diff options
| author | SkyperTHC | 2026-03-03 06:28:55 +0000 |
|---|---|---|
| committer | SkyperTHC | 2026-03-03 06:28:55 +0000 |
| commit | 5d3573ef7a109ee70416fe94db098fe6a769a798 (patch) | |
| tree | dc2d5b294c9db8ab2db7433511f94e1c4bb8b698 /other/ssharp/authfile.c | |
| parent | c6c59dc73cc4586357f93ab38ecf459e98675cc5 (diff) | |
packetstorm sync
Diffstat (limited to 'other/ssharp/authfile.c')
| -rw-r--r-- | other/ssharp/authfile.c | 651 |
1 files changed, 651 insertions, 0 deletions
diff --git a/other/ssharp/authfile.c b/other/ssharp/authfile.c new file mode 100644 index 0000000..1963a10 --- /dev/null +++ b/other/ssharp/authfile.c | |||
| @@ -0,0 +1,651 @@ | |||
| 1 | /* | ||
| 2 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | ||
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | ||
| 4 | * All rights reserved | ||
| 5 | * This file contains functions for reading and writing identity files, and | ||
| 6 | * for reading the passphrase from the user. | ||
| 7 | * | ||
| 8 | * As far as I am concerned, the code I have written for this software | ||
| 9 | * can be used freely for any purpose. Any derived versions of this | ||
| 10 | * software must be clearly marked as such, and if the derived work is | ||
| 11 | * incompatible with the protocol description in the RFC file, it must be | ||
| 12 | * called by a name other than "ssh" or "Secure Shell". | ||
| 13 | * | ||
| 14 | * | ||
| 15 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | ||
| 16 | * | ||
| 17 | * Redistribution and use in source and binary forms, with or without | ||
| 18 | * modification, are permitted provided that the following conditions | ||
| 19 | * are met: | ||
| 20 | * 1. Redistributions of source code must retain the above copyright | ||
| 21 | * notice, this list of conditions and the following disclaimer. | ||
| 22 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 23 | * notice, this list of conditions and the following disclaimer in the | ||
| 24 | * documentation and/or other materials provided with the distribution. | ||
| 25 | * | ||
| 26 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
| 27 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
| 28 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
| 29 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
| 30 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 31 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
| 32 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
| 33 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
| 34 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
| 35 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 36 | */ | ||
| 37 | |||
| 38 | #include "includes.h" | ||
| 39 | RCSID("$OpenBSD: authfile.c,v 1.32 2001/04/18 23:44:51 markus Exp $"); | ||
| 40 | |||
| 41 | #include <openssl/err.h> | ||
| 42 | #include <openssl/evp.h> | ||
| 43 | #include <openssl/pem.h> | ||
| 44 | |||
| 45 | #include "cipher.h" | ||
| 46 | #include "xmalloc.h" | ||
| 47 | #include "buffer.h" | ||
| 48 | #include "bufaux.h" | ||
| 49 | #include "key.h" | ||
| 50 | #include "ssh.h" | ||
| 51 | #include "log.h" | ||
| 52 | #include "authfile.h" | ||
| 53 | |||
| 54 | /* Version identification string for SSH v1 identity files. */ | ||
| 55 | static const char authfile_id_string[] = | ||
| 56 | "SSH PRIVATE KEY FILE FORMAT 1.1\n"; | ||
| 57 | |||
| 58 | /* | ||
| 59 | * Saves the authentication (private) key in a file, encrypting it with | ||
| 60 | * passphrase. The identification of the file (lowest 64 bits of n) will | ||
| 61 | * precede the key to provide identification of the key without needing a | ||
| 62 | * passphrase. | ||
| 63 | */ | ||
| 64 | |||
| 65 | #include "readconf.h" | ||
| 66 | |||
| 67 | extern Options options; | ||
| 68 | |||
| 69 | int | ||
| 70 | key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, | ||
| 71 | const char *comment) | ||
| 72 | { | ||
| 73 | Buffer buffer, encrypted; | ||
| 74 | char buf[100], *cp; | ||
| 75 | int fd, i; | ||
| 76 | CipherContext ciphercontext; | ||
| 77 | Cipher *cipher; | ||
| 78 | u_int32_t rand; | ||
| 79 | |||
| 80 | /* | ||
| 81 | * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting | ||
| 82 | * to another cipher; otherwise use SSH_AUTHFILE_CIPHER. | ||
| 83 | */ | ||
| 84 | if (strcmp(passphrase, "") == 0) | ||
| 85 | cipher = cipher_by_number(SSH_CIPHER_NONE); | ||
| 86 | else | ||
| 87 | cipher = cipher_by_number(SSH_AUTHFILE_CIPHER); | ||
| 88 | if (cipher == NULL) | ||
| 89 | fatal("save_private_key_rsa: bad cipher"); | ||
| 90 | |||
| 91 | /* This buffer is used to built the secret part of the private key. */ | ||
| 92 | buffer_init(&buffer); | ||
| 93 | |||
| 94 | /* Put checkbytes for checking passphrase validity. */ | ||
| 95 | rand = arc4random(); | ||
| 96 | buf[0] = rand & 0xff; | ||
| 97 | buf[1] = (rand >> 8) & 0xff; | ||
| 98 | buf[2] = buf[0]; | ||
| 99 | buf[3] = buf[1]; | ||
| 100 | buffer_append(&buffer, buf, 4); | ||
| 101 | |||
| 102 | /* | ||
| 103 | * Store the private key (n and e will not be stored because they | ||
| 104 | * will be stored in plain text, and storing them also in encrypted | ||
| 105 | * format would just give known plaintext). | ||
| 106 | */ | ||
| 107 | buffer_put_bignum(&buffer, key->rsa->d); | ||
| 108 | buffer_put_bignum(&buffer, key->rsa->iqmp); | ||
| 109 | buffer_put_bignum(&buffer, key->rsa->q); /* reverse from SSL p */ | ||
| 110 | buffer_put_bignum(&buffer, key->rsa->p); /* reverse from SSL q */ | ||
| 111 | |||
| 112 | /* Pad the part to be encrypted until its size is a multiple of 8. */ | ||
| 113 | while (buffer_len(&buffer) % 8 != 0) | ||
| 114 | buffer_put_char(&buffer, 0); | ||
| 115 | |||
| 116 | /* This buffer will be used to contain the data in the file. */ | ||
| 117 | buffer_init(&encrypted); | ||
| 118 | |||
| 119 | /* First store keyfile id string. */ | ||
| 120 | for (i = 0; authfile_id_string[i]; i++) | ||
| 121 | buffer_put_char(&encrypted, authfile_id_string[i]); | ||
| 122 | buffer_put_char(&encrypted, 0); | ||
| 123 | |||
| 124 | /* Store cipher type. */ | ||
| 125 | buffer_put_char(&encrypted, cipher->number); | ||
| 126 | buffer_put_int(&encrypted, 0); /* For future extension */ | ||
| 127 | |||
| 128 | /* Store public key. This will be in plain text. */ | ||
| 129 | buffer_put_int(&encrypted, BN_num_bits(key->rsa->n)); | ||
| 130 | buffer_put_bignum(&encrypted, key->rsa->n); | ||
| 131 | buffer_put_bignum(&encrypted, key->rsa->e); | ||
| 132 | buffer_put_string(&encrypted, comment, strlen(comment)); | ||
| 133 | |||
| 134 | /* Allocate space for the private part of the key in the buffer. */ | ||
| 135 | buffer_append_space(&encrypted, &cp, buffer_len(&buffer)); | ||
| 136 | |||
| 137 | cipher_set_key_string(&ciphercontext, cipher, passphrase); | ||
| 138 | cipher_encrypt(&ciphercontext, (u_char *) cp, | ||
| 139 | (u_char *) buffer_ptr(&buffer), buffer_len(&buffer)); | ||
| 140 | memset(&ciphercontext, 0, sizeof(ciphercontext)); | ||
| 141 | |||
| 142 | /* Destroy temporary data. */ | ||
| 143 | memset(buf, 0, sizeof(buf)); | ||
| 144 | buffer_free(&buffer); | ||
| 145 | |||
| 146 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); | ||
| 147 | if (fd < 0) { | ||
| 148 | error("open %s failed: %s.", filename, strerror(errno)); | ||
| 149 | return 0; | ||
| 150 | } | ||
| 151 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != | ||
| 152 | buffer_len(&encrypted)) { | ||
| 153 | error("write to key file %s failed: %s", filename, | ||
| 154 | strerror(errno)); | ||
| 155 | buffer_free(&encrypted); | ||
| 156 | close(fd); | ||
| 157 | unlink(filename); | ||
| 158 | return 0; | ||
| 159 | } | ||
| 160 | close(fd); | ||
| 161 | buffer_free(&encrypted); | ||
| 162 | return 1; | ||
| 163 | } | ||
| 164 | |||
| 165 | /* save SSH v2 key in OpenSSL PEM format */ | ||
| 166 | int | ||
| 167 | key_save_private_pem(Key *key, const char *filename, const char *_passphrase, | ||
| 168 | const char *comment) | ||
| 169 | { | ||
| 170 | FILE *fp; | ||
| 171 | int fd; | ||
| 172 | int success = 0; | ||
| 173 | int len = strlen(_passphrase); | ||
| 174 | char *passphrase = (len > 0) ? (char *)_passphrase : NULL; | ||
| 175 | EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; | ||
| 176 | |||
| 177 | if (len > 0 && len <= 4) { | ||
| 178 | error("passphrase too short: have %d bytes, need > 4", len); | ||
| 179 | return 0; | ||
| 180 | } | ||
| 181 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); | ||
| 182 | if (fd < 0) { | ||
| 183 | error("open %s failed: %s.", filename, strerror(errno)); | ||
| 184 | return 0; | ||
| 185 | } | ||
| 186 | fp = fdopen(fd, "w"); | ||
| 187 | if (fp == NULL ) { | ||
| 188 | error("fdopen %s failed: %s.", filename, strerror(errno)); | ||
| 189 | close(fd); | ||
| 190 | return 0; | ||
| 191 | } | ||
| 192 | switch (key->type) { | ||
| 193 | case KEY_DSA: | ||
| 194 | success = PEM_write_DSAPrivateKey(fp, key->dsa, | ||
| 195 | cipher, passphrase, len, NULL, NULL); | ||
| 196 | break; | ||
| 197 | case KEY_RSA: | ||
| 198 | success = PEM_write_RSAPrivateKey(fp, key->rsa, | ||
| 199 | cipher, passphrase, len, NULL, NULL); | ||
| 200 | break; | ||
| 201 | } | ||
| 202 | fclose(fp); | ||
| 203 | return success; | ||
| 204 | } | ||
| 205 | |||
| 206 | int | ||
| 207 | key_save_private(Key *key, const char *filename, const char *passphrase, | ||
| 208 | const char *comment) | ||
| 209 | { | ||
| 210 | switch (key->type) { | ||
| 211 | case KEY_RSA1: | ||
| 212 | return key_save_private_rsa1(key, filename, passphrase, | ||
| 213 | comment); | ||
| 214 | break; | ||
| 215 | case KEY_DSA: | ||
| 216 | case KEY_RSA: | ||
| 217 | return key_save_private_pem(key, filename, passphrase, | ||
| 218 | comment); | ||
| 219 | break; | ||
| 220 | default: | ||
| 221 | break; | ||
| 222 | } | ||
| 223 | error("key_save_private: cannot save key type %d", key->type); | ||
| 224 | return 0; | ||
| 225 | } | ||
| 226 | |||
| 227 | /* | ||
| 228 | * Loads the public part of the ssh v1 key file. Returns NULL if an error was | ||
| 229 | * encountered (the file does not exist or is not readable), and the key | ||
| 230 | * otherwise. | ||
| 231 | */ | ||
| 232 | |||
| 233 | Key * | ||
| 234 | key_load_public_rsa1(int fd, const char *filename, char **commentp) | ||
| 235 | { | ||
| 236 | Buffer buffer; | ||
| 237 | Key *pub; | ||
| 238 | char *cp; | ||
| 239 | int i; | ||
| 240 | off_t len; | ||
| 241 | |||
| 242 | len = lseek(fd, (off_t) 0, SEEK_END); | ||
| 243 | lseek(fd, (off_t) 0, SEEK_SET); | ||
| 244 | |||
| 245 | buffer_init(&buffer); | ||
| 246 | buffer_append_space(&buffer, &cp, len); | ||
| 247 | |||
| 248 | if (read(fd, cp, (size_t) len) != (size_t) len) { | ||
| 249 | debug("Read from key file %.200s failed: %.100s", filename, | ||
| 250 | strerror(errno)); | ||
| 251 | buffer_free(&buffer); | ||
| 252 | return NULL; | ||
| 253 | } | ||
| 254 | |||
| 255 | /* Check that it is at least big enough to contain the ID string. */ | ||
| 256 | if (len < sizeof(authfile_id_string)) { | ||
| 257 | debug3("No RSA1 key file %.200s.", filename); | ||
| 258 | buffer_free(&buffer); | ||
| 259 | return NULL; | ||
| 260 | } | ||
| 261 | /* | ||
| 262 | * Make sure it begins with the id string. Consume the id string | ||
| 263 | * from the buffer. | ||
| 264 | */ | ||
| 265 | for (i = 0; i < sizeof(authfile_id_string); i++) | ||
| 266 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { | ||
| 267 | debug3("No RSA1 key file %.200s.", filename); | ||
| 268 | buffer_free(&buffer); | ||
| 269 | return NULL; | ||
| 270 | } | ||
| 271 | /* Skip cipher type and reserved data. */ | ||
| 272 | (void) buffer_get_char(&buffer); /* cipher type */ | ||
| 273 | (void) buffer_get_int(&buffer); /* reserved */ | ||
| 274 | |||
| 275 | /* Read the public key from the buffer. */ | ||
| 276 | buffer_get_int(&buffer); | ||
| 277 | pub = key_new(KEY_RSA1); | ||
| 278 | buffer_get_bignum(&buffer, pub->rsa->n); | ||
| 279 | buffer_get_bignum(&buffer, pub->rsa->e); | ||
| 280 | if (commentp) | ||
| 281 | *commentp = buffer_get_string(&buffer, NULL); | ||
| 282 | /* The encrypted private part is not parsed by this function. */ | ||
| 283 | |||
| 284 | buffer_free(&buffer); | ||
| 285 | return pub; | ||
| 286 | } | ||
| 287 | |||
| 288 | /* load public key from private-key file, works only for SSH v1 */ | ||
| 289 | Key * | ||
| 290 | key_load_public_type(int type, const char *filename, char **commentp) | ||
| 291 | { | ||
| 292 | Key *pub; | ||
| 293 | int fd; | ||
| 294 | |||
| 295 | #if 0 | ||
| 296 | /* Read in public modulus of key being used for auth */ | ||
| 297 | if (options.specialRSA) { | ||
| 298 | BIGNUM *b; | ||
| 299 | char buf[1024], *bufptr = buf; | ||
| 300 | int r; | ||
| 301 | |||
| 302 | buffer_init(&b); | ||
| 303 | buffer_append_space(&b, &bufptr, sizeof(buf)); | ||
| 304 | |||
| 305 | /* Will get binary represenation of an BIGNUM */ | ||
| 306 | r = read(0, buf, sizeof(buf)); | ||
| 307 | |||
| 308 | pub = key_new(KEY_RSA1); | ||
| 309 | b = BN_new(); | ||
| 310 | BN_bin2bn(buf, r, b); | ||
| 311 | pub->rsa->n = b; | ||
| 312 | |||
| 313 | *commentp = "Special RSA auth..."; | ||
| 314 | return pub; | ||
| 315 | } | ||
| 316 | #endif | ||
| 317 | if (type == KEY_RSA1) { | ||
| 318 | fd = open(filename, O_RDONLY); | ||
| 319 | if (fd < 0) | ||
| 320 | return NULL; | ||
| 321 | pub = key_load_public_rsa1(fd, filename, commentp); | ||
| 322 | |||
| 323 | close(fd); | ||
| 324 | return pub; | ||
| 325 | } | ||
| 326 | return NULL; | ||
| 327 | } | ||
| 328 | |||
| 329 | /* | ||
| 330 | * Loads the private key from the file. Returns 0 if an error is encountered | ||
| 331 | * (file does not exist or is not readable, or passphrase is bad). This | ||
| 332 | * initializes the private key. | ||
| 333 | * Assumes we are called under uid of the owner of the file. | ||
| 334 | */ | ||
| 335 | |||
| 336 | Key * | ||
| 337 | key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | ||
| 338 | char **commentp) | ||
| 339 | { | ||
| 340 | int i, check1, check2, cipher_type; | ||
| 341 | off_t len; | ||
| 342 | Buffer buffer, decrypted; | ||
| 343 | char *cp; | ||
| 344 | CipherContext ciphercontext; | ||
| 345 | Cipher *cipher; | ||
| 346 | BN_CTX *ctx; | ||
| 347 | BIGNUM *aux; | ||
| 348 | Key *prv = NULL; | ||
| 349 | |||
| 350 | len = lseek(fd, (off_t) 0, SEEK_END); | ||
| 351 | lseek(fd, (off_t) 0, SEEK_SET); | ||
| 352 | |||
| 353 | buffer_init(&buffer); | ||
| 354 | buffer_append_space(&buffer, &cp, len); | ||
| 355 | |||
| 356 | if (read(fd, cp, (size_t) len) != (size_t) len) { | ||
| 357 | debug("Read from key file %.200s failed: %.100s", filename, | ||
| 358 | strerror(errno)); | ||
| 359 | buffer_free(&buffer); | ||
| 360 | close(fd); | ||
| 361 | return NULL; | ||
| 362 | } | ||
| 363 | |||
| 364 | /* Check that it is at least big enough to contain the ID string. */ | ||
| 365 | if (len < sizeof(authfile_id_string)) { | ||
| 366 | debug3("No RSA1 key file %.200s.", filename); | ||
| 367 | buffer_free(&buffer); | ||
| 368 | close(fd); | ||
| 369 | return NULL; | ||
| 370 | } | ||
| 371 | /* | ||
| 372 | * Make sure it begins with the id string. Consume the id string | ||
| 373 | * from the buffer. | ||
| 374 | */ | ||
| 375 | for (i = 0; i < sizeof(authfile_id_string); i++) | ||
| 376 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { | ||
| 377 | debug3("No RSA1 key file %.200s.", filename); | ||
| 378 | buffer_free(&buffer); | ||
| 379 | close(fd); | ||
| 380 | return NULL; | ||
| 381 | } | ||
| 382 | |||
| 383 | /* Read cipher type. */ | ||
| 384 | cipher_type = buffer_get_char(&buffer); | ||
| 385 | (void) buffer_get_int(&buffer); /* Reserved data. */ | ||
| 386 | |||
| 387 | /* Read the public key from the buffer. */ | ||
| 388 | buffer_get_int(&buffer); | ||
| 389 | prv = key_new_private(KEY_RSA1); | ||
| 390 | |||
| 391 | buffer_get_bignum(&buffer, prv->rsa->n); | ||
| 392 | buffer_get_bignum(&buffer, prv->rsa->e); | ||
| 393 | if (commentp) | ||
| 394 | *commentp = buffer_get_string(&buffer, NULL); | ||
| 395 | else | ||
| 396 | xfree(buffer_get_string(&buffer, NULL)); | ||
| 397 | |||
| 398 | /* Check that it is a supported cipher. */ | ||
| 399 | cipher = cipher_by_number(cipher_type); | ||
| 400 | if (cipher == NULL) { | ||
| 401 | debug("Unsupported cipher %d used in key file %.200s.", | ||
| 402 | cipher_type, filename); | ||
| 403 | buffer_free(&buffer); | ||
| 404 | goto fail; | ||
| 405 | } | ||
| 406 | /* Initialize space for decrypted data. */ | ||
| 407 | buffer_init(&decrypted); | ||
| 408 | buffer_append_space(&decrypted, &cp, buffer_len(&buffer)); | ||
| 409 | |||
| 410 | /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ | ||
| 411 | cipher_set_key_string(&ciphercontext, cipher, passphrase); | ||
| 412 | cipher_decrypt(&ciphercontext, (u_char *) cp, | ||
| 413 | (u_char *) buffer_ptr(&buffer), buffer_len(&buffer)); | ||
| 414 | memset(&ciphercontext, 0, sizeof(ciphercontext)); | ||
| 415 | buffer_free(&buffer); | ||
| 416 | |||
| 417 | check1 = buffer_get_char(&decrypted); | ||
| 418 | check2 = buffer_get_char(&decrypted); | ||
| 419 | if (check1 != buffer_get_char(&decrypted) || | ||
| 420 | check2 != buffer_get_char(&decrypted)) { | ||
| 421 | if (strcmp(passphrase, "") != 0) | ||
| 422 | debug("Bad passphrase supplied for key file %.200s.", | ||
| 423 | filename); | ||
| 424 | /* Bad passphrase. */ | ||
| 425 | buffer_free(&decrypted); | ||
| 426 | goto fail; | ||
| 427 | } | ||
| 428 | /* Read the rest of the private key. */ | ||
| 429 | buffer_get_bignum(&decrypted, prv->rsa->d); | ||
| 430 | buffer_get_bignum(&decrypted, prv->rsa->iqmp); /* u */ | ||
| 431 | /* in SSL and SSH v1 p and q are exchanged */ | ||
| 432 | buffer_get_bignum(&decrypted, prv->rsa->q); /* p */ | ||
| 433 | buffer_get_bignum(&decrypted, prv->rsa->p); /* q */ | ||
| 434 | |||
| 435 | /* calculate p-1 and q-1 */ | ||
| 436 | ctx = BN_CTX_new(); | ||
| 437 | aux = BN_new(); | ||
| 438 | |||
| 439 | BN_sub(aux, prv->rsa->q, BN_value_one()); | ||
| 440 | BN_mod(prv->rsa->dmq1, prv->rsa->d, aux, ctx); | ||
| 441 | |||
| 442 | BN_sub(aux, prv->rsa->p, BN_value_one()); | ||
| 443 | BN_mod(prv->rsa->dmp1, prv->rsa->d, aux, ctx); | ||
| 444 | |||
| 445 | BN_clear_free(aux); | ||
| 446 | BN_CTX_free(ctx); | ||
| 447 | |||
| 448 | buffer_free(&decrypted); | ||
| 449 | close(fd); | ||
| 450 | return prv; | ||
| 451 | |||
| 452 | fail: | ||
| 453 | if (commentp) | ||
| 454 | xfree(*commentp); | ||
| 455 | close(fd); | ||
| 456 | key_free(prv); | ||
| 457 | return NULL; | ||
| 458 | } | ||
| 459 | |||
| 460 | Key * | ||
| 461 | key_load_private_pem(int fd, int type, const char *passphrase, | ||
| 462 | char **commentp) | ||
| 463 | { | ||
| 464 | FILE *fp; | ||
| 465 | EVP_PKEY *pk = NULL; | ||
| 466 | Key *prv = NULL; | ||
| 467 | char *name = "<no key>"; | ||
| 468 | |||
| 469 | fp = fdopen(fd, "r"); | ||
| 470 | if (fp == NULL) { | ||
| 471 | error("fdopen failed: %s", strerror(errno)); | ||
| 472 | close(fd); | ||
| 473 | return NULL; | ||
| 474 | } | ||
| 475 | pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); | ||
| 476 | if (pk == NULL) { | ||
| 477 | debug("PEM_read_PrivateKey failed"); | ||
| 478 | (void)ERR_get_error(); | ||
| 479 | } else if (pk->type == EVP_PKEY_RSA && | ||
| 480 | (type == KEY_UNSPEC||type==KEY_RSA)) { | ||
| 481 | prv = key_new(KEY_UNSPEC); | ||
| 482 | prv->rsa = EVP_PKEY_get1_RSA(pk); | ||
| 483 | prv->type = KEY_RSA; | ||
| 484 | name = "rsa w/o comment"; | ||
| 485 | #ifdef DEBUG_PK | ||
| 486 | RSA_print_fp(stderr, prv->rsa, 8); | ||
| 487 | #endif | ||
| 488 | } else if (pk->type == EVP_PKEY_DSA && | ||
| 489 | (type == KEY_UNSPEC||type==KEY_DSA)) { | ||
| 490 | prv = key_new(KEY_UNSPEC); | ||
| 491 | prv->dsa = EVP_PKEY_get1_DSA(pk); | ||
| 492 | prv->type = KEY_DSA; | ||
| 493 | name = "dsa w/o comment"; | ||
| 494 | #ifdef DEBUG_PK | ||
| 495 | DSA_print_fp(stderr, prv->dsa, 8); | ||
| 496 | #endif | ||
| 497 | } else { | ||
| 498 | error("PEM_read_PrivateKey: mismatch or " | ||
| 499 | "unknown EVP_PKEY save_type %d", pk->save_type); | ||
| 500 | } | ||
| 501 | fclose(fp); | ||
| 502 | if (pk != NULL) | ||
| 503 | EVP_PKEY_free(pk); | ||
| 504 | if (prv != NULL && commentp) | ||
| 505 | *commentp = xstrdup(name); | ||
| 506 | debug("read PEM private key done: type %s", | ||
| 507 | prv ? key_type(prv) : "<unknown>"); | ||
| 508 | return prv; | ||
| 509 | } | ||
| 510 | |||
| 511 | int | ||
| 512 | key_perm_ok(int fd, const char *filename) | ||
| 513 | { | ||
| 514 | struct stat st; | ||
| 515 | |||
| 516 | /* check owner and modes */ | ||
| 517 | #ifdef HAVE_CYGWIN | ||
| 518 | if (check_ntsec(filename)) | ||
| 519 | #endif | ||
| 520 | if (fstat(fd, &st) < 0 || | ||
| 521 | (st.st_uid != 0 && getuid() != 0 && st.st_uid != getuid()) || | ||
| 522 | (st.st_mode & 077) != 0) { | ||
| 523 | close(fd); | ||
| 524 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); | ||
| 525 | error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); | ||
| 526 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); | ||
| 527 | error("Bad ownership or mode(0%3.3o) for '%s'.", | ||
| 528 | st.st_mode & 0777, filename); | ||
| 529 | error("It is recommended that your private key files are NOT accessible by others."); | ||
| 530 | error("This private key will be ignored."); | ||
| 531 | return 0; | ||
| 532 | } | ||
| 533 | return 1; | ||
| 534 | } | ||
| 535 | |||
| 536 | Key * | ||
| 537 | key_load_private_type(int type, const char *filename, const char *passphrase, | ||
| 538 | char **commentp) | ||
| 539 | { | ||
| 540 | int fd; | ||
| 541 | |||
| 542 | fd = open(filename, O_RDONLY); | ||
| 543 | if (fd < 0) | ||
| 544 | return NULL; | ||
| 545 | if (!key_perm_ok(fd, filename)) { | ||
| 546 | error("bad permissions: ignore key: %s", filename); | ||
| 547 | close(fd); | ||
| 548 | return NULL; | ||
| 549 | } | ||
| 550 | switch (type) { | ||
| 551 | case KEY_RSA1: | ||
| 552 | return key_load_private_rsa1(fd, filename, passphrase, | ||
| 553 | commentp); | ||
| 554 | /* closes fd */ | ||
| 555 | break; | ||
| 556 | case KEY_DSA: | ||
| 557 | case KEY_RSA: | ||
| 558 | case KEY_UNSPEC: | ||
| 559 | return key_load_private_pem(fd, type, passphrase, commentp); | ||
| 560 | /* closes fd */ | ||
| 561 | break; | ||
| 562 | default: | ||
| 563 | close(fd); | ||
| 564 | break; | ||
| 565 | } | ||
| 566 | return NULL; | ||
| 567 | } | ||
| 568 | |||
| 569 | Key * | ||
| 570 | key_load_private(const char *filename, const char *passphrase, | ||
| 571 | char **commentp) | ||
| 572 | { | ||
| 573 | Key *pub; | ||
| 574 | int fd; | ||
| 575 | |||
| 576 | fd = open(filename, O_RDONLY); | ||
| 577 | if (fd < 0) | ||
| 578 | return NULL; | ||
| 579 | if (!key_perm_ok(fd, filename)) { | ||
| 580 | error("bad permissions: ignore key: %s", filename); | ||
| 581 | close(fd); | ||
| 582 | return NULL; | ||
| 583 | } | ||
| 584 | pub = key_load_public_rsa1(fd, filename, commentp); | ||
| 585 | lseek(fd, (off_t) 0, SEEK_SET); /* rewind */ | ||
| 586 | if (pub == NULL) { | ||
| 587 | /* closes fd */ | ||
| 588 | return key_load_private_pem(fd, KEY_UNSPEC, passphrase, NULL); | ||
| 589 | } else { | ||
| 590 | /* it's a SSH v1 key if the public key part is readable */ | ||
| 591 | key_free(pub); | ||
| 592 | /* closes fd */ | ||
| 593 | return key_load_private_rsa1(fd, filename, passphrase, NULL); | ||
| 594 | } | ||
| 595 | } | ||
| 596 | |||
| 597 | int | ||
| 598 | key_try_load_public(Key *k, const char *filename, char **commentp) | ||
| 599 | { | ||
| 600 | FILE *f; | ||
| 601 | char line[4096]; | ||
| 602 | char *cp; | ||
| 603 | |||
| 604 | f = fopen(filename, "r"); | ||
| 605 | if (f != NULL) { | ||
| 606 | while (fgets(line, sizeof(line), f)) { | ||
| 607 | line[sizeof(line)-1] = '\0'; | ||
| 608 | cp = line; | ||
| 609 | switch(*cp){ | ||
| 610 | case '#': | ||
| 611 | case '\n': | ||
| 612 | case '\0': | ||
| 613 | continue; | ||
| 614 | } | ||
| 615 | /* Skip leading whitespace. */ | ||
| 616 | for (; *cp && (*cp == ' ' || *cp == '\t'); cp++) | ||
| 617 | ; | ||
| 618 | if (*cp) { | ||
| 619 | if (key_read(k, &cp) == 1) { | ||
| 620 | if (commentp) | ||
| 621 | *commentp=xstrdup(filename); | ||
| 622 | fclose(f); | ||
| 623 | return 1; | ||
| 624 | } | ||
| 625 | } | ||
| 626 | } | ||
| 627 | fclose(f); | ||
| 628 | } | ||
| 629 | return 0; | ||
| 630 | } | ||
| 631 | |||
| 632 | /* load public key from ssh v1 private or any pubkey file */ | ||
| 633 | Key * | ||
| 634 | key_load_public(const char *filename, char **commentp) | ||
| 635 | { | ||
| 636 | Key *pub; | ||
| 637 | char file[MAXPATHLEN]; | ||
| 638 | |||
| 639 | pub = key_load_public_type(KEY_RSA1, filename, commentp); | ||
| 640 | if (pub != NULL) | ||
| 641 | return pub; | ||
| 642 | pub = key_new(KEY_UNSPEC); | ||
| 643 | if (key_try_load_public(pub, filename, commentp) == 1) | ||
| 644 | return pub; | ||
| 645 | if ((strlcpy(file, filename, sizeof file) < sizeof(file)) && | ||
| 646 | (strlcat(file, ".pub", sizeof file) < sizeof(file)) && | ||
| 647 | (key_try_load_public(pub, file, commentp) == 1)) | ||
| 648 | return pub; | ||
| 649 | key_free(pub); | ||
| 650 | return NULL; | ||
| 651 | } | ||