openssh/openssh-6.6p1-audit3-key_auth_usage-fips.patch

# HG changeset patch
# Parent 5482d21e8bd06309af51dea77a5f3668859fb2a0

diff --git a/openssh-6.6p1/auth-rsa.c b/openssh-6.6p1/auth-rsa.c
--- a/openssh-6.6p1/auth-rsa.c
+++ b/openssh-6.6p1/auth-rsa.c
@@ -94,16 +94,20 @@ int
 auth_rsa_verify_response(Key *key, BIGNUM *challenge,
     u_char response[SSH_DIGEST_MAX_LENGTH])
 {
 	u_char buf[2 * SSH_DIGEST_MAX_LENGTH], mdbuf[SSH_DIGEST_MAX_LENGTH];
 	struct ssh_digest_ctx *md;
 	int len;
 	int dgst;
 	size_t dgst_len;
+	int rv;
+#ifdef SSH_AUDIT_EVENTS
+	char *fp;
+#endif
 
 	/* don't allow short keys */
 	if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
 		error("%s: RSA modulus too small: %d < minimum %d bits",
 		    __func__,
 		    BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE);
 		return (0);
 	}
@@ -121,22 +125,28 @@ auth_rsa_verify_response(Key *key, BIGNU
 	if ((md = ssh_digest_start(dgst)) == NULL ||
 	    ssh_digest_update(md, buf, 2 * dgst_len) < 0 ||
 	    ssh_digest_update(md, session_id, dgst_len) < 0 ||
 	    ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
 		fatal("%s: md5 failed", __func__);
 	ssh_digest_free(md);
 
 	/* Verify that the response is the original challenge. */
-	if (timingsafe_bcmp(response, mdbuf, dgst_len) != 0) {
-		/* Wrong answer. */
-		return (0);
+	rv = timingsafe_bcmp(response, mdbuf, dgst_len) == 0;
+
+#ifdef SSH_AUDIT_EVENTS
+	fp = key_fingerprint(key, key_fp_type_select(), SSH_FP_HEX);
+	if (audit_keyusage(1, "ssh-rsa1", RSA_size(key->rsa) * 8, fp, rv) == 0) {
+		debug("unsuccessful audit");
+		rv = 0;
 	}
-	/* Correct answer. */
-	return (1);
+	free(fp);
+#endif
+
+	return rv;
 }
 
 /*
  * Performs the RSA authentication challenge-response dialog with the client,
  * and returns true (non-zero) if the client gave the correct answer to
  * our challenge; returns zero if the client gives a wrong answer.
  */