package/network/services/dropbear/patches/910-signkey-fix-use-of-rsa-sha2-256-pubkeys.patch - T108 - Gitiles

 From 667d9b75df86ec9ee1205f9101beb8dbbe4a00ae Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz>
 Date: Wed, 1 Jul 2020 11:38:33 +0200
 Subject: [PATCH] signkey: fix use of rsa-sha2-256 pubkeys
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit

 Commit 972d723484d8 ("split signkey_type and signature_type for RSA sha1
 vs sha256") has added strict checking of pubkey algorithms which made
 keys with SHA-256 hashing algorithm unusable as they still reuse the
 `ssh-rsa` public key format. So fix this by disabling the check for
 rsa-sha2-256 pubkeys.

 Ref: https://tools.ietf.org/html/rfc8332#section-3
 Fixes: 972d723484d8 ("split signkey_type and signature_type for RSA sha1 vs sha256")
 Signed-off-by: Petr Štetiar <ynezz@true.cz>
 ---
  signkey.c | 8 ++++++--
  1 file changed, 6 insertions(+), 2 deletions(-)

 --- a/src/signkey.c
 +++ b/src/signkey.c
 @@ -652,10 +652,18 @@ int buf_verify(buffer * buf, sign_key *k
  	sigtype = signature_type_from_name(type_name, type_name_len);
  	m_free(type_name);

 -	if (expect_sigtype != sigtype) {
 -			dropbear_exit("Non-matching signing type");
 +	if (sigtype == DROPBEAR_SIGNATURE_NONE) {
 +		dropbear_exit("No signature type");
  	}

 +#if DROPBEAR_RSA
 +#if DROPBEAR_RSA_SHA256
 +	if ((expect_sigtype != DROPBEAR_SIGNATURE_RSA_SHA256) && (expect_sigtype != sigtype)) {
 +		dropbear_exit("Non-matching signing type");
 +	}
 +#endif
 +#endif
 +
  	keytype = signkey_type_from_signature(sigtype);
  #if DROPBEAR_DSS
  	if (keytype == DROPBEAR_SIGNKEY_DSS) {
	From 667d9b75df86ec9ee1205f9101beb8dbbe4a00ae Mon Sep 17 00:00:00 2001
	From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz>
	Date: Wed, 1 Jul 2020 11:38:33 +0200
	Subject: [PATCH] signkey: fix use of rsa-sha2-256 pubkeys
	MIME-Version: 1.0
	Content-Type: text/plain; charset=UTF-8
	Content-Transfer-Encoding: 8bit

	Commit 972d723484d8 ("split signkey_type and signature_type for RSA sha1
	vs sha256") has added strict checking of pubkey algorithms which made
	keys with SHA-256 hashing algorithm unusable as they still reuse the
	`ssh-rsa` public key format. So fix this by disabling the check for
	rsa-sha2-256 pubkeys.

	Ref: https://tools.ietf.org/html/rfc8332#section-3
	Fixes: 972d723484d8 ("split signkey_type and signature_type for RSA sha1 vs sha256")
	Signed-off-by: Petr Štetiar <ynezz@true.cz>
	---
	signkey.c \| 8 ++++++--
	1 file changed, 6 insertions(+), 2 deletions(-)

	--- a/src/signkey.c
	+++ b/src/signkey.c
	@@ -652,10 +652,18 @@ int buf_verify(buffer * buf, sign_key *k
	sigtype = signature_type_from_name(type_name, type_name_len);
	m_free(type_name);

	- if (expect_sigtype != sigtype) {
	- dropbear_exit("Non-matching signing type");
	+ if (sigtype == DROPBEAR_SIGNATURE_NONE) {
	+ dropbear_exit("No signature type");
	}

	+#if DROPBEAR_RSA
	+#if DROPBEAR_RSA_SHA256
	+ if ((expect_sigtype != DROPBEAR_SIGNATURE_RSA_SHA256) && (expect_sigtype != sigtype)) {
	+ dropbear_exit("Non-matching signing type");
	+ }
	+#endif
	+#endif
	+
	keytype = signkey_type_from_signature(sigtype);
	#if DROPBEAR_DSS
	if (keytype == DROPBEAR_SIGNKEY_DSS) {