=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keygen.c,v retrieving revision 1.413 retrieving revision 1.420 diff -u -r1.413 -r1.420 --- src/usr.bin/ssh/ssh-keygen.c 2020/06/26 05:02:03 1.413 +++ src/usr.bin/ssh/ssh-keygen.c 2020/09/09 03:08:01 1.420 @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.413 2020/06/26 05:02:03 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.420 2020/09/09 03:08:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -127,13 +127,13 @@ static char *certflags_src_addr = NULL; /* Arbitrary extensions specified by user */ -struct cert_userext { +struct cert_ext { char *key; char *val; int crit; }; -static struct cert_userext *cert_userext; -static size_t ncert_userext; +static struct cert_ext *cert_ext; +static size_t ncert_ext; /* Conversion to/from various formats */ enum { @@ -573,7 +573,7 @@ /* try the key */ if (sshkey_sign(key, &sig, &slen, data, sizeof(data), - NULL, NULL, 0) != 0 || + NULL, NULL, NULL, 0) != 0 || sshkey_verify(key, sig, slen, data, sizeof(data), NULL, 0, NULL) != 0) { sshkey_free(key); @@ -795,10 +795,14 @@ prv = load_identity(identity_file, &comment); if ((r = sshkey_write(prv, stdout)) != 0) error("sshkey_write failed: %s", ssh_err(r)); - sshkey_free(prv); if (comment != NULL && *comment != '\0') fprintf(stdout, " %s", comment); fprintf(stdout, "\n"); + if (sshkey_is_sk(prv)) { + debug("sk_application: \"%s\", sk_flags 0x%02x", + prv->sk_application, prv->sk_flags); + } + sshkey_free(prv); free(comment); exit(0); } @@ -1579,31 +1583,32 @@ } static void -add_flag_option(struct sshbuf *c, const char *name) +cert_ext_add(const char *key, const char *value, int iscrit) { - int r; - - debug3("%s: %s", __func__, name); - if ((r = sshbuf_put_cstring(c, name)) != 0 || - (r = sshbuf_put_string(c, NULL, 0)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + cert_ext = xreallocarray(cert_ext, ncert_ext + 1, sizeof(*cert_ext)); + cert_ext[ncert_ext].key = xstrdup(key); + cert_ext[ncert_ext].val = value == NULL ? NULL : xstrdup(value); + cert_ext[ncert_ext].crit = iscrit; + ncert_ext++; } -static void -add_string_option(struct sshbuf *c, const char *name, const char *value) +/* qsort(3) comparison function for certificate extensions */ +static int +cert_ext_cmp(const void *_a, const void *_b) { - struct sshbuf *b; + const struct cert_ext *a = (const struct cert_ext *)_a; + const struct cert_ext *b = (const struct cert_ext *)_b; int r; - debug3("%s: %s=%s", __func__, name, value); - if ((b = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((r = sshbuf_put_cstring(b, value)) != 0 || - (r = sshbuf_put_cstring(c, name)) != 0 || - (r = sshbuf_put_stringb(c, b)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - sshbuf_free(b); + if (a->crit != b->crit) + return (a->crit < b->crit) ? -1 : 1; + if ((r = strcmp(a->key, b->key)) != 0) + return r; + if ((a->val == NULL) != (b->val == NULL)) + return (a->val == NULL) ? -1 : 1; + if (a->val != NULL && (r = strcmp(a->val, b->val)) != 0) + return r; + return 0; } #define OPTIONS_CRITICAL 1 @@ -1611,46 +1616,64 @@ static void prepare_options_buf(struct sshbuf *c, int which) { + struct sshbuf *b; size_t i; + int r; + const struct cert_ext *ext; + if ((b = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); sshbuf_reset(c); - if ((which & OPTIONS_CRITICAL) != 0 && - certflags_command != NULL) - add_string_option(c, "force-command", certflags_command); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_X_FWD) != 0) - add_flag_option(c, "permit-X11-forwarding"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_AGENT_FWD) != 0) - add_flag_option(c, "permit-agent-forwarding"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_PORT_FWD) != 0) - add_flag_option(c, "permit-port-forwarding"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_PTY) != 0) - add_flag_option(c, "permit-pty"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_USER_RC) != 0) - add_flag_option(c, "permit-user-rc"); - if ((which & OPTIONS_EXTENSIONS) != 0 && - (certflags_flags & CERTOPT_NO_REQUIRE_USER_PRESENCE) != 0) - add_flag_option(c, "no-touch-required"); - if ((which & OPTIONS_CRITICAL) != 0 && - certflags_src_addr != NULL) - add_string_option(c, "source-address", certflags_src_addr); - for (i = 0; i < ncert_userext; i++) { - if ((cert_userext[i].crit && (which & OPTIONS_EXTENSIONS)) || - (!cert_userext[i].crit && (which & OPTIONS_CRITICAL))) + for (i = 0; i < ncert_ext; i++) { + ext = &cert_ext[i]; + if ((ext->crit && (which & OPTIONS_EXTENSIONS)) || + (!ext->crit && (which & OPTIONS_CRITICAL))) continue; - if (cert_userext[i].val == NULL) - add_flag_option(c, cert_userext[i].key); - else { - add_string_option(c, cert_userext[i].key, - cert_userext[i].val); + if (ext->val == NULL) { + /* flag option */ + debug3("%s: %s", __func__, ext->key); + if ((r = sshbuf_put_cstring(c, ext->key)) != 0 || + (r = sshbuf_put_string(c, NULL, 0)) != 0) + fatal("%s: buffer: %s", __func__, ssh_err(r)); + } else { + /* key/value option */ + debug3("%s: %s=%s", __func__, ext->key, ext->val); + sshbuf_reset(b); + if ((r = sshbuf_put_cstring(c, ext->key)) != 0 || + (r = sshbuf_put_cstring(b, ext->val)) != 0 || + (r = sshbuf_put_stringb(c, b)) != 0) + fatal("%s: buffer: %s", __func__, ssh_err(r)); } } + sshbuf_free(b); } +static void +finalise_cert_exts(void) +{ + /* critical options */ + if (certflags_command != NULL) + cert_ext_add("force-command", certflags_command, 1); + if (certflags_src_addr != NULL) + cert_ext_add("source-address", certflags_src_addr, 1); + /* extensions */ + if ((certflags_flags & CERTOPT_X_FWD) != 0) + cert_ext_add("permit-X11-forwarding", NULL, 0); + if ((certflags_flags & CERTOPT_AGENT_FWD) != 0) + cert_ext_add("permit-agent-forwarding", NULL, 0); + if ((certflags_flags & CERTOPT_PORT_FWD) != 0) + cert_ext_add("permit-port-forwarding", NULL, 0); + if ((certflags_flags & CERTOPT_PTY) != 0) + cert_ext_add("permit-pty", NULL, 0); + if ((certflags_flags & CERTOPT_USER_RC) != 0) + cert_ext_add("permit-user-rc", NULL, 0); + if ((certflags_flags & CERTOPT_NO_REQUIRE_USER_PRESENCE) != 0) + cert_ext_add("no-touch-required", NULL, 0); + /* order lexically by key */ + if (ncert_ext > 0) + qsort(cert_ext, ncert_ext, sizeof(*cert_ext), cert_ext_cmp); +} + static struct sshkey * load_pkcs11_key(char *path) { @@ -1686,7 +1709,8 @@ static int agent_signer(struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, - const char *alg, const char *provider, u_int compat, void *ctx) + const char *alg, const char *provider, const char *pin, + u_int compat, void *ctx) { int *agent_fdp = (int *)ctx; @@ -1703,7 +1727,7 @@ u_int n; struct sshkey *ca, *public; char valid[64], *otmp, *tmp, *cp, *out, *comment; - char *ca_fp = NULL, **plist = NULL; + char *ca_fp = NULL, **plist = NULL, *pin = NULL; struct ssh_identitylist *agent_ids; size_t j; struct notifier_ctx *notifier = NULL; @@ -1744,6 +1768,12 @@ } else { /* CA key is assumed to be a private key on the filesystem */ ca = load_identity(tmp, NULL); + if (sshkey_is_sk(ca) && + (ca->sk_flags & SSH_SK_USER_VERIFICATION_REQD)) { + if ((pin = read_passphrase("Enter PIN for CA key: ", + RP_ALLOW_STDIN)) == NULL) + fatal("%s: couldn't read PIN", __func__); + } } free(tmp); @@ -1758,6 +1788,7 @@ } ca_fp = sshkey_fingerprint(ca, fingerprint_hash, SSH_FP_DEFAULT); + finalise_cert_exts(); for (i = 0; i < argc; i++) { /* Split list of principals */ n = 0; @@ -1802,7 +1833,7 @@ if (agent_fd != -1 && (ca->flags & SSHKEY_FLAG_EXT) != 0) { if ((r = sshkey_certify_custom(public, ca, - key_type_name, sk_provider, agent_signer, + key_type_name, sk_provider, NULL, agent_signer, &agent_fd)) != 0) fatal("Couldn't certify key %s via agent: %s", tmp, ssh_err(r)); @@ -1814,7 +1845,7 @@ sshkey_type(ca), ca_fp); } r = sshkey_certify(public, ca, key_type_name, - sk_provider); + sk_provider, pin); notify_complete(notifier); if (r != 0) fatal("Couldn't certify key %s: %s", @@ -1848,6 +1879,8 @@ if (cert_serial_autoinc) cert_serial++; } + if (pin != NULL) + freezero(pin, strlen(pin)); free(ca_fp); #ifdef ENABLE_PKCS11 pkcs11_terminate(); @@ -1972,13 +2005,8 @@ val = xstrdup(strchr(opt, ':') + 1); if ((cp = strchr(val, '=')) != NULL) *cp++ = '\0'; - cert_userext = xreallocarray(cert_userext, ncert_userext + 1, - sizeof(*cert_userext)); - cert_userext[ncert_userext].key = val; - cert_userext[ncert_userext].val = cp == NULL ? - NULL : xstrdup(cp); - cert_userext[ncert_userext].crit = iscrit; - ncert_userext++; + cert_ext_add(val, cp, iscrit); + free(val); } else fatal("Unsupported certificate option \"%s\"", opt); } @@ -1986,7 +2014,7 @@ static void show_options(struct sshbuf *optbuf, int in_critical) { - char *name, *arg; + char *name, *arg, *hex; struct sshbuf *options, *option = NULL; int r; @@ -2015,11 +2043,14 @@ __func__, ssh_err(r)); printf(" %s\n", arg); free(arg); - } else { - printf(" UNKNOWN OPTION (len %zu)\n", - sshbuf_len(option)); + } else if (sshbuf_len(option) > 0) { + hex = sshbuf_dtob16(option); + printf(" UNKNOWN OPTION: %s (len %zu)\n", + hex, sshbuf_len(option)); sshbuf_reset(option); - } + free(hex); + } else + printf(" UNKNOWN FLAG OPTION\n"); free(name); if (sshbuf_len(option) != 0) fatal("Option corrupt: extra data at end"); @@ -2486,6 +2517,7 @@ struct sshbuf *sigbuf = NULL, *abuf = NULL; int r = SSH_ERR_INTERNAL_ERROR, wfd = -1, oerrno; char *wfile = NULL, *asig = NULL, *fp = NULL; + char *pin = NULL, *prompt = NULL; if (!quiet) { if (fd == STDIN_FILENO) @@ -2493,17 +2525,25 @@ else fprintf(stderr, "Signing file %s\n", filename); } - if (signer == NULL && sshkey_is_sk(signkey) && - (signkey->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { - if ((fp = sshkey_fingerprint(signkey, fingerprint_hash, - SSH_FP_DEFAULT)) == NULL) - fatal("%s: sshkey_fingerprint failed", __func__); - fprintf(stderr, "Confirm user presence for key %s %s\n", - sshkey_type(signkey), fp); - free(fp); + if (signer == NULL && sshkey_is_sk(signkey)) { + if ((signkey->sk_flags & SSH_SK_USER_VERIFICATION_REQD)) { + xasprintf(&prompt, "Enter PIN for %s key: ", + sshkey_type(signkey)); + if ((pin = read_passphrase(prompt, + RP_ALLOW_STDIN)) == NULL) + fatal("%s: couldn't read PIN", __func__); + } + if ((signkey->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { + if ((fp = sshkey_fingerprint(signkey, fingerprint_hash, + SSH_FP_DEFAULT)) == NULL) + fatal("%s: fingerprint failed", __func__); + fprintf(stderr, "Confirm user presence for key %s %s\n", + sshkey_type(signkey), fp); + free(fp); + } } - if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, fd, sig_namespace, - &sigbuf, signer, signer_ctx)) != 0) { + if ((r = sshsig_sign_fd(signkey, NULL, sk_provider, pin, + fd, sig_namespace, &sigbuf, signer, signer_ctx)) != 0) { error("Signing %s failed: %s", filename, ssh_err(r)); goto out; } @@ -2551,7 +2591,10 @@ r = 0; out: free(wfile); + free(prompt); free(asig); + if (pin != NULL) + freezero(pin, strlen(pin)); sshbuf_free(abuf); sshbuf_free(sigbuf); if (wfd != -1) @@ -2923,21 +2966,18 @@ if (skprovider == NULL) fatal("Cannot download keys without provider"); - for (i = 0; i < 2; i++) { - if (i == 1) { - pin = read_passphrase("Enter PIN for authenticator: ", - RP_ALLOW_STDIN); - } - if ((r = sshsk_load_resident(skprovider, device, pin, - &keys, &nkeys)) != 0) { - if (i == 0 && r == SSH_ERR_KEY_WRONG_PASSPHRASE) - continue; - if (pin != NULL) - freezero(pin, strlen(pin)); - error("Unable to load resident keys: %s", ssh_err(r)); - return -1; - } + pin = read_passphrase("Enter PIN for authenticator: ", RP_ALLOW_STDIN); + if (!quiet) { + printf("You may need to touch your authenticator " + "to authorize key download.\n"); } + if ((r = sshsk_load_resident(skprovider, device, pin, + &keys, &nkeys)) != 0) { + if (pin != NULL) + freezero(pin, strlen(pin)); + error("Unable to load resident keys: %s", ssh_err(r)); + return -1; + } if (nkeys == 0) logit("No keys to download"); if (pin != NULL) @@ -3010,18 +3050,40 @@ } static void +save_attestation(struct sshbuf *attest, const char *path) +{ + mode_t omask; + int r; + + if (path == NULL) + return; /* nothing to do */ + if (attest == NULL || sshbuf_len(attest) == 0) + fatal("Enrollment did not return attestation data"); + omask = umask(077); + r = sshbuf_write_file(path, attest); + umask(omask); + if (r != 0) + fatal("Unable to write attestation data \"%s\": %s", path, + ssh_err(r)); + if (!quiet) + printf("Your FIDO attestation certificate has been saved in " + "%s\n", path); +} + +static void usage(void) { fprintf(stderr, - "usage: ssh-keygen [-q] [-b bits] [-C comment] [-f output_keyfile] [-m format]\n" + "usage: ssh-keygen [-q] [-a rounds] [-b bits] [-C comment] [-f output_keyfile]\n" + " [-m format] [-N new_passphrase] [-O option]\n" " [-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa]\n" - " [-N new_passphrase] [-O option] [-w provider]\n" - " ssh-keygen -p [-f keyfile] [-m format] [-N new_passphrase]\n" + " [-w provider]\n" + " ssh-keygen -p [-a rounds] [-f keyfile] [-m format] [-N new_passphrase]\n" " [-P old_passphrase]\n" " ssh-keygen -i [-f input_keyfile] [-m key_format]\n" " ssh-keygen -e [-f input_keyfile] [-m key_format]\n" " ssh-keygen -y [-f input_keyfile]\n" - " ssh-keygen -c [-C comment] [-f keyfile] [-P passphrase]\n" + " ssh-keygen -c [-a rounds] [-C comment] [-f keyfile] [-P passphrase]\n" " ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile]\n" " ssh-keygen -B [-f input_keyfile]\n"); #ifdef ENABLE_PKCS11 @@ -3031,7 +3093,7 @@ fprintf(stderr, " ssh-keygen -F hostname [-lv] [-f known_hosts_file]\n" " ssh-keygen -H [-f known_hosts_file]\n" - " ssh-keygen -K [-w provider]\n" + " ssh-keygen -K [-a rounds] [-w provider]\n" " ssh-keygen -R hostname [-f known_hosts_file]\n" " ssh-keygen -r hostname [-g] [-f input_keyfile]\n" #ifdef WITH_OPENSSL @@ -3042,7 +3104,7 @@ " [-n principals] [-O option] [-V validity_interval]\n" " [-z serial_number] file ...\n" " ssh-keygen -L [-f input_keyfile]\n" - " ssh-keygen -A [-f prefix_path]\n" + " ssh-keygen -A [-a rounds] [-f prefix_path]\n" " ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n" " file ...\n" " ssh-keygen -Q [-l] -f krl_file [file ...]\n" @@ -3074,7 +3136,7 @@ unsigned long long cert_serial = 0; char *identity_comment = NULL, *ca_key_path = NULL, **opts = NULL; char *sk_application = NULL, *sk_device = NULL, *sk_user = NULL; - char *sk_attestaion_path = NULL; + char *sk_attestation_path = NULL; struct sshbuf *challenge = NULL, *attest = NULL; size_t i, nopts = 0; u_int32_t bits = 0; @@ -3510,6 +3572,8 @@ for (i = 0; i < nopts; i++) { if (strcasecmp(opts[i], "no-touch-required") == 0) { sk_flags &= ~SSH_SK_USER_PRESENCE_REQD; + } else if (strcasecmp(opts[i], "verify-required") == 0) { + sk_flags |= SSH_SK_USER_VERIFICATION_REQD; } else if (strcasecmp(opts[i], "resident") == 0) { sk_flags |= SSH_SK_RESIDENT_KEY; } else if (strncasecmp(opts[i], "device=", 7) == 0) { @@ -3525,7 +3589,7 @@ } } else if (strncasecmp(opts[i], "write-attestation=", 18) == 0) { - sk_attestaion_path = opts[i] + 18; + sk_attestation_path = opts[i] + 18; } else if (strncasecmp(opts[i], "application=", 12) == 0) { sk_application = xstrdup(opts[i] + 12); @@ -3542,9 +3606,15 @@ printf("You may need to touch your authenticator " "to authorize key generation.\n"); } - passphrase = NULL; if ((attest = sshbuf_new()) == NULL) fatal("sshbuf_new failed"); + if ((sk_flags & + (SSH_SK_USER_VERIFICATION_REQD|SSH_SK_RESIDENT_KEY))) { + passphrase = read_passphrase("Enter PIN for " + "authenticator: ", RP_ALLOW_STDIN); + } else { + passphrase = NULL; + } for (i = 0 ; ; i++) { fflush(stdout); r = sshsk_enroll(type, sk_provider, sk_device, @@ -3555,9 +3625,8 @@ break; if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) fatal("Key enrollment failed: %s", ssh_err(r)); - else if (i > 0) + else if (passphrase != NULL) { error("PIN incorrect"); - if (passphrase != NULL) { freezero(passphrase, strlen(passphrase)); passphrase = NULL; } @@ -3565,6 +3634,11 @@ fatal("Too many incorrect PINs"); passphrase = read_passphrase("Enter PIN for " "authenticator: ", RP_ALLOW_STDIN); + if (!quiet) { + printf("You may need to touch your " + "authenticator (again) to authorize " + "key generation.\n"); + } } if (passphrase != NULL) { freezero(passphrase, strlen(passphrase)); @@ -3637,20 +3711,9 @@ free(fp); } - if (sk_attestaion_path != NULL) { - if (attest == NULL || sshbuf_len(attest) == 0) { - fatal("Enrollment did not return attestation " - "certificate"); - } - if ((r = sshbuf_write_file(sk_attestaion_path, attest)) != 0) { - fatal("Unable to write attestation certificate " - "\"%s\": %s", sk_attestaion_path, ssh_err(r)); - } - if (!quiet) { - printf("Your FIDO attestation certificate has been " - "saved in %s\n", sk_attestaion_path); - } - } + if (sk_attestation_path != NULL) + save_attestation(attest, sk_attestation_path); + sshbuf_free(attest); sshkey_free(public);