summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog4
-rw-r--r--authfd.c2
-rw-r--r--authfile.c4
-rw-r--r--bufec.c3
-rw-r--r--buffer.h2
-rw-r--r--configure.ac26
-rw-r--r--kex.h5
-rw-r--r--kexecdh.c3
-rw-r--r--kexecdhc.c13
-rw-r--r--kexecdhs.c13
-rw-r--r--key.c67
-rw-r--r--key.h10
-rw-r--r--myproposal.h53
-rw-r--r--packet.c4
-rw-r--r--readconf.c3
-rw-r--r--ssh-agent.c4
-rw-r--r--ssh-ecdsa.c4
-rw-r--r--ssh-keygen.c6
-rw-r--r--ssh.c10
19 files changed, 200 insertions, 36 deletions
diff --git a/ChangeLog b/ChangeLog
index 87fee3bf0..742e966c5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -62,6 +62,10 @@
62 client. 62 client.
63 63
64 ok naddy@ 64 ok naddy@
65 - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
66 [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
67 [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
68 platforms that don't have the requisite OpenSSL support. ok dtucker@
65 69
6620100831 7020100831
67 - OpenBSD CVS Sync 71 - OpenBSD CVS Sync
diff --git a/authfd.c b/authfd.c
index ec537d2e9..c11c3f5a8 100644
--- a/authfd.c
+++ b/authfd.c
@@ -509,6 +509,7 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
509 buffer_len(&key->cert->certblob)); 509 buffer_len(&key->cert->certblob));
510 buffer_put_bignum2(b, key->dsa->priv_key); 510 buffer_put_bignum2(b, key->dsa->priv_key);
511 break; 511 break;
512#ifdef OPENSSL_HAS_ECC
512 case KEY_ECDSA: 513 case KEY_ECDSA:
513 buffer_put_cstring(b, key_curve_nid_to_name(key->ecdsa_nid)); 514 buffer_put_cstring(b, key_curve_nid_to_name(key->ecdsa_nid));
514 buffer_put_ecpoint(b, EC_KEY_get0_group(key->ecdsa), 515 buffer_put_ecpoint(b, EC_KEY_get0_group(key->ecdsa),
@@ -522,6 +523,7 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
522 buffer_len(&key->cert->certblob)); 523 buffer_len(&key->cert->certblob));
523 buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa)); 524 buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa));
524 break; 525 break;
526#endif
525 } 527 }
526 buffer_put_cstring(b, comment); 528 buffer_put_cstring(b, comment);
527} 529}
diff --git a/authfile.c b/authfile.c
index 20ac8c76d..b1e3eda5c 100644
--- a/authfile.c
+++ b/authfile.c
@@ -213,10 +213,12 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
213 success = PEM_write_DSAPrivateKey(fp, key->dsa, 213 success = PEM_write_DSAPrivateKey(fp, key->dsa,
214 cipher, passphrase, len, NULL, NULL); 214 cipher, passphrase, len, NULL, NULL);
215 break; 215 break;
216#ifdef OPENSSL_HAS_ECC
216 case KEY_ECDSA: 217 case KEY_ECDSA:
217 success = PEM_write_ECPrivateKey(fp, key->ecdsa, 218 success = PEM_write_ECPrivateKey(fp, key->ecdsa,
218 cipher, passphrase, len, NULL, NULL); 219 cipher, passphrase, len, NULL, NULL);
219 break; 220 break;
221#endif
220 case KEY_RSA: 222 case KEY_RSA:
221 success = PEM_write_RSAPrivateKey(fp, key->rsa, 223 success = PEM_write_RSAPrivateKey(fp, key->rsa,
222 cipher, passphrase, len, NULL, NULL); 224 cipher, passphrase, len, NULL, NULL);
@@ -515,6 +517,7 @@ key_load_private_pem(int fd, int type, const char *passphrase,
515#ifdef DEBUG_PK 517#ifdef DEBUG_PK
516 DSA_print_fp(stderr, prv->dsa, 8); 518 DSA_print_fp(stderr, prv->dsa, 8);
517#endif 519#endif
520#ifdef OPENSSL_HAS_ECC
518 } else if (pk->type == EVP_PKEY_EC && 521 } else if (pk->type == EVP_PKEY_EC &&
519 (type == KEY_UNSPEC||type==KEY_ECDSA)) { 522 (type == KEY_UNSPEC||type==KEY_ECDSA)) {
520 prv = key_new(KEY_UNSPEC); 523 prv = key_new(KEY_UNSPEC);
@@ -538,6 +541,7 @@ key_load_private_pem(int fd, int type, const char *passphrase,
538 if (prv->ecdsa != NULL) 541 if (prv->ecdsa != NULL)
539 key_dump_ec_key(prv->ecdsa); 542 key_dump_ec_key(prv->ecdsa);
540#endif 543#endif
544#endif /* OPENSSL_HAS_ECC */
541 } else { 545 } else {
542 error("PEM_read_PrivateKey: mismatch or " 546 error("PEM_read_PrivateKey: mismatch or "
543 "unknown EVP_PKEY save_type %d", pk->save_type); 547 "unknown EVP_PKEY save_type %d", pk->save_type);
diff --git a/bufec.c b/bufec.c
index c77d1ecb9..3dcb49477 100644
--- a/bufec.c
+++ b/bufec.c
@@ -17,6 +17,8 @@
17 17
18#include "includes.h" 18#include "includes.h"
19 19
20#ifdef OPENSSL_HAS_ECC
21
20#include <sys/types.h> 22#include <sys/types.h>
21 23
22#include <openssl/bn.h> 24#include <openssl/bn.h>
@@ -141,3 +143,4 @@ buffer_get_ecpoint(Buffer *buffer, const EC_GROUP *curve,
141 fatal("%s: buffer error", __func__); 143 fatal("%s: buffer error", __func__);
142} 144}
143 145
146#endif /* OPENSSL_HAS_ECC */
diff --git a/buffer.h b/buffer.h
index 1fb3f1666..e2a9dd100 100644
--- a/buffer.h
+++ b/buffer.h
@@ -86,11 +86,13 @@ char *buffer_get_cstring_ret(Buffer *, u_int *);
86void *buffer_get_string_ptr_ret(Buffer *, u_int *); 86void *buffer_get_string_ptr_ret(Buffer *, u_int *);
87int buffer_get_char_ret(char *, Buffer *); 87int buffer_get_char_ret(char *, Buffer *);
88 88
89#ifdef OPENSSL_HAS_ECC
89#include <openssl/ec.h> 90#include <openssl/ec.h>
90 91
91int buffer_put_ecpoint_ret(Buffer *, const EC_GROUP *, const EC_POINT *); 92int buffer_put_ecpoint_ret(Buffer *, const EC_GROUP *, const EC_POINT *);
92void buffer_put_ecpoint(Buffer *, const EC_GROUP *, const EC_POINT *); 93void buffer_put_ecpoint(Buffer *, const EC_GROUP *, const EC_POINT *);
93int buffer_get_ecpoint_ret(Buffer *, const EC_GROUP *, EC_POINT *); 94int buffer_get_ecpoint_ret(Buffer *, const EC_GROUP *, EC_POINT *);
94void buffer_get_ecpoint(Buffer *, const EC_GROUP *, EC_POINT *); 95void buffer_get_ecpoint(Buffer *, const EC_GROUP *, EC_POINT *);
96#endif
95 97
96#endif /* BUFFER_H */ 98#endif /* BUFFER_H */
diff --git a/configure.ac b/configure.ac
index 637e7b536..d267ba2b1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.451 2010/08/16 03:15:23 dtucker Exp $ 1# $Id: configure.ac,v 1.452 2010/09/10 01:39:27 djm Exp $
2# 2#
3# Copyright (c) 1999-2004 Damien Miller 3# Copyright (c) 1999-2004 Damien Miller
4# 4#
@@ -15,7 +15,7 @@
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 16
17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
18AC_REVISION($Revision: 1.451 $) 18AC_REVISION($Revision: 1.452 $)
19AC_CONFIG_SRCDIR([ssh.c]) 19AC_CONFIG_SRCDIR([ssh.c])
20 20
21AC_CONFIG_HEADER(config.h) 21AC_CONFIG_HEADER(config.h)
@@ -2158,6 +2158,28 @@ fi
2158# Search for SHA256 support in libc and/or OpenSSL 2158# Search for SHA256 support in libc and/or OpenSSL
2159AC_CHECK_FUNCS(SHA256_Update EVP_sha256) 2159AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2160 2160
2161# Check complete ECC support in OpenSSL
2162AC_MSG_CHECKING([whether OpenSSL has complete ECC support])
2163AC_LINK_IFELSE(
2164 [AC_LANG_SOURCE([[
2165#include <openssl/ec.h>
2166#include <openssl/evp.h>
2167#include <openssl/objects.h>
2168int main(void) {
2169 EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
2170 const EVP_MD *m = EVP_sha512(); /* We need this too */
2171}
2172 ]])],
2173 [
2174 AC_MSG_RESULT(yes)
2175 AC_DEFINE(OPENSSL_HAS_ECC, 1,
2176 [libcrypto includes complete ECC support])
2177 ],
2178 [
2179 AC_MSG_RESULT(no)
2180 ]
2181)
2182
2161saved_LIBS="$LIBS" 2183saved_LIBS="$LIBS"
2162AC_CHECK_LIB(iaf, ia_openinfo, [ 2184AC_CHECK_LIB(iaf, ia_openinfo, [
2163 LIBS="$LIBS -liaf" 2185 LIBS="$LIBS -liaf"
diff --git a/kex.h b/kex.h
index f5dcc8791..06914756a 100644
--- a/kex.h
+++ b/kex.h
@@ -159,13 +159,16 @@ void
159kexgex_hash(const EVP_MD *, char *, char *, char *, int, char *, 159kexgex_hash(const EVP_MD *, char *, char *, char *, int, char *,
160 int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, 160 int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *,
161 BIGNUM *, BIGNUM *, u_char **, u_int *); 161 BIGNUM *, BIGNUM *, u_char **, u_int *);
162#ifdef OPENSSL_HAS_ECC
162void 163void
163kex_ecdh_hash(const EVP_MD *, const EC_GROUP *, char *, char *, char *, int, 164kex_ecdh_hash(const EVP_MD *, const EC_GROUP *, char *, char *, char *, int,
164 char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, 165 char *, int, u_char *, int, const EC_POINT *, const EC_POINT *,
165 const BIGNUM *, u_char **, u_int *); 166 const BIGNUM *, u_char **, u_int *);
166
167int kex_ecdh_name_to_nid(const char *); 167int kex_ecdh_name_to_nid(const char *);
168const EVP_MD *kex_ecdh_name_to_evpmd(const char *); 168const EVP_MD *kex_ecdh_name_to_evpmd(const char *);
169#else
170# define kex_ecdh_name_to_evpmd(x) NULL
171#endif
169 172
170void 173void
171derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); 174derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
diff --git a/kexecdh.c b/kexecdh.c
index f59d7b903..4c58a5122 100644
--- a/kexecdh.c
+++ b/kexecdh.c
@@ -26,6 +26,8 @@
26 26
27#include "includes.h" 27#include "includes.h"
28 28
29#ifdef OPENSSL_HAS_ECC
30
29#include <sys/types.h> 31#include <sys/types.h>
30 32
31#include <signal.h> 33#include <signal.h>
@@ -116,3 +118,4 @@ kex_ecdh_hash(
116 *hashlen = EVP_MD_size(evp_md); 118 *hashlen = EVP_MD_size(evp_md);
117} 119}
118 120
121#endif /* OPENSSL_HAS_ECC */
diff --git a/kexecdhc.c b/kexecdhc.c
index 7ac7b1ee2..297a0e5a9 100644
--- a/kexecdhc.c
+++ b/kexecdhc.c
@@ -32,8 +32,6 @@
32#include <string.h> 32#include <string.h>
33#include <signal.h> 33#include <signal.h>
34 34
35#include <openssl/ecdh.h>
36
37#include "xmalloc.h" 35#include "xmalloc.h"
38#include "buffer.h" 36#include "buffer.h"
39#include "key.h" 37#include "key.h"
@@ -44,6 +42,10 @@
44#include "dh.h" 42#include "dh.h"
45#include "ssh2.h" 43#include "ssh2.h"
46 44
45#ifdef OPENSSL_HAS_ECC
46
47#include <openssl/ecdh.h>
48
47void 49void
48kexecdh_client(Kex *kex) 50kexecdh_client(Kex *kex)
49{ 51{
@@ -156,3 +158,10 @@ kexecdh_client(Kex *kex)
156 BN_clear_free(shared_secret); 158 BN_clear_free(shared_secret);
157 kex_finish(kex); 159 kex_finish(kex);
158} 160}
161#else /* OPENSSL_HAS_ECC */
162void
163kexecdh_client(Kex *kex)
164{
165 fatal("ECC support is not enabled");
166}
167#endif /* OPENSSL_HAS_ECC */
diff --git a/kexecdhs.c b/kexecdhs.c
index e49a0ef37..d2c3feb09 100644
--- a/kexecdhs.c
+++ b/kexecdhs.c
@@ -30,8 +30,6 @@
30#include <string.h> 30#include <string.h>
31#include <signal.h> 31#include <signal.h>
32 32
33#include <openssl/ecdh.h>
34
35#include "xmalloc.h" 33#include "xmalloc.h"
36#include "buffer.h" 34#include "buffer.h"
37#include "key.h" 35#include "key.h"
@@ -46,6 +44,10 @@
46#endif 44#endif
47#include "monitor_wrap.h" 45#include "monitor_wrap.h"
48 46
47#ifdef OPENSSL_HAS_ECC
48
49#include <openssl/ecdh.h>
50
49void 51void
50kexecdh_server(Kex *kex) 52kexecdh_server(Kex *kex)
51{ 53{
@@ -161,3 +163,10 @@ kexecdh_server(Kex *kex)
161 BN_clear_free(shared_secret); 163 BN_clear_free(shared_secret);
162 kex_finish(kex); 164 kex_finish(kex);
163} 165}
166#else /* OPENSSL_HAS_ECC */
167void
168kexecdh_server(Kex *kex)
169{
170 fatal("ECC support is not enabled");
171}
172#endif /* OPENSSL_HAS_ECC */
diff --git a/key.c b/key.c
index b9dc2355b..3cda8f2cb 100644
--- a/key.c
+++ b/key.c
@@ -111,10 +111,12 @@ key_new(int type)
111 fatal("key_new: BN_new failed"); 111 fatal("key_new: BN_new failed");
112 k->dsa = dsa; 112 k->dsa = dsa;
113 break; 113 break;
114#ifdef OPENSSL_HAS_ECC
114 case KEY_ECDSA: 115 case KEY_ECDSA:
115 case KEY_ECDSA_CERT: 116 case KEY_ECDSA_CERT:
116 /* Cannot do anything until we know the group */ 117 /* Cannot do anything until we know the group */
117 break; 118 break;
119#endif
118 case KEY_UNSPEC: 120 case KEY_UNSPEC:
119 break; 121 break;
120 default: 122 default:
@@ -214,12 +216,14 @@ key_free(Key *k)
214 DSA_free(k->dsa); 216 DSA_free(k->dsa);
215 k->dsa = NULL; 217 k->dsa = NULL;
216 break; 218 break;
219#ifdef OPENSSL_HAS_ECC
217 case KEY_ECDSA: 220 case KEY_ECDSA:
218 case KEY_ECDSA_CERT: 221 case KEY_ECDSA_CERT:
219 if (k->ecdsa != NULL) 222 if (k->ecdsa != NULL)
220 EC_KEY_free(k->ecdsa); 223 EC_KEY_free(k->ecdsa);
221 k->ecdsa = NULL; 224 k->ecdsa = NULL;
222 break; 225 break;
226#endif
223 case KEY_UNSPEC: 227 case KEY_UNSPEC:
224 break; 228 break;
225 default: 229 default:
@@ -279,6 +283,7 @@ key_equal_public(const Key *a, const Key *b)
279 BN_cmp(a->dsa->q, b->dsa->q) == 0 && 283 BN_cmp(a->dsa->q, b->dsa->q) == 0 &&
280 BN_cmp(a->dsa->g, b->dsa->g) == 0 && 284 BN_cmp(a->dsa->g, b->dsa->g) == 0 &&
281 BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0; 285 BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0;
286#ifdef OPENSSL_HAS_ECC
282 case KEY_ECDSA_CERT: 287 case KEY_ECDSA_CERT:
283 case KEY_ECDSA: 288 case KEY_ECDSA:
284 if (a->ecdsa == NULL || b->ecdsa == NULL || 289 if (a->ecdsa == NULL || b->ecdsa == NULL ||
@@ -297,6 +302,7 @@ key_equal_public(const Key *a, const Key *b)
297 } 302 }
298 BN_CTX_free(bnctx); 303 BN_CTX_free(bnctx);
299 return 1; 304 return 1;
305#endif /* OPENSSL_HAS_ECC */
300 default: 306 default:
301 fatal("key_equal: bad key type %d", a->type); 307 fatal("key_equal: bad key type %d", a->type);
302 } 308 }
@@ -695,11 +701,13 @@ key_read(Key *ret, char **cpp)
695 } 701 }
696 *space = '\0'; 702 *space = '\0';
697 type = key_type_from_name(cp); 703 type = key_type_from_name(cp);
704#ifdef OPENSSL_HAS_ECC
698 if (key_type_plain(type) == KEY_ECDSA && 705 if (key_type_plain(type) == KEY_ECDSA &&
699 (curve_nid = key_ecdsa_nid_from_name(cp)) == -1) { 706 (curve_nid = key_ecdsa_nid_from_name(cp)) == -1) {
700 debug("key_read: invalid curve"); 707 debug("key_read: invalid curve");
701 return -1; 708 return -1;
702 } 709 }
710#endif
703 *space = ' '; 711 *space = ' ';
704 if (type == KEY_UNSPEC) { 712 if (type == KEY_UNSPEC) {
705 debug3("key_read: missing keytype"); 713 debug3("key_read: missing keytype");
@@ -736,12 +744,14 @@ key_read(Key *ret, char **cpp)
736 key_free(k); 744 key_free(k);
737 return -1; 745 return -1;
738 } 746 }
747#ifdef OPENSSL_HAS_ECC
739 if (key_type_plain(type) == KEY_ECDSA && 748 if (key_type_plain(type) == KEY_ECDSA &&
740 curve_nid != k->ecdsa_nid) { 749 curve_nid != k->ecdsa_nid) {
741 error("key_read: type mismatch: EC curve mismatch"); 750 error("key_read: type mismatch: EC curve mismatch");
742 key_free(k); 751 key_free(k);
743 return -1; 752 return -1;
744 } 753 }
754#endif
745/*XXXX*/ 755/*XXXX*/
746 if (key_is_cert(ret)) { 756 if (key_is_cert(ret)) {
747 if (!key_is_cert(k)) { 757 if (!key_is_cert(k)) {
@@ -772,6 +782,7 @@ key_read(Key *ret, char **cpp)
772 DSA_print_fp(stderr, ret->dsa, 8); 782 DSA_print_fp(stderr, ret->dsa, 8);
773#endif 783#endif
774 } 784 }
785#ifdef OPENSSL_HAS_ECC
775 if (key_type_plain(ret->type) == KEY_ECDSA) { 786 if (key_type_plain(ret->type) == KEY_ECDSA) {
776 if (ret->ecdsa != NULL) 787 if (ret->ecdsa != NULL)
777 EC_KEY_free(ret->ecdsa); 788 EC_KEY_free(ret->ecdsa);
@@ -783,6 +794,7 @@ key_read(Key *ret, char **cpp)
783 key_dump_ec_key(ret->ecdsa); 794 key_dump_ec_key(ret->ecdsa);
784#endif 795#endif
785 } 796 }
797#endif
786 success = 1; 798 success = 1;
787/*XXXX*/ 799/*XXXX*/
788 key_free(k); 800 key_free(k);
@@ -839,11 +851,13 @@ key_write(const Key *key, FILE *f)
839 if (key->dsa == NULL) 851 if (key->dsa == NULL)
840 return 0; 852 return 0;
841 break; 853 break;
854#ifdef OPENSSL_HAS_ECC
842 case KEY_ECDSA: 855 case KEY_ECDSA:
843 case KEY_ECDSA_CERT: 856 case KEY_ECDSA_CERT:
844 if (key->ecdsa == NULL) 857 if (key->ecdsa == NULL)
845 return 0; 858 return 0;
846 break; 859 break;
860#endif
847 case KEY_RSA: 861 case KEY_RSA:
848 case KEY_RSA_CERT_V00: 862 case KEY_RSA_CERT_V00:
849 case KEY_RSA_CERT: 863 case KEY_RSA_CERT:
@@ -877,8 +891,10 @@ key_type(const Key *k)
877 return "RSA"; 891 return "RSA";
878 case KEY_DSA: 892 case KEY_DSA:
879 return "DSA"; 893 return "DSA";
894#ifdef OPENSSL_HAS_ECC
880 case KEY_ECDSA: 895 case KEY_ECDSA:
881 return "ECDSA"; 896 return "ECDSA";
897#endif
882 case KEY_RSA_CERT_V00: 898 case KEY_RSA_CERT_V00:
883 return "RSA-CERT-V00"; 899 return "RSA-CERT-V00";
884 case KEY_DSA_CERT_V00: 900 case KEY_DSA_CERT_V00:
@@ -887,8 +903,10 @@ key_type(const Key *k)
887 return "RSA-CERT"; 903 return "RSA-CERT";
888 case KEY_DSA_CERT: 904 case KEY_DSA_CERT:
889 return "DSA-CERT"; 905 return "DSA-CERT";
906#ifdef OPENSSL_HAS_ECC
890 case KEY_ECDSA_CERT: 907 case KEY_ECDSA_CERT:
891 return "ECDSA-CERT"; 908 return "ECDSA-CERT";
909#endif
892 } 910 }
893 return "unknown"; 911 return "unknown";
894} 912}
@@ -922,6 +940,7 @@ key_ssh_name_from_type_nid(int type, int nid)
922 return "ssh-rsa-cert-v01@openssh.com"; 940 return "ssh-rsa-cert-v01@openssh.com";
923 case KEY_DSA_CERT: 941 case KEY_DSA_CERT:
924 return "ssh-dss-cert-v01@openssh.com"; 942 return "ssh-dss-cert-v01@openssh.com";
943#ifdef OPENSSL_HAS_ECC
925 case KEY_ECDSA: 944 case KEY_ECDSA:
926 switch (nid) { 945 switch (nid) {
927 case NID_X9_62_prime256v1: 946 case NID_X9_62_prime256v1:
@@ -946,6 +965,7 @@ key_ssh_name_from_type_nid(int type, int nid)
946 break; 965 break;
947 } 966 }
948 break; 967 break;
968#endif /* OPENSSL_HAS_ECC */
949 } 969 }
950 return "ssh-unknown"; 970 return "ssh-unknown";
951} 971}
@@ -976,9 +996,11 @@ key_size(const Key *k)
976 case KEY_DSA_CERT_V00: 996 case KEY_DSA_CERT_V00:
977 case KEY_DSA_CERT: 997 case KEY_DSA_CERT:
978 return BN_num_bits(k->dsa->p); 998 return BN_num_bits(k->dsa->p);
999#ifdef OPENSSL_HAS_ECC
979 case KEY_ECDSA: 1000 case KEY_ECDSA:
980 case KEY_ECDSA_CERT: 1001 case KEY_ECDSA_CERT:
981 return key_curve_nid_to_bits(k->ecdsa_nid); 1002 return key_curve_nid_to_bits(k->ecdsa_nid);
1003#endif
982 } 1004 }
983 return 0; 1005 return 0;
984} 1006}
@@ -1012,17 +1034,20 @@ int
1012key_ecdsa_bits_to_nid(int bits) 1034key_ecdsa_bits_to_nid(int bits)
1013{ 1035{
1014 switch (bits) { 1036 switch (bits) {
1037#ifdef OPENSSL_HAS_ECC
1015 case 256: 1038 case 256:
1016 return NID_X9_62_prime256v1; 1039 return NID_X9_62_prime256v1;
1017 case 384: 1040 case 384:
1018 return NID_secp384r1; 1041 return NID_secp384r1;
1019 case 521: 1042 case 521:
1020 return NID_secp521r1; 1043 return NID_secp521r1;
1044#endif
1021 default: 1045 default:
1022 return -1; 1046 return -1;
1023 } 1047 }
1024} 1048}
1025 1049
1050#ifdef OPENSSL_HAS_ECC
1026/* 1051/*
1027 * This is horrid, but OpenSSL's PEM_read_PrivateKey seems not to restore 1052 * This is horrid, but OpenSSL's PEM_read_PrivateKey seems not to restore
1028 * the EC_GROUP nid when loading a key... 1053 * the EC_GROUP nid when loading a key...
@@ -1070,6 +1095,7 @@ ecdsa_generate_private_key(u_int bits, int *nid)
1070 fatal("%s: EC_KEY_generate_key failed", __func__); 1095 fatal("%s: EC_KEY_generate_key failed", __func__);
1071 return private; 1096 return private;
1072} 1097}
1098#endif /* OPENSSL_HAS_ECC */
1073 1099
1074Key * 1100Key *
1075key_generate(int type, u_int bits) 1101key_generate(int type, u_int bits)
@@ -1079,9 +1105,11 @@ key_generate(int type, u_int bits)
1079 case KEY_DSA: 1105 case KEY_DSA:
1080 k->dsa = dsa_generate_private_key(bits); 1106 k->dsa = dsa_generate_private_key(bits);
1081 break; 1107 break;
1108#ifdef OPENSSL_HAS_ECC
1082 case KEY_ECDSA: 1109 case KEY_ECDSA:
1083 k->ecdsa = ecdsa_generate_private_key(bits, &k->ecdsa_nid); 1110 k->ecdsa = ecdsa_generate_private_key(bits, &k->ecdsa_nid);
1084 break; 1111 break;
1112#endif
1085 case KEY_RSA: 1113 case KEY_RSA:
1086 case KEY_RSA1: 1114 case KEY_RSA1:
1087 k->rsa = rsa_generate_private_key(bits); 1115 k->rsa = rsa_generate_private_key(bits);
@@ -1158,6 +1186,7 @@ key_from_private(const Key *k)
1158 (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL)) 1186 (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL))
1159 fatal("key_from_private: BN_copy failed"); 1187 fatal("key_from_private: BN_copy failed");
1160 break; 1188 break;
1189#ifdef OPENSSL_HAS_ECC
1161 case KEY_ECDSA: 1190 case KEY_ECDSA:
1162 case KEY_ECDSA_CERT: 1191 case KEY_ECDSA_CERT:
1163 n = key_new(k->type); 1192 n = key_new(k->type);
@@ -1168,6 +1197,7 @@ key_from_private(const Key *k)
1168 EC_KEY_get0_public_key(k->ecdsa)) != 1) 1197 EC_KEY_get0_public_key(k->ecdsa)) != 1)
1169 fatal("%s: EC_KEY_set_public_key failed", __func__); 1198 fatal("%s: EC_KEY_set_public_key failed", __func__);
1170 break; 1199 break;
1200#endif
1171 case KEY_RSA: 1201 case KEY_RSA:
1172 case KEY_RSA1: 1202 case KEY_RSA1:
1173 case KEY_RSA_CERT_V00: 1203 case KEY_RSA_CERT_V00:
@@ -1199,11 +1229,13 @@ key_type_from_name(char *name)
1199 return KEY_RSA; 1229 return KEY_RSA;
1200 } else if (strcmp(name, "ssh-dss") == 0) { 1230 } else if (strcmp(name, "ssh-dss") == 0) {
1201 return KEY_DSA; 1231 return KEY_DSA;
1232#ifdef OPENSSL_HAS_ECC
1202 } else if (strcmp(name, "ecdsa") == 0 || 1233 } else if (strcmp(name, "ecdsa") == 0 ||
1203 strcmp(name, "ecdsa-sha2-nistp256") == 0 || 1234 strcmp(name, "ecdsa-sha2-nistp256") == 0 ||
1204 strcmp(name, "ecdsa-sha2-nistp384") == 0 || 1235 strcmp(name, "ecdsa-sha2-nistp384") == 0 ||
1205 strcmp(name, "ecdsa-sha2-nistp521") == 0) { 1236 strcmp(name, "ecdsa-sha2-nistp521") == 0) {
1206 return KEY_ECDSA; 1237 return KEY_ECDSA;
1238#endif
1207 } else if (strcmp(name, "ssh-rsa-cert-v00@openssh.com") == 0) { 1239 } else if (strcmp(name, "ssh-rsa-cert-v00@openssh.com") == 0) {
1208 return KEY_RSA_CERT_V00; 1240 return KEY_RSA_CERT_V00;
1209 } else if (strcmp(name, "ssh-dss-cert-v00@openssh.com") == 0) { 1241 } else if (strcmp(name, "ssh-dss-cert-v00@openssh.com") == 0) {
@@ -1212,10 +1244,13 @@ key_type_from_name(char *name)
1212 return KEY_RSA_CERT; 1244 return KEY_RSA_CERT;
1213 } else if (strcmp(name, "ssh-dss-cert-v01@openssh.com") == 0) { 1245 } else if (strcmp(name, "ssh-dss-cert-v01@openssh.com") == 0) {
1214 return KEY_DSA_CERT; 1246 return KEY_DSA_CERT;
1247#ifdef OPENSSL_HAS_ECC
1215 } else if (strcmp(name, "ecdsa-sha2-nistp256-cert-v01@openssh.com") == 0 || 1248 } else if (strcmp(name, "ecdsa-sha2-nistp256-cert-v01@openssh.com") == 0 ||
1216 strcmp(name, "ecdsa-sha2-nistp384-cert-v01@openssh.com") == 0 || 1249 strcmp(name, "ecdsa-sha2-nistp384-cert-v01@openssh.com") == 0 ||
1217 strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) 1250 strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) {
1218 return KEY_ECDSA_CERT; 1251 return KEY_ECDSA_CERT;
1252#endif
1253 }
1219 1254
1220 debug2("key_type_from_name: unknown key type '%s'", name); 1255 debug2("key_type_from_name: unknown key type '%s'", name);
1221 return KEY_UNSPEC; 1256 return KEY_UNSPEC;
@@ -1224,6 +1259,7 @@ key_type_from_name(char *name)
1224int 1259int
1225key_ecdsa_nid_from_name(const char *name) 1260key_ecdsa_nid_from_name(const char *name)
1226{ 1261{
1262#ifdef OPENSSL_HAS_ECC
1227 if (strcmp(name, "ecdsa-sha2-nistp256") == 0 || 1263 if (strcmp(name, "ecdsa-sha2-nistp256") == 0 ||
1228 strcmp(name, "ecdsa-sha2-nistp256-cert-v01@openssh.com") == 0) 1264 strcmp(name, "ecdsa-sha2-nistp256-cert-v01@openssh.com") == 0)
1229 return NID_X9_62_prime256v1; 1265 return NID_X9_62_prime256v1;
@@ -1233,6 +1269,7 @@ key_ecdsa_nid_from_name(const char *name)
1233 if (strcmp(name, "ecdsa-sha2-nistp521") == 0 || 1269 if (strcmp(name, "ecdsa-sha2-nistp521") == 0 ||
1234 strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) 1270 strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0)
1235 return NID_secp521r1; 1271 return NID_secp521r1;
1272#endif /* OPENSSL_HAS_ECC */
1236 1273
1237 debug2("%s: unknown/non-ECDSA key type '%s'", __func__, name); 1274 debug2("%s: unknown/non-ECDSA key type '%s'", __func__, name);
1238 return -1; 1275 return -1;
@@ -1403,7 +1440,9 @@ key_from_blob(const u_char *blob, u_int blen)
1403 int rlen, type, nid = -1; 1440 int rlen, type, nid = -1;
1404 char *ktype = NULL, *curve = NULL; 1441 char *ktype = NULL, *curve = NULL;
1405 Key *key = NULL; 1442 Key *key = NULL;
1443#ifdef OPENSSL_HAS_ECC
1406 EC_POINT *q = NULL; 1444 EC_POINT *q = NULL;
1445#endif
1407 1446
1408#ifdef DEBUG_PK 1447#ifdef DEBUG_PK
1409 dump_base64(stderr, blob, blen); 1448 dump_base64(stderr, blob, blen);
@@ -1416,8 +1455,10 @@ key_from_blob(const u_char *blob, u_int blen)
1416 } 1455 }
1417 1456
1418 type = key_type_from_name(ktype); 1457 type = key_type_from_name(ktype);
1458#ifdef OPENSSL_HAS_ECC
1419 if (key_type_plain(type) == KEY_ECDSA) 1459 if (key_type_plain(type) == KEY_ECDSA)
1420 nid = key_ecdsa_nid_from_name(ktype); 1460 nid = key_ecdsa_nid_from_name(ktype);
1461#endif
1421 1462
1422 switch (type) { 1463 switch (type) {
1423 case KEY_RSA_CERT: 1464 case KEY_RSA_CERT:
@@ -1455,6 +1496,7 @@ key_from_blob(const u_char *blob, u_int blen)
1455 DSA_print_fp(stderr, key->dsa, 8); 1496 DSA_print_fp(stderr, key->dsa, 8);
1456#endif 1497#endif
1457 break; 1498 break;
1499#ifdef OPENSSL_HAS_ECC
1458 case KEY_ECDSA_CERT: 1500 case KEY_ECDSA_CERT:
1459 (void)buffer_get_string_ptr_ret(&b, NULL); /* Skip nonce */ 1501 (void)buffer_get_string_ptr_ret(&b, NULL); /* Skip nonce */
1460 /* FALLTHROUGH */ 1502 /* FALLTHROUGH */
@@ -1490,6 +1532,7 @@ key_from_blob(const u_char *blob, u_int blen)
1490 key_dump_ec_point(EC_KEY_get0_group(key->ecdsa), q); 1532 key_dump_ec_point(EC_KEY_get0_group(key->ecdsa), q);
1491#endif 1533#endif
1492 break; 1534 break;
1535#endif /* OPENSSL_HAS_ECC */
1493 case KEY_UNSPEC: 1536 case KEY_UNSPEC:
1494 key = key_new(type); 1537 key = key_new(type);
1495 break; 1538 break;
@@ -1509,8 +1552,10 @@ key_from_blob(const u_char *blob, u_int blen)
1509 xfree(ktype); 1552 xfree(ktype);
1510 if (curve != NULL) 1553 if (curve != NULL)
1511 xfree(curve); 1554 xfree(curve);
1555#ifdef OPENSSL_HAS_ECC
1512 if (q != NULL) 1556 if (q != NULL)
1513 EC_POINT_free(q); 1557 EC_POINT_free(q);
1558#endif
1514 buffer_free(&b); 1559 buffer_free(&b);
1515 return key; 1560 return key;
1516} 1561}
@@ -1543,12 +1588,14 @@ key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
1543 buffer_put_bignum2(&b, key->dsa->g); 1588 buffer_put_bignum2(&b, key->dsa->g);
1544 buffer_put_bignum2(&b, key->dsa->pub_key); 1589 buffer_put_bignum2(&b, key->dsa->pub_key);
1545 break; 1590 break;
1591#ifdef OPENSSL_HAS_ECC
1546 case KEY_ECDSA: 1592 case KEY_ECDSA:
1547 buffer_put_cstring(&b, key_ssh_name(key)); 1593 buffer_put_cstring(&b, key_ssh_name(key));
1548 buffer_put_cstring(&b, key_curve_nid_to_name(key->ecdsa_nid)); 1594 buffer_put_cstring(&b, key_curve_nid_to_name(key->ecdsa_nid));
1549 buffer_put_ecpoint(&b, EC_KEY_get0_group(key->ecdsa), 1595 buffer_put_ecpoint(&b, EC_KEY_get0_group(key->ecdsa),
1550 EC_KEY_get0_public_key(key->ecdsa)); 1596 EC_KEY_get0_public_key(key->ecdsa));
1551 break; 1597 break;
1598#endif
1552 case KEY_RSA: 1599 case KEY_RSA:
1553 buffer_put_cstring(&b, key_ssh_name(key)); 1600 buffer_put_cstring(&b, key_ssh_name(key));
1554 buffer_put_bignum2(&b, key->rsa->e); 1601 buffer_put_bignum2(&b, key->rsa->e);
@@ -1582,9 +1629,11 @@ key_sign(
1582 case KEY_DSA_CERT: 1629 case KEY_DSA_CERT:
1583 case KEY_DSA: 1630 case KEY_DSA:
1584 return ssh_dss_sign(key, sigp, lenp, data, datalen); 1631 return ssh_dss_sign(key, sigp, lenp, data, datalen);
1632#ifdef OPENSSL_HAS_ECC
1585 case KEY_ECDSA_CERT: 1633 case KEY_ECDSA_CERT:
1586 case KEY_ECDSA: 1634 case KEY_ECDSA:
1587 return ssh_ecdsa_sign(key, sigp, lenp, data, datalen); 1635 return ssh_ecdsa_sign(key, sigp, lenp, data, datalen);
1636#endif
1588 case KEY_RSA_CERT_V00: 1637 case KEY_RSA_CERT_V00:
1589 case KEY_RSA_CERT: 1638 case KEY_RSA_CERT:
1590 case KEY_RSA: 1639 case KEY_RSA:
@@ -1613,9 +1662,11 @@ key_verify(
1613 case KEY_DSA_CERT: 1662 case KEY_DSA_CERT:
1614 case KEY_DSA: 1663 case KEY_DSA:
1615 return ssh_dss_verify(key, signature, signaturelen, data, datalen); 1664 return ssh_dss_verify(key, signature, signaturelen, data, datalen);
1665#ifdef OPENSSL_HAS_ECC
1616 case KEY_ECDSA_CERT: 1666 case KEY_ECDSA_CERT:
1617 case KEY_ECDSA: 1667 case KEY_ECDSA:
1618 return ssh_ecdsa_verify(key, signature, signaturelen, data, datalen); 1668 return ssh_ecdsa_verify(key, signature, signaturelen, data, datalen);
1669#endif
1619 case KEY_RSA_CERT_V00: 1670 case KEY_RSA_CERT_V00:
1620 case KEY_RSA_CERT: 1671 case KEY_RSA_CERT:
1621 case KEY_RSA: 1672 case KEY_RSA:
@@ -1670,6 +1721,7 @@ key_demote(const Key *k)
1670 if ((pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL) 1721 if ((pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL)
1671 fatal("key_demote: BN_dup failed"); 1722 fatal("key_demote: BN_dup failed");
1672 break; 1723 break;
1724#ifdef OPENSSL_HAS_ECC
1673 case KEY_ECDSA_CERT: 1725 case KEY_ECDSA_CERT:
1674 key_cert_copy(k, pk); 1726 key_cert_copy(k, pk);
1675 /* FALLTHROUGH */ 1727 /* FALLTHROUGH */
@@ -1680,6 +1732,7 @@ key_demote(const Key *k)
1680 EC_KEY_get0_public_key(k->ecdsa)) != 1) 1732 EC_KEY_get0_public_key(k->ecdsa)) != 1)
1681 fatal("key_demote: EC_KEY_set_public_key failed"); 1733 fatal("key_demote: EC_KEY_set_public_key failed");
1682 break; 1734 break;
1735#endif
1683 default: 1736 default:
1684 fatal("key_free: bad key type %d", k->type); 1737 fatal("key_free: bad key type %d", k->type);
1685 break; 1738 break;
@@ -1819,6 +1872,7 @@ key_certify(Key *k, Key *ca)
1819 buffer_put_bignum2(&k->cert->certblob, k->dsa->g); 1872 buffer_put_bignum2(&k->cert->certblob, k->dsa->g);
1820 buffer_put_bignum2(&k->cert->certblob, k->dsa->pub_key); 1873 buffer_put_bignum2(&k->cert->certblob, k->dsa->pub_key);
1821 break; 1874 break;
1875#ifdef OPENSSL_HAS_ECC
1822 case KEY_ECDSA_CERT: 1876 case KEY_ECDSA_CERT:
1823 buffer_put_cstring(&k->cert->certblob, 1877 buffer_put_cstring(&k->cert->certblob,
1824 key_curve_nid_to_name(k->ecdsa_nid)); 1878 key_curve_nid_to_name(k->ecdsa_nid));
@@ -1826,6 +1880,7 @@ key_certify(Key *k, Key *ca)
1826 EC_KEY_get0_group(k->ecdsa), 1880 EC_KEY_get0_group(k->ecdsa),
1827 EC_KEY_get0_public_key(k->ecdsa)); 1881 EC_KEY_get0_public_key(k->ecdsa));
1828 break; 1882 break;
1883#endif
1829 case KEY_RSA_CERT_V00: 1884 case KEY_RSA_CERT_V00:
1830 case KEY_RSA_CERT: 1885 case KEY_RSA_CERT:
1831 buffer_put_bignum2(&k->cert->certblob, k->rsa->e); 1886 buffer_put_bignum2(&k->cert->certblob, k->rsa->e);
@@ -1955,12 +2010,14 @@ key_cert_is_legacy(Key *k)
1955int 2010int
1956key_curve_name_to_nid(const char *name) 2011key_curve_name_to_nid(const char *name)
1957{ 2012{
2013#ifdef OPENSSL_HAS_ECC
1958 if (strcmp(name, "nistp256") == 0) 2014 if (strcmp(name, "nistp256") == 0)
1959 return NID_X9_62_prime256v1; 2015 return NID_X9_62_prime256v1;
1960 else if (strcmp(name, "nistp384") == 0) 2016 else if (strcmp(name, "nistp384") == 0)
1961 return NID_secp384r1; 2017 return NID_secp384r1;
1962 else if (strcmp(name, "nistp521") == 0) 2018 else if (strcmp(name, "nistp521") == 0)
1963 return NID_secp521r1; 2019 return NID_secp521r1;
2020#endif
1964 2021
1965 debug("%s: unsupported EC curve name \"%.100s\"", __func__, name); 2022 debug("%s: unsupported EC curve name \"%.100s\"", __func__, name);
1966 return -1; 2023 return -1;
@@ -1970,12 +2027,14 @@ u_int
1970key_curve_nid_to_bits(int nid) 2027key_curve_nid_to_bits(int nid)
1971{ 2028{
1972 switch (nid) { 2029 switch (nid) {
2030#ifdef OPENSSL_HAS_ECC
1973 case NID_X9_62_prime256v1: 2031 case NID_X9_62_prime256v1:
1974 return 256; 2032 return 256;
1975 case NID_secp384r1: 2033 case NID_secp384r1:
1976 return 384; 2034 return 384;
1977 case NID_secp521r1: 2035 case NID_secp521r1:
1978 return 521; 2036 return 521;
2037#endif
1979 default: 2038 default:
1980 error("%s: unsupported EC curve nid %d", __func__, nid); 2039 error("%s: unsupported EC curve nid %d", __func__, nid);
1981 return 0; 2040 return 0;
@@ -1985,17 +2044,19 @@ key_curve_nid_to_bits(int nid)
1985const char * 2044const char *
1986key_curve_nid_to_name(int nid) 2045key_curve_nid_to_name(int nid)
1987{ 2046{
2047#ifdef OPENSSL_HAS_ECC
1988 if (nid == NID_X9_62_prime256v1) 2048 if (nid == NID_X9_62_prime256v1)
1989 return "nistp256"; 2049 return "nistp256";
1990 else if (nid == NID_secp384r1) 2050 else if (nid == NID_secp384r1)
1991 return "nistp384"; 2051 return "nistp384";
1992 else if (nid == NID_secp521r1) 2052 else if (nid == NID_secp521r1)
1993 return "nistp521"; 2053 return "nistp521";
1994 2054#endif
1995 error("%s: unsupported EC curve nid %d", __func__, nid); 2055 error("%s: unsupported EC curve nid %d", __func__, nid);
1996 return NULL; 2056 return NULL;
1997} 2057}
1998 2058
2059#ifdef OPENSSL_HAS_ECC
1999const EVP_MD * 2060const EVP_MD *
2000key_ec_nid_to_evpmd(int nid) 2061key_ec_nid_to_evpmd(int nid)
2001{ 2062{
@@ -2180,4 +2241,4 @@ key_dump_ec_key(const EC_KEY *key)
2180 fputs("\n", stderr); 2241 fputs("\n", stderr);
2181} 2242}
2182#endif /* defined(DEBUG_KEXECDH) || defined(DEBUG_PK) */ 2243#endif /* defined(DEBUG_KEXECDH) || defined(DEBUG_PK) */
2183 2244#endif /* OPENSSL_HAS_ECC */
diff --git a/key.h b/key.h
index ba1a20c07..86a1d889c 100644
--- a/key.h
+++ b/key.h
@@ -29,7 +29,9 @@
29#include "buffer.h" 29#include "buffer.h"
30#include <openssl/rsa.h> 30#include <openssl/rsa.h>
31#include <openssl/dsa.h> 31#include <openssl/dsa.h>
32#ifdef OPENSSL_HAS_ECC
32#include <openssl/ec.h> 33#include <openssl/ec.h>
34#endif
33 35
34typedef struct Key Key; 36typedef struct Key Key;
35enum types { 37enum types {
@@ -77,7 +79,11 @@ struct Key {
77 RSA *rsa; 79 RSA *rsa;
78 DSA *dsa; 80 DSA *dsa;
79 int ecdsa_nid; /* NID of curve */ 81 int ecdsa_nid; /* NID of curve */
82#ifdef OPENSSL_HAS_ECC
80 EC_KEY *ecdsa; 83 EC_KEY *ecdsa;
84#else
85 void *ecdsa;
86#endif
81 struct KeyCert *cert; 87 struct KeyCert *cert;
82}; 88};
83 89
@@ -114,10 +120,12 @@ int key_curve_name_to_nid(const char *);
114const char * key_curve_nid_to_name(int); 120const char * key_curve_nid_to_name(int);
115u_int key_curve_nid_to_bits(int); 121u_int key_curve_nid_to_bits(int);
116int key_ecdsa_bits_to_nid(int); 122int key_ecdsa_bits_to_nid(int);
123#ifdef OPENSSL_HAS_ECC
117int key_ecdsa_group_to_nid(const EC_GROUP *); 124int key_ecdsa_group_to_nid(const EC_GROUP *);
118const EVP_MD * key_ec_nid_to_evpmd(int nid); 125const EVP_MD * key_ec_nid_to_evpmd(int nid);
119int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); 126int key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
120int key_ec_validate_private(const EC_KEY *); 127int key_ec_validate_private(const EC_KEY *);
128#endif
121 129
122Key *key_from_blob(const u_char *, u_int); 130Key *key_from_blob(const u_char *, u_int);
123int key_to_blob(const Key *, u_char **, u_int *); 131int key_to_blob(const Key *, u_char **, u_int *);
@@ -135,7 +143,7 @@ int ssh_ecdsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int)
135int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int); 143int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
136int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int); 144int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
137 145
138#if defined(DEBUG_KEXECDH) || defined(DEBUG_PK) 146#if defined(OPENSSL_HAS_ECC) && (defined(DEBUG_KEXECDH) || defined(DEBUG_PK))
139void key_dump_ec_point(const EC_GROUP *, const EC_POINT *); 147void key_dump_ec_point(const EC_GROUP *, const EC_POINT *);
140void key_dump_ec_key(const EC_KEY *); 148void key_dump_ec_key(const EC_KEY *);
141#endif 149#endif
diff --git a/myproposal.h b/myproposal.h
index 5daca533b..893190788 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -26,44 +26,49 @@
26 26
27#include <openssl/opensslv.h> 27#include <openssl/opensslv.h>
28 28
29#ifdef OPENSSL_HAS_ECC
30# define KEX_ECDH_METHODS \
31 "ecdh-sha2-nistp256," \
32 "ecdh-sha2-nistp384," \
33 "ecdh-sha2-nistp521,"
34# define HOSTKEY_ECDSA_CERT_METHODS \
35 "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
36 "ecdsa-sha2-nistp384-cert-v01@openssh.com," \
37 "ecdsa-sha2-nistp521-cert-v01@openssh.com,"
38# define HOSTKEY_ECDSA_METHODS \
39 "ecdsa-sha2-nistp256," \
40 "ecdsa-sha2-nistp384," \
41 "ecdsa-sha2-nistp521,"
42#else
43# define KEX_ECDH_METHODS
44# define HOSTKEY_ECDSA_CERT_METHODS
45# define HOSTKEY_ECDSA_METHODS
46#endif
47
29/* Old OpenSSL doesn't support what we need for DHGEX-sha256 */ 48/* Old OpenSSL doesn't support what we need for DHGEX-sha256 */
30#if OPENSSL_VERSION_NUMBER < 0x00907000L 49#if OPENSSL_VERSION_NUMBER < 0x00907000L
31# define KEX_DEFAULT_KEX \ 50# define KEX_SHA256_METHODS \
32 "diffie-hellman-group-exchange-sha1," \ 51 "diffie-hellman-group-exchange-sha1,"
33 "diffie-hellman-group14-sha1," \
34 "diffie-hellman-group1-sha1"
35
36#define KEX_DEFAULT_PK_ALG \
37 "ssh-rsa-cert-v01@openssh.com," \
38 "ssh-dss-cert-v01@openssh.com," \
39 "ssh-rsa-cert-v00@openssh.com," \
40 "ssh-dss-cert-v00@openssh.com," \
41 "ssh-rsa," \
42 "ssh-dss"
43#else 52#else
44# define KEX_DEFAULT_KEX \ 53# define KEX_SHA256_METHODS
45 "ecdh-sha2-nistp256," \ 54#endif
46 "ecdh-sha2-nistp384," \ 55
47 "ecdh-sha2-nistp521," \ 56# define KEX_DEFAULT_KEX \
48 "diffie-hellman-group-exchange-sha256," \ 57 KEX_ECDH_METHODS \
58 KEX_SHA256_METHODS \
49 "diffie-hellman-group-exchange-sha1," \ 59 "diffie-hellman-group-exchange-sha1," \
50 "diffie-hellman-group14-sha1," \ 60 "diffie-hellman-group14-sha1," \
51 "diffie-hellman-group1-sha1" 61 "diffie-hellman-group1-sha1"
52 62
53#define KEX_DEFAULT_PK_ALG \ 63#define KEX_DEFAULT_PK_ALG \
54 "ecdsa-sha2-nistp256-cert-v01@openssh.com," \ 64 HOSTKEY_ECDSA_CERT_METHODS \
55 "ecdsa-sha2-nistp384-cert-v01@openssh.com," \
56 "ecdsa-sha2-nistp521-cert-v01@openssh.com," \
57 "ssh-rsa-cert-v01@openssh.com," \ 65 "ssh-rsa-cert-v01@openssh.com," \
58 "ssh-dss-cert-v01@openssh.com," \ 66 "ssh-dss-cert-v01@openssh.com," \
59 "ssh-rsa-cert-v00@openssh.com," \ 67 "ssh-rsa-cert-v00@openssh.com," \
60 "ssh-dss-cert-v00@openssh.com," \ 68 "ssh-dss-cert-v00@openssh.com," \
61 "ecdsa-sha2-nistp256," \ 69 HOSTKEY_ECDSA_METHODS \
62 "ecdsa-sha2-nistp384," \
63 "ecdsa-sha2-nistp521," \
64 "ssh-rsa," \ 70 "ssh-rsa," \
65 "ssh-dss" 71 "ssh-dss"
66#endif
67 72
68#define KEX_DEFAULT_ENCRYPT \ 73#define KEX_DEFAULT_ENCRYPT \
69 "aes128-ctr,aes192-ctr,aes256-ctr," \ 74 "aes128-ctr,aes192-ctr,aes256-ctr," \
diff --git a/packet.c b/packet.c
index a06c5e3ef..0018d5839 100644
--- a/packet.c
+++ b/packet.c
@@ -641,11 +641,13 @@ packet_put_bignum2(BIGNUM * value)
641 buffer_put_bignum2(&active_state->outgoing_packet, value); 641 buffer_put_bignum2(&active_state->outgoing_packet, value);
642} 642}
643 643
644#ifdef OPENSSL_HAS_ECC
644void 645void
645packet_put_ecpoint(const EC_GROUP *curve, const EC_POINT *point) 646packet_put_ecpoint(const EC_GROUP *curve, const EC_POINT *point)
646{ 647{
647 buffer_put_ecpoint(&active_state->outgoing_packet, curve, point); 648 buffer_put_ecpoint(&active_state->outgoing_packet, curve, point);
648} 649}
650#endif
649 651
650/* 652/*
651 * Finalizes and sends the packet. If the encryption key has been set, 653 * Finalizes and sends the packet. If the encryption key has been set,
@@ -1517,11 +1519,13 @@ packet_get_bignum2(BIGNUM * value)
1517 buffer_get_bignum2(&active_state->incoming_packet, value); 1519 buffer_get_bignum2(&active_state->incoming_packet, value);
1518} 1520}
1519 1521
1522#ifdef OPENSSL_HAS_ECC
1520void 1523void
1521packet_get_ecpoint(const EC_GROUP *curve, EC_POINT *point) 1524packet_get_ecpoint(const EC_GROUP *curve, EC_POINT *point)
1522{ 1525{
1523 buffer_get_ecpoint(&active_state->incoming_packet, curve, point); 1526 buffer_get_ecpoint(&active_state->incoming_packet, curve, point);
1524} 1527}
1528#endif
1525 1529
1526void * 1530void *
1527packet_get_raw(u_int *length_ptr) 1531packet_get_raw(u_int *length_ptr)
diff --git a/readconf.c b/readconf.c
index 98ce3017f..586422930 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1214,12 +1214,13 @@ fill_default_options(Options * options)
1214 xmalloc(len); 1214 xmalloc(len);
1215 snprintf(options->identity_files[options->num_identity_files++], 1215 snprintf(options->identity_files[options->num_identity_files++],
1216 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA); 1216 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
1217 1217#ifdef OPENSSL_HAS_ECC
1218 len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1; 1218 len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1;
1219 options->identity_files[options->num_identity_files] = 1219 options->identity_files[options->num_identity_files] =
1220 xmalloc(len); 1220 xmalloc(len);
1221 snprintf(options->identity_files[options->num_identity_files++], 1221 snprintf(options->identity_files[options->num_identity_files++],
1222 len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA); 1222 len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA);
1223#endif
1223 } 1224 }
1224 } 1225 }
1225 if (options->escape_char == -1) 1226 if (options->escape_char == -1)
diff --git a/ssh-agent.c b/ssh-agent.c
index 87939b2b6..8f19fb157 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -468,8 +468,10 @@ process_add_identity(SocketEntry *e, int version)
468 int type, success = 0, death = 0, confirm = 0; 468 int type, success = 0, death = 0, confirm = 0;
469 char *type_name, *comment, *curve; 469 char *type_name, *comment, *curve;
470 Key *k = NULL; 470 Key *k = NULL;
471#ifdef OPENSSL_HAS_ECC
471 BIGNUM *exponent; 472 BIGNUM *exponent;
472 EC_POINT *q; 473 EC_POINT *q;
474#endif
473 u_char *cert; 475 u_char *cert;
474 u_int len; 476 u_int len;
475 477
@@ -510,6 +512,7 @@ process_add_identity(SocketEntry *e, int version)
510 key_add_private(k); 512 key_add_private(k);
511 buffer_get_bignum2(&e->request, k->dsa->priv_key); 513 buffer_get_bignum2(&e->request, k->dsa->priv_key);
512 break; 514 break;
515#ifdef OPENSSL_HAS_ECC
513 case KEY_ECDSA: 516 case KEY_ECDSA:
514 k = key_new_private(type); 517 k = key_new_private(type);
515 k->ecdsa_nid = key_ecdsa_nid_from_name(type_name); 518 k->ecdsa_nid = key_ecdsa_nid_from_name(type_name);
@@ -561,6 +564,7 @@ process_add_identity(SocketEntry *e, int version)
561 fatal("%s: bad ECDSA key", __func__); 564 fatal("%s: bad ECDSA key", __func__);
562 BN_clear_free(exponent); 565 BN_clear_free(exponent);
563 break; 566 break;
567#endif /* OPENSSL_HAS_ECC */
564 case KEY_RSA: 568 case KEY_RSA:
565 k = key_new_private(type); 569 k = key_new_private(type);
566 buffer_get_bignum2(&e->request, k->rsa->n); 570 buffer_get_bignum2(&e->request, k->rsa->n);
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
index 5c4ce2311..c8276b460 100644
--- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c
@@ -26,6 +26,8 @@
26 26
27#include "includes.h" 27#include "includes.h"
28 28
29#ifdef OPENSSL_HAS_ECC
30
29#include <sys/types.h> 31#include <sys/types.h>
30 32
31#include <openssl/bn.h> 33#include <openssl/bn.h>
@@ -162,3 +164,5 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
162 ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error"); 164 ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
163 return ret; 165 return ret;
164} 166}
167
168#endif /* OPENSSL_HAS_ECC */
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 43b8c7f97..bbd434b0b 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -265,10 +265,12 @@ do_convert_to_pkcs8(Key *k)
265 if (!PEM_write_DSA_PUBKEY(stdout, k->dsa)) 265 if (!PEM_write_DSA_PUBKEY(stdout, k->dsa))
266 fatal("PEM_write_DSA_PUBKEY failed"); 266 fatal("PEM_write_DSA_PUBKEY failed");
267 break; 267 break;
268#ifdef OPENSSL_HAS_ECC
268 case KEY_ECDSA: 269 case KEY_ECDSA:
269 if (!PEM_write_EC_PUBKEY(stdout, k->ecdsa)) 270 if (!PEM_write_EC_PUBKEY(stdout, k->ecdsa))
270 fatal("PEM_write_EC_PUBKEY failed"); 271 fatal("PEM_write_EC_PUBKEY failed");
271 break; 272 break;
273#endif
272 default: 274 default:
273 fatal("%s: unsupported key type %s", __func__, key_type(k)); 275 fatal("%s: unsupported key type %s", __func__, key_type(k));
274 } 276 }
@@ -549,6 +551,7 @@ do_convert_from_pkcs8(Key **k, int *private)
549 (*k)->type = KEY_DSA; 551 (*k)->type = KEY_DSA;
550 (*k)->dsa = EVP_PKEY_get1_DSA(pubkey); 552 (*k)->dsa = EVP_PKEY_get1_DSA(pubkey);
551 break; 553 break;
554#ifdef OPENSSL_HAS_ECC
552 case EVP_PKEY_EC: 555 case EVP_PKEY_EC:
553 *k = key_new(KEY_UNSPEC); 556 *k = key_new(KEY_UNSPEC);
554 (*k)->type = KEY_ECDSA; 557 (*k)->type = KEY_ECDSA;
@@ -556,6 +559,7 @@ do_convert_from_pkcs8(Key **k, int *private)
556 (*k)->ecdsa_nid = key_ecdsa_group_to_nid( 559 (*k)->ecdsa_nid = key_ecdsa_group_to_nid(
557 EC_KEY_get0_group((*k)->ecdsa)); 560 EC_KEY_get0_group((*k)->ecdsa));
558 break; 561 break;
562#endif
559 default: 563 default:
560 fatal("%s: unsupported pubkey type %d", __func__, 564 fatal("%s: unsupported pubkey type %d", __func__,
561 EVP_PKEY_type(pubkey->type)); 565 EVP_PKEY_type(pubkey->type));
@@ -632,10 +636,12 @@ do_convert_from(struct passwd *pw)
632 ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL, 636 ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL,
633 NULL, 0, NULL, NULL); 637 NULL, 0, NULL, NULL);
634 break; 638 break;
639#ifdef OPENSSL_HAS_ECC
635 case KEY_ECDSA: 640 case KEY_ECDSA:
636 ok = PEM_write_ECPrivateKey(stdout, k->ecdsa, NULL, 641 ok = PEM_write_ECPrivateKey(stdout, k->ecdsa, NULL,
637 NULL, 0, NULL, NULL); 642 NULL, 0, NULL, NULL);
638 break; 643 break;
644#endif
639 case KEY_RSA: 645 case KEY_RSA:
640 ok = PEM_write_RSAPrivateKey(stdout, k->rsa, NULL, 646 ok = PEM_write_RSAPrivateKey(stdout, k->rsa, NULL,
641 NULL, 0, NULL, NULL); 647 NULL, 0, NULL, NULL);
diff --git a/ssh.c b/ssh.c
index 51c68d7da..3ade744b6 100644
--- a/ssh.c
+++ b/ssh.c
@@ -783,20 +783,26 @@ main(int ac, char **av)
783 sensitive_data.nkeys = 7; 783 sensitive_data.nkeys = 7;
784 sensitive_data.keys = xcalloc(sensitive_data.nkeys, 784 sensitive_data.keys = xcalloc(sensitive_data.nkeys,
785 sizeof(Key)); 785 sizeof(Key));
786 for (i = 0; i < sensitive_data.nkeys; i++)
787 sensitive_data.keys[i] = NULL;
786 788
787 PRIV_START; 789 PRIV_START;
788 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, 790 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,
789 _PATH_HOST_KEY_FILE, "", NULL, NULL); 791 _PATH_HOST_KEY_FILE, "", NULL, NULL);
790 sensitive_data.keys[1] = key_load_private_cert(KEY_DSA, 792 sensitive_data.keys[1] = key_load_private_cert(KEY_DSA,
791 _PATH_HOST_DSA_KEY_FILE, "", NULL); 793 _PATH_HOST_DSA_KEY_FILE, "", NULL);
794#ifdef OPENSSL_HAS_ECC
792 sensitive_data.keys[2] = key_load_private_cert(KEY_ECDSA, 795 sensitive_data.keys[2] = key_load_private_cert(KEY_ECDSA,
793 _PATH_HOST_ECDSA_KEY_FILE, "", NULL); 796 _PATH_HOST_ECDSA_KEY_FILE, "", NULL);
797#endif
794 sensitive_data.keys[3] = key_load_private_cert(KEY_RSA, 798 sensitive_data.keys[3] = key_load_private_cert(KEY_RSA,
795 _PATH_HOST_RSA_KEY_FILE, "", NULL); 799 _PATH_HOST_RSA_KEY_FILE, "", NULL);
796 sensitive_data.keys[4] = key_load_private_type(KEY_DSA, 800 sensitive_data.keys[4] = key_load_private_type(KEY_DSA,
797 _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); 801 _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL);
802#ifdef OPENSSL_HAS_ECC
798 sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA, 803 sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA,
799 _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL); 804 _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL);
805#endif
800 sensitive_data.keys[6] = key_load_private_type(KEY_RSA, 806 sensitive_data.keys[6] = key_load_private_type(KEY_RSA,
801 _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); 807 _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL);
802 PRIV_END; 808 PRIV_END;
@@ -808,14 +814,18 @@ main(int ac, char **av)
808 sensitive_data.keys[6] == NULL) { 814 sensitive_data.keys[6] == NULL) {
809 sensitive_data.keys[1] = key_load_cert( 815 sensitive_data.keys[1] = key_load_cert(
810 _PATH_HOST_DSA_KEY_FILE); 816 _PATH_HOST_DSA_KEY_FILE);
817#ifdef OPENSSL_HAS_ECC
811 sensitive_data.keys[2] = key_load_cert( 818 sensitive_data.keys[2] = key_load_cert(
812 _PATH_HOST_ECDSA_KEY_FILE); 819 _PATH_HOST_ECDSA_KEY_FILE);
820#endif
813 sensitive_data.keys[3] = key_load_cert( 821 sensitive_data.keys[3] = key_load_cert(
814 _PATH_HOST_RSA_KEY_FILE); 822 _PATH_HOST_RSA_KEY_FILE);
815 sensitive_data.keys[4] = key_load_public( 823 sensitive_data.keys[4] = key_load_public(
816 _PATH_HOST_DSA_KEY_FILE, NULL); 824 _PATH_HOST_DSA_KEY_FILE, NULL);
825#ifdef OPENSSL_HAS_ECC
817 sensitive_data.keys[5] = key_load_public( 826 sensitive_data.keys[5] = key_load_public(
818 _PATH_HOST_ECDSA_KEY_FILE, NULL); 827 _PATH_HOST_ECDSA_KEY_FILE, NULL);
828#endif
819 sensitive_data.keys[6] = key_load_public( 829 sensitive_data.keys[6] = key_load_public(
820 _PATH_HOST_RSA_KEY_FILE, NULL); 830 _PATH_HOST_RSA_KEY_FILE, NULL);
821 sensitive_data.external_keysign = 1; 831 sensitive_data.external_keysign = 1;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 02:44:28 +0000