Tera TermRevision: 10065
https://osdn.net/projects/ttssh2/scm/svn/commits/10065
Author: doda
Date: 2022-07-18 00:39:21 +0900 (Mon, 18 Jul 2022)
Log Message:
-----------
ホスト鍵署名方式として rsa-sha2-256/512 に対応した
Ticket: #36109
認証鍵での署名方式では未対応。
Ticket Links:
------------
https://osdn.net/projects/ttssh2/tracker/detail/36109
Modified Paths:
--------------
trunk/installer/release/TERATERM.INI
trunk/ttssh2/ttxssh/hostkey.c
trunk/ttssh2/ttxssh/hostkey.h
trunk/ttssh2/ttxssh/key.c
trunk/ttssh2/ttxssh/key.h
trunk/ttssh2/ttxssh/ssh.c
-------------- next part --------------
Modified: trunk/installer/release/TERATERM.INI
===================================================================
--- trunk/installer/release/TERATERM.INI 2022-07-17 15:39:09 UTC (rev 10064)
+++ trunk/installer/release/TERATERM.INI 2022-07-17 15:39:21 UTC (rev 10065)
@@ -842,8 +842,10 @@
; 5...ecdh-sha2-nistp384
; 6...ecdh-sha2-nistp521
; 7...ssh-ed25519
+; 8...rsa-sha2-256
+; 9...rsa-sha2-512
; 0...below this line are disabled.
-HostKeyOrder=4567230
+HostKeyOrder=456798230
; MAC algorithm order(SSH2)
; 1...hmac-sha1
Modified: trunk/ttssh2/ttxssh/hostkey.c
===================================================================
--- trunk/ttssh2/ttxssh/hostkey.c 2022-07-17 15:39:09 UTC (rev 10064)
+++ trunk/ttssh2/ttxssh/hostkey.c 2022-07-17 15:39:21 UTC (rev 10065)
@@ -46,6 +46,8 @@
{KEY_ALGO_ECDSA384, KEY_ECDSA384, NID_sha384, "ecdsa-sha2-nistp384"}, // RFC5656
{KEY_ALGO_ECDSA521, KEY_ECDSA521, NID_sha512, "ecdsa-sha2-nistp521"}, // RFC5656
{KEY_ALGO_ED25519, KEY_ED25519, NID_sha512, "ssh-ed25519"}, // RDC8709
+ {KEY_ALGO_RSASHA256,KEY_RSA, NID_sha256, "rsa-sha2-256"}, // RFC8332
+ {KEY_ALGO_RSASHA512,KEY_RSA, NID_sha512, "rsa-sha2-512"}, // RFC8332
{KEY_ALGO_UNSPEC, KEY_UNSPEC, NID_undef, "ssh-unknown"},
{KEY_ALGO_NONE, KEY_NONE, NID_undef, NULL},
};
@@ -141,7 +143,7 @@
return KEY_ALGO_UNSPEC;
}
-int get_ssh2_keyalgo_hashtype(ssh_keyalgo algo)
+int get_ssh2_key_hashtype(ssh_keyalgo algo)
{
const struct ssh2_host_key_t *ptr = ssh2_host_key;
@@ -198,6 +200,8 @@
KEY_ALGO_ECDSA384,
KEY_ALGO_ECDSA521,
KEY_ALGO_ED25519,
+ KEY_ALGO_RSASHA256,
+ KEY_ALGO_RSASHA512,
KEY_ALGO_RSA,
KEY_ALGO_DSA,
KEY_ALGO_NONE,
Modified: trunk/ttssh2/ttxssh/hostkey.h
===================================================================
--- trunk/ttssh2/ttxssh/hostkey.h 2022-07-17 15:39:09 UTC (rev 10064)
+++ trunk/ttssh2/ttxssh/hostkey.h 2022-07-17 15:39:21 UTC (rev 10065)
@@ -53,6 +53,8 @@
KEY_ALGO_ECDSA384,
KEY_ALGO_ECDSA521,
KEY_ALGO_ED25519,
+ KEY_ALGO_RSASHA256,
+ KEY_ALGO_RSASHA512,
KEY_ALGO_UNSPEC,
KEY_ALGO_MAX = KEY_ALGO_UNSPEC,
} ssh_keyalgo;
@@ -91,7 +93,7 @@
char *get_ssh2_hostkey_type_name_from_key(Key *key);
ssh_keyalgo get_ssh2_keyalgo_from_name(const char *name);
char* get_ssh2_keyalgo_name(ssh_keyalgo algo);
-int get_ssh2_keyalgo_hashtype(ssh_keyalgo algo);
+int get_ssh2_key_hashtype(ssh_keyalgo algo);
ssh_keytype get_ssh2_keytype_from_keyalgo(ssh_keyalgo algo);
const char* get_ssh2_keytype_name_from_keyalgo(ssh_keyalgo algo);
char* get_digest_algorithm_name(digest_algorithm id);
Modified: trunk/ttssh2/ttxssh/key.c
===================================================================
--- trunk/ttssh2/ttxssh/key.c 2022-07-17 15:39:09 UTC (rev 10064)
+++ trunk/ttssh2/ttxssh/key.c 2022-07-17 15:39:21 UTC (rev 10065)
@@ -192,7 +192,38 @@
0x05, 0x00, /* NULL */
0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */
};
+
/*
+ * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
+ * id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840)
+ * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2)
+ * id-sha256(1) }
+ */
+static const u_char id_sha256[] = {
+ 0x30, 0x31, /* type Sequence, length 0x31 (49) */
+ 0x30, 0x0d, /* type Sequence, length 0x0d (13) */
+ 0x06, 0x09, /* type OID, length 0x09 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, /* id-sha256 */
+ 0x05, 0x00, /* NULL */
+ 0x04, 0x20 /* Octet string, length 0x20 (32), followed by sha256 hash */
+};
+
+/*
+ * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
+ * id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840)
+ * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2)
+ * id-sha256(3) }
+ */
+static const u_char id_sha512[] = {
+ 0x30, 0x51, /* type Sequence, length 0x51 (81) */
+ 0x30, 0x0d, /* type Sequence, length 0x0d (13) */
+ 0x06, 0x09, /* type OID, length 0x09 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, /* id-sha512 */
+ 0x05, 0x00, /* NULL */
+ 0x04, 0x40 /* Octet string, length 0x40 (64), followed by sha512 hash */
+};
+
+/*
* id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
* rsadsi(113549) digestAlgorithm(2) 5 }
*/
@@ -225,6 +256,16 @@
oidlen = sizeof(id_md5);
hlen = 16;
break;
+ case NID_sha256:
+ oid = id_sha256;
+ oidlen = sizeof(id_sha256);
+ hlen = 32;
+ break;
+ case NID_sha512:
+ oid = id_sha512;
+ oidlen = sizeof(id_sha512);
+ hlen = 64;
+ break;
default:
goto done;
break;
@@ -269,16 +310,14 @@
int ssh_rsa_verify(RSA *key,
u_char *signature, u_int signaturelen,
- u_char *data, u_int datalen)
+ u_char *data, u_int datalen, ssh_keyalgo keyalgo)
{
const EVP_MD *evp_md;
EVP_MD_CTX *md = NULL;
- // char *ktype;
u_char digest[EVP_MAX_MD_SIZE], *sigblob;
u_int len, dlen, modlen;
-// int rlen, ret, nid;
int ret = -1, nid;
- char *ptr;
+ char *ptr, *algo_name;
BIGNUM *n;
md = EVP_MD_CTX_new();
@@ -301,11 +340,13 @@
}
//debug_print(41, signature, signaturelen);
ptr = signature;
+ algo_name = get_ssh2_keyalgo_name(keyalgo);
// step1
len = get_uint32_MSBfirst(ptr);
ptr += 4;
- if (strncmp("ssh-rsa", ptr, len) != 0) {
+ if (strncmp(algo_name, ptr, len) != 0) {
+ logprintf(10, "%s: signature type mismatch: sig: %s, hostkey: %s", __FUNCTION__, ptr, algo_name);
ret = -4;
goto error;
}
@@ -337,11 +378,9 @@
len = modlen;
}
- /* sha1 the data */
- // nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
- nid = NID_sha1;
+ nid = get_ssh2_key_hashtype(keyalgo);
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
- //error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
+ logprintf(10, "%s: EVP_get_digestbynid %d failed", __FUNCTION__, nid);
ret = -6;
goto error;
}
@@ -521,13 +560,13 @@
int key_verify(Key *key,
unsigned char *signature, unsigned int signaturelen,
- unsigned char *data, unsigned int datalen)
+ unsigned char *data, unsigned int datalen, ssh_keyalgo keyalgo)
{
int ret = 0;
switch (key->type) {
case KEY_RSA:
- ret = ssh_rsa_verify(key->rsa, signature, signaturelen, data, datalen);
+ ret = ssh_rsa_verify(key->rsa, signature, signaturelen, data, datalen, keyalgo);
break;
case KEY_DSA:
ret = ssh_dss_verify(key->dsa, signature, signaturelen, data, datalen);
@@ -2512,8 +2551,9 @@
sig = buffer_get_string_msg(bsig, &siglen_i);
siglen = siglen_i;
- // Verify signature
- ret = key_verify(ctx->keys[i], sig, siglen, buffer_ptr(b), buffer_len(b));
+ // \x8E蔲\x82\xAB\x81Bhostkey algorithm \x82\xF0\x8Eg\x82\xA4\x82̂\xCD RSA \x82̎\x9E\x82݂̂Ȃ̂ŁA
+ // \x82Ƃ肠\x82\xA6\x82\xB8 KEY_ALGO_RSA \x82\xF0\x8Ew\x92肵\x82Ă\xA8\x82\xAD\x81B
+ ret = key_verify(ctx->keys[i], sig, siglen, buffer_ptr(b), buffer_len(b), KEY_ALGO_RSA);
free(sig);
sig = NULL;
if (ret != 1) {
Modified: trunk/ttssh2/ttxssh/key.h
===================================================================
--- trunk/ttssh2/ttxssh/key.h 2022-07-17 15:39:09 UTC (rev 10064)
+++ trunk/ttssh2/ttxssh/key.h 2022-07-17 15:39:21 UTC (rev 10065)
@@ -37,7 +37,7 @@
int key_verify(Key *key,
unsigned char *signature, unsigned int signaturelen,
- unsigned char *data, unsigned int datalen);
+ unsigned char *data, unsigned int datalen, ssh_keyalgo key_algo);
RSA *duplicate_RSA(RSA *src);
DSA *duplicate_DSA(DSA *src);
unsigned char *duplicate_ED25519_PK(unsigned char *src);
Modified: trunk/ttssh2/ttxssh/ssh.c
===================================================================
--- trunk/ttssh2/ttxssh/ssh.c 2022-07-17 15:39:09 UTC (rev 10064)
+++ trunk/ttssh2/ttxssh/ssh.c 2022-07-17 15:39:21 UTC (rev 10065)
@@ -5446,7 +5446,7 @@
}
}
- if ((ret = key_verify(hostkey, signature, siglen, hash, hashlen)) != 1) {
+ if ((ret = key_verify(hostkey, signature, siglen, hash, hashlen, pvar->hostkey_type)) != 1) {
if (ret == -3 && hostkey->type == KEY_RSA) {
if (!pvar->settings.EnableRsaShortKeyServer) {
BIGNUM *n;