===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshkey.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- src/usr.bin/ssh/sshkey.c	2015/05/21 04:55:51	1.19
+++ src/usr.bin/ssh/sshkey.c	2015/07/03 03:43:18	1.20
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.19 2015/05/21 04:55:51 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.20 2015/07/03 03:43:18 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -99,10 +99,6 @@
 	    KEY_ECDSA_CERT, NID_secp384r1, 1 },
 	{ "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT",
 	    KEY_ECDSA_CERT, NID_secp521r1, 1 },
-	{ "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00",
-	    KEY_RSA_CERT_V00, 0, 1 },
-	{ "ssh-dss-cert-v00@openssh.com", "DSA-CERT-V00",
-	    KEY_DSA_CERT_V00, 0, 1 },
 #endif /* WITH_OPENSSL */
 	{ NULL, NULL, -1, -1, 0 }
 };
@@ -260,11 +256,9 @@
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		return BN_num_bits(k->rsa->n);
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		return BN_num_bits(k->dsa->p);
 	case KEY_ECDSA:
@@ -278,18 +272,6 @@
 	return 0;
 }
 
-int
-sshkey_cert_is_legacy(const struct sshkey *k)
-{
-	switch (k->type) {
-	case KEY_DSA_CERT_V00:
-	case KEY_RSA_CERT_V00:
-		return 1;
-	default:
-		return 0;
-	}
-}
-
 static int
 sshkey_type_is_valid_ca(int type)
 {
@@ -317,10 +299,8 @@
 sshkey_type_plain(int type)
 {
 	switch (type) {
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		return KEY_RSA;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		return KEY_DSA;
 	case KEY_ECDSA_CERT:
@@ -477,7 +457,6 @@
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((rsa = RSA_new()) == NULL ||
 		    (rsa->n = BN_new()) == NULL ||
@@ -490,7 +469,6 @@
 		k->rsa = rsa;
 		break;
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((dsa = DSA_new()) == NULL ||
 		    (dsa->p = BN_new()) == NULL ||
@@ -538,7 +516,6 @@
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 #define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL)
 		if (bn_maybe_alloc_failed(k->rsa->d) ||
@@ -550,7 +527,6 @@
 			return SSH_ERR_ALLOC_FAIL;
 		break;
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if (bn_maybe_alloc_failed(k->dsa->priv_key))
 			return SSH_ERR_ALLOC_FAIL;
@@ -596,14 +572,12 @@
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if (k->rsa != NULL)
 			RSA_free(k->rsa);
 		k->rsa = NULL;
 		break;
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if (k->dsa != NULL)
 			DSA_free(k->dsa);
@@ -673,13 +647,11 @@
 	switch (a->type) {
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 	case KEY_RSA:
 		return a->rsa != NULL && b->rsa != NULL &&
 		    BN_cmp(a->rsa->e, b->rsa->e) == 0 &&
 		    BN_cmp(a->rsa->n, b->rsa->n) == 0;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_DSA:
 		return a->dsa != NULL && b->dsa != NULL &&
@@ -748,8 +720,6 @@
 
 	switch (type) {
 #ifdef WITH_OPENSSL
-	case KEY_DSA_CERT_V00:
-	case KEY_RSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_ECDSA_CERT:
 	case KEY_RSA_CERT:
@@ -1271,8 +1241,6 @@
 	case KEY_DSA:
 	case KEY_ECDSA:
 	case KEY_ED25519:
-	case KEY_DSA_CERT_V00:
-	case KEY_RSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_ECDSA_CERT:
 	case KEY_RSA_CERT:
@@ -1763,7 +1731,6 @@
 	switch (k->type) {
 #ifdef WITH_OPENSSL
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((n = sshkey_new(k->type)) == NULL)
 			return SSH_ERR_ALLOC_FAIL;
@@ -1793,7 +1760,6 @@
 		break;
 	case KEY_RSA:
 	case KEY_RSA1:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((n = sshkey_new(k->type)) == NULL)
 			return SSH_ERR_ALLOC_FAIL;
@@ -1837,21 +1803,20 @@
 	u_char *sig = NULL;
 	size_t signed_len = 0, slen = 0, kidlen = 0;
 	int ret = SSH_ERR_INTERNAL_ERROR;
-	int v00 = sshkey_cert_is_legacy(key);
 
 	/* Copy the entire key blob for verification and later serialisation */
 	if ((ret = sshbuf_putb(key->cert->certblob, certbuf)) != 0)
 		return ret;
 
-	if ((!v00 && (ret = sshbuf_get_u64(b, &key->cert->serial)) != 0) ||
+	/* Parse body of certificate up to signature */
+	if ((ret = sshbuf_get_u64(b, &key->cert->serial)) != 0 ||
 	    (ret = sshbuf_get_u32(b, &key->cert->type)) != 0 ||
 	    (ret = sshbuf_get_cstring(b, &key->cert->key_id, &kidlen)) != 0 ||
 	    (ret = sshbuf_froms(b, &principals)) != 0 ||
 	    (ret = sshbuf_get_u64(b, &key->cert->valid_after)) != 0 ||
 	    (ret = sshbuf_get_u64(b, &key->cert->valid_before)) != 0 ||
 	    (ret = sshbuf_froms(b, &crit)) != 0 ||
-	    (!v00 && (ret = sshbuf_froms(b, &exts)) != 0) ||
-	    (v00 && (ret = sshbuf_get_string_direct(b, NULL, NULL)) != 0) ||
+	    (ret = sshbuf_froms(b, &exts)) != 0 ||
 	    (ret = sshbuf_get_string_direct(b, NULL, NULL)) != 0 ||
 	    (ret = sshbuf_froms(b, &ca)) != 0) {
 		/* XXX debug print error for ret */
@@ -1888,9 +1853,8 @@
 			goto out;
 		}
 		oprincipals = key->cert->principals;
-		key->cert->principals = realloc(key->cert->principals,
-		    (key->cert->nprincipals + 1) *
-		    sizeof(*key->cert->principals));
+		key->cert->principals = reallocarray(key->cert->principals,
+		    key->cert->nprincipals + 1, sizeof(*key->cert->principals));
 		if (key->cert->principals == NULL) {
 			free(principal);
 			key->cert->principals = oprincipals;
@@ -1911,7 +1875,6 @@
 
 	/*
 	 * Validate critical options and extensions sections format.
-	 * NB. extensions are not present in v00 certs.
 	 */
 	while (sshbuf_len(crit) != 0) {
 		if ((ret = sshbuf_get_string_direct(crit, NULL, NULL)) != 0 ||
@@ -1996,7 +1959,6 @@
 		}
 		/* FALLTHROUGH */
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 		if ((key = sshkey_new(type)) == NULL) {
 			ret = SSH_ERR_ALLOC_FAIL;
 			goto out;
@@ -2018,7 +1980,6 @@
 		}
 		/* FALLTHROUGH */
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 		if ((key = sshkey_new(type)) == NULL) {
 			ret = SSH_ERR_ALLOC_FAIL;
 			goto out;
@@ -2186,14 +2147,12 @@
 		return SSH_ERR_INVALID_ARGUMENT;
 	switch (key->type) {
 #ifdef WITH_OPENSSL
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_DSA:
 		return ssh_dss_sign(key, sigp, lenp, data, datalen, compat);
 	case KEY_ECDSA_CERT:
 	case KEY_ECDSA:
 		return ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat);
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 	case KEY_RSA:
 		return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat);
@@ -2218,14 +2177,12 @@
 		return SSH_ERR_INVALID_ARGUMENT;
 	switch (key->type) {
 #ifdef WITH_OPENSSL
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_DSA:
 		return ssh_dss_verify(key, sig, siglen, data, dlen, compat);
 	case KEY_ECDSA_CERT:
 	case KEY_ECDSA:
 		return ssh_ecdsa_verify(key, sig, siglen, data, dlen, compat);
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 	case KEY_RSA:
 		return ssh_rsa_verify(key, sig, siglen, data, dlen, compat);
@@ -2261,7 +2218,6 @@
 
 	switch (k->type) {
 #ifdef WITH_OPENSSL
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((ret = sshkey_cert_copy(k, pk)) != 0)
 			goto fail;
@@ -2275,7 +2231,6 @@
 			goto fail;
 			}
 		break;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((ret = sshkey_cert_copy(k, pk)) != 0)
 			goto fail;
@@ -2332,27 +2287,23 @@
 
 /* Convert a plain key to their _CERT equivalent */
 int
-sshkey_to_certified(struct sshkey *k, int legacy)
+sshkey_to_certified(struct sshkey *k)
 {
 	int newtype;
 
 	switch (k->type) {
 #ifdef WITH_OPENSSL
 	case KEY_RSA:
-		newtype = legacy ? KEY_RSA_CERT_V00 : KEY_RSA_CERT;
+		newtype = KEY_RSA_CERT;
 		break;
 	case KEY_DSA:
-		newtype = legacy ? KEY_DSA_CERT_V00 : KEY_DSA_CERT;
+		newtype = KEY_DSA_CERT;
 		break;
 	case KEY_ECDSA:
-		if (legacy)
-			return SSH_ERR_INVALID_ARGUMENT;
 		newtype = KEY_ECDSA_CERT;
 		break;
 #endif /* WITH_OPENSSL */
 	case KEY_ED25519:
-		if (legacy)
-			return SSH_ERR_INVALID_ARGUMENT;
 		newtype = KEY_ED25519_CERT;
 		break;
 	default:
@@ -2404,15 +2355,12 @@
 
 	/* -v01 certs put nonce first */
 	arc4random_buf(&nonce, sizeof(nonce));
-	if (!sshkey_cert_is_legacy(k)) {
-		if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0)
-			goto out;
-	}
+	if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0)
+		goto out;
 
 	/* XXX this substantially duplicates to_blob(); refactor */
 	switch (k->type) {
 #ifdef WITH_OPENSSL
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((ret = sshbuf_put_bignum2(cert, k->dsa->p)) != 0 ||
 		    (ret = sshbuf_put_bignum2(cert, k->dsa->q)) != 0 ||
@@ -2428,7 +2376,6 @@
 		    EC_KEY_get0_group(k->ecdsa))) != 0)
 			goto out;
 		break;
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((ret = sshbuf_put_bignum2(cert, k->rsa->e)) != 0 ||
 		    (ret = sshbuf_put_bignum2(cert, k->rsa->n)) != 0)
@@ -2445,13 +2392,8 @@
 		goto out;
 	}
 
-	/* -v01 certs have a serial number next */
-	if (!sshkey_cert_is_legacy(k)) {
-		if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0)
-			goto out;
-	}
-
-	if ((ret = sshbuf_put_u32(cert, k->cert->type)) != 0 ||
+	if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0 ||
+	    (ret = sshbuf_put_u32(cert, k->cert->type)) != 0 ||
 	    (ret = sshbuf_put_cstring(cert, k->cert->key_id)) != 0)
 		goto out;
 
@@ -2467,22 +2409,9 @@
 	if ((ret = sshbuf_put_stringb(cert, principals)) != 0 ||
 	    (ret = sshbuf_put_u64(cert, k->cert->valid_after)) != 0 ||
 	    (ret = sshbuf_put_u64(cert, k->cert->valid_before)) != 0 ||
-	    (ret = sshbuf_put_stringb(cert, k->cert->critical)) != 0)
-		goto out;
-
-	/* -v01 certs have non-critical options here */
-	if (!sshkey_cert_is_legacy(k)) {
-		if ((ret = sshbuf_put_stringb(cert, k->cert->extensions)) != 0)
-			goto out;
-	}
-
-	/* -v00 certs put the nonce at the end */
-	if (sshkey_cert_is_legacy(k)) {
-		if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0)
-			goto out;
-	}
-
-	if ((ret = sshbuf_put_string(cert, NULL, 0)) != 0 || /* Reserved */
+	    (ret = sshbuf_put_stringb(cert, k->cert->critical)) != 0 ||
+	    (ret = sshbuf_put_stringb(cert, k->cert->extensions)) != 0 ||
+	    (ret = sshbuf_put_string(cert, NULL, 0)) != 0 || /* Reserved */
 	    (ret = sshbuf_put_string(cert, ca_blob, ca_len)) != 0)
 		goto out;
 
@@ -2582,7 +2511,6 @@
 		    (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0)
 			goto out;
 		break;
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) {
 			r = SSH_ERR_INVALID_ARGUMENT;
@@ -2603,7 +2531,6 @@
 		    (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0)
 			goto out;
 		break;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) {
 			r = SSH_ERR_INVALID_ARGUMENT;
@@ -2692,7 +2619,6 @@
 		    (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0)
 			goto out;
 		break;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((r = sshkey_froms(buf, &k)) != 0 ||
 		    (r = sshkey_add_private(k)) != 0 ||
@@ -2763,7 +2689,6 @@
 		    (r = rsa_generate_additional_parameters(k->rsa)) != 0)
 			goto out;
 		break;
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((r = sshkey_froms(buf, &k)) != 0 ||
 		    (r = sshkey_add_private(k)) != 0 ||
@@ -2813,7 +2738,6 @@
 	/* enable blinding */
 	switch (k->type) {
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 	case KEY_RSA1:
 		if (RSA_blinding_on(k->rsa, NULL) != 1) {