aboutsummaryrefslogtreecommitdiff
path: root/src/pki.c
AgeCommit message (Collapse)AuthorFilesLines
2019-01-26pki: Avoid a possible segfaults in error pathsAndreas Schneider1-2/+2
Found by csbuild. Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-09packet: Introduce a new function to access cryptoJakub Jelen1-12/+9
And remove most of the direct access to the structure throughout the code Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30pki: Return default RSA key type for DIGEST_AUTOJakub Jelen1-0/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30pki: Sanity-check signature matches base key typeJakub Jelen1-0/+6
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30pki: Separate signature extraction and verificationJakub Jelen1-13/+5
Initial solution proposed by Tilo Eckert <tilo.eckert@flam.de> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30pki: Use self-explanatory variable namesJakub Jelen1-10/+10
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-30The largest ECDSA key has 521 bitsJakub Jelen1-1/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-23kex,packet,packet_cb: ReformatJakub Jelen1-1/+2
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-20pki: Fix typos in documentationTilo Eckert1-2/+3
Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24pki: Add NULL check in ssh_pki_key_ecdsa_name()Andreas Schneider1-1/+4
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-20pki: Use strndup in ssh_pki_export_privkey_base64()Andreas Schneider1-11/+6
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-20pki: Add ssh_pki_export_privkey_base64()DavidWed1-0/+61
Fixes T53 Signed-off-by: DavidWedderwille <davidwe@posteo.de> Reviewed-by: Andreas Schneider <asn@samba.org>
2018-09-18pki: Implement reading public key from OpenSSH private key containerJakub Jelen1-1/+15
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18pki: Allow reading keys in new OpenSSH formatJakub Jelen1-0/+173
This implements reading the OpenSSH key format accross the cryptographic backends. Most of the code is shared and moved to pki.c, just the building of the keys is implemented in pki_privkey_build_*() functions. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18pki: Use unpack to simplify public key readingJakub Jelen1-46/+13
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-17pki: Initialize pointers to NULLJakub Jelen1-12/+12
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-01pki: Fix a memory leak in ssh_pki_do_sign()Andreas Schneider1-0/+2
CID 1395335 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31pki: Support RSA SHA2 signatures of sessionid for serverJakub Jelen1-9/+24
This involves mostly creation of host keys proofs but needs to follow the same procedure as the client authentication signatures. At the same time, the SHA2 extension is enabled in the pkd so we are able to atomicaly provide correct signatures and pass tests. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31tests: PUBLICKEY_ACCEPTED_TYPES are effectiveJakub Jelen1-1/+1
Verify the PUBLICKEY_ACCEPTED_TYPES option is handled correctly and affects the signature algorithm selection based on the extensions and can be used to limit list of offered mechanisms to the server. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31pki: Allow filtering accepted public key types based on the configurationJakub Jelen1-4/+25
This effectively allows to disable using the SHA2 extension, disable other old public key mechanisms out of the box (hello DSA) or force the new SHA2-based key algorithm types if needed. This exposes the default_methods array from kex.c. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31auth: Support SHA2 extension for pubkey authentication (RFC 8332)Jakub Jelen1-2/+22
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31pki: RSA signatures with SHA2 hash algorithms (RFC 8332)Jakub Jelen1-9/+78
* This change introduces a new API to request signature using one key and different hash algorithms. This is used only with RSA keys, that used to have SHA1 hardcoded, but the new algorithsms allow to use the SHA2 hashes, if the extension is negotiated. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-31pki: Support RSA verification using different hash algorithmsJakub Jelen1-6/+102
This changes the private API by adding one more argument to function pki_signature_from_blob() Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-01pki: Log really the signature algorithm typeJakub Jelen1-1/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05bignum: Make bignum_free saferAris Adamantiadis1-2/+2
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05pki: Improve pubkey buffer handling form fileAndreas Schneider1-5/+16
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29Rest in Peace SSHv1Andreas Schneider1-19/+8
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-06-29pki: Fix random memory corruptionAndreas Schneider1-2/+2
Fixes T78 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-02-12src: Use explicit_bzero() if available on the platformAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-28pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when ↵jvijtiuk1-2/+3
built without ECC Summary: When ed25519 was introduced in commit 93c7b81b4ea1046bd2f65f4a510d5966786e8d3d, the ed25519 case was added after the ecdsa case in src/pki.c. The ecdsa case seems to have relied on falling through to report an error, when HAVE_ECC is not defined. If HAVE_ECC is not defined, but ecdsa keys are used, with for example, ssh_pki_import_pubkey_file, the code fallthroughs into the ed25519 case. Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr> Test Plan: Unit tests passed. No memory leaks found with valgrind. Reviewers: asn Differential Revision: https://bugs.libssh.org/D13 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-28add mbedtls crypto supportJuraj Vijtiuk1-0/+15
Summary: This patch adds support for mbedTLS as a crypto backend for libssh. mbedTLS is an SSL/TLS library that has been designed to mainly be used in embedded systems. It is loosely coupled and has a low memory footprint. mbedTLS also provides a cryptography library (libmbedcrypto) that can be used without the TLS modules. The patch is unfortunately quite big, since several new files had to be added. DSA is disabled at compile time, since mbedTLS doesn't support DSA Patch review and feedback would be appreciated, and if any issues or suggestions appear, I'm willing to work on them. Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr> Test Plan: * The patch has been tested with a Debug and MinSizeRel build, with libssh unit tests, client tests and the pkd tests. * All the tests have been run with valgrind's memcheck, drd and helgrind tools. * The examples/samplessh client works when built with the patch. Reviewers: asn, aris Subscribers: simonsj Differential Revision: https://bugs.libssh.org/D1
2017-02-03pki: Use byte mode for fopen()Andreas Schneider1-2/+2
BUG: https://red.libssh.org/issues/251 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-09pki_gcrypt: Fix freeing of ECDSA signatures.Justus Winter1-1/+1
* src/pki.c (ssh_signature_free): Fix test for ECC using gcrypt. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06cmake: Check for io.h on WindowsAndreas Schneider1-2/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-03pki_gcrypt: Handle ECDSA keys and signaturesJustus Winter1-2/+4
* ConfigureChecks.cmake: Set 'HAVE_ECC' and 'HAVE_GCRYPT_ECC' if applicable. * include/libssh/pki.h (struct ssh_key_struct): Fix type of field 'ecdsa'. (struct ssh_signature_struct): Likewise for 'ecdsa_sig'. * src/pki.c (ssh_pki_key_ecdsa_name): Relax guard now that the used function is also provided by the gcrypt backend. (ssh_signature_free): Free ecdsa signature. * src/pki_gcrypt.c (ECDSA_HEADER_{BEGIN,END}): New macros. (privatekey_string_to_buffer): Handle ECDSA keys. (pki_key_ecdsa_to_nid): New function. (pki_key_ecdsa_nid_to_gcrypt_name): Likewise. (pki_key_ecdsa_nid_to_name): Likewise. (pki_key_ecdsa_nid_to_char): Likewise. (pki_key_ecdsa_nid_from_name): Implement. (asn1_oi_to_nid): New function. (b64decode_ecdsa_privatekey): Likewise. (pki_private_key_from_base64): Handle ECDSA keys. (pki_pubkey_build_ecdsa): Implement. (pki_key_dup): Handle ECDSA keys. (pki_key_generate): Likewise. (pki_key_generate_ecdsa): Implement. (pki_key_compare): Handle ECDSA keys. (pki_publickey_to_blob): Likewise. (pki_signature_from_blob): Likewise. (pki_signature_verify): Likewise. (pki_do_sign): Likewise. (pki_do_sign_sessionid): Likewise. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-02pki: Fix debug messageJustus Winter1-1/+5
* src/pki.c (ssh_pki_signature_verify_blob): Fix debug message. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-03-21pki: Mention relevant RFC for EC key encodingJustus Winter1-0/+2
* src/pki.c (ssh_pki_export_pubkey_blob): Mention relevant RFC for EC key encoding. Signed-off-by: Justus Winter <justus@g10code.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-23pki: Fixed documentation about return value.Younes Serraj1-1/+1
Documentation now is congruent with the code: - SSH_OK is returned on success, - SSH_ERROR is returned on error. Signed-off-by: Younes Serraj <younes.serraj@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org>
2016-01-19buffer: use ssh_buffer_get() instead of ssh_buffer_get_begin()Fabiano Fidêncio1-1/+1
This commit is a preparatory stage for removing ssh_buffer_get_begin(). Note that removing ssh_buffer_get_begin() doesn't break API compatibility, as this functions has never been exposed (it only has the LIBSSH_API prefix). Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19buffer: do not use ssh_buffer_get_rest_len()Fabiano Fidêncio1-5/+5
As ssh_buffer_get_len() actually calls ssh_buffer_get_rest_len(), let's just use the first one. This is a preparatory step for removing ssh_buffer_get_rest_len(). Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19buffer: rename ssh_buffer_get_rest() to ssh_buffer_get()Fabiano Fidêncio1-4/+4
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19cleanup: use ssh_ prefix in the buffer (non-static) functionsFabiano Fidêncio1-25/+25
Having "ssh_" prefix in the functions' name will avoid possible clashes when compiling libssh statically. Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2015-12-17Fix a bunch of -Wmaybe-uninitializedFabiano Fidêncio1-1/+1
Reviewed-By: Aris Adamantiadis <aris@0xbadc0de.be>
2015-09-09pki: Fix a memory leak on error in ssh_pki_copy_cert_to_privkey()Andreas Schneider1-0/+1
CID 1323516 Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-09pki: Fix a memory leak in pki_import_cert_buffer()Andreas Schneider1-0/+1
CID #1323517
2015-09-07pki: Add certificate loading functionsAxel Eppe1-2/+110
- ssh_pki_import_cert_base64() - ssh_pki_import_cert_file() - ssh_pki_import_cert_blob() Those functions are currently simple wrappers around their pubkey counterpart. - ssh_pki_copy_cert_to_privkey() This function copies the cert-specific data to a private key. Signed-off-by: Axel Eppe <aeppe@google.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07pki: Add Add new pki_import_cert_buffer functionAxel Eppe1-0/+51
Signed-off-by: Axel Eppe <aeppe@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07pki: Add rsa, dss certificate key type definitionsAxel Eppe1-0/+18
- Add rsa/dsa (ssh-{rsa,dss}-cert-v01@openssh.com) as key types. - Add a cert_type member in the ssh_key struct. Signed-off-by: Axel Eppe <aeppe@google.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07pki: Use the standard logging functionAndreas Schneider1-39/+29
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-08-10pki: Fix return values of ssh_key_is_(public|private)Andreas Schneider1-2/+2
Thanks to Kevin Haake <khaake@red-cocoa.com> Signed-off-by: Andreas Schneider <asn@cryptomilk.org>