1 /* $OpenBSD: authfile.c,v 1.145 2024/09/22 12:56:21 jsg Exp $ */ 2 /* 3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 27 #include <sys/types.h> 28 #include <sys/stat.h> 29 #include <sys/uio.h> 30 31 #include <errno.h> 32 #include <fcntl.h> 33 #include <stdio.h> 34 #include <stdlib.h> 35 #include <string.h> 36 #include <unistd.h> 37 #include <limits.h> 38 39 #include "cipher.h" 40 #include "ssh.h" 41 #include "log.h" 42 #include "authfile.h" 43 #include "misc.h" 44 #include "atomicio.h" 45 #include "sshkey.h" 46 #include "sshbuf.h" 47 #include "ssherr.h" 48 #include "krl.h" 49 50 /* Save a key blob to a file */ 51 static int 52 sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename) 53 { 54 int r; 55 mode_t omask; 56 57 omask = umask(077); 58 r = sshbuf_write_file(filename, keybuf); 59 umask(omask); 60 return r; 61 } 62 63 int 64 sshkey_save_private(struct sshkey *key, const char *filename, 65 const char *passphrase, const char *comment, 66 int format, const char *openssh_format_cipher, int openssh_format_rounds) 67 { 68 struct sshbuf *keyblob = NULL; 69 int r; 70 71 if ((keyblob = sshbuf_new()) == NULL) 72 return SSH_ERR_ALLOC_FAIL; 73 if ((r = sshkey_private_to_fileblob(key, keyblob, passphrase, comment, 74 format, openssh_format_cipher, openssh_format_rounds)) != 0) 75 goto out; 76 if ((r = sshkey_save_private_blob(keyblob, filename)) != 0) 77 goto out; 78 r = 0; 79 out: 80 sshbuf_free(keyblob); 81 return r; 82 } 83 84 /* XXX remove error() calls from here? */ 85 int 86 sshkey_perm_ok(int fd, const char *filename) 87 { 88 struct stat st; 89 90 if (fstat(fd, &st) == -1) 91 return SSH_ERR_SYSTEM_ERROR; 92 /* 93 * if a key owned by the user is accessed, then we check the 94 * permissions of the file. if the key owned by a different user, 95 * then we don't care. 96 */ 97 if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { 98 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); 99 error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); 100 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); 101 error("Permissions 0%3.3o for '%s' are too open.", 102 (u_int)st.st_mode & 0777, filename); 103 error("It is required that your private key files are NOT accessible by others."); 104 error("This private key will be ignored."); 105 return SSH_ERR_KEY_BAD_PERMISSIONS; 106 } 107 return 0; 108 } 109 110 int 111 sshkey_load_private_type(int type, const char *filename, const char *passphrase, 112 struct sshkey **keyp, char **commentp) 113 { 114 int fd, r; 115 116 if (keyp != NULL) 117 *keyp = NULL; 118 if (commentp != NULL) 119 *commentp = NULL; 120 121 if ((fd = open(filename, O_RDONLY)) == -1) 122 return SSH_ERR_SYSTEM_ERROR; 123 124 r = sshkey_perm_ok(fd, filename); 125 if (r != 0) 126 goto out; 127 128 r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); 129 if (r == 0 && keyp && *keyp) 130 r = sshkey_set_filename(*keyp, filename); 131 out: 132 close(fd); 133 return r; 134 } 135 136 int 137 sshkey_load_private(const char *filename, const char *passphrase, 138 struct sshkey **keyp, char **commentp) 139 { 140 return sshkey_load_private_type(KEY_UNSPEC, filename, passphrase, 141 keyp, commentp); 142 } 143 144 int 145 sshkey_load_private_type_fd(int fd, int type, const char *passphrase, 146 struct sshkey **keyp, char **commentp) 147 { 148 struct sshbuf *buffer = NULL; 149 int r; 150 151 if (keyp != NULL) 152 *keyp = NULL; 153 if ((r = sshbuf_load_fd(fd, &buffer)) != 0 || 154 (r = sshkey_parse_private_fileblob_type(buffer, type, 155 passphrase, keyp, commentp)) != 0) 156 goto out; 157 158 /* success */ 159 r = 0; 160 out: 161 sshbuf_free(buffer); 162 return r; 163 } 164 165 /* Load a pubkey from the unencrypted envelope of a new-format private key */ 166 static int 167 sshkey_load_pubkey_from_private(const char *filename, struct sshkey **pubkeyp) 168 { 169 struct sshbuf *buffer = NULL; 170 struct sshkey *pubkey = NULL; 171 int r, fd; 172 173 if (pubkeyp != NULL) 174 *pubkeyp = NULL; 175 176 if ((fd = open(filename, O_RDONLY)) == -1) 177 return SSH_ERR_SYSTEM_ERROR; 178 if ((r = sshbuf_load_fd(fd, &buffer)) != 0 || 179 (r = sshkey_parse_pubkey_from_private_fileblob_type(buffer, 180 KEY_UNSPEC, &pubkey)) != 0) 181 goto out; 182 if ((r = sshkey_set_filename(pubkey, filename)) != 0) 183 goto out; 184 /* success */ 185 if (pubkeyp != NULL) { 186 *pubkeyp = pubkey; 187 pubkey = NULL; 188 } 189 r = 0; 190 out: 191 close(fd); 192 sshbuf_free(buffer); 193 sshkey_free(pubkey); 194 return r; 195 } 196 197 static int 198 sshkey_try_load_public(struct sshkey **kp, const char *filename, 199 char **commentp) 200 { 201 FILE *f; 202 char *line = NULL, *cp; 203 size_t linesize = 0; 204 int r; 205 struct sshkey *k = NULL; 206 207 if (kp == NULL) 208 return SSH_ERR_INVALID_ARGUMENT; 209 *kp = NULL; 210 if (commentp != NULL) 211 *commentp = NULL; 212 if ((f = fopen(filename, "r")) == NULL) 213 return SSH_ERR_SYSTEM_ERROR; 214 if ((k = sshkey_new(KEY_UNSPEC)) == NULL) { 215 fclose(f); 216 return SSH_ERR_ALLOC_FAIL; 217 } 218 while (getline(&line, &linesize, f) != -1) { 219 cp = line; 220 switch (*cp) { 221 case '#': 222 case '\n': 223 case '\0': 224 continue; 225 } 226 /* Abort loading if this looks like a private key */ 227 if (strncmp(cp, "-----BEGIN", 10) == 0 || 228 strcmp(cp, "SSH PRIVATE KEY FILE") == 0) 229 break; 230 /* Skip leading whitespace. */ 231 for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) 232 ; 233 if (*cp) { 234 if ((r = sshkey_read(k, &cp)) == 0) { 235 cp[strcspn(cp, "\r\n")] = '\0'; 236 if (commentp) { 237 *commentp = strdup(*cp ? 238 cp : filename); 239 if (*commentp == NULL) 240 r = SSH_ERR_ALLOC_FAIL; 241 } 242 /* success */ 243 *kp = k; 244 free(line); 245 fclose(f); 246 return r; 247 } 248 } 249 } 250 free(k); 251 free(line); 252 fclose(f); 253 return SSH_ERR_INVALID_FORMAT; 254 } 255 256 /* load public key from any pubkey file */ 257 int 258 sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) 259 { 260 char *pubfile = NULL; 261 int r, oerrno; 262 263 if (keyp != NULL) 264 *keyp = NULL; 265 if (commentp != NULL) 266 *commentp = NULL; 267 268 if ((r = sshkey_try_load_public(keyp, filename, commentp)) == 0) 269 goto out; 270 271 /* try .pub suffix */ 272 if (asprintf(&pubfile, "%s.pub", filename) == -1) 273 return SSH_ERR_ALLOC_FAIL; 274 if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0) 275 goto out; 276 277 /* finally, try to extract public key from private key file */ 278 if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0) 279 goto out; 280 281 /* Pretend we couldn't find the key */ 282 r = SSH_ERR_SYSTEM_ERROR; 283 errno = ENOENT; 284 285 out: 286 oerrno = errno; 287 free(pubfile); 288 errno = oerrno; 289 return r; 290 } 291 292 /* Load the certificate associated with the named private key */ 293 int 294 sshkey_load_cert(const char *filename, struct sshkey **keyp) 295 { 296 struct sshkey *pub = NULL; 297 char *file = NULL; 298 int r = SSH_ERR_INTERNAL_ERROR; 299 300 if (keyp != NULL) 301 *keyp = NULL; 302 303 if (asprintf(&file, "%s-cert.pub", filename) == -1) 304 return SSH_ERR_ALLOC_FAIL; 305 306 r = sshkey_try_load_public(keyp, file, NULL); 307 free(file); 308 sshkey_free(pub); 309 return r; 310 } 311 312 /* Load private key and certificate */ 313 int 314 sshkey_load_private_cert(int type, const char *filename, const char *passphrase, 315 struct sshkey **keyp) 316 { 317 struct sshkey *key = NULL, *cert = NULL; 318 int r; 319 320 if (keyp != NULL) 321 *keyp = NULL; 322 323 switch (type) { 324 #ifdef WITH_OPENSSL 325 case KEY_RSA: 326 case KEY_DSA: 327 case KEY_ECDSA: 328 #endif /* WITH_OPENSSL */ 329 case KEY_ED25519: 330 case KEY_XMSS: 331 case KEY_UNSPEC: 332 break; 333 default: 334 return SSH_ERR_KEY_TYPE_UNKNOWN; 335 } 336 337 if ((r = sshkey_load_private_type(type, filename, 338 passphrase, &key, NULL)) != 0 || 339 (r = sshkey_load_cert(filename, &cert)) != 0) 340 goto out; 341 342 /* Make sure the private key matches the certificate */ 343 if (sshkey_equal_public(key, cert) == 0) { 344 r = SSH_ERR_KEY_CERT_MISMATCH; 345 goto out; 346 } 347 348 if ((r = sshkey_to_certified(key)) != 0 || 349 (r = sshkey_cert_copy(cert, key)) != 0) 350 goto out; 351 r = 0; 352 if (keyp != NULL) { 353 *keyp = key; 354 key = NULL; 355 } 356 out: 357 sshkey_free(key); 358 sshkey_free(cert); 359 return r; 360 } 361 362 /* 363 * Returns success if the specified "key" is listed in the file "filename", 364 * SSH_ERR_KEY_NOT_FOUND: if the key is not listed or another error. 365 * If "strict_type" is set then the key type must match exactly, 366 * otherwise a comparison that ignores certificate data is performed. 367 * If "check_ca" is set and "key" is a certificate, then its CA key is 368 * also checked and sshkey_in_file() will return success if either is found. 369 */ 370 int 371 sshkey_in_file(struct sshkey *key, const char *filename, int strict_type, 372 int check_ca) 373 { 374 FILE *f; 375 char *line = NULL, *cp; 376 size_t linesize = 0; 377 int r = 0; 378 struct sshkey *pub = NULL; 379 380 int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) = 381 strict_type ? sshkey_equal : sshkey_equal_public; 382 383 if ((f = fopen(filename, "r")) == NULL) 384 return SSH_ERR_SYSTEM_ERROR; 385 386 while (getline(&line, &linesize, f) != -1) { 387 sshkey_free(pub); 388 pub = NULL; 389 cp = line; 390 391 /* Skip leading whitespace. */ 392 for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) 393 ; 394 395 /* Skip comments and empty lines */ 396 switch (*cp) { 397 case '#': 398 case '\n': 399 case '\0': 400 continue; 401 } 402 403 if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { 404 r = SSH_ERR_ALLOC_FAIL; 405 goto out; 406 } 407 switch (r = sshkey_read(pub, &cp)) { 408 case 0: 409 break; 410 case SSH_ERR_KEY_LENGTH: 411 continue; 412 default: 413 goto out; 414 } 415 if (sshkey_compare(key, pub) || 416 (check_ca && sshkey_is_cert(key) && 417 sshkey_compare(key->cert->signature_key, pub))) { 418 r = 0; 419 goto out; 420 } 421 } 422 r = SSH_ERR_KEY_NOT_FOUND; 423 out: 424 free(line); 425 sshkey_free(pub); 426 fclose(f); 427 return r; 428 } 429 430 /* 431 * Checks whether the specified key is revoked, returning 0 if not, 432 * SSH_ERR_KEY_REVOKED if it is or another error code if something 433 * unexpected happened. 434 * This will check both the key and, if it is a certificate, its CA key too. 435 * "revoked_keys_file" may be a KRL or a one-per-line list of public keys. 436 */ 437 int 438 sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file) 439 { 440 int r; 441 442 r = ssh_krl_file_contains_key(revoked_keys_file, key); 443 /* If this was not a KRL to begin with then continue below */ 444 if (r != SSH_ERR_KRL_BAD_MAGIC) 445 return r; 446 447 /* 448 * If the file is not a KRL or we can't handle KRLs then attempt to 449 * parse the file as a flat list of keys. 450 */ 451 switch ((r = sshkey_in_file(key, revoked_keys_file, 0, 1))) { 452 case 0: 453 /* Key found => revoked */ 454 return SSH_ERR_KEY_REVOKED; 455 case SSH_ERR_KEY_NOT_FOUND: 456 /* Key not found => not revoked */ 457 return 0; 458 default: 459 /* Some other error occurred */ 460 return r; 461 } 462 } 463 464 /* 465 * Advanced *cpp past the end of key options, defined as the first unquoted 466 * whitespace character. Returns 0 on success or -1 on failure (e.g. 467 * unterminated quotes). 468 */ 469 int 470 sshkey_advance_past_options(char **cpp) 471 { 472 char *cp = *cpp; 473 int quoted = 0; 474 475 for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { 476 if (*cp == '\\' && cp[1] == '"') 477 cp++; /* Skip both */ 478 else if (*cp == '"') 479 quoted = !quoted; 480 } 481 *cpp = cp; 482 /* return failure for unterminated quotes */ 483 return (*cp == '\0' && quoted) ? -1 : 0; 484 } 485 486 /* Save a public key */ 487 int 488 sshkey_save_public(const struct sshkey *key, const char *path, 489 const char *comment) 490 { 491 int fd, oerrno; 492 FILE *f = NULL; 493 int r = SSH_ERR_INTERNAL_ERROR; 494 495 if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) 496 return SSH_ERR_SYSTEM_ERROR; 497 if ((f = fdopen(fd, "w")) == NULL) { 498 r = SSH_ERR_SYSTEM_ERROR; 499 close(fd); 500 goto fail; 501 } 502 if ((r = sshkey_write(key, f)) != 0) 503 goto fail; 504 fprintf(f, " %s\n", comment); 505 if (ferror(f)) { 506 r = SSH_ERR_SYSTEM_ERROR; 507 goto fail; 508 } 509 if (fclose(f) != 0) { 510 r = SSH_ERR_SYSTEM_ERROR; 511 f = NULL; 512 fail: 513 if (f != NULL) { 514 oerrno = errno; 515 fclose(f); 516 errno = oerrno; 517 } 518 return r; 519 } 520 return 0; 521 } 522