Attachment 2135 Details for Bug 1987 – Suggested patch

[patch] Suggested patch

rsa_verify.patch (text/plain), 2.84 KB, created by kape on 2012-02-25 04:48:16 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: kape

Created: 2012-02-25 04:48:16 AEDT

Size: 2.84 KB

patch

obsolete

>diff -rupN openssh-5.9p1/ssh-rsa.c openssh-5.9p1.patch/ssh-rsa.c
>--- openssh-5.9p1/ssh-rsa.c	2012-02-24 12:46:46.000000000 -0500
>+++ openssh-5.9p1.patch/ssh-rsa.c	2012-02-24 12:46:18.000000000 -0500
>@@ -35,6 +35,9 @@
> 
> static int openssh_RSA_verify(int, u_char *, u_int, u_char *, u_int, RSA *);
> 
>+static int openssh_RSA_verify_inFIPS(const Key *key, const u_char *signature, u_int signaturelen,
>+    const u_char *data, u_int datalen);
>+
> /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
> int
> ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
>@@ -158,17 +161,28 @@ ssh_rsa_verify(const Key *key, const u_c
> 		memset(sigblob, 0, diff);
> 		len = modlen;
> 	}
>-	nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
>-	if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
>-		error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
>-		xfree(sigblob);
>-		return -1;
>-	}
>-	EVP_DigestInit(&md, evp_md);
>-	EVP_DigestUpdate(&md, data, datalen);
>-	EVP_DigestFinal(&md, digest, &dlen);
> 
>-	ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa);
>+        /* If FIPS mode active use the EVP layer so direct calls into RSA lib functions 
>+         * are avoided because that will cause a failure in openssl 0.9.8r or greater.. */
>+	if(FIPS_mode()) {
>+	    ret = openssh_RSA_verify_inFIPS(key, sigblob, len, data, datalen);
>+	    debug("ssh_rsa_verify: openssh_RSA_verify_inFIPS returning %d",ret);
>+            return ret;
>+        } else {
>+        /* end FIPS specific portion. */
>+
>+	    nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
>+	    if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
>+	    	error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
>+	    	xfree(sigblob);
>+	    	return -1;
>+	    }
>+	    EVP_DigestInit(&md, evp_md);
>+	    EVP_DigestUpdate(&md, data, datalen);
>+	    EVP_DigestFinal(&md, digest, &dlen);
>+       
>+	    ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa);
>+        }
> 	memset(digest, 'd', sizeof(digest));
> 	memset(sigblob, 's', len);
> 	xfree(sigblob);
>@@ -266,3 +280,31 @@ done:
> 		xfree(decrypted);
> 	return ret;
> }
>+
>+static int openssh_RSA_verify_inFIPS(const Key *key, const u_char *signature, u_int signaturelen,
>+    const u_char *data, u_int datalen)
>+{
>+    EVP_MD_CTX md_ctx;
>+    EVP_PKEY pubkey;
>+    int verified = 0;
>+    
>+    EVP_MD_CTX_init(&md_ctx);
>+    EVP_PKEY_assign_RSA(&pubkey,key->rsa);
>+
>+    /* Note, if EVP_md5() is used, due to FIPS 
>+     * there will be a rejection, so we only 
>+     * handle the sha1 case */
>+    EVP_VerifyInit_ex(&md_ctx,EVP_sha1(),NULL);
>+    EVP_VerifyUpdate(&md_ctx,data,datalen);
>+
>+    verified = EVP_VerifyFinal(&md_ctx,signature,signaturelen,&pubkey);
>+
>+    if (verified <= 0)
>+    {
>+    	/* bad signature */
>+        debug("openssh_RSA_verify_inFIPS EVP_VerifyFinal BAD SIG code:%d",verified);
>+        return 0;
>+    }
>+    return 1;
>+}
>+

Actions: View | Diff

Attachments on bug 1987: 2135