=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/authfile.c,v retrieving revision 1.32.2.3 retrieving revision 1.33 diff -u -r1.32.2.3 -r1.33 --- src/usr.bin/ssh/authfile.c 2002/03/09 00:20:44 1.32.2.3 +++ src/usr.bin/ssh/authfile.c 2001/05/16 20:51:57 1.33 @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.32.2.3 2002/03/09 00:20:44 miod Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.33 2001/05/16 20:51:57 markus Exp $"); #include #include @@ -50,7 +50,6 @@ #include "ssh.h" #include "log.h" #include "authfile.h" -#include "rsa.h" /* Version identification string for SSH v1 identity files. */ static const char authfile_id_string[] = @@ -63,13 +62,13 @@ * passphrase. */ -static int +int key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, const char *comment) { Buffer buffer, encrypted; - u_char buf[100], *cp; - int fd, i, cipher_num; + char buf[100], *cp; + int fd, i; CipherContext ciphercontext; Cipher *cipher; u_int32_t rand; @@ -78,9 +77,11 @@ * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting * to another cipher; otherwise use SSH_AUTHFILE_CIPHER. */ - cipher_num = (strcmp(passphrase, "") == 0) ? - SSH_CIPHER_NONE : SSH_AUTHFILE_CIPHER; - if ((cipher = cipher_by_number(cipher_num)) == NULL) + if (strcmp(passphrase, "") == 0) + cipher = cipher_by_number(SSH_CIPHER_NONE); + else + cipher = cipher_by_number(SSH_AUTHFILE_CIPHER); + if (cipher == NULL) fatal("save_private_key_rsa: bad cipher"); /* This buffer is used to built the secret part of the private key. */ @@ -117,23 +118,21 @@ buffer_put_char(&encrypted, 0); /* Store cipher type. */ - buffer_put_char(&encrypted, cipher_num); + buffer_put_char(&encrypted, cipher->number); buffer_put_int(&encrypted, 0); /* For future extension */ /* Store public key. This will be in plain text. */ buffer_put_int(&encrypted, BN_num_bits(key->rsa->n)); buffer_put_bignum(&encrypted, key->rsa->n); buffer_put_bignum(&encrypted, key->rsa->e); - buffer_put_cstring(&encrypted, comment); + buffer_put_string(&encrypted, comment, strlen(comment)); /* Allocate space for the private part of the key in the buffer. */ - cp = buffer_append_space(&encrypted, buffer_len(&buffer)); + buffer_append_space(&encrypted, &cp, buffer_len(&buffer)); - cipher_set_key_string(&ciphercontext, cipher, passphrase, - CIPHER_ENCRYPT); - cipher_crypt(&ciphercontext, cp, - buffer_ptr(&buffer), buffer_len(&buffer)); - cipher_cleanup(&ciphercontext); + cipher_set_key_string(&ciphercontext, cipher, passphrase); + cipher_encrypt(&ciphercontext, (u_char *) cp, + (u_char *) buffer_ptr(&buffer), buffer_len(&buffer)); memset(&ciphercontext, 0, sizeof(ciphercontext)); /* Destroy temporary data. */ @@ -148,7 +147,7 @@ if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != buffer_len(&encrypted)) { error("write to key file %s failed: %s", filename, - strerror(errno)); + strerror(errno)); buffer_free(&encrypted); close(fd); unlink(filename); @@ -160,7 +159,7 @@ } /* save SSH v2 key in OpenSSL PEM format */ -static int +int key_save_private_pem(Key *key, const char *filename, const char *_passphrase, const char *comment) { @@ -168,8 +167,8 @@ int fd; int success = 0; int len = strlen(_passphrase); - u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL; - const EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; + char *passphrase = (len > 0) ? (char *)_passphrase : NULL; + EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; if (len > 0 && len <= 4) { error("passphrase too short: have %d bytes, need > 4", len); @@ -227,7 +226,7 @@ * otherwise. */ -static Key * +Key * key_load_public_rsa1(int fd, const char *filename, char **commentp) { Buffer buffer; @@ -240,7 +239,7 @@ lseek(fd, (off_t) 0, SEEK_SET); buffer_init(&buffer); - cp = buffer_append_space(&buffer, len); + buffer_append_space(&buffer, &cp, len); if (read(fd, cp, (size_t) len) != (size_t) len) { debug("Read from key file %.200s failed: %.100s", filename, @@ -251,7 +250,7 @@ /* Check that it is at least big enough to contain the ID string. */ if (len < sizeof(authfile_id_string)) { - debug3("Not a RSA1 key file %.200s.", filename); + debug3("No RSA1 key file %.200s.", filename); buffer_free(&buffer); return NULL; } @@ -261,7 +260,7 @@ */ for (i = 0; i < sizeof(authfile_id_string); i++) if (buffer_get_char(&buffer) != authfile_id_string[i]) { - debug3("Not a RSA1 key file %.200s.", filename); + debug3("No RSA1 key file %.200s.", filename); buffer_free(&buffer); return NULL; } @@ -307,23 +306,25 @@ * Assumes we are called under uid of the owner of the file. */ -static Key * +Key * key_load_private_rsa1(int fd, const char *filename, const char *passphrase, char **commentp) { int i, check1, check2, cipher_type; off_t len; Buffer buffer, decrypted; - u_char *cp; + char *cp; CipherContext ciphercontext; Cipher *cipher; + BN_CTX *ctx; + BIGNUM *aux; Key *prv = NULL; len = lseek(fd, (off_t) 0, SEEK_END); lseek(fd, (off_t) 0, SEEK_SET); buffer_init(&buffer); - cp = buffer_append_space(&buffer, len); + buffer_append_space(&buffer, &cp, len); if (read(fd, cp, (size_t) len) != (size_t) len) { debug("Read from key file %.200s failed: %.100s", filename, @@ -335,7 +336,7 @@ /* Check that it is at least big enough to contain the ID string. */ if (len < sizeof(authfile_id_string)) { - debug3("Not a RSA1 key file %.200s.", filename); + debug3("No RSA1 key file %.200s.", filename); buffer_free(&buffer); close(fd); return NULL; @@ -346,7 +347,7 @@ */ for (i = 0; i < sizeof(authfile_id_string); i++) if (buffer_get_char(&buffer) != authfile_id_string[i]) { - debug3("Not a RSA1 key file %.200s.", filename); + debug3("No RSA1 key file %.200s.", filename); buffer_free(&buffer); close(fd); return NULL; @@ -377,14 +378,12 @@ } /* Initialize space for decrypted data. */ buffer_init(&decrypted); - cp = buffer_append_space(&decrypted, buffer_len(&buffer)); + buffer_append_space(&decrypted, &cp, buffer_len(&buffer)); /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ - cipher_set_key_string(&ciphercontext, cipher, passphrase, - CIPHER_DECRYPT); - cipher_crypt(&ciphercontext, cp, - buffer_ptr(&buffer), buffer_len(&buffer)); - cipher_cleanup(&ciphercontext); + cipher_set_key_string(&ciphercontext, cipher, passphrase); + cipher_decrypt(&ciphercontext, (u_char *) cp, + (u_char *) buffer_ptr(&buffer), buffer_len(&buffer)); memset(&ciphercontext, 0, sizeof(ciphercontext)); buffer_free(&buffer); @@ -407,8 +406,18 @@ buffer_get_bignum(&decrypted, prv->rsa->p); /* q */ /* calculate p-1 and q-1 */ - rsa_generate_additional_parameters(prv->rsa); + ctx = BN_CTX_new(); + aux = BN_new(); + BN_sub(aux, prv->rsa->q, BN_value_one()); + BN_mod(prv->rsa->dmq1, prv->rsa->d, aux, ctx); + + BN_sub(aux, prv->rsa->p, BN_value_one()); + BN_mod(prv->rsa->dmp1, prv->rsa->d, aux, ctx); + + BN_clear_free(aux); + BN_CTX_free(ctx); + buffer_free(&decrypted); close(fd); return prv; @@ -421,7 +430,7 @@ return NULL; } -static Key * +Key * key_load_private_pem(int fd, int type, const char *passphrase, char **commentp) { @@ -441,7 +450,7 @@ debug("PEM_read_PrivateKey failed"); (void)ERR_get_error(); } else if (pk->type == EVP_PKEY_RSA && - (type == KEY_UNSPEC||type==KEY_RSA)) { + (type == KEY_UNSPEC||type==KEY_RSA)) { prv = key_new(KEY_UNSPEC); prv->rsa = EVP_PKEY_get1_RSA(pk); prv->type = KEY_RSA; @@ -450,7 +459,7 @@ RSA_print_fp(stderr, prv->rsa, 8); #endif } else if (pk->type == EVP_PKEY_DSA && - (type == KEY_UNSPEC||type==KEY_DSA)) { + (type == KEY_UNSPEC||type==KEY_DSA)) { prv = key_new(KEY_UNSPEC); prv->dsa = EVP_PKEY_get1_DSA(pk); prv->type = KEY_DSA; @@ -472,23 +481,20 @@ return prv; } -static int +int key_perm_ok(int fd, const char *filename) { struct stat st; - if (fstat(fd, &st) < 0) - return 0; - /* - * if a key owned by the user is accessed, then we check the - * permissions of the file. if the key owned by a different user, - * then we don't care. - */ - if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { + /* check owner and modes */ + if (fstat(fd, &st) < 0 || + (st.st_uid != 0 && getuid() != 0 && st.st_uid != getuid()) || + (st.st_mode & 077) != 0) { + close(fd); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("Permissions 0%3.3o for '%s' are too open.", + error("Bad ownership or mode(0%3.3o) for '%s'.", st.st_mode & 0777, filename); error("It is recommended that your private key files are NOT accessible by others."); error("This private key will be ignored."); @@ -534,7 +540,7 @@ key_load_private(const char *filename, const char *passphrase, char **commentp) { - Key *pub, *prv; + Key *pub; int fd; fd = open(filename, O_RDONLY); @@ -549,20 +555,17 @@ lseek(fd, (off_t) 0, SEEK_SET); /* rewind */ if (pub == NULL) { /* closes fd */ - prv = key_load_private_pem(fd, KEY_UNSPEC, passphrase, NULL); - /* use the filename as a comment for PEM */ - if (commentp && prv) - *commentp = xstrdup(filename); + return key_load_private_pem(fd, KEY_UNSPEC, passphrase, + commentp); } else { /* it's a SSH v1 key if the public key part is readable */ key_free(pub); /* closes fd */ - prv = key_load_private_rsa1(fd, filename, passphrase, NULL); + return key_load_private_rsa1(fd, filename, passphrase, NULL); } - return prv; } -static int +int key_try_load_public(Key *k, const char *filename, char **commentp) { FILE *f; @@ -574,7 +577,7 @@ while (fgets(line, sizeof(line), f)) { line[sizeof(line)-1] = '\0'; cp = line; - switch (*cp) { + switch(*cp){ case '#': case '\n': case '\0':