7bccbbd821
- Update to 7.8p1: * no actual changes for the askpass - Format with spec-cleaner - Respect cflags - Use gtk3 rather than gtk2 which is being phased out - Remove the mention of the SLE12 in the README.SUSE - Install firewall rules only when really needed (<SLE15) - Version update to 7.8p1: * For most details see release notes file * ssh-keygen(1): write OpenSSH format private keys by default instead of using OpenSSL's PEM format - Rebase patches to apply on 7.8p1 release: * openssh-7.7p1-fips.patch * openssh-7.7p1-cavstest-kdf.patch * openssh-7.7p1-fips_checks.patch * openssh-7.7p1-gssapi_key_exchange.patch * openssh-7.7p1-audit.patch * openssh-7.7p1-openssl_1.1.0.patch * openssh-7.7p1-ldap.patch * openssh-7.7p1-IPv6_X_forwarding.patch * openssh-7.7p1-sftp_print_diagnostic_messages.patch * openssh-7.7p1-disable_short_DH_parameters.patch * openssh-7.7p1-hostname_changes_when_forwarding_X.patch * openssh-7.7p1-pam_check_locks.patch * openssh-7.7p1-seed-prng.patch * openssh-7.7p1-systemd-notify.patch * openssh-7.7p1-X11_trusted_forwarding.patch - Dropped patches: OBS-URL: https://build.opensuse.org/request/show/642573 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=153
362 lines
10 KiB
Diff
362 lines
10 KiB
Diff
# HG changeset patch
|
|
# Parent cc1022edba2c5eeb0facba08468f65afc2466b63
|
|
CAVS test for OpenSSH's own CTR encryption mode implementation
|
|
|
|
diff --git a/openssh-7.7p1/Makefile.in b/openssh-7.7p1/Makefile.in
|
|
--- openssh-7.7p1/Makefile.in
|
|
+++ openssh-7.7p1/Makefile.in
|
|
@@ -19,16 +19,17 @@ top_srcdir=@top_srcdir@
|
|
|
|
DESTDIR=
|
|
VPATH=@srcdir@
|
|
SSH_PROGRAM=@bindir@/ssh
|
|
ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
|
|
SFTP_SERVER=$(libexecdir)/sftp-server
|
|
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
|
|
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
|
|
+CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
|
|
PRIVSEP_PATH=@PRIVSEP_PATH@
|
|
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
|
|
STRIP_OPT=@STRIP_OPT@
|
|
TEST_SHELL=@TEST_SHELL@
|
|
|
|
PATHS= -DSSHDIR=\"$(sysconfdir)\" \
|
|
-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
|
|
-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
|
|
@@ -57,16 +58,18 @@ ENT=@ENT@
|
|
XAUTH_PATH=@XAUTH_PATH@
|
|
LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
|
|
EXEEXT=@EXEEXT@
|
|
MANFMT=@MANFMT@
|
|
MKDIR_P=@MKDIR_P@
|
|
|
|
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
|
|
|
|
+TARGETS += cavstest-ctr$(EXEEXT)
|
|
+
|
|
XMSS_OBJS=\
|
|
ssh-xmss.o \
|
|
sshkey-xmss.o \
|
|
xmss_commons.o \
|
|
xmss_fast.o \
|
|
xmss_hash.o \
|
|
xmss_hash_address.o \
|
|
xmss_wots.o
|
|
@@ -199,16 +202,20 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libss
|
|
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
|
|
|
|
sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
|
|
$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
|
|
|
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
|
|
$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
|
|
|
|
+# FIPS tests
|
|
+cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
|
|
+ $(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
|
|
+
|
|
# test driver for the loginrec code - not built by default
|
|
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
|
|
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
|
|
|
|
$(MANPAGES): $(MANPAGES_IN)
|
|
if test "$(MANTYPE)" = "cat"; then \
|
|
manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \
|
|
else \
|
|
@@ -339,16 +346,17 @@ install-files:
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
|
|
$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
|
|
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
|
|
+ $(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
|
|
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
|
|
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
|
|
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
|
|
$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
|
|
$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
|
|
$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
|
|
$(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
|
|
$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
|
|
diff --git a/openssh-7.7p1/cavstest-ctr.c b/openssh-7.7p1/cavstest-ctr.c
|
|
new file mode 100644
|
|
--- /dev/null
|
|
+++ openssh-7.7p1/cavstest-ctr.c
|
|
@@ -0,0 +1,214 @@
|
|
+/*
|
|
+ *
|
|
+ * invocation (all of the following are equal):
|
|
+ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6
|
|
+ * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6 --iv 00000000000000000000000000000000
|
|
+ * echo -n a6deca405eef2e8e4609abf3c3ccf4a6 | ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt
|
|
+ */
|
|
+
|
|
+#include "includes.h"
|
|
+
|
|
+#include <sys/types.h>
|
|
+#include <sys/param.h>
|
|
+#include <stdarg.h>
|
|
+#include <stdio.h>
|
|
+#include <stdlib.h>
|
|
+#include <string.h>
|
|
+#include <ctype.h>
|
|
+
|
|
+#include "xmalloc.h"
|
|
+#include "log.h"
|
|
+#include "cipher.h"
|
|
+
|
|
+/* compatibility with old or broken OpenSSL versions */
|
|
+#include "openbsd-compat/openssl-compat.h"
|
|
+
|
|
+void
|
|
+usage(void)
|
|
+{
|
|
+ fprintf(stderr, "Usage: ctr-cavstest --algo <ssh-crypto-algorithm>\n"
|
|
+ " --key <hexadecimal-key> --mode <encrypt|decrypt>\n"
|
|
+ " [--iv <hexadecimal-iv>] --data <hexadecimal-data>\n\n"
|
|
+ "Hexadecimal output is printed to stdout.\n"
|
|
+ "Hexadecimal input data can be alternatively read from stdin.\n");
|
|
+ exit(1);
|
|
+}
|
|
+
|
|
+void *
|
|
+fromhex(char *hex, size_t * len)
|
|
+{
|
|
+ unsigned char *bin;
|
|
+ char *p;
|
|
+ size_t n = 0;
|
|
+ int shift = 4;
|
|
+ unsigned char out = 0;
|
|
+ unsigned char *optr;
|
|
+
|
|
+ bin = xmalloc(strlen(hex) / 2);
|
|
+ optr = bin;
|
|
+
|
|
+ for (p = hex; *p != '\0'; ++p) {
|
|
+ unsigned char c;
|
|
+
|
|
+ c = *p;
|
|
+ if (isspace(c))
|
|
+ continue;
|
|
+
|
|
+ if (c >= '0' && c <= '9') {
|
|
+ c = c - '0';
|
|
+ } else if (c >= 'A' && c <= 'F') {
|
|
+ c = c - 'A' + 10;
|
|
+ } else if (c >= 'a' && c <= 'f') {
|
|
+ c = c - 'a' + 10;
|
|
+ } else {
|
|
+ /* truncate on nonhex cipher */
|
|
+ break;
|
|
+ }
|
|
+
|
|
+ out |= c << shift;
|
|
+ shift = (shift + 4) % 8;
|
|
+
|
|
+ if (shift) {
|
|
+ *(optr++) = out;
|
|
+ out = 0;
|
|
+ ++n;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ *len = n;
|
|
+ return bin;
|
|
+}
|
|
+
|
|
+#define READ_CHUNK 4096
|
|
+#define MAX_READ_SIZE 1024*1024*100
|
|
+char *
|
|
+read_stdin(void)
|
|
+{
|
|
+ char *buf;
|
|
+ size_t n, total = 0;
|
|
+
|
|
+ buf = xmalloc(READ_CHUNK);
|
|
+
|
|
+ do {
|
|
+ n = fread(buf + total, 1, READ_CHUNK, stdin);
|
|
+ if (n < READ_CHUNK) /* terminate on short read */
|
|
+ break;
|
|
+
|
|
+ total += n;
|
|
+ buf = xreallocarray(buf, total + READ_CHUNK, 1);
|
|
+ } while (total < MAX_READ_SIZE);
|
|
+ return buf;
|
|
+}
|
|
+
|
|
+int
|
|
+main(int argc, char *argv[])
|
|
+{
|
|
+
|
|
+ struct sshcipher *c;
|
|
+ struct sshcipher_ctx cc;
|
|
+ struct sshcipher_ctx *ccp;
|
|
+ char *algo = "aes128-ctr";
|
|
+ char *hexkey = NULL;
|
|
+ char *hexiv = "00000000000000000000000000000000";
|
|
+ char *hexdata = NULL;
|
|
+ char *p;
|
|
+ int i;
|
|
+ int encrypt = 1;
|
|
+ void *key;
|
|
+ size_t keylen;
|
|
+ void *iv;
|
|
+ size_t ivlen;
|
|
+ void *data;
|
|
+ size_t datalen;
|
|
+ void *outdata;
|
|
+
|
|
+ for (i = 1; i < argc; ++i) {
|
|
+ if (strcmp(argv[i], "--algo") == 0) {
|
|
+ algo = argv[++i];
|
|
+ } else if (strcmp(argv[i], "--key") == 0) {
|
|
+ hexkey = argv[++i];
|
|
+ } else if (strcmp(argv[i], "--mode") == 0) {
|
|
+ ++i;
|
|
+ if (argv[i] == NULL) {
|
|
+ usage();
|
|
+ }
|
|
+ if (strncmp(argv[i], "enc", 3) == 0) {
|
|
+ encrypt = 1;
|
|
+ } else if (strncmp(argv[i], "dec", 3) == 0) {
|
|
+ encrypt = 0;
|
|
+ } else {
|
|
+ usage();
|
|
+ }
|
|
+ } else if (strcmp(argv[i], "--iv") == 0) {
|
|
+ hexiv = argv[++i];
|
|
+ } else if (strcmp(argv[i], "--data") == 0) {
|
|
+ hexdata = argv[++i];
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (hexkey == NULL || algo == NULL) {
|
|
+ usage();
|
|
+ }
|
|
+
|
|
+ SSLeay_add_all_algorithms();
|
|
+
|
|
+ c = cipher_by_name(algo);
|
|
+ if (c == NULL) {
|
|
+ fprintf(stderr, "Error: unknown algorithm\n");
|
|
+ return 2;
|
|
+ }
|
|
+
|
|
+ if (hexdata == NULL) {
|
|
+ hexdata = read_stdin();
|
|
+ } else {
|
|
+ hexdata = xstrdup(hexdata);
|
|
+ }
|
|
+
|
|
+ key = fromhex(hexkey, &keylen);
|
|
+
|
|
+ if (keylen != 16 && keylen != 24 && keylen == 32) {
|
|
+ fprintf(stderr, "Error: unsupported key length\n");
|
|
+ return 2;
|
|
+ }
|
|
+
|
|
+ iv = fromhex(hexiv, &ivlen);
|
|
+
|
|
+ if (ivlen != 16) {
|
|
+ fprintf(stderr, "Error: unsupported iv length\n");
|
|
+ return 2;
|
|
+ }
|
|
+
|
|
+ data = fromhex(hexdata, &datalen);
|
|
+
|
|
+ if (data == NULL || datalen == 0) {
|
|
+ fprintf(stderr, "Error: no data to encrypt/decrypt\n");
|
|
+ return 2;
|
|
+ }
|
|
+
|
|
+ ccp = &cc;
|
|
+ cipher_init(&ccp, c, key, keylen, iv, ivlen, encrypt);
|
|
+
|
|
+ free(key);
|
|
+ free(iv);
|
|
+
|
|
+ outdata = malloc(datalen);
|
|
+ if (outdata == NULL) {
|
|
+ fprintf(stderr, "Error: memory allocation failure\n");
|
|
+ return 2;
|
|
+ }
|
|
+
|
|
+ cipher_crypt(&cc, 0, outdata, data, datalen, 0, 0);
|
|
+
|
|
+ free(data);
|
|
+
|
|
+ cipher_free(&cc);
|
|
+
|
|
+ for (p = outdata; datalen > 0; ++p, --datalen) {
|
|
+ printf("%02X", (unsigned char) *p);
|
|
+ }
|
|
+
|
|
+ free(outdata);
|
|
+
|
|
+ printf("\n");
|
|
+ return 0;
|
|
+}
|
|
diff --git a/openssh-7.7p1/cipher.c b/openssh-7.7p1/cipher.c
|
|
--- openssh-7.7p1/cipher.c
|
|
+++ openssh-7.7p1/cipher.c
|
|
@@ -49,25 +49,16 @@
|
|
#include "ssherr.h"
|
|
#include "digest.h"
|
|
|
|
#include "openbsd-compat/openssl-compat.h"
|
|
|
|
#include "fips.h"
|
|
#include "log.h"
|
|
|
|
-struct sshcipher_ctx {
|
|
- int plaintext;
|
|
- int encrypt;
|
|
- EVP_CIPHER_CTX *evp;
|
|
- struct chachapoly_ctx cp_ctx; /* XXX union with evp? */
|
|
- struct aesctr_ctx ac_ctx; /* XXX union with evp? */
|
|
- const struct sshcipher *cipher;
|
|
-};
|
|
-
|
|
struct sshcipher {
|
|
char *name;
|
|
u_int block_size;
|
|
u_int key_len;
|
|
u_int iv_len; /* defaults to block_size */
|
|
u_int auth_len;
|
|
u_int flags;
|
|
#define CFLAG_CBC (1<<0)
|
|
diff --git a/openssh-7.7p1/cipher.h b/openssh-7.7p1/cipher.h
|
|
--- openssh-7.7p1/cipher.h
|
|
+++ openssh-7.7p1/cipher.h
|
|
@@ -41,17 +41,25 @@
|
|
#include <openssl/evp.h>
|
|
#include "cipher-chachapoly.h"
|
|
#include "cipher-aesctr.h"
|
|
|
|
#define CIPHER_ENCRYPT 1
|
|
#define CIPHER_DECRYPT 0
|
|
|
|
struct sshcipher;
|
|
-struct sshcipher_ctx;
|
|
+struct sshcipher_ctx {
|
|
+ int plaintext;
|
|
+ int encrypt;
|
|
+ EVP_CIPHER_CTX *evp;
|
|
+ struct chachapoly_ctx cp_ctx; /* XXX union with evp? */
|
|
+ struct aesctr_ctx ac_ctx; /* XXX union with evp? */
|
|
+ const struct sshcipher *cipher;
|
|
+};
|
|
+
|
|
|
|
const struct sshcipher *cipher_by_name(const char *);
|
|
const char *cipher_warning_message(const struct sshcipher_ctx *);
|
|
int ciphers_valid(const char *);
|
|
char *cipher_alg_list(char, int);
|
|
int cipher_init(struct sshcipher_ctx **, const struct sshcipher *,
|
|
const u_char *, u_int, const u_char *, u_int, int);
|
|
int cipher_crypt(struct sshcipher_ctx *, u_int, u_char *, const u_char *,
|