diff options
author | Damien Miller <djm@mindrot.org> | 2014-02-04 11:03:36 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-02-04 11:03:36 +1100 |
commit | 4a1c7aa640fb97d3472d51b215b6a0ec0fd025c7 (patch) | |
tree | 6fb1bfba860987b5d9042c478ae218d848850b64 | |
parent | 4e8d937af79ce4e253f77ec93489d098b25becc3 (diff) |
- markus@cvs.openbsd.org 2014/01/27 19:18:54
[auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c]
replace openssl MD5 with our ssh_digest_*; ok djm@
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | auth-rsa.c | 22 | ||||
-rw-r--r-- | cipher.c | 14 | ||||
-rw-r--r-- | ssh-agent.c | 16 | ||||
-rw-r--r-- | sshconnect1.c | 16 | ||||
-rw-r--r-- | sshd.c | 30 |
6 files changed, 58 insertions, 43 deletions
@@ -4,6 +4,9 @@ [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] replace openssl HMAC with an implementation based on our ssh_digest_* ok and feedback djm@ + - markus@cvs.openbsd.org 2014/01/27 19:18:54 + [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] + replace openssl MD5 with our ssh_digest_*; ok djm@ 20140131 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.86 2014/01/27 19:18:54 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -20,7 +20,6 @@ #include <sys/stat.h> #include <openssl/rsa.h> -#include <openssl/md5.h> #include <pwd.h> #include <stdio.h> @@ -48,6 +47,8 @@ #include "ssh.h" #include "misc.h" +#include "digest.h" + /* import */ extern ServerOptions options; @@ -91,12 +92,13 @@ int auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) { u_char buf[32], mdbuf[16]; - MD5_CTX md; + struct ssh_digest_ctx *md; int len; /* don't allow short keys */ if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { - error("auth_rsa_verify_response: RSA modulus too small: %d < minimum %d bits", + error("%s: RSA modulus too small: %d < minimum %d bits", + __func__, BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); return (0); } @@ -104,13 +106,15 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16]) /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); if (len <= 0 || len > 32) - fatal("auth_rsa_verify_response: bad challenge length %d", len); + fatal("%s: bad challenge length %d", __func__, len); memset(buf, 0, 32); BN_bn2bin(challenge, buf + 32 - len); - MD5_Init(&md); - MD5_Update(&md, buf, 32); - MD5_Update(&md, session_id, 16); - MD5_Final(mdbuf, &md); + if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || + ssh_digest_update(md, buf, 32) < 0 || + ssh_digest_update(md, session_id, 16) < 0 || + ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0) + fatal("%s: md5 failed", __func__); + ssh_digest_free(md); /* Verify that the response is the original challenge. */ if (timingsafe_bcmp(response, mdbuf, 16) != 0) { @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.94 2014/01/25 10:12:50 dtucker Exp $ */ +/* $OpenBSD: cipher.c,v 1.95 2014/01/27 19:18:54 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -39,8 +39,6 @@ #include <sys/types.h> -#include <openssl/md5.h> - #include <string.h> #include <stdarg.h> #include <stdio.h> @@ -49,6 +47,8 @@ #include "log.h" #include "misc.h" #include "cipher.h" +#include "buffer.h" +#include "digest.h" /* compatibility with old or broken OpenSSL versions */ #include "openbsd-compat/openssl-compat.h" @@ -436,17 +436,15 @@ void cipher_set_key_string(CipherContext *cc, const Cipher *cipher, const char *passphrase, int do_encrypt) { - MD5_CTX md; u_char digest[16]; - MD5_Init(&md); - MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase)); - MD5_Final(digest, &md); + if (ssh_digest_memory(SSH_DIGEST_MD5, passphrase, strlen(passphrase), + digest, sizeof(digest)) < 0) + fatal("%s: md5 failed", __func__); cipher_init(cc, cipher, digest, 16, NULL, 0, do_encrypt); memset(digest, 0, sizeof(digest)); - memset(&md, 0, sizeof(md)); } /* diff --git a/ssh-agent.c b/ssh-agent.c index 95117e07..256dff50 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.181 2013/12/19 01:19:41 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.182 2014/01/27 19:18:54 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -50,7 +50,6 @@ #include "openbsd-compat/sys-queue.h" #include <openssl/evp.h> -#include <openssl/md5.h> #include "openbsd-compat/openssl-compat.h" #include <errno.h> @@ -75,6 +74,7 @@ #include "compat.h" #include "log.h" #include "misc.h" +#include "digest.h" #ifdef ENABLE_PKCS11 #include "ssh-pkcs11.h" @@ -248,7 +248,7 @@ process_authentication_challenge1(SocketEntry *e) Identity *id; int i, len; Buffer msg; - MD5_CTX md; + struct ssh_digest_ctx *md; Key *key; buffer_init(&msg); @@ -284,10 +284,12 @@ process_authentication_challenge1(SocketEntry *e) } memset(buf, 0, 32); BN_bn2bin(challenge, buf + 32 - len); - MD5_Init(&md); - MD5_Update(&md, buf, 32); - MD5_Update(&md, session_id, 16); - MD5_Final(mdbuf, &md); + if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || + ssh_digest_update(md, buf, 32) < 0 || + ssh_digest_update(md, session_id, 16) < 0 || + ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0) + fatal("%s: md5 failed", __func__); + ssh_digest_free(md); /* Send the response. */ buffer_put_char(&msg, SSH_AGENT_RSA_RESPONSE); diff --git a/sshconnect1.c b/sshconnect1.c index 7bd6cb01..57713d24 100644 --- a/sshconnect1.c +++ b/sshconnect1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect1.c,v 1.72 2013/09/02 22:00:34 deraadt Exp $ */ +/* $OpenBSD: sshconnect1.c,v 1.73 2014/01/27 19:18:54 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -19,7 +19,6 @@ #include <sys/socket.h> #include <openssl/bn.h> -#include <openssl/md5.h> #include <stdarg.h> #include <stdio.h> @@ -47,6 +46,7 @@ #include "canohost.h" #include "hostfile.h" #include "auth.h" +#include "digest.h" /* Session id for the current session. */ u_char session_id[16]; @@ -161,7 +161,7 @@ static void respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) { u_char buf[32], response[16]; - MD5_CTX md; + struct ssh_digest_ctx *md; int i, len; /* Decrypt the challenge using the private key. */ @@ -179,10 +179,12 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) memset(buf, 0, sizeof(buf)); BN_bn2bin(challenge, buf + sizeof(buf) - len); - MD5_Init(&md); - MD5_Update(&md, buf, 32); - MD5_Update(&md, session_id, 16); - MD5_Final(response, &md); + if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || + ssh_digest_update(md, buf, 32) < 0 || + ssh_digest_update(md, session_id, 16) < 0 || + ssh_digest_final(md, response, sizeof(response)) < 0) + fatal("%s: md5 failed", __func__); + ssh_digest_free(md); debug("Sending response to host key RSA challenge."); @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.414 2014/01/09 23:26:48 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.415 2014/01/27 19:18:54 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -74,7 +74,6 @@ #include <openssl/dh.h> #include <openssl/bn.h> -#include <openssl/md5.h> #include <openssl/rand.h> #include "openbsd-compat/openssl-compat.h" @@ -96,6 +95,7 @@ #include "uidswap.h" #include "compat.h" #include "cipher.h" +#include "digest.h" #include "key.h" #include "kex.h" #include "dh.h" @@ -2360,19 +2360,25 @@ do_ssh1_kex(void) if (rsafail) { int bytes = BN_num_bytes(session_key_int); u_char *buf = xmalloc(bytes); - MD5_CTX md; + struct ssh_digest_ctx *md; logit("do_connection: generating a fake encryption key"); BN_bn2bin(session_key_int, buf); - MD5_Init(&md); - MD5_Update(&md, buf, bytes); - MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); - MD5_Final(session_key, &md); - MD5_Init(&md); - MD5_Update(&md, session_key, 16); - MD5_Update(&md, buf, bytes); - MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); - MD5_Final(session_key + 16, &md); + if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || + ssh_digest_update(md, buf, bytes) < 0 || + ssh_digest_update(md, sensitive_data.ssh1_cookie, + SSH_SESSION_KEY_LENGTH) < 0 || + ssh_digest_final(md, session_key, sizeof(session_key)) < 0) + fatal("%s: md5 failed", __func__); + ssh_digest_free(md); + if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || + ssh_digest_update(md, session_key, 16) < 0 || + ssh_digest_update(md, sensitive_data.ssh1_cookie, + SSH_SESSION_KEY_LENGTH) < 0 || + ssh_digest_final(md, session_key + 16, + sizeof(session_key) - 16) < 0) + fatal("%s: md5 failed", __func__); + ssh_digest_free(md); memset(buf, 0, bytes); free(buf); for (i = 0; i < 16; i++) |