|
Jakub Jelen |
f726e5 |
commit 2c3ef499bfffce3cfd315edeebf202850ba4e00a
|
|
Jakub Jelen |
f726e5 |
Author: Jakub Jelen <jjelen@redhat.com>
|
|
Jakub Jelen |
f726e5 |
Date: Tue Apr 16 15:35:18 2019 +0200
|
|
Jakub Jelen |
f726e5 |
|
|
Jakub Jelen |
f726e5 |
Use the new OpenSSL KDF
|
|
Jakub Jelen |
f726e5 |
|
|
Jakub Jelen |
f726e5 |
diff --git a/configure.ac b/configure.ac
|
|
Jakub Jelen |
f726e5 |
index 2a455e4e..e01c3d43 100644
|
|
Jakub Jelen |
f726e5 |
--- a/configure.ac
|
|
Jakub Jelen |
f726e5 |
+++ b/configure.ac
|
|
Jakub Jelen |
f726e5 |
@@ -2712,6 +2712,7 @@ if test "x$openssl" = "xyes" ; then
|
|
Jakub Jelen |
f726e5 |
HMAC_CTX_init \
|
|
Jakub Jelen |
f726e5 |
RSA_generate_key_ex \
|
|
Jakub Jelen |
f726e5 |
RSA_get_default_method \
|
|
Dmitry Belyavskiy |
f1bd13 |
+ EVP_KDF_CTX_new \
|
|
Jakub Jelen |
f726e5 |
])
|
|
Jakub Jelen |
f726e5 |
|
|
Jakub Jelen |
f726e5 |
# OpenSSL_add_all_algorithms may be a macro.
|
|
Jakub Jelen |
f726e5 |
diff --git a/kex.c b/kex.c
|
|
Jakub Jelen |
f726e5 |
index b6f041f4..1fbce2bb 100644
|
|
Jakub Jelen |
f726e5 |
--- a/kex.c
|
|
Jakub Jelen |
f726e5 |
+++ b/kex.c
|
|
Dmitry Belyavskiy |
f1bd13 |
@@ -38,6 +38,11 @@
|
|
Jakub Jelen |
f726e5 |
#ifdef WITH_OPENSSL
|
|
Jakub Jelen |
f726e5 |
#include <openssl/crypto.h>
|
|
Jakub Jelen |
f726e5 |
#include <openssl/dh.h>
|
|
Dmitry Belyavskiy |
f1bd13 |
+# ifdef HAVE_EVP_KDF_CTX_NEW
|
|
Jakub Jelen |
f726e5 |
+# include <openssl/kdf.h>
|
|
Dmitry Belyavskiy |
f1bd13 |
+# include <openssl/param_build.h>
|
|
Dmitry Belyavskiy |
f1bd13 |
+# include <openssl/core_names.h>
|
|
Jakub Jelen |
f726e5 |
+# endif
|
|
Jakub Jelen |
f726e5 |
#endif
|
|
Jakub Jelen |
f726e5 |
|
|
Jakub Jelen |
f726e5 |
#include "ssh.h"
|
|
Dmitry Belyavskiy |
f1bd13 |
@@ -942,6 +945,107 @@ kex_choose_conf(struct ssh *ssh)
|
|
Jakub Jelen |
f726e5 |
return r;
|
|
Jakub Jelen |
f726e5 |
}
|
|
Jakub Jelen |
f726e5 |
|
|
Dmitry Belyavskiy |
f1bd13 |
+#ifdef HAVE_EVP_KDF_CTX_NEW
|
|
Dmitry Belyavskiy |
f1bd13 |
+static const char *
|
|
Jakub Jelen |
f726e5 |
+digest_to_md(int digest_type)
|
|
Jakub Jelen |
f726e5 |
+{
|
|
Jakub Jelen |
f726e5 |
+ switch (digest_type) {
|
|
Jakub Jelen |
f726e5 |
+ case SSH_DIGEST_SHA1:
|
|
Dmitry Belyavskiy |
f1bd13 |
+ return SN_sha1;
|
|
Jakub Jelen |
f726e5 |
+ case SSH_DIGEST_SHA256:
|
|
Dmitry Belyavskiy |
f1bd13 |
+ return SN_sha256;
|
|
Jakub Jelen |
f726e5 |
+ case SSH_DIGEST_SHA384:
|
|
Dmitry Belyavskiy |
f1bd13 |
+ return SN_sha384;
|
|
Jakub Jelen |
f726e5 |
+ case SSH_DIGEST_SHA512:
|
|
Dmitry Belyavskiy |
f1bd13 |
+ return SN_sha512;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Jakub Jelen |
f726e5 |
+ return NULL;
|
|
Jakub Jelen |
f726e5 |
+}
|
|
Jakub Jelen |
f726e5 |
+
|
|
Jakub Jelen |
f726e5 |
+static int
|
|
Jakub Jelen |
f726e5 |
+derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
|
|
Jakub Jelen |
f726e5 |
+ const struct sshbuf *shared_secret, u_char **keyp)
|
|
Jakub Jelen |
f726e5 |
+{
|
|
Jakub Jelen |
f726e5 |
+ struct kex *kex = ssh->kex;
|
|
Jakub Jelen |
f726e5 |
+ u_char *key = NULL;
|
|
Jakub Jelen |
f726e5 |
+ int r, key_len;
|
|
Jakub Jelen |
f726e5 |
+
|
|
Dmitry Belyavskiy |
f1bd13 |
+ EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SSHKDF", NULL);
|
|
Dmitry Belyavskiy |
f1bd13 |
+ EVP_KDF_CTX *ctx = EVP_KDF_CTX_new(kdf);
|
|
Dmitry Belyavskiy |
f1bd13 |
+ OSSL_PARAM_BLD *param_bld = OSSL_PARAM_BLD_new();
|
|
Dmitry Belyavskiy |
f1bd13 |
+ OSSL_PARAM *params = NULL;
|
|
Dmitry Belyavskiy |
f1bd13 |
+ const char *md = digest_to_md(kex->hash_alg);
|
|
Dmitry Belyavskiy |
f1bd13 |
+ char keytype = (char)id;
|
|
Jakub Jelen |
f726e5 |
+
|
|
Dmitry Belyavskiy |
f1bd13 |
+ EVP_KDF_free(kdf);
|
|
Jakub Jelen |
f726e5 |
+ if (!ctx) {
|
|
Jakub Jelen |
f726e5 |
+ r = SSH_ERR_LIBCRYPTO_ERROR;
|
|
Jakub Jelen |
f726e5 |
+ goto out;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Dmitry Belyavskiy |
f1bd13 |
+ if (md == NULL) {
|
|
Dmitry Belyavskiy |
f1bd13 |
+ r = SSH_ERR_INVALID_ARGUMENT;
|
|
Jakub Jelen |
f726e5 |
+ goto out;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Dmitry Belyavskiy |
f1bd13 |
+
|
|
Dmitry Belyavskiy |
f1bd13 |
+ if (param_bld == NULL) {
|
|
Dmitry Belyavskiy |
f1bd13 |
+ EVP_KDF_CTX_free(ctx);
|
|
Dmitry Belyavskiy |
f1bd13 |
+ return -1;
|
|
Dmitry Belyavskiy |
f1bd13 |
+ }
|
|
Dmitry Belyavskiy |
f1bd13 |
+ if ((key_len = ssh_digest_bytes(kex->hash_alg)) == 0) {
|
|
Dmitry Belyavskiy |
f1bd13 |
+ r = SSH_ERR_INVALID_ARGUMENT;
|
|
Jakub Jelen |
f726e5 |
+ goto out;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Dmitry Belyavskiy |
f1bd13 |
+
|
|
Dmitry Belyavskiy |
f1bd13 |
+ key_len = ROUNDUP(need, key_len);
|
|
Dmitry Belyavskiy |
f1bd13 |
+ if ((key = calloc(1, key_len)) == NULL) {
|
|
Dmitry Belyavskiy |
f1bd13 |
+ r = SSH_ERR_ALLOC_FAIL;
|
|
Jakub Jelen |
f726e5 |
+ goto out;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Dmitry Belyavskiy |
f1bd13 |
+
|
|
Dmitry Belyavskiy |
f1bd13 |
+ r = OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_DIGEST,
|
|
Dmitry Belyavskiy |
f1bd13 |
+ md, strlen(md)) && /* SN */
|
|
Dmitry Belyavskiy |
f1bd13 |
+ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_KEY,
|
|
Dmitry Belyavskiy |
f1bd13 |
+ sshbuf_ptr(shared_secret), sshbuf_len(shared_secret)) &&
|
|
Dmitry Belyavskiy |
f1bd13 |
+ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_SSHKDF_XCGHASH,
|
|
Dmitry Belyavskiy |
f1bd13 |
+ hash, hashlen) &&
|
|
Dmitry Belyavskiy |
f1bd13 |
+ OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_KDF_PARAM_SSHKDF_SESSION_ID,
|
|
Dmitry Belyavskiy |
f1bd13 |
+ sshbuf_ptr(kex->session_id), sshbuf_len(kex->session_id)) &&
|
|
Dmitry Belyavskiy |
f1bd13 |
+ OSSL_PARAM_BLD_push_utf8_string(param_bld, OSSL_KDF_PARAM_SSHKDF_TYPE,
|
|
Dmitry Belyavskiy |
f1bd13 |
+ &keytype, 1);
|
|
Jakub Jelen |
f726e5 |
+ if (r != 1) {
|
|
Jakub Jelen |
f726e5 |
+ r = SSH_ERR_LIBCRYPTO_ERROR;
|
|
Jakub Jelen |
f726e5 |
+ goto out;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Dmitry Belyavskiy |
f1bd13 |
+
|
|
Dmitry Belyavskiy |
f1bd13 |
+ params = OSSL_PARAM_BLD_to_param(param_bld);
|
|
Dmitry Belyavskiy |
f1bd13 |
+ if (params == NULL) {
|
|
Jakub Jelen |
f726e5 |
+ r = SSH_ERR_LIBCRYPTO_ERROR;
|
|
Jakub Jelen |
f726e5 |
+ goto out;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Dmitry Belyavskiy |
f1bd13 |
+ r = EVP_KDF_derive(ctx, key, key_len, params);
|
|
Jakub Jelen |
f726e5 |
+ if (r != 1) {
|
|
Jakub Jelen |
f726e5 |
+ r = SSH_ERR_LIBCRYPTO_ERROR;
|
|
Jakub Jelen |
f726e5 |
+ goto out;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Jakub Jelen |
f726e5 |
+#ifdef DEBUG_KEX
|
|
Jakub Jelen |
f726e5 |
+ fprintf(stderr, "key '%c'== ", id);
|
|
Jakub Jelen |
f726e5 |
+ dump_digest("key", key, key_len);
|
|
Jakub Jelen |
f726e5 |
+#endif
|
|
Jakub Jelen |
f726e5 |
+ *keyp = key;
|
|
Jakub Jelen |
f726e5 |
+ key = NULL;
|
|
Jakub Jelen |
f726e5 |
+ r = 0;
|
|
Jakub Jelen |
f726e5 |
+
|
|
Jakub Jelen |
f726e5 |
+out:
|
|
Dmitry Belyavskiy |
f1bd13 |
+ OSSL_PARAM_BLD_free(param_bld);
|
|
Dmitry Belyavskiy |
f1bd13 |
+ OSSL_PARAM_free(params);
|
|
Jakub Jelen |
f726e5 |
+ free (key);
|
|
Jakub Jelen |
f726e5 |
+ EVP_KDF_CTX_free(ctx);
|
|
Jakub Jelen |
f726e5 |
+ if (r < 0) {
|
|
Jakub Jelen |
f726e5 |
+ return r;
|
|
Jakub Jelen |
f726e5 |
+ }
|
|
Jakub Jelen |
f726e5 |
+ return 0;
|
|
Jakub Jelen |
f726e5 |
+}
|
|
Jakub Jelen |
f726e5 |
+#else
|
|
Jakub Jelen |
f726e5 |
static int
|
|
Jakub Jelen |
f726e5 |
derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
|
|
Jakub Jelen |
f726e5 |
const struct sshbuf *shared_secret, u_char **keyp)
|
|
Jakub Jelen |
f726e5 |
@@ -1004,6 +1096,7 @@ derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
|
|
Jakub Jelen |
f726e5 |
ssh_digest_free(hashctx);
|
|
Jakub Jelen |
f726e5 |
return r;
|
|
Jakub Jelen |
f726e5 |
}
|
|
Dmitry Belyavskiy |
f1bd13 |
+#endif /* HAVE_OPENSSL_EVP_KDF_CTX_NEW */
|
|
Jakub Jelen |
f726e5 |
|
|
Jakub Jelen |
f726e5 |
#define NKEYS 6
|
|
Jakub Jelen |
f726e5 |
int
|
|
Jakub Jelen |
f726e5 |
|