upstream: remove legacy key emulation layer; ok djm@

OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
author: markus@openbsd.org <markus@openbsd.org> 2018-07-11 18:53:29 +0000
committer: Damien Miller <djm@mindrot.org> 2018-07-12 13:18:25 +1000
commit: 5467fbcb09528ecdcb914f4f2452216c24796790 (patch)
tree: 8fcef797ece697250f4c67d57a5063d6316fd203 /sshd.c
parent: 5dc4c59d5441a19c99e7945779f7ec9051126c25 (diff)
1 files changed, 38 insertions, 31 deletions
diff --git a/sshd.c b/sshd.c
index ef1dbd170..d7d6f2b26 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.511 2018/07/09 21:29:36 markus Exp $ */
+/* $OpenBSD: sshd.c,v 1.512 2018/07/11 18:53:29 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -99,7 +99,7 @@
 #include "compat.h"
 #include "cipher.h"
 #include "digest.h"
-#include "key.h"
+#include "sshkey.h"
 #include "kex.h"
 #include "myproposal.h"
 #include "authfile.h"
@@ -473,11 +473,11 @@ destroy_sensitive_data(void)
        for (i = 0; i < options.num_host_key_files; i++) {
                if (sensitive_data.host_keys[i]) {
-                        key_free(sensitive_data.host_keys[i]);
+                        sshkey_free(sensitive_data.host_keys[i]);
                        sensitive_data.host_keys[i] = NULL;
                }
                if (sensitive_data.host_certificates[i]) {
-                        key_free(sensitive_data.host_certificates[i]);
+                        sshkey_free(sensitive_data.host_certificates[i]);
                        sensitive_data.host_certificates[i] = NULL;
                }
        }
@@ -489,11 +489,16 @@ demote_sensitive_data(void)
 {
        struct sshkey *tmp;
        u_int i;
+        int r;
        for (i = 0; i < options.num_host_key_files; i++) {
                if (sensitive_data.host_keys[i]) {
-                        tmp = key_demote(sensitive_data.host_keys[i]);
+                        if ((r = sshkey_demote(sensitive_data.host_keys[i],
-                        key_free(sensitive_data.host_keys[i]);
+                            &tmp)) != 0)
+                                fatal("could not demote host %s key: %s",
+                                    sshkey_type(sensitive_data.host_keys[i]),
+                                    ssh_err(r));
+                        sshkey_free(sensitive_data.host_keys[i]);
                        sensitive_data.host_keys[i] = tmp;
                }
                /* Certs do not need demotion */
@@ -814,7 +819,7 @@ get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh)
        u_int i;
        for (i = 0; i < options.num_host_key_files; i++) {
-                if (key_is_cert(key)) {
+                if (sshkey_is_cert(key)) {
                        if (key == sensitive_data.host_certificates[i] ||
                            (compare && sensitive_data.host_certificates[i] &&
                            sshkey_equal(key,
@@ -1758,11 +1763,18 @@ main(int ac, char **av)
        for (i = 0; i < options.num_host_key_files; i++) {
                if (options.host_key_files[i] == NULL)
                        continue;
-                key = key_load_private(options.host_key_files[i], "", NULL);
+                if ((r = sshkey_load_private(options.host_key_files[i], "",
-                pubkey = key_load_public(options.host_key_files[i], NULL);
+                    &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
+                        error("Error loading host key \"%s\": %s",
+                            options.host_key_files[i], ssh_err(r));
+                if ((r = sshkey_load_public(options.host_key_files[i],
+                    &pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
+                        error("Error loading host key \"%s\": %s",
+                            options.host_key_files[i], ssh_err(r));
                if (pubkey == NULL && key != NULL)
-                        pubkey = key_demote(key);
+                        if ((r = sshkey_demote(key, &pubkey)) != 0)
+                                fatal("Could not demote key: \"%s\": %s",
+                                    options.host_key_files[i], ssh_err(r));
                sensitive_data.host_keys[i] = key;
                sensitive_data.host_pubkeys[i] = pubkey;
@@ -1816,21 +1828,21 @@ main(int ac, char **av)
        for (i = 0; i < options.num_host_cert_files; i++) {
                if (options.host_cert_files[i] == NULL)
                        continue;
-                key = key_load_public(options.host_cert_files[i], NULL);
+                if ((r = sshkey_load_public(options.host_cert_files[i],
-                if (key == NULL) {
+                    &key, NULL)) != 0) {
-                        error("Could not load host certificate: %s",
+                        error("Could not load host certificate \"%s\": %s",
-                            options.host_cert_files[i]);
+                            options.host_cert_files[i], ssh_err(r));
                        continue;
                }
-                if (!key_is_cert(key)) {
+                if (!sshkey_is_cert(key)) {
                        error("Certificate file is not a certificate: %s",
                            options.host_cert_files[i]);
-                        key_free(key);
+                        sshkey_free(key);
                        continue;
                }
                /* Find matching private key */
                for (j = 0; j < options.num_host_key_files; j++) {
-                        if (key_equal_public(key,
+                        if (sshkey_equal_public(key,
                            sensitive_data.host_keys[j])) {
                                sensitive_data.host_certificates[j] = key;
                                break;
@@ -1839,12 +1851,12 @@ main(int ac, char **av)
                if (j >= options.num_host_key_files) {
                        error("No matching private key for certificate: %s",
                            options.host_cert_files[i]);
-                        key_free(key);
+                        sshkey_free(key);
                        continue;
                }
                sensitive_data.host_certificates[j] = key;
                debug("host certificate: #%u type %d %s", j, key->type,
-                    key_type(key));
+                    sshkey_type(key));
        }
        if (privsep_chroot) {
@@ -2225,26 +2237,21 @@ main(int ac, char **av)
 int
 sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey,
-    u_char **signature, size_t *slen, const u_char *data, size_t dlen,
+    u_char **signature, size_t *slenp, const u_char *data, size_t dlen,
    const char *alg, u_int flag)
 {
        int r;
-        u_int xxx_slen, xxx_dlen = dlen;
        if (privkey) {
-                if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen,
+                if (PRIVSEP(sshkey_sign(privkey, signature, slenp, data, dlen,
-                    alg) < 0))
+                    alg, datafellows)) < 0)
                        fatal("%s: key_sign failed", __func__);
-                if (slen)
-                        *slen = xxx_slen;
        } else if (use_privsep) {
-                if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen,
+                if (mm_sshkey_sign(pubkey, signature, slenp, data, dlen,
-                    alg) < 0)
+                    alg, datafellows) < 0)
                        fatal("%s: pubkey_sign failed", __func__);
-                if (slen)
-                        *slen = xxx_slen;
        } else {
-                if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen,
+                if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slenp,
                    data, dlen, alg, datafellows)) != 0)
                        fatal("%s: ssh_agent_sign failed: %s",
                            __func__, ssh_err(r));
author	markus@openbsd.org <markus@openbsd.org>	2018-07-11 18:53:29 +0000
committer	Damien Miller <djm@mindrot.org>	2018-07-12 13:18:25 +1000
commit	5467fbcb09528ecdcb914f4f2452216c24796790 (patch)
tree	8fcef797ece697250f4c67d57a5063d6316fd203 /sshd.c
parent	5dc4c59d5441a19c99e7945779f7ec9051126c25 (diff)

diff --git a/sshd.c b/sshd.c index ef1dbd170..d7d6f2b26 100644 --- a/sshd.c +++ b/sshd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshd.c,v 1.511 2018/07/09 21:29:36 markus Exp $ */	1	/* $OpenBSD: sshd.c,v 1.512 2018/07/11 18:53:29 markus Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -99,7 +99,7 @@
99	#include "compat.h"	99	#include "compat.h"
100	#include "cipher.h"	100	#include "cipher.h"
101	#include "digest.h"	101	#include "digest.h"
102	#include "key.h"	102	#include "sshkey.h"
103	#include "kex.h"	103	#include "kex.h"
104	#include "myproposal.h"	104	#include "myproposal.h"
105	#include "authfile.h"	105	#include "authfile.h"
@@ -473,11 +473,11 @@ destroy_sensitive_data(void)
473		473
474	for (i = 0; i < options.num_host_key_files; i++) {	474	for (i = 0; i < options.num_host_key_files; i++) {
475	if (sensitive_data.host_keys[i]) {	475	if (sensitive_data.host_keys[i]) {
476	key_free(sensitive_data.host_keys[i]);	476	sshkey_free(sensitive_data.host_keys[i]);
477	sensitive_data.host_keys[i] = NULL;	477	sensitive_data.host_keys[i] = NULL;
478	}	478	}
479	if (sensitive_data.host_certificates[i]) {	479	if (sensitive_data.host_certificates[i]) {
480	key_free(sensitive_data.host_certificates[i]);	480	sshkey_free(sensitive_data.host_certificates[i]);
481	sensitive_data.host_certificates[i] = NULL;	481	sensitive_data.host_certificates[i] = NULL;
482	}	482	}
483	}	483	}
@@ -489,11 +489,16 @@ demote_sensitive_data(void)
489	{	489	{
490	struct sshkey *tmp;	490	struct sshkey *tmp;
491	u_int i;	491	u_int i;
		492	int r;
492		493
493	for (i = 0; i < options.num_host_key_files; i++) {	494	for (i = 0; i < options.num_host_key_files; i++) {
494	if (sensitive_data.host_keys[i]) {	495	if (sensitive_data.host_keys[i]) {
495	tmp = key_demote(sensitive_data.host_keys[i]);	496	if ((r = sshkey_demote(sensitive_data.host_keys[i],
496	key_free(sensitive_data.host_keys[i]);	497	&tmp)) != 0)
		498	fatal("could not demote host %s key: %s",
		499	sshkey_type(sensitive_data.host_keys[i]),
		500	ssh_err(r));
		501	sshkey_free(sensitive_data.host_keys[i]);
497	sensitive_data.host_keys[i] = tmp;	502	sensitive_data.host_keys[i] = tmp;
498	}	503	}
499	/* Certs do not need demotion */	504	/* Certs do not need demotion */
@@ -814,7 +819,7 @@ get_hostkey_index(struct sshkey key, int compare, struct ssh ssh)
814	u_int i;	819	u_int i;
815		820
816	for (i = 0; i < options.num_host_key_files; i++) {	821	for (i = 0; i < options.num_host_key_files; i++) {
817	if (key_is_cert(key)) {	822	if (sshkey_is_cert(key)) {
818	if (key == sensitive_data.host_certificates[i] \|\|	823	if (key == sensitive_data.host_certificates[i] \|\|
819	(compare && sensitive_data.host_certificates[i] &&	824	(compare && sensitive_data.host_certificates[i] &&
820	sshkey_equal(key,	825	sshkey_equal(key,
@@ -1758,11 +1763,18 @@ main(int ac, char **av)
1758	for (i = 0; i < options.num_host_key_files; i++) {	1763	for (i = 0; i < options.num_host_key_files; i++) {
1759	if (options.host_key_files[i] == NULL)	1764	if (options.host_key_files[i] == NULL)
1760	continue;	1765	continue;
1761	key = key_load_private(options.host_key_files[i], "", NULL);	1766	if ((r = sshkey_load_private(options.host_key_files[i], "",
1762	pubkey = key_load_public(options.host_key_files[i], NULL);	1767	&key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
1763		1768	error("Error loading host key \"%s\": %s",
		1769	options.host_key_files[i], ssh_err(r));
		1770	if ((r = sshkey_load_public(options.host_key_files[i],
		1771	&pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
		1772	error("Error loading host key \"%s\": %s",
		1773	options.host_key_files[i], ssh_err(r));
1764	if (pubkey == NULL && key != NULL)	1774	if (pubkey == NULL && key != NULL)
1765	pubkey = key_demote(key);	1775	if ((r = sshkey_demote(key, &pubkey)) != 0)
		1776	fatal("Could not demote key: \"%s\": %s",
		1777	options.host_key_files[i], ssh_err(r));
1766	sensitive_data.host_keys[i] = key;	1778	sensitive_data.host_keys[i] = key;
1767	sensitive_data.host_pubkeys[i] = pubkey;	1779	sensitive_data.host_pubkeys[i] = pubkey;
1768		1780
@@ -1816,21 +1828,21 @@ main(int ac, char **av)
1816	for (i = 0; i < options.num_host_cert_files; i++) {	1828	for (i = 0; i < options.num_host_cert_files; i++) {
1817	if (options.host_cert_files[i] == NULL)	1829	if (options.host_cert_files[i] == NULL)
1818	continue;	1830	continue;
1819	key = key_load_public(options.host_cert_files[i], NULL);	1831	if ((r = sshkey_load_public(options.host_cert_files[i],
1820	if (key == NULL) {	1832	&key, NULL)) != 0) {
1821	error("Could not load host certificate: %s",	1833	error("Could not load host certificate \"%s\": %s",
1822	options.host_cert_files[i]);	1834	options.host_cert_files[i], ssh_err(r));
1823	continue;	1835	continue;
1824	}	1836	}
1825	if (!key_is_cert(key)) {	1837	if (!sshkey_is_cert(key)) {
1826	error("Certificate file is not a certificate: %s",	1838	error("Certificate file is not a certificate: %s",
1827	options.host_cert_files[i]);	1839	options.host_cert_files[i]);
1828	key_free(key);	1840	sshkey_free(key);
1829	continue;	1841	continue;
1830	}	1842	}
1831	/* Find matching private key */	1843	/* Find matching private key */
1832	for (j = 0; j < options.num_host_key_files; j++) {	1844	for (j = 0; j < options.num_host_key_files; j++) {
1833	if (key_equal_public(key,	1845	if (sshkey_equal_public(key,
1834	sensitive_data.host_keys[j])) {	1846	sensitive_data.host_keys[j])) {
1835	sensitive_data.host_certificates[j] = key;	1847	sensitive_data.host_certificates[j] = key;
1836	break;	1848	break;
@@ -1839,12 +1851,12 @@ main(int ac, char **av)
1839	if (j >= options.num_host_key_files) {	1851	if (j >= options.num_host_key_files) {
1840	error("No matching private key for certificate: %s",	1852	error("No matching private key for certificate: %s",
1841	options.host_cert_files[i]);	1853	options.host_cert_files[i]);
1842	key_free(key);	1854	sshkey_free(key);
1843	continue;	1855	continue;
1844	}	1856	}
1845	sensitive_data.host_certificates[j] = key;	1857	sensitive_data.host_certificates[j] = key;
1846	debug("host certificate: #%u type %d %s", j, key->type,	1858	debug("host certificate: #%u type %d %s", j, key->type,
1847	key_type(key));	1859	sshkey_type(key));
1848	}	1860	}
1849		1861
1850	if (privsep_chroot) {	1862	if (privsep_chroot) {
@@ -2225,26 +2237,21 @@ main(int ac, char **av)
2225		2237
2226	int	2238	int
2227	sshd_hostkey_sign(struct sshkey privkey, struct sshkey pubkey,	2239	sshd_hostkey_sign(struct sshkey privkey, struct sshkey pubkey,
2228	u_char *signature, size_t slen, const u_char *data, size_t dlen,	2240	u_char *signature, size_t slenp, const u_char *data, size_t dlen,
2229	const char *alg, u_int flag)	2241	const char *alg, u_int flag)
2230	{	2242	{
2231	int r;	2243	int r;
2232	u_int xxx_slen, xxx_dlen = dlen;
2233		2244
2234	if (privkey) {	2245	if (privkey) {
2235	if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen,	2246	if (PRIVSEP(sshkey_sign(privkey, signature, slenp, data, dlen,
2236	alg) < 0))	2247	alg, datafellows)) < 0)
2237	fatal("%s: key_sign failed", __func__);	2248	fatal("%s: key_sign failed", __func__);
2238	if (slen)
2239	*slen = xxx_slen;
2240	} else if (use_privsep) {	2249	} else if (use_privsep) {
2241	if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen,	2250	if (mm_sshkey_sign(pubkey, signature, slenp, data, dlen,
2242	alg) < 0)	2251	alg, datafellows) < 0)
2243	fatal("%s: pubkey_sign failed", __func__);	2252	fatal("%s: pubkey_sign failed", __func__);
2244	if (slen)
2245	*slen = xxx_slen;
2246	} else {	2253	} else {
2247	if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen,	2254	if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slenp,
2248	data, dlen, alg, datafellows)) != 0)	2255	data, dlen, alg, datafellows)) != 0)
2249	fatal("%s: ssh_agent_sign failed: %s",	2256	fatal("%s: ssh_agent_sign failed: %s",
2250	__func__, ssh_err(r));	2257	__func__, ssh_err(r));