1 /* $OpenBSD: authfile.c,v 1.144 2023/03/14 07:26:25 dtucker Exp $ */ 2 /* 3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #include "includes.h" 27 28 #include <sys/types.h> 29 #include <sys/stat.h> 30 #include <sys/uio.h> 31 32 #include <errno.h> 33 #include <fcntl.h> 34 #include <stdio.h> 35 #include <stdarg.h> 36 #include <stdlib.h> 37 #include <string.h> 38 #include <unistd.h> 39 #include <limits.h> 40 41 #include "cipher.h" 42 #include "ssh.h" 43 #include "log.h" 44 #include "authfile.h" 45 #include "misc.h" 46 #include "atomicio.h" 47 #include "sshkey.h" 48 #include "sshbuf.h" 49 #include "ssherr.h" 50 #include "krl.h" 51 52 #define MAX_KEY_FILE_SIZE (1024 * 1024) 53 54 /* Save a key blob to a file */ 55 static int 56 sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename) 57 { 58 int r; 59 mode_t omask; 60 61 omask = umask(077); 62 r = sshbuf_write_file(filename, keybuf); 63 umask(omask); 64 return r; 65 } 66 67 int 68 sshkey_save_private(struct sshkey *key, const char *filename, 69 const char *passphrase, const char *comment, 70 int format, const char *openssh_format_cipher, int openssh_format_rounds) 71 { 72 struct sshbuf *keyblob = NULL; 73 int r; 74 75 if ((keyblob = sshbuf_new()) == NULL) 76 return SSH_ERR_ALLOC_FAIL; 77 if ((r = sshkey_private_to_fileblob(key, keyblob, passphrase, comment, 78 format, openssh_format_cipher, openssh_format_rounds)) != 0) 79 goto out; 80 if ((r = sshkey_save_private_blob(keyblob, filename)) != 0) 81 goto out; 82 r = 0; 83 out: 84 sshbuf_free(keyblob); 85 return r; 86 } 87 88 /* XXX remove error() calls from here? */ 89 int 90 sshkey_perm_ok(int fd, const char *filename) 91 { 92 struct stat st; 93 94 if (fstat(fd, &st) == -1) 95 return SSH_ERR_SYSTEM_ERROR; 96 /* 97 * if a key owned by the user is accessed, then we check the 98 * permissions of the file. if the key owned by a different user, 99 * then we don't care. 100 */ 101 #ifdef HAVE_CYGWIN 102 if (check_ntsec(filename)) 103 #endif 104 if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { 105 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); 106 error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); 107 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); 108 error("Permissions 0%3.3o for '%s' are too open.", 109 (u_int)st.st_mode & 0777, filename); 110 error("It is required that your private key files are NOT accessible by others."); 111 error("This private key will be ignored."); 112 return SSH_ERR_KEY_BAD_PERMISSIONS; 113 } 114 return 0; 115 } 116 117 int 118 sshkey_load_private_type(int type, const char *filename, const char *passphrase, 119 struct sshkey **keyp, char **commentp) 120 { 121 int fd, r; 122 123 if (keyp != NULL) 124 *keyp = NULL; 125 if (commentp != NULL) 126 *commentp = NULL; 127 128 if ((fd = open(filename, O_RDONLY)) == -1) 129 return SSH_ERR_SYSTEM_ERROR; 130 131 r = sshkey_perm_ok(fd, filename); 132 if (r != 0) 133 goto out; 134 135 r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); 136 if (r == 0 && keyp && *keyp) 137 r = sshkey_set_filename(*keyp, filename); 138 out: 139 close(fd); 140 return r; 141 } 142 143 int 144 sshkey_load_private(const char *filename, const char *passphrase, 145 struct sshkey **keyp, char **commentp) 146 { 147 return sshkey_load_private_type(KEY_UNSPEC, filename, passphrase, 148 keyp, commentp); 149 } 150 151 int 152 sshkey_load_private_type_fd(int fd, int type, const char *passphrase, 153 struct sshkey **keyp, char **commentp) 154 { 155 struct sshbuf *buffer = NULL; 156 int r; 157 158 if (keyp != NULL) 159 *keyp = NULL; 160 if ((r = sshbuf_load_fd(fd, &buffer)) != 0 || 161 (r = sshkey_parse_private_fileblob_type(buffer, type, 162 passphrase, keyp, commentp)) != 0) 163 goto out; 164 165 /* success */ 166 r = 0; 167 out: 168 sshbuf_free(buffer); 169 return r; 170 } 171 172 /* Load a pubkey from the unencrypted envelope of a new-format private key */ 173 static int 174 sshkey_load_pubkey_from_private(const char *filename, struct sshkey **pubkeyp) 175 { 176 struct sshbuf *buffer = NULL; 177 struct sshkey *pubkey = NULL; 178 int r, fd; 179 180 if (pubkeyp != NULL) 181 *pubkeyp = NULL; 182 183 if ((fd = open(filename, O_RDONLY)) == -1) 184 return SSH_ERR_SYSTEM_ERROR; 185 if ((r = sshbuf_load_fd(fd, &buffer)) != 0 || 186 (r = sshkey_parse_pubkey_from_private_fileblob_type(buffer, 187 KEY_UNSPEC, &pubkey)) != 0) 188 goto out; 189 if ((r = sshkey_set_filename(pubkey, filename)) != 0) 190 goto out; 191 /* success */ 192 if (pubkeyp != NULL) { 193 *pubkeyp = pubkey; 194 pubkey = NULL; 195 } 196 r = 0; 197 out: 198 close(fd); 199 sshbuf_free(buffer); 200 sshkey_free(pubkey); 201 return r; 202 } 203 204 static int 205 sshkey_try_load_public(struct sshkey **kp, const char *filename, 206 char **commentp) 207 { 208 FILE *f; 209 char *line = NULL, *cp; 210 size_t linesize = 0; 211 int r; 212 struct sshkey *k = NULL; 213 214 if (kp == NULL) 215 return SSH_ERR_INVALID_ARGUMENT; 216 *kp = NULL; 217 if (commentp != NULL) 218 *commentp = NULL; 219 if ((f = fopen(filename, "r")) == NULL) 220 return SSH_ERR_SYSTEM_ERROR; 221 if ((k = sshkey_new(KEY_UNSPEC)) == NULL) { 222 fclose(f); 223 return SSH_ERR_ALLOC_FAIL; 224 } 225 while (getline(&line, &linesize, f) != -1) { 226 cp = line; 227 switch (*cp) { 228 case '#': 229 case '\n': 230 case '\0': 231 continue; 232 } 233 /* Abort loading if this looks like a private key */ 234 if (strncmp(cp, "-----BEGIN", 10) == 0 || 235 strcmp(cp, "SSH PRIVATE KEY FILE") == 0) 236 break; 237 /* Skip leading whitespace. */ 238 for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) 239 ; 240 if (*cp) { 241 if ((r = sshkey_read(k, &cp)) == 0) { 242 cp[strcspn(cp, "\r\n")] = '\0'; 243 if (commentp) { 244 *commentp = strdup(*cp ? 245 cp : filename); 246 if (*commentp == NULL) 247 r = SSH_ERR_ALLOC_FAIL; 248 } 249 /* success */ 250 *kp = k; 251 free(line); 252 fclose(f); 253 return r; 254 } 255 } 256 } 257 free(k); 258 free(line); 259 fclose(f); 260 return SSH_ERR_INVALID_FORMAT; 261 } 262 263 /* load public key from any pubkey file */ 264 int 265 sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) 266 { 267 char *pubfile = NULL; 268 int r, oerrno; 269 270 if (keyp != NULL) 271 *keyp = NULL; 272 if (commentp != NULL) 273 *commentp = NULL; 274 275 if ((r = sshkey_try_load_public(keyp, filename, commentp)) == 0) 276 goto out; 277 278 /* try .pub suffix */ 279 if (asprintf(&pubfile, "%s.pub", filename) == -1) 280 return SSH_ERR_ALLOC_FAIL; 281 if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0) 282 goto out; 283 284 /* finally, try to extract public key from private key file */ 285 if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0) 286 goto out; 287 288 /* Pretend we couldn't find the key */ 289 r = SSH_ERR_SYSTEM_ERROR; 290 errno = ENOENT; 291 292 out: 293 oerrno = errno; 294 free(pubfile); 295 errno = oerrno; 296 return r; 297 } 298 299 /* Load the certificate associated with the named private key */ 300 int 301 sshkey_load_cert(const char *filename, struct sshkey **keyp) 302 { 303 struct sshkey *pub = NULL; 304 char *file = NULL; 305 int r = SSH_ERR_INTERNAL_ERROR; 306 307 if (keyp != NULL) 308 *keyp = NULL; 309 310 if (asprintf(&file, "%s-cert.pub", filename) == -1) 311 return SSH_ERR_ALLOC_FAIL; 312 313 r = sshkey_try_load_public(keyp, file, NULL); 314 free(file); 315 sshkey_free(pub); 316 return r; 317 } 318 319 /* Load private key and certificate */ 320 int 321 sshkey_load_private_cert(int type, const char *filename, const char *passphrase, 322 struct sshkey **keyp) 323 { 324 struct sshkey *key = NULL, *cert = NULL; 325 int r; 326 327 if (keyp != NULL) 328 *keyp = NULL; 329 330 switch (type) { 331 #ifdef WITH_OPENSSL 332 case KEY_RSA: 333 case KEY_DSA: 334 case KEY_ECDSA: 335 #endif /* WITH_OPENSSL */ 336 case KEY_ED25519: 337 case KEY_XMSS: 338 case KEY_UNSPEC: 339 break; 340 default: 341 return SSH_ERR_KEY_TYPE_UNKNOWN; 342 } 343 344 if ((r = sshkey_load_private_type(type, filename, 345 passphrase, &key, NULL)) != 0 || 346 (r = sshkey_load_cert(filename, &cert)) != 0) 347 goto out; 348 349 /* Make sure the private key matches the certificate */ 350 if (sshkey_equal_public(key, cert) == 0) { 351 r = SSH_ERR_KEY_CERT_MISMATCH; 352 goto out; 353 } 354 355 if ((r = sshkey_to_certified(key)) != 0 || 356 (r = sshkey_cert_copy(cert, key)) != 0) 357 goto out; 358 r = 0; 359 if (keyp != NULL) { 360 *keyp = key; 361 key = NULL; 362 } 363 out: 364 sshkey_free(key); 365 sshkey_free(cert); 366 return r; 367 } 368 369 /* 370 * Returns success if the specified "key" is listed in the file "filename", 371 * SSH_ERR_KEY_NOT_FOUND: if the key is not listed or another error. 372 * If "strict_type" is set then the key type must match exactly, 373 * otherwise a comparison that ignores certificate data is performed. 374 * If "check_ca" is set and "key" is a certificate, then its CA key is 375 * also checked and sshkey_in_file() will return success if either is found. 376 */ 377 int 378 sshkey_in_file(struct sshkey *key, const char *filename, int strict_type, 379 int check_ca) 380 { 381 FILE *f; 382 char *line = NULL, *cp; 383 size_t linesize = 0; 384 int r = 0; 385 struct sshkey *pub = NULL; 386 387 int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) = 388 strict_type ? sshkey_equal : sshkey_equal_public; 389 390 if ((f = fopen(filename, "r")) == NULL) 391 return SSH_ERR_SYSTEM_ERROR; 392 393 while (getline(&line, &linesize, f) != -1) { 394 sshkey_free(pub); 395 pub = NULL; 396 cp = line; 397 398 /* Skip leading whitespace. */ 399 for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) 400 ; 401 402 /* Skip comments and empty lines */ 403 switch (*cp) { 404 case '#': 405 case '\n': 406 case '\0': 407 continue; 408 } 409 410 if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { 411 r = SSH_ERR_ALLOC_FAIL; 412 goto out; 413 } 414 switch (r = sshkey_read(pub, &cp)) { 415 case 0: 416 break; 417 case SSH_ERR_KEY_LENGTH: 418 continue; 419 default: 420 goto out; 421 } 422 if (sshkey_compare(key, pub) || 423 (check_ca && sshkey_is_cert(key) && 424 sshkey_compare(key->cert->signature_key, pub))) { 425 r = 0; 426 goto out; 427 } 428 } 429 r = SSH_ERR_KEY_NOT_FOUND; 430 out: 431 free(line); 432 sshkey_free(pub); 433 fclose(f); 434 return r; 435 } 436 437 /* 438 * Checks whether the specified key is revoked, returning 0 if not, 439 * SSH_ERR_KEY_REVOKED if it is or another error code if something 440 * unexpected happened. 441 * This will check both the key and, if it is a certificate, its CA key too. 442 * "revoked_keys_file" may be a KRL or a one-per-line list of public keys. 443 */ 444 int 445 sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file) 446 { 447 int r; 448 449 r = ssh_krl_file_contains_key(revoked_keys_file, key); 450 /* If this was not a KRL to begin with then continue below */ 451 if (r != SSH_ERR_KRL_BAD_MAGIC) 452 return r; 453 454 /* 455 * If the file is not a KRL or we can't handle KRLs then attempt to 456 * parse the file as a flat list of keys. 457 */ 458 switch ((r = sshkey_in_file(key, revoked_keys_file, 0, 1))) { 459 case 0: 460 /* Key found => revoked */ 461 return SSH_ERR_KEY_REVOKED; 462 case SSH_ERR_KEY_NOT_FOUND: 463 /* Key not found => not revoked */ 464 return 0; 465 default: 466 /* Some other error occurred */ 467 return r; 468 } 469 } 470 471 /* 472 * Advanced *cpp past the end of key options, defined as the first unquoted 473 * whitespace character. Returns 0 on success or -1 on failure (e.g. 474 * unterminated quotes). 475 */ 476 int 477 sshkey_advance_past_options(char **cpp) 478 { 479 char *cp = *cpp; 480 int quoted = 0; 481 482 for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { 483 if (*cp == '\\' && cp[1] == '"') 484 cp++; /* Skip both */ 485 else if (*cp == '"') 486 quoted = !quoted; 487 } 488 *cpp = cp; 489 /* return failure for unterminated quotes */ 490 return (*cp == '\0' && quoted) ? -1 : 0; 491 } 492 493 /* Save a public key */ 494 int 495 sshkey_save_public(const struct sshkey *key, const char *path, 496 const char *comment) 497 { 498 int fd, oerrno; 499 FILE *f = NULL; 500 int r = SSH_ERR_INTERNAL_ERROR; 501 502 if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) 503 return SSH_ERR_SYSTEM_ERROR; 504 if ((f = fdopen(fd, "w")) == NULL) { 505 r = SSH_ERR_SYSTEM_ERROR; 506 close(fd); 507 goto fail; 508 } 509 if ((r = sshkey_write(key, f)) != 0) 510 goto fail; 511 fprintf(f, " %s\n", comment); 512 if (ferror(f)) { 513 r = SSH_ERR_SYSTEM_ERROR; 514 goto fail; 515 } 516 if (fclose(f) != 0) { 517 r = SSH_ERR_SYSTEM_ERROR; 518 f = NULL; 519 fail: 520 if (f != NULL) { 521 oerrno = errno; 522 fclose(f); 523 errno = oerrno; 524 } 525 return r; 526 } 527 return 0; 528 } 529