5 Author: Tatu Ylonen <ylo@cs.hut.fi>
7 Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
10 Created: Wed Mar 29 01:30:28 1995 ylo
12 Functions for connecting the local authentication agent.
28 #include <openssl/rsa.h>
34 /* Returns the number of the authentication fd, or -1 if there is none. */
37 ssh_get_authentication_socket()
39 const char *authsocket;
41 struct sockaddr_un sunaddr;
43 authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
47 sunaddr.sun_family = AF_UNIX;
48 strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
50 sock = socket(AF_UNIX, SOCK_STREAM, 0);
54 if (connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0)
63 /* Closes the agent socket if it should be closed (depends on how it was
64 obtained). The argument must have been returned by
65 ssh_get_authentication_socket(). */
67 void ssh_close_authentication_socket(int sock)
69 if (getenv(SSH_AUTHSOCKET_ENV_NAME))
73 /* Opens and connects a private socket for communication with the
74 authentication agent. Returns the file descriptor (which must be
75 shut down and closed by the caller when no longer needed).
76 Returns NULL if an error occurred and the connection could not be
79 AuthenticationConnection *ssh_get_authentication_connection()
81 AuthenticationConnection *auth;
84 sock = ssh_get_authentication_socket();
86 /* Fail if we couldn't obtain a connection. This happens if we exited
91 /* Applocate the connection structure and initialize it. */
92 auth = xmalloc(sizeof(*auth));
94 buffer_init(&auth->packet);
95 buffer_init(&auth->identities);
101 /* Closes the connection to the authentication agent and frees any associated
104 void ssh_close_authentication_connection(AuthenticationConnection *ac)
106 buffer_free(&ac->packet);
107 buffer_free(&ac->identities);
109 /* Free the connection data structure. */
113 /* Returns the first authentication identity held by the agent.
114 Returns true if an identity is available, 0 otherwise.
115 The caller must initialize the integers before the call, and free the
116 comment after a successful call (before calling ssh_get_next_identity). */
119 ssh_get_first_identity(AuthenticationConnection *auth,
120 int *bitsp, BIGNUM *e, BIGNUM *n, char **comment)
122 unsigned char msg[8192];
125 /* Send a message to the agent requesting for a list of the identities
131 msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
132 if (write(auth->fd, msg, 5) != 5)
134 error("write auth->fd: %.100s", strerror(errno));
138 /* Read the length of the response. XXX implement timeouts here. */
142 l = read(auth->fd, msg + 4 - len, len);
145 error("read auth->fd: %.100s", strerror(errno));
151 /* Extract the length, and check it for sanity. (We cannot trust
152 authentication agents). */
153 len = GET_32BIT(msg);
154 if (len < 1 || len > 256*1024)
155 fatal("Authentication reply message too long: %d\n", len);
157 /* Read the packet itself. */
158 buffer_clear(&auth->identities);
164 l = read(auth->fd, msg, l);
166 fatal("Incomplete authentication reply.");
167 buffer_append(&auth->identities, (char *)msg, l);
171 /* Get message type, and verify that we got a proper answer. */
172 buffer_get(&auth->identities, (char *)msg, 1);
173 if (msg[0] != SSH_AGENT_RSA_IDENTITIES_ANSWER)
174 fatal("Bad authentication reply message type: %d", msg[0]);
176 /* Get the number of entries in the response and check it for sanity. */
177 auth->howmany = buffer_get_int(&auth->identities);
178 if (auth->howmany > 1024)
179 fatal("Too many identities in authentication reply: %d\n", auth->howmany);
181 /* Return the first entry (if any). */
182 return ssh_get_next_identity(auth, bitsp, e, n, comment);
185 /* Returns the next authentication identity for the agent. Other functions
186 can be called between this and ssh_get_first_identity or two calls of this
187 function. This returns 0 if there are no more identities. The caller
188 must free comment after a successful return. */
191 ssh_get_next_identity(AuthenticationConnection *auth,
192 int *bitsp, BIGNUM *e, BIGNUM *n, char **comment)
194 /* Return failure if no more entries. */
195 if (auth->howmany <= 0)
198 /* Get the next entry from the packet. These will abort with a fatal
199 error if the packet is too short or contains corrupt data. */
200 *bitsp = buffer_get_int(&auth->identities);
201 buffer_get_bignum(&auth->identities, e);
202 buffer_get_bignum(&auth->identities, n);
203 *comment = buffer_get_string(&auth->identities, NULL);
205 /* Decrement the number of remaining entries. */
211 /* Generates a random challenge, sends it to the agent, and waits for response
212 from the agent. Returns true (non-zero) if the agent gave the correct
213 answer, zero otherwise. Response type selects the style of response
214 desired, with 0 corresponding to protocol version 1.0 (no longer supported)
215 and 1 corresponding to protocol version 1.1. */
218 ssh_decrypt_challenge(AuthenticationConnection *auth,
219 int bits, BIGNUM *e, BIGNUM *n, BIGNUM *challenge,
220 unsigned char session_id[16],
221 unsigned int response_type,
222 unsigned char response[16])
225 unsigned char buf[8192];
228 /* Response type 0 is no longer supported. */
229 if (response_type == 0)
230 fatal("Compatibility with ssh protocol version 1.0 no longer supported.");
232 /* Format a message to the agent. */
233 buf[0] = SSH_AGENTC_RSA_CHALLENGE;
234 buffer_init(&buffer);
235 buffer_append(&buffer, (char *)buf, 1);
236 buffer_put_int(&buffer, bits);
237 buffer_put_bignum(&buffer, e);
238 buffer_put_bignum(&buffer, n);
239 buffer_put_bignum(&buffer, challenge);
240 buffer_append(&buffer, (char *)session_id, 16);
241 buffer_put_int(&buffer, response_type);
243 /* Get the length of the message, and format it in the buffer. */
244 len = buffer_len(&buffer);
247 /* Send the length and then the packet to the agent. */
248 if (write(auth->fd, buf, 4) != 4 ||
249 write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) !=
252 error("Error writing to authentication socket.");
254 buffer_free(&buffer);
258 /* Wait for response from the agent. First read the length of the
263 l = read(auth->fd, buf + 4 - len, len);
266 error("Error reading response length from authentication socket.");
272 /* Extract the length, and check it for sanity. */
273 len = GET_32BIT(buf);
275 fatal("Authentication response too long: %d", len);
277 /* Read the rest of the response in tothe buffer. */
278 buffer_clear(&buffer);
284 l = read(auth->fd, buf, l);
287 error("Error reading response from authentication socket.");
290 buffer_append(&buffer, (char *)buf, l);
294 /* Get the type of the packet. */
295 buffer_get(&buffer, (char *)buf, 1);
297 /* Check for agent failure message. */
298 if (buf[0] == SSH_AGENT_FAILURE)
300 log("Agent admitted failure to authenticate using the key.");
304 /* Now it must be an authentication response packet. */
305 if (buf[0] != SSH_AGENT_RSA_RESPONSE)
306 fatal("Bad authentication response: %d", buf[0]);
308 /* Get the response from the packet. This will abort with a fatal error
309 if the packet is corrupt. */
310 for (i = 0; i < 16; i++)
311 response[i] = buffer_get_char(&buffer);
313 /* The buffer containing the packet is no longer needed. */
314 buffer_free(&buffer);
316 /* Correct answer. */
320 /* Adds an identity to the authentication server. This call is not meant to
321 be used by normal applications. */
323 int ssh_add_identity(AuthenticationConnection *auth,
324 RSA *key, const char *comment)
327 unsigned char buf[8192];
330 /* Format a message to the agent. */
331 buffer_init(&buffer);
332 buffer_put_char(&buffer, SSH_AGENTC_ADD_RSA_IDENTITY);
333 buffer_put_int(&buffer, BN_num_bits(key->n));
334 buffer_put_bignum(&buffer, key->n);
335 buffer_put_bignum(&buffer, key->e);
336 buffer_put_bignum(&buffer, key->d);
337 /* To keep within the protocol: p < q for ssh. in SSL p > q */
338 buffer_put_bignum(&buffer, key->iqmp); /* ssh key->u */
339 buffer_put_bignum(&buffer, key->q); /* ssh key->p, SSL key->q */
340 buffer_put_bignum(&buffer, key->p); /* ssh key->q, SSL key->p */
341 buffer_put_string(&buffer, comment, strlen(comment));
343 /* Get the length of the message, and format it in the buffer. */
344 len = buffer_len(&buffer);
347 /* Send the length and then the packet to the agent. */
348 if (write(auth->fd, buf, 4) != 4 ||
349 write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) !=
352 error("Error writing to authentication socket.");
354 buffer_free(&buffer);
358 /* Wait for response from the agent. First read the length of the
363 l = read(auth->fd, buf + 4 - len, len);
366 error("Error reading response length from authentication socket.");
372 /* Extract the length, and check it for sanity. */
373 len = GET_32BIT(buf);
375 fatal("Add identity response too long: %d", len);
377 /* Read the rest of the response in tothe buffer. */
378 buffer_clear(&buffer);
384 l = read(auth->fd, buf, l);
387 error("Error reading response from authentication socket.");
390 buffer_append(&buffer, (char *)buf, l);
394 /* Get the type of the packet. */
395 type = buffer_get_char(&buffer);
398 case SSH_AGENT_FAILURE:
399 buffer_free(&buffer);
401 case SSH_AGENT_SUCCESS:
402 buffer_free(&buffer);
405 fatal("Bad response to add identity from authentication agent: %d",
412 /* Removes an identity from the authentication server. This call is not meant
413 to be used by normal applications. */
415 int ssh_remove_identity(AuthenticationConnection *auth, RSA *key)
418 unsigned char buf[8192];
421 /* Format a message to the agent. */
422 buffer_init(&buffer);
423 buffer_put_char(&buffer, SSH_AGENTC_REMOVE_RSA_IDENTITY);
424 buffer_put_int(&buffer, BN_num_bits(key->n));
425 buffer_put_bignum(&buffer, key->e);
426 buffer_put_bignum(&buffer, key->n);
428 /* Get the length of the message, and format it in the buffer. */
429 len = buffer_len(&buffer);
432 /* Send the length and then the packet to the agent. */
433 if (write(auth->fd, buf, 4) != 4 ||
434 write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) !=
437 error("Error writing to authentication socket.");
439 buffer_free(&buffer);
443 /* Wait for response from the agent. First read the length of the
448 l = read(auth->fd, buf + 4 - len, len);
451 error("Error reading response length from authentication socket.");
457 /* Extract the length, and check it for sanity. */
458 len = GET_32BIT(buf);
460 fatal("Remove identity response too long: %d", len);
462 /* Read the rest of the response in tothe buffer. */
463 buffer_clear(&buffer);
469 l = read(auth->fd, buf, l);
472 error("Error reading response from authentication socket.");
475 buffer_append(&buffer, (char *)buf, l);
479 /* Get the type of the packet. */
480 type = buffer_get_char(&buffer);
483 case SSH_AGENT_FAILURE:
484 buffer_free(&buffer);
486 case SSH_AGENT_SUCCESS:
487 buffer_free(&buffer);
490 fatal("Bad response to remove identity from authentication agent: %d",
497 /* Removes all identities from the agent. This call is not meant
498 to be used by normal applications. */
500 int ssh_remove_all_identities(AuthenticationConnection *auth)
503 unsigned char buf[8192];
506 /* Get the length of the message, and format it in the buffer. */
508 buf[4] = SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES;
510 /* Send the length and then the packet to the agent. */
511 if (write(auth->fd, buf, 5) != 5)
513 error("Error writing to authentication socket.");
517 /* Wait for response from the agent. First read the length of the
522 l = read(auth->fd, buf + 4 - len, len);
525 error("Error reading response length from authentication socket.");
531 /* Extract the length, and check it for sanity. */
532 len = GET_32BIT(buf);
534 fatal("Remove identity response too long: %d", len);
536 /* Read the rest of the response into the buffer. */
537 buffer_init(&buffer);
543 l = read(auth->fd, buf, l);
546 error("Error reading response from authentication socket.");
547 buffer_free(&buffer);
550 buffer_append(&buffer, (char *)buf, l);
554 /* Get the type of the packet. */
555 type = buffer_get_char(&buffer);
558 case SSH_AGENT_FAILURE:
559 buffer_free(&buffer);
561 case SSH_AGENT_SUCCESS:
562 buffer_free(&buffer);
565 fatal("Bad response to remove identity from authentication agent: %d",