Disable ed25519 and ed25519-sk keys in FIPS mode
Related: rhbz#2087915
This commit is contained in:
Dmitry Belyavskiy
parent
821045a148
commit
0d823b2f2a
|
|
@ -344,6 +344,20 @@ diff -up openssh-8.6p1/sshd.c.fips openssh-8.6p1/sshd.c
|
|||
/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
|
||||
saved_argc = ac;
|
||||
rexec_argc = ac;
|
||||
@@ -1931,6 +1931,13 @@ main(int ac, char **av)
|
||||
&key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
|
||||
do_log2_r(r, ll, "Unable to load host key \"%s\"",
|
||||
options.host_key_files[i]);
|
||||
+ if (FIPS_mode() && (sshkey_type_plain(key->type) == KEY_ED25519_SK
|
||||
+ || sshkey_type_plain(key->type) == KEY_ED25519)) {
|
||||
+ logit_f("sshd: Ed25519 keys are not allowed in FIPS mode, skipping %s", options.host_key_files[i]);
|
||||
+ sshkey_free(key);
|
||||
+ key = NULL;
|
||||
+ continue;
|
||||
+ }
|
||||
if (sshkey_is_sk(key) &&
|
||||
key->sk_flags & SSH_SK_USER_PRESENCE_REQD) {
|
||||
debug("host key %s requires user presence, ignoring",
|
||||
@@ -2110,6 +2113,10 @@ main(int ac, char **av)
|
||||
/* Reinitialize the log (because of the fork above). */
|
||||
log_init(__progname, options.log_level, options.log_facility, log_stderr);
|
||||
|
|
@ -393,6 +407,27 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c
|
|||
#include "ssh-sk.h"
|
||||
|
||||
#ifdef WITH_XMSS
|
||||
@@ -1503,6 +1503,20 @@ sshkey_read(struct sshkey *ret, char **c
|
||||
return SSH_ERR_EC_CURVE_MISMATCH;
|
||||
}
|
||||
|
||||
+ switch (type) {
|
||||
+ case KEY_ED25519:
|
||||
+ case KEY_ED25519_SK:
|
||||
+ case KEY_ED25519_CERT:
|
||||
+ case KEY_ED25519_SK_CERT:
|
||||
+ if (FIPS_mode()) {
|
||||
+ sshkey_free(k);
|
||||
+ logit_f("Ed25519 keys are not allowed in FIPS mode");
|
||||
+ return SSH_ERR_INVALID_ARGUMENT;
|
||||
+ }
|
||||
+ break;
|
||||
+ default:
|
||||
+ break;
|
||||
+ }
|
||||
/* Fill in ret from parsed key */
|
||||
ret->type = type;
|
||||
if (sshkey_is_cert(ret)) {
|
||||
@@ -1705,6 +1707,8 @@ rsa_generate_private_key(u_int bits, RSA
|
||||
goto out;
|
||||
|
||||
|
|
@ -407,7 +442,7 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c
|
|||
case KEY_ED25519_SK:
|
||||
case KEY_ED25519_SK_CERT:
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Ed25519 keys are not alowed in FIPS mode");
|
||||
+ logit_f("Ed25519 keys are not allowed in FIPS mode");
|
||||
+ return SSH_ERR_INVALID_ARGUMENT;
|
||||
+ }
|
||||
+ /* Fallthrough */
|
||||
|
|
@ -419,7 +454,7 @@ diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c
|
|||
case KEY_ED25519_SK:
|
||||
case KEY_ED25519_SK_CERT:
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Ed25519 keys are not alowed in FIPS mode");
|
||||
+ logit_f("Ed25519 keys are not allowed in FIPS mode");
|
||||
+ return SSH_ERR_INVALID_ARGUMENT;
|
||||
+ }
|
||||
return ssh_ed25519_sk_verify(key, sig, siglen, data, dlen,
|
||||
|
|
@ -477,7 +512,7 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c
|
|||
case KEX_C25519_SHA256:
|
||||
- r = kex_c25519_keypair(kex);
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Key exchange type c25519 is not alowed in FIPS mode");
|
||||
+ logit_f("Key exchange type c25519 is not allowed in FIPS mode");
|
||||
+ r = SSH_ERR_INVALID_ARGUMENT;
|
||||
+ } else {
|
||||
+ r = kex_c25519_keypair(kex);
|
||||
|
|
@ -486,7 +521,7 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c
|
|||
case KEX_KEM_SNTRUP761X25519_SHA512:
|
||||
- r = kex_kem_sntrup761x25519_keypair(kex);
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Key exchange type sntrup761 is not alowed in FIPS mode");
|
||||
+ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode");
|
||||
+ r = SSH_ERR_INVALID_ARGUMENT;
|
||||
+ } else {
|
||||
+ r = kex_kem_sntrup761x25519_keypair(kex);
|
||||
|
|
@ -500,7 +535,7 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c
|
|||
case KEX_C25519_SHA256:
|
||||
- r = kex_c25519_dec(kex, server_blob, &shared_secret);
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Key exchange type c25519 is not alowed in FIPS mode");
|
||||
+ logit_f("Key exchange type c25519 is not allowed in FIPS mode");
|
||||
+ r = SSH_ERR_INVALID_ARGUMENT;
|
||||
+ } else {
|
||||
+ r = kex_c25519_dec(kex, server_blob, &shared_secret);
|
||||
|
|
@ -510,7 +545,7 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c
|
|||
- r = kex_kem_sntrup761x25519_dec(kex, server_blob,
|
||||
- &shared_secret);
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Key exchange type sntrup761 is not alowed in FIPS mode");
|
||||
+ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode");
|
||||
+ r = SSH_ERR_INVALID_ARGUMENT;
|
||||
+ } else {
|
||||
+ r = kex_kem_sntrup761x25519_dec(kex, server_blob,
|
||||
|
|
@ -526,7 +561,7 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c
|
|||
- r = kex_c25519_enc(kex, client_pubkey, &server_pubkey,
|
||||
- &shared_secret);
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Key exchange type c25519 is not alowed in FIPS mode");
|
||||
+ logit_f("Key exchange type c25519 is not allowed in FIPS mode");
|
||||
+ r = SSH_ERR_INVALID_ARGUMENT;
|
||||
+ } else {
|
||||
+ r = kex_c25519_enc(kex, client_pubkey, &server_pubkey,
|
||||
|
|
@ -537,7 +572,7 @@ diff -up openssh-8.7p1/kexgen.c.fips3 openssh-8.7p1/kexgen.c
|
|||
- r = kex_kem_sntrup761x25519_enc(kex, client_pubkey,
|
||||
- &server_pubkey, &shared_secret);
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Key exchange type sntrup761 is not alowed in FIPS mode");
|
||||
+ logit_f("Key exchange type sntrup761 is not allowed in FIPS mode");
|
||||
+ r = SSH_ERR_INVALID_ARGUMENT;
|
||||
+ } else {
|
||||
+ r = kex_kem_sntrup761x25519_enc(kex, client_pubkey,
|
||||
|
|
@ -562,7 +597,7 @@ diff -up openssh-8.7p1/ssh-ed25519.c.fips3 openssh-8.7p1/ssh-ed25519.c
|
|||
datalen >= INT_MAX - crypto_sign_ed25519_BYTES)
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Ed25519 keys are not alowed in FIPS mode");
|
||||
+ logit_f("Ed25519 keys are not allowed in FIPS mode");
|
||||
+ return SSH_ERR_INVALID_ARGUMENT;
|
||||
+ }
|
||||
smlen = slen = datalen + crypto_sign_ed25519_BYTES;
|
||||
|
|
@ -573,7 +608,7 @@ diff -up openssh-8.7p1/ssh-ed25519.c.fips3 openssh-8.7p1/ssh-ed25519.c
|
|||
signature == NULL || signaturelen == 0)
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
+ if (FIPS_mode()) {
|
||||
+ logit("Ed25519 keys are not alowed in FIPS mode");
|
||||
+ logit_f("Ed25519 keys are not allowed in FIPS mode");
|
||||
+ return SSH_ERR_INVALID_ARGUMENT;
|
||||
+ }
|
||||
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@
|
|||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%global openssh_ver 8.7p1
|
||||
%global openssh_rel 13
|
||||
%global openssh_rel 14
|
||||
%global pam_ssh_agent_ver 0.10.4
|
||||
%global pam_ssh_agent_rel 4
|
||||
|
||||
|
|
@ -720,6 +720,10 @@ test -f %{sysconfig_anaconda} && \
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Jul 13 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-14
|
||||
- Disable ed25519 and ed25519-sk keys in FIPS mode
|
||||
Related: rhbz#2087915
|
||||
|
||||
* Tue Jul 12 2022 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-13
|
||||
- Add reference for policy customization in ssh/sshd_config manpages
|
||||
Resolves: rhbz#1984575
|
||||
|
|
|
|||
Loading…
Reference in New Issue