diff --git a/openssh-7.3p1-openssl-1.1.0.patch b/openssh-7.3p1-openssl-1.1.0.patch index 87edc29..77bb7d1 100644 --- a/openssh-7.3p1-openssl-1.1.0.patch +++ b/openssh-7.3p1-openssl-1.1.0.patch @@ -3566,7 +3566,7 @@ diff -up openssh-7.3p1/sshkey.c.openssl openssh-7.3p1/sshkey.c break; # ifdef OPENSSL_HAS_ECC case KEY_ECDSA: -@@ -2818,24 +2994,73 @@ sshkey_private_deserialize(struct sshbuf +@@ -2818,24 +2994,81 @@ sshkey_private_deserialize(struct sshbuf r = SSH_ERR_ALLOC_FAIL; goto out; } @@ -3631,28 +3631,36 @@ diff -up openssh-7.3p1/sshkey.c.openssl openssh-7.3p1/sshkey.c + case KEY_RSA_CERT: { + BIGNUM *n, *e, *d, *iqmp, *p, *q; + -+ /* XXX leave N, E as zero */ ++ /* N can't be zero because it breaks blinding (seed). Count it now */ ++ /* E is zero because it is not in the protocol, but needed for RSA structure */ + n = BN_new(); + e = BN_new(); + d = BN_new(); + iqmp = BN_new(); + p = BN_new(); + q = BN_new(); ++ BN_CTX *ctx = BN_CTX_new(); + + if (n == NULL || e == NULL || d == NULL || + iqmp == NULL || p == NULL || q == NULL || ++ ctx == NULL || + (r = sshkey_froms(buf, &k)) != 0 || + (r = sshkey_add_private(k)) != 0 || + (r = sshbuf_get_bignum2(buf, d)) != 0 || + (r = sshbuf_get_bignum2(buf, iqmp)) != 0 || + (r = sshbuf_get_bignum2(buf, p)) != 0 || + (r = sshbuf_get_bignum2(buf, q)) != 0 || ++ (r = ((BN_mul(n, p, q, ctx) == 0) /* N = P * Q */ ++ ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0 || + (r = ((RSA_set0_key(k->rsa, n, e, d) == 0) + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0 || + (r = ((RSA_set0_factors(k->rsa, p, q) == 0) + ? SSH_ERR_LIBCRYPTO_ERROR : 0)) != 0 || -+ (r = rsa_generate_additional_parameters(k->rsa, iqmp)) != 0) ++ (r = rsa_generate_additional_parameters(k->rsa, iqmp)) != 0) { ++ BN_CTX_free(ctx); + goto out; ++ } ++ BN_CTX_free(ctx); + } break; #endif /* WITH_OPENSSL */