From fecdc3cc0e6d051ebbe06414a15c6634a4126a8b Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Tue, 14 Apr 2020 12:26:50 +0200 Subject: [PATCH] Disable RSA and DSA keys with sha1 by default Fixes: T218 Signed-off-by: Jakub Jelen Reviewed-by: Anderson Toshiyuki Sasaki --- src/kex.c | 32 +++++++++++++------- tests/unittests/torture_knownhosts_parsing.c | 16 +++------- 2 files changed, 25 insertions(+), 23 deletions(-) diff --git a/src/kex.c b/src/kex.c index 80b6e8ad..aa817325 100644 --- a/src/kex.c +++ b/src/kex.c @@ -131,6 +131,11 @@ "rsa-sha2-256," \ "ssh-rsa" \ DSA_HOSTKEYS +#define DEFAULT_HOSTKEYS "ssh-ed25519," \ + EC_HOSTKEYS \ + "rsa-sha2-512," \ + "rsa-sha2-256" + #define PUBLIC_KEY_ALGORITHMS "ssh-ed25519-cert-v01@openssh.com," \ EC_PUBLIC_KEY_ALGORITHMS \ "rsa-sha2-512-cert-v01@openssh.com," \ @@ -138,6 +143,11 @@ "ssh-rsa-cert-v01@openssh.com" \ DSA_PUBLIC_KEY_ALGORITHMS "," \ HOSTKEYS +#define DEFAULT_PUBLIC_KEY_ALGORITHMS "ssh-ed25519-cert-v01@openssh.com," \ + EC_PUBLIC_KEY_ALGORITHMS \ + "rsa-sha2-512-cert-v01@openssh.com," \ + "rsa-sha2-256-cert-v01@openssh.com," \ + DEFAULT_HOSTKEYS #ifdef WITH_GEX #define GEX_SHA256 "diffie-hellman-group-exchange-sha256," @@ -212,17 +222,17 @@ static const char *fips_methods[] = { /* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */ static const char *default_methods[] = { - KEY_EXCHANGE, - PUBLIC_KEY_ALGORITHMS, - AES BLOWFISH DES, - AES BLOWFISH DES, - "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", - "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", - "none", - "none", - "", - "", - NULL + KEY_EXCHANGE, + DEFAULT_PUBLIC_KEY_ALGORITHMS, + CHACHA20 AES BLOWFISH DES, + CHACHA20 AES BLOWFISH DES, + "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", + "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", + "none", + "none", + "", + "", + NULL }; /* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */ diff --git a/tests/unittests/torture_knownhosts_parsing.c b/tests/unittests/torture_knownhosts_parsing.c index 1c2ccc10..bde0eb60 100644 --- a/tests/unittests/torture_knownhosts_parsing.c +++ b/tests/unittests/torture_knownhosts_parsing.c @@ -574,13 +574,9 @@ static void torture_knownhosts_algorithms(void **state) char *algo_list = NULL; ssh_session session; bool process_config = false; - const char *expect = "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa," + const char *expect = "ssh-ed25519,rsa-sha2-512,rsa-sha2-256," "ecdsa-sha2-nistp521,ecdsa-sha2-nistp384," - "ecdsa-sha2-nistp256" -#ifdef HAVE_DSA - ",ssh-dss" -#endif - ; + "ecdsa-sha2-nistp256"; const char *expect_fips = "rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521," "ecdsa-sha2-nistp384,ecdsa-sha2-nistp256"; @@ -613,13 +609,9 @@ static void torture_knownhosts_algorithms_global(void **state) char *algo_list = NULL; ssh_session session; bool process_config = false; - const char *expect = "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa," + const char *expect = "ssh-ed25519,rsa-sha2-512,rsa-sha2-256," "ecdsa-sha2-nistp521,ecdsa-sha2-nistp384," - "ecdsa-sha2-nistp256" -#ifdef HAVE_DSA - ",ssh-dss" -#endif - ; + "ecdsa-sha2-nistp256"; const char *expect_fips = "rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521," "ecdsa-sha2-nistp384,ecdsa-sha2-nistp256";