diff options
author | Damien Miller <djm@mindrot.org> | 2013-12-31 12:25:40 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2013-12-31 12:25:40 +1100 |
commit | 324541e5264e1489ca0babfaf2b39612eb80dfb3 (patch) | |
tree | 3adbfd162c3704e6aeb36f30ca09e4c04fbd25e2 /ssh-rsa.c | |
parent | 9f4c8e797ea002a883307ca906f1f1f815010e78 (diff) |
- djm@cvs.openbsd.org 2013/12/30 23:52:28
[auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c]
[sshconnect.c sshconnect2.c sshd.c]
refuse RSA keys from old proprietary clients/servers that use the
obsolete RSA+MD5 signature scheme. it will still be possible to connect
with these clients/servers but only DSA keys will be accepted, and we'll
deprecate them entirely in a future release. ok markus@
Diffstat (limited to 'ssh-rsa.c')
-rw-r--r-- | ssh-rsa.c | 23 |
1 files changed, 3 insertions, 20 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-rsa.c,v 1.48 2013/12/27 22:37:18 djm Exp $ */ | 1 | /* $OpenBSD: ssh-rsa.c,v 1.49 2013/12/30 23:52:27 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> |
4 | * | 4 | * |
@@ -53,7 +53,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
53 | return -1; | 53 | return -1; |
54 | } | 54 | } |
55 | 55 | ||
56 | nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; | 56 | nid = NID_sha1; |
57 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { | 57 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
58 | error("%s: EVP_get_digestbynid %d failed", __func__, nid); | 58 | error("%s: EVP_get_digestbynid %d failed", __func__, nid); |
59 | return -1; | 59 | return -1; |
@@ -161,7 +161,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
161 | memset(sigblob, 0, diff); | 161 | memset(sigblob, 0, diff); |
162 | len = modlen; | 162 | len = modlen; |
163 | } | 163 | } |
164 | nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; | 164 | nid = NID_sha1; |
165 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { | 165 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
166 | error("%s: EVP_get_digestbynid %d failed", __func__, nid); | 166 | error("%s: EVP_get_digestbynid %d failed", __func__, nid); |
167 | free(sigblob); | 167 | free(sigblob); |
@@ -196,18 +196,6 @@ static const u_char id_sha1[] = { | |||
196 | 0x05, 0x00, /* NULL */ | 196 | 0x05, 0x00, /* NULL */ |
197 | 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ | 197 | 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ |
198 | }; | 198 | }; |
199 | /* | ||
200 | * id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) | ||
201 | * rsadsi(113549) digestAlgorithm(2) 5 } | ||
202 | */ | ||
203 | static const u_char id_md5[] = { | ||
204 | 0x30, 0x20, /* type Sequence, length 0x20 (32) */ | ||
205 | 0x30, 0x0c, /* type Sequence, length 0x0c (12) */ | ||
206 | 0x06, 0x08, /* type OID, length 0x08 */ | ||
207 | 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, /* id-md5 */ | ||
208 | 0x05, 0x00, /* NULL */ | ||
209 | 0x04, 0x10 /* Octet string, length 0x10 (16), followed by md5 hash */ | ||
210 | }; | ||
211 | 199 | ||
212 | static int | 200 | static int |
213 | openssh_RSA_verify(int type, u_char *hash, u_int hashlen, | 201 | openssh_RSA_verify(int type, u_char *hash, u_int hashlen, |
@@ -225,11 +213,6 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen, | |||
225 | oidlen = sizeof(id_sha1); | 213 | oidlen = sizeof(id_sha1); |
226 | hlen = 20; | 214 | hlen = 20; |
227 | break; | 215 | break; |
228 | case NID_md5: | ||
229 | oid = id_md5; | ||
230 | oidlen = sizeof(id_md5); | ||
231 | hlen = 16; | ||
232 | break; | ||
233 | default: | 216 | default: |
234 | goto done; | 217 | goto done; |
235 | } | 218 | } |