Buildable on RHEL 8. Passing tests on RHEL 9.

kexdh.c

@@ -85,6 +85,10 @@ kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out)
 	u_char *kbuf = NULL;
 	size_t klen = 0;
 	int r = 0;
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
+	DH *dh_peer = NULL;
+	BIGNUM *copy_p = NULL, *copy_q = NULL, *copy_g = NULL, *copy_pub = NULL;
+#endif
 
 #ifdef DEBUG_KEXDH
 	fprintf(stderr, "dh_pub= ");
@@ -100,6 +104,7 @@ kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out)
 		goto out;
 	}
 
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	DH_get0_key(kex->dh, &pub, &priv);
 	DH_get0_pqg(kex->dh, &p, &q, &g);
 	/* import key */
@@ -109,7 +114,7 @@ kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out)
 		ERR_print_errors_fp(stderr);
 		goto out;
 	}
-	/* import peer key 
+	/* import peer key
 	 * the parameters should be the same as with pkey
 	 */
 	r = kex_create_evp_dh(&dh_pkey, p, q, g, dh_pub, NULL);
@@ -118,9 +123,62 @@ kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out)
 		ERR_print_errors_fp(stderr);
 		goto out;
 	}
+#else
+	DH_get0_pqg(kex->dh, &p, &q, &g);
+	if ((pkey = EVP_PKEY_new()) == NULL) {
+		r = SSH_ERR_ALLOC_FAIL;
+		goto out;
+	}
+
+	if (EVP_PKEY_set1_DH(pkey, kex->dh) != 1) {
+		r = SSH_ERR_LIBCRYPTO_ERROR;
+		goto out;
+	}
+
+	if ((dh_peer = DH_new()) == NULL) {
+		r = SSH_ERR_ALLOC_FAIL;
+		goto out;
+	}
+
+	copy_p = BN_dup(p);
+	copy_q = BN_dup(q);
+	copy_g = BN_dup(g);
+	if (DH_set0_pqg(dh_peer, copy_p, copy_q, copy_g) != 1) {
+		BN_free(copy_p);
+		BN_free(copy_q);
+		BN_free(copy_g);
+		DH_free(dh_peer);
+		r = SSH_ERR_LIBCRYPTO_ERROR;
+		goto out;
+	}
+	copy_p = copy_q = copy_g = NULL;
+
+	copy_pub = BN_dup(dh_pub);
+	if (DH_set0_key(dh_peer, copy_pub, NULL) != 1) {
+		BN_free(copy_pub);
+		DH_free(dh_peer);
+		r = SSH_ERR_LIBCRYPTO_ERROR;
+		goto out;
+	}
+	copy_pub = NULL;
+
+	if ((dh_pkey = EVP_PKEY_new()) == NULL) {
+		DH_free(dh_peer);
+		r = SSH_ERR_ALLOC_FAIL;
+		goto out;
+	}
+
+	if (EVP_PKEY_set1_DH(dh_pkey, dh_peer) != 1) {
+		DH_free(dh_peer);
+		r = SSH_ERR_LIBCRYPTO_ERROR;
+		goto out;
+	}
+	DH_free(dh_peer);
+#endif
 
 	if ((ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) {
 		error_f("Could not init EVP_PKEY_CTX for dh");
+		ERR_print_errors_fp(stderr);
 		r = SSH_ERR_ALLOC_FAIL;
 		goto out;
 	}
@@ -244,6 +302,7 @@ kex_dh_dec(struct kex *kex, const struct sshbuf *dh_blob,
 	sshbuf_free(buf);
 	return r;
 }
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 /* 
  * Creates an EVP_PKEY from the given parameters and keys.
  * The private key can be omitted.
@@ -252,7 +311,6 @@ int
 kex_create_evp_dh(EVP_PKEY **pkey, const BIGNUM *p, const BIGNUM *q,
     const BIGNUM *g, const BIGNUM *pub, const BIGNUM *priv)
 {
-#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	OSSL_PARAM_BLD *param_bld = NULL;
 	EVP_PKEY_CTX *ctx = NULL;
 	int r = 0;
@@ -286,7 +344,6 @@ kex_create_evp_dh(EVP_PKEY **pkey, const BIGNUM *p, const BIGNUM *q,
 	OSSL_PARAM_BLD_free(param_bld);
 	EVP_PKEY_CTX_free(ctx);
 	return r;
-#else
-#endif
 }
+#endif
 #endif /* WITH_OPENSSL */

kexecdh.c

@@ -194,9 +194,8 @@ kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob,
 	}
 	if ((r = sshbuf_put_stringb(buf, ec_blob)) != 0)
 		goto out;
-
 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
-	if ((r = sshbuf_get_ec(buf, &pub, &publen)) != 0)
+	if ((r = sshbuf_get_string(buf, &pub, &publen)) != 0)
 		goto out;
 	sshbuf_reset(buf);
 	if ((group_name = OSSL_EC_curve_nid2name(kex->ec_nid)) == NULL) {
@@ -233,7 +232,7 @@ kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob,
 		r = SSH_ERR_ALLOC_FAIL;
 		goto out;
 	}
-	if ((r = sshbuf_get_eckey(ec_blob, ec)) != 0)
+	if ((r = sshbuf_get_eckey(buf, ec)) != 0)
 		goto out;
 
 	if ((peer_key = EVP_PKEY_new()) == NULL) {

packet.c

@@ -2605,7 +2605,7 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
 int
 sshpkt_get_ec(struct ssh *ssh, u_char **pubkey, size_t *pubkey_len)
 {
-	return sshbuf_get_ec(ssh->state->incoming_packet, pubkey, pubkey_len);
+	return sshbuf_get_string(ssh->state->incoming_packet, pubkey, pubkey_len);
 }
 
 int

regress/unittests/sshbuf/test_sshbuf_getput_crypto.c

@@ -17,12 +17,17 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <openssl/ec.h>
 #include <openssl/bn.h>
 #include <openssl/objects.h>
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 #include <openssl/evp.h>
 #include <openssl/param_build.h>
 #include <openssl/core_names.h>
+#else
+#ifdef OPENSSL_HAS_NISTP256
+# include <openssl/ec.h>
+#endif
+#endif
 
 #include "../test_helper/test_helper.h"
 #include "ssherr.h"
@@ -68,13 +73,17 @@ sshbuf_getput_crypto_tests(void)
 		0xc8, 0xf9, 0xa3, 0x5e, 0x42, 0xbd, 0xd0, 0x47,
 		0x55, 0x0f, 0x69, 0xd8, 0x0e, 0xc2, 0x3c, 0xd4
 	};
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	EVP_PKEY *eck = NULL;
 	EVP_PKEY_CTX *ctx = NULL;
 	OSSL_PARAM_BLD *param_bld = NULL;
 	OSSL_PARAM *params = NULL;
 	EC_GROUP *g = NULL;
 	u_char *pubkey = NULL;
 	size_t pubkey_len;
+#else
+	EC_KEY *eck;
+#endif
 	EC_POINT *ecp;
 #endif
 	int r;
@@ -232,19 +241,25 @@ sshbuf_getput_crypto_tests(void)
 
 #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
 	TEST_START("sshbuf_put_ec");
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	param_bld = OSSL_PARAM_BLD_new();
 	ASSERT_PTR_NE(param_bld, NULL);
 	ASSERT_INT_EQ(OSSL_PARAM_BLD_push_utf8_string(param_bld,
 	    OSSL_PKEY_PARAM_GROUP_NAME, ec256_sn, strlen(ec256_sn)), 1);
+#else
+	eck = EC_KEY_new_by_curve_name(ec256_nid);
+	ASSERT_PTR_NE(eck, NULL);
+	ecp = EC_POINT_new(EC_KEY_get0_group(eck));
+	ASSERT_PTR_NE(ecp, NULL);
+#endif
 	MKBN(ec256_x, bn_x);
 	MKBN(ec256_y, bn_y);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	g = EC_GROUP_new_by_curve_name(ec256_nid);
 	ecp = EC_POINT_new(g);
 	ASSERT_PTR_NE(g, NULL);
 	ASSERT_INT_EQ(EC_POINT_set_affine_coordinates(
 	    g, ecp, bn_x, bn_y, NULL), 1);
-	BN_free(bn_x);
-	BN_free(bn_y);
 	pubkey_len = EC_POINT_point2oct(g, ecp,
 	    POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
 	ASSERT_INT_NE(pubkey_len, 0);
@@ -253,7 +268,15 @@ sshbuf_getput_crypto_tests(void)
 	ASSERT_INT_NE(EC_POINT_point2oct(g, ecp, POINT_CONVERSION_UNCOMPRESSED,
 	    pubkey, pubkey_len, NULL), 0);
 	EC_GROUP_free(g);
+#else
+	ASSERT_INT_EQ(EC_POINT_set_affine_coordinates_GFp(
+	    EC_KEY_get0_group(eck), ecp, bn_x, bn_y, NULL), 1);
+	ASSERT_INT_EQ(EC_KEY_set_public_key(eck, ecp), 1);
+#endif
+	BN_free(bn_x);
+	BN_free(bn_y);
 	EC_POINT_free(ecp);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	ASSERT_INT_EQ(OSSL_PARAM_BLD_push_octet_string(param_bld,
 	    OSSL_PKEY_PARAM_PUB_KEY, pubkey, pubkey_len), 1);
 	params = OSSL_PARAM_BLD_to_param(param_bld);
@@ -265,15 +288,55 @@ sshbuf_getput_crypto_tests(void)
 	ASSERT_INT_EQ(EVP_PKEY_fromdata(ctx, &eck, EVP_PKEY_PUBLIC_KEY,
 	    params), 1);
 	free(pubkey);
+#endif
 	p1 = sshbuf_new();
 	ASSERT_PTR_NE(p1, NULL);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	ASSERT_INT_EQ(sshbuf_put_ec(p1, eck), 0);
+#else
+	ASSERT_INT_EQ(sshbuf_put_ecbuf(p1, EC_KEY_get0_public_key(eck), 
+				EC_KEY_get0_group(eck)), 0);
+#endif
 	ASSERT_INT_EQ(sshbuf_get_string_direct(p1, &d, &s), 0);
 	ASSERT_SIZE_T_EQ(s, sizeof(expec256));
 	ASSERT_MEM_EQ(d, expec256, sizeof(expec256));
 	sshbuf_free(p1);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	EVP_PKEY_free(eck);
+#else
+	EC_KEY_free(eck);
+#endif
 	TEST_DONE();
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
+	TEST_START("sshbuf_get_ec");
+	eck = EC_KEY_new_by_curve_name(ec256_nid);
+	ASSERT_PTR_NE(eck, NULL);
+	p1 = sshbuf_new();
+	ASSERT_PTR_NE(p1, NULL);
+	ASSERT_INT_EQ(sshbuf_put_string(p1, expec256, sizeof(expec256)), 0);
+	ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expec256) + 4);
+	ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x00), 0);
+	ASSERT_INT_EQ(sshbuf_get_eckey(p1, eck), 0);
+	bn_x = BN_new();
+	bn_y = BN_new();
+	ASSERT_PTR_NE(bn_x, NULL);
+	ASSERT_PTR_NE(bn_y, NULL);
+	ASSERT_INT_EQ(EC_POINT_get_affine_coordinates_GFp(
+	    EC_KEY_get0_group(eck), EC_KEY_get0_public_key(eck),
+	    bn_x, bn_y, NULL), 1);
+	MKBN(ec256_x, bn);
+	MKBN(ec256_y, bn2);
+	ASSERT_INT_EQ(BN_cmp(bn_x, bn), 0);
+	ASSERT_INT_EQ(BN_cmp(bn_y, bn2), 0);
+	ASSERT_SIZE_T_EQ(sshbuf_len(p1), 1);
+	sshbuf_free(p1);
+	EC_KEY_free(eck);
+	BN_free(bn_x);
+	BN_free(bn_y);
+	BN_free(bn);
+	BN_free(bn2);
+	TEST_DONE();
+#endif
 #endif
 }
 

regress/unittests/sshkey/common.c

@@ -21,6 +21,9 @@
 #ifdef WITH_OPENSSL
 #include <openssl/bn.h>
 #include <openssl/evp.h>
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
+#include <openssl/rsa.h>
+#endif
 #include <openssl/dsa.h>
 #include <openssl/objects.h>
 #ifdef OPENSSL_HAS_NISTP256
@@ -87,43 +90,83 @@ BIGNUM *
 rsa_n(struct sshkey *k)
 {
 	BIGNUM *n = NULL;
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
+	RSA *rsa = NULL;
+#endif
 
 	ASSERT_PTR_NE(k, NULL);
 	ASSERT_PTR_NE(k->pkey, NULL);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	EVP_PKEY_get_bn_param(k->pkey, OSSL_PKEY_PARAM_RSA_N, &n);
+#else
+	rsa = EVP_PKEY_get1_RSA(k->pkey);
+	ASSERT_PTR_NE(rsa, NULL);
+	RSA_get0_key(rsa, &n, NULL, NULL);
+	RSA_free(rsa);
+#endif
 	return n;
 }
 
 BIGNUM *
 rsa_e(struct sshkey *k)
 {
 	BIGNUM *e = NULL;
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
+	RSA *rsa = NULL;
+#endif
 
 	ASSERT_PTR_NE(k, NULL);
 	ASSERT_PTR_NE(k->pkey, NULL);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	EVP_PKEY_get_bn_param(k->pkey, OSSL_PKEY_PARAM_RSA_E, &e);
+#else
+	rsa = EVP_PKEY_get1_RSA(k->pkey);
+	ASSERT_PTR_NE(rsa, NULL);
+	RSA_get0_key(rsa, NULL, &e, NULL);
+	RSA_free(rsa);
+#endif
 	return e;
 }
 
 BIGNUM *
 rsa_p(struct sshkey *k)
 {
 	BIGNUM *p = NULL;
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
+	RSA *rsa = NULL;
+#endif
 
 	ASSERT_PTR_NE(k, NULL);
 	ASSERT_PTR_NE(k->pkey, NULL);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	EVP_PKEY_get_bn_param(k->pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &p);
+#else
+	rsa = EVP_PKEY_get1_RSA(k->pkey);
+	ASSERT_PTR_NE(rsa, NULL);
+	RSA_get0_factors(rsa, &p, NULL);
+	RSA_free(rsa);
+#endif
 	return p;
 }
 
 BIGNUM *
 rsa_q(struct sshkey *k)
 {
 	BIGNUM *q = NULL;
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
+	RSA *rsa = NULL;
+#endif
 
 	ASSERT_PTR_NE(k, NULL);
 	ASSERT_PTR_NE(k->pkey, NULL);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 	EVP_PKEY_get_bn_param(k->pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &q);
+#else
+	rsa = EVP_PKEY_get1_RSA(k->pkey);
+	ASSERT_PTR_NE(rsa, NULL);
+	RSA_get0_factors(rsa, NULL, &q);
+	RSA_free(rsa);
+#endif
 	return q;
 }