Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / ed833da176611a39d3376d62154eb88eb440d31c / . / sshsig.c
blob: 15f9cead697f31363085e770b2b0132bb4f3e2cf [file] [log] [blame]
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]1/*
2 * Copyright (c) 2019 Google LLC
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
Damien Miller1a72c0d2019-09-03 18:44:10 +1000[diff] [blame]17#include "includes.h"
18
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]19#include <stdio.h>
20#include <stdlib.h>
21#include <stdarg.h>
22#include <errno.h>
23#include <string.h>
24#include <unistd.h>
25
26#include "authfd.h"
27#include "authfile.h"
28#include "log.h"
29#include "misc.h"
30#include "sshbuf.h"
31#include "sshsig.h"
32#include "ssherr.h"
33#include "sshkey.h"
34#include "match.h"
35#include "digest.h"
36
37#define SIG_VERSION 0x01
38#define MAGIC_PREAMBLE "SSHSIG"
39#define MAGIC_PREAMBLE_LEN (sizeof(MAGIC_PREAMBLE) - 1)
40#define BEGIN_SIGNATURE "-----BEGIN SSH SIGNATURE-----\n"
41#define END_SIGNATURE "-----END SSH SIGNATURE-----"
42#define RSA_SIGN_ALG "rsa-sha2-512" /* XXX maybe make configurable */
43#define RSA_SIGN_ALLOWED "rsa-sha2-512,rsa-sha2-256"
44#define HASHALG_DEFAULT "sha512" /* XXX maybe make configurable */
45#define HASHALG_ALLOWED "sha256,sha512"
46
47int
48sshsig_armor(const struct sshbuf *blob, struct sshbuf **out)
49{
50 struct sshbuf *buf = NULL;
51 int r = SSH_ERR_INTERNAL_ERROR;
52
53 *out = NULL;
54
55 if ((buf = sshbuf_new()) == NULL) {
56 error("%s: sshbuf_new failed", __func__);
57 r = SSH_ERR_ALLOC_FAIL;
58 goto out;
59 }
60
61 if ((r = sshbuf_put(buf, BEGIN_SIGNATURE,
62 sizeof(BEGIN_SIGNATURE)-1)) != 0) {
63 error("%s: sshbuf_putf failed: %s", __func__, ssh_err(r));
64 goto out;
65 }
66
67 if ((r = sshbuf_dtob64(blob, buf, 1)) != 0) {
68 error("%s: Couldn't base64 encode signature blob: %s",
69 __func__, ssh_err(r));
70 goto out;
71 }
72
73 if ((r = sshbuf_put(buf, END_SIGNATURE,
74 sizeof(END_SIGNATURE)-1)) != 0 ||
75 (r = sshbuf_put_u8(buf, '\n')) != 0) {
76 error("%s: sshbuf_put failed: %s", __func__, ssh_err(r));
77 goto out;
78 }
79 /* success */
80 *out = buf;
81 buf = NULL; /* transferred */
82 r = 0;
83 out:
84 sshbuf_free(buf);
85 return r;
86}
87
88int
89sshsig_dearmor(struct sshbuf *sig, struct sshbuf **out)
90{
91 int r;
92 size_t eoffset = 0;
93 struct sshbuf *buf = NULL;
94 struct sshbuf *sbuf = NULL;
95 char *b64 = NULL;
96
97 if ((sbuf = sshbuf_fromb(sig)) == NULL) {
98 error("%s: sshbuf_fromb failed", __func__);
99 return SSH_ERR_ALLOC_FAIL;
100 }
101
102 if ((r = sshbuf_cmp(sbuf, 0,
103 BEGIN_SIGNATURE, sizeof(BEGIN_SIGNATURE)-1)) != 0) {
104 error("Couldn't parse signature: missing header");
105 goto done;
106 }
107
108 if ((r = sshbuf_consume(sbuf, sizeof(BEGIN_SIGNATURE)-1)) != 0) {
109 error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r));
110 goto done;
111 }
112
113 if ((r = sshbuf_find(sbuf, 0, "\n" END_SIGNATURE,
114 sizeof("\n" END_SIGNATURE)-1, &eoffset)) != 0) {
115 error("Couldn't parse signature: missing footer");
116 goto done;
117 }
118
119 if ((r = sshbuf_consume_end(sbuf, sshbuf_len(sbuf)-eoffset)) != 0) {
120 error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r));
121 goto done;
122 }
123
124 if ((b64 = sshbuf_dup_string(sbuf)) == NULL) {
125 error("%s: sshbuf_dup_string failed", __func__);
126 r = SSH_ERR_ALLOC_FAIL;
127 goto done;
128 }
129
130 if ((buf = sshbuf_new()) == NULL) {
131 error("%s: sshbuf_new() failed", __func__);
132 r = SSH_ERR_ALLOC_FAIL;
133 goto done;
134 }
135
136 if ((r = sshbuf_b64tod(buf, b64)) != 0) {
naddy@openbsd.org0f44e592019-09-03 20:51:49 +0000[diff] [blame]137 error("Couldn't decode signature: %s", ssh_err(r));
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]138 goto done;
139 }
140
141 /* success */
142 *out = buf;
143 r = 0;
144 buf = NULL; /* transferred */
145done:
146 sshbuf_free(buf);
147 sshbuf_free(sbuf);
148 free(b64);
149 return r;
150}
151
152static int
153sshsig_wrap_sign(struct sshkey *key, const char *hashalg,
djm@openbsd.org9a14c642019-10-31 21:23:19 +0000[diff] [blame]154 const char *sk_provider, const struct sshbuf *h_message,
155 const char *sig_namespace, struct sshbuf **out,
156 sshsig_signer *signer, void *signer_ctx)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]157{
158 int r;
159 size_t slen = 0;
160 u_char *sig = NULL;
161 struct sshbuf *blob = NULL;
162 struct sshbuf *tosign = NULL;
163 const char *sign_alg = NULL;
164
165 if ((tosign = sshbuf_new()) == NULL ||
166 (blob = sshbuf_new()) == NULL) {
167 error("%s: sshbuf_new failed", __func__);
168 r = SSH_ERR_ALLOC_FAIL;
169 goto done;
170 }
171
172 if ((r = sshbuf_put(tosign, MAGIC_PREAMBLE, MAGIC_PREAMBLE_LEN)) != 0 ||
173 (r = sshbuf_put_cstring(tosign, sig_namespace)) != 0 ||
174 (r = sshbuf_put_string(tosign, NULL, 0)) != 0 || /* reserved */
175 (r = sshbuf_put_cstring(tosign, hashalg)) != 0 ||
djm@openbsd.orgb5a89ee2019-10-02 08:07:13 +0000[diff] [blame]176 (r = sshbuf_put_stringb(tosign, h_message)) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]177 error("Couldn't construct message to sign: %s", ssh_err(r));
178 goto done;
179 }
180
181 /* If using RSA keys then default to a good signature algorithm */
182 if (sshkey_type_plain(key->type) == KEY_RSA)
183 sign_alg = RSA_SIGN_ALG;
184
185 if (signer != NULL) {
186 if ((r = signer(key, &sig, &slen,
187 sshbuf_ptr(tosign), sshbuf_len(tosign),
djm@openbsd.org9a14c642019-10-31 21:23:19 +0000[diff] [blame]188 sign_alg, sk_provider, 0, signer_ctx)) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]189 error("Couldn't sign message: %s", ssh_err(r));
190 goto done;
191 }
192 } else {
193 if ((r = sshkey_sign(key, &sig, &slen,
194 sshbuf_ptr(tosign), sshbuf_len(tosign),
djm@openbsd.org9a14c642019-10-31 21:23:19 +0000[diff] [blame]195 sign_alg, sk_provider, 0)) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]196 error("Couldn't sign message: %s", ssh_err(r));
197 goto done;
198 }
199 }
200
201 if ((r = sshbuf_put(blob, MAGIC_PREAMBLE, MAGIC_PREAMBLE_LEN)) != 0 ||
202 (r = sshbuf_put_u32(blob, SIG_VERSION)) != 0 ||
203 (r = sshkey_puts(key, blob)) != 0 ||
204 (r = sshbuf_put_cstring(blob, sig_namespace)) != 0 ||
205 (r = sshbuf_put_string(blob, NULL, 0)) != 0 || /* reserved */
206 (r = sshbuf_put_cstring(blob, hashalg)) != 0 ||
207 (r = sshbuf_put_string(blob, sig, slen)) != 0) {
208 error("Couldn't populate blob: %s", ssh_err(r));
209 goto done;
210 }
211
markus@openbsd.org15be29e2020-03-06 18:13:29 +0000[diff] [blame]212 if (out != NULL) {
213 *out = blob;
214 blob = NULL;
215 }
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]216 r = 0;
217done:
218 free(sig);
219 sshbuf_free(blob);
220 sshbuf_free(tosign);
221 return r;
222}
223
224/* Check preamble and version. */
225static int
226sshsig_parse_preamble(struct sshbuf *buf)
227{
228 int r = SSH_ERR_INTERNAL_ERROR;
229 uint32_t sversion;
230
231 if ((r = sshbuf_cmp(buf, 0, MAGIC_PREAMBLE, MAGIC_PREAMBLE_LEN)) != 0 ||
232 (r = sshbuf_consume(buf, (sizeof(MAGIC_PREAMBLE)-1))) != 0 ||
233 (r = sshbuf_get_u32(buf, &sversion)) != 0) {
234 error("Couldn't verify signature: invalid format");
235 return r;
236 }
237
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]238 if (sversion > SIG_VERSION) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]239 error("Signature version %lu is larger than supported "
240 "version %u", (unsigned long)sversion, SIG_VERSION);
241 return SSH_ERR_INVALID_FORMAT;
242 }
243 return 0;
244}
245
246static int
247sshsig_check_hashalg(const char *hashalg)
248{
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]249 if (hashalg == NULL ||
250 match_pattern_list(hashalg, HASHALG_ALLOWED, 0) == 1)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]251 return 0;
252 error("%s: unsupported hash algorithm \"%.100s\"", __func__, hashalg);
253 return SSH_ERR_SIGN_ALG_UNSUPPORTED;
254}
255
256static int
257sshsig_peek_hashalg(struct sshbuf *signature, char **hashalgp)
258{
259 struct sshbuf *buf = NULL;
260 char *hashalg = NULL;
261 int r = SSH_ERR_INTERNAL_ERROR;
262
263 if (hashalgp != NULL)
264 *hashalgp = NULL;
265 if ((buf = sshbuf_fromb(signature)) == NULL)
266 return SSH_ERR_ALLOC_FAIL;
267 if ((r = sshsig_parse_preamble(buf)) != 0)
268 goto done;
269 if ((r = sshbuf_get_string_direct(buf, NULL, NULL)) != 0 ||
270 (r = sshbuf_get_string_direct(buf, NULL, NULL)) != 0 ||
271 (r = sshbuf_get_string(buf, NULL, NULL)) != 0 ||
272 (r = sshbuf_get_cstring(buf, &hashalg, NULL)) != 0 ||
273 (r = sshbuf_get_string_direct(buf, NULL, NULL)) != 0) {
274 error("Couldn't parse signature blob: %s", ssh_err(r));
275 goto done;
276 }
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]277
278 /* success */
279 r = 0;
280 *hashalgp = hashalg;
281 hashalg = NULL;
282 done:
283 free(hashalg);
284 sshbuf_free(buf);
285 return r;
286}
287
288static int
289sshsig_wrap_verify(struct sshbuf *signature, const char *hashalg,
290 const struct sshbuf *h_message, const char *expect_namespace,
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]291 struct sshkey **sign_keyp, struct sshkey_sig_details **sig_details)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]292{
293 int r = SSH_ERR_INTERNAL_ERROR;
294 struct sshbuf *buf = NULL, *toverify = NULL;
295 struct sshkey *key = NULL;
296 const u_char *sig;
297 char *got_namespace = NULL, *sigtype = NULL, *sig_hashalg = NULL;
298 size_t siglen;
299
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]300 debug("%s: verify message length %zu", __func__, sshbuf_len(h_message));
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]301 if (sig_details != NULL)
302 *sig_details = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]303 if (sign_keyp != NULL)
304 *sign_keyp = NULL;
305
306 if ((toverify = sshbuf_new()) == NULL) {
307 error("%s: sshbuf_new failed", __func__);
308 r = SSH_ERR_ALLOC_FAIL;
309 goto done;
310 }
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]311 if ((r = sshbuf_put(toverify, MAGIC_PREAMBLE,
312 MAGIC_PREAMBLE_LEN)) != 0 ||
313 (r = sshbuf_put_cstring(toverify, expect_namespace)) != 0 ||
314 (r = sshbuf_put_string(toverify, NULL, 0)) != 0 || /* reserved */
315 (r = sshbuf_put_cstring(toverify, hashalg)) != 0 ||
djm@openbsd.orgb5a89ee2019-10-02 08:07:13 +0000[diff] [blame]316 (r = sshbuf_put_stringb(toverify, h_message)) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]317 error("Couldn't construct message to verify: %s", ssh_err(r));
318 goto done;
319 }
320
321 if ((r = sshsig_parse_preamble(signature)) != 0)
322 goto done;
323
324 if ((r = sshkey_froms(signature, &key)) != 0 ||
325 (r = sshbuf_get_cstring(signature, &got_namespace, NULL)) != 0 ||
326 (r = sshbuf_get_string(signature, NULL, NULL)) != 0 ||
327 (r = sshbuf_get_cstring(signature, &sig_hashalg, NULL)) != 0 ||
328 (r = sshbuf_get_string_direct(signature, &sig, &siglen)) != 0) {
329 error("Couldn't parse signature blob: %s", ssh_err(r));
330 goto done;
331 }
332
333 if (sshbuf_len(signature) != 0) {
334 error("Signature contains trailing data");
335 r = SSH_ERR_INVALID_FORMAT;
336 goto done;
337 }
338
339 if (strcmp(expect_namespace, got_namespace) != 0) {
340 error("Couldn't verify signature: namespace does not match");
341 debug("%s: expected namespace \"%s\" received \"%s\"",
342 __func__, expect_namespace, got_namespace);
343 r = SSH_ERR_SIGNATURE_INVALID;
344 goto done;
345 }
346 if (strcmp(hashalg, sig_hashalg) != 0) {
347 error("Couldn't verify signature: hash algorithm mismatch");
348 debug("%s: expected algorithm \"%s\" received \"%s\"",
349 __func__, hashalg, sig_hashalg);
350 r = SSH_ERR_SIGNATURE_INVALID;
351 goto done;
352 }
353 /* Ensure that RSA keys use an acceptable signature algorithm */
354 if (sshkey_type_plain(key->type) == KEY_RSA) {
355 if ((r = sshkey_get_sigtype(sig, siglen, &sigtype)) != 0) {
356 error("Couldn't verify signature: unable to get "
357 "signature type: %s", ssh_err(r));
358 goto done;
359 }
360 if (match_pattern_list(sigtype, RSA_SIGN_ALLOWED, 0) != 1) {
361 error("Couldn't verify signature: unsupported RSA "
362 "signature algorithm %s", sigtype);
363 r = SSH_ERR_SIGN_ALG_UNSUPPORTED;
364 goto done;
365 }
366 }
367 if ((r = sshkey_verify(key, sig, siglen, sshbuf_ptr(toverify),
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]368 sshbuf_len(toverify), NULL, 0, sig_details)) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]369 error("Signature verification failed: %s", ssh_err(r));
370 goto done;
371 }
372
373 /* success */
374 r = 0;
375 if (sign_keyp != NULL) {
376 *sign_keyp = key;
377 key = NULL; /* transferred */
378 }
379done:
380 free(got_namespace);
381 free(sigtype);
382 free(sig_hashalg);
383 sshbuf_free(buf);
384 sshbuf_free(toverify);
385 sshkey_free(key);
386 return r;
387}
388
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]389static int
390hash_buffer(const struct sshbuf *m, const char *hashalg, struct sshbuf **bp)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]391{
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]392 char *hex, hash[SSH_DIGEST_MAX_LENGTH];
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]393 int alg, r = SSH_ERR_INTERNAL_ERROR;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]394 struct sshbuf *b = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]395
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]396 *bp = NULL;
397 memset(hash, 0, sizeof(hash));
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]398
399 if ((r = sshsig_check_hashalg(hashalg)) != 0)
400 return r;
401 if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) {
402 error("%s: can't look up hash algorithm %s",
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]403 __func__, hashalg);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]404 return SSH_ERR_INTERNAL_ERROR;
405 }
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]406 if ((r = ssh_digest_buffer(alg, m, hash, sizeof(hash))) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]407 error("%s: ssh_digest_buffer failed: %s", __func__, ssh_err(r));
408 return r;
409 }
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]410 if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) {
411 debug3("%s: final hash: %s", __func__, hex);
412 freezero(hex, strlen(hex));
413 }
414 if ((b = sshbuf_new()) == NULL) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]415 r = SSH_ERR_ALLOC_FAIL;
416 goto out;
417 }
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]418 if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) {
419 error("%s: sshbuf_put: %s", __func__, ssh_err(r));
420 goto out;
421 }
422 *bp = b;
423 b = NULL; /* transferred */
424 /* success */
425 r = 0;
426 out:
427 sshbuf_free(b);
428 explicit_bzero(hash, sizeof(hash));
markus@openbsd.org15be29e2020-03-06 18:13:29 +0000[diff] [blame]429 return r;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]430}
431
432int
djm@openbsd.org9a14c642019-10-31 21:23:19 +0000[diff] [blame]433sshsig_signb(struct sshkey *key, const char *hashalg, const char *sk_provider,
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]434 const struct sshbuf *message, const char *sig_namespace,
435 struct sshbuf **out, sshsig_signer *signer, void *signer_ctx)
436{
437 struct sshbuf *b = NULL;
438 int r = SSH_ERR_INTERNAL_ERROR;
439
440 if (hashalg == NULL)
441 hashalg = HASHALG_DEFAULT;
442 if (out != NULL)
443 *out = NULL;
444 if ((r = hash_buffer(message, hashalg, &b)) != 0) {
445 error("%s: hash_buffer failed: %s", __func__, ssh_err(r));
446 goto out;
447 }
djm@openbsd.org9a14c642019-10-31 21:23:19 +0000[diff] [blame]448 if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, b,
449 sig_namespace, out, signer, signer_ctx)) != 0)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]450 goto out;
451 /* success */
452 r = 0;
453 out:
454 sshbuf_free(b);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]455 return r;
456}
457
458int
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]459sshsig_verifyb(struct sshbuf *signature, const struct sshbuf *message,
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]460 const char *expect_namespace, struct sshkey **sign_keyp,
461 struct sshkey_sig_details **sig_details)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]462{
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]463 struct sshbuf *b = NULL;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]464 int r = SSH_ERR_INTERNAL_ERROR;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]465 char *hashalg = NULL;
466
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]467 if (sig_details != NULL)
468 *sig_details = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]469 if (sign_keyp != NULL)
470 *sign_keyp = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]471 if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0)
472 return r;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]473 debug("%s: signature made with hash \"%s\"", __func__, hashalg);
474 if ((r = hash_buffer(message, hashalg, &b)) != 0) {
475 error("%s: hash_buffer failed: %s", __func__, ssh_err(r));
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]476 goto out;
477 }
478 if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace,
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]479 sign_keyp, sig_details)) != 0)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]480 goto out;
481 /* success */
482 r = 0;
483 out:
484 sshbuf_free(b);
485 free(hashalg);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]486 return r;
487}
488
489static int
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]490hash_file(int fd, const char *hashalg, struct sshbuf **bp)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]491{
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]492 char *hex, rbuf[8192], hash[SSH_DIGEST_MAX_LENGTH];
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]493 ssize_t n, total = 0;
494 struct ssh_digest_ctx *ctx;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]495 int alg, oerrno, r = SSH_ERR_INTERNAL_ERROR;
496 struct sshbuf *b = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]497
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]498 *bp = NULL;
499 memset(hash, 0, sizeof(hash));
500
501 if ((r = sshsig_check_hashalg(hashalg)) != 0)
502 return r;
503 if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) {
504 error("%s: can't look up hash algorithm %s",
505 __func__, hashalg);
506 return SSH_ERR_INTERNAL_ERROR;
507 }
508 if ((ctx = ssh_digest_start(alg)) == NULL) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]509 error("%s: ssh_digest_start failed", __func__);
510 return SSH_ERR_INTERNAL_ERROR;
511 }
512 for (;;) {
513 if ((n = read(fd, rbuf, sizeof(rbuf))) == -1) {
514 if (errno == EINTR || errno == EAGAIN)
515 continue;
516 oerrno = errno;
517 error("%s: read: %s", __func__, strerror(errno));
518 ssh_digest_free(ctx);
519 errno = oerrno;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]520 r = SSH_ERR_SYSTEM_ERROR;
521 goto out;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]522 } else if (n == 0) {
523 debug2("%s: hashed %zu bytes", __func__, total);
524 break; /* EOF */
525 }
526 total += (size_t)n;
527 if ((r = ssh_digest_update(ctx, rbuf, (size_t)n)) != 0) {
528 error("%s: ssh_digest_update: %s",
529 __func__, ssh_err(r));
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]530 goto out;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]531 }
532 }
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]533 if ((r = ssh_digest_final(ctx, hash, sizeof(hash))) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]534 error("%s: ssh_digest_final: %s", __func__, ssh_err(r));
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]535 goto out;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]536 }
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]537 if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]538 debug3("%s: final hash: %s", __func__, hex);
539 freezero(hex, strlen(hex));
540 }
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]541 if ((b = sshbuf_new()) == NULL) {
542 r = SSH_ERR_ALLOC_FAIL;
543 goto out;
544 }
545 if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) {
546 error("%s: sshbuf_put: %s", __func__, ssh_err(r));
547 goto out;
548 }
549 *bp = b;
550 b = NULL; /* transferred */
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]551 /* success */
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]552 r = 0;
553 out:
554 sshbuf_free(b);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]555 ssh_digest_free(ctx);
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]556 explicit_bzero(hash, sizeof(hash));
markus@openbsd.org15be29e2020-03-06 18:13:29 +0000[diff] [blame]557 return r;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]558}
559
560int
djm@openbsd.org9a14c642019-10-31 21:23:19 +0000[diff] [blame]561sshsig_sign_fd(struct sshkey *key, const char *hashalg, const char *sk_provider,
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]562 int fd, const char *sig_namespace, struct sshbuf **out,
563 sshsig_signer *signer, void *signer_ctx)
564{
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]565 struct sshbuf *b = NULL;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]566 int r = SSH_ERR_INTERNAL_ERROR;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]567
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]568 if (hashalg == NULL)
569 hashalg = HASHALG_DEFAULT;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]570 if (out != NULL)
571 *out = NULL;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]572 if ((r = hash_file(fd, hashalg, &b)) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]573 error("%s: hash_file failed: %s", __func__, ssh_err(r));
574 return r;
575 }
djm@openbsd.org9a14c642019-10-31 21:23:19 +0000[diff] [blame]576 if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, b,
577 sig_namespace, out, signer, signer_ctx)) != 0)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]578 goto out;
579 /* success */
580 r = 0;
581 out:
582 sshbuf_free(b);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]583 return r;
584}
585
586int
587sshsig_verify_fd(struct sshbuf *signature, int fd,
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]588 const char *expect_namespace, struct sshkey **sign_keyp,
589 struct sshkey_sig_details **sig_details)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]590{
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]591 struct sshbuf *b = NULL;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]592 int r = SSH_ERR_INTERNAL_ERROR;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]593 char *hashalg = NULL;
594
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]595 if (sig_details != NULL)
596 *sig_details = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]597 if (sign_keyp != NULL)
598 *sign_keyp = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]599 if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0)
600 return r;
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]601 debug("%s: signature made with hash \"%s\"", __func__, hashalg);
602 if ((r = hash_file(fd, hashalg, &b)) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]603 error("%s: hash_file failed: %s", __func__, ssh_err(r));
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]604 goto out;
605 }
606 if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace,
djm@openbsd.orgb7e74ea2019-11-25 00:51:37 +0000[diff] [blame]607 sign_keyp, sig_details)) != 0)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]608 goto out;
609 /* success */
610 r = 0;
611 out:
612 sshbuf_free(b);
613 free(hashalg);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]614 return r;
615}
616
djm@openbsd.orgbab6feb2019-09-05 04:55:32 +0000[diff] [blame]617struct sshsigopt {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]618 int ca;
619 char *namespaces;
620};
621
djm@openbsd.orgbab6feb2019-09-05 04:55:32 +0000[diff] [blame]622struct sshsigopt *
623sshsigopt_parse(const char *opts, const char *path, u_long linenum,
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]624 const char **errstrp)
625{
djm@openbsd.orgbab6feb2019-09-05 04:55:32 +0000[diff] [blame]626 struct sshsigopt *ret;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]627 int r;
628 const char *errstr = NULL;
629
630 if ((ret = calloc(1, sizeof(*ret))) == NULL)
631 return NULL;
632 if (opts == NULL || *opts == '\0')
633 return ret; /* Empty options yields empty options :) */
634
635 while (*opts && *opts != ' ' && *opts != '\t') {
636 /* flag options */
637 if ((r = opt_flag("cert-authority", 0, &opts)) != -1) {
638 ret->ca = 1;
639 } else if (opt_match(&opts, "namespaces")) {
640 if (ret->namespaces != NULL) {
641 errstr = "multiple \"namespaces\" clauses";
642 goto fail;
643 }
644 ret->namespaces = opt_dequote(&opts, &errstr);
645 if (ret->namespaces == NULL)
646 goto fail;
647 }
648 /*
649 * Skip the comma, and move to the next option
650 * (or break out if there are no more).
651 */
652 if (*opts == '\0' || *opts == ' ' || *opts == '\t')
653 break; /* End of options. */
654 /* Anything other than a comma is an unknown option */
655 if (*opts != ',') {
656 errstr = "unknown key option";
657 goto fail;
658 }
659 opts++;
660 if (*opts == '\0') {
661 errstr = "unexpected end-of-options";
662 goto fail;
663 }
664 }
665 /* success */
666 return ret;
667 fail:
668 if (errstrp != NULL)
669 *errstrp = errstr;
djm@openbsd.org69159af2019-09-05 05:42:59 +0000[diff] [blame]670 sshsigopt_free(ret);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]671 return NULL;
672}
673
djm@openbsd.orgbab6feb2019-09-05 04:55:32 +0000[diff] [blame]674void
675sshsigopt_free(struct sshsigopt *opts)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]676{
677 if (opts == NULL)
678 return;
679 free(opts->namespaces);
680 free(opts);
681}
682
683static int
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]684parse_principals_key_and_options(const char *path, u_long linenum, char *line,
685 const char *required_principal, char **principalsp, struct sshkey **keyp,
686 struct sshsigopt **sigoptsp)
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]687{
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]688 char *opts = NULL, *tmp, *cp, *principals = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]689 const char *reason = NULL;
djm@openbsd.orgbab6feb2019-09-05 04:55:32 +0000[diff] [blame]690 struct sshsigopt *sigopts = NULL;
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]691 struct sshkey *key = NULL;
692 int r = SSH_ERR_INTERNAL_ERROR;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]693
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]694 if (principalsp != NULL)
695 *principalsp = NULL;
696 if (sigoptsp != NULL)
697 *sigoptsp = NULL;
698 if (keyp != NULL)
699 *keyp = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]700
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]701 cp = line;
702 cp = cp + strspn(cp, " \t"); /* skip leading whitespace */
703 if (*cp == '#' || *cp == '\0')
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]704 return SSH_ERR_KEY_NOT_FOUND; /* blank or all-comment line */
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]705
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]706 /* format: identity[,identity...] [option[,option...]] key */
707 if ((tmp = strdelimw(&cp)) == NULL) {
708 error("%s:%lu: invalid line", path, linenum);
709 r = SSH_ERR_INVALID_FORMAT;
710 goto out;
711 }
712 if ((principals = strdup(tmp)) == NULL) {
713 error("%s: strdup failed", __func__);
714 r = SSH_ERR_ALLOC_FAIL;
715 goto out;
716 }
717 /*
718 * Bail out early if we're looking for a particular principal and this
719 * line does not list it.
720 */
721 if (required_principal != NULL) {
722 if (match_pattern_list(required_principal,
723 principals, 0) != 1) {
724 /* principal didn't match */
725 r = SSH_ERR_KEY_NOT_FOUND;
726 goto out;
727 }
728 debug("%s: %s:%lu: matched principal \"%s\"",
729 __func__, path, linenum, required_principal);
730 }
731
732 if ((key = sshkey_new(KEY_UNSPEC)) == NULL) {
733 error("%s: sshkey_new failed", __func__);
734 r = SSH_ERR_ALLOC_FAIL;
735 goto out;
736 }
737 if (sshkey_read(key, &cp) != 0) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]738 /* no key? Check for options */
739 opts = cp;
740 if (sshkey_advance_past_options(&cp) != 0) {
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]741 error("%s:%lu: invalid options", path, linenum);
742 r = SSH_ERR_INVALID_FORMAT;
743 goto out;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]744 }
745 *cp++ = '\0';
746 skip_space(&cp);
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]747 if (sshkey_read(key, &cp) != 0) {
748 error("%s:%lu: invalid key", path, linenum);
749 r = SSH_ERR_INVALID_FORMAT;
750 goto out;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]751 }
752 }
753 debug3("%s:%lu: options %s", path, linenum, opts == NULL ? "" : opts);
djm@openbsd.orgbab6feb2019-09-05 04:55:32 +0000[diff] [blame]754 if ((sigopts = sshsigopt_parse(opts, path, linenum, &reason)) == NULL) {
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]755 error("%s:%lu: bad options: %s", path, linenum, reason);
djm@openbsd.orge2031b02020-01-22 02:25:21 +0000[diff] [blame]756 r = SSH_ERR_INVALID_FORMAT;
757 goto out;
758 }
759 /* success */
760 if (principalsp != NULL) {
761 *principalsp = principals;
762 principals = NULL; /* transferred */
763 }
764 if (sigoptsp != NULL) {
765 *sigoptsp = sigopts;
766 sigopts = NULL; /* transferred */
767 }
768 if (keyp != NULL) {
769 *keyp = key;
770 key = NULL; /* transferred */
771 }
772 r = 0;
773 out:
774 free(principals);
775 sshsigopt_free(sigopts);
776 sshkey_free(key);
777 return r;
778}
779
780static int
781check_allowed_keys_line(const char *path, u_long linenum, char *line,
782 const struct sshkey *sign_key, const char *principal,
783 const char *sig_namespace)
784{
785 struct sshkey *found_key = NULL;
786 int r, found = 0;
787 const char *reason = NULL;
788 struct sshsigopt *sigopts = NULL;
789
790 /* Parse the line */
791 if ((r = parse_principals_key_and_options(path, linenum, line,
792 principal, NULL, &found_key, &sigopts)) != 0) {
793 /* error already logged */
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]794 goto done;
795 }
796
797 /* Check whether options preclude the use of this key */
798 if (sigopts->namespaces != NULL &&
799 match_pattern_list(sig_namespace, sigopts->namespaces, 0) != 1) {
800 error("%s:%lu: key is not permitted for use in signature "
801 "namespace \"%s\"", path, linenum, sig_namespace);
802 goto done;
803 }
804
805 if (!sigopts->ca && sshkey_equal(found_key, sign_key)) {
806 /* Exact match of key */
807 debug("%s:%lu: matched key and principal", path, linenum);
808 /* success */
809 found = 1;
810 } else if (sigopts->ca && sshkey_is_cert(sign_key) &&
811 sshkey_equal_public(sign_key->cert->signature_key, found_key)) {
812 /* Match of certificate's CA key */
813 if ((r = sshkey_cert_check_authority(sign_key, 0, 1,
814 principal, &reason)) != 0) {
815 error("%s:%lu: certificate not authorized: %s",
816 path, linenum, reason);
817 goto done;
818 }
819 debug("%s:%lu: matched certificate CA key", path, linenum);
820 /* success */
821 found = 1;
822 } else {
823 /* Principal matched but key didn't */
824 goto done;
825 }
826 done:
827 sshkey_free(found_key);
djm@openbsd.orgbab6feb2019-09-05 04:55:32 +0000[diff] [blame]828 sshsigopt_free(sigopts);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]829 return found ? 0 : SSH_ERR_KEY_NOT_FOUND;
830}
831
832int
833sshsig_check_allowed_keys(const char *path, const struct sshkey *sign_key,
834 const char *principal, const char *sig_namespace)
835{
836 FILE *f = NULL;
837 char *line = NULL;
838 size_t linesize = 0;
839 u_long linenum = 0;
markus@openbsd.org15be29e2020-03-06 18:13:29 +0000[diff] [blame]840 int r = SSH_ERR_INTERNAL_ERROR, oerrno;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]841
842 /* Check key and principal against file */
843 if ((f = fopen(path, "r")) == NULL) {
844 oerrno = errno;
845 error("Unable to open allowed keys file \"%s\": %s",
846 path, strerror(errno));
847 errno = oerrno;
848 return SSH_ERR_SYSTEM_ERROR;
849 }
850
851 while (getline(&line, &linesize, f) != -1) {
852 linenum++;
853 r = check_allowed_keys_line(path, linenum, line, sign_key,
854 principal, sig_namespace);
djm@openbsd.orgd637c4a2019-09-03 08:35:27 +0000[diff] [blame]855 free(line);
856 line = NULL;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]857 if (r == SSH_ERR_KEY_NOT_FOUND)
858 continue;
859 else if (r == 0) {
860 /* success */
861 fclose(f);
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]862 return 0;
djm@openbsd.org2a9c9f72019-09-03 08:34:19 +0000[diff] [blame]863 } else
864 break;
865 }
866 /* Either we hit an error parsing or we simply didn't find the key */
867 fclose(f);
868 free(line);
869 return r == 0 ? SSH_ERR_KEY_NOT_FOUND : r;
870}
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]871
872static int
djm@openbsd.org72a8bea2020-01-23 23:31:52 +0000[diff] [blame]873cert_filter_principals(const char *path, u_long linenum,
874 char **principalsp, const struct sshkey *cert)
875{
876 char *cp, *oprincipals, *principals;
877 const char *reason;
878 struct sshbuf *nprincipals;
879 int r = SSH_ERR_INTERNAL_ERROR, success = 0;
880
881 oprincipals = principals = *principalsp;
882 *principalsp = NULL;
883
markus@openbsd.org5732d582020-03-06 18:28:50 +0000[diff] [blame]884 if ((nprincipals = sshbuf_new()) == NULL) {
885 r = SSH_ERR_ALLOC_FAIL;
886 goto out;
887 }
djm@openbsd.org72a8bea2020-01-23 23:31:52 +0000[diff] [blame]888
889 while ((cp = strsep(&principals, ",")) != NULL && *cp != '\0') {
890 if (strcspn(cp, "!?*") != strlen(cp)) {
891 debug("%s:%lu: principal \"%s\" not authorized: "
892 "contains wildcards", path, linenum, cp);
893 continue;
894 }
895 /* Check against principals list in certificate */
896 if ((r = sshkey_cert_check_authority(cert, 0, 1,
897 cp, &reason)) != 0) {
898 debug("%s:%lu: principal \"%s\" not authorized: %s",
899 path, linenum, cp, reason);
900 continue;
901 }
902 if ((r = sshbuf_putf(nprincipals, "%s%s",
903 sshbuf_len(nprincipals) != 0 ? "," : "", cp)) != 0) {
904 error("%s: buffer error", __func__);
905 goto out;
906 }
907 }
908 if (sshbuf_len(nprincipals) == 0) {
909 error("%s:%lu: no valid principals found", path, linenum);
910 r = SSH_ERR_KEY_CERT_INVALID;
911 goto out;
912 }
913 if ((principals = sshbuf_dup_string(nprincipals)) == NULL) {
914 error("%s: buffer error", __func__);
915 goto out;
916 }
917 /* success */
918 success = 1;
919 *principalsp = principals;
920 out:
921 sshbuf_free(nprincipals);
922 free(oprincipals);
923 return success ? 0 : r;
924}
925
926static int
927get_matching_principals_from_line(const char *path, u_long linenum, char *line,
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]928 const struct sshkey *sign_key, char **principalsp)
929{
930 struct sshkey *found_key = NULL;
931 char *principals = NULL;
932 int r, found = 0;
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]933 struct sshsigopt *sigopts = NULL;
934
935 if (principalsp != NULL)
936 *principalsp = NULL;
937
938 /* Parse the line */
939 if ((r = parse_principals_key_and_options(path, linenum, line,
940 NULL, &principals, &found_key, &sigopts)) != 0) {
941 /* error already logged */
942 goto done;
943 }
944
945 if (!sigopts->ca && sshkey_equal(found_key, sign_key)) {
946 /* Exact match of key */
947 debug("%s:%lu: matched key", path, linenum);
948 /* success */
949 found = 1;
950 } else if (sigopts->ca && sshkey_is_cert(sign_key) &&
951 sshkey_equal_public(sign_key->cert->signature_key, found_key)) {
djm@openbsd.org72a8bea2020-01-23 23:31:52 +0000[diff] [blame]952 /* Remove principals listed in file but not allowed by cert */
953 if ((r = cert_filter_principals(path, linenum,
954 &principals, sign_key)) != 0) {
955 /* error already displayed */
956 debug("%s:%lu: cert_filter_principals: %s",
957 path, linenum, ssh_err(r));
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]958 goto done;
959 }
960 debug("%s:%lu: matched certificate CA key", path, linenum);
961 /* success */
962 found = 1;
963 } else {
964 /* Key didn't match */
965 goto done;
966 }
967 done:
markus@openbsd.org31c39e72020-03-06 18:27:15 +0000[diff] [blame]968 if (found && principalsp != NULL) {
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]969 *principalsp = principals;
970 principals = NULL; /* transferred */
971 }
972 free(principals);
973 sshkey_free(found_key);
974 sshsigopt_free(sigopts);
975 return found ? 0 : SSH_ERR_KEY_NOT_FOUND;
976}
977
978int
djm@openbsd.org72a8bea2020-01-23 23:31:52 +0000[diff] [blame]979sshsig_find_principals(const char *path, const struct sshkey *sign_key,
980 char **principals)
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]981{
982 FILE *f = NULL;
983 char *line = NULL;
984 size_t linesize = 0;
985 u_long linenum = 0;
markus@openbsd.org46e5c4c2020-03-06 18:27:50 +0000[diff] [blame]986 int r = SSH_ERR_INTERNAL_ERROR, oerrno;
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]987
988 if ((f = fopen(path, "r")) == NULL) {
989 oerrno = errno;
990 error("Unable to open allowed keys file \"%s\": %s",
991 path, strerror(errno));
992 errno = oerrno;
993 return SSH_ERR_SYSTEM_ERROR;
994 }
995
996 while (getline(&line, &linesize, f) != -1) {
997 linenum++;
djm@openbsd.org72a8bea2020-01-23 23:31:52 +0000[diff] [blame]998 r = get_matching_principals_from_line(path, linenum, line,
999 sign_key, principals);
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]1000 free(line);
1001 line = NULL;
1002 if (r == SSH_ERR_KEY_NOT_FOUND)
1003 continue;
1004 else if (r == 0) {
1005 /* success */
1006 fclose(f);
1007 return 0;
1008 } else
1009 break;
1010 }
1011 free(line);
1012 /* Either we hit an error parsing or we simply didn't find the key */
1013 if (ferror(f) != 0) {
1014 oerrno = errno;
1015 fclose(f);
1016 error("Unable to read allowed keys file \"%s\": %s",
1017 path, strerror(errno));
1018 errno = oerrno;
1019 return SSH_ERR_SYSTEM_ERROR;
1020 }
1021 fclose(f);
1022 return r == 0 ? SSH_ERR_KEY_NOT_FOUND : r;
1023}
1024
1025int
1026sshsig_get_pubkey(struct sshbuf *signature, struct sshkey **pubkey)
1027{
1028 struct sshkey *pk = NULL;
1029 int r = SSH_ERR_SIGNATURE_INVALID;
1030
markus@openbsd.org31c39e72020-03-06 18:27:15 +0000[diff] [blame]1031 if (pubkey == NULL)
1032 return SSH_ERR_INTERNAL_ERROR;
djm@openbsd.org56cffcc2020-01-23 02:43:48 +0000[diff] [blame]1033 if ((r = sshsig_parse_preamble(signature)) != 0)
1034 return r;
1035 if ((r = sshkey_froms(signature, &pk)) != 0)
1036 return r;
1037
1038 *pubkey = pk;
1039 pk = NULL;
1040 return 0;
1041}