]> andersk Git - openssh.git/blame - authfile.c
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- djm@cvs.openbsd.org 2010/01/30 02:54:53
[openssh.git] / authfile.c
CommitLineData
17c7855a 1/* $OpenBSD: authfile.c,v 1.79 2010/01/12 00:16:47 dtucker Exp $ */
8efc0c15 2/*
5260325f 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
5260325f 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved
5260325f 6 * This file contains functions for reading and writing identity files, and
7 * for reading the passphrase from the user.
6ae2364d 8 *
bcbf86ec 9 * As far as I am concerned, the code I have written for this software
10 * can be used freely for any purpose. Any derived versions of this
11 * software must be clearly marked as such, and if the derived work is
12 * incompatible with the protocol description in the RFC file, it must be
13 * called by a name other than "ssh" or "Secure Shell".
14 *
15 *
16 * Copyright (c) 2000 Markus Friedl. All rights reserved.
17 *
18 * Redistribution and use in source and binary forms, with or without
19 * modification, are permitted provided that the following conditions
20 * are met:
21 * 1. Redistributions of source code must retain the above copyright
22 * notice, this list of conditions and the following disclaimer.
23 * 2. Redistributions in binary form must reproduce the above copyright
24 * notice, this list of conditions and the following disclaimer in the
25 * documentation and/or other materials provided with the distribution.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
28 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
29 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
30 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
31 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
32 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
33 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
34 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
35 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
5260325f 37 */
8efc0c15 38
39#include "includes.h"
4095f623 40
41#include <sys/types.h>
42#include <sys/stat.h>
536c14e8 43#include <sys/param.h>
31652869 44#include <sys/uio.h>
8efc0c15 45
fa08c86b 46#include <openssl/err.h>
a306f2dd 47#include <openssl/evp.h>
42f11eb2 48#include <openssl/pem.h>
a306f2dd 49
090c27c5 50/* compatibility with old or broken OpenSSL versions */
51#include "openbsd-compat/openssl-compat.h"
52
dd984467 53#include <errno.h>
d3221cca 54#include <fcntl.h>
24436b92 55#include <stdarg.h>
cf851879 56#include <stdio.h>
ffa517a8 57#include <stdlib.h>
00146caa 58#include <string.h>
5188ba17 59#include <unistd.h>
d3221cca 60
8efc0c15 61#include "xmalloc.h"
31652869 62#include "cipher.h"
8efc0c15 63#include "buffer.h"
a306f2dd 64#include "key.h"
42f11eb2 65#include "ssh.h"
66#include "log.h"
5ca51e19 67#include "authfile.h"
cf184a44 68#include "rsa.h"
41feb690 69#include "misc.h"
2ceb8101 70#include "atomicio.h"
8efc0c15 71
aeaa3d9e 72/* Version identification string for SSH v1 identity files. */
7e2183c0 73static const char authfile_id_string[] =
74 "SSH PRIVATE KEY FILE FORMAT 1.1\n";
8efc0c15 75
aa3378df 76/*
77 * Saves the authentication (private) key in a file, encrypting it with
78 * passphrase. The identification of the file (lowest 64 bits of n) will
79 * precede the key to provide identification of the key without needing a
80 * passphrase.
81 */
8efc0c15 82
396c147e 83static int
aeaa3d9e 84key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
85 const char *comment)
8efc0c15 86{
5260325f 87 Buffer buffer, encrypted;
20905a8e 88 u_char buf[100], *cp;
3ee832e5 89 int fd, i, cipher_num;
94ec8c6b 90 CipherContext ciphercontext;
91 Cipher *cipher;
ca75d7de 92 u_int32_t rnd;
5260325f 93
aa3378df 94 /*
95 * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting
96 * to another cipher; otherwise use SSH_AUTHFILE_CIPHER.
97 */
3ee832e5 98 cipher_num = (strcmp(passphrase, "") == 0) ?
99 SSH_CIPHER_NONE : SSH_AUTHFILE_CIPHER;
100 if ((cipher = cipher_by_number(cipher_num)) == NULL)
94ec8c6b 101 fatal("save_private_key_rsa: bad cipher");
5260325f 102
103 /* This buffer is used to built the secret part of the private key. */
104 buffer_init(&buffer);
105
106 /* Put checkbytes for checking passphrase validity. */
ca75d7de 107 rnd = arc4random();
108 buf[0] = rnd & 0xff;
109 buf[1] = (rnd >> 8) & 0xff;
5260325f 110 buf[2] = buf[0];
111 buf[3] = buf[1];
112 buffer_append(&buffer, buf, 4);
113
aa3378df 114 /*
115 * Store the private key (n and e will not be stored because they
116 * will be stored in plain text, and storing them also in encrypted
117 * format would just give known plaintext).
118 */
aeaa3d9e 119 buffer_put_bignum(&buffer, key->rsa->d);
120 buffer_put_bignum(&buffer, key->rsa->iqmp);
121 buffer_put_bignum(&buffer, key->rsa->q); /* reverse from SSL p */
122 buffer_put_bignum(&buffer, key->rsa->p); /* reverse from SSL q */
5260325f 123
124 /* Pad the part to be encrypted until its size is a multiple of 8. */
125 while (buffer_len(&buffer) % 8 != 0)
126 buffer_put_char(&buffer, 0);
127
128 /* This buffer will be used to contain the data in the file. */
129 buffer_init(&encrypted);
130
131 /* First store keyfile id string. */
7e2183c0 132 for (i = 0; authfile_id_string[i]; i++)
133 buffer_put_char(&encrypted, authfile_id_string[i]);
5260325f 134 buffer_put_char(&encrypted, 0);
135
136 /* Store cipher type. */
3ee832e5 137 buffer_put_char(&encrypted, cipher_num);
5260325f 138 buffer_put_int(&encrypted, 0); /* For future extension */
139
140 /* Store public key. This will be in plain text. */
aeaa3d9e 141 buffer_put_int(&encrypted, BN_num_bits(key->rsa->n));
142 buffer_put_bignum(&encrypted, key->rsa->n);
143 buffer_put_bignum(&encrypted, key->rsa->e);
449c5ba5 144 buffer_put_cstring(&encrypted, comment);
5260325f 145
146 /* Allocate space for the private part of the key in the buffer. */
6c0fa2b1 147 cp = buffer_append_space(&encrypted, buffer_len(&buffer));
5260325f 148
3ee832e5 149 cipher_set_key_string(&ciphercontext, cipher, passphrase,
150 CIPHER_ENCRYPT);
151 cipher_crypt(&ciphercontext, cp,
20905a8e 152 buffer_ptr(&buffer), buffer_len(&buffer));
3ee832e5 153 cipher_cleanup(&ciphercontext);
94ec8c6b 154 memset(&ciphercontext, 0, sizeof(ciphercontext));
5260325f 155
156 /* Destroy temporary data. */
157 memset(buf, 0, sizeof(buf));
158 buffer_free(&buffer);
159
a408af76 160 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
58cfa257 161 if (fd < 0) {
162 error("open %s failed: %s.", filename, strerror(errno));
1bd71826 163 buffer_free(&encrypted);
5260325f 164 return 0;
58cfa257 165 }
2ceb8101 166 if (atomicio(vwrite, fd, buffer_ptr(&encrypted),
167 buffer_len(&encrypted)) != buffer_len(&encrypted)) {
58cfa257 168 error("write to key file %s failed: %s", filename,
184eed6a 169 strerror(errno));
5260325f 170 buffer_free(&encrypted);
a408af76 171 close(fd);
77bb0bca 172 unlink(filename);
5260325f 173 return 0;
174 }
a408af76 175 close(fd);
5260325f 176 buffer_free(&encrypted);
177 return 1;
8efc0c15 178}
179
aeaa3d9e 180/* save SSH v2 key in OpenSSL PEM format */
396c147e 181static int
aeaa3d9e 182key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
183 const char *comment)
a306f2dd 184{
185 FILE *fp;
186 int fd;
fa08c86b 187 int success = 0;
188 int len = strlen(_passphrase);
c66f9d0e 189 u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL;
cd82326a 190#if (OPENSSL_VERSION_NUMBER < 0x00907000L)
191 const EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL;
192#else
4c9466ae 193 const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL;
cd82326a 194#endif
a306f2dd 195
196 if (len > 0 && len <= 4) {
58cfa257 197 error("passphrase too short: have %d bytes, need > 4", len);
a306f2dd 198 return 0;
199 }
200 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
201 if (fd < 0) {
58cfa257 202 error("open %s failed: %s.", filename, strerror(errno));
a306f2dd 203 return 0;
204 }
205 fp = fdopen(fd, "w");
d4f40d92 206 if (fp == NULL) {
58cfa257 207 error("fdopen %s failed: %s.", filename, strerror(errno));
a306f2dd 208 close(fd);
209 return 0;
210 }
fa08c86b 211 switch (key->type) {
569807fb 212 case KEY_DSA:
213 success = PEM_write_DSAPrivateKey(fp, key->dsa,
214 cipher, passphrase, len, NULL, NULL);
215 break;
216 case KEY_RSA:
217 success = PEM_write_RSAPrivateKey(fp, key->rsa,
218 cipher, passphrase, len, NULL, NULL);
219 break;
a306f2dd 220 }
221 fclose(fp);
222 return success;
223}
224
225int
aeaa3d9e 226key_save_private(Key *key, const char *filename, const char *passphrase,
a306f2dd 227 const char *comment)
228{
229 switch (key->type) {
fa08c86b 230 case KEY_RSA1:
aeaa3d9e 231 return key_save_private_rsa1(key, filename, passphrase,
232 comment);
a306f2dd 233 case KEY_DSA:
fa08c86b 234 case KEY_RSA:
aeaa3d9e 235 return key_save_private_pem(key, filename, passphrase,
236 comment);
a306f2dd 237 default:
238 break;
239 }
58cfa257 240 error("key_save_private: cannot save key type %d", key->type);
a306f2dd 241 return 0;
242}
243
aa3378df 244/*
aeaa3d9e 245 * Loads the public part of the ssh v1 key file. Returns NULL if an error was
246 * encountered (the file does not exist or is not readable), and the key
aa3378df 247 * otherwise.
248 */
8efc0c15 249
396c147e 250static Key *
aeaa3d9e 251key_load_public_rsa1(int fd, const char *filename, char **commentp)
8efc0c15 252{
5260325f 253 Buffer buffer;
aeaa3d9e 254 Key *pub;
378d9956 255 struct stat st;
5260325f 256 char *cp;
2ceb8101 257 u_int i;
f6be21a0 258 size_t len;
5260325f 259
378d9956 260 if (fstat(fd, &st) < 0) {
261 error("fstat for key file %.200s failed: %.100s",
262 filename, strerror(errno));
263 return NULL;
264 }
528afafa 265 if (st.st_size > 1*1024*1024) {
266 error("key file %.200s too large", filename);
267 return NULL;
268 }
f6be21a0 269 len = (size_t)st.st_size; /* truncated */
5260325f 270
271 buffer_init(&buffer);
6c0fa2b1 272 cp = buffer_append_space(&buffer, len);
5260325f 273
2ceb8101 274 if (atomicio(read, fd, cp, len) != len) {
5260325f 275 debug("Read from key file %.200s failed: %.100s", filename,
a306f2dd 276 strerror(errno));
5260325f 277 buffer_free(&buffer);
aeaa3d9e 278 return NULL;
5260325f 279 }
5260325f 280
7e2183c0 281 /* Check that it is at least big enough to contain the ID string. */
282 if (len < sizeof(authfile_id_string)) {
2cdccb44 283 debug3("Not a RSA1 key file %.200s.", filename);
5260325f 284 buffer_free(&buffer);
aeaa3d9e 285 return NULL;
5260325f 286 }
aa3378df 287 /*
288 * Make sure it begins with the id string. Consume the id string
289 * from the buffer.
290 */
7e2183c0 291 for (i = 0; i < sizeof(authfile_id_string); i++)
292 if (buffer_get_char(&buffer) != authfile_id_string[i]) {
2cdccb44 293 debug3("Not a RSA1 key file %.200s.", filename);
5260325f 294 buffer_free(&buffer);
aeaa3d9e 295 return NULL;
5260325f 296 }
297 /* Skip cipher type and reserved data. */
298 (void) buffer_get_char(&buffer); /* cipher type */
299 (void) buffer_get_int(&buffer); /* reserved */
300
301 /* Read the public key from the buffer. */
1169c3df 302 (void) buffer_get_int(&buffer);
aeaa3d9e 303 pub = key_new(KEY_RSA1);
304 buffer_get_bignum(&buffer, pub->rsa->n);
305 buffer_get_bignum(&buffer, pub->rsa->e);
306 if (commentp)
307 *commentp = buffer_get_string(&buffer, NULL);
5260325f 308 /* The encrypted private part is not parsed by this function. */
309
8efc0c15 310 buffer_free(&buffer);
aeaa3d9e 311 return pub;
8efc0c15 312}
313
aeaa3d9e 314/* load public key from private-key file, works only for SSH v1 */
315Key *
316key_load_public_type(int type, const char *filename, char **commentp)
a306f2dd 317{
aeaa3d9e 318 Key *pub;
319 int fd;
320
321 if (type == KEY_RSA1) {
322 fd = open(filename, O_RDONLY);
323 if (fd < 0)
324 return NULL;
325 pub = key_load_public_rsa1(fd, filename, commentp);
326 close(fd);
327 return pub;
a306f2dd 328 }
aeaa3d9e 329 return NULL;
a306f2dd 330}
331
aa3378df 332/*
333 * Loads the private key from the file. Returns 0 if an error is encountered
334 * (file does not exist or is not readable, or passphrase is bad). This
335 * initializes the private key.
336 * Assumes we are called under uid of the owner of the file.
337 */
8efc0c15 338
396c147e 339static Key *
aeaa3d9e 340key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
341 char **commentp)
8efc0c15 342{
2ceb8101 343 u_int i;
344 int check1, check2, cipher_type;
f6be21a0 345 size_t len;
5260325f 346 Buffer buffer, decrypted;
20905a8e 347 u_char *cp;
94ec8c6b 348 CipherContext ciphercontext;
349 Cipher *cipher;
aeaa3d9e 350 Key *prv = NULL;
378d9956 351 struct stat st;
5260325f 352
378d9956 353 if (fstat(fd, &st) < 0) {
354 error("fstat for key file %.200s failed: %.100s",
355 filename, strerror(errno));
356 close(fd);
357 return NULL;
358 }
f6be21a0 359 if (st.st_size > 1*1024*1024) {
528afafa 360 error("key file %.200s too large", filename);
f6be21a0 361 close(fd);
362 return (NULL);
363 }
364 len = (size_t)st.st_size; /* truncated */
5260325f 365
366 buffer_init(&buffer);
6c0fa2b1 367 cp = buffer_append_space(&buffer, len);
5260325f 368
2ceb8101 369 if (atomicio(read, fd, cp, len) != len) {
5260325f 370 debug("Read from key file %.200s failed: %.100s", filename,
fa08c86b 371 strerror(errno));
5260325f 372 buffer_free(&buffer);
a408af76 373 close(fd);
aeaa3d9e 374 return NULL;
5260325f 375 }
5260325f 376
7e2183c0 377 /* Check that it is at least big enough to contain the ID string. */
378 if (len < sizeof(authfile_id_string)) {
2cdccb44 379 debug3("Not a RSA1 key file %.200s.", filename);
5260325f 380 buffer_free(&buffer);
81333640 381 close(fd);
aeaa3d9e 382 return NULL;
5260325f 383 }
aa3378df 384 /*
385 * Make sure it begins with the id string. Consume the id string
386 * from the buffer.
387 */
7e2183c0 388 for (i = 0; i < sizeof(authfile_id_string); i++)
389 if (buffer_get_char(&buffer) != authfile_id_string[i]) {
2cdccb44 390 debug3("Not a RSA1 key file %.200s.", filename);
5260325f 391 buffer_free(&buffer);
81333640 392 close(fd);
aeaa3d9e 393 return NULL;
5260325f 394 }
81333640 395
5260325f 396 /* Read cipher type. */
397 cipher_type = buffer_get_char(&buffer);
398 (void) buffer_get_int(&buffer); /* Reserved data. */
399
400 /* Read the public key from the buffer. */
1169c3df 401 (void) buffer_get_int(&buffer);
aeaa3d9e 402 prv = key_new_private(KEY_RSA1);
403
404 buffer_get_bignum(&buffer, prv->rsa->n);
405 buffer_get_bignum(&buffer, prv->rsa->e);
406 if (commentp)
407 *commentp = buffer_get_string(&buffer, NULL);
5260325f 408 else
409 xfree(buffer_get_string(&buffer, NULL));
410
411 /* Check that it is a supported cipher. */
94ec8c6b 412 cipher = cipher_by_number(cipher_type);
413 if (cipher == NULL) {
414 debug("Unsupported cipher %d used in key file %.200s.",
415 cipher_type, filename);
5260325f 416 buffer_free(&buffer);
417 goto fail;
418 }
419 /* Initialize space for decrypted data. */
420 buffer_init(&decrypted);
6c0fa2b1 421 cp = buffer_append_space(&decrypted, buffer_len(&buffer));
5260325f 422
423 /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */
3ee832e5 424 cipher_set_key_string(&ciphercontext, cipher, passphrase,
425 CIPHER_DECRYPT);
426 cipher_crypt(&ciphercontext, cp,
20905a8e 427 buffer_ptr(&buffer), buffer_len(&buffer));
3ee832e5 428 cipher_cleanup(&ciphercontext);
94ec8c6b 429 memset(&ciphercontext, 0, sizeof(ciphercontext));
8efc0c15 430 buffer_free(&buffer);
5260325f 431
432 check1 = buffer_get_char(&decrypted);
433 check2 = buffer_get_char(&decrypted);
434 if (check1 != buffer_get_char(&decrypted) ||
435 check2 != buffer_get_char(&decrypted)) {
436 if (strcmp(passphrase, "") != 0)
aeaa3d9e 437 debug("Bad passphrase supplied for key file %.200s.",
438 filename);
5260325f 439 /* Bad passphrase. */
440 buffer_free(&decrypted);
aeaa3d9e 441 goto fail;
5260325f 442 }
443 /* Read the rest of the private key. */
aeaa3d9e 444 buffer_get_bignum(&decrypted, prv->rsa->d);
445 buffer_get_bignum(&decrypted, prv->rsa->iqmp); /* u */
446 /* in SSL and SSH v1 p and q are exchanged */
447 buffer_get_bignum(&decrypted, prv->rsa->q); /* p */
448 buffer_get_bignum(&decrypted, prv->rsa->p); /* q */
5260325f 449
aeaa3d9e 450 /* calculate p-1 and q-1 */
b775c6f2 451 rsa_generate_additional_parameters(prv->rsa);
5260325f 452
453 buffer_free(&decrypted);
15e98f49 454
455 /* enable blinding */
456 if (RSA_blinding_on(prv->rsa, NULL) != 1) {
457 error("key_load_private_rsa1: RSA_blinding_on failed");
458 goto fail;
459 }
81333640 460 close(fd);
aeaa3d9e 461 return prv;
462
463fail:
464 if (commentp)
465 xfree(*commentp);
466 close(fd);
467 key_free(prv);
468 return NULL;
8efc0c15 469}
a306f2dd 470
39c00dc2 471Key *
aeaa3d9e 472key_load_private_pem(int fd, int type, const char *passphrase,
473 char **commentp)
a306f2dd 474{
a306f2dd 475 FILE *fp;
fa08c86b 476 EVP_PKEY *pk = NULL;
aeaa3d9e 477 Key *prv = NULL;
fa08c86b 478 char *name = "<no key>";
a306f2dd 479
a306f2dd 480 fp = fdopen(fd, "r");
481 if (fp == NULL) {
58cfa257 482 error("fdopen failed: %s", strerror(errno));
81333640 483 close(fd);
aeaa3d9e 484 return NULL;
a306f2dd 485 }
fa08c86b 486 pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase);
487 if (pk == NULL) {
ae88ea7e 488 debug("PEM_read_PrivateKey failed");
fa08c86b 489 (void)ERR_get_error();
aeaa3d9e 490 } else if (pk->type == EVP_PKEY_RSA &&
184eed6a 491 (type == KEY_UNSPEC||type==KEY_RSA)) {
aeaa3d9e 492 prv = key_new(KEY_UNSPEC);
493 prv->rsa = EVP_PKEY_get1_RSA(pk);
494 prv->type = KEY_RSA;
495 name = "rsa w/o comment";
fa08c86b 496#ifdef DEBUG_PK
aeaa3d9e 497 RSA_print_fp(stderr, prv->rsa, 8);
fa08c86b 498#endif
15e98f49 499 if (RSA_blinding_on(prv->rsa, NULL) != 1) {
500 error("key_load_private_pem: RSA_blinding_on failed");
501 key_free(prv);
502 prv = NULL;
503 }
aeaa3d9e 504 } else if (pk->type == EVP_PKEY_DSA &&
184eed6a 505 (type == KEY_UNSPEC||type==KEY_DSA)) {
aeaa3d9e 506 prv = key_new(KEY_UNSPEC);
507 prv->dsa = EVP_PKEY_get1_DSA(pk);
508 prv->type = KEY_DSA;
509 name = "dsa w/o comment";
fa08c86b 510#ifdef DEBUG_PK
aeaa3d9e 511 DSA_print_fp(stderr, prv->dsa, 8);
fa08c86b 512#endif
fa08c86b 513 } else {
514 error("PEM_read_PrivateKey: mismatch or "
515 "unknown EVP_PKEY save_type %d", pk->save_type);
a306f2dd 516 }
a306f2dd 517 fclose(fp);
fa08c86b 518 if (pk != NULL)
519 EVP_PKEY_free(pk);
aeaa3d9e 520 if (prv != NULL && commentp)
521 *commentp = xstrdup(name);
522 debug("read PEM private key done: type %s",
523 prv ? key_type(prv) : "<unknown>");
524 return prv;
a306f2dd 525}
526
45660a22 527int
aeaa3d9e 528key_perm_ok(int fd, const char *filename)
a306f2dd 529{
a306f2dd 530 struct stat st;
531
d842a5eb 532 if (fstat(fd, &st) < 0)
533 return 0;
534 /*
535 * if a key owned by the user is accessed, then we check the
536 * permissions of the file. if the key owned by a different user,
537 * then we don't care.
538 */
9cd45ea4 539#ifdef HAVE_CYGWIN
22d89d24 540 if (check_ntsec(filename))
9cd45ea4 541#endif
d842a5eb 542 if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) {
a306f2dd 543 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
544 error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @");
545 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
d842a5eb 546 error("Permissions 0%3.3o for '%s' are too open.",
b9ed513a 547 (u_int)st.st_mode & 0777, filename);
a306f2dd 548 error("It is recommended that your private key files are NOT accessible by others.");
aeaa3d9e 549 error("This private key will be ignored.");
a306f2dd 550 return 0;
551 }
aeaa3d9e 552 return 1;
553}
81333640 554
aeaa3d9e 555Key *
556key_load_private_type(int type, const char *filename, const char *passphrase,
fc231518 557 char **commentp, int *perm_ok)
aeaa3d9e 558{
559 int fd;
560
561 fd = open(filename, O_RDONLY);
13b90bdd 562 if (fd < 0) {
563 debug("could not open key file '%s': %s", filename,
564 strerror(errno));
565 if (perm_ok != NULL)
566 *perm_ok = 0;
aeaa3d9e 567 return NULL;
17c7855a 568 }
aeaa3d9e 569 if (!key_perm_ok(fd, filename)) {
fc231518 570 if (perm_ok != NULL)
571 *perm_ok = 0;
58cfa257 572 error("bad permissions: ignore key: %s", filename);
aeaa3d9e 573 close(fd);
574 return NULL;
575 }
fc231518 576 if (perm_ok != NULL)
577 *perm_ok = 1;
aeaa3d9e 578 switch (type) {
579 case KEY_RSA1:
580 return key_load_private_rsa1(fd, filename, passphrase,
581 commentp);
582 /* closes fd */
a306f2dd 583 case KEY_DSA:
fa08c86b 584 case KEY_RSA:
585 case KEY_UNSPEC:
aeaa3d9e 586 return key_load_private_pem(fd, type, passphrase, commentp);
587 /* closes fd */
a306f2dd 588 default:
81333640 589 close(fd);
a306f2dd 590 break;
591 }
aeaa3d9e 592 return NULL;
593}
594
595Key *
596key_load_private(const char *filename, const char *passphrase,
597 char **commentp)
598{
eb2e1595 599 Key *pub, *prv;
aeaa3d9e 600 int fd;
601
602 fd = open(filename, O_RDONLY);
13b90bdd 603 if (fd < 0) {
604 debug("could not open key file '%s': %s", filename,
605 strerror(errno));
aeaa3d9e 606 return NULL;
13b90bdd 607 }
aeaa3d9e 608 if (!key_perm_ok(fd, filename)) {
58cfa257 609 error("bad permissions: ignore key: %s", filename);
aeaa3d9e 610 close(fd);
611 return NULL;
612 }
613 pub = key_load_public_rsa1(fd, filename, commentp);
614 lseek(fd, (off_t) 0, SEEK_SET); /* rewind */
615 if (pub == NULL) {
616 /* closes fd */
eb2e1595 617 prv = key_load_private_pem(fd, KEY_UNSPEC, passphrase, NULL);
618 /* use the filename as a comment for PEM */
619 if (commentp && prv)
a10bdd7c 620 *commentp = xstrdup(filename);
aeaa3d9e 621 } else {
622 /* it's a SSH v1 key if the public key part is readable */
623 key_free(pub);
624 /* closes fd */
eb2e1595 625 prv = key_load_private_rsa1(fd, filename, passphrase, NULL);
aeaa3d9e 626 }
eb2e1595 627 return prv;
a306f2dd 628}
bcbf86ec 629
396c147e 630static int
aeaa3d9e 631key_try_load_public(Key *k, const char *filename, char **commentp)
bcbf86ec 632{
633 FILE *f;
ea067773 634 char line[SSH_MAX_PUBKEY_BYTES];
bcbf86ec 635 char *cp;
41feb690 636 u_long linenum = 0;
bcbf86ec 637
638 f = fopen(filename, "r");
639 if (f != NULL) {
ea067773 640 while (read_keyfile_line(f, filename, line, sizeof(line),
641 &linenum) != -1) {
bcbf86ec 642 cp = line;
6aacefa7 643 switch (*cp) {
bcbf86ec 644 case '#':
645 case '\n':
646 case '\0':
647 continue;
648 }
649 /* Skip leading whitespace. */
650 for (; *cp && (*cp == ' ' || *cp == '\t'); cp++)
651 ;
652 if (*cp) {
fa08c86b 653 if (key_read(k, &cp) == 1) {
bcbf86ec 654 if (commentp)
655 *commentp=xstrdup(filename);
656 fclose(f);
657 return 1;
658 }
659 }
660 }
661 fclose(f);
662 }
663 return 0;
664}
665
aeaa3d9e 666/* load public key from ssh v1 private or any pubkey file */
667Key *
668key_load_public(const char *filename, char **commentp)
bcbf86ec 669{
aeaa3d9e 670 Key *pub;
671 char file[MAXPATHLEN];
672
3566c73c 673 /* try rsa1 private key */
aeaa3d9e 674 pub = key_load_public_type(KEY_RSA1, filename, commentp);
675 if (pub != NULL)
676 return pub;
3566c73c 677
678 /* try rsa1 public key */
679 pub = key_new(KEY_RSA1);
680 if (key_try_load_public(pub, filename, commentp) == 1)
681 return pub;
682 key_free(pub);
683
684 /* try ssh2 public key */
aeaa3d9e 685 pub = key_new(KEY_UNSPEC);
686 if (key_try_load_public(pub, filename, commentp) == 1)
687 return pub;
688 if ((strlcpy(file, filename, sizeof file) < sizeof(file)) &&
689 (strlcat(file, ".pub", sizeof file) < sizeof(file)) &&
690 (key_try_load_public(pub, file, commentp) == 1))
691 return pub;
692 key_free(pub);
693 return NULL;
bcbf86ec 694}
git-cvsimport mirror of OpenSSH
This page took 0.35771 seconds and 5 git commands to generate.