Index: auth2-jpake.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth2-jpake.c,v retrieving revision 1.2 diff -u -p -u -p -r1.2 auth2-jpake.c --- auth2-jpake.c 7 Nov 2008 23:34:48 -0000 1.2 +++ auth2-jpake.c 23 Feb 2009 01:33:48 -0000 @@ -57,6 +57,8 @@ #include "jpake.h" +extern const EVP_MD *evp_ssh_sha256(void); + /* * XXX options->permit_empty_passwd (at the moment, they will be refused * anyway because they will mismatch on fake salt. @@ -164,7 +166,7 @@ derive_rawsalt(const char *username, u_c default: fatal("%s: unknown key type %d", __func__, k->type); } - if (hash_buffer(buffer_ptr(&b), buffer_len(&b), EVP_sha256(), + if (hash_buffer(buffer_ptr(&b), buffer_len(&b), evp_ssh_sha256(), &digest, &digest_len) != 0) fatal("%s: hash_buffer", __func__); buffer_free(&b); @@ -343,7 +345,7 @@ auth2_jpake_get_pwdata(Authctxt *authctx fake_salt_and_scheme(authctxt, salt, hash_scheme); if (hash_buffer(authctxt->pw->pw_passwd, - strlen(authctxt->pw->pw_passwd), EVP_sha256(), + strlen(authctxt->pw->pw_passwd), evp_ssh_sha256(), &secret, &secret_len) != 0) fatal("%s: hash_buffer", __func__); if ((*s = BN_bin2bn(secret, secret_len, NULL)) == NULL) Index: jpake.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/jpake.c,v retrieving revision 1.1 diff -u -p -u -p -r1.1 jpake.c --- jpake.c 4 Nov 2008 08:22:12 -0000 1.1 +++ jpake.c 23 Feb 2009 01:33:48 -0000 @@ -48,6 +48,8 @@ #ifdef JPAKE +extern const EVP_MD *evp_ssh_sha256(void); + /* RFC3526 group 5, 1536 bits */ #define JPAKE_GROUP_G "2" #define JPAKE_GROUP_P \ @@ -486,7 +488,7 @@ jpake_confirm_hash(const BIGNUM *k, buffer_put_bignum2(&b, k); buffer_put_string(&b, endpoint_id, endpoint_id_len); buffer_put_string(&b, sess_id, sess_id_len); - if (hash_buffer(buffer_ptr(&b), buffer_len(&b), EVP_sha256(), + if (hash_buffer(buffer_ptr(&b), buffer_len(&b), evp_ssh_sha256(), confirm_hash, confirm_hash_len) != 0) fatal("%s: hash_buffer", __func__); buffer_free(&b); Index: kex.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/kex.c,v retrieving revision 1.80 diff -u -p -u -p -r1.80 kex.c --- kex.c 6 Sep 2008 12:24:13 -0000 1.80 +++ kex.c 23 Feb 2009 01:33:48 -0000 @@ -51,6 +51,7 @@ /* prototype */ static void kex_kexinit_finish(Kex *); static void kex_choose_conf(Kex *); +extern const EVP_MD *evp_ssh_sha256(void); /* put algorithm proposal into buffer */ static void @@ -313,7 +314,7 @@ choose_kex(Kex *k, char *client, char *s k->evp_md = EVP_sha1(); } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) { k->kex_type = KEX_DH_GEX_SHA256; - k->evp_md = EVP_sha256(); + k->evp_md = evp_ssh_sha256(); } else fatal("bad kex alg %s", k->name); } Index: md-sha256.c =================================================================== RCS file: md-sha256.c diff -N md-sha256.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ md-sha256.c 23 Feb 2009 01:33:48 -0000 @@ -0,0 +1,73 @@ +/* $OpenBSD: md-sha256.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */ +/* + * Copyright (c) 2005 Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* EVP wrapper for SHA256 */ + +#include + +#include + +#include +#include + +const EVP_MD *evp_ssh_sha256(void); + +static int +ssh_sha256_init(EVP_MD_CTX *ctxt) +{ + SHA256_Init(ctxt->md_data); + return (1); +} + +static int +ssh_sha256_update(EVP_MD_CTX *ctxt, const void *data, unsigned long len) +{ + SHA256_Update(ctxt->md_data, data, len); + return (1); +} + +static int +ssh_sha256_final(EVP_MD_CTX *ctxt, unsigned char *digest) +{ + SHA256_Final(digest, ctxt->md_data); + return (1); +} + +static int +ssh_sha256_cleanup(EVP_MD_CTX *ctxt) +{ + memset(ctxt->md_data, 0, sizeof(SHA256_CTX)); + return (1); +} + +const EVP_MD * +evp_ssh_sha256(void) +{ + static EVP_MD ssh_sha256; + + memset(&ssh_sha256, 0, sizeof(ssh_sha256)); + ssh_sha256.type = NID_undef; + ssh_sha256.md_size = SHA256_DIGEST_LENGTH; + ssh_sha256.init = ssh_sha256_init; + ssh_sha256.update = ssh_sha256_update; + ssh_sha256.final = ssh_sha256_final; + ssh_sha256.cleanup = ssh_sha256_cleanup; + ssh_sha256.block_size = SHA256_BLOCK_LENGTH; + ssh_sha256.ctx_size = sizeof(SHA256_CTX); + + return (&ssh_sha256); +} Index: schnorr.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/schnorr.c,v retrieving revision 1.2 diff -u -p -u -p -r1.2 schnorr.c --- schnorr.c 18 Feb 2009 04:31:21 -0000 1.2 +++ schnorr.c 23 Feb 2009 01:33:48 -0000 @@ -55,6 +55,8 @@ # define SCHNORR_DEBUG_BUF(a) jpake_debug3_buf a #endif /* SCHNORR_DEBUG */ +extern const EVP_MD *evp_ssh_sha256(void); + /* * Calculate hash component of Schnorr signature H(g || g^v || g^x || id) * using SHA1. Returns signature as bignum or NULL on error. @@ -89,7 +91,7 @@ schnorr_hash(const BIGNUM *p, const BIGN SCHNORR_DEBUG_BUF((buffer_ptr(&b), buffer_len(&b), "%s: hashblob", __func__)); - if (hash_buffer(buffer_ptr(&b), buffer_len(&b), EVP_sha256(), + if (hash_buffer(buffer_ptr(&b), buffer_len(&b), evp_ssh_sha256(), &digest, &digest_len) != 0) { error("%s: hash_buffer", __func__); goto out; Index: sshconnect2.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshconnect2.c,v retrieving revision 1.170 diff -u -p -u -p -r1.170 sshconnect2.c --- sshconnect2.c 4 Nov 2008 08:22:13 -0000 1.170 +++ sshconnect2.c 23 Feb 2009 01:33:48 -0000 @@ -72,6 +72,7 @@ extern char *client_version_string; extern char *server_version_string; extern Options options; +extern const EVP_MD *evp_ssh_sha256(void); /* * SSH2 key exchange @@ -911,7 +912,7 @@ jpake_password_to_secret(Authctxt *authc debug3("%s: crypted = %s", __func__, crypted); #endif - if (hash_buffer(crypted, strlen(crypted), EVP_sha256(), + if (hash_buffer(crypted, strlen(crypted), evp_ssh_sha256(), &secret, &secret_len) != 0) fatal("%s: hash_buffer", __func__); Index: lib/Makefile =================================================================== RCS file: /cvs/src/usr.bin/ssh/lib/Makefile,v retrieving revision 1.58 diff -u -p -u -p -r1.58 Makefile --- lib/Makefile 4 Nov 2008 08:22:13 -0000 1.58 +++ lib/Makefile 23 Feb 2009 01:33:48 -0000 @@ -12,7 +12,7 @@ SRCS= authfd.c authfile.c bufaux.c bufbn key.c dispatch.c kex.c mac.c uidswap.c uuencode.c misc.c \ ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \ kexdhc.c kexgexc.c scard.c msg.c progressmeter.c dns.c \ - monitor_fdpass.c umac.c addrmatch.c schnorr.c jpake.c + monitor_fdpass.c umac.c addrmatch.c schnorr.c jpake.c md-sha256.c DEBUGLIBS= no NOPROFILE= yes