diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-09-13 02:08:33 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-09-13 12:12:33 +1000 |
commit | 482d23bcacdd3664f21cc82a5135f66fc598275f (patch) | |
tree | 362f697a94da0a765d1dabcfbf33370b2a4df121 /ssh-rsa.c | |
parent | d70d061828730a56636ab6f1f24fe4a8ccefcfc1 (diff) | |
download | openssh-git-482d23bcacdd3664f21cc82a5135f66fc598275f.tar.gz |
upstream: hold our collective noses and use the openssl-1.1.x API in
OpenSSH; feedback and ok tb@ jsing@ markus@
OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
Diffstat (limited to 'ssh-rsa.c')
-rw-r--r-- | ssh-rsa.c | 47 |
1 files changed, 34 insertions, 13 deletions
@@ -104,38 +104,55 @@ rsa_hash_alg_nid(int type) } int -ssh_rsa_generate_additional_parameters(struct sshkey *key) +ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp) { - BIGNUM *aux = NULL; + const BIGNUM *rsa_p, *rsa_q, *rsa_d; + BIGNUM *aux = NULL, *d_consttime = NULL; + BIGNUM *rsa_dmq1 = NULL, *rsa_dmp1 = NULL, *rsa_iqmp = NULL; BN_CTX *ctx = NULL; - BIGNUM d; int r; if (key == NULL || key->rsa == NULL || sshkey_type_plain(key->type) != KEY_RSA) return SSH_ERR_INVALID_ARGUMENT; + RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); + RSA_get0_factors(key->rsa, &rsa_p, &rsa_q); + if ((ctx = BN_CTX_new()) == NULL) return SSH_ERR_ALLOC_FAIL; - if ((aux = BN_new()) == NULL) { + if ((aux = BN_new()) == NULL || + (rsa_dmq1 = BN_new()) == NULL || + (rsa_dmp1 = BN_new()) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((d_consttime = BN_dup(rsa_d)) == NULL || + (rsa_iqmp = BN_dup(iqmp)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } BN_set_flags(aux, BN_FLG_CONSTTIME); + BN_set_flags(d_consttime, BN_FLG_CONSTTIME); - BN_init(&d); - BN_with_flags(&d, key->rsa->d, BN_FLG_CONSTTIME); - - if ((BN_sub(aux, key->rsa->q, BN_value_one()) == 0) || - (BN_mod(key->rsa->dmq1, &d, aux, ctx) == 0) || - (BN_sub(aux, key->rsa->p, BN_value_one()) == 0) || - (BN_mod(key->rsa->dmp1, &d, aux, ctx) == 0)) { + if ((BN_sub(aux, rsa_q, BN_value_one()) == 0) || + (BN_mod(rsa_dmq1, d_consttime, aux, ctx) == 0) || + (BN_sub(aux, rsa_p, BN_value_one()) == 0) || + (BN_mod(rsa_dmp1, d_consttime, aux, ctx) == 0)) { + r = SSH_ERR_LIBCRYPTO_ERROR; + goto out; + } + if (!RSA_set0_crt_params(key->rsa, rsa_dmp1, rsa_dmq1, rsa_iqmp)) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } + rsa_dmp1 = rsa_dmq1 = rsa_iqmp = NULL; /* transferred */ + /* success */ r = 0; out: BN_clear_free(aux); + BN_clear_free(d_consttime); + BN_clear_free(rsa_dmp1); + BN_clear_free(rsa_dmq1); + BN_clear_free(rsa_iqmp); BN_CTX_free(ctx); return r; } @@ -145,6 +162,7 @@ int ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, const char *alg_ident) { + const BIGNUM *rsa_n; u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; size_t slen = 0; u_int dlen, len; @@ -163,7 +181,8 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, if (key == NULL || key->rsa == NULL || hash_alg == -1 || sshkey_type_plain(key->type) != KEY_RSA) return SSH_ERR_INVALID_ARGUMENT; - if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) + RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); + if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) return SSH_ERR_KEY_LENGTH; slen = RSA_size(key->rsa); if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) @@ -225,6 +244,7 @@ ssh_rsa_verify(const struct sshkey *key, const u_char *sig, size_t siglen, const u_char *data, size_t datalen, const char *alg) { + const BIGNUM *rsa_n; char *sigtype = NULL; int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR; size_t len = 0, diff, modlen, dlen; @@ -235,7 +255,8 @@ ssh_rsa_verify(const struct sshkey *key, sshkey_type_plain(key->type) != KEY_RSA || sig == NULL || siglen == 0) return SSH_ERR_INVALID_ARGUMENT; - if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) + RSA_get0_key(key->rsa, &rsa_n, NULL, NULL); + if (BN_num_bits(rsa_n) < SSH_RSA_MINIMUM_MODULUS_SIZE) return SSH_ERR_KEY_LENGTH; if ((b = sshbuf_from(sig, siglen)) == NULL) |