>
2458#include <openssl/ecdsa.h>
2459#include <openssl/evp.h>
2460#include <openssl/objects.h>
2461#include <openssl/opensslv.h>
2462#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
2463# error "OpenSSL < 0.9.8g has unreliable ECC code"
2464#endif
2465 ]], [[
2466 EC_KEY *e = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
2467 const EVP_MD *m = EVP_sha256(); /* We need this too */
2468 ]])],
2469 [ AC_MSG_RESULT([yes])
2470 enable_nistp256=1 ],
2471 [ AC_MSG_RESULT([no]) ]
2472)
2473
2474AC_MSG_CHECKING([whether OpenSSL has NID_secp384r1])
2475AC_LINK_IFELSE(
2476 [AC_LANG_PROGRAM([[
2477#include <openssl/ec.h>
2478#include <openssl/ecdh.h>
2479#include <openssl/ecdsa.h>
2480#include <openssl/evp.h>
2481#include <openssl/objects.h>
2482#include <openssl/opensslv.h>
2483#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
2484# error "OpenSSL < 0.9.8g has unreliable ECC code"
2485#endif
2486 ]], [[
2487 EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp384r1);
2488 const EVP_MD *m = EVP_sha384(); /* We need this too */
2489 ]])],
2490 [ AC_MSG_RESULT([yes])
2491 enable_nistp384=1 ],
2492 [ AC_MSG_RESULT([no]) ]
2493)
2494
2495AC_MSG_CHECKING([whether OpenSSL has NID_secp521r1])
2454AC_LINK_IFELSE( 2496AC_LINK_IFELSE(
2455 [AC_LANG_PROGRAM([[ 2497 [AC_LANG_PROGRAM([[
2456#include <openssl/ec.h> 2498#include <openssl/ec.h>
@@ -2466,25 +2508,63 @@ AC_LINK_IFELSE(
2466 EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1); 2508 EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
2467 const EVP_MD *m = EVP_sha512(); /* We need this too */ 2509 const EVP_MD *m = EVP_sha512(); /* We need this too */
2468 ]])], 2510 ]])],
2469 [ 2511 [ AC_MSG_RESULT([yes])
2470 AC_MSG_RESULT([yes]) 2512 AC_MSG_CHECKING([if OpenSSL's NID_secp521r1 is functional])
2471 AC_DEFINE([OPENSSL_HAS_ECC], [1], 2513 AC_RUN_IFELSE(
2472 [libcrypto includes complete ECC support]) 2514 [AC_LANG_PROGRAM([[
2473 TEST_SSH_ECC=yes 2515#include <openssl/ec.h>
2474 COMMENT_OUT_ECC="" 2516#include <openssl/ecdh.h>
2475 ], 2517#include <openssl/ecdsa.h>
2476 [ 2518#include <openssl/evp.h>
2477 AC_MSG_RESULT([no]) 2519#include <openssl/objects.h>
2478 TEST_SSH_ECC=no 2520#include <openssl/opensslv.h>
2479 COMMENT_OUT_ECC="#no ecc#" 2521 ]],[[
2480 unsupported_algorithms="$unsupported_algorithms \ 2522 EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
2481 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 \ 2523 const EVP_MD *m = EVP_sha512(); /* We need this too */
2482 ecdsa-sha2-nistp256-cert-v01@openssh.com \ 2524 exit(e == NULL || m == NULL);
2483 ecdsa-sha2-nistp384-cert-v01@openssh.com \ 2525 ]])],
2484 ecdsa-sha2-nistp521-cert-v01@openssh.com \ 2526 [ AC_MSG_RESULT([yes])
2485 ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521" 2527 enable_nistp521=1 ],
2486 ] 2528 [ AC_MSG_RESULT([no]) ],
2529 [ AC_MSG_WARN([cross-compiling, assuming yes])
2530 enable_nistp521=1 ]
2531 ])
2532 AC_MSG_RESULT([no])
2487) 2533)
2534
2535COMMENT_OUT_ECC="#no ecc#"
2536TEST_SSH_ECC=no
2537
2538if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \
2539 x$enable_nistp521 = x1; then
2540 AC_DEFINE(OPENSSL_HAS_ECC, [1], [OpenSSL has ECC])
2541fi
2542if test x$enable_nistp256 = x1; then
2543 AC_DEFINE([OPENSSL_HAS_NISTP256], [1],
2544 [libcrypto has NID_X9_62_prime256v1])
2545 TEST_SSH_ECC=yes
2546 COMMENT_OUT_ECC=""
2547else
2548 unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp256 \
2549 ecdh-sha2-nistp256 ecdsa-sha2-nistp256-cert-v01@openssh.com"
2550fi
2551if test x$enable_nistp384 = x1; then
2552 AC_DEFINE([OPENSSL_HAS_NISTP384], [1], [libcrypto has NID_secp384r1])
2553 TEST_SSH_ECC=yes
2554 COMMENT_OUT_ECC=""
2555else
2556 unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp384 \
2557 ecdh-sha2-nistp384 ecdsa-sha2-nistp384-cert-v01@openssh.com"
2558fi
2559if test x$enable_nistp521 = x1; then
2560 AC_DEFINE([OPENSSL_HAS_NISTP521], [1], [libcrypto has NID_secp521r1])
2561 TEST_SSH_ECC=yes
2562 COMMENT_OUT_ECC=""
2563else
2564 unsupported_algorithms="$unsupported_algorithms ecdh-sha2-nistp521 \
2565 ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com"
2566fi
2567
2488AC_SUBST([TEST_SSH_ECC]) 2568AC_SUBST([TEST_SSH_ECC])
2489AC_SUBST([COMMENT_OUT_ECC]) 2569AC_SUBST([COMMENT_OUT_ECC])
2490 2570
diff --git a/kex.c b/kex.c
index 59cb448cd..b38bae0f0 100644
--- a/kex.c
+++ b/kex.c
@@ -78,7 +78,9 @@ static const struct kexalg kexalgs[] = {
78#ifdef OPENSSL_HAS_ECC 78#ifdef OPENSSL_HAS_ECC
79 { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, NID_X9_62_prime256v1, EVP_sha256 }, 79 { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, NID_X9_62_prime256v1, EVP_sha256 },
80 { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, EVP_sha384 }, 80 { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, EVP_sha384 },
81# ifdef OPENSSL_HAS_NISTP521
81 { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, EVP_sha512 }, 82 { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, EVP_sha512 },
83# endif
82#endif 84#endif
83#ifdef HAVE_EVP_SHA256 85#ifdef HAVE_EVP_SHA256
84 { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, EVP_sha256 }, 86 { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, EVP_sha256 },
diff --git a/key.c b/key.c
index 90f0a0173..bc84953f3 100644
--- a/key.c
+++ b/key.c
@@ -918,7 +918,9 @@ static const struct keytype keytypes[] = {
918#ifdef OPENSSL_HAS_ECC 918#ifdef OPENSSL_HAS_ECC
919 { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 }, 919 { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 },
920 { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 }, 920 { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 },
921# ifdef OPENSSL_HAS_NISTP521
921 { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0 }, 922 { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0 },
923# endif
922#endif /* OPENSSL_HAS_ECC */ 924#endif /* OPENSSL_HAS_ECC */
923 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1 }, 925 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1 },
924 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1 }, 926 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1 },
@@ -927,8 +929,10 @@ static const struct keytype keytypes[] = {
927 KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1 }, 929 KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1 },
928 { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT", 930 { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT",
929 KEY_ECDSA_CERT, NID_secp384r1, 1 }, 931 KEY_ECDSA_CERT, NID_secp384r1, 1 },
932# ifdef OPENSSL_HAS_NISTP521
930 { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", 933 { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT",
931 KEY_ECDSA_CERT, NID_secp521r1, 1 }, 934 KEY_ECDSA_CERT, NID_secp521r1, 1 },
935# endif
932#endif /* OPENSSL_HAS_ECC */ 936#endif /* OPENSSL_HAS_ECC */
933 { "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00", 937 { "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00",
934 KEY_RSA_CERT_V00, 0, 1 }, 938 KEY_RSA_CERT_V00, 0, 1 },
@@ -1100,8 +1104,10 @@ key_ecdsa_bits_to_nid(int bits)
1100 return NID_X9_62_prime256v1; 1104 return NID_X9_62_prime256v1;
1101 case 384: 1105 case 384:
1102 return NID_secp384r1; 1106 return NID_secp384r1;
1107# ifdef HAVE_OPENSSL_NISTP521
1103 case 521: 1108 case 521:
1104 return NID_secp521r1; 1109 return NID_secp521r1;
1110# endif
1105#endif 1111#endif
1106 default: 1112 default:
1107 return -1; 1113 return -1;
@@ -1116,7 +1122,9 @@ key_ecdsa_key_to_nid(EC_KEY *k)
1116 int nids[] = { 1122 int nids[] = {
1117 NID_X9_62_prime256v1, 1123 NID_X9_62_prime256v1,
1118 NID_secp384r1, 1124 NID_secp384r1,
1125# ifdef OPENSSL_HAS_NISTP521
1119 NID_secp521r1, 1126 NID_secp521r1,
1127# endif
1120 -1 1128 -1
1121 }; 1129 };
1122 int nid; 1130 int nid;
@@ -2031,8 +2039,10 @@ key_curve_name_to_nid(const char *name)
2031 return NID_X9_62_prime256v1; 2039 return NID_X9_62_prime256v1;
2032 else if (strcmp(name, "nistp384") == 0) 2040 else if (strcmp(name, "nistp384") == 0)
2033 return NID_secp384r1; 2041 return NID_secp384r1;
2042# ifdef OPENSSL_HAS_NISTP521
2034 else if (strcmp(name, "nistp521") == 0) 2043 else if (strcmp(name, "nistp521") == 0)
2035 return NID_secp521r1; 2044 return NID_secp521r1;
2045# endif
2036#endif 2046#endif
2037 2047
2038 debug("%s: unsupported EC curve name \"%.100s\"", __func__, name); 2048 debug("%s: unsupported EC curve name \"%.100s\"", __func__, name);
@@ -2048,8 +2058,10 @@ key_curve_nid_to_bits(int nid)
2048 return 256; 2058 return 256;
2049 case NID_secp384r1: 2059 case NID_secp384r1:
2050 return 384; 2060 return 384;
2061# ifdef OPENSSL_NAS_NISTP521
2051 case NID_secp521r1: 2062 case NID_secp521r1:
2052 return 521; 2063 return 521;
2064# endif
2053#endif 2065#endif
2054 default: 2066 default:
2055 error("%s: unsupported EC curve nid %d", __func__, nid); 2067 error("%s: unsupported EC curve nid %d", __func__, nid);
@@ -2065,8 +2077,10 @@ key_curve_nid_to_name(int nid)
2065 return "nistp256"; 2077 return "nistp256";
2066 else if (nid == NID_secp384r1) 2078 else if (nid == NID_secp384r1)
2067 return "nistp384"; 2079 return "nistp384";
2080# ifdef OPENSSL_HAS_NISTP521
2068 else if (nid == NID_secp521r1) 2081 else if (nid == NID_secp521r1)
2069 return "nistp521"; 2082 return "nistp521";
2083# endif
2070#endif 2084#endif
2071 error("%s: unsupported EC curve nid %d", __func__, nid); 2085 error("%s: unsupported EC curve nid %d", __func__, nid);
2072 return NULL; 2086 return NULL;
diff --git a/myproposal.h b/myproposal.h
index 56f8c4a84..8da2ac91f 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -29,6 +29,7 @@
29/* conditional algorithm support */ 29/* conditional algorithm support */
30 30
31#ifdef OPENSSL_HAS_ECC 31#ifdef OPENSSL_HAS_ECC
32#ifdef OPENSSL_HAS_NISTP521
32# define KEX_ECDH_METHODS \ 33# define KEX_ECDH_METHODS \
33 "ecdh-sha2-nistp256," \ 34 "ecdh-sha2-nistp256," \
34 "ecdh-sha2-nistp384," \ 35 "ecdh-sha2-nistp384," \
@@ -42,6 +43,17 @@
42 "ecdsa-sha2-nistp384," \ 43 "ecdsa-sha2-nistp384," \
43 "ecdsa-sha2-nistp521," 44 "ecdsa-sha2-nistp521,"
44#else 45#else
46# define KEX_ECDH_METHODS \
47 "ecdh-sha2-nistp256," \
48 "ecdh-sha2-nistp384,"
49# define HOSTKEY_ECDSA_CERT_METHODS \
50 "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
51 "ecdsa-sha2-nistp384-cert-v01@openssh.com,"
52# define HOSTKEY_ECDSA_METHODS \
53 "ecdsa-sha2-nistp256," \
54 "ecdsa-sha2-nistp384,"
55#endif
56#else
45# define KEX_ECDH_METHODS 57# define KEX_ECDH_METHODS
46# define HOSTKEY_ECDSA_CERT_METHODS 58# define HOSTKEY_ECDSA_CERT_METHODS
47# define HOSTKEY_ECDSA_METHODS 59# define HOSTKEY_ECDSA_METHODS