|
|
0d83e7 |
From 4a41d245d6b13bd3882c8dc058dbd2e2b39a9f67 Mon Sep 17 00:00:00 2001
|
|
|
0d83e7 |
From: "djm@openbsd.org" <djm@openbsd.org>
|
|
|
0d83e7 |
Date: Fri, 24 Jan 2020 00:27:04 +0000
|
|
|
0d83e7 |
Subject: [PATCH] upstream: when signing a certificate with an RSA key, default
|
|
|
0d83e7 |
to
|
|
|
0d83e7 |
|
|
|
0d83e7 |
a safe signature algorithm (rsa-sha-512) if not is explicitly specified by
|
|
|
0d83e7 |
the user; ok markus@
|
|
|
0d83e7 |
|
|
|
0d83e7 |
OpenBSD-Commit-ID: e05f638f0be6c0266e1d3d799716b461011e83a9
|
|
|
0d83e7 |
---
|
|
|
0d83e7 |
ssh-keygen.c | 14 +++++++++-----
|
|
|
0d83e7 |
1 file changed, 9 insertions(+), 5 deletions(-)
|
|
|
0d83e7 |
|
|
|
0d83e7 |
diff --git a/ssh-keygen.c b/ssh-keygen.c
|
|
|
0d83e7 |
index 564c3c481..f2192edb9 100644
|
|
|
0d83e7 |
--- a/ssh-keygen.c
|
|
|
0d83e7 |
+++ b/ssh-keygen.c
|
|
|
0d83e7 |
@@ -1788,10 +1788,14 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent,
|
|
|
0d83e7 |
}
|
|
|
0d83e7 |
free(tmp);
|
|
|
0d83e7 |
|
|
|
0d83e7 |
- if (key_type_name != NULL &&
|
|
|
0d83e7 |
- sshkey_type_from_name(key_type_name) != ca->type) {
|
|
|
0d83e7 |
- fatal("CA key type %s doesn't match specified %s",
|
|
|
0d83e7 |
- sshkey_ssh_name(ca), key_type_name);
|
|
|
0d83e7 |
+ if (key_type_name != NULL) {
|
|
|
0d83e7 |
+ if (sshkey_type_from_name(key_type_name) != ca->type) {
|
|
|
0d83e7 |
+ fatal("CA key type %s doesn't match specified %s",
|
|
|
0d83e7 |
+ sshkey_ssh_name(ca), key_type_name);
|
|
|
0d83e7 |
+ }
|
|
|
0d83e7 |
+ } else if (ca->type == KEY_RSA) {
|
|
|
0d83e7 |
+ /* Default to a good signature algorithm */
|
|
|
0d83e7 |
+ key_type_name = "rsa-sha2-512";
|
|
|
0d83e7 |
}
|
|
|
0d83e7 |
|
|
|
0d83e7 |
for (i = 0; i < argc; i++) {
|
|
|
0d83e7 |
|
|
|
0d83e7 |
From 476e3551b2952ef73acc43d995e832539bf9bc4d Mon Sep 17 00:00:00 2001
|
|
|
0d83e7 |
From: "djm@openbsd.org" <djm@openbsd.org>
|
|
|
0d83e7 |
Date: Mon, 20 May 2019 00:20:35 +0000
|
|
|
0d83e7 |
Subject: [PATCH] upstream: When signing certificates with an RSA key, default
|
|
|
0d83e7 |
to
|
|
|
0d83e7 |
|
|
|
0d83e7 |
using the rsa-sha2-512 signature algorithm. Certificates signed by RSA keys
|
|
|
0d83e7 |
will therefore be incompatible with OpenSSH < 7.2 unless the default is
|
|
|
0d83e7 |
overridden.
|
|
|
0d83e7 |
|
|
|
0d83e7 |
Document the ability of the ssh-keygen -t flag to override the
|
|
|
0d83e7 |
signature algorithm when signing certificates, and the new default.
|
|
|
0d83e7 |
|
|
|
0d83e7 |
ok deraadt@
|
|
|
0d83e7 |
|
|
|
0d83e7 |
OpenBSD-Commit-ID: 400c9c15013978204c2cb80f294b03ae4cfc8b95
|
|
|
0d83e7 |
---
|
|
|
0d83e7 |
ssh-keygen.1 | 13 +++++++++++--
|
|
|
0d83e7 |
sshkey.c | 9 ++++++++-
|
|
|
0d83e7 |
2 files changed, 19 insertions(+), 3 deletions(-)
|
|
|
0d83e7 |
|
|
|
0d83e7 |
diff --git a/ssh-keygen.1 b/ssh-keygen.1
|
|
|
0d83e7 |
index f29774249..673bf6e2f 100644
|
|
|
0d83e7 |
--- a/ssh-keygen.1
|
|
|
0d83e7 |
+++ b/ssh-keygen.1
|
|
|
0d83e7 |
@@ -35,7 +35,7 @@
|
|
|
0d83e7 |
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
|
0d83e7 |
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
0d83e7 |
.\"
|
|
|
0d83e7 |
-.Dd $Mdocdate: March 5 2019 $
|
|
|
0d83e7 |
+.Dd $Mdocdate: May 20 2019 $
|
|
|
0d83e7 |
.Dt SSH-KEYGEN 1
|
|
|
0d83e7 |
.Os
|
|
|
0d83e7 |
.Sh NAME
|
|
|
0d83e7 |
@@ -577,6 +577,15 @@ The possible values are
|
|
|
0d83e7 |
.Dq ed25519 ,
|
|
|
0d83e7 |
or
|
|
|
0d83e7 |
.Dq rsa .
|
|
|
0d83e7 |
+.Pp
|
|
|
0d83e7 |
+This flag may also be used to specify the desired signature type when
|
|
|
0d83e7 |
+signing certificates using a RSA CA key.
|
|
|
0d83e7 |
+The available RSA signature variants are
|
|
|
0d83e7 |
+.Dq ssh-rsa
|
|
|
0d83e7 |
+(SHA1 signatures, not recommended),
|
|
|
0d83e7 |
+.Dq rsa-sha2-256
|
|
|
0d83e7 |
+.Dq rsa-sha2-512
|
|
|
0d83e7 |
+(the default).
|
|
|
0d83e7 |
.It Fl U
|
|
|
0d83e7 |
When used in combination with
|
|
|
0d83e7 |
.Fl s ,
|
|
|
0d83e7 |
diff --git a/sshkey.c b/sshkey.c
|
|
|
0d83e7 |
index 9849cb237..379a579cf 100644
|
|
|
0d83e7 |
--- a/sshkey.c
|
|
|
0d83e7 |
+++ b/sshkey.c
|
|
|
0d83e7 |
@@ -2528,6 +2528,13 @@ sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg,
|
|
|
0d83e7 |
strcmp(alg, k->cert->signature_type) != 0)
|
|
|
0d83e7 |
return SSH_ERR_INVALID_ARGUMENT;
|
|
|
0d83e7 |
|
|
|
0d83e7 |
+ /*
|
|
|
0d83e7 |
+ * If no signing algorithm or signature_type was specified and we're
|
|
|
0d83e7 |
+ * using a RSA key, then default to a good signature algorithm.
|
|
|
0d83e7 |
+ */
|
|
|
0d83e7 |
+ if (alg == NULL && ca->type == KEY_RSA)
|
|
|
0d83e7 |
+ alg = "rsa-sha2-512";
|
|
|
0d83e7 |
+
|
|
|
0d83e7 |
if ((ret = sshkey_to_blob(ca, &ca_blob, &ca_len)) != 0)
|
|
|
0d83e7 |
return SSH_ERR_KEY_CERT_INVALID_SIGN_KEY;
|
|
|
0d83e7 |
|
|
|
0d83e7 |
|