Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:Update
pam_ssh
pam_ssh-openssl11.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File pam_ssh-openssl11.patch of Package pam_ssh
=================================================================== Index: pam_ssh-2.1/cipher.c =================================================================== --- pam_ssh-2.1.orig/cipher.c 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/cipher.c 2017-11-30 15:31:05.770390639 +0100 @@ -326,26 +326,26 @@ cipher_init(struct sshcipher_ctx *cc, co return SSH_ERR_INVALID_ARGUMENT; #else type = (*cipher->evptype)(); - EVP_CIPHER_CTX_init(&cc->evp); - if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv, + cc->evp = EVP_CIPHER_CTX_new(); + if (EVP_CipherInit(cc->evp, type, NULL, (u_char *)iv, (do_encrypt == CIPHER_ENCRYPT)) == 0) { ret = SSH_ERR_LIBCRYPTO_ERROR; goto bad; } if (cipher_authlen(cipher) && - !EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_SET_IV_FIXED, + !EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_SET_IV_FIXED, -1, (u_char *)iv)) { ret = SSH_ERR_LIBCRYPTO_ERROR; goto bad; } - klen = EVP_CIPHER_CTX_key_length(&cc->evp); + klen = EVP_CIPHER_CTX_key_length(cc->evp); if (klen > 0 && keylen != (u_int)klen) { - if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) { + if (EVP_CIPHER_CTX_set_key_length(cc->evp, keylen) == 0) { ret = SSH_ERR_LIBCRYPTO_ERROR; goto bad; } } - if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0) { + if (EVP_CipherInit(cc->evp, NULL, (u_char *)key, NULL, -1) == 0) { ret = SSH_ERR_LIBCRYPTO_ERROR; goto bad; } @@ -358,14 +358,14 @@ cipher_init(struct sshcipher_ctx *cc, co ret = SSH_ERR_ALLOC_FAIL; goto bad; } - ret = EVP_Cipher(&cc->evp, discard, junk, cipher->discard_len); + ret = EVP_Cipher(cc->evp, discard, junk, cipher->discard_len); explicit_bzero(discard, cipher->discard_len); free(junk); free(discard); if (ret != 1) { ret = SSH_ERR_LIBCRYPTO_ERROR; bad: - EVP_CIPHER_CTX_cleanup(&cc->evp); + EVP_CIPHER_CTX_cleanup(cc->evp); return ret; } } @@ -412,33 +412,33 @@ cipher_crypt(struct sshcipher_ctx *cc, u if (authlen != cipher_authlen(cc->cipher)) return SSH_ERR_INVALID_ARGUMENT; /* increment IV */ - if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN, + if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, 1, lastiv)) return SSH_ERR_LIBCRYPTO_ERROR; /* set tag on decyption */ if (!cc->encrypt && - !EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_SET_TAG, + !EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_SET_TAG, authlen, (u_char *)src + aadlen + len)) return SSH_ERR_LIBCRYPTO_ERROR; } if (aadlen) { if (authlen && - EVP_Cipher(&cc->evp, NULL, (u_char *)src, aadlen) < 0) + EVP_Cipher(cc->evp, NULL, (u_char *)src, aadlen) < 0) return SSH_ERR_LIBCRYPTO_ERROR; memcpy(dest, src, aadlen); } if (len % cc->cipher->block_size) return SSH_ERR_INVALID_ARGUMENT; - if (EVP_Cipher(&cc->evp, dest + aadlen, (u_char *)src + aadlen, + if (EVP_Cipher(cc->evp, dest + aadlen, (u_char *)src + aadlen, len) < 0) return SSH_ERR_LIBCRYPTO_ERROR; if (authlen) { /* compute tag (on encrypt) or verify tag (on decrypt) */ - if (EVP_Cipher(&cc->evp, NULL, NULL, 0) < 0) + if (EVP_Cipher(cc->evp, NULL, NULL, 0) < 0) return cc->encrypt ? SSH_ERR_LIBCRYPTO_ERROR : SSH_ERR_MAC_INVALID; if (cc->encrypt && - !EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_GET_TAG, + !EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_GET_TAG, authlen, dest + aadlen + len)) return SSH_ERR_LIBCRYPTO_ERROR; } @@ -471,7 +471,7 @@ cipher_cleanup(struct sshcipher_ctx *cc) else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx)); #ifdef WITH_OPENSSL - else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) + else if (EVP_CIPHER_CTX_cleanup(cc->evp) == 0) return SSH_ERR_LIBCRYPTO_ERROR; #endif return 0; @@ -518,7 +518,7 @@ cipher_get_keyiv_len(const struct sshcip ivlen = 0; #ifdef WITH_OPENSSL else - ivlen = EVP_CIPHER_CTX_iv_length(&cc->evp); + ivlen = EVP_CIPHER_CTX_iv_length(cc->evp); #endif /* WITH_OPENSSL */ return (ivlen); } @@ -544,7 +544,7 @@ cipher_get_keyiv(struct sshcipher_ctx *c case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: - evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); + evplen = EVP_CIPHER_CTX_iv_length(cc->evp); if (evplen == 0) return 0; else if (evplen < 0) @@ -553,20 +553,20 @@ cipher_get_keyiv(struct sshcipher_ctx *c return SSH_ERR_INVALID_ARGUMENT; #ifndef OPENSSL_HAVE_EVPCTR if (c->evptype == evp_aes_128_ctr) - ssh_aes_ctr_iv(&cc->evp, 0, iv, len); + ssh_aes_ctr_iv(cc->evp, 0, iv, len); else #endif if (cipher_authlen(c)) { - if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN, + if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, len, iv)) return SSH_ERR_LIBCRYPTO_ERROR; } else - memcpy(iv, cc->evp.iv, len); + memcpy(iv, EVP_CIPHER_CTX_iv(cc->evp), len); break; #endif #ifdef WITH_SSH1 case SSH_CIPHER_3DES: - return ssh1_3des_iv(&cc->evp, 0, iv, 24); + return ssh1_3des_iv(cc->evp, 0, iv, 24); #endif default: return SSH_ERR_INVALID_ARGUMENT; @@ -592,21 +592,21 @@ cipher_set_keyiv(struct sshcipher_ctx *c case SSH_CIPHER_SSH2: case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: - evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); + evplen = EVP_CIPHER_CTX_iv_length(cc->evp); if (evplen <= 0) return SSH_ERR_LIBCRYPTO_ERROR; if (cipher_authlen(c)) { /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ - if (!EVP_CIPHER_CTX_ctrl(&cc->evp, + if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv)) return SSH_ERR_LIBCRYPTO_ERROR; } else - memcpy(cc->evp.iv, iv, evplen); + memcpy(EVP_CIPHER_CTX_iv_noconst(cc->evp), iv, evplen); break; #endif #ifdef WITH_SSH1 case SSH_CIPHER_3DES: - return ssh1_3des_iv(&cc->evp, 1, (u_char *)iv, 24); + return ssh1_3des_iv(cc->evp, 1, (u_char *)iv, 24); #endif default: return SSH_ERR_INVALID_ARGUMENT; @@ -615,8 +615,8 @@ cipher_set_keyiv(struct sshcipher_ctx *c } #ifdef WITH_OPENSSL -#define EVP_X_STATE(evp) (evp).cipher_data -#define EVP_X_STATE_LEN(evp) (evp).cipher->ctx_size +#define EVP_X_STATE(evp) EVP_CIPHER_CTX_get_cipher_data(evp) +#define EVP_X_STATE_LEN(evp) EVP_CIPHER_impl_ctx_size(EVP_CIPHER_CTX_cipher(evp)) #endif int Index: pam_ssh-2.1/cipher.h =================================================================== --- pam_ssh-2.1.orig/cipher.h 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/cipher.h 2017-11-30 15:31:05.770390639 +0100 @@ -66,7 +66,7 @@ struct sshcipher; struct sshcipher_ctx { int plaintext; int encrypt; - EVP_CIPHER_CTX evp; + EVP_CIPHER_CTX *evp; struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ struct aesctr_ctx ac_ctx; /* XXX union with evp? */ const struct sshcipher *cipher; Index: pam_ssh-2.1/cipher-3des1.c =================================================================== --- pam_ssh-2.1.orig/cipher-3des1.c 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/cipher-3des1.c 2017-11-30 15:46:13.340754169 +0100 @@ -59,7 +59,7 @@ */ struct ssh1_3des_ctx { - EVP_CIPHER_CTX k1, k2, k3; + EVP_CIPHER_CTX *k1, *k2, *k3; }; const EVP_CIPHER * evp_ssh1_3des(void); @@ -80,7 +80,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, cons if (key == NULL) return 1; if (enc == -1) - enc = ctx->encrypt; + enc = EVP_CIPHER_CTX_encrypting(ctx); k1 = k2 = k3 = (u_char *) key; k2 += 8; if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) { @@ -89,12 +89,17 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, cons else k1 += 16; } - EVP_CIPHER_CTX_init(&c->k1); - EVP_CIPHER_CTX_init(&c->k2); - EVP_CIPHER_CTX_init(&c->k3); - if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || - EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || - EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { + c->k1 = c->k2 = c->k3 = NULL; + c->k1 = EVP_CIPHER_CTX_new(); + c->k2 = EVP_CIPHER_CTX_new(); + c->k3 = EVP_CIPHER_CTX_new(); + if (c->k1 == NULL || c->k2 == NULL || c->k3 == NULL || + EVP_CipherInit(c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || + EVP_CipherInit(c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || + EVP_CipherInit(c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { + EVP_CIPHER_CTX_free(c->k1); + EVP_CIPHER_CTX_free(c->k2); + EVP_CIPHER_CTX_free(c->k3); explicit_bzero(c, sizeof(*c)); free(c); EVP_CIPHER_CTX_set_app_data(ctx, NULL); @@ -110,9 +115,9 @@ ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_cha if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) return 0; - if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 || - EVP_Cipher(&c->k2, dest, dest, len) == 0 || - EVP_Cipher(&c->k3, dest, dest, len) == 0) + if (EVP_Cipher(c->k1, dest, (u_char *)src, len) == 0 || + EVP_Cipher(c->k2, dest, dest, len) == 0 || + EVP_Cipher(c->k3, dest, dest, len) == 0) return 0; return 1; } @@ -123,9 +128,9 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) struct ssh1_3des_ctx *c; if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { - EVP_CIPHER_CTX_cleanup(&c->k1); - EVP_CIPHER_CTX_cleanup(&c->k2); - EVP_CIPHER_CTX_cleanup(&c->k3); + EVP_CIPHER_CTX_free(c->k1); + EVP_CIPHER_CTX_free(c->k2); + EVP_CIPHER_CTX_free(c->k3); explicit_bzero(c, sizeof(*c)); free(c); EVP_CIPHER_CTX_set_app_data(ctx, NULL); @@ -143,13 +148,13 @@ ssh1_3des_iv(EVP_CIPHER_CTX *evp, int do if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL) return SSH_ERR_INTERNAL_ERROR; if (doset) { - memcpy(c->k1.iv, iv, 8); - memcpy(c->k2.iv, iv + 8, 8); - memcpy(c->k3.iv, iv + 16, 8); + memcpy(EVP_CIPHER_CTX_iv_noconst(c->k1), iv, 8); + memcpy(EVP_CIPHER_CTX_iv_noconst(c->k2), iv + 8, 8); + memcpy(EVP_CIPHER_CTX_iv_noconst(c->k3), iv + 16, 8); } else { - memcpy(iv, c->k1.iv, 8); - memcpy(iv + 8, c->k2.iv, 8); - memcpy(iv + 16, c->k3.iv, 8); + memcpy(iv, EVP_CIPHER_CTX_iv(c->k1), 8); + memcpy(iv + 8, EVP_CIPHER_CTX_iv(c->k2), 8); + memcpy(iv + 16, EVP_CIPHER_CTX_iv(c->k3), 8); } return 0; } @@ -157,16 +162,13 @@ ssh1_3des_iv(EVP_CIPHER_CTX *evp, int do const EVP_CIPHER * evp_ssh1_3des(void) { - static EVP_CIPHER ssh1_3des; + static EVP_CIPHER *ssh1_3des_p; - memset(&ssh1_3des, 0, sizeof(EVP_CIPHER)); - ssh1_3des.nid = NID_undef; - ssh1_3des.block_size = 8; - ssh1_3des.iv_len = 0; - ssh1_3des.key_len = 16; - ssh1_3des.init = ssh1_3des_init; - ssh1_3des.cleanup = ssh1_3des_cleanup; - ssh1_3des.do_cipher = ssh1_3des_cbc; - ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH; - return &ssh1_3des; + ssh1_3des_p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/8, /*key_len*/16); /*XXX check return*/ + EVP_CIPHER_meth_set_iv_length(ssh1_3des_p, 0); + EVP_CIPHER_meth_set_init(ssh1_3des_p, ssh1_3des_init); + EVP_CIPHER_meth_set_cleanup(ssh1_3des_p, ssh1_3des_cleanup); + EVP_CIPHER_meth_set_do_cipher(ssh1_3des_p, ssh1_3des_cbc); + EVP_CIPHER_meth_set_flags(ssh1_3des_p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH); + return ssh1_3des_p; } Index: pam_ssh-2.1/configure.ac =================================================================== --- pam_ssh-2.1.orig/configure.ac 2015-05-05 16:15:23.000000000 +0200 +++ pam_ssh-2.1/configure.ac 2017-11-30 15:31:05.770390639 +0100 @@ -227,7 +227,7 @@ AC_MSG_CHECKING([whether OpenSSL's heade AC_RUN_IFELSE([AC_LANG_SOURCE([[ #include <string.h> #include <openssl/opensslv.h> -int main(void) { return(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } +int main(void) { return(OpenSSL_version_num() == OPENSSL_VERSION_NUMBER ? 0 : 1); } ]])],[ AC_MSG_RESULT(yes) ],[ Index: pam_ssh-2.1/configure =================================================================== --- pam_ssh-2.1.orig/configure 2015-05-05 16:23:18.000000000 +0200 +++ pam_ssh-2.1/configure 2017-11-30 15:31:05.770390639 +0100 @@ -11799,7 +11799,7 @@ else #include <string.h> #include <openssl/opensslv.h> -int main(void) { return(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } +int main(void) { return(OpenSSL_version_num() == OPENSSL_VERSION_NUMBER ? 0 : 1); } _ACEOF if ac_fn_c_try_run "$LINENO"; then : Index: pam_ssh-2.1/digest-openssl.c =================================================================== --- pam_ssh-2.1.orig/digest-openssl.c 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/digest-openssl.c 2017-11-30 15:31:05.770390639 +0100 @@ -41,7 +41,7 @@ struct ssh_digest_ctx { int alg; - EVP_MD_CTX mdctx; + EVP_MD_CTX *mdctx; }; struct ssh_digest { Index: pam_ssh-2.1/rsa.c =================================================================== --- pam_ssh-2.1.orig/rsa.c 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/rsa.c 2017-11-30 15:31:05.770390639 +0100 @@ -76,11 +76,14 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM * { u_char *inbuf = NULL, *outbuf = NULL; int len, ilen, olen, r = SSH_ERR_INTERNAL_ERROR; + const BIGNUM *n, *e; - if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) + RSA_get0_key(key, &n, &e, NULL); + + if (BN_num_bits(e) < 2 || !BN_is_odd(e)) return SSH_ERR_INVALID_ARGUMENT; - olen = BN_num_bytes(key->n); + olen = BN_num_bytes(n); if ((outbuf = malloc(olen)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; @@ -122,8 +125,11 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM { u_char *inbuf = NULL, *outbuf = NULL; int len, ilen, olen, r = SSH_ERR_INTERNAL_ERROR; + const BIGNUM *n; + + RSA_get0_key(key, &n, NULL, NULL); - olen = BN_num_bytes(key->n); + olen = BN_num_bytes(n); if ((outbuf = malloc(olen)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; @@ -159,26 +165,37 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM /* calculate p-1 and q-1 */ int -rsa_generate_additional_parameters(RSA *rsa) +rsa_generate_additional_parameters(RSA *rsa, BIGNUM *iqmp) { BIGNUM *aux = NULL; + BIGNUM *dmp1 = NULL; + BIGNUM *dmq1 = NULL; + const BIGNUM *p, *q, *d; BN_CTX *ctx = NULL; int r; + RSA_get0_factors(rsa, &p, &q); + RSA_get0_key(rsa, NULL, NULL, &d); + if ((ctx = BN_CTX_new()) == NULL) return SSH_ERR_ALLOC_FAIL; - if ((aux = BN_new()) == NULL) { + if ((aux = BN_new()) == NULL || + (dmp1 = BN_new()) == NULL || + (dmq1 = BN_new()) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } - if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) || - (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) || - (BN_sub(aux, rsa->p, BN_value_one()) == 0) || - (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0)) { + if ((BN_sub(aux, q, BN_value_one()) == 0) || + (BN_mod(dmq1, d, aux, ctx) == 0) || + (BN_sub(aux, p, BN_value_one()) == 0) || + (BN_mod(dmp1, d, aux, ctx) == 0) || + (RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp) == 0)) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } + dmp1 = NULL; + dmq1 = NULL; r = 0; out: BN_clear_free(aux); Index: pam_ssh-2.1/rsa.h =================================================================== --- pam_ssh-2.1.orig/rsa.h 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/rsa.h 2017-11-30 15:31:05.774390701 +0100 @@ -21,6 +21,6 @@ int rsa_public_encrypt(BIGNUM *, BIGNUM *, RSA *); int rsa_private_decrypt(BIGNUM *, BIGNUM *, RSA *); -int rsa_generate_additional_parameters(RSA *); +int rsa_generate_additional_parameters(RSA *, BIGNUM *); #endif /* RSA_H */ Index: pam_ssh-2.1/ssh-ecdsa.c =================================================================== --- pam_ssh-2.1.orig/ssh-ecdsa.c 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/ssh-ecdsa.c 2017-11-30 15:31:05.774390701 +0100 @@ -123,6 +123,7 @@ ssh_ecdsa_verify(const struct sshkey *ke int ret = SSH_ERR_INTERNAL_ERROR; struct sshbuf *b = NULL, *sigbuf = NULL; char *ktype = NULL; + BIGNUM *r = NULL, *s = NULL; if (key == NULL || key->ecdsa == NULL || sshkey_type_plain(key->type) != KEY_ECDSA) @@ -150,15 +151,23 @@ ssh_ecdsa_verify(const struct sshkey *ke } /* parse signature */ - if ((sig = ECDSA_SIG_new()) == NULL) { + if ((sig = ECDSA_SIG_new()) == NULL || + (r = BN_new()) == NULL || + (s = BN_new()) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; } - if (sshbuf_get_bignum2(sigbuf, sig->r) != 0 || - sshbuf_get_bignum2(sigbuf, sig->s) != 0) { + if (sshbuf_get_bignum2(sigbuf, r) != 0 || + sshbuf_get_bignum2(sigbuf, s) != 0) { ret = SSH_ERR_INVALID_FORMAT; goto out; } + if (ECDSA_SIG_set0(sig, r, s) == 0) { + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + r = NULL; + s = NULL; if (sshbuf_len(sigbuf) != 0) { ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; goto out; @@ -185,6 +194,8 @@ ssh_ecdsa_verify(const struct sshkey *ke sshbuf_free(sigbuf); if (b != NULL) sshbuf_free(b); + BN_free(r); + BN_free(s); if (sig != NULL) ECDSA_SIG_free(sig); free(ktype); Index: pam_ssh-2.1/ssh-dss.c =================================================================== --- pam_ssh-2.1.orig/ssh-dss.c 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/ssh-dss.c 2017-11-30 15:31:05.774390701 +0100 @@ -139,6 +139,7 @@ ssh_dss_verify(const struct sshkey *key, int ret = SSH_ERR_INTERNAL_ERROR; struct sshbuf *b = NULL; char *ktype = NULL; + BIGNUM *r = NULL, *s = NULL; if (key == NULL || key->dsa == NULL || sshkey_type_plain(key->type) != KEY_DSA) @@ -178,16 +179,19 @@ ssh_dss_verify(const struct sshkey *key, /* parse signature */ if ((sig = DSA_SIG_new()) == NULL || - (sig->r = BN_new()) == NULL || - (sig->s = BN_new()) == NULL) { + (r = BN_new()) == NULL || + (s = BN_new()) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; } - if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) || - (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL)) { + if ((BN_bin2bn(sigblob, INTBLOB_LEN, r) == NULL) || + (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, s) == NULL) || + (DSA_SIG_set0(sig, r, s) == 0)) { ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } + r = NULL; + s = NULL; /* sha1 the data */ if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen, @@ -208,6 +212,8 @@ ssh_dss_verify(const struct sshkey *key, out: explicit_bzero(digest, sizeof(digest)); + BN_free(r); + BN_free(s); if (sig != NULL) DSA_SIG_free(sig); if (b != NULL) Index: pam_ssh-2.1/ssh-rsa.c =================================================================== --- pam_ssh-2.1.orig/ssh-rsa.c 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/ssh-rsa.c 2017-11-30 15:31:05.774390701 +0100 @@ -129,7 +129,7 @@ ssh_rsa_verify(const struct sshkey *key, if (key == NULL || key->rsa == NULL || sshkey_type_plain(key->type) != KEY_RSA || - BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) + RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) return SSH_ERR_INVALID_ARGUMENT; if ((b = sshbuf_from(signature, signaturelen)) == NULL) Index: pam_ssh-2.1/sshkey.c =================================================================== --- pam_ssh-2.1.orig/sshkey.c 2015-05-03 13:36:07.000000000 +0200 +++ pam_ssh-2.1/sshkey.c 2017-11-30 15:31:05.774390701 +0100 @@ -492,11 +492,7 @@ sshkey_new(int type) case KEY_RSA: case KEY_RSA_CERT_V00: case KEY_RSA_CERT: - if ((rsa = RSA_new()) == NULL || - (rsa->n = BN_new()) == NULL || - (rsa->e = BN_new()) == NULL) { - if (rsa != NULL) - RSA_free(rsa); + if ((rsa = RSA_new()) == NULL) { free(k); return NULL; } @@ -505,13 +501,7 @@ sshkey_new(int type) case KEY_DSA: case KEY_DSA_CERT_V00: case KEY_DSA_CERT: - if ((dsa = DSA_new()) == NULL || - (dsa->p = BN_new()) == NULL || - (dsa->q = BN_new()) == NULL || - (dsa->g = BN_new()) == NULL || - (dsa->pub_key = BN_new()) == NULL) { - if (dsa != NULL) - DSA_free(dsa); + if ((dsa = DSA_new()) == NULL) { free(k); return NULL; } @@ -553,22 +543,11 @@ sshkey_add_private(struct sshkey *k) case KEY_RSA: case KEY_RSA_CERT_V00: case KEY_RSA_CERT: -#define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL) - if (bn_maybe_alloc_failed(k->rsa->d) || - bn_maybe_alloc_failed(k->rsa->iqmp) || - bn_maybe_alloc_failed(k->rsa->q) || - bn_maybe_alloc_failed(k->rsa->p) || - bn_maybe_alloc_failed(k->rsa->dmq1) || - bn_maybe_alloc_failed(k->rsa->dmp1)) - return SSH_ERR_ALLOC_FAIL; break; case KEY_DSA: case KEY_DSA_CERT_V00: case KEY_DSA_CERT: - if (bn_maybe_alloc_failed(k->dsa->priv_key)) - return SSH_ERR_ALLOC_FAIL; break; -#undef bn_maybe_alloc_failed case KEY_ECDSA: case KEY_ECDSA_CERT: /* Cannot do anything until we know the group */ @@ -1762,15 +1741,32 @@ sshkey_from_private(const struct sshkey #ifdef WITH_OPENSSL case KEY_DSA: case KEY_DSA_CERT_V00: - case KEY_DSA_CERT: - if ((n = sshkey_new(k->type)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) || - (BN_copy(n->dsa->q, k->dsa->q) == NULL) || - (BN_copy(n->dsa->g, k->dsa->g) == NULL) || - (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL)) { - sshkey_free(n); - return SSH_ERR_ALLOC_FAIL; + case KEY_DSA_CERT: { + const BIGNUM *k_p, *k_q, *k_g, *k_pub_key; + BIGNUM *n_p = NULL, *n_q = NULL, *n_g = NULL, *n_pub_key = NULL; + + if ((n = sshkey_new(k->type)) == NULL) + return SSH_ERR_ALLOC_FAIL; + + DSA_get0_pqg(k->dsa, &k_p, &k_q, &k_g); + DSA_get0_key(k->dsa, &k_pub_key, NULL); + + if (((n_p = BN_dup(k_p)) == NULL) || + ((n_q = BN_dup(k_q)) == NULL) || + ((n_g = BN_dup(k_g)) == NULL) || + (DSA_set0_pqg(n->dsa, n_p, n_q, n_g) == 0)) { + sshkey_free(n); + BN_free(n_p); + BN_free(n_q); + BN_free(n_g); + return SSH_ERR_ALLOC_FAIL; + } + if (((n_pub_key = BN_dup(k_pub_key)) == NULL) || + (DSA_set0_key(n->dsa, n_pub_key, NULL) == 0)) { + sshkey_free(n); + BN_free(n_pub_key); + return SSH_ERR_ALLOC_FAIL; + } } break; # ifdef OPENSSL_HAS_ECC @@ -1794,13 +1790,22 @@ sshkey_from_private(const struct sshkey case KEY_RSA: case KEY_RSA1: case KEY_RSA_CERT_V00: - case KEY_RSA_CERT: - if ((n = sshkey_new(k->type)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) || - (BN_copy(n->rsa->e, k->rsa->e) == NULL)) { - sshkey_free(n); - return SSH_ERR_ALLOC_FAIL; + case KEY_RSA_CERT: { + const BIGNUM *k_n, *k_e; + BIGNUM *n_n = NULL, *n_e = NULL; + + if ((n = sshkey_new(k->type)) == NULL) + return SSH_ERR_ALLOC_FAIL; + + RSA_get0_key(k->rsa, &k_n, &k_e, NULL); + if (((n_n = BN_dup(k_n)) == NULL) || + ((n_e = BN_dup(k_e)) == NULL) || + RSA_set0_key(n->rsa, n_n, n_e, NULL) == 0) { + sshkey_free(n); + BN_free(n_n); + BN_free(n_e); + return SSH_ERR_ALLOC_FAIL; + } } break; #endif /* WITH_OPENSSL */ @@ -2009,10 +2014,20 @@ sshkey_from_blob_internal(const u_char * ret = SSH_ERR_ALLOC_FAIL; goto out; } - if (sshbuf_get_bignum2(b, key->rsa->e) == -1 || - sshbuf_get_bignum2(b, key->rsa->n) == -1) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; + { + BIGNUM *e, *n; + + e = BN_new(); + n = BN_new(); + if (e == NULL || n == NULL || + sshbuf_get_bignum2(b, e) != 0 || + sshbuf_get_bignum2(b, n) != 0 || + RSA_set0_key(key->rsa, n, e, NULL) == 0) { + BN_free(e); + BN_free(n); + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } } #ifdef DEBUG_PK RSA_print_fp(stderr, key->rsa, 8); @@ -2030,12 +2045,34 @@ sshkey_from_blob_internal(const u_char * ret = SSH_ERR_ALLOC_FAIL; goto out; } - if (sshbuf_get_bignum2(b, key->dsa->p) == -1 || - sshbuf_get_bignum2(b, key->dsa->q) == -1 || - sshbuf_get_bignum2(b, key->dsa->g) == -1 || - sshbuf_get_bignum2(b, key->dsa->pub_key) == -1) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; + { + BIGNUM *p, *q, *g, *pub_key; + + p = BN_new(); + q = BN_new(); + g = BN_new(); + pub_key = BN_new(); + + if (p == NULL || q == NULL || g == NULL || + pub_key == NULL || + sshbuf_get_bignum2(b, p) != 0 || + sshbuf_get_bignum2(b, q) != 0 || + sshbuf_get_bignum2(b, g) != 0 || + sshbuf_get_bignum2(b, pub_key) != 0 || + DSA_set0_pqg(key->dsa, p, q, g) == 0) { + BN_free(p); + BN_free(q); + BN_free(g); + BN_free(pub_key); + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } + + if (DSA_set0_key(key->dsa, pub_key, NULL) == 0) { + BN_free(pub_key); + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } } #ifdef DEBUG_PK DSA_print_fp(stderr, key->dsa, 8); @@ -2114,11 +2151,6 @@ sshkey_from_blob_internal(const u_char * pk = NULL; break; case KEY_UNSPEC: - if ((key = sshkey_new(type)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - break; default: ret = SSH_ERR_KEY_TYPE_UNKNOWN; goto out; @@ -2263,27 +2295,54 @@ sshkey_demote(const struct sshkey *k, st goto fail; /* FALLTHROUGH */ case KEY_RSA1: - case KEY_RSA: - if ((pk->rsa = RSA_new()) == NULL || - (pk->rsa->e = BN_dup(k->rsa->e)) == NULL || - (pk->rsa->n = BN_dup(k->rsa->n)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto fail; + case KEY_RSA: { + const BIGNUM *k_e, *k_n; + BIGNUM *pk_e = NULL, *pk_n = NULL; + + RSA_get0_key(k->rsa, &k_n, &k_e, NULL); + if ((pk->rsa = RSA_new()) == NULL || + (pk_e = BN_dup(k_e)) == NULL || + (pk_n = BN_dup(k_n)) == NULL || + RSA_set0_key(pk->rsa, pk_n, pk_e, NULL) == 0) { + BN_free(pk_e); + BN_free(pk_n); + ret = SSH_ERR_ALLOC_FAIL; + goto fail; } + } break; case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if ((ret = sshkey_cert_copy(k, pk)) != 0) goto fail; /* FALLTHROUGH */ - case KEY_DSA: - if ((pk->dsa = DSA_new()) == NULL || - (pk->dsa->p = BN_dup(k->dsa->p)) == NULL || - (pk->dsa->q = BN_dup(k->dsa->q)) == NULL || - (pk->dsa->g = BN_dup(k->dsa->g)) == NULL || - (pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto fail; + case KEY_DSA: { + const BIGNUM *k_p, *k_q, *k_g, *k_pub_key; + BIGNUM *pk_p = NULL, *pk_q = NULL, *pk_g = NULL; + BIGNUM *pk_pub_key = NULL; + + DSA_get0_pqg(k->dsa, &k_p, &k_q, &k_g); + DSA_get0_key(k->dsa, &k_pub_key, NULL); + + if ((pk->dsa = DSA_new()) == NULL || + (pk_p = BN_dup(k_p)) == NULL || + (pk_q = BN_dup(k_q)) == NULL || + (pk_g = BN_dup(k_g)) == NULL || + (pk_pub_key = BN_dup(k_pub_key)) == NULL || + DSA_set0_pqg(pk->dsa, pk_p, pk_q, pk_g) == 0) { + BN_free(pk_p); + BN_free(pk_q); + BN_free(pk_g); + BN_free(pk_pub_key); + ret = SSH_ERR_ALLOC_FAIL; + goto fail; + } + + if (DSA_set0_key(pk->dsa, pk_pub_key, NULL) == 0) { + BN_free(pk_pub_key); + ret = SSH_ERR_LIBCRYPTO_ERROR; + goto fail; + } } break; case KEY_ECDSA_CERT: @@ -2576,14 +2635,19 @@ sshkey_private_serialize(const struct ss goto out; switch (key->type) { #ifdef WITH_OPENSSL - case KEY_RSA: - if ((r = sshbuf_put_bignum2(b, key->rsa->n)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->e)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->d)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->iqmp)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->p)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0) - goto out; + case KEY_RSA: { + const BIGNUM *n, *e, *d, *iqmp, *p, *q; + RSA_get0_key(key->rsa, &n, &e, &d); + RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp); + RSA_get0_factors(key->rsa, &p, &q); + if ((r = sshbuf_put_bignum2(b, n)) != 0 || + (r = sshbuf_put_bignum2(b, e)) != 0 || + (r = sshbuf_put_bignum2(b, d)) != 0 || + (r = sshbuf_put_bignum2(b, iqmp)) != 0 || + (r = sshbuf_put_bignum2(b, p)) != 0 || + (r = sshbuf_put_bignum2(b, q)) != 0) + goto out; + } break; case KEY_RSA_CERT_V00: case KEY_RSA_CERT: @@ -2591,20 +2655,32 @@ sshkey_private_serialize(const struct ss r = SSH_ERR_INVALID_ARGUMENT; goto out; } - if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->d)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->iqmp)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->p)) != 0 || - (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0) - goto out; + { + const BIGNUM *d, *iqmp, *p, *q; + + RSA_get0_key(key->rsa, NULL, NULL, &d); + RSA_get0_factors(key->rsa, &p, &q); + RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp); + if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || + (r = sshbuf_put_bignum2(b, d)) != 0 || + (r = sshbuf_put_bignum2(b, iqmp)) != 0 || + (r = sshbuf_put_bignum2(b, p)) != 0 || + (r = sshbuf_put_bignum2(b, q)) != 0) + goto out; + } break; - case KEY_DSA: - if ((r = sshbuf_put_bignum2(b, key->dsa->p)) != 0 || - (r = sshbuf_put_bignum2(b, key->dsa->q)) != 0 || - (r = sshbuf_put_bignum2(b, key->dsa->g)) != 0 || - (r = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0 || - (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0) - goto out; + case KEY_DSA: { + const BIGNUM *p, *q, *g, *pub_key, *priv_key; + + DSA_get0_pqg(key->dsa, &p, &q, &g); + DSA_get0_key(key->dsa, &pub_key, &priv_key); + if ((r = sshbuf_put_bignum2(b, p)) != 0 || + (r = sshbuf_put_bignum2(b, q)) != 0 || + (r = sshbuf_put_bignum2(b, g)) != 0 || + (r = sshbuf_put_bignum2(b, pub_key)) != 0 || + (r = sshbuf_put_bignum2(b, priv_key)) != 0) + goto out; + } break; case KEY_DSA_CERT_V00: case KEY_DSA_CERT: @@ -2612,9 +2688,14 @@ sshkey_private_serialize(const struct ss r = SSH_ERR_INVALID_ARGUMENT; goto out; } - if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || - (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0) - goto out; + { + const BIGNUM *priv_key; + + DSA_get0_key(key->dsa, NULL, &priv_key); + if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || + (r = sshbuf_put_bignum2(b, priv_key)) != 0) + goto out; + } break; # ifdef OPENSSL_HAS_ECC case KEY_ECDSA: @@ -2692,20 +2773,53 @@ sshkey_private_deserialize(struct sshbuf r = SSH_ERR_ALLOC_FAIL; goto out; } - if ((r = sshbuf_get_bignum2(buf, k->dsa->p)) != 0 || - (r = sshbuf_get_bignum2(buf, k->dsa->q)) != 0 || - (r = sshbuf_get_bignum2(buf, k->dsa->g)) != 0 || - (r = sshbuf_get_bignum2(buf, k->dsa->pub_key)) != 0 || - (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0) - goto out; + { + BIGNUM *p, *q, *g, *pub_key, *priv_key; + + p = BN_new(); + q = BN_new(); + g = BN_new(); + pub_key = BN_new(); + priv_key = BN_new(); + if (p == NULL || q == NULL || g == NULL || + pub_key == NULL || priv_key == NULL || + (r = sshbuf_get_bignum2(buf, p)) != 0 || + (r = sshbuf_get_bignum2(buf, q)) != 0 || + (r = sshbuf_get_bignum2(buf, g)) != 0 || + (r = sshbuf_get_bignum2(buf, pub_key)) != 0 || + (r = sshbuf_get_bignum2(buf, priv_key)) != 0 || + (r = ((DSA_set0_pqg(k->dsa, p, q, g) == 0) + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { + BN_free(p); + BN_free(q); + BN_free(g); + BN_free(pub_key); + BN_free(priv_key); + goto out; + } + if (DSA_set0_key(k->dsa, pub_key, priv_key) == 0) { + r = SSH_ERR_LIBCRYPTO_ERROR; + BN_free(pub_key); + BN_free(priv_key); + goto out; + } + } break; case KEY_DSA_CERT_V00: - case KEY_DSA_CERT: - if ((r = sshbuf_get_string_direct(buf, &cert, &len)) != 0 || - (r = sshkey_from_blob(cert, len, &k)) != 0 || - (r = sshkey_add_private(k)) != 0 || - (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0) - goto out; + case KEY_DSA_CERT: { + BIGNUM *priv_key = BN_new(); + + if (priv_key == NULL || + (r = sshbuf_get_string_direct(buf, &cert, &len)) != 0 || + (r = sshkey_from_blob(cert, len, &k)) != 0 || + (r = sshkey_add_private(k)) != 0 || + (r = sshbuf_get_bignum2(buf, priv_key)) != 0 || + (r = ((DSA_set0_key(k->dsa, NULL, priv_key) == 0) + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { + BN_free(priv_key); + goto out; + } + } break; # ifdef OPENSSL_HAS_ECC case KEY_ECDSA: @@ -2765,26 +2879,86 @@ sshkey_private_deserialize(struct sshbuf r = SSH_ERR_ALLOC_FAIL; goto out; } - if ((r = sshbuf_get_bignum2(buf, k->rsa->n)) != 0 || - (r = sshbuf_get_bignum2(buf, k->rsa->e)) != 0 || - (r = sshbuf_get_bignum2(buf, k->rsa->d)) != 0 || - (r = sshbuf_get_bignum2(buf, k->rsa->iqmp)) != 0 || - (r = sshbuf_get_bignum2(buf, k->rsa->p)) != 0 || - (r = sshbuf_get_bignum2(buf, k->rsa->q)) != 0 || - (r = rsa_generate_additional_parameters(k->rsa)) != 0) - goto out; + { + BIGNUM *n, *e, *d, *iqmp, *p, *q; + + n = BN_new(); + e = BN_new(); + d = BN_new(); + iqmp = BN_new(); + p = BN_new(); + q = BN_new(); + + if (n == NULL || e == NULL || d == NULL || + iqmp == NULL || p == NULL || q == NULL || + (r = sshbuf_get_bignum2(buf, n)) != 0 || + (r = sshbuf_get_bignum2(buf, e)) != 0 || + (r = sshbuf_get_bignum2(buf, d)) != 0 || + (r = sshbuf_get_bignum2(buf, iqmp)) != 0 || + (r = sshbuf_get_bignum2(buf, p)) != 0 || + (r = sshbuf_get_bignum2(buf, q)) != 0 || + (r = ((RSA_set0_key(k->rsa, n, e, d) == 0) + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { + BN_free(n); + BN_free(e); + BN_free(d); + BN_free(iqmp); + BN_free(p); + BN_free(q); + goto out; + } + if (RSA_set0_factors(k->rsa, p, q) == 0) { + r = SSH_ERR_LIBCRYPTO_ERROR; + BN_free(iqmp); + BN_free(p); + BN_free(q); + goto out; + } + if ((r = rsa_generate_additional_parameters(k->rsa, iqmp)) != 0) { + BN_free(iqmp); + goto out; + } + } break; case KEY_RSA_CERT_V00: - case KEY_RSA_CERT: - if ((r = sshbuf_get_string_direct(buf, &cert, &len)) != 0 || - (r = sshkey_from_blob(cert, len, &k)) != 0 || - (r = sshkey_add_private(k)) != 0 || - (r = sshbuf_get_bignum2(buf, k->rsa->d) != 0) || - (r = sshbuf_get_bignum2(buf, k->rsa->iqmp) != 0) || - (r = sshbuf_get_bignum2(buf, k->rsa->p) != 0) || - (r = sshbuf_get_bignum2(buf, k->rsa->q) != 0) || - (r = rsa_generate_additional_parameters(k->rsa)) != 0) - goto out; + case KEY_RSA_CERT: { + BIGNUM *d, *iqmp, *p, *q; + + /* N and E are already set so make sure we will not overwrite them */ + d = BN_new(); + iqmp = BN_new(); + p = BN_new(); + q = BN_new(); + + if (d == NULL || iqmp == NULL || p == NULL || + q == NULL || + (r = sshbuf_get_string_direct(buf, &cert, &len)) != 0 || + (r = sshkey_from_blob(cert, len, &k)) != 0 || + (r = sshkey_add_private(k)) != 0 || + (r = sshbuf_get_bignum2(buf, d)) != 0 || + (r = sshbuf_get_bignum2(buf, iqmp)) != 0 || + (r = sshbuf_get_bignum2(buf, p)) != 0 || + (r = sshbuf_get_bignum2(buf, q)) != 0 || + (r = ((RSA_set0_key(k->rsa, NULL, NULL, d) == 0) + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { + BN_free(d); + BN_free(iqmp); + BN_free(p); + BN_free(q); + goto out; + } + if (RSA_set0_factors(k->rsa, p, q) == 0) { + r = SSH_ERR_LIBCRYPTO_ERROR; + BN_free(iqmp); + BN_free(p); + BN_free(q); + goto out; + } + if ((r = rsa_generate_additional_parameters(k->rsa, iqmp)) != 0) { + BN_free(iqmp); + goto out; + } + } break; #endif /* WITH_OPENSSL */ case KEY_ED25519: @@ -3636,11 +3810,20 @@ sshkey_parse_public_rsa1_fileblob(struct (r = sshbuf_get_u32(copy, NULL)) != 0) /* key bits */ goto out; + BIGNUM *n, *e; + e = BN_new(); + n = BN_new(); + /* Read the public key from the buffer. */ if ((pub = sshkey_new(KEY_RSA1)) == NULL || - (r = sshbuf_get_bignum1(copy, pub->rsa->n)) != 0 || - (r = sshbuf_get_bignum1(copy, pub->rsa->e)) != 0) + (r = sshbuf_get_bignum1(copy, n)) != 0 || + (r = sshbuf_get_bignum1(copy, e)) != 0 || + RSA_set0_key(pub->rsa, n, e, NULL) == 0) { + BN_free(e); + BN_free(n); + r = SSH_ERR_ALLOC_FAIL; goto out; + } /* Finally, the comment */ if ((r = sshbuf_get_string(copy, (u_char**)commentp, NULL)) != 0) @@ -3710,12 +3893,21 @@ sshkey_parse_private_rsa1(struct sshbuf (r = sshbuf_get_u32(copy, NULL)) != 0) /* reserved */ goto out; + BIGNUM *n, *e; + e = BN_new(); + n = BN_new(); + /* Read the public key and comment from the buffer. */ if ((r = sshbuf_get_u32(copy, NULL)) != 0 || /* key bits */ - (r = sshbuf_get_bignum1(copy, prv->rsa->n)) != 0 || - (r = sshbuf_get_bignum1(copy, prv->rsa->e)) != 0 || - (r = sshbuf_get_cstring(copy, &comment, NULL)) != 0) + (r = sshbuf_get_bignum1(copy, n)) != 0 || + (r = sshbuf_get_bignum1(copy, e)) != 0 || + (r = sshbuf_get_cstring(copy, &comment, NULL)) != 0 || + RSA_set0_key(prv->rsa, n, e, NULL) == 0) { + BN_free(e); + BN_free(n); + r = SSH_ERR_ALLOC_FAIL; goto out; + } /* Check that it is a supported cipher. */ cipher = cipher_by_number(cipher_type); @@ -3747,15 +3939,36 @@ sshkey_parse_private_rsa1(struct sshbuf goto out; } + BIGNUM *d, *iqmp, *p, *q; + d = BN_new(); + iqmp = BN_new(); + p = BN_new(); + q = BN_new(); + /* Read the rest of the private key. */ - if ((r = sshbuf_get_bignum1(decrypted, prv->rsa->d)) != 0 || - (r = sshbuf_get_bignum1(decrypted, prv->rsa->iqmp)) != 0 || - (r = sshbuf_get_bignum1(decrypted, prv->rsa->q)) != 0 || - (r = sshbuf_get_bignum1(decrypted, prv->rsa->p)) != 0) + if (d == NULL || iqmp == NULL || p == NULL || q == NULL || + (r = sshbuf_get_bignum1(decrypted, d)) != 0 || + (r = sshbuf_get_bignum1(decrypted, iqmp)) != 0 || + (r = sshbuf_get_bignum1(decrypted, q)) != 0 || + (r = sshbuf_get_bignum1(decrypted, p)) != 0 || + (r = ((RSA_set0_key(prv->rsa, NULL, NULL, d) == 0) + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0) { + BN_free(d); + BN_free(iqmp); + BN_free(p); + BN_free(q); goto out; + } + if (RSA_set0_factors(prv->rsa, p, q) == 0) { + r = SSH_ERR_LIBCRYPTO_ERROR; + BN_free(iqmp); + BN_free(p); + BN_free(q); + goto out; + } /* calculate p-1 and q-1 */ - if ((r = rsa_generate_additional_parameters(prv->rsa)) != 0) + if ((r = rsa_generate_additional_parameters(prv->rsa, iqmp)) != 0) goto out; /* enable blinding */ @@ -3814,7 +4027,7 @@ sshkey_parse_private_pem_fileblob(struct r = SSH_ERR_KEY_WRONG_PASSPHRASE; goto out; } - if (pk->type == EVP_PKEY_RSA && + if (EVP_PKEY_id(pk) == EVP_PKEY_RSA && (type == KEY_UNSPEC || type == KEY_RSA)) { if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { r = SSH_ERR_ALLOC_FAIL; @@ -3830,7 +4043,7 @@ sshkey_parse_private_pem_fileblob(struct r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } - } else if (pk->type == EVP_PKEY_DSA && + } else if (EVP_PKEY_id(pk) == EVP_PKEY_DSA && (type == KEY_UNSPEC || type == KEY_DSA)) { if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { r = SSH_ERR_ALLOC_FAIL; @@ -3843,7 +4056,7 @@ sshkey_parse_private_pem_fileblob(struct DSA_print_fp(stderr, prv->dsa, 8); #endif #ifdef OPENSSL_HAS_ECC - } else if (pk->type == EVP_PKEY_EC && + } else if (EVP_PKEY_id(pk) == EVP_PKEY_EC && (type == KEY_UNSPEC || type == KEY_ECDSA)) { if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { r = SSH_ERR_ALLOC_FAIL; Index: pam_ssh-2.1/authfd.c =================================================================== --- pam_ssh-2.1.orig/authfd.c 2015-05-03 13:30:39.000000000 +0200 +++ pam_ssh-2.1/authfd.c 2017-11-30 15:50:28.036813324 +0100 @@ -548,14 +548,17 @@ ssh_agent_sign(AuthenticationConnection static void ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) { - buffer_put_int(b, BN_num_bits(key->n)); - buffer_put_bignum(b, key->n); - buffer_put_bignum(b, key->e); - buffer_put_bignum(b, key->d); + const BIGNUM *n, *e, *d, *p, *q, *iqmp; + RSA_get0_key(key,&n,&e,&d); + buffer_put_int(b, BN_num_bits(n)); + buffer_put_bignum(b, n); + buffer_put_bignum(b, e); + buffer_put_bignum(b, d); + RSA_get0_crt_params(key, &p, &q, &iqmp); /* To keep within the protocol: p < q for ssh. in SSL p > q */ - buffer_put_bignum(b, key->iqmp); /* ssh key->u */ - buffer_put_bignum(b, key->q); /* ssh key->p, SSL key->q */ - buffer_put_bignum(b, key->p); /* ssh key->q, SSL key->p */ + buffer_put_bignum(b, iqmp); /* ssh key->u */ + buffer_put_bignum(b, q); /* ssh key->p, SSL key->q */ + buffer_put_bignum(b, p); /* ssh key->q, SSL key->p */ buffer_put_cstring(b, comment); } #endif Index: pam_ssh-2.1/cipher-bf1.c =================================================================== --- pam_ssh-2.1.orig/cipher-bf1.c 2013-11-18 10:01:24.000000000 +0100 +++ pam_ssh-2.1/cipher-bf1.c 2017-11-30 15:33:40.416761878 +0100 @@ -28,6 +28,7 @@ #include <sys/types.h> #include <openssl/evp.h> +#include <openssl/blowfish.h> /*BF_KEY*/ #include <stdarg.h> #include <string.h> @@ -99,15 +100,25 @@ bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_ch const EVP_CIPHER * evp_ssh1_bf(void) { - static EVP_CIPHER ssh1_bf; + static EVP_CIPHER *ssh1_bfp; - memcpy(&ssh1_bf, EVP_bf_cbc(), sizeof(EVP_CIPHER)); - orig_bf = ssh1_bf.do_cipher; - ssh1_bf.nid = NID_undef; + ssh1_bfp = EVP_CIPHER_meth_new(NID_undef, /*block_size*/8, /*key_len*/32); + + orig_bf = EVP_CIPHER_meth_get_do_cipher(EVP_bf_cbc()); #ifdef SSH_OLD_EVP ssh1_bf.init = bf_ssh1_init; #endif - ssh1_bf.do_cipher = bf_ssh1_cipher; - ssh1_bf.key_len = 32; - return (&ssh1_bf); + EVP_CIPHER_meth_set_do_cipher(ssh1_bfp, bf_ssh1_cipher); + + /* set remaining members... */ + EVP_CIPHER_meth_set_iv_length(ssh1_bfp, 8); + EVP_CIPHER_meth_set_flags(ssh1_bfp, EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CBC_MODE); + EVP_CIPHER_meth_set_init(ssh1_bfp, EVP_CIPHER_meth_get_init(EVP_bf_cbc())); + EVP_CIPHER_meth_set_cleanup(ssh1_bfp, EVP_CIPHER_meth_get_cleanup(EVP_bf_cbc())); + EVP_CIPHER_meth_set_impl_ctx_size(ssh1_bfp, /*sizeof(EVP_BF_KEY) == */sizeof(BF_KEY)); + EVP_CIPHER_meth_set_set_asn1_params(ssh1_bfp, EVP_CIPHER_set_asn1_iv); + EVP_CIPHER_meth_set_get_asn1_params(ssh1_bfp, EVP_CIPHER_get_asn1_iv); + EVP_CIPHER_meth_set_ctrl(ssh1_bfp, NULL); + /*app_data = NULL*/ + return (ssh1_bfp); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
