diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2002-07-04 02:17:33 +0200 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-07-04 02:17:33 +0200 |
commit | 43ce2c86a89a512e3c9361b40155db8bbef3f441 (patch) | |
tree | ebbfbba5ed85155906c280a230943ccb306e8c48 /ssh-keysign.c | |
parent | - markus@cvs.openbsd.org 2002/07/01 19:48:46 (diff) | |
download | openssh-43ce2c86a89a512e3c9361b40155db8bbef3f441.tar.xz openssh-43ce2c86a89a512e3c9361b40155db8bbef3f441.zip |
- markus@cvs.openbsd.org 2002/07/03 09:55:38
[ssh-keysign.c]
use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
in order to avoid a possible Kocher timing attack pointed out by Charles
Hannum; ok provos@
Diffstat (limited to '')
-rw-r--r-- | ssh-keysign.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c index 6a435684b..bed2b9874 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -22,9 +22,11 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: ssh-keysign.c,v 1.5 2002/06/26 22:27:32 markus Exp $"); +RCSID("$OpenBSD: ssh-keysign.c,v 1.6 2002/07/03 09:55:38 markus Exp $"); #include <openssl/evp.h> +#include <openssl/rand.h> +#include <openssl/rsa.h> #include "log.h" #include "key.h" @@ -140,6 +142,7 @@ main(int argc, char **argv) u_char *signature, *data; char *host; u_int slen, dlen; + u_int32_t rnd[256]; key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); @@ -163,6 +166,9 @@ main(int argc, char **argv) pw = pwcopy(pw); SSLeay_add_all_algorithms(); + for (i = 0; i < 256; i++) + rnd[i] = arc4random(); + RAND_seed(rnd, sizeof(rnd)); found = 0; for (i = 0; i < 2; i++) { @@ -172,6 +178,13 @@ main(int argc, char **argv) keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC, NULL, NULL); close(key_fd[i]); + if (keys[i] != NULL && keys[i]->type == KEY_RSA) { + if (RSA_blinding_on(keys[i]->rsa, NULL) != 1) { + error("RSA_blinding_on failed"); + key_free(keys[i]); + keys[i] = NULL; + } + } if (keys[i] != NULL) found = 1; } |