Line | Count | Source |
1 | | /* $OpenBSD: authfile.c,v 1.149 2026/02/14 00:18:34 jsg Exp $ */ |
2 | | /* |
3 | | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
4 | | * |
5 | | * Redistribution and use in source and binary forms, with or without |
6 | | * modification, are permitted provided that the following conditions |
7 | | * are met: |
8 | | * 1. Redistributions of source code must retain the above copyright |
9 | | * notice, this list of conditions and the following disclaimer. |
10 | | * 2. Redistributions in binary form must reproduce the above copyright |
11 | | * notice, this list of conditions and the following disclaimer in the |
12 | | * documentation and/or other materials provided with the distribution. |
13 | | * |
14 | | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
15 | | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
16 | | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
17 | | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
18 | | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
19 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
20 | | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
21 | | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
22 | | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
23 | | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | | */ |
25 | | |
26 | | #include "includes.h" |
27 | | |
28 | | #include <sys/types.h> |
29 | | #include <sys/stat.h> |
30 | | |
31 | | #include <errno.h> |
32 | | #include <fcntl.h> |
33 | | #include <stdio.h> |
34 | | #include <stdarg.h> |
35 | | #include <stdlib.h> |
36 | | #include <string.h> |
37 | | #include <unistd.h> |
38 | | |
39 | | #include "log.h" |
40 | | #include "authfile.h" |
41 | | #include "sshkey.h" |
42 | | #include "sshbuf.h" |
43 | | #include "ssherr.h" |
44 | | #include "krl.h" |
45 | | |
46 | | /* Save a key blob to a file */ |
47 | | static int |
48 | | sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename) |
49 | 0 | { |
50 | 0 | int r; |
51 | 0 | mode_t omask; |
52 | |
|
53 | 0 | omask = umask(077); |
54 | 0 | r = sshbuf_write_file(filename, keybuf); |
55 | 0 | umask(omask); |
56 | 0 | return r; |
57 | 0 | } |
58 | | |
59 | | int |
60 | | sshkey_save_private(struct sshkey *key, const char *filename, |
61 | | const char *passphrase, const char *comment, |
62 | | int format, const char *openssh_format_cipher, int openssh_format_rounds) |
63 | 0 | { |
64 | 0 | struct sshbuf *keyblob = NULL; |
65 | 0 | int r; |
66 | |
|
67 | 0 | if ((keyblob = sshbuf_new()) == NULL) |
68 | 0 | return SSH_ERR_ALLOC_FAIL; |
69 | 0 | if ((r = sshkey_private_to_fileblob(key, keyblob, passphrase, comment, |
70 | 0 | format, openssh_format_cipher, openssh_format_rounds)) != 0) |
71 | 0 | goto out; |
72 | 0 | if ((r = sshkey_save_private_blob(keyblob, filename)) != 0) |
73 | 0 | goto out; |
74 | 0 | r = 0; |
75 | 0 | out: |
76 | 0 | sshbuf_free(keyblob); |
77 | 0 | return r; |
78 | 0 | } |
79 | | |
80 | | /* XXX remove error() calls from here? */ |
81 | | int |
82 | | sshkey_perm_ok(int fd, const char *filename) |
83 | 0 | { |
84 | 0 | struct stat st; |
85 | |
|
86 | 0 | if (fstat(fd, &st) == -1) |
87 | 0 | return SSH_ERR_SYSTEM_ERROR; |
88 | | /* |
89 | | * if a key owned by the user is accessed, then we check the |
90 | | * permissions of the file. if the key owned by a different user, |
91 | | * then we don't care. |
92 | | */ |
93 | | #ifdef HAVE_CYGWIN |
94 | | if (check_ntsec(filename)) |
95 | | #endif |
96 | 0 | if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { |
97 | 0 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
98 | 0 | error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); |
99 | 0 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
100 | 0 | error("Permissions 0%3.3o for '%s' are too open.", |
101 | 0 | (u_int)st.st_mode & 0777, filename); |
102 | 0 | error("It is required that your private key files are NOT accessible by others."); |
103 | 0 | error("This private key will be ignored."); |
104 | 0 | return SSH_ERR_KEY_BAD_PERMISSIONS; |
105 | 0 | } |
106 | 0 | return 0; |
107 | 0 | } |
108 | | |
109 | | int |
110 | | sshkey_load_private_type(int type, const char *filename, const char *passphrase, |
111 | | struct sshkey **keyp, char **commentp) |
112 | 0 | { |
113 | 0 | int fd, r; |
114 | |
|
115 | 0 | if (keyp != NULL) |
116 | 0 | *keyp = NULL; |
117 | 0 | if (commentp != NULL) |
118 | 0 | *commentp = NULL; |
119 | |
|
120 | 0 | if ((fd = open(filename, O_RDONLY)) == -1) |
121 | 0 | return SSH_ERR_SYSTEM_ERROR; |
122 | | |
123 | 0 | r = sshkey_perm_ok(fd, filename); |
124 | 0 | if (r != 0) |
125 | 0 | goto out; |
126 | | |
127 | 0 | r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); |
128 | 0 | out: |
129 | 0 | close(fd); |
130 | 0 | return r; |
131 | 0 | } |
132 | | |
133 | | int |
134 | | sshkey_load_private(const char *filename, const char *passphrase, |
135 | | struct sshkey **keyp, char **commentp) |
136 | 0 | { |
137 | 0 | return sshkey_load_private_type(KEY_UNSPEC, filename, passphrase, |
138 | 0 | keyp, commentp); |
139 | 0 | } |
140 | | |
141 | | int |
142 | | sshkey_load_private_type_fd(int fd, int type, const char *passphrase, |
143 | | struct sshkey **keyp, char **commentp) |
144 | 0 | { |
145 | 0 | struct sshbuf *buffer = NULL; |
146 | 0 | int r; |
147 | |
|
148 | 0 | if (keyp != NULL) |
149 | 0 | *keyp = NULL; |
150 | 0 | if ((r = sshbuf_load_fd(fd, &buffer)) != 0 || |
151 | 0 | (r = sshkey_parse_private_fileblob_type(buffer, type, |
152 | 0 | passphrase, keyp, commentp)) != 0) |
153 | 0 | goto out; |
154 | | |
155 | | /* success */ |
156 | 0 | r = 0; |
157 | 0 | out: |
158 | 0 | sshbuf_free(buffer); |
159 | 0 | return r; |
160 | 0 | } |
161 | | |
162 | | /* Load a pubkey from the unencrypted envelope of a new-format private key */ |
163 | | static int |
164 | | sshkey_load_pubkey_from_private(const char *filename, struct sshkey **pubkeyp) |
165 | 0 | { |
166 | 0 | struct sshbuf *buffer = NULL; |
167 | 0 | struct sshkey *pubkey = NULL; |
168 | 0 | int r, fd; |
169 | |
|
170 | 0 | if (pubkeyp != NULL) |
171 | 0 | *pubkeyp = NULL; |
172 | |
|
173 | 0 | if ((fd = open(filename, O_RDONLY)) == -1) |
174 | 0 | return SSH_ERR_SYSTEM_ERROR; |
175 | 0 | if ((r = sshbuf_load_fd(fd, &buffer)) != 0 || |
176 | 0 | (r = sshkey_parse_pubkey_from_private_fileblob_type(buffer, |
177 | 0 | KEY_UNSPEC, &pubkey)) != 0) |
178 | 0 | goto out; |
179 | | /* success */ |
180 | 0 | if (pubkeyp != NULL) { |
181 | 0 | *pubkeyp = pubkey; |
182 | 0 | pubkey = NULL; |
183 | 0 | } |
184 | 0 | r = 0; |
185 | 0 | out: |
186 | 0 | close(fd); |
187 | 0 | sshbuf_free(buffer); |
188 | 0 | sshkey_free(pubkey); |
189 | 0 | return r; |
190 | 0 | } |
191 | | |
192 | | static int |
193 | | sshkey_try_load_public(struct sshkey **kp, const char *filename, |
194 | | char **commentp) |
195 | 0 | { |
196 | 0 | FILE *f; |
197 | 0 | char *line = NULL, *cp; |
198 | 0 | size_t linesize = 0; |
199 | 0 | int r; |
200 | 0 | struct sshkey *k = NULL; |
201 | |
|
202 | 0 | if (kp == NULL) |
203 | 0 | return SSH_ERR_INVALID_ARGUMENT; |
204 | 0 | *kp = NULL; |
205 | 0 | if (commentp != NULL) |
206 | 0 | *commentp = NULL; |
207 | 0 | if ((f = fopen(filename, "r")) == NULL) |
208 | 0 | return SSH_ERR_SYSTEM_ERROR; |
209 | 0 | if ((k = sshkey_new(KEY_UNSPEC)) == NULL) { |
210 | 0 | fclose(f); |
211 | 0 | return SSH_ERR_ALLOC_FAIL; |
212 | 0 | } |
213 | 0 | while (getline(&line, &linesize, f) != -1) { |
214 | 0 | cp = line; |
215 | 0 | switch (*cp) { |
216 | 0 | case '#': |
217 | 0 | case '\n': |
218 | 0 | case '\0': |
219 | 0 | continue; |
220 | 0 | } |
221 | | /* Abort loading if this looks like a private key */ |
222 | 0 | if (strncmp(cp, "-----BEGIN", 10) == 0 || |
223 | 0 | strcmp(cp, "SSH PRIVATE KEY FILE") == 0) |
224 | 0 | break; |
225 | | /* Skip leading whitespace. */ |
226 | 0 | for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) |
227 | 0 | ; |
228 | 0 | if (*cp) { |
229 | 0 | if ((r = sshkey_read(k, &cp)) == 0) { |
230 | 0 | cp[strcspn(cp, "\r\n")] = '\0'; |
231 | 0 | if (commentp) { |
232 | 0 | *commentp = strdup(*cp ? |
233 | 0 | cp : filename); |
234 | 0 | if (*commentp == NULL) |
235 | 0 | r = SSH_ERR_ALLOC_FAIL; |
236 | 0 | } |
237 | | /* success */ |
238 | 0 | *kp = k; |
239 | 0 | free(line); |
240 | 0 | fclose(f); |
241 | 0 | return r; |
242 | 0 | } |
243 | 0 | } |
244 | 0 | } |
245 | 0 | free(k); |
246 | 0 | free(line); |
247 | 0 | fclose(f); |
248 | 0 | return SSH_ERR_INVALID_FORMAT; |
249 | 0 | } |
250 | | |
251 | | /* load public key from any pubkey file */ |
252 | | int |
253 | | sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) |
254 | 0 | { |
255 | 0 | char *pubfile = NULL; |
256 | 0 | int r, oerrno; |
257 | |
|
258 | 0 | if (keyp != NULL) |
259 | 0 | *keyp = NULL; |
260 | 0 | if (commentp != NULL) |
261 | 0 | *commentp = NULL; |
262 | |
|
263 | 0 | if ((r = sshkey_try_load_public(keyp, filename, commentp)) == 0) |
264 | 0 | goto out; |
265 | | |
266 | | /* try .pub suffix */ |
267 | 0 | if (asprintf(&pubfile, "%s.pub", filename) == -1) |
268 | 0 | return SSH_ERR_ALLOC_FAIL; |
269 | 0 | if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0) |
270 | 0 | goto out; |
271 | | |
272 | | /* finally, try to extract public key from private key file */ |
273 | 0 | if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0) |
274 | 0 | goto out; |
275 | | |
276 | | /* Pretend we couldn't find the key */ |
277 | 0 | r = SSH_ERR_SYSTEM_ERROR; |
278 | 0 | errno = ENOENT; |
279 | |
|
280 | 0 | out: |
281 | 0 | oerrno = errno; |
282 | 0 | free(pubfile); |
283 | 0 | errno = oerrno; |
284 | 0 | return r; |
285 | 0 | } |
286 | | |
287 | | /* Load the certificate associated with the named private key */ |
288 | | int |
289 | | sshkey_load_cert(const char *filename, struct sshkey **keyp) |
290 | 0 | { |
291 | 0 | struct sshkey *pub = NULL; |
292 | 0 | char *file = NULL; |
293 | 0 | int r = SSH_ERR_INTERNAL_ERROR; |
294 | |
|
295 | 0 | if (keyp != NULL) |
296 | 0 | *keyp = NULL; |
297 | |
|
298 | 0 | if (asprintf(&file, "%s-cert.pub", filename) == -1) |
299 | 0 | return SSH_ERR_ALLOC_FAIL; |
300 | | |
301 | 0 | r = sshkey_try_load_public(keyp, file, NULL); |
302 | 0 | free(file); |
303 | 0 | sshkey_free(pub); |
304 | 0 | return r; |
305 | 0 | } |
306 | | |
307 | | /* Load private key and certificate */ |
308 | | int |
309 | | sshkey_load_private_cert(int type, const char *filename, const char *passphrase, |
310 | | struct sshkey **keyp) |
311 | 0 | { |
312 | 0 | struct sshkey *key = NULL, *cert = NULL; |
313 | 0 | int r; |
314 | |
|
315 | 0 | if (keyp != NULL) |
316 | 0 | *keyp = NULL; |
317 | |
|
318 | 0 | switch (type) { |
319 | 0 | #ifdef WITH_OPENSSL |
320 | 0 | case KEY_RSA: |
321 | 0 | case KEY_ECDSA: |
322 | 0 | #endif /* WITH_OPENSSL */ |
323 | 0 | case KEY_ED25519: |
324 | 0 | case KEY_UNSPEC: |
325 | 0 | break; |
326 | 0 | default: |
327 | 0 | return SSH_ERR_KEY_TYPE_UNKNOWN; |
328 | 0 | } |
329 | | |
330 | 0 | if ((r = sshkey_load_private_type(type, filename, |
331 | 0 | passphrase, &key, NULL)) != 0 || |
332 | 0 | (r = sshkey_load_cert(filename, &cert)) != 0) |
333 | 0 | goto out; |
334 | | |
335 | | /* Make sure the private key matches the certificate */ |
336 | 0 | if (sshkey_equal_public(key, cert) == 0) { |
337 | 0 | r = SSH_ERR_KEY_CERT_MISMATCH; |
338 | 0 | goto out; |
339 | 0 | } |
340 | | |
341 | 0 | if ((r = sshkey_to_certified(key)) != 0 || |
342 | 0 | (r = sshkey_cert_copy(cert, key)) != 0) |
343 | 0 | goto out; |
344 | 0 | r = 0; |
345 | 0 | if (keyp != NULL) { |
346 | 0 | *keyp = key; |
347 | 0 | key = NULL; |
348 | 0 | } |
349 | 0 | out: |
350 | 0 | sshkey_free(key); |
351 | 0 | sshkey_free(cert); |
352 | 0 | return r; |
353 | 0 | } |
354 | | |
355 | | /* |
356 | | * Returns success if the specified "key" is listed in the file "filename", |
357 | | * SSH_ERR_KEY_NOT_FOUND: if the key is not listed or another error. |
358 | | * If "strict_type" is set then the key type must match exactly, |
359 | | * otherwise a comparison that ignores certificate data is performed. |
360 | | * If "check_ca" is set and "key" is a certificate, then its CA key is |
361 | | * also checked and sshkey_in_file() will return success if either is found. |
362 | | */ |
363 | | int |
364 | | sshkey_in_file(struct sshkey *key, const char *filename, int strict_type, |
365 | | int check_ca) |
366 | 0 | { |
367 | 0 | FILE *f; |
368 | 0 | char *line = NULL, *cp; |
369 | 0 | size_t linesize = 0; |
370 | 0 | int r = 0; |
371 | 0 | struct sshkey *pub = NULL; |
372 | |
|
373 | 0 | int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) = |
374 | 0 | strict_type ? sshkey_equal : sshkey_equal_public; |
375 | |
|
376 | 0 | if ((f = fopen(filename, "r")) == NULL) |
377 | 0 | return SSH_ERR_SYSTEM_ERROR; |
378 | | |
379 | 0 | while (getline(&line, &linesize, f) != -1) { |
380 | 0 | sshkey_free(pub); |
381 | 0 | pub = NULL; |
382 | 0 | cp = line; |
383 | | |
384 | | /* Skip leading whitespace. */ |
385 | 0 | for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) |
386 | 0 | ; |
387 | | |
388 | | /* Skip comments and empty lines */ |
389 | 0 | switch (*cp) { |
390 | 0 | case '#': |
391 | 0 | case '\n': |
392 | 0 | case '\0': |
393 | 0 | continue; |
394 | 0 | } |
395 | | |
396 | 0 | if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { |
397 | 0 | r = SSH_ERR_ALLOC_FAIL; |
398 | 0 | goto out; |
399 | 0 | } |
400 | 0 | switch (r = sshkey_read(pub, &cp)) { |
401 | 0 | case 0: |
402 | 0 | break; |
403 | 0 | case SSH_ERR_KEY_LENGTH: |
404 | 0 | continue; |
405 | 0 | default: |
406 | 0 | goto out; |
407 | 0 | } |
408 | 0 | if (sshkey_compare(key, pub) || |
409 | 0 | (check_ca && sshkey_is_cert(key) && |
410 | 0 | sshkey_compare(key->cert->signature_key, pub))) { |
411 | 0 | r = 0; |
412 | 0 | goto out; |
413 | 0 | } |
414 | 0 | } |
415 | 0 | r = SSH_ERR_KEY_NOT_FOUND; |
416 | 0 | out: |
417 | 0 | free(line); |
418 | 0 | sshkey_free(pub); |
419 | 0 | fclose(f); |
420 | 0 | return r; |
421 | 0 | } |
422 | | |
423 | | /* |
424 | | * Checks whether the specified key is revoked, returning 0 if not, |
425 | | * SSH_ERR_KEY_REVOKED if it is or another error code if something |
426 | | * unexpected happened. |
427 | | * This will check both the key and, if it is a certificate, its CA key too. |
428 | | * "revoked_keys_file" may be a KRL or a one-per-line list of public keys. |
429 | | */ |
430 | | int |
431 | | sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file) |
432 | 0 | { |
433 | 0 | int r; |
434 | |
|
435 | 0 | r = ssh_krl_file_contains_key(revoked_keys_file, key); |
436 | | /* If this was not a KRL to begin with then continue below */ |
437 | 0 | if (r != SSH_ERR_KRL_BAD_MAGIC) |
438 | 0 | return r; |
439 | | |
440 | | /* |
441 | | * If the file is not a KRL or we can't handle KRLs then attempt to |
442 | | * parse the file as a flat list of keys. |
443 | | */ |
444 | 0 | switch ((r = sshkey_in_file(key, revoked_keys_file, 0, 1))) { |
445 | 0 | case 0: |
446 | | /* Key found => revoked */ |
447 | 0 | return SSH_ERR_KEY_REVOKED; |
448 | 0 | case SSH_ERR_KEY_NOT_FOUND: |
449 | | /* Key not found => not revoked */ |
450 | 0 | return 0; |
451 | 0 | default: |
452 | | /* Some other error occurred */ |
453 | 0 | return r; |
454 | 0 | } |
455 | 0 | } |
456 | | |
457 | | /* |
458 | | * Advanced *cpp past the end of key options, defined as the first unquoted |
459 | | * whitespace character. Returns 0 on success or -1 on failure (e.g. |
460 | | * unterminated quotes). |
461 | | */ |
462 | | int |
463 | | sshkey_advance_past_options(char **cpp) |
464 | 0 | { |
465 | 0 | char *cp = *cpp; |
466 | 0 | int quoted = 0; |
467 | |
|
468 | 0 | for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { |
469 | 0 | if (*cp == '\\' && cp[1] == '"') |
470 | 0 | cp++; /* Skip both */ |
471 | 0 | else if (*cp == '"') |
472 | 0 | quoted = !quoted; |
473 | 0 | } |
474 | 0 | *cpp = cp; |
475 | | /* return failure for unterminated quotes */ |
476 | 0 | return (*cp == '\0' && quoted) ? -1 : 0; |
477 | 0 | } |
478 | | |
479 | | /* Save a public key */ |
480 | | int |
481 | | sshkey_save_public(const struct sshkey *key, const char *path, |
482 | | const char *comment) |
483 | 0 | { |
484 | 0 | int fd, oerrno; |
485 | 0 | FILE *f = NULL; |
486 | 0 | int r = SSH_ERR_INTERNAL_ERROR; |
487 | |
|
488 | 0 | if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) |
489 | 0 | return SSH_ERR_SYSTEM_ERROR; |
490 | 0 | if ((f = fdopen(fd, "w")) == NULL) { |
491 | 0 | r = SSH_ERR_SYSTEM_ERROR; |
492 | 0 | close(fd); |
493 | 0 | goto fail; |
494 | 0 | } |
495 | 0 | if ((r = sshkey_write(key, f)) != 0) |
496 | 0 | goto fail; |
497 | 0 | fprintf(f, " %s\n", comment); |
498 | 0 | if (ferror(f)) { |
499 | 0 | r = SSH_ERR_SYSTEM_ERROR; |
500 | 0 | goto fail; |
501 | 0 | } |
502 | 0 | if (fclose(f) != 0) { |
503 | 0 | r = SSH_ERR_SYSTEM_ERROR; |
504 | 0 | f = NULL; |
505 | 0 | fail: |
506 | 0 | if (f != NULL) { |
507 | 0 | oerrno = errno; |
508 | 0 | fclose(f); |
509 | 0 | errno = oerrno; |
510 | 0 | } |
511 | 0 | return r; |
512 | 0 | } |
513 | 0 | return 0; |
514 | 0 | } |