diff options
Diffstat (limited to 'auth-rsa.c')
-rw-r--r-- | auth-rsa.c | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/auth-rsa.c b/auth-rsa.c index 545aa496a..5dad6c3dc 100644 --- a/auth-rsa.c +++ b/auth-rsa.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */ | 1 | /* $OpenBSD: auth-rsa.c,v 1.86 2014/01/27 19:18:54 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -20,7 +20,6 @@ | |||
20 | #include <sys/stat.h> | 20 | #include <sys/stat.h> |
21 | 21 | ||
22 | #include <openssl/rsa.h> | 22 | #include <openssl/rsa.h> |
23 | #include <openssl/md5.h> | ||
24 | 23 | ||
25 | #include <pwd.h> | 24 | #include <pwd.h> |
26 | #include <stdio.h> | 25 | #include <stdio.h> |
@@ -48,6 +47,8 @@ | |||
48 | #include "ssh.h" | 47 | #include "ssh.h" |
49 | #include "misc.h" | 48 | #include "misc.h" |
50 | 49 | ||
50 | #include "digest.h" | ||
51 | |||
51 | /* import */ | 52 | /* import */ |
52 | extern ServerOptions options; | 53 | extern ServerOptions options; |
53 | 54 | ||
@@ -91,12 +92,13 @@ int | |||
91 | auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) | 92 | auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) |
92 | { | 93 | { |
93 | u_char buf[32], mdbuf[16]; | 94 | u_char buf[32], mdbuf[16]; |
94 | MD5_CTX md; | 95 | struct ssh_digest_ctx *md; |
95 | int len; | 96 | int len; |
96 | 97 | ||
97 | /* don't allow short keys */ | 98 | /* don't allow short keys */ |
98 | if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { | 99 | if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { |
99 | error("auth_rsa_verify_response: RSA modulus too small: %d < minimum %d bits", | 100 | error("%s: RSA modulus too small: %d < minimum %d bits", |
101 | __func__, | ||
100 | BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); | 102 | BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); |
101 | return (0); | 103 | return (0); |
102 | } | 104 | } |
@@ -104,13 +106,15 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) | |||
104 | /* The response is MD5 of decrypted challenge plus session id. */ | 106 | /* The response is MD5 of decrypted challenge plus session id. */ |
105 | len = BN_num_bytes(challenge); | 107 | len = BN_num_bytes(challenge); |
106 | if (len <= 0 || len > 32) | 108 | if (len <= 0 || len > 32) |
107 | fatal("auth_rsa_verify_response: bad challenge length %d", len); | 109 | fatal("%s: bad challenge length %d", __func__, len); |
108 | memset(buf, 0, 32); | 110 | memset(buf, 0, 32); |
109 | BN_bn2bin(challenge, buf + 32 - len); | 111 | BN_bn2bin(challenge, buf + 32 - len); |
110 | MD5_Init(&md); | 112 | if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || |
111 | MD5_Update(&md, buf, 32); | 113 | ssh_digest_update(md, buf, 32) < 0 || |
112 | MD5_Update(&md, session_id, 16); | 114 | ssh_digest_update(md, session_id, 16) < 0 || |
113 | MD5_Final(mdbuf, &md); | 115 | ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0) |
116 | fatal("%s: md5 failed", __func__); | ||
117 | ssh_digest_free(md); | ||
114 | 118 | ||
115 | /* Verify that the response is the original challenge. */ | 119 | /* Verify that the response is the original challenge. */ |
116 | if (timingsafe_bcmp(response, mdbuf, 16) != 0) { | 120 | if (timingsafe_bcmp(response, mdbuf, 16) != 0) { |