-# $OpenBSD: Makefile.inc,v 1.45 2014/03/31 15:25:26 deraadt Exp $
+# $OpenBSD: Makefile.inc,v 1.46 2014/04/29 18:01:49 markus Exp $
.include <bsd.own.mk>
WARNINGS=yes
+OPENSSL?= yes
+.if (${OPENSSL:L} == "yes")
+CFLAGS+= -DWITH_OPENSSL -DWITH_SSH1
+.endif
+
CFLAGS+= -DENABLE_PKCS11
.ifndef NOPIC
CFLAGS+= -DHAVE_DLOPEN
-/* $OpenBSD: auth.c,v 1.103 2013/05/19 02:42:42 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.104 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
int
auth_key_is_revoked(Key *key)
{
+#ifdef WITH_OPENSSL
char *key_fp;
if (options.revoked_keys_file == NULL)
default:
goto revoked;
}
+#endif
debug3("%s: treating %s as a key list", __func__,
options.revoked_keys_file);
switch (key_in_file(key, options.revoked_keys_file, 0)) {
error("Revoked keys file is unreadable: refusing public key "
"authentication");
return 1;
+#ifdef WITH_OPENSSL
case 1:
revoked:
/* Key revoked */
"%s key %s ", key_type(key), key_fp);
free(key_fp);
return 1;
+#endif
}
fatal("key_in_file returned junk");
}
-/* $OpenBSD: authfd.c,v 1.92 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: authfd.c,v 1.93 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include <sys/un.h>
#include <sys/socket.h>
-#include <openssl/evp.h>
-#include <openssl/crypto.h>
-
#include <fcntl.h>
#include <stdlib.h>
#include <signal.h>
Key *
ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version)
{
+#ifdef WITH_SSH1
int keybits;
u_int bits;
+#endif
u_char *blob;
u_int blen;
Key *key = NULL;
* error if the packet is too short or contains corrupt data.
*/
switch (version) {
+#ifdef WITH_SSH1
case 1:
key = key_new(KEY_RSA1);
bits = buffer_get_int(&auth->identities);
logit("Warning: identity keysize mismatch: actual %d, announced %u",
BN_num_bits(key->rsa->n), bits);
break;
+#endif
case 2:
blob = buffer_get_string(&auth->identities, &blen);
*comment = buffer_get_string(&auth->identities, NULL);
* supported) and 1 corresponding to protocol version 1.1.
*/
+#ifdef WITH_SSH1
int
ssh_decrypt_challenge(AuthenticationConnection *auth,
Key* key, BIGNUM *challenge,
buffer_free(&buffer);
return success;
}
+#endif
/* ask agent to sign data, returns -1 on error, 0 on success */
int
/* Encode key for a message to the agent. */
+#ifdef WITH_SSH1
static void
ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment)
{
buffer_put_bignum(b, key->p); /* ssh key->q, SSL key->p */
buffer_put_cstring(b, comment);
}
+#endif
static void
ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
buffer_init(&msg);
switch (key->type) {
+#ifdef WITH_SSH1
case KEY_RSA1:
type = constrained ?
SSH_AGENTC_ADD_RSA_ID_CONSTRAINED :
buffer_put_char(&msg, type);
ssh_encode_identity_rsa1(&msg, key->rsa, comment);
break;
+#endif
+#ifdef WITH_OPENSSL
case KEY_RSA:
case KEY_RSA_CERT:
case KEY_RSA_CERT_V00:
case KEY_DSA_CERT_V00:
case KEY_ECDSA:
case KEY_ECDSA_CERT:
+#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
type = constrained ?
buffer_init(&msg);
+#ifdef WITH_SSH1
if (key->type == KEY_RSA1) {
buffer_put_char(&msg, SSH_AGENTC_REMOVE_RSA_IDENTITY);
buffer_put_int(&msg, BN_num_bits(key->rsa->n));
buffer_put_bignum(&msg, key->rsa->e);
buffer_put_bignum(&msg, key->rsa->n);
- } else if (key->type != KEY_UNSPEC) {
+ } else
+#endif
+ if (key->type != KEY_UNSPEC) {
key_to_blob(key, &blob, &blen);
buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY);
buffer_put_string(&msg, blob, blen);
-/* $OpenBSD: authfile.c,v 1.105 2014/04/28 03:09:18 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.106 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include <sys/param.h>
#include <sys/uio.h>
+#ifdef WITH_OPENSSL
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
+#endif
#include "crypto_api.h"
return k;
}
+#ifdef WITH_SSH1
/*
* Serialises the authentication (private) key to a blob, encrypting it with
* passphrase. The identification of the blob (lowest 64 bits of n) will
return 1;
}
+#endif
+#ifdef WITH_OPENSSL
/* convert SSH v2 key in OpenSSL PEM format */
static int
key_private_pem_to_blob(Key *key, Buffer *blob, const char *_passphrase,
BIO_free(bio);
return success;
}
+#endif
/* Save a key blob to a file */
static int
int new_format_rounds)
{
switch (key->type) {
+#ifdef WITH_SSH1
case KEY_RSA1:
return key_private_rsa1_to_blob(key, blob, passphrase, comment);
+#endif
+#ifdef WITH_OPENSSL
case KEY_DSA:
case KEY_ECDSA:
case KEY_RSA:
comment, new_format_cipher, new_format_rounds);
}
return key_private_pem_to_blob(key, blob, passphrase, comment);
+#endif
case KEY_ED25519:
return key_private_to_blob2(key, blob, passphrase,
comment, new_format_cipher, new_format_rounds);
return success;
}
+#ifdef WITH_SSH1
/*
* Parse the public, unencrypted portion of a RSA1 key.
*/
return pub;
}
+#endif
/* Load a key from a fd into a buffer */
int
return 1;
}
+#ifdef WITH_SSH1
/*
* Loads the public part of the ssh v1 key file. Returns NULL if an error was
* encountered (the file does not exist or is not readable), and the key
key_free(prv);
return NULL;
}
+#endif
+#ifdef WITH_OPENSSL
static Key *
key_parse_private_pem(Buffer *blob, int type, const char *passphrase,
char **commentp)
buffer_free(&buffer);
return prv;
}
+#endif
int
key_perm_ok(int fd, const char *filename)
Key *k;
switch (type) {
+#ifdef WITH_SSH1
case KEY_RSA1:
return key_parse_private_rsa1(blob, passphrase, commentp);
+#endif
+#ifdef WITH_OPENSSL
case KEY_DSA:
case KEY_ECDSA:
case KEY_RSA:
return key_parse_private_pem(blob, type, passphrase, commentp);
+#endif
case KEY_ED25519:
return key_parse_private2(blob, type, passphrase, commentp);
case KEY_UNSPEC:
if ((k = key_parse_private2(blob, type, passphrase, commentp)))
return k;
+#ifdef WITH_OPENSSL
return key_parse_private_pem(blob, type, passphrase, commentp);
+#endif
default:
error("%s: cannot parse key type %d", __func__, type);
break;
key_parse_private(Buffer *buffer, const char *filename,
const char *passphrase, char **commentp)
{
+#ifdef WITH_SSH1
Key *pub, *prv;
/* it's a SSH v1 key if the public key part is readable */
NULL);
}
return prv;
+#else
+ return key_parse_private_type(buffer, KEY_UNSPEC,
+ passphrase, commentp);
+#endif
}
Key *
Key *pub;
char file[MAXPATHLEN];
+#ifdef WITH_SSH1
/* try rsa1 private key */
pub = key_load_public_type(KEY_RSA1, filename, commentp);
if (pub != NULL)
if (key_try_load_public(pub, filename, commentp) == 1)
return pub;
key_free(pub);
+#endif
/* try ssh2 public key */
pub = key_new(KEY_UNSPEC);
Key *key, *pub;
switch (type) {
+#ifdef WITH_OPENSSL
case KEY_RSA:
case KEY_DSA:
case KEY_ECDSA:
+#endif
case KEY_ED25519:
break;
default:
-/* $OpenBSD: bufaux.c,v 1.58 2014/04/28 03:09:18 djm Exp $ */
+/* $OpenBSD: bufaux.c,v 1.59 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include <sys/types.h>
-#include <openssl/bn.h>
-
#include <string.h>
#include <stdarg.h>
#include <stdlib.h>
-/* $OpenBSD: cipher.c,v 1.97 2014/02/07 06:55:54 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.98 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include "buffer.h"
#include "digest.h"
+#ifdef WITH_SSH1
extern const EVP_CIPHER *evp_ssh1_bf(void);
extern const EVP_CIPHER *evp_ssh1_3des(void);
extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
+#endif
struct Cipher {
char *name;
u_int flags;
#define CFLAG_CBC (1<<0)
#define CFLAG_CHACHAPOLY (1<<1)
+#define CFLAG_AESCTR (1<<2)
+#define CFLAG_NONE (1<<3)
+#ifdef WITH_OPENSSL
const EVP_CIPHER *(*evptype)(void);
+#else
+ void *ignored;
+#endif
};
static const struct Cipher ciphers[] = {
- { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null },
+#ifdef WITH_SSH1
{ "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc },
{ "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des },
{ "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf },
-
+#endif
+#ifdef WITH_OPENSSL
+ { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null },
{ "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc },
{ "blowfish-cbc",
SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc },
SSH_CIPHER_SSH2, 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm },
{ "aes256-gcm@openssh.com",
SSH_CIPHER_SSH2, 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm },
+#else
+ { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, CFLAG_AESCTR, NULL },
+ { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, CFLAG_AESCTR, NULL },
+ { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, CFLAG_AESCTR, NULL },
+ { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, CFLAG_NONE, NULL },
+#endif
{ "chacha20-poly1305@openssh.com",
SSH_CIPHER_SSH2, 8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL },
const u_char *key, u_int keylen, const u_char *iv, u_int ivlen,
int do_encrypt)
{
+#ifdef WITH_OPENSSL
static int dowarn = 1;
const EVP_CIPHER *type;
int klen;
if (keylen > 8)
keylen = 8;
}
+#endif
cc->plaintext = (cipher->number == SSH_CIPHER_NONE);
cc->encrypt = do_encrypt;
chachapoly_init(&cc->cp_ctx, key, keylen);
return;
}
+#ifndef WITH_OPENSSL
+ if ((cc->cipher->flags & CFLAG_AESCTR) != 0) {
+ aesctr_keysetup(&cc->ac_ctx, key, 8 * keylen, 8 * ivlen);
+ aesctr_ivsetup(&cc->ac_ctx, iv);
+ return;
+ }
+ if ((cc->cipher->flags & CFLAG_NONE) != 0)
+ return;
+ fatal("unsupported cipher");
+#else
type = (*cipher->evptype)();
EVP_CIPHER_CTX_init(&cc->evp);
if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv,
free(junk);
free(discard);
}
+#endif
}
/*
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src, len,
aadlen, authlen, cc->encrypt);
+#ifndef WITH_OPENSSL
+ if ((cc->cipher->flags & CFLAG_AESCTR) != 0) {
+ if (aadlen)
+ memcpy(dest, src, aadlen);
+ aesctr_encrypt_bytes(&cc->ac_ctx, src + aadlen,
+ dest + aadlen, len);
+ return 0;
+ }
+ if ((cc->cipher->flags & CFLAG_NONE) != 0) {
+ memcpy(dest, src, aadlen + len);
+ return 0;
+ }
+ fatal("unsupported cipher");
+#else
if (authlen) {
u_char lastiv[1];
fatal("%s: EVP_CTRL_GCM_GET_TAG", __func__);
}
return 0;
+#endif
}
/* Extract the packet length, including any decryption necessary beforehand */
{
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx));
+ else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
+ explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx));
+#ifdef WITH_OPENSSL
else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0)
error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed");
+#endif
}
/*
cipher_get_keyiv_len(const CipherContext *cc)
{
const Cipher *c = cc->cipher;
- int ivlen;
+ int ivlen = 0;
if (c->number == SSH_CIPHER_3DES)
ivlen = 24;
else if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
ivlen = 0;
+#ifdef WITH_OPENSSL
else
ivlen = EVP_CIPHER_CTX_iv_length(&cc->evp);
+#endif
return (ivlen);
}
cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
{
const Cipher *c = cc->cipher;
+#ifdef WITH_OPENSSL
int evplen;
+#endif
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
if (len != 0)
fatal("%s: wrong iv length %d != %d", __func__, len, 0);
return;
}
+ if ((cc->cipher->flags & CFLAG_NONE) != 0)
+ return;
switch (c->number) {
+#ifdef WITH_OPENSSL
case SSH_CIPHER_SSH2:
case SSH_CIPHER_DES:
case SSH_CIPHER_BLOWFISH:
} else
memcpy(iv, cc->evp.iv, len);
break;
+#endif
+#ifdef WITH_SSH1
case SSH_CIPHER_3DES:
ssh1_3des_iv(&cc->evp, 0, iv, 24);
break;
+#endif
default:
fatal("%s: bad cipher %d", __func__, c->number);
}
cipher_set_keyiv(CipherContext *cc, u_char *iv)
{
const Cipher *c = cc->cipher;
+#ifdef WITH_OPENSSL
int evplen = 0;
+#endif
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
return;
+ if ((cc->cipher->flags & CFLAG_NONE) != 0)
+ return;
switch (c->number) {
+#ifdef WITH_OPENSSL
case SSH_CIPHER_SSH2:
case SSH_CIPHER_DES:
case SSH_CIPHER_BLOWFISH:
} else
memcpy(cc->evp.iv, iv, evplen);
break;
+#endif
+#ifdef WITH_SSH1
case SSH_CIPHER_3DES:
ssh1_3des_iv(&cc->evp, 1, iv, 24);
break;
+#endif
default:
fatal("%s: bad cipher %d", __func__, c->number);
}
}
+#ifdef WITH_OPENSSL
#define EVP_X_STATE(evp) (evp).cipher_data
#define EVP_X_STATE_LEN(evp) (evp).cipher->ctx_size
+#endif
int
cipher_get_keycontext(const CipherContext *cc, u_char *dat)
{
+#ifdef WITH_OPENSSL
const Cipher *c = cc->cipher;
int plen = 0;
memcpy(dat, EVP_X_STATE(cc->evp), plen);
}
return (plen);
+#else
+ return (0);
+#endif
}
void
cipher_set_keycontext(CipherContext *cc, u_char *dat)
{
+#ifdef WITH_OPENSSL
const Cipher *c = cc->cipher;
int plen;
plen = EVP_X_STATE_LEN(cc->evp);
memcpy(EVP_X_STATE(cc->evp), dat, plen);
}
+#endif
}
-/* $OpenBSD: cipher.h,v 1.44 2014/01/25 10:12:50 dtucker Exp $ */
+/* $OpenBSD: cipher.h,v 1.45 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
#include <openssl/evp.h>
#include "cipher-chachapoly.h"
+#include "cipher-aesctr.h"
/*
* Cipher types for SSH-1. New types can be added, but old types should not
int encrypt;
EVP_CIPHER_CTX evp;
struct chachapoly_ctx cp_ctx; /* XXX union with evp? */
+ struct aesctr_ctx ac_ctx; /* XXX union with evp? */
const Cipher *cipher;
};
-/* $OpenBSD: hostfile.c,v 1.55 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: hostfile.c,v 1.56 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
hostfile_check_key(int bits, const Key *key, const char *host,
const char *filename, u_long linenum)
{
+#ifdef WITH_SSH1
if (key == NULL || key->type != KEY_RSA1 || key->rsa == NULL)
return 1;
if (bits != BN_num_bits(key->rsa->n)) {
logit("Warning: replace %d with %d in %s, line %lu.",
bits, BN_num_bits(key->rsa->n), filename, linenum);
}
+#endif
return 1;
}
key = key_new(KEY_UNSPEC);
if (!hostfile_read_key(&cp, &kbits, key)) {
key_free(key);
+#ifdef WITH_SSH1
key = key_new(KEY_RSA1);
if (!hostfile_read_key(&cp, &kbits, key)) {
key_free(key);
continue;
}
+#else
+ continue;
+#endif
}
if (!hostfile_check_key(kbits, key, host, path, linenum))
continue;
-/* $OpenBSD: kex.c,v 1.98 2014/02/02 03:44:31 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.99 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
#include <stdlib.h>
#include <string.h>
+#ifdef WITH_OPENSSL
#include <openssl/crypto.h>
+#endif
#include "xmalloc.h"
#include "ssh2.h"
int hash_alg;
};
static const struct kexalg kexalgs[] = {
+#ifdef WITH_OPENSSL
{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
{ KEX_DH14, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },
{ KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 },
SSH_DIGEST_SHA384 },
{ KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1,
SSH_DIGEST_SHA512 },
+#endif
{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
{ NULL, -1, -1, -1},
};
}
}
+#ifdef WITH_OPENSSL
void
kex_derive_keys_bn(Kex *kex, u_char *hash, u_int hashlen, const BIGNUM *secret)
{
buffer_ptr(&shared_secret), buffer_len(&shared_secret));
buffer_free(&shared_secret);
}
+#endif
Newkeys *
kex_get_newkeys(int mode)
return ret;
}
+#ifdef WITH_SSH1
void
derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus,
u_int8_t cookie[8], u_int8_t id[16])
explicit_bzero(nbuf, sizeof(nbuf));
explicit_bzero(obuf, sizeof(obuf));
}
+#endif
#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)
void
-/* $OpenBSD: key.c,v 1.116 2014/02/02 03:44:31 djm Exp $ */
+/* $OpenBSD: key.c,v 1.117 2014/04/29 18:01:49 markus Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
key_new(int type)
{
Key *k;
+#ifdef WITH_OPENSSL
RSA *rsa;
DSA *dsa;
+#endif
+
k = xcalloc(1, sizeof(*k));
k->type = type;
k->ecdsa = NULL;
k->ed25519_sk = NULL;
k->ed25519_pk = NULL;
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA1:
case KEY_RSA:
case KEY_RSA_CERT_V00:
case KEY_ECDSA_CERT:
/* Cannot do anything until we know the group */
break;
+#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
/* no need to prealloc */
key_add_private(Key *k)
{
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA1:
case KEY_RSA:
case KEY_RSA_CERT_V00:
case KEY_ECDSA_CERT:
/* Cannot do anything until we know the group */
break;
+#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
/* no need to prealloc */
if (k == NULL)
fatal("key_free: key is NULL");
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA1:
case KEY_RSA:
case KEY_RSA_CERT_V00:
EC_KEY_free(k->ecdsa);
k->ecdsa = NULL;
break;
+#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
if (k->ed25519_pk) {
int
key_equal_public(const Key *a, const Key *b)
{
+#ifdef WITH_OPENSSL
BN_CTX *bnctx;
+#endif
if (a == NULL || b == NULL ||
key_type_plain(a->type) != key_type_plain(b->type))
return 0;
switch (a->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA1:
case KEY_RSA_CERT_V00:
case KEY_RSA_CERT:
}
BN_CTX_free(bnctx);
return 1;
+#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
return a->ed25519_pk != NULL && b->ed25519_pk != NULL &&
u_char *blob = NULL;
u_char *retval = NULL;
u_int len = 0;
- int nlen, elen, hash_alg = -1;
+ int hash_alg = -1;
+#ifdef WITH_OPENSSL
+ int nlen, elen;
+#endif
*dgst_raw_length = 0;
fatal("%s: bad digest type %d", __func__, dgst_type);
}
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA1:
nlen = BN_num_bytes(k->rsa->n);
elen = BN_num_bytes(k->rsa->e);
case KEY_DSA:
case KEY_ECDSA:
case KEY_RSA:
+#endif
case KEY_ED25519:
key_to_blob(k, &blob, &len);
break;
+#ifdef WITH_OPENSSL
case KEY_DSA_CERT_V00:
case KEY_RSA_CERT_V00:
case KEY_DSA_CERT:
case KEY_ECDSA_CERT:
case KEY_RSA_CERT:
+#endif
case KEY_ED25519_CERT:
/* We want a fingerprint of the _key_ not of the cert */
to_blob(k, &blob, &len, 1);
return retval;
}
+#ifdef WITH_SSH1
/*
* Reads a multiple-precision integer in decimal from the buffer, and advances
* the pointer. The integer must already be initialized. This function is
OPENSSL_free(buf);
return 1;
}
+#endif
/* returns 1 ok, -1 error */
int
int success = -1;
char *cp, *space;
int len, n, type, curve_nid = -1;
+#ifdef WITH_SSH1
u_int bits;
+#endif
u_char *blob;
cp = *cpp;
switch (ret->type) {
case KEY_RSA1:
+#ifdef WITH_SSH1
/* Get number of bits. */
if (*cp < '0' || *cp > '9')
return -1; /* Bad bit count... */
return -1;
}
success = 1;
+#endif
break;
case KEY_UNSPEC:
case KEY_RSA:
ret->cert = k->cert;
k->cert = NULL;
}
+#ifdef WITH_OPENSSL
if (key_type_plain(ret->type) == KEY_RSA) {
if (ret->rsa != NULL)
RSA_free(ret->rsa);
key_dump_ec_key(ret->ecdsa);
#endif
}
+#endif
if (key_type_plain(ret->type) == KEY_ED25519) {
free(ret->ed25519_pk);
ret->ed25519_pk = k->ed25519_pk;
key_write(const Key *key, FILE *f)
{
int n, success = 0;
- u_int len, bits = 0;
+#ifdef WITH_SSH1
+ u_int bits = 0;
+#endif
+ u_int len;
u_char *blob;
char *uu;
}
switch (key->type) {
+#ifdef WITH_SSH1
case KEY_RSA1:
if (key->rsa == NULL)
return 0;
return 1;
error("key_write: failed for RSA key");
return 0;
+#endif
+#ifdef WITH_OPENSSL
case KEY_DSA:
case KEY_DSA_CERT_V00:
case KEY_DSA_CERT:
if (key->ecdsa == NULL)
return 0;
break;
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- if (key->ed25519_pk == NULL)
- return 0;
- break;
case KEY_RSA:
case KEY_RSA_CERT_V00:
case KEY_RSA_CERT:
if (key->rsa == NULL)
return 0;
break;
+#endif
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
+ if (key->ed25519_pk == NULL)
+ return 0;
+ break;
default:
return 0;
}
int cert;
};
static const struct keytype keytypes[] = {
+#ifdef WITH_OPENSSL
+#ifdef WITH_SSH1
{ NULL, "RSA1", KEY_RSA1, 0, 0 },
+#endif
{ "ssh-rsa", "RSA", KEY_RSA, 0, 0 },
{ "ssh-dss", "DSA", KEY_DSA, 0, 0 },
- { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 },
{ "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 },
{ "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 },
{ "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0 },
KEY_RSA_CERT_V00, 0, 1 },
{ "ssh-dss-cert-v00@openssh.com", "DSA-CERT-V00",
KEY_DSA_CERT_V00, 0, 1 },
+#endif
+ { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 },
{ "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT",
KEY_ED25519_CERT, 0, 1 },
{ NULL, NULL, -1, -1, 0 }
key_size(const Key *k)
{
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA1:
case KEY_RSA:
case KEY_RSA_CERT_V00:
case KEY_DSA_CERT_V00:
case KEY_DSA_CERT:
return BN_num_bits(k->dsa->p);
- case KEY_ED25519:
- return 256; /* XXX */
case KEY_ECDSA:
case KEY_ECDSA_CERT:
return key_curve_nid_to_bits(k->ecdsa_nid);
+#endif
+ case KEY_ED25519:
+ return 256; /* XXX */
}
return 0;
}
+#ifdef WITH_OPENSSL
static RSA *
rsa_generate_private_key(u_int bits)
{
EC_KEY_set_asn1_flag(private, OPENSSL_EC_NAMED_CURVE);
return private;
}
+#endif
Key *
key_generate(int type, u_int bits)
{
Key *k = key_new(KEY_UNSPEC);
switch (type) {
+#ifdef WITH_OPENSSL
case KEY_DSA:
k->dsa = dsa_generate_private_key(bits);
break;
case KEY_RSA1:
k->rsa = rsa_generate_private_key(bits);
break;
- case KEY_ED25519:
- k->ed25519_pk = xmalloc(ED25519_PK_SZ);
- k->ed25519_sk = xmalloc(ED25519_SK_SZ);
- crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk);
- break;
case KEY_RSA_CERT_V00:
case KEY_DSA_CERT_V00:
case KEY_RSA_CERT:
case KEY_DSA_CERT:
fatal("key_generate: cert keys cannot be generated directly");
+#endif
+ case KEY_ED25519:
+ k->ed25519_pk = xmalloc(ED25519_PK_SZ);
+ k->ed25519_sk = xmalloc(ED25519_SK_SZ);
+ crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk);
+ break;
default:
fatal("key_generate: unknown type %d", type);
}
{
Key *n = NULL;
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_DSA:
case KEY_DSA_CERT_V00:
case KEY_DSA_CERT:
(BN_copy(n->rsa->e, k->rsa->e) == NULL))
fatal("key_from_private: BN_copy failed");
break;
+#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
n = key_new(k->type);
goto out;
}
switch (type) {
+#ifdef WITH_OPENSSL
case KEY_RSA_CERT:
(void)buffer_get_string_ptr_ret(&b, NULL); /* Skip nonce */
/* FALLTHROUGH */
if (buffer_get_bignum2_ret(&b, key->rsa->e) == -1 ||
buffer_get_bignum2_ret(&b, key->rsa->n) == -1) {
error("key_from_blob: can't read rsa key");
- badkey:
- key_free(key);
- key = NULL;
- goto out;
+ goto badkey;
}
#ifdef DEBUG_PK
RSA_print_fp(stderr, key->rsa, 8);
key_dump_ec_point(EC_KEY_get0_group(key->ecdsa), q);
#endif
break;
+#endif
case KEY_ED25519_CERT:
(void)buffer_get_string_ptr_ret(&b, NULL); /* Skip nonce */
/* FALLTHROUGH */
EC_POINT_free(q);
buffer_free(&b);
return key;
+
+ badkey:
+ key_free(key);
+ key = NULL;
+ goto out;
}
Key *
buffer_init(&b);
type = force_plain ? key_type_plain(key->type) : key->type;
switch (type) {
+#ifdef WITH_OPENSSL
case KEY_DSA_CERT_V00:
case KEY_RSA_CERT_V00:
case KEY_DSA_CERT:
case KEY_ECDSA_CERT:
case KEY_RSA_CERT:
+#endif
case KEY_ED25519_CERT:
/* Use the existing blob */
buffer_append(&b, buffer_ptr(&key->cert->certblob),
buffer_len(&key->cert->certblob));
break;
+#ifdef WITH_OPENSSL
case KEY_DSA:
buffer_put_cstring(&b,
key_ssh_name_from_type_nid(type, key->ecdsa_nid));
buffer_put_bignum2(&b, key->rsa->e);
buffer_put_bignum2(&b, key->rsa->n);
break;
+#endif
case KEY_ED25519:
buffer_put_cstring(&b,
key_ssh_name_from_type_nid(type, key->ecdsa_nid));
const u_char *data, u_int datalen)
{
switch (key->type) {
+#ifdef WITH_OPENSSL
case KEY_DSA_CERT_V00:
case KEY_DSA_CERT:
case KEY_DSA:
case KEY_RSA_CERT:
case KEY_RSA:
return ssh_rsa_sign(key, sigp, lenp, data, datalen);
+#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
return ssh_ed25519_sign(key, sigp, lenp, data, datalen);
return -1;
switch (key->type) {
+#ifdef WITH_OPENSSL
case KEY_DSA_CERT_V00:
case KEY_DSA_CERT:
case KEY_DSA:
case KEY_RSA_CERT:
case KEY_RSA:
return ssh_rsa_verify(key, signature, signaturelen, data, datalen);
+#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
return ssh_ed25519_verify(key, signature, signaturelen, data, datalen);
pk->ed25519_sk = NULL;
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA_CERT_V00:
case KEY_RSA_CERT:
key_cert_copy(k, pk);
EC_KEY_get0_public_key(k->ecdsa)) != 1)
fatal("key_demote: EC_KEY_set_public_key failed");
break;
+#endif
case KEY_ED25519_CERT:
key_cert_copy(k, pk);
/* FALLTHROUGH */
/* XXX this substantially duplicates to_blob(); refactor */
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_DSA_CERT_V00:
case KEY_DSA_CERT:
buffer_put_bignum2(&k->cert->certblob, k->dsa->p);
buffer_put_bignum2(&k->cert->certblob, k->rsa->e);
buffer_put_bignum2(&k->cert->certblob, k->rsa->n);
break;
+#endif
case KEY_ED25519_CERT:
buffer_put_string(&k->cert->certblob,
k->ed25519_pk, ED25519_PK_SZ);
}
}
+#ifdef WITH_OPENSSL
/* XXX: these are really begging for a table-driven approach */
int
key_curve_name_to_nid(const char *name)
BN_CTX_free(bnctx);
return ret;
}
+#endif
#if defined(DEBUG_KEXECDH) || defined(DEBUG_PK)
void
{
buffer_put_cstring(b, key_ssh_name(key));
switch (key->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA:
buffer_put_bignum2(b, key->rsa->n);
buffer_put_bignum2(b, key->rsa->e);
buffer_len(&key->cert->certblob));
buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa));
break;
+#endif
case KEY_ED25519:
buffer_put_string(b, key->ed25519_pk, ED25519_PK_SZ);
buffer_put_string(b, key->ed25519_sk, ED25519_SK_SZ);
Key *
key_private_deserialize(Buffer *blob)
{
- char *type_name, *curve;
+ char *type_name;
Key *k = NULL;
- BIGNUM *exponent;
- EC_POINT *q;
u_char *cert;
u_int len, pklen, sklen;
int type;
+#ifdef WITH_OPENSSL
+ char *curve;
+ BIGNUM *exponent;
+ EC_POINT *q;
+#endif
type_name = buffer_get_string(blob, NULL);
type = key_type_from_name(type_name);
switch (type) {
+#ifdef WITH_OPENSSL
case KEY_DSA:
k = key_new_private(type);
buffer_get_bignum2(blob, k->dsa->p);
buffer_get_bignum2(blob, k->rsa->p);
buffer_get_bignum2(blob, k->rsa->q);
break;
+#endif
case KEY_ED25519:
k = key_new_private(type);
k->ed25519_pk = buffer_get_string(blob, &pklen);
/* enable blinding */
switch (k->type) {
+#ifdef WITH_OPENSSL
case KEY_RSA:
case KEY_RSA_CERT_V00:
case KEY_RSA_CERT:
return NULL;
}
break;
+#endif
}
return k;
}
-# $OpenBSD: Makefile,v 1.75 2014/04/22 11:47:55 henning Exp $
+# $OpenBSD: Makefile,v 1.76 2014/04/29 18:01:49 markus Exp $
.PATH: ${.CURDIR}/..
.include "${.CURDIR}/../Makefile.inc"
LIB= ssh
-SRCS= authfd.c authfile.c bufaux.c bufec.c bufbn.c buffer.c canohost.c \
- channels.c cipher.c cipher-3des1.c cipher-bf1.c \
+SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c \
+ channels.c cipher.c \
cleanup.c compat.c compress.c crc32.c deattack.c fatal.c \
hostfile.c log.c match.c nchan.c packet.c readpass.c \
- rsa.c ttymodes.c xmalloc.c atomicio.c \
+ ttymodes.c xmalloc.c atomicio.c \
key.c dispatch.c kex.c mac.c uidswap.c uuencode.c misc.c \
+ msg.c progressmeter.c dns.c \
+ monitor_fdpass.c addrmatch.c \
+ smult_curve25519_ref.c kexc25519.c kexc25519c.c \
+ chacha.c poly1305.c cipher-chachapoly.c ssh-ed25519.c hmac.c
+
+.if (${OPENSSL:L} == "yes")
+SRCS+= bufec.c bufbn.c cipher-3des1.c cipher-bf1.c rsa.c \
ssh-dss.c ssh-rsa.c ssh-ecdsa.c dh.c kexdh.c kexgex.c kexecdh.c \
- kexdhc.c kexgexc.c kexecdhc.c msg.c progressmeter.c dns.c \
- monitor_fdpass.c umac.c addrmatch.c ssh-pkcs11.c \
- krl.c smult_curve25519_ref.c kexc25519.c kexc25519c.c \
- chacha.c poly1305.c cipher-chachapoly.c ssh-ed25519.c \
- digest-openssl.c hmac.c
+ kexdhc.c kexgexc.c kexecdhc.c umac.c ssh-pkcs11.c \
+ krl.c digest-openssl.c
+.else
+SRCS+= digest-libc.c rijndael.c cipher-aesctr.c
+.endif
# ed25519, from supercop
SRCS+= sc25519.c ge25519.c fe25519.c ed25519.c verify.c hash.c blocks.c
-/* $OpenBSD: mac.c,v 1.28 2014/02/07 06:55:54 djm Exp $ */
+/* $OpenBSD: mac.c,v 1.29 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
{ "hmac-md5-96", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 0 },
{ "hmac-ripemd160", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 },
{ "hmac-ripemd160@openssh.com", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 },
+#ifdef WITH_OPENSSL
{ "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 },
{ "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 },
+#endif
/* Encrypt-then-MAC variants */
{ "hmac-sha1-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_SHA1, 0, 0, 0, 1 },
{ "hmac-md5-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 1 },
{ "hmac-md5-96-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 1 },
{ "hmac-ripemd160-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 1 },
+#ifdef WITH_OPENSSL
{ "umac-64-etm@openssh.com", SSH_UMAC, 0, 0, 128, 64, 1 },
{ "umac-128-etm@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 1 },
+#endif
{ NULL, 0, 0, 0, 0, 0, 0 }
};
fatal("ssh_hmac_start(alg=%d) failed", macalg->alg);
mac->key_len = mac->mac_len = ssh_hmac_bytes(macalg->alg);
} else {
+#ifdef WITH_OPENSSL
mac->mac_len = macalg->len / 8;
mac->key_len = macalg->key_len / 8;
mac->umac_ctx = NULL;
+#endif
}
if (macalg->truncatebits != 0)
mac->mac_len = macalg->truncatebits / 8;
ssh_hmac_init(mac->hmac_ctx, mac->key, mac->key_len) < 0)
return -1;
return 0;
+#ifdef WITH_OPENSSL
case SSH_UMAC:
mac->umac_ctx = umac_new(mac->key);
return 0;
case SSH_UMAC128:
mac->umac_ctx = umac128_new(mac->key);
return 0;
+#endif
default:
return -1;
}
u_char m[EVP_MAX_MD_SIZE];
u_int64_t for_align;
} u;
- u_char b[4], nonce[8];
+ u_char b[4];
+#ifdef WITH_OPENSSL
+ u_char nonce[8];
+#endif
if (mac->mac_len > sizeof(u))
fatal("mac_compute: mac too long %u %zu",
ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0)
fatal("ssh_hmac failed");
break;
+#ifdef WITH_OPENSSL
case SSH_UMAC:
put_u64(nonce, seqno);
umac_update(mac->umac_ctx, data, datalen);
umac128_update(mac->umac_ctx, data, datalen);
umac128_final(mac->umac_ctx, u.m, nonce);
break;
+#endif
default:
fatal("mac_compute: unknown MAC type");
}
void
mac_clear(Mac *mac)
{
+#ifdef WITH_OPENSSL
if (mac->type == SSH_UMAC) {
if (mac->umac_ctx != NULL)
umac_delete(mac->umac_ctx);
if (mac->umac_ctx != NULL)
umac128_delete(mac->umac_ctx);
} else if (mac->hmac_ctx != NULL)
+#endif
ssh_hmac_free(mac->hmac_ctx);
mac->hmac_ctx = NULL;
mac->umac_ctx = NULL;
-/* $OpenBSD: monitor.c,v 1.131 2014/02/02 03:44:31 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.132 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
#include <sys/param.h>
#include <sys/queue.h>
+#ifdef WITH_OPENSSL
#include <openssl/dh.h>
+#endif
#include <errno.h>
#include <fcntl.h>
static int monitor_read_log(struct monitor *);
static Authctxt *authctxt;
+
+#ifdef WITH_SSH1
static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */
+#endif
/* local state for key verify */
static u_char *key_blob = NULL;
#define MON_PERMIT 0x1000 /* Request is permitted */
struct mon_table mon_dispatch_proto20[] = {
+#ifdef WITH_OPENSSL
{MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli},
+#endif
{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
};
struct mon_table mon_dispatch_postauth20[] = {
+#ifdef WITH_OPENSSL
{MONITOR_REQ_MODULI, 0, mm_answer_moduli},
+#endif
{MONITOR_REQ_SIGN, 0, mm_answer_sign},
{MONITOR_REQ_PTY, 0, mm_answer_pty},
{MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup},
};
struct mon_table mon_dispatch_proto15[] = {
+#ifdef WITH_SSH1
{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
{MONITOR_REQ_SESSKEY, MON_ONCE, mm_answer_sesskey},
{MONITOR_REQ_SESSID, MON_ONCE, mm_answer_sessid},
{MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response},
{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond},
+#endif
{0, 0, NULL}
};
struct mon_table mon_dispatch_postauth15[] = {
+#ifdef WITH_SSH1
{MONITOR_REQ_PTY, MON_ONCE, mm_answer_pty},
{MONITOR_REQ_PTYCLEANUP, MON_ONCE, mm_answer_pty_cleanup},
{MONITOR_REQ_TERM, 0, mm_answer_term},
+#endif
{0, 0, NULL}
};
hostbased_chost = NULL;
}
+#ifdef WITH_OPENSSL
int
mm_answer_moduli(int sock, Buffer *m)
{
mm_request_send(sock, MONITOR_ANS_MODULI, m);
return (0);
}
+#endif
extern AuthenticationConnection *auth_conn;
cuser, chost);
auth_method = "hostbased";
break;
+#ifdef WITH_SSH1
case MM_RSAHOSTKEY:
key->type = KEY_RSA1; /* XXX */
allowed = options.rhosts_rsa_authentication &&
auth_clear_options();
auth_method = "rsa";
break;
+#endif
default:
fatal("%s: unknown key type %d", __func__, type);
break;
return (0);
}
+#ifdef WITH_SSH1
int
mm_answer_sesskey(int sock, Buffer *m)
{
return (success);
}
+#endif
int
mm_answer_term(int sock, Buffer *req)
timingsafe_bcmp(kex->session_id, session_id2, session_id2_len) != 0)
fatal("mm_get_get: internal error: bad session id");
kex->we_need = buffer_get_int(m);
+#ifdef WITH_OPENSSL
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#endif
kex->kex[KEX_C25519_SHA256] = kexc25519_server;
kex->server = 1;
kex->hostkey_type = buffer_get_int(m);
-/* $OpenBSD: monitor_wrap.c,v 1.79 2014/02/02 03:44:31 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.80 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
#include <string.h>
#include <unistd.h>
+#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/dh.h>
-#include <openssl/evp.h>
+#endif
#include "xmalloc.h"
#include "ssh.h"
+#ifdef WITH_OPENSSL
#include "dh.h"
+#endif
#include "buffer.h"
#include "key.h"
#include "cipher.h"
rtype, type);
}
+#ifdef WITH_OPENSSL
DH *
mm_choose_dh(int min, int nbits, int max)
{
return (dh_new_group(g, p));
}
+#endif
int
mm_key_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen)
buffer_free(&m);
}
+#ifdef WITH_SSH1
int
mm_ssh1_session_key(BIGNUM *num)
{
return (rsafail);
}
+#endif
static void
mm_chall_setup(char **name, char **infotxt, u_int *numprompts,
buffer_free(&m);
}
+#ifdef WITH_SSH1
int
mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
{
return (success);
}
+#endif
#ifdef GSSAPI
OM_uint32
-/* $OpenBSD: myproposal.h,v 1.38 2014/03/27 23:01:27 markus Exp $ */
+/* $OpenBSD: myproposal.h,v 1.39 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#ifdef WITH_OPENSSL
+
#define KEX_SERVER_KEX \
"curve25519-sha256@libssh.org," \
"ecdh-sha2-nistp256," \
"hmac-sha1-96," \
"hmac-md5-96"
+#else
+
+#define KEX_SERVER_KEX \
+ "curve25519-sha256@libssh.org"
+#define KEX_DEFAULT_PK_ALG \
+ "ssh-ed25519-cert-v01@openssh.com," \
+ "ssh-ed25519"
+#define KEX_SERVER_ENCRYPT \
+ "aes128-ctr,aes192-ctr,aes256-ctr," \
+ "chacha20-poly1305@openssh.com"
+#define KEX_SERVER_MAC \
+ "hmac-sha2-256-etm@openssh.com," \
+ "hmac-sha2-512-etm@openssh.com," \
+ "hmac-sha2-256," \
+ "hmac-sha2-512"
+
+#define KEX_CLIENT_KEX KEX_SERVER_KEX
+#define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT
+#define KEX_CLIENT_MAC KEX_SERVER_MAC "," \
+ "hmac-sha1-etm@openssh.com," \
+ "hmac-sha1"
+
+#endif /* WITH_OPENSSL */
+
#define KEX_DEFAULT_COMP "none,zlib@openssh.com,zlib"
#define KEX_DEFAULT_LANG ""
-/* $OpenBSD: packet.c,v 1.194 2014/04/28 03:09:18 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.195 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
buffer_append(&active_state->outgoing_packet, buf, len);
}
+#ifdef WITH_OPENSSL
void
packet_put_bignum(BIGNUM * value)
{
{
buffer_put_ecpoint(&active_state->outgoing_packet, curve, point);
}
+#endif
/*
* Finalizes and sends the packet. If the encryption key has been set,
* must have been initialized before this call.
*/
+#ifdef WITH_OPENSSL
void
packet_get_bignum(BIGNUM * value)
{
{
buffer_get_ecpoint(&active_state->incoming_packet, curve, point);
}
+#endif
void *
packet_get_raw(u_int *length_ptr)
-/* $OpenBSD: roaming_client.c,v 1.7 2014/01/09 23:20:00 djm Exp $ */
+/* $OpenBSD: roaming_client.c,v 1.8 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright (c) 2004-2009 AppGate Network Security AB
*
#include <string.h>
#include <unistd.h>
-#include <openssl/crypto.h>
-#include <openssl/sha.h>
-
#include "xmalloc.h"
#include "buffer.h"
#include "channels.h"
-/* $OpenBSD: ssh-agent.c,v 1.184 2014/03/15 17:28:26 deraadt Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.185 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include <sys/un.h>
#include <sys/param.h>
+#ifdef WITH_OPENSSL
#include <openssl/evp.h>
+#endif
#include <errno.h>
#include <fcntl.h>
buffer_put_int(&msg, tab->nentries);
TAILQ_FOREACH(id, &tab->idlist, next) {
if (id->key->type == KEY_RSA1) {
+#ifdef WITH_SSH1
buffer_put_int(&msg, BN_num_bits(id->key->rsa->n));
buffer_put_bignum(&msg, id->key->rsa->e);
buffer_put_bignum(&msg, id->key->rsa->n);
+#endif
} else {
u_char *blob;
u_int blen;
buffer_free(&msg);
}
+#ifdef WITH_SSH1
/* ssh1 only */
static void
process_authentication_challenge1(SocketEntry *e)
BN_clear_free(challenge);
buffer_free(&msg);
}
+#endif
/* ssh2 only */
static void
case SSH_AGENTC_UNLOCK:
process_lock_agent(e, type == SSH_AGENTC_LOCK);
break;
+#ifdef WITH_SSH1
/* ssh1 */
case SSH_AGENTC_RSA_CHALLENGE:
process_authentication_challenge1(e);
case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:
process_remove_all_identities(e, 1);
break;
+#endif
/* ssh2 */
case SSH2_AGENTC_SIGN_REQUEST:
process_sign_request2(e);
setegid(getgid());
setgid(getgid());
+#ifdef WITH_OPENSSL
OpenSSL_add_all_algorithms();
+#endif
while ((ch = getopt(ac, av, "cdksa:t:")) != -1) {
switch (ch) {
-/* $OpenBSD: ssh-keygen.c,v 1.245 2014/04/28 03:09:18 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.246 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
exit(1);
}
+#ifdef WITH_OPENSSL
if (type == KEY_DSA && *bitsp != 1024)
fatal("DSA keys must be 1024 bits");
else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bitsp) == -1)
fatal("Invalid ECDSA key length - valid lengths are "
"256, 384 or 521 bits");
+#endif
}
static void
#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"
#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb
+#ifdef WITH_OPENSSL
static void
do_convert_to_ssh2(struct passwd *pw, Key *k)
{
key_free(k);
exit(0);
}
+#endif
static void
do_print_public(struct passwd *pw)
}
}
+#ifdef ENABLE_PKCS11
pkcs11_init(1);
+#endif
tmp = tilde_expand_filename(ca_key_path, pw->pw_uid);
if (pkcs11provider != NULL) {
if ((ca = load_pkcs11_key(tmp)) == NULL)
key_free(public);
free(out);
}
+#ifdef ENABLE_PKCS11
pkcs11_terminate();
+#endif
exit(0);
}
exit(0);
}
+#ifdef WITH_OPENSSL
static void
load_krl(const char *path, struct ssh_krl **krlp)
{
ssh_krl_free(krl);
exit(ret);
}
+#endif
static void
usage(void)
printf("Cannot use -l with -H or -R.\n");
usage();
}
+#ifdef WITH_OPENSSL
if (gen_krl) {
do_gen_krl(pw, update_krl, argc, argv);
return (0);
do_check_krl(pw, argc, argv);
return (0);
}
+#endif
if (ca_key_path != NULL) {
if (cert_key_id == NULL)
fatal("Must specify key id (-I) when certifying");
do_change_passphrase(pw);
if (change_comment)
do_change_comment(pw);
+#ifdef WITH_OPENSSL
if (convert_to)
do_convert_to(pw);
if (convert_from)
do_convert_from(pw);
+#endif
if (print_public)
do_print_public(pw);
if (rr_hostname != NULL) {
-/* $OpenBSD: ssh-keyscan.c,v 1.91 2014/03/27 23:01:27 markus Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.92 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
*
return (tok);
}
+#ifdef WITH_SSH1
static Key *
keygrab_ssh1(con *c)
{
return (rsa);
}
+#endif
static int
hostjump(Key *hostkey)
(c->c_keytype == KT_ED25519 ? "ssh-ed25519" :
"ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"));
c->c_kex = kex_setup(myproposal);
+#ifdef WITH_OPENSSL
c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+#endif
c->c_kex->kex[KEX_C25519_SHA256] = kexc25519_client;
c->c_kex->verify_host_key = hostjump;
c->c_data = xmalloc(c->c_len);
c->c_status = CS_KEYS;
break;
+#ifdef WITH_SSH1
case CS_KEYS:
keyprint(c, keygrab_ssh1(c));
confree(s);
return;
+#endif
default:
fatal("conread: invalid status %d", c->c_status);
break;
-/* $OpenBSD: ssh-keysign.c,v 1.41 2014/04/19 14:53:48 tedu Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.42 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright (c) 2002 Markus Friedl. All rights reserved.
*
keys[i] = NULL;
if (key_fd[i] == -1)
continue;
+#ifdef WITH_OPENSSL
+/* XXX wrong api */
keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC,
NULL, NULL);
+#endif
close(key_fd[i]);
if (keys[i] != NULL)
found = 1;
-/* $OpenBSD: ssh-pkcs11.h,v 1.2 2010/02/24 06:12:53 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.h,v 1.3 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright (c) 2010 Markus Friedl. All rights reserved.
*
void pkcs11_terminate(void);
int pkcs11_add_provider(char *, char *, Key ***);
int pkcs11_del_provider(char *);
+
+#if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11)
+#undef ENABLE_PKCS11
+#endif
-/* $OpenBSD: ssh.c,v 1.401 2014/02/26 20:18:37 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.402 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include <string.h>
#include <unistd.h>
+#ifdef WITH_OPENSSL
#include <openssl/evp.h>
#include <openssl/err.h>
+#endif
#include "xmalloc.h"
#include "ssh.h"
break;
case 'V':
fprintf(stderr, "%s, %s\n",
- SSH_VERSION, SSLeay_version(SSLEAY_VERSION));
+ SSH_VERSION,
+#ifdef WITH_OPENSSL
+ SSLeay_version(SSLEAY_VERSION)
+#else
+ "without OpenSSL"
+#endif
+ );
if (opt == 'V')
exit(0);
break;
host_arg = xstrdup(host);
+#ifdef WITH_OPENSSL
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
+#endif
/* Initialize the command to execute on remote host. */
buffer_init(&command);
SYSLOG_FACILITY_USER, !use_syslog);
if (debug_flag)
- logit("%s, %s", SSH_VERSION, SSLeay_version(SSLEAY_VERSION));
+ logit("%s, %s", SSH_VERSION,
+#ifdef WITH_OPENSSL
+ SSLeay_version(SSLEAY_VERSION)
+#else
+ "without OpenSSL"
+#endif
+ );
/* Parse the configuration files */
process_config_files(pw);
-# $OpenBSD: Makefile,v 1.62 2013/07/20 01:55:13 djm Exp $
+# $OpenBSD: Makefile,v 1.63 2014/04/29 18:01:49 markus Exp $
.PATH: ${.CURDIR}/..
+.include "${.CURDIR}/../Makefile.inc"
PROG= ssh
BINOWN= root
MLINKS= ssh.1 slogin.1
SRCS= ssh.c readconf.c clientloop.c sshtty.c \
- sshconnect.c sshconnect1.c sshconnect2.c mux.c \
+ sshconnect.c sshconnect2.c mux.c \
roaming_common.c roaming_client.c
.include <bsd.own.mk>
+.if (${OPENSSL:L} == "yes")
+SRCS+= sshconnect1.c
+.endif
+
KERBEROS5=no
.if (${KERBEROS5:L} == "yes")
LDADD+= -lwind -lroken -lcom_err -lpthread -lheimbase
.endif # KERBEROS5
-LDADD+= -lcrypto -lutil -lz
-DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ}
+.if (${OPENSSL:L} == "yes")
+LDADD+= -lcrypto -lutil
+DPADD+= ${LIBCRYPTO} ${LIBUTIL}
+.endif
+
+LDADD+= -lz
+DPADD+= ${LIBZ}
-/* $OpenBSD: sshconnect.c,v 1.247 2014/04/01 03:34:10 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.248 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
ssh_kex2(host, hostaddr, port);
ssh_userauth2(local_user, server_user, host, sensitive);
} else {
+#ifdef WITH_SSH1
ssh_kex(host, hostaddr);
ssh_userauth1(local_user, server_user, host, sensitive);
+#else
+ fatal("ssh1 is not unsupported");
+#endif
}
free(local_user);
}
-/* $OpenBSD: sshconnect2.c,v 1.206 2014/04/18 23:52:25 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.207 2014/04/29 18:01:49 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
/* start key exchange */
kex = kex_setup(myproposal);
+#ifdef WITH_OPENSSL
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+#endif
kex->kex[KEX_C25519_SHA256] = kexc25519_client;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
-/* $OpenBSD: sshd.c,v 1.425 2014/04/19 14:53:48 tedu Exp $ */
+/* $OpenBSD: sshd.c,v 1.426 2014/04/29 18:01:49 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include <string.h>
#include <unistd.h>
-#include <openssl/dh.h>
+#ifdef WITH_OPENSSL
#include <openssl/bn.h>
+#endif
#include "xmalloc.h"
#include "ssh.h"
#include "digest.h"
#include "key.h"
#include "kex.h"
-#include "dh.h"
#include "myproposal.h"
#include "authfile.h"
#include "pathnames.h"
void destroy_sensitive_data(void);
void demote_sensitive_data(void);
+#ifdef WITH_SSH1
static void do_ssh1_kex(void);
+#endif
static void do_ssh2_kex(void);
/*
static void
privsep_postauth(Authctxt *authctxt)
{
-
if (authctxt->pw->pw_uid == 0 || options.use_login) {
/* File descriptor passing is broken or root login */
use_privsep = 0;
usage(void)
{
fprintf(stderr, "%s, %s\n",
- SSH_VERSION, SSLeay_version(SSLEAY_VERSION));
+ SSH_VERSION,
+#ifdef WITH_OPENSSL
+ SSLeay_version(SSLEAY_VERSION)
+#else
+ "without OpenSSL"
+#endif
+ );
fprintf(stderr,
"usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]\n"
" [-E log_file] [-f config_file] [-g login_grace_time]\n"
buffer_init(&m);
buffer_put_cstring(&m, buffer_ptr(conf));
+#ifdef WITH_SSH1
if (sensitive_data.server_key != NULL &&
sensitive_data.server_key->type == KEY_RSA1) {
buffer_put_int(&m, 1);
buffer_put_bignum(&m, sensitive_data.server_key->rsa->p);
buffer_put_bignum(&m, sensitive_data.server_key->rsa->q);
} else
+#endif
buffer_put_int(&m, 0);
if (ssh_msg_send(fd, 0, &m) == -1)
free(cp);
if (buffer_get_int(&m)) {
+#ifdef WITH_SSH1
if (sensitive_data.server_key != NULL)
key_free(sensitive_data.server_key);
sensitive_data.server_key = key_new_private(KEY_RSA1);
buffer_get_bignum(&m, sensitive_data.server_key->rsa->q);
rsa_generate_additional_parameters(
sensitive_data.server_key->rsa);
+#else
+ fatal("ssh1 not supported");
+#endif
}
buffer_free(&m);
else
closefrom(REEXEC_DEVCRYPTO_RESERVED_FD);
+#ifdef WITH_OPENSSL
OpenSSL_add_all_algorithms();
+#endif
/* If requested, redirect the logs to the specified logfile. */
if (logfile != NULL) {
}
debug("sshd version %s, %s", SSH_VERSION,
- SSLeay_version(SSLEAY_VERSION));
+#ifdef WITH_OPENSSL
+ SSLeay_version(SSLEAY_VERSION)
+#else
+ "without OpenSSL"
+#endif
+ );
/* load host keys */
sensitive_data.host_keys = xcalloc(options.num_host_key_files,
debug("host certificate: #%d type %d %s", j, key->type,
key_type(key));
}
+
+#ifdef WITH_SSH1
/* Check certain values for sanity. */
if (options.protocol & SSH_PROTO_1) {
if (options.server_key_bits < 512 ||
options.server_key_bits);
}
}
+#endif
if (use_privsep) {
struct stat st;
do_ssh2_kex();
do_authentication2(authctxt);
} else {
+#ifdef WITH_SSH1
do_ssh1_kex();
do_authentication(authctxt);
+#else
+ fatal("ssh1 not supported");
+#endif
}
/*
* If we use privilege separation, the unprivileged child transfers
exit(0);
}
+#ifdef WITH_SSH1
/*
* Decrypt session_key_int using our private server key and private host key
* (key with larger modulus first).
}
return (rsafail);
}
+
/*
* SSH1 key exchange
*/
packet_send();
packet_write_wait();
}
+#endif
void
sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, u_int *slen,
/* start key exchange */
kex = kex_setup(myproposal);
+#ifdef WITH_OPENSSL
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#endif
kex->kex[KEX_C25519_SHA256] = kexc25519_server;
kex->server = 1;
kex->client_version_string=client_version_string;
-# $OpenBSD: Makefile,v 1.82 2014/03/26 19:58:37 tedu Exp $
+# $OpenBSD: Makefile,v 1.83 2014/04/29 18:01:49 markus Exp $
.PATH: ${.CURDIR}/..
+.include "${.CURDIR}/../Makefile.inc"
PROG= sshd
BINOWN= root
BINDIR= /usr/sbin
MAN= sshd.8 sshd_config.5
-SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \
+SRCS= sshd.c auth-rhosts.c auth-passwd.c \
sshpty.c sshlogin.c servconf.c serverloop.c \
- auth.c auth1.c auth2.c auth-options.c session.c \
+ auth.c auth2.c auth-options.c session.c \
auth-chall.c auth2-chall.c groupaccess.c \
auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c \
auth2-none.c auth2-passwd.c auth2-pubkey.c \
monitor_mm.c monitor.c monitor_wrap.c \
- kexdhs.c kexgexs.c kexecdhs.c sftp-server.c sftp-common.c \
+ sftp-server.c sftp-common.c \
roaming_common.c roaming_serv.c sandbox-systrace.c \
kexc25519s.c
+.if (${OPENSSL:L} == "yes")
+SRCS+= auth-rsa.c auth-rh-rsa.c auth1.c \
+ kexdhs.c kexgexs.c kexecdhs.c
+.endif
+
.include <bsd.own.mk> # for KERBEROS and AFS
KERBEROS5=no
DPADD+= ${LIBGSSAPI} ${LIBKRB5}
.endif
-LDADD+= -lcrypto -lutil -lz
-DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ}
+.if (${OPENSSL:L} == "yes")
+LDADD+= -lcrypto -lutil
+DPADD+= ${LIBCRYPTO} ${LIBUTIL}
+.endif
+
+LDADD+= -lz
+DPADD+= ${LIBZ}
projects / openbsd / commitdiff