Previously, there was non-consistent usage of constans SSH_KEX_METHODS,
KEX_METHODS_SIZE and of magic number 10 to reference the arrays used
for algorithm negotiation by peers. This commit settles down to the single
constant and its usage throughout the whole codebase.
Fixes T195
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit c8a621c606)
In ssh_session_new(), initialize the state machines states explicitly
for better readability.
Fixes T194
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit ec67ad47eb)
In ssh_message_new(), initialize msg->auth_request.signature_state
explicitly for better readability.
Fixes T194
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 553eab748a)
In ssh_channel_new(), initialize channel->state and
channel->request_state explicitly for better readability.
Fixes T194
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 2f1f662d46)
When a new ssh_auth_auto_state_struct is allocated in
ssh_userauth_publickey_auto(), initialize the state explicitly for
better readability.
Fixes T194
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 7e3995d2dd)
Use the enum type instead of int in the ssh_session_struct
Fixes T194
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 77bd8ed4c0)
Use the enum type instead of char in the ssh_auth_request struct
Fixes T194
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 39f6ba2dc9)
Generally, when the extension negotiation is enabled and client supports
SHA2 algorithms for RSA, they are supposed to be prioritized against the
old SHA1. If it is not (ssh-rsa is listed in front of rsa-sha2-* hostkey
algorithms during negotiation), the server wrongly tries to provide the
new typo of signature, ignoring the negotiated algirithm
This commit propagates the digest algorithm from negotiation to the actual
signature functions, which were previously responsible for decision
about the hash algorithm based just on the negotiated extensions.
Fixes T191
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 1ebf506913)
This is only compiled for tests and fuzzers!
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 8c36a865f2)
We will honor BUILD_SHARED_LIBS from cmake next.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 729c92606c)
This is already part of LIBSSH_REQUIRED_LIBRARIES
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit 2fcc15c5dc)
It is possible for OpenSSL to have the type EVP_PKEY_ED25519 in
openssl/evp.h, but not the single shot functions EVP_DigestSign() and
EVP_DigestVerify() which are required to generate Ed25519 signatures.
Only switch to use OpenSSL Ed25519 implementation when OpenSSL have all
required types and functions.
Fixes: T197
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 21655e396c)
Debian removed the cross compiling toolchain. So lets drop it.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit d02c06268e)
Do not parse global config file in sessions created by
torture_ssh_session().
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 8a50dbc6ba)
This removes the tests which uses external configuration files. This
makes the tests no not change behaviour depending on the environment
they are being executed.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 85239c8ea0)
In pkd tests, avoid processing the global server configuration file.
This is to allow testing with algorithms not allowed in the global
server configuration.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 040aa0edfe)
Do not process system-wide configuration when reinitializing a session
during testing. This could lead to different settings set from the
expected one (which was initialized during test setup).
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit f97a8b4e3f)
Previously, the tests were sharing the same file path to create the
known_hosts file, which can create a race condition if the tests run in
parallel. Such file was deleted between tests.
By using different different files for each test, the risk of race
conditions is eliminated. Moreover, it makes unnecessary to destroy the
file between tests.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit d4fe8e1f62)
This adds support for Ed25519 keys from files in PEM format when using
OpenSSL with Ed25519 support. The default encoding for the PEM file is
expected to be PKCS#8. Encrypted files are supported.
For the lack of an API, it is not possible to export keys in PEM format,
only in OpenSSH format.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit a3a0529b41)
If supported, use OpenSSL X25519 implementation for the curve25519 key
exchange.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit d463f67aba)
This removes unused function pki_signature_verify()
from pki_{crypto, mbedcrypto, gcrypt}. The function was also removed
from include/libssh/pki_priv.h. The function ssh_pki_signature_verify()
was changed to receive a const unsigned char *input.
All tests calling pki_signature_verify() were changed to call
ssh_pki_signature_verify() instead.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 55cd04fbee)
Use OpenSSL to generate and verify Ed25519 signatures, if supported.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 2a2c1c98bf)
This is a preparation to use the Ed25519 implementation from OpenSSL.
The function pki_ed25519_sig_to_blob() was renamed to
pki_ed25519_signature_to_blob() and pki_ed25519_sig_from_blob() was
renamed to pki_signature_from_ed25519_blob() to follow the naming for
other algorithms.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit bdcaf55b90)
Generate and verify Ed25519 signatures along with the other signature
types.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 97adbfe087)
Verify the Ed25519 signature in pki_verify_data_signature() along with
the other signature types.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 38ede2e225)
Use the newer APIs EVP_DigestSign{Init}() and EVP_DigestVerify{Init}()
to generate and verify signatures instead of the older EVP_Sign{Init,
Update, Final} and EVP_Verify{Init, Update, Final} if supported.
Also use the single shot signature/verification if supported as all the
input is provided at once.
This is a preparation to use Ed25519 implementation from OpenSSL.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 90944a3651)
