5 Author: Tatu Ylonen <ylo@cs.hut.fi>
7 Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
10 Created: Wed Mar 29 01:30:28 1995 ylo
12 Functions for connecting the local authentication agent.
29 #include <openssl/rsa.h>
35 /* Returns the number of the authentication fd, or -1 if there is none. */
38 ssh_get_authentication_socket()
40 const char *authsocket;
42 struct sockaddr_un sunaddr;
44 authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
48 sunaddr.sun_family = AF_UNIX;
49 strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
51 sock = socket(AF_UNIX, SOCK_STREAM, 0);
55 if (connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0)
64 /* Closes the agent socket if it should be closed (depends on how it was
65 obtained). The argument must have been returned by
66 ssh_get_authentication_socket(). */
68 void ssh_close_authentication_socket(int sock)
70 if (getenv(SSH_AUTHSOCKET_ENV_NAME))
74 /* Opens and connects a private socket for communication with the
75 authentication agent. Returns the file descriptor (which must be
76 shut down and closed by the caller when no longer needed).
77 Returns NULL if an error occurred and the connection could not be
80 AuthenticationConnection *ssh_get_authentication_connection()
82 AuthenticationConnection *auth;
85 sock = ssh_get_authentication_socket();
87 /* Fail if we couldn't obtain a connection. This happens if we exited
92 /* Applocate the connection structure and initialize it. */
93 auth = xmalloc(sizeof(*auth));
95 buffer_init(&auth->packet);
96 buffer_init(&auth->identities);
102 /* Closes the connection to the authentication agent and frees any associated
105 void ssh_close_authentication_connection(AuthenticationConnection *ac)
107 buffer_free(&ac->packet);
108 buffer_free(&ac->identities);
110 /* Free the connection data structure. */
114 /* Returns the first authentication identity held by the agent.
115 Returns true if an identity is available, 0 otherwise.
116 The caller must initialize the integers before the call, and free the
117 comment after a successful call (before calling ssh_get_next_identity). */
120 ssh_get_first_identity(AuthenticationConnection *auth,
121 int *bitsp, BIGNUM *e, BIGNUM *n, char **comment)
123 unsigned char msg[8192];
126 /* Send a message to the agent requesting for a list of the identities
132 msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
133 if (write(auth->fd, msg, 5) != 5)
135 error("write auth->fd: %.100s", strerror(errno));
139 /* Read the length of the response. XXX implement timeouts here. */
143 l = read(auth->fd, msg + 4 - len, len);
146 error("read auth->fd: %.100s", strerror(errno));
152 /* Extract the length, and check it for sanity. (We cannot trust
153 authentication agents). */
154 len = GET_32BIT(msg);
155 if (len < 1 || len > 256*1024)
156 fatal("Authentication reply message too long: %d\n", len);
158 /* Read the packet itself. */
159 buffer_clear(&auth->identities);
165 l = read(auth->fd, msg, l);
167 fatal("Incomplete authentication reply.");
168 buffer_append(&auth->identities, (char *)msg, l);
172 /* Get message type, and verify that we got a proper answer. */
173 buffer_get(&auth->identities, (char *)msg, 1);
174 if (msg[0] != SSH_AGENT_RSA_IDENTITIES_ANSWER)
175 fatal("Bad authentication reply message type: %d", msg[0]);
177 /* Get the number of entries in the response and check it for sanity. */
178 auth->howmany = buffer_get_int(&auth->identities);
179 if (auth->howmany > 1024)
180 fatal("Too many identities in authentication reply: %d\n", auth->howmany);
182 /* Return the first entry (if any). */
183 return ssh_get_next_identity(auth, bitsp, e, n, comment);
186 /* Returns the next authentication identity for the agent. Other functions
187 can be called between this and ssh_get_first_identity or two calls of this
188 function. This returns 0 if there are no more identities. The caller
189 must free comment after a successful return. */
192 ssh_get_next_identity(AuthenticationConnection *auth,
193 int *bitsp, BIGNUM *e, BIGNUM *n, char **comment)
195 /* Return failure if no more entries. */
196 if (auth->howmany <= 0)
199 /* Get the next entry from the packet. These will abort with a fatal
200 error if the packet is too short or contains corrupt data. */
201 *bitsp = buffer_get_int(&auth->identities);
202 buffer_get_bignum(&auth->identities, e);
203 buffer_get_bignum(&auth->identities, n);
204 *comment = buffer_get_string(&auth->identities, NULL);
206 /* Decrement the number of remaining entries. */
212 /* Generates a random challenge, sends it to the agent, and waits for response
213 from the agent. Returns true (non-zero) if the agent gave the correct
214 answer, zero otherwise. Response type selects the style of response
215 desired, with 0 corresponding to protocol version 1.0 (no longer supported)
216 and 1 corresponding to protocol version 1.1. */
219 ssh_decrypt_challenge(AuthenticationConnection *auth,
220 int bits, BIGNUM *e, BIGNUM *n, BIGNUM *challenge,
221 unsigned char session_id[16],
222 unsigned int response_type,
223 unsigned char response[16])
226 unsigned char buf[8192];
229 /* Response type 0 is no longer supported. */
230 if (response_type == 0)
231 fatal("Compatibility with ssh protocol version 1.0 no longer supported.");
233 /* Format a message to the agent. */
234 buf[0] = SSH_AGENTC_RSA_CHALLENGE;
235 buffer_init(&buffer);
236 buffer_append(&buffer, (char *)buf, 1);
237 buffer_put_int(&buffer, bits);
238 buffer_put_bignum(&buffer, e);
239 buffer_put_bignum(&buffer, n);
240 buffer_put_bignum(&buffer, challenge);
241 buffer_append(&buffer, (char *)session_id, 16);
242 buffer_put_int(&buffer, response_type);
244 /* Get the length of the message, and format it in the buffer. */
245 len = buffer_len(&buffer);
248 /* Send the length and then the packet to the agent. */
249 if (write(auth->fd, buf, 4) != 4 ||
250 write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) !=
253 error("Error writing to authentication socket.");
255 buffer_free(&buffer);
259 /* Wait for response from the agent. First read the length of the
264 l = read(auth->fd, buf + 4 - len, len);
267 error("Error reading response length from authentication socket.");
273 /* Extract the length, and check it for sanity. */
274 len = GET_32BIT(buf);
276 fatal("Authentication response too long: %d", len);
278 /* Read the rest of the response in tothe buffer. */
279 buffer_clear(&buffer);
285 l = read(auth->fd, buf, l);
288 error("Error reading response from authentication socket.");
291 buffer_append(&buffer, (char *)buf, l);
295 /* Get the type of the packet. */
296 buffer_get(&buffer, (char *)buf, 1);
298 /* Check for agent failure message. */
299 if (buf[0] == SSH_AGENT_FAILURE)
301 log("Agent admitted failure to authenticate using the key.");
305 /* Now it must be an authentication response packet. */
306 if (buf[0] != SSH_AGENT_RSA_RESPONSE)
307 fatal("Bad authentication response: %d", buf[0]);
309 /* Get the response from the packet. This will abort with a fatal error
310 if the packet is corrupt. */
311 for (i = 0; i < 16; i++)
312 response[i] = buffer_get_char(&buffer);
314 /* The buffer containing the packet is no longer needed. */
315 buffer_free(&buffer);
317 /* Correct answer. */
321 /* Adds an identity to the authentication server. This call is not meant to
322 be used by normal applications. */
324 int ssh_add_identity(AuthenticationConnection *auth,
325 RSA *key, const char *comment)
328 unsigned char buf[8192];
331 /* Format a message to the agent. */
332 buffer_init(&buffer);
333 buffer_put_char(&buffer, SSH_AGENTC_ADD_RSA_IDENTITY);
334 buffer_put_int(&buffer, BN_num_bits(key->n));
335 buffer_put_bignum(&buffer, key->n);
336 buffer_put_bignum(&buffer, key->e);
337 buffer_put_bignum(&buffer, key->d);
338 /* To keep within the protocol: p < q for ssh. in SSL p > q */
339 buffer_put_bignum(&buffer, key->iqmp); /* ssh key->u */
340 buffer_put_bignum(&buffer, key->q); /* ssh key->p, SSL key->q */
341 buffer_put_bignum(&buffer, key->p); /* ssh key->q, SSL key->p */
342 buffer_put_string(&buffer, comment, strlen(comment));
344 /* Get the length of the message, and format it in the buffer. */
345 len = buffer_len(&buffer);
348 /* Send the length and then the packet to the agent. */
349 if (write(auth->fd, buf, 4) != 4 ||
350 write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) !=
353 error("Error writing to authentication socket.");
355 buffer_free(&buffer);
359 /* Wait for response from the agent. First read the length of the
364 l = read(auth->fd, buf + 4 - len, len);
367 error("Error reading response length from authentication socket.");
373 /* Extract the length, and check it for sanity. */
374 len = GET_32BIT(buf);
376 fatal("Add identity response too long: %d", len);
378 /* Read the rest of the response in tothe buffer. */
379 buffer_clear(&buffer);
385 l = read(auth->fd, buf, l);
388 error("Error reading response from authentication socket.");
391 buffer_append(&buffer, (char *)buf, l);
395 /* Get the type of the packet. */
396 type = buffer_get_char(&buffer);
399 case SSH_AGENT_FAILURE:
400 buffer_free(&buffer);
402 case SSH_AGENT_SUCCESS:
403 buffer_free(&buffer);
406 fatal("Bad response to add identity from authentication agent: %d",
413 /* Removes an identity from the authentication server. This call is not meant
414 to be used by normal applications. */
416 int ssh_remove_identity(AuthenticationConnection *auth, RSA *key)
419 unsigned char buf[8192];
422 /* Format a message to the agent. */
423 buffer_init(&buffer);
424 buffer_put_char(&buffer, SSH_AGENTC_REMOVE_RSA_IDENTITY);
425 buffer_put_int(&buffer, BN_num_bits(key->n));
426 buffer_put_bignum(&buffer, key->e);
427 buffer_put_bignum(&buffer, key->n);
429 /* Get the length of the message, and format it in the buffer. */
430 len = buffer_len(&buffer);
433 /* Send the length and then the packet to the agent. */
434 if (write(auth->fd, buf, 4) != 4 ||
435 write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) !=
438 error("Error writing to authentication socket.");
440 buffer_free(&buffer);
444 /* Wait for response from the agent. First read the length of the
449 l = read(auth->fd, buf + 4 - len, len);
452 error("Error reading response length from authentication socket.");
458 /* Extract the length, and check it for sanity. */
459 len = GET_32BIT(buf);
461 fatal("Remove identity response too long: %d", len);
463 /* Read the rest of the response in tothe buffer. */
464 buffer_clear(&buffer);
470 l = read(auth->fd, buf, l);
473 error("Error reading response from authentication socket.");
476 buffer_append(&buffer, (char *)buf, l);
480 /* Get the type of the packet. */
481 type = buffer_get_char(&buffer);
484 case SSH_AGENT_FAILURE:
485 buffer_free(&buffer);
487 case SSH_AGENT_SUCCESS:
488 buffer_free(&buffer);
491 fatal("Bad response to remove identity from authentication agent: %d",
498 /* Removes all identities from the agent. This call is not meant
499 to be used by normal applications. */
501 int ssh_remove_all_identities(AuthenticationConnection *auth)
504 unsigned char buf[8192];
507 /* Get the length of the message, and format it in the buffer. */
509 buf[4] = SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES;
511 /* Send the length and then the packet to the agent. */
512 if (write(auth->fd, buf, 5) != 5)
514 error("Error writing to authentication socket.");
518 /* Wait for response from the agent. First read the length of the
523 l = read(auth->fd, buf + 4 - len, len);
526 error("Error reading response length from authentication socket.");
532 /* Extract the length, and check it for sanity. */
533 len = GET_32BIT(buf);
535 fatal("Remove identity response too long: %d", len);
537 /* Read the rest of the response into the buffer. */
538 buffer_init(&buffer);
544 l = read(auth->fd, buf, l);
547 error("Error reading response from authentication socket.");
548 buffer_free(&buffer);
551 buffer_append(&buffer, (char *)buf, l);
555 /* Get the type of the packet. */
556 type = buffer_get_char(&buffer);
559 case SSH_AGENT_FAILURE:
560 buffer_free(&buffer);
562 case SSH_AGENT_SUCCESS:
563 buffer_free(&buffer);
566 fatal("Bad response to remove identity from authentication agent: %d",