/* XXX this is almost identical to sshkey_load_private_type() */
int
sshkey_load_private(const char *filename, const char *passphrase,
struct sshkey **keyp, char **commentp)
{
struct sshbuf *buffer = NULL;
int r, fd;
*keyp = NULL;
if (commentp != NULL)
*commentp = NULL;
if ((fd = open(filename, O_RDONLY)) < 0)
return SSH_ERR_SYSTEM_ERROR;
if (sshkey_perm_ok(fd, filename) != 0) {
r = SSH_ERR_KEY_BAD_PERMISSIONS;
goto out;
}
if ((buffer = sshbuf_new()) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = sshkey_load_file(fd, buffer)) != 0 ||
(r = sshkey_parse_private_fileblob(buffer, passphrase, filename,
keyp, commentp)) != 0)
goto out;
r = 0;
out:
close(fd);
if (buffer != NULL)
sshbuf_free(buffer);
return r;
}
static char *
authmethods_get(struct authctxt *authctxt)
{
struct sshbuf *b;
char *list;
int i, r;
if ((b = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
for (i = 0; authmethods[i] != NULL; i++) {
if (strcmp(authmethods[i]->name, "none") == 0)
continue;
if (authmethods[i]->enabled == NULL ||
*(authmethods[i]->enabled) == 0)
continue;
if (!auth2_method_allowed(authctxt, authmethods[i]->name,
NULL))
continue;
if ((r = sshbuf_putf(b, "%s%s", sshbuf_len(b) ? "," : "",
authmethods[i]->name)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
}
if ((r = sshbuf_put_u8(b, 0)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
list = xstrdup((const char *)sshbuf_ptr(b));
sshbuf_free(b);
return list;
}
/*
* Parse the public, unencrypted portion of a RSA1 key.
*/
int
sshkey_parse_public_rsa1(struct sshbuf *blob,
struct sshkey **keyp, char **commentp)
{
int r;
struct sshkey *pub = NULL;
struct sshbuf *copy = NULL;
*keyp = NULL;
if (commentp != NULL)
*commentp = NULL;
/* Check that it is at least big enough to contain the ID string. */
if (sshbuf_len(blob) < sizeof(authfile_id_string))
return SSH_ERR_INVALID_FORMAT;
/*
* Make sure it begins with the id string. Consume the id string
* from the buffer.
*/
if (memcmp(sshbuf_ptr(blob), authfile_id_string,
sizeof(authfile_id_string)) != 0)
return SSH_ERR_INVALID_FORMAT;
/* Make a working copy of the keyblob and skip past the magic */
if ((copy = sshbuf_fromb(blob)) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((r = sshbuf_consume(copy, sizeof(authfile_id_string))) != 0)
goto out;
/* Skip cipher type, reserved data and key bits. */
if ((r = sshbuf_get_u8(copy, NULL)) != 0 || /* cipher type */
(r = sshbuf_get_u32(copy, NULL)) != 0 || /* reserved */
(r = sshbuf_get_u32(copy, NULL)) != 0) /* key bits */
goto out;
/* Read the public key from the buffer. */
if ((pub = sshkey_new(KEY_RSA1)) == NULL ||
(r = sshbuf_get_bignum1(copy, pub->rsa->n)) != 0 ||
(r = sshbuf_get_bignum1(copy, pub->rsa->e)) != 0)
goto out;
/* Finally, the comment */
if ((r = sshbuf_get_string(copy, (u_char**)commentp, NULL)) != 0)
goto out;
/* The encrypted private part is not parsed by this function. */
r = 0;
*keyp = pub;
pub = NULL;
out:
if (copy != NULL)
sshbuf_free(copy);
if (pub != NULL)
sshkey_free(pub);
return r;
}
/*
* Encodes terminal modes for the terminal referenced by fd
* or tiop in a portable manner, and appends the modes to a packet
* being constructed.
*/
void
ssh_tty_make_modes(struct ssh *ssh, int fd, struct termios *tiop)
{
struct termios tio;
struct sshbuf *buf;
int r, ibaud, obaud;
if ((buf = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if (tiop == NULL) {
if (fd == -1) {
debug("%s: no fd or tio", __func__);
goto end;
}
if (tcgetattr(fd, &tio) == -1) {
logit("tcgetattr: %.100s", strerror(errno));
goto end;
}
} else
tio = *tiop;
/* Store input and output baud rates. */
obaud = speed_to_baud(cfgetospeed(&tio));
ibaud = speed_to_baud(cfgetispeed(&tio));
if ((r = sshbuf_put_u8(buf, TTY_OP_OSPEED)) != 0 ||
(r = sshbuf_put_u32(buf, obaud)) != 0 ||
(r = sshbuf_put_u8(buf, TTY_OP_ISPEED)) != 0 ||
(r = sshbuf_put_u32(buf, ibaud)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
/* Store values of mode flags. */
#define TTYCHAR(NAME, OP) \
if ((r = sshbuf_put_u8(buf, OP)) != 0 || \
(r = sshbuf_put_u32(buf, tio.c_cc[NAME])) != 0) \
fatal("%s: buffer error: %s", __func__, ssh_err(r)); \
#define SSH_TTYMODE_IUTF8 42 /* for SSH_BUG_UTF8TTYMODE */
#define TTYMODE(NAME, FIELD, OP) \
if (OP == SSH_TTYMODE_IUTF8 && (datafellows & SSH_BUG_UTF8TTYMODE)) { \
debug3("%s: SSH_BUG_UTF8TTYMODE", __func__); \
} else if ((r = sshbuf_put_u8(buf, OP)) != 0 || \
(r = sshbuf_put_u32(buf, ((tio.FIELD & NAME) != 0))) != 0) \
fatal("%s: buffer error: %s", __func__, ssh_err(r)); \
#include "ttymodes.h"
#undef TTYCHAR
#undef TTYMODE
end:
/* Mark end of mode data. */
if ((r = sshbuf_put_u8(buf, TTY_OP_END)) != 0 ||
(r = sshpkt_put_stringb(ssh, buf)) != 0)
fatal("%s: packet error: %s", __func__, ssh_err(r));
sshbuf_free(buf);
}
int
ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
const u_char *data, size_t datalen, u_int compat)
{
u_char *sig = NULL;
size_t slen = 0, len;
unsigned long long smlen;
int r, ret;
struct sshbuf *b = NULL;
if (lenp != NULL)
*lenp = 0;
if (sigp != NULL)
*sigp = NULL;
if (key == NULL ||
sshkey_type_plain(key->type) != KEY_ED25519 ||
key->ed25519_sk == NULL ||
datalen >= INT_MAX - crypto_sign_ed25519_BYTES)
return SSH_ERR_INVALID_ARGUMENT;
smlen = slen = datalen + crypto_sign_ed25519_BYTES;
if ((sig = malloc(slen)) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((ret = crypto_sign_ed25519(sig, &smlen, data, datalen,
key->ed25519_sk)) != 0 || smlen <= datalen) {
r = SSH_ERR_INVALID_ARGUMENT; /* XXX better error? */
goto out;
}
/* encode signature */
if ((b = sshbuf_new()) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = sshbuf_put_cstring(b, "ssh-ed25519")) != 0 ||
(r = sshbuf_put_string(b, sig, smlen - datalen)) != 0)
goto out;
len = sshbuf_len(b);
if (sigp != NULL) {
if ((*sigp = malloc(len)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
memcpy(*sigp, sshbuf_ptr(b), len);
}
if (lenp != NULL)
*lenp = len;
/* success */
r = 0;
out:
sshbuf_free(b);
if (sig != NULL) {
explicit_bzero(sig, slen);
free(sig);
}
return r;
}
/*
* Adds an identity to the authentication server.
* This call is intended only for use by ssh-add(1) and like applications.
*/
int
ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment,
u_int life, u_int confirm)
{
struct sshbuf *msg;
int r, constrained = (life || confirm);
u_char type;
if ((msg = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
switch (key->type) {
#ifdef WITH_SSH1
case KEY_RSA1:
type = constrained ?
SSH_AGENTC_ADD_RSA_ID_CONSTRAINED :
SSH_AGENTC_ADD_RSA_IDENTITY;
if ((r = sshbuf_put_u8(msg, type)) != 0 ||
(r = ssh_encode_identity_rsa1(msg, key->rsa, comment)) != 0)
goto out;
break;
#endif
#ifdef WITH_OPENSSL
case KEY_RSA:
case KEY_RSA_CERT:
case KEY_RSA_CERT_V00:
case KEY_DSA:
case KEY_DSA_CERT:
case KEY_DSA_CERT_V00:
case KEY_ECDSA:
case KEY_ECDSA_CERT:
#endif
case KEY_ED25519:
case KEY_ED25519_CERT:
type = constrained ?
SSH2_AGENTC_ADD_ID_CONSTRAINED :
SSH2_AGENTC_ADD_IDENTITY;
if ((r = sshbuf_put_u8(msg, type)) != 0 ||
(r = ssh_encode_identity_ssh2(msg, key, comment)) != 0)
goto out;
break;
default:
r = SSH_ERR_INVALID_ARGUMENT;
goto out;
}
if (constrained &&
(r = encode_constraints(msg, life, confirm)) != 0)
goto out;
if ((r = ssh_request_reply(sock, msg, msg)) != 0)
goto out;
if ((r = sshbuf_get_u8(msg, &type)) != 0)
goto out;
r = decode_reply(type);
out:
sshbuf_free(msg);
return r;
}
void
dump_digest(char *msg, u_char *digest, int len)
{
struct sshbuf *b;
fprintf(stderr, "%s\n", msg);
if ((b = sshbuf_from(digest, len)) != NULL)
sshbuf_dump(b, stderr);
sshbuf_free(b);
}
void
monitor_clear_keystate(struct monitor *pmonitor)
{
struct ssh *ssh = active_state; /* XXX */
ssh_clear_newkeys(ssh, MODE_IN);
ssh_clear_newkeys(ssh, MODE_OUT);
sshbuf_free(child_state);
child_state = NULL;
}
/* XXX - see also comment in auth-chall.c:verify_response */
static int
sshpam_respond(void *ctx, u_int num, char **resp)
{
struct sshbuf *buffer;
struct pam_ctxt *ctxt = ctx;
char *fake;
int r;
debug2("PAM: %s entering, %u responses", __func__, num);
switch (ctxt->pam_done) {
case 1:
sshpam_authenticated = 1;
return (0);
case 0:
break;
default:
return (-1);
}
if (num != 1) {
error("PAM: expected one response, got %u", num);
return (-1);
}
if ((buffer = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if (sshpam_authctxt->valid &&
(sshpam_authctxt->pw->pw_uid != 0 ||
options.permit_root_login == PERMIT_YES)) {
if ((r = sshbuf_put_cstring(buffer, *resp)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
} else {
fake = fake_password(*resp);
if ((r = sshbuf_put_cstring(buffer, fake)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
free(fake);
}
if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, buffer) == -1) {
sshbuf_free(buffer);
return (-1);
}
sshbuf_free(buffer);
return (1);
}
static struct sshkey *
get_private(const char *n)
{
struct sshbuf *b;
struct sshkey *ret;
b = load_file(n);
ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", n, &ret, NULL), 0);
sshbuf_free(b);
return ret;
}
BIGNUM *
load_bignum(const char *name)
{
BIGNUM *ret = NULL;
struct sshbuf *buf;
buf = load_text_file(name);
ASSERT_INT_NE(BN_hex2bn(&ret, (const char *)sshbuf_ptr(buf)), 0);
sshbuf_free(buf);
return ret;
}
void
dump_digest(char *msg, u_char *digest, int len)
{
struct sshbuf *b;
fprintf(stderr, "%s\n", msg);
if ((b = sshbuf_new()) == NULL)
return;
if (sshbuf_put(b, digest, len) == 0)
sshbuf_dump(b, stderr);
sshbuf_free(b);
}
/*
* Derive fake salt as H(username || first_private_host_key)
* This provides relatively stable fake salts for non-existent
* users and avoids the jpake method becoming an account validity
* oracle.
*/
static void
derive_rawsalt(const char *username, u_char *rawsalt, u_int len)
{
u_char *digest;
u_int digest_len;
struct sshbuf *b;
struct sshkey *k;
int r;
if ((b = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if ((r = sshbuf_put_cstring(b, username)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if ((k = get_hostkey_by_index(0)) == NULL ||
(k->flags & SSHKEY_FLAG_EXT))
fatal("%s: no hostkeys", __func__);
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
if (k->rsa->p == NULL || k->rsa->q == NULL)
fatal("%s: RSA key missing p and/or q", __func__);
if ((r = sshbuf_put_bignum2(b, k->rsa->p)) != 0 ||
(r = sshbuf_put_bignum2(b, k->rsa->q)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
break;
case KEY_DSA:
if (k->dsa->priv_key == NULL)
fatal("%s: DSA key missing priv_key", __func__);
if ((r = sshbuf_put_bignum2(b, k->dsa->priv_key)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
break;
case KEY_ECDSA:
if (EC_KEY_get0_private_key(k->ecdsa) == NULL)
fatal("%s: ECDSA key missing priv_key", __func__);
if ((r = sshbuf_put_bignum2(b,
EC_KEY_get0_private_key(k->ecdsa))) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
break;
default:
fatal("%s: unknown key type %d", __func__, k->type);
}
if (hash_buffer(sshbuf_ptr(b), sshbuf_len(b), EVP_sha256(),
&digest, &digest_len) != 0)
fatal("%s: hash_buffer", __func__);
sshbuf_free(b);
if (len > digest_len)
fatal("%s: not enough bytes for rawsalt (want %u have %u)",
__func__, len, digest_len);
memcpy(rawsalt, digest, len);
bzero(digest, digest_len);
xfree(digest);
}
/* ask agent to sign data, returns err.h code on error, 0 on success */
int
ssh_agent_sign(int sock, struct sshkey *key,
u_char **sigp, size_t *lenp,
const u_char *data, size_t datalen, u_int compat)
{
struct sshbuf *msg;
u_char *blob = NULL, type;
size_t blen = 0, len = 0;
u_int flags = 0;
int r = SSH_ERR_INTERNAL_ERROR;
if (sigp != NULL)
*sigp = NULL;
if (lenp != NULL)
*lenp = 0;
if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE)
return SSH_ERR_INVALID_ARGUMENT;
if (compat & SSH_BUG_SIGBLOB)
flags |= SSH_AGENT_OLD_SIGNATURE;
if ((msg = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((r = sshkey_to_blob(key, &blob, &blen)) != 0)
goto out;
if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
(r = sshbuf_put_string(msg, blob, blen)) != 0 ||
(r = sshbuf_put_string(msg, data, datalen)) != 0 ||
(r = sshbuf_put_u32(msg, flags)) != 0)
goto out;
if ((r = ssh_request_reply(sock, msg, msg) != 0))
goto out;
if ((r = sshbuf_get_u8(msg, &type)) != 0)
goto out;
if (agent_failed(type)) {
r = SSH_ERR_AGENT_FAILURE;
goto out;
} else if (type != SSH2_AGENT_SIGN_RESPONSE) {
r = SSH_ERR_INVALID_FORMAT;
goto out;
}
if ((r = sshbuf_get_string(msg, sigp, &len)) != 0)
goto out;
*lenp = len;
r = 0;
out:
if (blob != NULL) {
explicit_bzero(blob, blen);
free(blob);
}
sshbuf_free(msg);
return r;
}
static void
put_opt(struct sshbuf *b, const char *name, const char *value)
{
struct sshbuf *sect;
sect = sshbuf_new();
ASSERT_PTR_NE(sect, NULL);
ASSERT_INT_EQ(sshbuf_put_cstring(b, name), 0);
if (value != NULL)
ASSERT_INT_EQ(sshbuf_put_cstring(sect, value), 0);
ASSERT_INT_EQ(sshbuf_put_stringb(b, sect), 0);
sshbuf_free(sect);
}
void
kex_free(struct kex *kex)
{
u_int mode;
#ifdef WITH_OPENSSL
if (kex->dh)
DH_free(kex->dh);
if (kex->ec_client_key)
EC_KEY_free(kex->ec_client_key);
#endif
for (mode = 0; mode < MODE_MAX; mode++) {
kex_free_newkeys(kex->newkeys[mode]);
kex->newkeys[mode] = NULL;
}
sshbuf_free(kex->peer);
sshbuf_free(kex->my);
free(kex->session_id);
free(kex->client_version_string);
free(kex->server_version_string);
free(kex);
}
static int
input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
{
Authctxt *authctxt = ssh->authctxt;
Gssctxt *gssctxt;
int r, authenticated = 0;
struct sshbuf *b;
gss_buffer_desc mic, gssbuf;
const char *displayname;
u_char *p;
size_t len;
if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
fatal("No authentication or GSSAPI context");
gssctxt = authctxt->methoddata;
if ((r = sshpkt_get_string(ssh, &p, &len)) != 0)
fatal("%s: %s", __func__, ssh_err(r));
if ((b = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
mic.value = p;
mic.length = len;
ssh_gssapi_buildmic(b, authctxt->user, authctxt->service,
"gssapi-with-mic");
if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
fatal("%s: sshbuf_mutable_ptr failed", __func__);
gssbuf.length = sshbuf_len(b);
if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
else
logit("GSSAPI MIC check failed");
sshbuf_free(b);
free(mic.value);
if ((!use_privsep || mm_is_monitor()) &&
(displayname = ssh_gssapi_displayname()) != NULL)
auth2_record_info(authctxt, "%s", displayname);
authctxt->postponed = 0;
ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL);
ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
userauth_finish(ssh, authenticated, "gssapi-with-mic", NULL);
return 0;
}
char *
ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
OM_uint32 *minor_status)
{
OM_uint32 lmin;
gss_buffer_desc msg = GSS_C_EMPTY_BUFFER;
OM_uint32 ctx;
struct sshbuf *b;
char *ret;
int r;
if ((b = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if (major_status != NULL)
*major_status = ctxt->major;
if (minor_status != NULL)
*minor_status = ctxt->minor;
ctx = 0;
/* The GSSAPI error */
do {
gss_display_status(&lmin, ctxt->major,
GSS_C_GSS_CODE, ctxt->oid, &ctx, &msg);
if ((r = sshbuf_put(b, msg.value, msg.length)) != 0 ||
(r = sshbuf_put_u8(b, '\n')) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
gss_release_buffer(&lmin, &msg);
} while (ctx != 0);
/* The mechanism specific error */
do {
gss_display_status(&lmin, ctxt->minor,
GSS_C_MECH_CODE, ctxt->oid, &ctx, &msg);
if ((r = sshbuf_put(b, msg.value, msg.length)) != 0 ||
(r = sshbuf_put_u8(b, '\n')) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
gss_release_buffer(&lmin, &msg);
} while (ctx != 0);
if ((r = sshbuf_put_u8(b, '\n')) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
ret = xstrdup((const char *)sshbuf_ptr(b));
sshbuf_free(b);
return (ret);
}
int
kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
const BIGNUM *secret)
{
struct sshbuf *shared_secret;
int r;
if ((shared_secret = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((r = sshbuf_put_bignum2(shared_secret, secret)) == 0)
r = kex_derive_keys(ssh, hash, hashlen, shared_secret);
sshbuf_free(shared_secret);
return r;
}
static void
send_data_or_handle(char type, u_int32_t id, const u_char *data, int dlen)
{
struct sshbuf *msg;
int r;
if ((msg = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if ((r = sshbuf_put_u8(msg, type)) != 0 ||
(r = sshbuf_put_u32(msg, id)) != 0 ||
(r = sshbuf_put_string(msg, data, dlen)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
send_msg(msg);
sshbuf_free(msg);
}
struct sshbuf *
sshbuf_fromb(struct sshbuf *buf)
{
struct sshbuf *ret;
if (sshbuf_check_sanity(buf) != 0)
return NULL;
if ((ret = sshbuf_from(sshbuf_ptr(buf), sshbuf_len(buf))) == NULL)
return NULL;
if (sshbuf_set_parent(ret, buf) != 0) {
sshbuf_free(ret);
return NULL;
}
return ret;
}
static void
send_attrib(u_int32_t id, const Attrib *a)
{
struct sshbuf *msg;
int r;
debug("request %u: sent attrib have 0x%x", id, a->flags);
if ((msg = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if ((r = sshbuf_put_u8(msg, SSH2_FXP_ATTRS)) != 0 ||
(r = sshbuf_put_u32(msg, id)) != 0 ||
(r = encode_attrib(msg, a)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
send_msg(msg);
sshbuf_free(msg);
}
void
mm_send_keystate(struct monitor *monitor)
{
struct ssh *ssh = active_state; /* XXX */
struct sshbuf *m;
int r;
if ((m = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if ((r = ssh_packet_get_state(ssh, m)) != 0)
fatal("%s: get_state failed: %s",
__func__, ssh_err(r));
mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, m);
debug3("%s: Finished sending state", __func__);
sshbuf_free(m);
}
/*
* Removes an identity from the authentication server.
* This call is intended only for use by ssh-add(1) and like applications.
*/
int
ssh_remove_identity(int sock, struct sshkey *key)
{
struct sshbuf *msg;
int r;
u_char type, *blob = NULL;
size_t blen;
if ((msg = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
#ifdef WITH_SSH1
if (key->type == KEY_RSA1) {
if ((r = sshbuf_put_u8(msg,
SSH_AGENTC_REMOVE_RSA_IDENTITY)) != 0 ||
(r = sshbuf_put_u32(msg, BN_num_bits(key->rsa->n))) != 0 ||
(r = sshbuf_put_bignum1(msg, key->rsa->e)) != 0 ||
(r = sshbuf_put_bignum1(msg, key->rsa->n)) != 0)
goto out;
} else
#endif
if (key->type != KEY_UNSPEC) {
if ((r = sshkey_to_blob(key, &blob, &blen)) != 0)
goto out;
if ((r = sshbuf_put_u8(msg,
SSH2_AGENTC_REMOVE_IDENTITY)) != 0 ||
(r = sshbuf_put_string(msg, blob, blen)) != 0)
goto out;
} else {
r = SSH_ERR_INVALID_ARGUMENT;
goto out;
}
if ((r = ssh_request_reply(sock, msg, msg)) != 0)
goto out;
if ((r = sshbuf_get_u8(msg, &type)) != 0)
goto out;
r = decode_reply(type);
out:
if (blob != NULL) {
explicit_bzero(blob, blen);
free(blob);
}
sshbuf_free(msg);
return r;
}
int
pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp)
{
struct sshkey *k;
int r;
u_char *blob;
size_t blen;
u_int nkeys, i;
struct sshbuf *msg;
if (fd < 0 && pkcs11_start_helper() < 0)
return (-1);
if ((msg = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if ((r = sshbuf_put_u8(msg, SSH_AGENTC_ADD_SMARTCARD_KEY)) != 0 ||
(r = sshbuf_put_cstring(msg, name)) != 0 ||
(r = sshbuf_put_cstring(msg, pin)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
send_msg(msg);
sshbuf_reset(msg);
if (recv_msg(msg) == SSH2_AGENT_IDENTITIES_ANSWER) {
if ((r = sshbuf_get_u32(msg, &nkeys)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
*keysp = xcalloc(nkeys, sizeof(struct sshkey *));
for (i = 0; i < nkeys; i++) {
/* XXX clean up properly instead of fatal() */
if ((r = sshbuf_get_string(msg, &blob, &blen)) != 0 ||
(r = sshbuf_skip_string(msg)) != 0)
fatal("%s: buffer error: %s",
__func__, ssh_err(r));
if ((r = sshkey_from_blob(blob, blen, &k)) != 0)
fatal("%s: bad key: %s", __func__, ssh_err(r));
wrap_key(k->rsa);
(*keysp)[i] = k;
xfree(blob);
}
} else {
nkeys = -1;
}
sshbuf_free(msg);
return (nkeys);
}
int
sshkey_save_private(struct sshkey *key, const char *filename,
const char *passphrase, const char *comment)
{
struct sshbuf *keyblob = NULL;
int r;
if ((keyblob = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((r = sshkey_private_to_blob(key, keyblob, passphrase,
comment)) != 0)
goto out;
if ((r = sshkey_save_private_blob(keyblob, filename)) != 0)
goto out;
r = 0;
out:
sshbuf_free(keyblob);
return r;
}
int
sshkey_save_private(struct sshkey *key, const char *filename,
const char *passphrase, const char *comment,
int force_new_format, const char *new_format_cipher, int new_format_rounds)
{
struct sshbuf *keyblob = NULL;
int r;
if ((keyblob = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((r = sshkey_private_to_fileblob(key, keyblob, passphrase, comment,
force_new_format, new_format_cipher, new_format_rounds)) != 0)
goto out;
if ((r = sshkey_save_private_blob(keyblob, filename)) != 0)
goto out;
r = 0;
out:
sshbuf_free(keyblob);
return r;
}
int
pkcs11_del_provider(char *name)
{
int r, ret = -1;
struct sshbuf *msg;
if ((msg = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if ((r = sshbuf_put_u8(msg, SSH_AGENTC_REMOVE_SMARTCARD_KEY)) != 0 ||
(r = sshbuf_put_cstring(msg, name)) != 0 ||
(r = sshbuf_put_cstring(msg, "")) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
send_msg(msg);
sshbuf_reset(msg);
if (recv_msg(msg) == SSH_AGENT_SUCCESS)
ret = 0;
sshbuf_free(msg);
return (ret);
}
static int
pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
int padding)
{
struct sshkey key;
u_char *blob, *signature = NULL;
size_t blen, slen = 0;
int r, ret = -1;
struct sshbuf *msg;
if (padding != RSA_PKCS1_PADDING)
return (-1);
key.type = KEY_RSA;
key.rsa = rsa;
if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) {
error("%s: sshkey_to_blob: %s", __func__, ssh_err(r));
return -1;
}
if ((msg = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
(r = sshbuf_put_string(msg, blob, blen)) != 0 ||
(r = sshbuf_put_string(msg, from, flen)) != 0 ||
(r = sshbuf_put_u32(msg, 0)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
xfree(blob);
send_msg(msg);
sshbuf_reset(msg);
if (recv_msg(msg) == SSH2_AGENT_SIGN_RESPONSE) {
if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (slen <= (size_t)RSA_size(rsa)) {
memcpy(to, signature, slen);
ret = slen;
}
xfree(signature);
}
sshbuf_free(msg);
return (ret);
}
/* XXX kill perm_ok now that we have SSH_ERR_KEY_BAD_PERMISSIONS? */
int
sshkey_load_private_type(int type, const char *filename, const char *passphrase,
struct sshkey **keyp, char **commentp, int *perm_ok)
{
int fd, r;
struct sshbuf *buffer = NULL;
*keyp = NULL;
if (commentp != NULL)
*commentp = NULL;
if ((fd = open(filename, O_RDONLY)) < 0) {
if (perm_ok != NULL)
*perm_ok = 0;
return SSH_ERR_SYSTEM_ERROR;
}
if (!sshkey_perm_ok(fd, filename)) {
if (perm_ok != NULL)
*perm_ok = 0;
r = SSH_ERR_KEY_BAD_PERMISSIONS;
goto out;
}
if (perm_ok != NULL)
*perm_ok = 1;
if ((buffer = sshbuf_new()) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = sshkey_load_file(fd, filename, buffer)) != 0)
goto out;
if ((r = sshkey_parse_private_type(buffer, type, passphrase,
keyp, commentp)) != 0)
goto out;
r = 0;
out:
close(fd);
if (buffer != NULL)
sshbuf_free(buffer);
return r;
}
