Line | Count | Source (jump to first uncovered line) |
1 | | /* $OpenBSD: authfile.c,v 1.145 2024/09/22 12:56:21 jsg Exp $ */ |
2 | | /* |
3 | | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
4 | | * |
5 | | * Redistribution and use in source and binary forms, with or without |
6 | | * modification, are permitted provided that the following conditions |
7 | | * are met: |
8 | | * 1. Redistributions of source code must retain the above copyright |
9 | | * notice, this list of conditions and the following disclaimer. |
10 | | * 2. Redistributions in binary form must reproduce the above copyright |
11 | | * notice, this list of conditions and the following disclaimer in the |
12 | | * documentation and/or other materials provided with the distribution. |
13 | | * |
14 | | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
15 | | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
16 | | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
17 | | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
18 | | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
19 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
20 | | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
21 | | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
22 | | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
23 | | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | | */ |
25 | | |
26 | | #include "includes.h" |
27 | | |
28 | | #include <sys/types.h> |
29 | | #include <sys/stat.h> |
30 | | #include <sys/uio.h> |
31 | | |
32 | | #include <errno.h> |
33 | | #include <fcntl.h> |
34 | | #include <stdio.h> |
35 | | #include <stdarg.h> |
36 | | #include <stdlib.h> |
37 | | #include <string.h> |
38 | | #include <unistd.h> |
39 | | #include <limits.h> |
40 | | |
41 | | #include "cipher.h" |
42 | | #include "ssh.h" |
43 | | #include "log.h" |
44 | | #include "authfile.h" |
45 | | #include "misc.h" |
46 | | #include "atomicio.h" |
47 | | #include "sshkey.h" |
48 | | #include "sshbuf.h" |
49 | | #include "ssherr.h" |
50 | | #include "krl.h" |
51 | | |
52 | | /* Save a key blob to a file */ |
53 | | static int |
54 | | sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename) |
55 | 0 | { |
56 | 0 | int r; |
57 | 0 | mode_t omask; |
58 | |
|
59 | 0 | omask = umask(077); |
60 | 0 | r = sshbuf_write_file(filename, keybuf); |
61 | 0 | umask(omask); |
62 | 0 | return r; |
63 | 0 | } |
64 | | |
65 | | int |
66 | | sshkey_save_private(struct sshkey *key, const char *filename, |
67 | | const char *passphrase, const char *comment, |
68 | | int format, const char *openssh_format_cipher, int openssh_format_rounds) |
69 | 0 | { |
70 | 0 | struct sshbuf *keyblob = NULL; |
71 | 0 | int r; |
72 | |
|
73 | 0 | if ((keyblob = sshbuf_new()) == NULL) |
74 | 0 | return SSH_ERR_ALLOC_FAIL; |
75 | 0 | if ((r = sshkey_private_to_fileblob(key, keyblob, passphrase, comment, |
76 | 0 | format, openssh_format_cipher, openssh_format_rounds)) != 0) |
77 | 0 | goto out; |
78 | 0 | if ((r = sshkey_save_private_blob(keyblob, filename)) != 0) |
79 | 0 | goto out; |
80 | 0 | r = 0; |
81 | 0 | out: |
82 | 0 | sshbuf_free(keyblob); |
83 | 0 | return r; |
84 | 0 | } |
85 | | |
86 | | /* XXX remove error() calls from here? */ |
87 | | int |
88 | | sshkey_perm_ok(int fd, const char *filename) |
89 | 0 | { |
90 | 0 | struct stat st; |
91 | |
|
92 | 0 | if (fstat(fd, &st) == -1) |
93 | 0 | return SSH_ERR_SYSTEM_ERROR; |
94 | | /* |
95 | | * if a key owned by the user is accessed, then we check the |
96 | | * permissions of the file. if the key owned by a different user, |
97 | | * then we don't care. |
98 | | */ |
99 | | #ifdef HAVE_CYGWIN |
100 | | if (check_ntsec(filename)) |
101 | | #endif |
102 | 0 | if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { |
103 | 0 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
104 | 0 | error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); |
105 | 0 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
106 | 0 | error("Permissions 0%3.3o for '%s' are too open.", |
107 | 0 | (u_int)st.st_mode & 0777, filename); |
108 | 0 | error("It is required that your private key files are NOT accessible by others."); |
109 | 0 | error("This private key will be ignored."); |
110 | 0 | return SSH_ERR_KEY_BAD_PERMISSIONS; |
111 | 0 | } |
112 | 0 | return 0; |
113 | 0 | } |
114 | | |
115 | | int |
116 | | sshkey_load_private_type(int type, const char *filename, const char *passphrase, |
117 | | struct sshkey **keyp, char **commentp) |
118 | 0 | { |
119 | 0 | int fd, r; |
120 | |
|
121 | 0 | if (keyp != NULL) |
122 | 0 | *keyp = NULL; |
123 | 0 | if (commentp != NULL) |
124 | 0 | *commentp = NULL; |
125 | |
|
126 | 0 | if ((fd = open(filename, O_RDONLY)) == -1) |
127 | 0 | return SSH_ERR_SYSTEM_ERROR; |
128 | | |
129 | 0 | r = sshkey_perm_ok(fd, filename); |
130 | 0 | if (r != 0) |
131 | 0 | goto out; |
132 | | |
133 | 0 | r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); |
134 | 0 | if (r == 0 && keyp && *keyp) |
135 | 0 | r = sshkey_set_filename(*keyp, filename); |
136 | 0 | out: |
137 | 0 | close(fd); |
138 | 0 | return r; |
139 | 0 | } |
140 | | |
141 | | int |
142 | | sshkey_load_private(const char *filename, const char *passphrase, |
143 | | struct sshkey **keyp, char **commentp) |
144 | 0 | { |
145 | 0 | return sshkey_load_private_type(KEY_UNSPEC, filename, passphrase, |
146 | 0 | keyp, commentp); |
147 | 0 | } |
148 | | |
149 | | int |
150 | | sshkey_load_private_type_fd(int fd, int type, const char *passphrase, |
151 | | struct sshkey **keyp, char **commentp) |
152 | 0 | { |
153 | 0 | struct sshbuf *buffer = NULL; |
154 | 0 | int r; |
155 | |
|
156 | 0 | if (keyp != NULL) |
157 | 0 | *keyp = NULL; |
158 | 0 | if ((r = sshbuf_load_fd(fd, &buffer)) != 0 || |
159 | 0 | (r = sshkey_parse_private_fileblob_type(buffer, type, |
160 | 0 | passphrase, keyp, commentp)) != 0) |
161 | 0 | goto out; |
162 | | |
163 | | /* success */ |
164 | 0 | r = 0; |
165 | 0 | out: |
166 | 0 | sshbuf_free(buffer); |
167 | 0 | return r; |
168 | 0 | } |
169 | | |
170 | | /* Load a pubkey from the unencrypted envelope of a new-format private key */ |
171 | | static int |
172 | | sshkey_load_pubkey_from_private(const char *filename, struct sshkey **pubkeyp) |
173 | 0 | { |
174 | 0 | struct sshbuf *buffer = NULL; |
175 | 0 | struct sshkey *pubkey = NULL; |
176 | 0 | int r, fd; |
177 | |
|
178 | 0 | if (pubkeyp != NULL) |
179 | 0 | *pubkeyp = NULL; |
180 | |
|
181 | 0 | if ((fd = open(filename, O_RDONLY)) == -1) |
182 | 0 | return SSH_ERR_SYSTEM_ERROR; |
183 | 0 | if ((r = sshbuf_load_fd(fd, &buffer)) != 0 || |
184 | 0 | (r = sshkey_parse_pubkey_from_private_fileblob_type(buffer, |
185 | 0 | KEY_UNSPEC, &pubkey)) != 0) |
186 | 0 | goto out; |
187 | 0 | if ((r = sshkey_set_filename(pubkey, filename)) != 0) |
188 | 0 | goto out; |
189 | | /* success */ |
190 | 0 | if (pubkeyp != NULL) { |
191 | 0 | *pubkeyp = pubkey; |
192 | 0 | pubkey = NULL; |
193 | 0 | } |
194 | 0 | r = 0; |
195 | 0 | out: |
196 | 0 | close(fd); |
197 | 0 | sshbuf_free(buffer); |
198 | 0 | sshkey_free(pubkey); |
199 | 0 | return r; |
200 | 0 | } |
201 | | |
202 | | static int |
203 | | sshkey_try_load_public(struct sshkey **kp, const char *filename, |
204 | | char **commentp) |
205 | 0 | { |
206 | 0 | FILE *f; |
207 | 0 | char *line = NULL, *cp; |
208 | 0 | size_t linesize = 0; |
209 | 0 | int r; |
210 | 0 | struct sshkey *k = NULL; |
211 | |
|
212 | 0 | if (kp == NULL) |
213 | 0 | return SSH_ERR_INVALID_ARGUMENT; |
214 | 0 | *kp = NULL; |
215 | 0 | if (commentp != NULL) |
216 | 0 | *commentp = NULL; |
217 | 0 | if ((f = fopen(filename, "r")) == NULL) |
218 | 0 | return SSH_ERR_SYSTEM_ERROR; |
219 | 0 | if ((k = sshkey_new(KEY_UNSPEC)) == NULL) { |
220 | 0 | fclose(f); |
221 | 0 | return SSH_ERR_ALLOC_FAIL; |
222 | 0 | } |
223 | 0 | while (getline(&line, &linesize, f) != -1) { |
224 | 0 | cp = line; |
225 | 0 | switch (*cp) { |
226 | 0 | case '#': |
227 | 0 | case '\n': |
228 | 0 | case '\0': |
229 | 0 | continue; |
230 | 0 | } |
231 | | /* Abort loading if this looks like a private key */ |
232 | 0 | if (strncmp(cp, "-----BEGIN", 10) == 0 || |
233 | 0 | strcmp(cp, "SSH PRIVATE KEY FILE") == 0) |
234 | 0 | break; |
235 | | /* Skip leading whitespace. */ |
236 | 0 | for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) |
237 | 0 | ; |
238 | 0 | if (*cp) { |
239 | 0 | if ((r = sshkey_read(k, &cp)) == 0) { |
240 | 0 | cp[strcspn(cp, "\r\n")] = '\0'; |
241 | 0 | if (commentp) { |
242 | 0 | *commentp = strdup(*cp ? |
243 | 0 | cp : filename); |
244 | 0 | if (*commentp == NULL) |
245 | 0 | r = SSH_ERR_ALLOC_FAIL; |
246 | 0 | } |
247 | | /* success */ |
248 | 0 | *kp = k; |
249 | 0 | free(line); |
250 | 0 | fclose(f); |
251 | 0 | return r; |
252 | 0 | } |
253 | 0 | } |
254 | 0 | } |
255 | 0 | free(k); |
256 | 0 | free(line); |
257 | 0 | fclose(f); |
258 | 0 | return SSH_ERR_INVALID_FORMAT; |
259 | 0 | } |
260 | | |
261 | | /* load public key from any pubkey file */ |
262 | | int |
263 | | sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) |
264 | 0 | { |
265 | 0 | char *pubfile = NULL; |
266 | 0 | int r, oerrno; |
267 | |
|
268 | 0 | if (keyp != NULL) |
269 | 0 | *keyp = NULL; |
270 | 0 | if (commentp != NULL) |
271 | 0 | *commentp = NULL; |
272 | |
|
273 | 0 | if ((r = sshkey_try_load_public(keyp, filename, commentp)) == 0) |
274 | 0 | goto out; |
275 | | |
276 | | /* try .pub suffix */ |
277 | 0 | if (asprintf(&pubfile, "%s.pub", filename) == -1) |
278 | 0 | return SSH_ERR_ALLOC_FAIL; |
279 | 0 | if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0) |
280 | 0 | goto out; |
281 | | |
282 | | /* finally, try to extract public key from private key file */ |
283 | 0 | if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0) |
284 | 0 | goto out; |
285 | | |
286 | | /* Pretend we couldn't find the key */ |
287 | 0 | r = SSH_ERR_SYSTEM_ERROR; |
288 | 0 | errno = ENOENT; |
289 | |
|
290 | 0 | out: |
291 | 0 | oerrno = errno; |
292 | 0 | free(pubfile); |
293 | 0 | errno = oerrno; |
294 | 0 | return r; |
295 | 0 | } |
296 | | |
297 | | /* Load the certificate associated with the named private key */ |
298 | | int |
299 | | sshkey_load_cert(const char *filename, struct sshkey **keyp) |
300 | 0 | { |
301 | 0 | struct sshkey *pub = NULL; |
302 | 0 | char *file = NULL; |
303 | 0 | int r = SSH_ERR_INTERNAL_ERROR; |
304 | |
|
305 | 0 | if (keyp != NULL) |
306 | 0 | *keyp = NULL; |
307 | |
|
308 | 0 | if (asprintf(&file, "%s-cert.pub", filename) == -1) |
309 | 0 | return SSH_ERR_ALLOC_FAIL; |
310 | | |
311 | 0 | r = sshkey_try_load_public(keyp, file, NULL); |
312 | 0 | free(file); |
313 | 0 | sshkey_free(pub); |
314 | 0 | return r; |
315 | 0 | } |
316 | | |
317 | | /* Load private key and certificate */ |
318 | | int |
319 | | sshkey_load_private_cert(int type, const char *filename, const char *passphrase, |
320 | | struct sshkey **keyp) |
321 | 0 | { |
322 | 0 | struct sshkey *key = NULL, *cert = NULL; |
323 | 0 | int r; |
324 | |
|
325 | 0 | if (keyp != NULL) |
326 | 0 | *keyp = NULL; |
327 | |
|
328 | 0 | switch (type) { |
329 | 0 | #ifdef WITH_OPENSSL |
330 | 0 | case KEY_RSA: |
331 | 0 | case KEY_DSA: |
332 | 0 | case KEY_ECDSA: |
333 | 0 | #endif /* WITH_OPENSSL */ |
334 | 0 | case KEY_ED25519: |
335 | 0 | case KEY_XMSS: |
336 | 0 | case KEY_UNSPEC: |
337 | 0 | break; |
338 | 0 | default: |
339 | 0 | return SSH_ERR_KEY_TYPE_UNKNOWN; |
340 | 0 | } |
341 | | |
342 | 0 | if ((r = sshkey_load_private_type(type, filename, |
343 | 0 | passphrase, &key, NULL)) != 0 || |
344 | 0 | (r = sshkey_load_cert(filename, &cert)) != 0) |
345 | 0 | goto out; |
346 | | |
347 | | /* Make sure the private key matches the certificate */ |
348 | 0 | if (sshkey_equal_public(key, cert) == 0) { |
349 | 0 | r = SSH_ERR_KEY_CERT_MISMATCH; |
350 | 0 | goto out; |
351 | 0 | } |
352 | | |
353 | 0 | if ((r = sshkey_to_certified(key)) != 0 || |
354 | 0 | (r = sshkey_cert_copy(cert, key)) != 0) |
355 | 0 | goto out; |
356 | 0 | r = 0; |
357 | 0 | if (keyp != NULL) { |
358 | 0 | *keyp = key; |
359 | 0 | key = NULL; |
360 | 0 | } |
361 | 0 | out: |
362 | 0 | sshkey_free(key); |
363 | 0 | sshkey_free(cert); |
364 | 0 | return r; |
365 | 0 | } |
366 | | |
367 | | /* |
368 | | * Returns success if the specified "key" is listed in the file "filename", |
369 | | * SSH_ERR_KEY_NOT_FOUND: if the key is not listed or another error. |
370 | | * If "strict_type" is set then the key type must match exactly, |
371 | | * otherwise a comparison that ignores certificate data is performed. |
372 | | * If "check_ca" is set and "key" is a certificate, then its CA key is |
373 | | * also checked and sshkey_in_file() will return success if either is found. |
374 | | */ |
375 | | int |
376 | | sshkey_in_file(struct sshkey *key, const char *filename, int strict_type, |
377 | | int check_ca) |
378 | 0 | { |
379 | 0 | FILE *f; |
380 | 0 | char *line = NULL, *cp; |
381 | 0 | size_t linesize = 0; |
382 | 0 | int r = 0; |
383 | 0 | struct sshkey *pub = NULL; |
384 | |
|
385 | 0 | int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) = |
386 | 0 | strict_type ? sshkey_equal : sshkey_equal_public; |
387 | |
|
388 | 0 | if ((f = fopen(filename, "r")) == NULL) |
389 | 0 | return SSH_ERR_SYSTEM_ERROR; |
390 | | |
391 | 0 | while (getline(&line, &linesize, f) != -1) { |
392 | 0 | sshkey_free(pub); |
393 | 0 | pub = NULL; |
394 | 0 | cp = line; |
395 | | |
396 | | /* Skip leading whitespace. */ |
397 | 0 | for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) |
398 | 0 | ; |
399 | | |
400 | | /* Skip comments and empty lines */ |
401 | 0 | switch (*cp) { |
402 | 0 | case '#': |
403 | 0 | case '\n': |
404 | 0 | case '\0': |
405 | 0 | continue; |
406 | 0 | } |
407 | | |
408 | 0 | if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { |
409 | 0 | r = SSH_ERR_ALLOC_FAIL; |
410 | 0 | goto out; |
411 | 0 | } |
412 | 0 | switch (r = sshkey_read(pub, &cp)) { |
413 | 0 | case 0: |
414 | 0 | break; |
415 | 0 | case SSH_ERR_KEY_LENGTH: |
416 | 0 | continue; |
417 | 0 | default: |
418 | 0 | goto out; |
419 | 0 | } |
420 | 0 | if (sshkey_compare(key, pub) || |
421 | 0 | (check_ca && sshkey_is_cert(key) && |
422 | 0 | sshkey_compare(key->cert->signature_key, pub))) { |
423 | 0 | r = 0; |
424 | 0 | goto out; |
425 | 0 | } |
426 | 0 | } |
427 | 0 | r = SSH_ERR_KEY_NOT_FOUND; |
428 | 0 | out: |
429 | 0 | free(line); |
430 | 0 | sshkey_free(pub); |
431 | 0 | fclose(f); |
432 | 0 | return r; |
433 | 0 | } |
434 | | |
435 | | /* |
436 | | * Checks whether the specified key is revoked, returning 0 if not, |
437 | | * SSH_ERR_KEY_REVOKED if it is or another error code if something |
438 | | * unexpected happened. |
439 | | * This will check both the key and, if it is a certificate, its CA key too. |
440 | | * "revoked_keys_file" may be a KRL or a one-per-line list of public keys. |
441 | | */ |
442 | | int |
443 | | sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file) |
444 | 0 | { |
445 | 0 | int r; |
446 | |
|
447 | 0 | r = ssh_krl_file_contains_key(revoked_keys_file, key); |
448 | | /* If this was not a KRL to begin with then continue below */ |
449 | 0 | if (r != SSH_ERR_KRL_BAD_MAGIC) |
450 | 0 | return r; |
451 | | |
452 | | /* |
453 | | * If the file is not a KRL or we can't handle KRLs then attempt to |
454 | | * parse the file as a flat list of keys. |
455 | | */ |
456 | 0 | switch ((r = sshkey_in_file(key, revoked_keys_file, 0, 1))) { |
457 | 0 | case 0: |
458 | | /* Key found => revoked */ |
459 | 0 | return SSH_ERR_KEY_REVOKED; |
460 | 0 | case SSH_ERR_KEY_NOT_FOUND: |
461 | | /* Key not found => not revoked */ |
462 | 0 | return 0; |
463 | 0 | default: |
464 | | /* Some other error occurred */ |
465 | 0 | return r; |
466 | 0 | } |
467 | 0 | } |
468 | | |
469 | | /* |
470 | | * Advanced *cpp past the end of key options, defined as the first unquoted |
471 | | * whitespace character. Returns 0 on success or -1 on failure (e.g. |
472 | | * unterminated quotes). |
473 | | */ |
474 | | int |
475 | | sshkey_advance_past_options(char **cpp) |
476 | 0 | { |
477 | 0 | char *cp = *cpp; |
478 | 0 | int quoted = 0; |
479 | |
|
480 | 0 | for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { |
481 | 0 | if (*cp == '\\' && cp[1] == '"') |
482 | 0 | cp++; /* Skip both */ |
483 | 0 | else if (*cp == '"') |
484 | 0 | quoted = !quoted; |
485 | 0 | } |
486 | 0 | *cpp = cp; |
487 | | /* return failure for unterminated quotes */ |
488 | 0 | return (*cp == '\0' && quoted) ? -1 : 0; |
489 | 0 | } |
490 | | |
491 | | /* Save a public key */ |
492 | | int |
493 | | sshkey_save_public(const struct sshkey *key, const char *path, |
494 | | const char *comment) |
495 | 0 | { |
496 | 0 | int fd, oerrno; |
497 | 0 | FILE *f = NULL; |
498 | 0 | int r = SSH_ERR_INTERNAL_ERROR; |
499 | |
|
500 | 0 | if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) |
501 | 0 | return SSH_ERR_SYSTEM_ERROR; |
502 | 0 | if ((f = fdopen(fd, "w")) == NULL) { |
503 | 0 | r = SSH_ERR_SYSTEM_ERROR; |
504 | 0 | close(fd); |
505 | 0 | goto fail; |
506 | 0 | } |
507 | 0 | if ((r = sshkey_write(key, f)) != 0) |
508 | 0 | goto fail; |
509 | 0 | fprintf(f, " %s\n", comment); |
510 | 0 | if (ferror(f)) { |
511 | 0 | r = SSH_ERR_SYSTEM_ERROR; |
512 | 0 | goto fail; |
513 | 0 | } |
514 | 0 | if (fclose(f) != 0) { |
515 | 0 | r = SSH_ERR_SYSTEM_ERROR; |
516 | 0 | f = NULL; |
517 | 0 | fail: |
518 | 0 | if (f != NULL) { |
519 | 0 | oerrno = errno; |
520 | 0 | fclose(f); |
521 | 0 | errno = oerrno; |
522 | 0 | } |
523 | 0 | return r; |
524 | 0 | } |
525 | 0 | return 0; |
526 | 0 | } |