From: djm Date: Sun, 30 Apr 2017 23:10:43 +0000 (+0000) Subject: unifdef WITH_SSH1 X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=67cc3a3cf8518dd2e78b340d35c15dbfd1e7e89d;p=openbsd unifdef WITH_SSH1 ok markus@ --- diff --git a/usr.bin/ssh/Makefile.inc b/usr.bin/ssh/Makefile.inc index e7c88f41f7c..07bef088d64 100644 --- a/usr.bin/ssh/Makefile.inc +++ b/usr.bin/ssh/Makefile.inc @@ -1,30 +1,20 @@ -# $OpenBSD: Makefile.inc,v 1.51 2017/04/17 11:02:31 jsg Exp $ +# $OpenBSD: Makefile.inc,v 1.52 2017/04/30 23:10:43 djm Exp $ .include CFLAGS+= -I${.CURDIR}/.. CFLAGS+= -fstack-protector-all -CDIAGFLAGS= -Wall -CDIAGFLAGS+= -Wchar-subscripts -CDIAGFLAGS+= -Wcomment +CDIAGFLAGS= -Werror -Wextra -Wall -ftrapv CDIAGFLAGS+= -Wextra -CDIAGFLAGS+= -Wformat CDIAGFLAGS+= -Wformat-security -CDIAGFLAGS+= -Wimplicit CDIAGFLAGS+= -Winline CDIAGFLAGS+= -Wmissing-declarations CDIAGFLAGS+= -Wmissing-prototypes -CDIAGFLAGS+= -Wparentheses +CDIAGFLAGS+= -Wold-style-definition CDIAGFLAGS+= -Wpointer-arith -CDIAGFLAGS+= -Wreturn-type CDIAGFLAGS+= -Wshadow -CDIAGFLAGS+= -Wsign-compare -CDIAGFLAGS+= -Wstrict-aliasing CDIAGFLAGS+= -Wstrict-prototypes -CDIAGFLAGS+= -Wswitch -CDIAGFLAGS+= -Wtrigraphs -CDIAGFLAGS+= -Wuninitialized CDIAGFLAGS+= -Wunused .if ${COMPILER_VERSION:L} != "gcc3" CDIAGFLAGS+= -Wold-style-definition @@ -34,10 +24,11 @@ CDIAGFLAGS+= -Wno-unused-parameter # Not clean for this yet #CDIAGFLAGS+= -Wcast-qual # XXX not clean #CDIAGFLAGS+= -Wcast-align # XXX can't be clean with sockaddr casts? -#CDIAGFLAGS+= -Werror -#DEBUG=-g +CDIAGFLAGS+= -Wno-unused-parameter +DEBUG=-g WARNINGS=yes +INSTALL_STRIP= SSH1?= no OPENSSL?= yes diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c index dda261083f3..b0b8ded7f70 100644 --- a/usr.bin/ssh/authfd.c +++ b/usr.bin/ssh/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.100 2015/12/04 16:41:28 markus Exp $ */ +/* $OpenBSD: authfd.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -197,43 +197,6 @@ ssh_lock_agent(int sock, int lock, const char *password) return r; } -#ifdef WITH_SSH1 -static int -deserialise_identity1(struct sshbuf *ids, struct sshkey **keyp, char **commentp) -{ - struct sshkey *key; - int r, keybits; - u_int32_t bits; - char *comment = NULL; - - if ((key = sshkey_new(KEY_RSA1)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_get_u32(ids, &bits)) != 0 || - (r = sshbuf_get_bignum1(ids, key->rsa->e)) != 0 || - (r = sshbuf_get_bignum1(ids, key->rsa->n)) != 0 || - (r = sshbuf_get_cstring(ids, &comment, NULL)) != 0) - goto out; - keybits = BN_num_bits(key->rsa->n); - /* XXX previously we just warned here. I think we should be strict */ - if (keybits < 0 || bits != (u_int)keybits) { - r = SSH_ERR_KEY_BITS_MISMATCH; - goto out; - } - if (keyp != NULL) { - *keyp = key; - key = NULL; - } - if (commentp != NULL) { - *commentp = comment; - comment = NULL; - } - r = 0; - out: - sshkey_free(key); - free(comment); - return r; -} -#endif static int deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) @@ -329,11 +292,6 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp) for (i = 0; i < num;) { switch (version) { case 1: -#ifdef WITH_SSH1 - if ((r = deserialise_identity1(msg, - &(idl->keys[i]), &(idl->comments[i]))) != 0) - goto out; -#endif break; case 2: if ((r = deserialise_identity2(msg, @@ -383,46 +341,6 @@ ssh_free_identitylist(struct ssh_identitylist *idl) * otherwise. */ -#ifdef WITH_SSH1 -int -ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge, - u_char session_id[16], u_char response[16]) -{ - struct sshbuf *msg; - int r; - u_char type; - - if (key->type != KEY_RSA1) - return SSH_ERR_INVALID_ARGUMENT; - if ((msg = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u8(msg, SSH_AGENTC_RSA_CHALLENGE)) != 0 || - (r = sshbuf_put_u32(msg, BN_num_bits(key->rsa->n))) != 0 || - (r = sshbuf_put_bignum1(msg, key->rsa->e)) != 0 || - (r = sshbuf_put_bignum1(msg, key->rsa->n)) != 0 || - (r = sshbuf_put_bignum1(msg, challenge)) != 0 || - (r = sshbuf_put(msg, session_id, 16)) != 0 || - (r = sshbuf_put_u32(msg, 1)) != 0) /* Response type for proto 1.1 */ - goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) - goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - if (agent_failed(type)) { - r = SSH_ERR_AGENT_FAILURE; - goto out; - } else if (type != SSH_AGENT_RSA_RESPONSE) { - r = SSH_ERR_INVALID_FORMAT; - goto out; - } - if ((r = sshbuf_get(msg, response, 16)) != 0) - goto out; - r = 0; - out: - sshbuf_free(msg); - return r; -} -#endif /* encode signature algoritm in flag bits, so we can keep the msg format */ static u_int @@ -492,25 +410,6 @@ ssh_agent_sign(int sock, struct sshkey *key, /* Encode key for a message to the agent. */ -#ifdef WITH_SSH1 -static int -ssh_encode_identity_rsa1(struct sshbuf *b, RSA *key, const char *comment) -{ - int r; - - /* To keep within the protocol: p < q for ssh. in SSL p > q */ - if ((r = sshbuf_put_u32(b, BN_num_bits(key->n))) != 0 || - (r = sshbuf_put_bignum1(b, key->n)) != 0 || - (r = sshbuf_put_bignum1(b, key->e)) != 0 || - (r = sshbuf_put_bignum1(b, key->d)) != 0 || - (r = sshbuf_put_bignum1(b, key->iqmp)) != 0 || - (r = sshbuf_put_bignum1(b, key->q)) != 0 || - (r = sshbuf_put_bignum1(b, key->p)) != 0 || - (r = sshbuf_put_cstring(b, comment)) != 0) - return r; - return 0; -} -#endif static int ssh_encode_identity_ssh2(struct sshbuf *b, struct sshkey *key, @@ -559,16 +458,6 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, return SSH_ERR_ALLOC_FAIL; switch (key->type) { -#ifdef WITH_SSH1 - case KEY_RSA1: - type = constrained ? - SSH_AGENTC_ADD_RSA_ID_CONSTRAINED : - SSH_AGENTC_ADD_RSA_IDENTITY; - if ((r = sshbuf_put_u8(msg, type)) != 0 || - (r = ssh_encode_identity_rsa1(msg, key->rsa, comment)) != 0) - goto out; - break; -#endif #ifdef WITH_OPENSSL case KEY_RSA: case KEY_RSA_CERT: @@ -618,16 +507,6 @@ ssh_remove_identity(int sock, struct sshkey *key) if ((msg = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; -#ifdef WITH_SSH1 - if (key->type == KEY_RSA1) { - if ((r = sshbuf_put_u8(msg, - SSH_AGENTC_REMOVE_RSA_IDENTITY)) != 0 || - (r = sshbuf_put_u32(msg, BN_num_bits(key->rsa->n))) != 0 || - (r = sshbuf_put_bignum1(msg, key->rsa->e)) != 0 || - (r = sshbuf_put_bignum1(msg, key->rsa->n)) != 0) - goto out; - } else -#endif if (key->type != KEY_UNSPEC) { if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) goto out; diff --git a/usr.bin/ssh/authfile.c b/usr.bin/ssh/authfile.c index 04c39058bc4..dd3500ba485 100644 --- a/usr.bin/ssh/authfile.c +++ b/usr.bin/ssh/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.123 2017/03/26 00:18:52 deraadt Exp $ */ +/* $OpenBSD: authfile.c,v 1.124 2017/04/30 23:10:43 djm Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -145,35 +145,6 @@ sshkey_load_file(int fd, struct sshbuf *blob) return r; } -#ifdef WITH_SSH1 -/* - * Loads the public part of the ssh v1 key file. Returns NULL if an error was - * encountered (the file does not exist or is not readable), and the key - * otherwise. - */ -static int -sshkey_load_public_rsa1(int fd, struct sshkey **keyp, char **commentp) -{ - struct sshbuf *b = NULL; - int r; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - if ((b = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_load_file(fd, b)) != 0) - goto out; - if ((r = sshkey_parse_public_rsa1_fileblob(b, keyp, commentp)) != 0) - goto out; - r = 0; - out: - sshbuf_free(b); - return r; -} -#endif /* WITH_SSH1 */ /* XXX remove error() calls from here? */ int @@ -357,21 +328,7 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) if ((fd = open(filename, O_RDONLY)) < 0) goto skip; -#ifdef WITH_SSH1 - /* try rsa1 private key */ - r = sshkey_load_public_rsa1(fd, keyp, commentp); - close(fd); - switch (r) { - case SSH_ERR_INTERNAL_ERROR: - case SSH_ERR_ALLOC_FAIL: - case SSH_ERR_INVALID_ARGUMENT: - case SSH_ERR_SYSTEM_ERROR: - case 0: - return r; - } -#else /* WITH_SSH1 */ close(fd); -#endif /* WITH_SSH1 */ /* try ssh2 public key */ if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) @@ -383,17 +340,6 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) } sshkey_free(pub); -#ifdef WITH_SSH1 - /* try rsa1 public key */ - if ((pub = sshkey_new(KEY_RSA1)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) { - if (keyp != NULL) - *keyp = pub; - return 0; - } - sshkey_free(pub); -#endif /* WITH_SSH1 */ skip: /* try .pub suffix */ diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c index b4916a49ebf..eac7732a1ae 100644 --- a/usr.bin/ssh/cipher.c +++ b/usr.bin/ssh/cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.102 2016/08/03 05:41:57 djm Exp $ */ +/* $OpenBSD: cipher.c,v 1.103 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -47,11 +47,6 @@ #include "ssherr.h" #include "digest.h" -#ifdef WITH_SSH1 -extern const EVP_CIPHER *evp_ssh1_bf(void); -extern const EVP_CIPHER *evp_ssh1_3des(void); -extern int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); -#endif struct sshcipher_ctx { int plaintext; @@ -83,11 +78,6 @@ struct sshcipher { }; static const struct sshcipher ciphers[] = { -#ifdef WITH_SSH1 - { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, - { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, - { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf }, -#endif #ifdef WITH_OPENSSL { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, @@ -608,10 +598,6 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) } else memcpy(iv, cc->evp->iv, len); break; -#endif -#ifdef WITH_SSH1 - case SSH_CIPHER_3DES: - return ssh1_3des_iv(cc->evp, 0, iv, 24); #endif default: return SSH_ERR_INVALID_ARGUMENT; @@ -648,10 +634,6 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) } else memcpy(cc->evp->iv, iv, evplen); break; -#endif -#ifdef WITH_SSH1 - case SSH_CIPHER_3DES: - return ssh1_3des_iv(cc->evp, 1, (u_char *)iv, 24); #endif default: return SSH_ERR_INVALID_ARGUMENT; diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c index 56125010e94..9cc60cdebb4 100644 --- a/usr.bin/ssh/compat.c +++ b/usr.bin/ssh/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.100 2017/02/03 23:01:19 djm Exp $ */ +/* $OpenBSD: compat.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -231,11 +231,6 @@ proto_spec(const char *spec) for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { switch (atoi(p)) { case 1: -#ifdef WITH_SSH1 - if (ret == SSH_PROTO_UNKNOWN) - ret |= SSH_PROTO_1_PREFERRED; - ret |= SSH_PROTO_1; -#endif break; case 2: ret |= SSH_PROTO_2; diff --git a/usr.bin/ssh/hostfile.c b/usr.bin/ssh/hostfile.c index dc1b8b535ff..79f2b77d487 100644 --- a/usr.bin/ssh/hostfile.c +++ b/usr.bin/ssh/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.68 2017/03/10 04:26:06 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.69 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -786,20 +786,7 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx, break; } if (!hostfile_read_key(&cp, &kbits, lineinfo.key)) { -#ifdef WITH_SSH1 - sshkey_free(lineinfo.key); - lineinfo.key = sshkey_new(KEY_RSA1); - if (lineinfo.key == NULL) { - error("%s: sshkey_new fail", __func__); - r = SSH_ERR_ALLOC_FAIL; - break; - } - if (!hostfile_read_key(&cp, &kbits, - lineinfo.key)) - goto bad; -#else goto bad; -#endif } lineinfo.keytype = lineinfo.key->type; lineinfo.comment = cp; diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c index 064fc3b0858..40dfb09c2b4 100644 --- a/usr.bin/ssh/kex.c +++ b/usr.bin/ssh/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */ +/* $OpenBSD: kex.c,v 1.132 2017/04/30 23:10:43 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -966,47 +966,6 @@ kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen, } #endif -#ifdef WITH_SSH1 -int -derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus, - u_int8_t cookie[8], u_int8_t id[16]) -{ - u_int8_t hbuf[2048], sbuf[2048], obuf[SSH_DIGEST_MAX_LENGTH]; - struct ssh_digest_ctx *hashctx = NULL; - size_t hlen, slen; - int r; - - hlen = BN_num_bytes(host_modulus); - slen = BN_num_bytes(server_modulus); - if (hlen < (512 / 8) || (u_int)hlen > sizeof(hbuf) || - slen < (512 / 8) || (u_int)slen > sizeof(sbuf)) - return SSH_ERR_KEY_BITS_MISMATCH; - if (BN_bn2bin(host_modulus, hbuf) <= 0 || - BN_bn2bin(server_modulus, sbuf) <= 0) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - if ((hashctx = ssh_digest_start(SSH_DIGEST_MD5)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if (ssh_digest_update(hashctx, hbuf, hlen) != 0 || - ssh_digest_update(hashctx, sbuf, slen) != 0 || - ssh_digest_update(hashctx, cookie, 8) != 0 || - ssh_digest_final(hashctx, obuf, sizeof(obuf)) != 0) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - memcpy(id, obuf, ssh_digest_bytes(SSH_DIGEST_MD5)); - r = 0; - out: - ssh_digest_free(hashctx); - explicit_bzero(hbuf, sizeof(hbuf)); - explicit_bzero(sbuf, sizeof(sbuf)); - explicit_bzero(obuf, sizeof(obuf)); - return r; -} -#endif #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) void diff --git a/usr.bin/ssh/opacket.c b/usr.bin/ssh/opacket.c index 7126312bfb9..bb53842a8fa 100644 --- a/usr.bin/ssh/opacket.c +++ b/usr.bin/ssh/opacket.c @@ -72,16 +72,6 @@ ssh_packet_put_raw(struct ssh *ssh, const void *buf, u_int len) fatal("%s: %s", __func__, ssh_err(r)); } -#ifdef WITH_SSH1 -void -ssh_packet_put_bignum(struct ssh *ssh, BIGNUM * value) -{ - int r; - - if ((r = sshpkt_put_bignum1(ssh, value)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); -} -#endif #ifdef WITH_OPENSSL void @@ -146,16 +136,6 @@ ssh_packet_get_int64(struct ssh *ssh) return val; } -#ifdef WITH_SSH1 -void -ssh_packet_get_bignum(struct ssh *ssh, BIGNUM * value) -{ - int r; - - if ((r = sshpkt_get_bignum1(ssh, value)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); -} -#endif #ifdef WITH_OPENSSL void diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index f9b02fca09b..3166979003c 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.247 2017/03/11 13:07:35 markus Exp $ */ +/* $OpenBSD: packet.c,v 1.248 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -800,34 +800,7 @@ uncompress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) void ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) { -#ifndef WITH_SSH1 fatal("no SSH protocol 1 support"); -#else /* WITH_SSH1 */ - struct session_state *state = ssh->state; - const struct sshcipher *cipher = cipher_by_number(number); - int r; - const char *wmsg; - - if (cipher == NULL) - fatal("%s: unknown cipher number %d", __func__, number); - if (keylen < 20) - fatal("%s: keylen too small: %d", __func__, keylen); - if (keylen > SSH_SESSION_KEY_LENGTH) - fatal("%s: keylen too big: %d", __func__, keylen); - memcpy(state->ssh1_key, key, keylen); - state->ssh1_keylen = keylen; - if ((r = cipher_init(&state->send_context, cipher, key, keylen, - NULL, 0, CIPHER_ENCRYPT)) != 0 || - (r = cipher_init(&state->receive_context, cipher, key, keylen, - NULL, 0, CIPHER_DECRYPT) != 0)) - fatal("%s: cipher_init failed: %s", __func__, ssh_err(r)); - if (!state->cipher_warning_done && - ((wmsg = cipher_warning_message(state->send_context)) != NULL || - (wmsg = cipher_warning_message(state->send_context)) != NULL)) { - error("Warning: %s", wmsg); - state->cipher_warning_done = 1; - } -#endif /* WITH_SSH1 */ } /* @@ -2840,13 +2813,6 @@ sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g) return sshbuf_put_ec(ssh->state->outgoing_packet, v, g); } -#ifdef WITH_SSH1 -int -sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v) -{ - return sshbuf_put_bignum1(ssh->state->outgoing_packet, v); -} -#endif /* WITH_SSH1 */ int sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v) @@ -2906,13 +2872,6 @@ sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g) return sshbuf_get_ec(ssh->state->incoming_packet, v, g); } -#ifdef WITH_SSH1 -int -sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v) -{ - return sshbuf_get_bignum1(ssh->state->incoming_packet, v); -} -#endif /* WITH_SSH1 */ int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index e66f2e820bd..7bf65ad6e19 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.271 2017/04/28 03:20:27 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.272 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -193,15 +193,9 @@ static struct { { "smartcarddevice", oUnsupported }, { "pkcs11provider", oUnsupported }, #endif -#ifdef WITH_SSH1 - { "rsaauthentication", oRSAAuthentication }, - { "rhostsrsaauthentication", oRhostsRSAAuthentication }, - { "compressionlevel", oCompressionLevel }, -# else { "rsaauthentication", oUnsupported }, { "rhostsrsaauthentication", oUnsupported }, { "compressionlevel", oUnsupported }, -#endif { "forwardagent", oForwardAgent }, { "forwardx11", oForwardX11 }, @@ -2558,9 +2552,6 @@ dump_client_config(Options *o, const char *host) /* Integer options */ dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots); -#ifdef WITH_SSH1 - dump_cfg_int(oCompressionLevel, o->compression_level); -#endif dump_cfg_int(oConnectionAttempts, o->connection_attempts); dump_cfg_int(oForwardX11Timeout, o->forward_x11_timeout); dump_cfg_int(oNumberOfPasswordPrompts, o->number_of_password_prompts); diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c index c64f8d56edc..e72d8ae2865 100644 --- a/usr.bin/ssh/ssh-add.c +++ b/usr.bin/ssh/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.128 2016/02/15 09:47:49 dtucker Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.129 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -71,9 +71,6 @@ static char *default_files[] = { _PATH_SSH_CLIENT_ID_DSA, _PATH_SSH_CLIENT_ID_ECDSA, _PATH_SSH_CLIENT_ID_ED25519, -#ifdef WITH_SSH1 - _PATH_SSH_CLIENT_IDENTITY, -#endif NULL }; @@ -355,11 +352,7 @@ list_identities(int agent_fd, int do_fp) int r, had_identities = 0; struct ssh_identitylist *idlist; size_t i; -#ifdef WITH_SSH1 - int version = 1; -#else int version = 2; -#endif for (; version <= 2; version++) { if ((r = ssh_fetch_identitylist(agent_fd, version, diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index 75276c86400..dbfaa507b48 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.218 2017/03/15 03:52:30 deraadt Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.219 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -244,16 +244,6 @@ process_request_identities(SocketEntry *e, int version) fatal("%s: buffer error: %s", __func__, ssh_err(r)); TAILQ_FOREACH(id, &tab->idlist, next) { if (id->key->type == KEY_RSA1) { -#ifdef WITH_SSH1 - if ((r = sshbuf_put_u32(msg, - BN_num_bits(id->key->rsa->n))) != 0 || - (r = sshbuf_put_bignum1(msg, - id->key->rsa->e)) != 0 || - (r = sshbuf_put_bignum1(msg, - id->key->rsa->n)) != 0) - fatal("%s: buffer error: %s", - __func__, ssh_err(r)); -#endif } else { u_char *blob; size_t blen; @@ -276,87 +266,6 @@ process_request_identities(SocketEntry *e, int version) sshbuf_free(msg); } -#ifdef WITH_SSH1 -/* ssh1 only */ -static void -process_authentication_challenge1(SocketEntry *e) -{ - u_char buf[32], mdbuf[16], session_id[16]; - u_int response_type; - BIGNUM *challenge; - Identity *id; - int r, len; - struct sshbuf *msg; - struct ssh_digest_ctx *md; - struct sshkey *key; - - if ((msg = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((key = sshkey_new(KEY_RSA1)) == NULL) - fatal("%s: sshkey_new failed", __func__); - if ((challenge = BN_new()) == NULL) - fatal("%s: BN_new failed", __func__); - - if ((r = sshbuf_get_u32(e->request, NULL)) != 0 || /* ignored */ - (r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 || - (r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0 || - (r = sshbuf_get_bignum1(e->request, challenge))) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - /* Only protocol 1.1 is supported */ - if (sshbuf_len(e->request) == 0) - goto failure; - if ((r = sshbuf_get(e->request, session_id, sizeof(session_id))) != 0 || - (r = sshbuf_get_u32(e->request, &response_type)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (response_type != 1) - goto failure; - - id = lookup_identity(key, 1); - if (id != NULL && (!id->confirm || confirm_key(id) == 0)) { - struct sshkey *private = id->key; - /* Decrypt the challenge using the private key. */ - if ((r = rsa_private_decrypt(challenge, challenge, - private->rsa) != 0)) { - fatal("%s: rsa_public_encrypt: %s", __func__, - ssh_err(r)); - goto failure; /* XXX ? */ - } - - /* The response is MD5 of decrypted challenge plus session id */ - len = BN_num_bytes(challenge); - if (len <= 0 || len > 32) { - logit("%s: bad challenge length %d", __func__, len); - goto failure; - } - memset(buf, 0, 32); - BN_bn2bin(challenge, buf + 32 - len); - if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || - ssh_digest_update(md, buf, 32) < 0 || - ssh_digest_update(md, session_id, 16) < 0 || - ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0) - fatal("%s: md5 failed", __func__); - ssh_digest_free(md); - - /* Send the response. */ - if ((r = sshbuf_put_u8(msg, SSH_AGENT_RSA_RESPONSE)) != 0 || - (r = sshbuf_put(msg, mdbuf, sizeof(mdbuf))) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - goto send; - } - - failure: - /* Unknown identity or protocol error. Send failure. */ - if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - send: - if ((r = sshbuf_put_stringb(e->output, msg)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - sshkey_free(key); - BN_clear_free(challenge); - sshbuf_free(msg); -} -#endif static char * agent_decode_alg(struct sshkey *key, u_int flags) @@ -435,28 +344,8 @@ process_remove_identity(SocketEntry *e, int version) int r, success = 0; struct sshkey *key = NULL; u_char *blob; -#ifdef WITH_SSH1 - u_int bits; -#endif /* WITH_SSH1 */ switch (version) { -#ifdef WITH_SSH1 - case 1: - if ((key = sshkey_new(KEY_RSA1)) == NULL) { - error("%s: sshkey_new failed", __func__); - return; - } - if ((r = sshbuf_get_u32(e->request, &bits)) != 0 || - (r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 || - (r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - if (bits != sshkey_size(key)) - logit("Warning: identity keysize mismatch: " - "actual %u, announced %u", - sshkey_size(key), bits); - break; -#endif /* WITH_SSH1 */ case 2: if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); @@ -546,45 +435,6 @@ reaper(void) * XXX this and the corresponding serialisation function probably belongs * in key.c */ -#ifdef WITH_SSH1 -static int -agent_decode_rsa1(struct sshbuf *m, struct sshkey **kp) -{ - struct sshkey *k = NULL; - int r = SSH_ERR_INTERNAL_ERROR; - - *kp = NULL; - if ((k = sshkey_new_private(KEY_RSA1)) == NULL) - return SSH_ERR_ALLOC_FAIL; - - if ((r = sshbuf_get_u32(m, NULL)) != 0 || /* ignored */ - (r = sshbuf_get_bignum1(m, k->rsa->n)) != 0 || - (r = sshbuf_get_bignum1(m, k->rsa->e)) != 0 || - (r = sshbuf_get_bignum1(m, k->rsa->d)) != 0 || - (r = sshbuf_get_bignum1(m, k->rsa->iqmp)) != 0 || - /* SSH1 and SSL have p and q swapped */ - (r = sshbuf_get_bignum1(m, k->rsa->q)) != 0 || /* p */ - (r = sshbuf_get_bignum1(m, k->rsa->p)) != 0) /* q */ - goto out; - - /* Generate additional parameters */ - if ((r = rsa_generate_additional_parameters(k->rsa)) != 0) - goto out; - /* enable blinding */ - if (RSA_blinding_on(k->rsa, NULL) != 1) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - - r = 0; /* success */ - out: - if (r == 0) - *kp = k; - else - sshkey_free(k); - return r; -} -#endif /* WITH_SSH1 */ static void process_add_identity(SocketEntry *e, int version) @@ -600,11 +450,6 @@ process_add_identity(SocketEntry *e, int version) int r = SSH_ERR_INTERNAL_ERROR; switch (version) { -#ifdef WITH_SSH1 - case 1: - r = agent_decode_rsa1(e->request, &k); - break; -#endif /* WITH_SSH1 */ case 2: r = sshkey_private_deserialize(e->request, &k); break; @@ -899,22 +744,6 @@ process_message(SocketEntry *e) case SSH_AGENTC_UNLOCK: process_lock_agent(e, type == SSH_AGENTC_LOCK); break; -#ifdef WITH_SSH1 - /* ssh1 */ - case SSH_AGENTC_RSA_CHALLENGE: - process_authentication_challenge1(e); - break; - case SSH_AGENTC_REQUEST_RSA_IDENTITIES: - process_request_identities(e, 1); - break; - case SSH_AGENTC_ADD_RSA_IDENTITY: - case SSH_AGENTC_ADD_RSA_ID_CONSTRAINED: - process_add_identity(e, 1); - break; - case SSH_AGENTC_REMOVE_RSA_IDENTITY: - process_remove_identity(e, 1); - break; -#endif case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */ break; diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index 09a75bbfb34..f141a703457 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.300 2017/04/29 04:12:25 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.301 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -973,9 +973,6 @@ do_gen_all_hostkeys(struct passwd *pw) char *path; } key_types[] = { #ifdef WITH_OPENSSL -#ifdef WITH_SSH1 - { "rsa1", "RSA1", _PATH_HOST_KEY_FILE }, -#endif /* WITH_SSH1 */ { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, { "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE }, @@ -2230,11 +2227,7 @@ do_check_krl(struct passwd *pw, int argc, char **argv) } #endif -#ifdef WITH_SSH1 -# define RSA1_USAGE " | rsa1" -#else # define RSA1_USAGE "" -#endif static void usage(void) diff --git a/usr.bin/ssh/ssh-keyscan.c b/usr.bin/ssh/ssh-keyscan.c index c8b5f186ac6..028328c1242 100644 --- a/usr.bin/ssh/ssh-keyscan.c +++ b/usr.bin/ssh/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.109 2017/03/10 04:26:06 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.110 2017/04/30 23:10:43 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -169,52 +169,6 @@ strnnsep(char **stringp, char *delim) return (tok); } -#ifdef WITH_SSH1 -static struct sshkey * -keygrab_ssh1(con *c) -{ - static struct sshkey *rsa; - static struct sshbuf *msg; - int r; - u_char type; - - if (rsa == NULL) { - if ((rsa = sshkey_new(KEY_RSA1)) == NULL) { - error("%s: sshkey_new failed", __func__); - return NULL; - } - if ((msg = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - } - if ((r = sshbuf_put(msg, c->c_data, c->c_plen)) != 0 || - (r = sshbuf_consume(msg, 8 - (c->c_plen & 7))) != 0 || /* padding */ - (r = sshbuf_get_u8(msg, &type)) != 0) - goto buf_err; - if (type != (int) SSH_SMSG_PUBLIC_KEY) { - error("%s: invalid packet type", c->c_name); - sshbuf_reset(msg); - return NULL; - } - if ((r = sshbuf_consume(msg, 8)) != 0 || /* cookie */ - /* server key */ - (r = sshbuf_get_u32(msg, NULL)) != 0 || - (r = sshbuf_get_bignum1(msg, NULL)) != 0 || - (r = sshbuf_get_bignum1(msg, NULL)) != 0 || - /* host key */ - (r = sshbuf_get_u32(msg, NULL)) != 0 || - (r = sshbuf_get_bignum1(msg, rsa->rsa->e)) != 0 || - (r = sshbuf_get_bignum1(msg, rsa->rsa->n)) != 0) { - buf_err: - error("%s: buffer error: %s", __func__, ssh_err(r)); - sshbuf_reset(msg); - return NULL; - } - - sshbuf_reset(msg); - - return (rsa); -} -#endif static int key_print_wrapper(struct sshkey *hostkey, struct ssh *ssh) @@ -565,12 +519,6 @@ conread(int s) c->c_data = xmalloc(c->c_len); c->c_status = CS_KEYS; break; -#ifdef WITH_SSH1 - case CS_KEYS: - keyprint(c, keygrab_ssh1(c)); - confree(s); - return; -#endif default: fatal("conread: invalid status %d", c->c_status); break; @@ -734,11 +682,6 @@ main(int argc, char **argv) int type = sshkey_type_from_name(tname); switch (type) { -#ifdef WITH_SSH1 - case KEY_RSA1: - get_keytypes |= KT_RSA1; - break; -#endif case KEY_DSA: get_keytypes |= KT_DSA; break; diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 3579b1f4cce..8cfc35fb939 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.452 2017/04/28 03:20:27 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.453 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -659,11 +659,7 @@ main(int ac, char **av) else if (strcmp(optarg, "key-plain") == 0) cp = sshkey_alg_list(0, 1, 0, '\n'); else if (strcmp(optarg, "protocol-version") == 0) { -#ifdef WITH_SSH1 - cp = xstrdup("1\n2"); -#else cp = xstrdup("2"); -#endif } if (cp == NULL) fatal("Unsupported query \"%s\"", optarg); @@ -1268,10 +1264,6 @@ main(int ac, char **av) sizeof(Key)); PRIV_START; -#if WITH_SSH1 - sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, - _PATH_HOST_KEY_FILE, "", NULL, NULL); -#endif sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, _PATH_HOST_ECDSA_KEY_FILE, "", NULL); sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519, diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 06c69a81bae..80b2691b3c8 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.273 2017/03/10 03:22:40 dtucker Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.274 2017/04/30 23:10:43 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1356,12 +1356,7 @@ ssh_login(Sensitive *sensitive, const char *orighost, ssh_kex2(host, hostaddr, port); ssh_userauth2(local_user, server_user, host, sensitive); } else { -#ifdef WITH_SSH1 - ssh_kex(host, hostaddr); - ssh_userauth1(local_user, server_user, host, sensitive); -#else fatal("ssh1 is not supported"); -#endif } free(local_user); } diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c index f0f54df80d5..f30178f4b23 100644 --- a/usr.bin/ssh/sshkey.c +++ b/usr.bin/ssh/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.45 2017/03/10 04:07:20 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.46 2017/04/30 23:10:43 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -85,9 +85,6 @@ static const struct keytype keytypes[] = { { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", KEY_ED25519_CERT, 0, 1, 0 }, #ifdef WITH_OPENSSL -# ifdef WITH_SSH1 - { NULL, "RSA1", KEY_RSA1, 0, 0, 0 }, -# endif { "ssh-rsa", "RSA", KEY_RSA, 0, 0, 0 }, { "rsa-sha2-256", "RSA", KEY_RSA, 0, 0, 1 }, { "rsa-sha2-512", "RSA", KEY_RSA, 0, 0, 1 }, @@ -1168,39 +1165,6 @@ sshkey_fingerprint(const struct sshkey *k, int dgst_alg, return retval; } -#ifdef WITH_SSH1 -/* - * Reads a multiple-precision integer in decimal from the buffer, and advances - * the pointer. The integer must already be initialized. This function is - * permitted to modify the buffer. This leaves *cpp to point just beyond the - * last processed character. - */ -static int -read_decimal_bignum(char **cpp, BIGNUM *v) -{ - char *cp; - size_t e; - int skip = 1; /* skip white space */ - - cp = *cpp; - while (*cp == ' ' || *cp == '\t') - cp++; - e = strspn(cp, "0123456789"); - if (e == 0) - return SSH_ERR_INVALID_FORMAT; - if (e > SSHBUF_MAX_BIGNUM * 3) - return SSH_ERR_BIGNUM_TOO_LARGE; - if (cp[e] == '\0') - skip = 0; - else if (strchr(" \t\r\n", cp[e]) == NULL) - return SSH_ERR_INVALID_FORMAT; - cp[e] = '\0'; - if (BN_dec2bn(&v, cp) <= 0) - return SSH_ERR_INVALID_FORMAT; - *cpp = cp + e + skip; - return 0; -} -#endif /* WITH_SSH1 */ /* returns 0 ok, and < 0 error */ int @@ -1211,9 +1175,6 @@ sshkey_read(struct sshkey *ret, char **cpp) char *ep, *cp, *space; int r, type, curve_nid = -1; struct sshbuf *blob; -#ifdef WITH_SSH1 - u_long bits; -#endif /* WITH_SSH1 */ if (ret == NULL) return SSH_ERR_INVALID_ARGUMENT; @@ -1222,23 +1183,6 @@ sshkey_read(struct sshkey *ret, char **cpp) switch (ret->type) { case KEY_RSA1: -#ifdef WITH_SSH1 - /* Get number of bits. */ - bits = strtoul(cp, &ep, 10); - if (*cp == '\0' || strchr(" \t\r\n", *ep) == NULL || - bits == 0 || bits > SSHBUF_MAX_BIGNUM * 8) - return SSH_ERR_INVALID_FORMAT; /* Bad bit count... */ - /* Get public exponent, public modulus. */ - if ((r = read_decimal_bignum(&ep, ret->rsa->e)) < 0) - return r; - if ((r = read_decimal_bignum(&ep, ret->rsa->n)) < 0) - return r; - /* validate the claimed number of bits */ - if (BN_num_bits(ret->rsa->n) != (int)bits) - return SSH_ERR_KEY_BITS_MISMATCH; - *cpp = ep; - retval = 0; -#endif /* WITH_SSH1 */ break; case KEY_UNSPEC: case KEY_RSA: @@ -1394,36 +1338,6 @@ static int sshkey_format_rsa1(const struct sshkey *key, struct sshbuf *b) { int r = SSH_ERR_INTERNAL_ERROR; -#ifdef WITH_SSH1 - u_int bits = 0; - char *dec_e = NULL, *dec_n = NULL; - - if (key->rsa == NULL || key->rsa->e == NULL || - key->rsa->n == NULL) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((dec_e = BN_bn2dec(key->rsa->e)) == NULL || - (dec_n = BN_bn2dec(key->rsa->n)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - /* size of modulus 'n' */ - if ((bits = BN_num_bits(key->rsa->n)) <= 0) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } - if ((r = sshbuf_putf(b, "%u %s %s", bits, dec_e, dec_n)) != 0) - goto out; - - /* Success */ - r = 0; - out: - if (dec_e != NULL) - OPENSSL_free(dec_e); - if (dec_n != NULL) - OPENSSL_free(dec_n); -#endif /* WITH_SSH1 */ return r; } @@ -3354,105 +3268,6 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, return r; } -#if WITH_SSH1 -/* - * Serialises the authentication (private) key to a blob, encrypting it with - * passphrase. The identification of the blob (lowest 64 bits of n) will - * precede the key to provide identification of the key without needing a - * passphrase. - */ -static int -sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob, - const char *passphrase, const char *comment) -{ - struct sshbuf *buffer = NULL, *encrypted = NULL; - u_char buf[8]; - int r, cipher_num; - struct sshcipher_ctx *ciphercontext = NULL; - const struct sshcipher *cipher; - u_char *cp; - - /* - * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting - * to another cipher; otherwise use SSH_AUTHFILE_CIPHER. - */ - cipher_num = (strcmp(passphrase, "") == 0) ? - SSH_CIPHER_NONE : SSH_CIPHER_3DES; - if ((cipher = cipher_by_number(cipher_num)) == NULL) - return SSH_ERR_INTERNAL_ERROR; - - /* This buffer is used to build the secret part of the private key. */ - if ((buffer = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - - /* Put checkbytes for checking passphrase validity. */ - if ((r = sshbuf_reserve(buffer, 4, &cp)) != 0) - goto out; - arc4random_buf(cp, 2); - memcpy(cp + 2, cp, 2); - - /* - * Store the private key (n and e will not be stored because they - * will be stored in plain text, and storing them also in encrypted - * format would just give known plaintext). - * Note: q and p are stored in reverse order to SSL. - */ - if ((r = sshbuf_put_bignum1(buffer, key->rsa->d)) != 0 || - (r = sshbuf_put_bignum1(buffer, key->rsa->iqmp)) != 0 || - (r = sshbuf_put_bignum1(buffer, key->rsa->q)) != 0 || - (r = sshbuf_put_bignum1(buffer, key->rsa->p)) != 0) - goto out; - - /* Pad the part to be encrypted to a size that is a multiple of 8. */ - explicit_bzero(buf, 8); - if ((r = sshbuf_put(buffer, buf, 8 - (sshbuf_len(buffer) % 8))) != 0) - goto out; - - /* This buffer will be used to contain the data in the file. */ - if ((encrypted = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - - /* First store keyfile id string. */ - if ((r = sshbuf_put(encrypted, LEGACY_BEGIN, - sizeof(LEGACY_BEGIN))) != 0) - goto out; - - /* Store cipher type and "reserved" field. */ - if ((r = sshbuf_put_u8(encrypted, cipher_num)) != 0 || - (r = sshbuf_put_u32(encrypted, 0)) != 0) - goto out; - - /* Store public key. This will be in plain text. */ - if ((r = sshbuf_put_u32(encrypted, BN_num_bits(key->rsa->n))) != 0 || - (r = sshbuf_put_bignum1(encrypted, key->rsa->n)) != 0 || - (r = sshbuf_put_bignum1(encrypted, key->rsa->e)) != 0 || - (r = sshbuf_put_cstring(encrypted, comment)) != 0) - goto out; - - /* Allocate space for the private part of the key in the buffer. */ - if ((r = sshbuf_reserve(encrypted, sshbuf_len(buffer), &cp)) != 0) - goto out; - - if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, - CIPHER_ENCRYPT)) != 0) - goto out; - if ((r = cipher_crypt(ciphercontext, 0, cp, - sshbuf_ptr(buffer), sshbuf_len(buffer), 0, 0)) != 0) - goto out; - - r = sshbuf_putb(blob, encrypted); - - out: - cipher_free(ciphercontext); - explicit_bzero(buf, sizeof(buf)); - sshbuf_free(buffer); - sshbuf_free(encrypted); - - return r; -} -#endif /* WITH_SSH1 */ #ifdef WITH_OPENSSL /* convert SSH v2 key in OpenSSL PEM format */ @@ -3513,11 +3328,6 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, int force_new_format, const char *new_format_cipher, int new_format_rounds) { switch (key->type) { -#ifdef WITH_SSH1 - case KEY_RSA1: - return sshkey_private_rsa1_to_blob(key, blob, - passphrase, comment); -#endif /* WITH_SSH1 */ #ifdef WITH_OPENSSL case KEY_DSA: case KEY_ECDSA: @@ -3537,182 +3347,6 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, } } -#ifdef WITH_SSH1 -/* - * Parse the public, unencrypted portion of a RSA1 key. - */ -int -sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, - struct sshkey **keyp, char **commentp) -{ - int r; - struct sshkey *pub = NULL; - struct sshbuf *copy = NULL; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - /* Check that it is at least big enough to contain the ID string. */ - if (sshbuf_len(blob) < sizeof(LEGACY_BEGIN)) - return SSH_ERR_INVALID_FORMAT; - - /* - * Make sure it begins with the id string. Consume the id string - * from the buffer. - */ - if (memcmp(sshbuf_ptr(blob), LEGACY_BEGIN, sizeof(LEGACY_BEGIN)) != 0) - return SSH_ERR_INVALID_FORMAT; - /* Make a working copy of the keyblob and skip past the magic */ - if ((copy = sshbuf_fromb(blob)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_consume(copy, sizeof(LEGACY_BEGIN))) != 0) - goto out; - - /* Skip cipher type, reserved data and key bits. */ - if ((r = sshbuf_get_u8(copy, NULL)) != 0 || /* cipher type */ - (r = sshbuf_get_u32(copy, NULL)) != 0 || /* reserved */ - (r = sshbuf_get_u32(copy, NULL)) != 0) /* key bits */ - goto out; - - /* Read the public key from the buffer. */ - if ((pub = sshkey_new(KEY_RSA1)) == NULL || - (r = sshbuf_get_bignum1(copy, pub->rsa->n)) != 0 || - (r = sshbuf_get_bignum1(copy, pub->rsa->e)) != 0) - goto out; - - /* Finally, the comment */ - if ((r = sshbuf_get_string(copy, (u_char**)commentp, NULL)) != 0) - goto out; - - /* The encrypted private part is not parsed by this function. */ - - r = 0; - if (keyp != NULL) { - *keyp = pub; - pub = NULL; - } - out: - sshbuf_free(copy); - sshkey_free(pub); - return r; -} - -static int -sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, - struct sshkey **keyp, char **commentp) -{ - int r; - u_int16_t check1, check2; - u_int8_t cipher_type; - struct sshbuf *decrypted = NULL, *copy = NULL; - u_char *cp; - char *comment = NULL; - struct sshcipher_ctx *ciphercontext = NULL; - const struct sshcipher *cipher; - struct sshkey *prv = NULL; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - /* Check that it is at least big enough to contain the ID string. */ - if (sshbuf_len(blob) < sizeof(LEGACY_BEGIN)) - return SSH_ERR_INVALID_FORMAT; - - /* - * Make sure it begins with the id string. Consume the id string - * from the buffer. - */ - if (memcmp(sshbuf_ptr(blob), LEGACY_BEGIN, sizeof(LEGACY_BEGIN)) != 0) - return SSH_ERR_INVALID_FORMAT; - - if ((prv = sshkey_new_private(KEY_RSA1)) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((copy = sshbuf_fromb(blob)) == NULL || - (decrypted = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshbuf_consume(copy, sizeof(LEGACY_BEGIN))) != 0) - goto out; - - /* Read cipher type. */ - if ((r = sshbuf_get_u8(copy, &cipher_type)) != 0 || - (r = sshbuf_get_u32(copy, NULL)) != 0) /* reserved */ - goto out; - - /* Read the public key and comment from the buffer. */ - if ((r = sshbuf_get_u32(copy, NULL)) != 0 || /* key bits */ - (r = sshbuf_get_bignum1(copy, prv->rsa->n)) != 0 || - (r = sshbuf_get_bignum1(copy, prv->rsa->e)) != 0 || - (r = sshbuf_get_cstring(copy, &comment, NULL)) != 0) - goto out; - - /* Check that it is a supported cipher. */ - cipher = cipher_by_number(cipher_type); - if (cipher == NULL) { - r = SSH_ERR_KEY_UNKNOWN_CIPHER; - goto out; - } - /* Initialize space for decrypted data. */ - if ((r = sshbuf_reserve(decrypted, sshbuf_len(copy), &cp)) != 0) - goto out; - - /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ - if ((r = cipher_set_key_string(&ciphercontext, cipher, passphrase, - CIPHER_DECRYPT)) != 0) - goto out; - if ((r = cipher_crypt(ciphercontext, 0, cp, - sshbuf_ptr(copy), sshbuf_len(copy), 0, 0)) != 0) - goto out; - - if ((r = sshbuf_get_u16(decrypted, &check1)) != 0 || - (r = sshbuf_get_u16(decrypted, &check2)) != 0) - goto out; - if (check1 != check2) { - r = SSH_ERR_KEY_WRONG_PASSPHRASE; - goto out; - } - - /* Read the rest of the private key. */ - if ((r = sshbuf_get_bignum1(decrypted, prv->rsa->d)) != 0 || - (r = sshbuf_get_bignum1(decrypted, prv->rsa->iqmp)) != 0 || - (r = sshbuf_get_bignum1(decrypted, prv->rsa->q)) != 0 || - (r = sshbuf_get_bignum1(decrypted, prv->rsa->p)) != 0) - goto out; - - /* calculate p-1 and q-1 */ - if ((r = rsa_generate_additional_parameters(prv->rsa)) != 0) - goto out; - - /* enable blinding */ - if (RSA_blinding_on(prv->rsa, NULL) != 1) { - r = SSH_ERR_LIBCRYPTO_ERROR; - goto out; - } - r = 0; - if (keyp != NULL) { - *keyp = prv; - prv = NULL; - } - if (commentp != NULL) { - *commentp = comment; - comment = NULL; - } - out: - cipher_free(ciphercontext); - free(comment); - sshkey_free(prv); - sshbuf_free(copy); - sshbuf_free(decrypted); - return r; -} -#endif /* WITH_SSH1 */ #ifdef WITH_OPENSSL static int @@ -3854,11 +3488,6 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, *commentp = NULL; switch (type) { -#ifdef WITH_SSH1 - case KEY_RSA1: - return sshkey_parse_private_rsa1(blob, passphrase, - keyp, commentp); -#endif /* WITH_SSH1 */ #ifdef WITH_OPENSSL case KEY_DSA: case KEY_ECDSA: @@ -3895,13 +3524,6 @@ sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, if (commentp != NULL) *commentp = NULL; -#ifdef WITH_SSH1 - /* it's a SSH v1 key if the public key part is readable */ - if (sshkey_parse_public_rsa1_fileblob(buffer, NULL, NULL) == 0) { - return sshkey_parse_private_fileblob_type(buffer, KEY_RSA1, - passphrase, keyp, commentp); - } -#endif /* WITH_SSH1 */ return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, passphrase, keyp, commentp); }