1 /* $OpenBSD: authfile.c,v 1.145 2024/09/22 12:56:21 jsg Exp $ */
2 /*
3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26
27 #include <sys/types.h>
28 #include <sys/stat.h>
29 #include <sys/uio.h>
30
31 #include <errno.h>
32 #include <fcntl.h>
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <unistd.h>
37 #include <limits.h>
38
39 #include "cipher.h"
40 #include "ssh.h"
41 #include "log.h"
42 #include "authfile.h"
43 #include "misc.h"
44 #include "atomicio.h"
45 #include "sshkey.h"
46 #include "sshbuf.h"
47 #include "ssherr.h"
48 #include "krl.h"
49
50 /* Save a key blob to a file */
51 static int
sshkey_save_private_blob(struct sshbuf * keybuf,const char * filename)52 sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename)
53 {
54 int r;
55 mode_t omask;
56
57 omask = umask(077);
58 r = sshbuf_write_file(filename, keybuf);
59 umask(omask);
60 return r;
61 }
62
63 int
sshkey_save_private(struct sshkey * key,const char * filename,const char * passphrase,const char * comment,int format,const char * openssh_format_cipher,int openssh_format_rounds)64 sshkey_save_private(struct sshkey *key, const char *filename,
65 const char *passphrase, const char *comment,
66 int format, const char *openssh_format_cipher, int openssh_format_rounds)
67 {
68 struct sshbuf *keyblob = NULL;
69 int r;
70
71 if ((keyblob = sshbuf_new()) == NULL)
72 return SSH_ERR_ALLOC_FAIL;
73 if ((r = sshkey_private_to_fileblob(key, keyblob, passphrase, comment,
74 format, openssh_format_cipher, openssh_format_rounds)) != 0)
75 goto out;
76 if ((r = sshkey_save_private_blob(keyblob, filename)) != 0)
77 goto out;
78 r = 0;
79 out:
80 sshbuf_free(keyblob);
81 return r;
82 }
83
84 /* XXX remove error() calls from here? */
85 int
sshkey_perm_ok(int fd,const char * filename)86 sshkey_perm_ok(int fd, const char *filename)
87 {
88 struct stat st;
89
90 if (fstat(fd, &st) == -1)
91 return SSH_ERR_SYSTEM_ERROR;
92 /*
93 * if a key owned by the user is accessed, then we check the
94 * permissions of the file. if the key owned by a different user,
95 * then we don't care.
96 */
97 if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) {
98 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
99 error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @");
100 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
101 error("Permissions 0%3.3o for '%s' are too open.",
102 (u_int)st.st_mode & 0777, filename);
103 error("It is required that your private key files are NOT accessible by others.");
104 error("This private key will be ignored.");
105 return SSH_ERR_KEY_BAD_PERMISSIONS;
106 }
107 return 0;
108 }
109
110 int
sshkey_load_private_type(int type,const char * filename,const char * passphrase,struct sshkey ** keyp,char ** commentp)111 sshkey_load_private_type(int type, const char *filename, const char *passphrase,
112 struct sshkey **keyp, char **commentp)
113 {
114 int fd, r;
115
116 if (keyp != NULL)
117 *keyp = NULL;
118 if (commentp != NULL)
119 *commentp = NULL;
120
121 if ((fd = open(filename, O_RDONLY)) == -1)
122 return SSH_ERR_SYSTEM_ERROR;
123
124 r = sshkey_perm_ok(fd, filename);
125 if (r != 0)
126 goto out;
127
128 r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp);
129 if (r == 0 && keyp && *keyp)
130 r = sshkey_set_filename(*keyp, filename);
131 out:
132 close(fd);
133 return r;
134 }
135
136 int
sshkey_load_private(const char * filename,const char * passphrase,struct sshkey ** keyp,char ** commentp)137 sshkey_load_private(const char *filename, const char *passphrase,
138 struct sshkey **keyp, char **commentp)
139 {
140 return sshkey_load_private_type(KEY_UNSPEC, filename, passphrase,
141 keyp, commentp);
142 }
143
144 int
sshkey_load_private_type_fd(int fd,int type,const char * passphrase,struct sshkey ** keyp,char ** commentp)145 sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
146 struct sshkey **keyp, char **commentp)
147 {
148 struct sshbuf *buffer = NULL;
149 int r;
150
151 if (keyp != NULL)
152 *keyp = NULL;
153 if ((r = sshbuf_load_fd(fd, &buffer)) != 0 ||
154 (r = sshkey_parse_private_fileblob_type(buffer, type,
155 passphrase, keyp, commentp)) != 0)
156 goto out;
157
158 /* success */
159 r = 0;
160 out:
161 sshbuf_free(buffer);
162 return r;
163 }
164
165 /* Load a pubkey from the unencrypted envelope of a new-format private key */
166 static int
sshkey_load_pubkey_from_private(const char * filename,struct sshkey ** pubkeyp)167 sshkey_load_pubkey_from_private(const char *filename, struct sshkey **pubkeyp)
168 {
169 struct sshbuf *buffer = NULL;
170 struct sshkey *pubkey = NULL;
171 int r, fd;
172
173 if (pubkeyp != NULL)
174 *pubkeyp = NULL;
175
176 if ((fd = open(filename, O_RDONLY)) == -1)
177 return SSH_ERR_SYSTEM_ERROR;
178 if ((r = sshbuf_load_fd(fd, &buffer)) != 0 ||
179 (r = sshkey_parse_pubkey_from_private_fileblob_type(buffer,
180 KEY_UNSPEC, &pubkey)) != 0)
181 goto out;
182 if ((r = sshkey_set_filename(pubkey, filename)) != 0)
183 goto out;
184 /* success */
185 if (pubkeyp != NULL) {
186 *pubkeyp = pubkey;
187 pubkey = NULL;
188 }
189 r = 0;
190 out:
191 close(fd);
192 sshbuf_free(buffer);
193 sshkey_free(pubkey);
194 return r;
195 }
196
197 static int
sshkey_try_load_public(struct sshkey ** kp,const char * filename,char ** commentp)198 sshkey_try_load_public(struct sshkey **kp, const char *filename,
199 char **commentp)
200 {
201 FILE *f;
202 char *line = NULL, *cp;
203 size_t linesize = 0;
204 int r;
205 struct sshkey *k = NULL;
206
207 if (kp == NULL)
208 return SSH_ERR_INVALID_ARGUMENT;
209 *kp = NULL;
210 if (commentp != NULL)
211 *commentp = NULL;
212 if ((f = fopen(filename, "r")) == NULL)
213 return SSH_ERR_SYSTEM_ERROR;
214 if ((k = sshkey_new(KEY_UNSPEC)) == NULL) {
215 fclose(f);
216 return SSH_ERR_ALLOC_FAIL;
217 }
218 while (getline(&line, &linesize, f) != -1) {
219 cp = line;
220 switch (*cp) {
221 case '#':
222 case '\n':
223 case '\0':
224 continue;
225 }
226 /* Abort loading if this looks like a private key */
227 if (strncmp(cp, "-----BEGIN", 10) == 0 ||
228 strcmp(cp, "SSH PRIVATE KEY FILE") == 0)
229 break;
230 /* Skip leading whitespace. */
231 for (; *cp && (*cp == ' ' || *cp == '\t'); cp++)
232 ;
233 if (*cp) {
234 if ((r = sshkey_read(k, &cp)) == 0) {
235 cp[strcspn(cp, "\r\n")] = '\0';
236 if (commentp) {
237 *commentp = strdup(*cp ?
238 cp : filename);
239 if (*commentp == NULL)
240 r = SSH_ERR_ALLOC_FAIL;
241 }
242 /* success */
243 *kp = k;
244 free(line);
245 fclose(f);
246 return r;
247 }
248 }
249 }
250 free(k);
251 free(line);
252 fclose(f);
253 return SSH_ERR_INVALID_FORMAT;
254 }
255
256 /* load public key from any pubkey file */
257 int
sshkey_load_public(const char * filename,struct sshkey ** keyp,char ** commentp)258 sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
259 {
260 char *pubfile = NULL;
261 int r, oerrno;
262
263 if (keyp != NULL)
264 *keyp = NULL;
265 if (commentp != NULL)
266 *commentp = NULL;
267
268 if ((r = sshkey_try_load_public(keyp, filename, commentp)) == 0)
269 goto out;
270
271 /* try .pub suffix */
272 if (asprintf(&pubfile, "%s.pub", filename) == -1)
273 return SSH_ERR_ALLOC_FAIL;
274 if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0)
275 goto out;
276
277 /* finally, try to extract public key from private key file */
278 if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0)
279 goto out;
280
281 /* Pretend we couldn't find the key */
282 r = SSH_ERR_SYSTEM_ERROR;
283 errno = ENOENT;
284
285 out:
286 oerrno = errno;
287 free(pubfile);
288 errno = oerrno;
289 return r;
290 }
291
292 /* Load the certificate associated with the named private key */
293 int
sshkey_load_cert(const char * filename,struct sshkey ** keyp)294 sshkey_load_cert(const char *filename, struct sshkey **keyp)
295 {
296 struct sshkey *pub = NULL;
297 char *file = NULL;
298 int r = SSH_ERR_INTERNAL_ERROR;
299
300 if (keyp != NULL)
301 *keyp = NULL;
302
303 if (asprintf(&file, "%s-cert.pub", filename) == -1)
304 return SSH_ERR_ALLOC_FAIL;
305
306 r = sshkey_try_load_public(keyp, file, NULL);
307 free(file);
308 sshkey_free(pub);
309 return r;
310 }
311
312 /* Load private key and certificate */
313 int
sshkey_load_private_cert(int type,const char * filename,const char * passphrase,struct sshkey ** keyp)314 sshkey_load_private_cert(int type, const char *filename, const char *passphrase,
315 struct sshkey **keyp)
316 {
317 struct sshkey *key = NULL, *cert = NULL;
318 int r;
319
320 if (keyp != NULL)
321 *keyp = NULL;
322
323 switch (type) {
324 #ifdef WITH_OPENSSL
325 case KEY_RSA:
326 case KEY_DSA:
327 case KEY_ECDSA:
328 #endif /* WITH_OPENSSL */
329 case KEY_ED25519:
330 case KEY_XMSS:
331 case KEY_UNSPEC:
332 break;
333 default:
334 return SSH_ERR_KEY_TYPE_UNKNOWN;
335 }
336
337 if ((r = sshkey_load_private_type(type, filename,
338 passphrase, &key, NULL)) != 0 ||
339 (r = sshkey_load_cert(filename, &cert)) != 0)
340 goto out;
341
342 /* Make sure the private key matches the certificate */
343 if (sshkey_equal_public(key, cert) == 0) {
344 r = SSH_ERR_KEY_CERT_MISMATCH;
345 goto out;
346 }
347
348 if ((r = sshkey_to_certified(key)) != 0 ||
349 (r = sshkey_cert_copy(cert, key)) != 0)
350 goto out;
351 r = 0;
352 if (keyp != NULL) {
353 *keyp = key;
354 key = NULL;
355 }
356 out:
357 sshkey_free(key);
358 sshkey_free(cert);
359 return r;
360 }
361
362 /*
363 * Returns success if the specified "key" is listed in the file "filename",
364 * SSH_ERR_KEY_NOT_FOUND: if the key is not listed or another error.
365 * If "strict_type" is set then the key type must match exactly,
366 * otherwise a comparison that ignores certificate data is performed.
367 * If "check_ca" is set and "key" is a certificate, then its CA key is
368 * also checked and sshkey_in_file() will return success if either is found.
369 */
370 int
sshkey_in_file(struct sshkey * key,const char * filename,int strict_type,int check_ca)371 sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
372 int check_ca)
373 {
374 FILE *f;
375 char *line = NULL, *cp;
376 size_t linesize = 0;
377 int r = 0;
378 struct sshkey *pub = NULL;
379
380 int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) =
381 strict_type ? sshkey_equal : sshkey_equal_public;
382
383 if ((f = fopen(filename, "r")) == NULL)
384 return SSH_ERR_SYSTEM_ERROR;
385
386 while (getline(&line, &linesize, f) != -1) {
387 sshkey_free(pub);
388 pub = NULL;
389 cp = line;
390
391 /* Skip leading whitespace. */
392 for (; *cp && (*cp == ' ' || *cp == '\t'); cp++)
393 ;
394
395 /* Skip comments and empty lines */
396 switch (*cp) {
397 case '#':
398 case '\n':
399 case '\0':
400 continue;
401 }
402
403 if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) {
404 r = SSH_ERR_ALLOC_FAIL;
405 goto out;
406 }
407 switch (r = sshkey_read(pub, &cp)) {
408 case 0:
409 break;
410 case SSH_ERR_KEY_LENGTH:
411 continue;
412 default:
413 goto out;
414 }
415 if (sshkey_compare(key, pub) ||
416 (check_ca && sshkey_is_cert(key) &&
417 sshkey_compare(key->cert->signature_key, pub))) {
418 r = 0;
419 goto out;
420 }
421 }
422 r = SSH_ERR_KEY_NOT_FOUND;
423 out:
424 free(line);
425 sshkey_free(pub);
426 fclose(f);
427 return r;
428 }
429
430 /*
431 * Checks whether the specified key is revoked, returning 0 if not,
432 * SSH_ERR_KEY_REVOKED if it is or another error code if something
433 * unexpected happened.
434 * This will check both the key and, if it is a certificate, its CA key too.
435 * "revoked_keys_file" may be a KRL or a one-per-line list of public keys.
436 */
437 int
sshkey_check_revoked(struct sshkey * key,const char * revoked_keys_file)438 sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file)
439 {
440 int r;
441
442 r = ssh_krl_file_contains_key(revoked_keys_file, key);
443 /* If this was not a KRL to begin with then continue below */
444 if (r != SSH_ERR_KRL_BAD_MAGIC)
445 return r;
446
447 /*
448 * If the file is not a KRL or we can't handle KRLs then attempt to
449 * parse the file as a flat list of keys.
450 */
451 switch ((r = sshkey_in_file(key, revoked_keys_file, 0, 1))) {
452 case 0:
453 /* Key found => revoked */
454 return SSH_ERR_KEY_REVOKED;
455 case SSH_ERR_KEY_NOT_FOUND:
456 /* Key not found => not revoked */
457 return 0;
458 default:
459 /* Some other error occurred */
460 return r;
461 }
462 }
463
464 /*
465 * Advanced *cpp past the end of key options, defined as the first unquoted
466 * whitespace character. Returns 0 on success or -1 on failure (e.g.
467 * unterminated quotes).
468 */
469 int
sshkey_advance_past_options(char ** cpp)470 sshkey_advance_past_options(char **cpp)
471 {
472 char *cp = *cpp;
473 int quoted = 0;
474
475 for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
476 if (*cp == '\\' && cp[1] == '"')
477 cp++; /* Skip both */
478 else if (*cp == '"')
479 quoted = !quoted;
480 }
481 *cpp = cp;
482 /* return failure for unterminated quotes */
483 return (*cp == '\0' && quoted) ? -1 : 0;
484 }
485
486 /* Save a public key */
487 int
sshkey_save_public(const struct sshkey * key,const char * path,const char * comment)488 sshkey_save_public(const struct sshkey *key, const char *path,
489 const char *comment)
490 {
491 int fd, oerrno;
492 FILE *f = NULL;
493 int r = SSH_ERR_INTERNAL_ERROR;
494
495 if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1)
496 return SSH_ERR_SYSTEM_ERROR;
497 if ((f = fdopen(fd, "w")) == NULL) {
498 r = SSH_ERR_SYSTEM_ERROR;
499 close(fd);
500 goto fail;
501 }
502 if ((r = sshkey_write(key, f)) != 0)
503 goto fail;
504 fprintf(f, " %s\n", comment);
505 if (ferror(f)) {
506 r = SSH_ERR_SYSTEM_ERROR;
507 goto fail;
508 }
509 if (fclose(f) != 0) {
510 r = SSH_ERR_SYSTEM_ERROR;
511 f = NULL;
512 fail:
513 if (f != NULL) {
514 oerrno = errno;
515 fclose(f);
516 errno = oerrno;
517 }
518 return r;
519 }
520 return 0;
521 }
522