Antonio Larrosa
fef1b16e66
commented out). The keycat binary isn't really installed nor supported, so we can drop it, except for the code that is used by other SELinux patches, which is what I kept from that patch (boo#1229072). - Add patch submitted to upstream to fix RFC4256 implementation so that keyboard-interactive authentication method can send instructions and sshd shows them to users even before a prompt is requested. This fixes MFA push notifications (boo#1229010). * 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=274
75 lines
1.7 KiB
Diff
75 lines
1.7 KiB
Diff
commit d281831d887044ede45d458c3dda74be9ae017e3
|
|
Author: Hans Petter Jansson <hpj@hpjansson.org>
|
|
Date: Fri Sep 25 23:26:58 2020 +0200
|
|
|
|
Use OpenSSL's FIPS approved RAND_bytes() to get randomness for Ed25519
|
|
|
|
diff --git a/ed25519.c b/ed25519.c
|
|
index 767ec24..5d506a9 100644
|
|
--- a/ed25519.c
|
|
+++ b/ed25519.c
|
|
@@ -9,6 +9,13 @@
|
|
|
|
#include "crypto_api.h"
|
|
|
|
+#ifdef WITH_OPENSSL
|
|
+#include <openssl/rand.h>
|
|
+#include <openssl/err.h>
|
|
+#endif
|
|
+
|
|
+#include "log.h"
|
|
+
|
|
#define int8 crypto_int8
|
|
#define uint8 crypto_uint8
|
|
#define int16 crypto_int16
|
|
@@ -33,7 +40,15 @@ int crypto_sign_ed25519_keypair(
|
|
sc25519 scsk;
|
|
ge25519 gepk;
|
|
|
|
+#ifdef WITH_OPENSSL
|
|
+ /* Use FIPS approved RNG */
|
|
+ if (RAND_bytes(sk, 32) <= 0)
|
|
+ fatal("Couldn't obtain random bytes (error 0x%lx)",
|
|
+ (unsigned long)ERR_get_error());
|
|
+#else
|
|
randombytes(sk,32);
|
|
+#endif
|
|
+
|
|
crypto_hash_sha512(az,sk,32);
|
|
az[0] &= 248;
|
|
az[31] &= 127;
|
|
diff --git a/kexc25519.c b/kexc25519.c
|
|
index f13d766..2604eda 100644
|
|
--- a/kexc25519.c
|
|
+++ b/kexc25519.c
|
|
@@ -33,6 +33,13 @@
|
|
#include <string.h>
|
|
#include <signal.h>
|
|
|
|
+#ifdef WITH_OPENSSL
|
|
+#include <openssl/rand.h>
|
|
+#include <openssl/err.h>
|
|
+#endif
|
|
+
|
|
+#include "log.h"
|
|
+
|
|
#include "sshkey.h"
|
|
#include "kex.h"
|
|
#include "sshbuf.h"
|
|
@@ -51,7 +58,15 @@ kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE])
|
|
{
|
|
static const u_char basepoint[CURVE25519_SIZE] = {9};
|
|
|
|
+#ifdef WITH_OPENSSL
|
|
+ /* Use FIPS approved RNG */
|
|
+ if (RAND_bytes(key, CURVE25519_SIZE) <= 0)
|
|
+ fatal("Couldn't obtain random bytes (error 0x%lx)",
|
|
+ (unsigned long)ERR_get_error());
|
|
+#else
|
|
arc4random_buf(key, CURVE25519_SIZE);
|
|
+#endif
|
|
+
|
|
crypto_scalarmult_curve25519(pub, key, basepoint);
|
|
}
|
|
|