Do not overwrite N and E for RSA-certs in ssh-agent (#1416584)

This commit is contained in:
Jakub Jelen 2017-02-03 11:06:19 +01:00
parent 28ff3aa1c5
commit 4a6ef41937

View File

@ -3099,7 +3099,7 @@ diff -up openssh-7.4p1/sshkey.c.openssl openssh-7.4p1/sshkey.c
break; break;
# ifdef OPENSSL_HAS_ECC # ifdef OPENSSL_HAS_ECC
case KEY_ECDSA: case KEY_ECDSA:
@@ -2819,24 +2995,81 @@ sshkey_private_deserialize(struct sshbuf @@ -2819,24 +2995,71 @@ sshkey_private_deserialize(struct sshbuf
r = SSH_ERR_ALLOC_FAIL; r = SSH_ERR_ALLOC_FAIL;
goto out; goto out;
} }
@ -3162,38 +3162,28 @@ diff -up openssh-7.4p1/sshkey.c.openssl openssh-7.4p1/sshkey.c
- (r = rsa_generate_additional_parameters(k->rsa)) != 0) - (r = rsa_generate_additional_parameters(k->rsa)) != 0)
- goto out; - goto out;
+ case KEY_RSA_CERT: { + case KEY_RSA_CERT: {
+ BIGNUM *n, *e, *d, *iqmp, *p, *q; + BIGNUM *d, *iqmp, *p, *q;
+ +
+ /* N can't be zero because it breaks blinding (seed). Count it now */ + /* N and E are already set so make sure we will not overwrite them */
+ /* E is zero because it is not in the protocol, but needed for RSA structure */
+ n = BN_new();
+ e = BN_new();
+ d = BN_new(); + d = BN_new();
+ iqmp = BN_new(); + iqmp = BN_new();
+ p = BN_new(); + p = BN_new();
+ q = BN_new(); + q = BN_new();
+ BN_CTX *ctx = BN_CTX_new();
+ +
+ if (n == NULL || e == NULL || d == NULL || + if (d == NULL || iqmp == NULL || p == NULL ||
+ iqmp == NULL || p == NULL || q == NULL || + q == NULL ||
+ ctx == NULL ||
+ (r = sshkey_froms(buf, &k)) != 0 || + (r = sshkey_froms(buf, &k)) != 0 ||
+ (r = sshkey_add_private(k)) != 0 || + (r = sshkey_add_private(k)) != 0 ||
+ (r = sshbuf_get_bignum2(buf, d)) != 0 || + (r = sshbuf_get_bignum2(buf, d)) != 0 ||
+ (r = sshbuf_get_bignum2(buf, iqmp)) != 0 || + (r = sshbuf_get_bignum2(buf, iqmp)) != 0 ||
+ (r = sshbuf_get_bignum2(buf, p)) != 0 || + (r = sshbuf_get_bignum2(buf, p)) != 0 ||
+ (r = sshbuf_get_bignum2(buf, q)) != 0 || + (r = sshbuf_get_bignum2(buf, q)) != 0 ||
+ (r = ((BN_mul(n, p, q, ctx) == 0) /* N = P * Q */ + (r = ((RSA_set0_key(k->rsa, NULL, NULL, d) == 0)
+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0 ||
+ (r = ((RSA_set0_key(k->rsa, n, e, d) == 0)
+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0 || + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0 ||
+ (r = ((RSA_set0_factors(k->rsa, p, q) == 0) + (r = ((RSA_set0_factors(k->rsa, p, q) == 0)
+ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0 || + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0 ||
+ (r = rsa_generate_additional_parameters(k->rsa, iqmp)) != 0) { + (r = rsa_generate_additional_parameters(k->rsa, iqmp)) != 0)
+ BN_CTX_free(ctx);
+ goto out; + goto out;
+ }
+ BN_CTX_free(ctx);
+ } + }
break; break;
#endif /* WITH_OPENSSL */ #endif /* WITH_OPENSSL */