diff options
| author | Damien Miller <djm@mindrot.org> | 2013-12-31 12:25:40 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2013-12-31 12:25:40 +1100 |
| commit | 324541e5264e1489ca0babfaf2b39612eb80dfb3 (patch) | |
| tree | 3adbfd162c3704e6aeb36f30ca09e4c04fbd25e2 /ssh-rsa.c | |
| parent | 9f4c8e797ea002a883307ca906f1f1f815010e78 (diff) | |
- djm@cvs.openbsd.org 2013/12/30 23:52:28
[auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c]
[sshconnect.c sshconnect2.c sshd.c]
refuse RSA keys from old proprietary clients/servers that use the
obsolete RSA+MD5 signature scheme. it will still be possible to connect
with these clients/servers but only DSA keys will be accepted, and we'll
deprecate them entirely in a future release. ok markus@
Diffstat (limited to 'ssh-rsa.c')
| -rw-r--r-- | ssh-rsa.c | 23 |
1 files changed, 3 insertions, 20 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-rsa.c,v 1.48 2013/12/27 22:37:18 djm Exp $ */ | 1 | /* $OpenBSD: ssh-rsa.c,v 1.49 2013/12/30 23:52:27 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> |
| 4 | * | 4 | * |
| @@ -53,7 +53,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
| 53 | return -1; | 53 | return -1; |
| 54 | } | 54 | } |
| 55 | 55 | ||
| 56 | nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; | 56 | nid = NID_sha1; |
| 57 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { | 57 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
| 58 | error("%s: EVP_get_digestbynid %d failed", __func__, nid); | 58 | error("%s: EVP_get_digestbynid %d failed", __func__, nid); |
| 59 | return -1; | 59 | return -1; |
| @@ -161,7 +161,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
| 161 | memset(sigblob, 0, diff); | 161 | memset(sigblob, 0, diff); |
| 162 | len = modlen; | 162 | len = modlen; |
| 163 | } | 163 | } |
| 164 | nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; | 164 | nid = NID_sha1; |
| 165 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { | 165 | if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { |
| 166 | error("%s: EVP_get_digestbynid %d failed", __func__, nid); | 166 | error("%s: EVP_get_digestbynid %d failed", __func__, nid); |
| 167 | free(sigblob); | 167 | free(sigblob); |
| @@ -196,18 +196,6 @@ static const u_char id_sha1[] = { | |||
| 196 | 0x05, 0x00, /* NULL */ | 196 | 0x05, 0x00, /* NULL */ |
| 197 | 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ | 197 | 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ |
| 198 | }; | 198 | }; |
| 199 | /* | ||
| 200 | * id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) | ||
| 201 | * rsadsi(113549) digestAlgorithm(2) 5 } | ||
| 202 | */ | ||
| 203 | static const u_char id_md5[] = { | ||
| 204 | 0x30, 0x20, /* type Sequence, length 0x20 (32) */ | ||
| 205 | 0x30, 0x0c, /* type Sequence, length 0x0c (12) */ | ||
| 206 | 0x06, 0x08, /* type OID, length 0x08 */ | ||
| 207 | 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, /* id-md5 */ | ||
| 208 | 0x05, 0x00, /* NULL */ | ||
| 209 | 0x04, 0x10 /* Octet string, length 0x10 (16), followed by md5 hash */ | ||
| 210 | }; | ||
| 211 | 199 | ||
| 212 | static int | 200 | static int |
| 213 | openssh_RSA_verify(int type, u_char *hash, u_int hashlen, | 201 | openssh_RSA_verify(int type, u_char *hash, u_int hashlen, |
| @@ -225,11 +213,6 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen, | |||
| 225 | oidlen = sizeof(id_sha1); | 213 | oidlen = sizeof(id_sha1); |
| 226 | hlen = 20; | 214 | hlen = 20; |
| 227 | break; | 215 | break; |
| 228 | case NID_md5: | ||
| 229 | oid = id_md5; | ||
| 230 | oidlen = sizeof(id_md5); | ||
| 231 | hlen = 16; | ||
| 232 | break; | ||
| 233 | default: | 216 | default: |
| 234 | goto done; | 217 | goto done; |
| 235 | } | 218 | } |