Annotation of src/usr.bin/ssh/ssh-keygen.c, Revision 1.261
1.261 ! djm 1: /* $OpenBSD: ssh-keygen.c,v 1.260 2015/01/30 00:59:19 djm Exp $ */
1.1 deraadt 2: /*
1.13 deraadt 3: * Author: Tatu Ylonen <ylo@cs.hut.fi>
4: * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5: * All rights reserved
6: * Identity and host key generation and maintenance.
1.31 deraadt 7: *
8: * As far as I am concerned, the code I have written for this software
9: * can be used freely for any purpose. Any derived versions of this
10: * software must be clearly marked as such, and if the derived work is
11: * incompatible with the protocol description in the RFC file, it must be
12: * called by a name other than "ssh" or "Secure Shell".
1.13 deraadt 13: */
1.1 deraadt 14:
1.136 stevesk 15: #include <sys/types.h>
1.174 dtucker 16: #include <sys/socket.h>
1.136 stevesk 17: #include <sys/stat.h>
1.19 markus 18:
19: #include <openssl/evp.h>
20: #include <openssl/pem.h>
1.145 stevesk 21:
1.148 stevesk 22: #include <errno.h>
1.147 stevesk 23: #include <fcntl.h>
1.248 djm 24: #include <netdb.h>
1.145 stevesk 25: #include <pwd.h>
1.153 stevesk 26: #include <stdio.h>
1.152 stevesk 27: #include <stdlib.h>
1.150 stevesk 28: #include <string.h>
1.149 stevesk 29: #include <unistd.h>
1.253 deraadt 30: #include <limits.h>
1.1 deraadt 31:
32: #include "xmalloc.h"
1.252 djm 33: #include "sshkey.h"
1.53 markus 34: #include "rsa.h"
1.19 markus 35: #include "authfile.h"
36: #include "uuencode.h"
1.252 djm 37: #include "sshbuf.h"
1.40 markus 38: #include "pathnames.h"
1.41 markus 39: #include "log.h"
1.114 djm 40: #include "misc.h"
1.119 djm 41: #include "match.h"
42: #include "hostfile.h"
1.146 stevesk 43: #include "dns.h"
1.223 djm 44: #include "ssh.h"
1.179 djm 45: #include "ssh2.h"
1.252 djm 46: #include "ssherr.h"
1.223 djm 47: #include "atomicio.h"
48: #include "krl.h"
1.251 djm 49: #include "digest.h"
1.32 markus 50:
1.177 markus 51: #ifdef ENABLE_PKCS11
52: #include "ssh-pkcs11.h"
1.106 djm 53: #endif
1.66 markus 54:
1.130 markus 55: /* Number of bits in the RSA/DSA key. This value can be set on the command line. */
56: #define DEFAULT_BITS 2048
57: #define DEFAULT_BITS_DSA 1024
1.203 naddy 58: #define DEFAULT_BITS_ECDSA 256
1.130 markus 59: u_int32_t bits = 0;
1.1 deraadt 60:
1.14 markus 61: /*
62: * Flag indicating that we just want to change the passphrase. This can be
63: * set on the command line.
64: */
1.1 deraadt 65: int change_passphrase = 0;
66:
1.14 markus 67: /*
68: * Flag indicating that we just want to change the comment. This can be set
69: * on the command line.
70: */
1.1 deraadt 71: int change_comment = 0;
72:
1.2 provos 73: int quiet = 0;
74:
1.169 grunk 75: int log_level = SYSLOG_LEVEL_INFO;
76:
1.119 djm 77: /* Flag indicating that we want to hash a known_hosts file */
78: int hash_hosts = 0;
79: /* Flag indicating that we want lookup a host in known_hosts file */
80: int find_host = 0;
81: /* Flag indicating that we want to delete a host from a known_hosts file */
82: int delete_host = 0;
83:
1.182 djm 84: /* Flag indicating that we want to show the contents of a certificate */
85: int show_cert = 0;
86:
1.8 markus 87: /* Flag indicating that we just want to see the key fingerprint */
88: int print_fingerprint = 0;
1.49 markus 89: int print_bubblebabble = 0;
1.8 markus 90:
1.251 djm 91: /* Hash algorithm to use for fingerprints. */
92: int fingerprint_hash = SSH_FP_HASH_DEFAULT;
93:
1.10 markus 94: /* The identity file name, given on the command line or entered by the user. */
95: char identity_file[1024];
96: int have_identity = 0;
1.1 deraadt 97:
98: /* This is set to the passphrase if given on the command line. */
99: char *identity_passphrase = NULL;
100:
101: /* This is set to the new passphrase if given on the command line. */
102: char *identity_new_passphrase = NULL;
103:
104: /* This is set to the new comment if given on the command line. */
105: char *identity_comment = NULL;
106:
1.179 djm 107: /* Path to CA key when certifying keys. */
108: char *ca_key_path = NULL;
109:
1.186 djm 110: /* Certificate serial number */
1.220 djm 111: unsigned long long cert_serial = 0;
1.186 djm 112:
1.179 djm 113: /* Key type when certifying */
114: u_int cert_key_type = SSH2_CERT_TYPE_USER;
115:
116: /* "key ID" of signed key */
117: char *cert_key_id = NULL;
118:
119: /* Comma-separated list of principal names for certifying keys */
120: char *cert_principals = NULL;
121:
122: /* Validity period for certificates */
123: u_int64_t cert_valid_from = 0;
124: u_int64_t cert_valid_to = ~0ULL;
125:
1.186 djm 126: /* Certificate options */
1.190 djm 127: #define CERTOPT_X_FWD (1)
128: #define CERTOPT_AGENT_FWD (1<<1)
129: #define CERTOPT_PORT_FWD (1<<2)
130: #define CERTOPT_PTY (1<<3)
131: #define CERTOPT_USER_RC (1<<4)
132: #define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \
133: CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC)
134: u_int32_t certflags_flags = CERTOPT_DEFAULT;
135: char *certflags_command = NULL;
136: char *certflags_src_addr = NULL;
1.179 djm 137:
1.193 djm 138: /* Conversion to/from various formats */
139: int convert_to = 0;
140: int convert_from = 0;
141: enum {
142: FMT_RFC4716,
143: FMT_PKCS8,
144: FMT_PEM
145: } convert_format = FMT_RFC4716;
1.19 markus 146: int print_public = 0;
1.105 jakob 147: int print_generic = 0;
1.33 markus 148:
1.87 djm 149: char *key_type_name = NULL;
1.19 markus 150:
1.197 djm 151: /* Load key from this PKCS#11 provider */
152: char *pkcs11provider = NULL;
1.193 djm 153:
1.237 markus 154: /* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */
155: int use_new_format = 0;
156:
157: /* Cipher for new-format private keys */
158: char *new_format_cipher = NULL;
159:
160: /*
161: * Number of KDF rounds to derive new format keys /
162: * number of primality trials when screening moduli.
163: */
164: int rounds = 0;
165:
1.10 markus 166: /* argv0 */
167: extern char *__progname;
1.1 deraadt 168:
1.248 djm 169: char hostname[NI_MAXHOST];
1.19 markus 170:
1.115 djm 171: /* moduli.c */
1.124 avsm 172: int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
1.215 dtucker 173: int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long,
174: unsigned long);
1.115 djm 175:
1.63 itojun 176: static void
1.255 djm 177: type_bits_valid(int type, const char *name, u_int32_t *bitsp)
1.206 stevesk 178: {
1.255 djm 179: u_int maxbits, nid;
1.206 stevesk 180:
181: if (type == KEY_UNSPEC) {
182: fprintf(stderr, "unknown key type %s\n", key_type_name);
183: exit(1);
184: }
1.209 djm 185: if (*bitsp == 0) {
1.206 stevesk 186: if (type == KEY_DSA)
1.209 djm 187: *bitsp = DEFAULT_BITS_DSA;
1.255 djm 188: else if (type == KEY_ECDSA) {
189: if (name != NULL &&
190: (nid = sshkey_ecdsa_nid_from_name(name)) > 0)
191: *bitsp = sshkey_curve_nid_to_bits(nid);
192: if (*bitsp == 0)
193: *bitsp = DEFAULT_BITS_ECDSA;
194: }
1.206 stevesk 195: else
1.209 djm 196: *bitsp = DEFAULT_BITS;
1.206 stevesk 197: }
198: maxbits = (type == KEY_DSA) ?
199: OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
1.209 djm 200: if (*bitsp > maxbits) {
1.206 stevesk 201: fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
202: exit(1);
203: }
1.246 markus 204: #ifdef WITH_OPENSSL
1.209 djm 205: if (type == KEY_DSA && *bitsp != 1024)
1.206 stevesk 206: fatal("DSA keys must be 1024 bits");
1.238 markus 207: else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
1.206 stevesk 208: fatal("Key must at least be 768 bits");
1.252 djm 209: else if (type == KEY_ECDSA && sshkey_ecdsa_bits_to_nid(*bitsp) == -1)
1.206 stevesk 210: fatal("Invalid ECDSA key length - valid lengths are "
211: "256, 384 or 521 bits");
1.246 markus 212: #endif
1.206 stevesk 213: }
214:
215: static void
1.10 markus 216: ask_filename(struct passwd *pw, const char *prompt)
1.1 deraadt 217: {
1.12 markus 218: char buf[1024];
1.35 markus 219: char *name = NULL;
220:
1.92 stevesk 221: if (key_type_name == NULL)
1.40 markus 222: name = _PATH_SSH_CLIENT_ID_RSA;
1.140 deraadt 223: else {
1.252 djm 224: switch (sshkey_type_from_name(key_type_name)) {
1.92 stevesk 225: case KEY_RSA1:
226: name = _PATH_SSH_CLIENT_IDENTITY;
227: break;
1.186 djm 228: case KEY_DSA_CERT:
229: case KEY_DSA_CERT_V00:
1.92 stevesk 230: case KEY_DSA:
231: name = _PATH_SSH_CLIENT_ID_DSA;
232: break;
1.200 djm 233: case KEY_ECDSA_CERT:
234: case KEY_ECDSA:
235: name = _PATH_SSH_CLIENT_ID_ECDSA;
236: break;
1.186 djm 237: case KEY_RSA_CERT:
238: case KEY_RSA_CERT_V00:
1.92 stevesk 239: case KEY_RSA:
240: name = _PATH_SSH_CLIENT_ID_RSA;
241: break;
1.238 markus 242: case KEY_ED25519:
243: case KEY_ED25519_CERT:
244: name = _PATH_SSH_CLIENT_ID_ED25519;
245: break;
1.92 stevesk 246: default:
1.173 tobias 247: fprintf(stderr, "bad key type\n");
1.92 stevesk 248: exit(1);
249: break;
250: }
1.140 deraadt 251: }
1.35 markus 252: snprintf(identity_file, sizeof(identity_file), "%s/%s", pw->pw_dir, name);
1.37 markus 253: fprintf(stderr, "%s (%s): ", prompt, identity_file);
1.12 markus 254: if (fgets(buf, sizeof(buf), stdin) == NULL)
255: exit(1);
1.162 gilles 256: buf[strcspn(buf, "\n")] = '\0';
1.12 markus 257: if (strcmp(buf, "") != 0)
258: strlcpy(identity_file, buf, sizeof(identity_file));
259: have_identity = 1;
1.7 markus 260: }
261:
1.252 djm 262: static struct sshkey *
1.61 markus 263: load_identity(char *filename)
1.19 markus 264: {
1.52 markus 265: char *pass;
1.252 djm 266: struct sshkey *prv;
267: int r;
1.52 markus 268:
1.252 djm 269: if ((r = sshkey_load_private(filename, "", &prv, NULL)) == 0)
270: return prv;
271: if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
272: fatal("Load key \"%s\": %s", filename, ssh_err(r));
273: if (identity_passphrase)
274: pass = xstrdup(identity_passphrase);
275: else
276: pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN);
277: r = sshkey_load_private(filename, pass, &prv, NULL);
278: explicit_bzero(pass, strlen(pass));
279: free(pass);
280: if (r != 0)
281: fatal("Load key \"%s\": %s", filename, ssh_err(r));
1.52 markus 282: return prv;
1.19 markus 283: }
284:
1.32 markus 285: #define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----"
1.100 deraadt 286: #define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----"
1.32 markus 287: #define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"
1.42 stevesk 288: #define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb
1.19 markus 289:
1.246 markus 290: #ifdef WITH_OPENSSL
1.63 itojun 291: static void
1.252 djm 292: do_convert_to_ssh2(struct passwd *pw, struct sshkey *k)
1.19 markus 293: {
1.252 djm 294: size_t len;
1.36 markus 295: u_char *blob;
1.176 djm 296: char comment[61];
1.252 djm 297: int r;
1.19 markus 298:
1.213 djm 299: if (k->type == KEY_RSA1) {
300: fprintf(stderr, "version 1 keys are not supported\n");
301: exit(1);
302: }
1.252 djm 303: if ((r = sshkey_to_blob(k, &blob, &len)) != 0) {
304: fprintf(stderr, "key_to_blob failed: %s\n", ssh_err(r));
1.81 markus 305: exit(1);
306: }
1.176 djm 307: /* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */
308: snprintf(comment, sizeof(comment),
309: "%u-bit %s, converted by %s@%s from OpenSSH",
1.252 djm 310: sshkey_size(k), sshkey_type(k),
1.19 markus 311: pw->pw_name, hostname);
1.176 djm 312:
313: fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
314: fprintf(stdout, "Comment: \"%s\"\n", comment);
1.19 markus 315: dump_base64(stdout, blob, len);
1.32 markus 316: fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);
1.252 djm 317: sshkey_free(k);
1.227 djm 318: free(blob);
1.19 markus 319: exit(0);
320: }
321:
1.63 itojun 322: static void
1.252 djm 323: do_convert_to_pkcs8(struct sshkey *k)
1.193 djm 324: {
1.252 djm 325: switch (sshkey_type_plain(k->type)) {
1.213 djm 326: case KEY_RSA1:
1.193 djm 327: case KEY_RSA:
328: if (!PEM_write_RSA_PUBKEY(stdout, k->rsa))
329: fatal("PEM_write_RSA_PUBKEY failed");
330: break;
331: case KEY_DSA:
332: if (!PEM_write_DSA_PUBKEY(stdout, k->dsa))
333: fatal("PEM_write_DSA_PUBKEY failed");
334: break;
1.200 djm 335: case KEY_ECDSA:
336: if (!PEM_write_EC_PUBKEY(stdout, k->ecdsa))
337: fatal("PEM_write_EC_PUBKEY failed");
338: break;
1.193 djm 339: default:
1.252 djm 340: fatal("%s: unsupported key type %s", __func__, sshkey_type(k));
1.193 djm 341: }
342: exit(0);
343: }
344:
345: static void
1.252 djm 346: do_convert_to_pem(struct sshkey *k)
1.193 djm 347: {
1.252 djm 348: switch (sshkey_type_plain(k->type)) {
1.213 djm 349: case KEY_RSA1:
1.193 djm 350: case KEY_RSA:
351: if (!PEM_write_RSAPublicKey(stdout, k->rsa))
352: fatal("PEM_write_RSAPublicKey failed");
353: break;
354: #if notyet /* OpenSSH 0.9.8 lacks this function */
355: case KEY_DSA:
356: if (!PEM_write_DSAPublicKey(stdout, k->dsa))
357: fatal("PEM_write_DSAPublicKey failed");
358: break;
359: #endif
1.200 djm 360: /* XXX ECDSA? */
1.193 djm 361: default:
1.252 djm 362: fatal("%s: unsupported key type %s", __func__, sshkey_type(k));
1.193 djm 363: }
364: exit(0);
365: }
366:
367: static void
368: do_convert_to(struct passwd *pw)
369: {
1.252 djm 370: struct sshkey *k;
1.193 djm 371: struct stat st;
1.252 djm 372: int r;
1.193 djm 373:
374: if (!have_identity)
375: ask_filename(pw, "Enter file in which the key is");
376: if (stat(identity_file, &st) < 0)
377: fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
1.252 djm 378: if ((r = sshkey_load_public(identity_file, &k, NULL)) != 0)
379: k = load_identity(identity_file);
1.193 djm 380: switch (convert_format) {
381: case FMT_RFC4716:
382: do_convert_to_ssh2(pw, k);
383: break;
384: case FMT_PKCS8:
385: do_convert_to_pkcs8(k);
386: break;
387: case FMT_PEM:
388: do_convert_to_pem(k);
389: break;
390: default:
391: fatal("%s: unknown key format %d", __func__, convert_format);
392: }
393: exit(0);
394: }
395:
1.252 djm 396: /*
397: * This is almost exactly the bignum1 encoding, but with 32 bit for length
398: * instead of 16.
399: */
1.193 djm 400: static void
1.252 djm 401: buffer_get_bignum_bits(struct sshbuf *b, BIGNUM *value)
1.32 markus 402: {
1.252 djm 403: u_int bytes, bignum_bits;
404: int r;
1.53 markus 405:
1.252 djm 406: if ((r = sshbuf_get_u32(b, &bignum_bits)) != 0)
407: fatal("%s: buffer error: %s", __func__, ssh_err(r));
408: bytes = (bignum_bits + 7) / 8;
409: if (sshbuf_len(b) < bytes)
410: fatal("%s: input buffer too small: need %d have %zu",
411: __func__, bytes, sshbuf_len(b));
412: if (BN_bin2bn(sshbuf_ptr(b), bytes, value) == NULL)
413: fatal("%s: BN_bin2bn failed", __func__);
414: if ((r = sshbuf_consume(b, bytes)) != 0)
415: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.32 markus 416: }
417:
1.252 djm 418: static struct sshkey *
1.93 markus 419: do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
1.32 markus 420: {
1.252 djm 421: struct sshbuf *b;
422: struct sshkey *key = NULL;
1.64 markus 423: char *type, *cipher;
1.252 djm 424: u_char e1, e2, e3, *sig = NULL, data[] = "abcde12345";
425: int r, rlen, ktype;
426: u_int magic, i1, i2, i3, i4;
427: size_t slen;
1.62 markus 428: u_long e;
1.32 markus 429:
1.252 djm 430: if ((b = sshbuf_from(blob, blen)) == NULL)
431: fatal("%s: sshbuf_from failed", __func__);
432: if ((r = sshbuf_get_u32(b, &magic)) != 0)
433: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.32 markus 434:
435: if (magic != SSH_COM_PRIVATE_KEY_MAGIC) {
1.252 djm 436: error("bad magic 0x%x != 0x%x", magic,
437: SSH_COM_PRIVATE_KEY_MAGIC);
438: sshbuf_free(b);
1.32 markus 439: return NULL;
440: }
1.252 djm 441: if ((r = sshbuf_get_u32(b, &i1)) != 0 ||
442: (r = sshbuf_get_cstring(b, &type, NULL)) != 0 ||
443: (r = sshbuf_get_cstring(b, &cipher, NULL)) != 0 ||
444: (r = sshbuf_get_u32(b, &i2)) != 0 ||
445: (r = sshbuf_get_u32(b, &i3)) != 0 ||
446: (r = sshbuf_get_u32(b, &i4)) != 0)
447: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.158 stevesk 448: debug("ignore (%d %d %d %d)", i1, i2, i3, i4);
1.32 markus 449: if (strcmp(cipher, "none") != 0) {
450: error("unsupported cipher %s", cipher);
1.227 djm 451: free(cipher);
1.252 djm 452: sshbuf_free(b);
1.227 djm 453: free(type);
1.32 markus 454: return NULL;
455: }
1.227 djm 456: free(cipher);
1.32 markus 457:
1.53 markus 458: if (strstr(type, "dsa")) {
459: ktype = KEY_DSA;
460: } else if (strstr(type, "rsa")) {
461: ktype = KEY_RSA;
462: } else {
1.252 djm 463: sshbuf_free(b);
1.227 djm 464: free(type);
1.32 markus 465: return NULL;
466: }
1.252 djm 467: if ((key = sshkey_new_private(ktype)) == NULL)
468: fatal("key_new_private failed");
1.227 djm 469: free(type);
1.53 markus 470:
471: switch (key->type) {
472: case KEY_DSA:
1.252 djm 473: buffer_get_bignum_bits(b, key->dsa->p);
474: buffer_get_bignum_bits(b, key->dsa->g);
475: buffer_get_bignum_bits(b, key->dsa->q);
476: buffer_get_bignum_bits(b, key->dsa->pub_key);
477: buffer_get_bignum_bits(b, key->dsa->priv_key);
1.53 markus 478: break;
479: case KEY_RSA:
1.252 djm 480: if ((r = sshbuf_get_u8(b, &e1)) != 0 ||
481: (e1 < 30 && (r = sshbuf_get_u8(b, &e2)) != 0) ||
482: (e1 < 30 && (r = sshbuf_get_u8(b, &e3)) != 0))
483: fatal("%s: buffer error: %s", __func__, ssh_err(r));
484: e = e1;
1.62 markus 485: debug("e %lx", e);
486: if (e < 30) {
487: e <<= 8;
1.252 djm 488: e += e2;
1.62 markus 489: debug("e %lx", e);
490: e <<= 8;
1.252 djm 491: e += e3;
1.62 markus 492: debug("e %lx", e);
493: }
494: if (!BN_set_word(key->rsa->e, e)) {
1.252 djm 495: sshbuf_free(b);
496: sshkey_free(key);
1.53 markus 497: return NULL;
498: }
1.252 djm 499: buffer_get_bignum_bits(b, key->rsa->d);
500: buffer_get_bignum_bits(b, key->rsa->n);
501: buffer_get_bignum_bits(b, key->rsa->iqmp);
502: buffer_get_bignum_bits(b, key->rsa->q);
503: buffer_get_bignum_bits(b, key->rsa->p);
504: if ((r = rsa_generate_additional_parameters(key->rsa)) != 0)
505: fatal("generate RSA parameters failed: %s", ssh_err(r));
1.53 markus 506: break;
507: }
1.252 djm 508: rlen = sshbuf_len(b);
1.85 deraadt 509: if (rlen != 0)
1.53 markus 510: error("do_convert_private_ssh2_from_blob: "
511: "remaining bytes in key blob %d", rlen);
1.252 djm 512: sshbuf_free(b);
1.64 markus 513:
514: /* try the key */
1.252 djm 515: if (sshkey_sign(key, &sig, &slen, data, sizeof(data), 0) != 0 ||
516: sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) {
517: sshkey_free(key);
518: free(sig);
519: return NULL;
520: }
1.227 djm 521: free(sig);
1.32 markus 522: return key;
523: }
524:
1.137 dtucker 525: static int
526: get_line(FILE *fp, char *line, size_t len)
527: {
528: int c;
529: size_t pos = 0;
530:
531: line[0] = '\0';
532: while ((c = fgetc(fp)) != EOF) {
533: if (pos >= len - 1) {
534: fprintf(stderr, "input line too long.\n");
535: exit(1);
536: }
1.140 deraadt 537: switch (c) {
1.137 dtucker 538: case '\r':
539: c = fgetc(fp);
540: if (c != EOF && c != '\n' && ungetc(c, fp) == EOF) {
541: fprintf(stderr, "unget: %s\n", strerror(errno));
542: exit(1);
543: }
544: return pos;
545: case '\n':
546: return pos;
547: }
548: line[pos++] = c;
549: line[pos] = '\0';
550: }
1.157 stevesk 551: /* We reached EOF */
552: return -1;
1.137 dtucker 553: }
554:
1.63 itojun 555: static void
1.252 djm 556: do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private)
1.19 markus 557: {
1.252 djm 558: int r, blen, escaped = 0;
1.98 markus 559: u_int len;
1.137 dtucker 560: char line[1024];
1.80 stevesk 561: u_char blob[8096];
1.19 markus 562: char encoded[8096];
563: FILE *fp;
564:
1.191 djm 565: if ((fp = fopen(identity_file, "r")) == NULL)
566: fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
1.19 markus 567: encoded[0] = '\0';
1.137 dtucker 568: while ((blen = get_line(fp, line, sizeof(line))) != -1) {
1.228 djm 569: if (blen > 0 && line[blen - 1] == '\\')
1.25 markus 570: escaped++;
1.19 markus 571: if (strncmp(line, "----", 4) == 0 ||
572: strstr(line, ": ") != NULL) {
1.32 markus 573: if (strstr(line, SSH_COM_PRIVATE_BEGIN) != NULL)
1.193 djm 574: *private = 1;
1.64 markus 575: if (strstr(line, " END ") != NULL) {
576: break;
577: }
1.60 markus 578: /* fprintf(stderr, "ignore: %s", line); */
1.19 markus 579: continue;
580: }
1.25 markus 581: if (escaped) {
582: escaped--;
1.60 markus 583: /* fprintf(stderr, "escaped: %s", line); */
1.25 markus 584: continue;
1.19 markus 585: }
586: strlcat(encoded, line, sizeof(encoded));
587: }
1.98 markus 588: len = strlen(encoded);
589: if (((len % 4) == 3) &&
590: (encoded[len-1] == '=') &&
591: (encoded[len-2] == '=') &&
592: (encoded[len-3] == '='))
593: encoded[len-3] = '\0';
1.91 stevesk 594: blen = uudecode(encoded, blob, sizeof(blob));
1.19 markus 595: if (blen < 0) {
596: fprintf(stderr, "uudecode failed.\n");
597: exit(1);
598: }
1.252 djm 599: if (*private)
600: *k = do_convert_private_ssh2_from_blob(blob, blen);
601: else if ((r = sshkey_from_blob(blob, blen, k)) != 0) {
602: fprintf(stderr, "decode blob failed: %s\n", ssh_err(r));
1.32 markus 603: exit(1);
604: }
1.193 djm 605: fclose(fp);
606: }
607:
608: static void
1.252 djm 609: do_convert_from_pkcs8(struct sshkey **k, int *private)
1.193 djm 610: {
611: EVP_PKEY *pubkey;
612: FILE *fp;
613:
614: if ((fp = fopen(identity_file, "r")) == NULL)
615: fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
616: if ((pubkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
617: fatal("%s: %s is not a recognised public key format", __func__,
618: identity_file);
619: }
620: fclose(fp);
621: switch (EVP_PKEY_type(pubkey->type)) {
622: case EVP_PKEY_RSA:
1.252 djm 623: if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
624: fatal("sshkey_new failed");
1.193 djm 625: (*k)->type = KEY_RSA;
626: (*k)->rsa = EVP_PKEY_get1_RSA(pubkey);
627: break;
628: case EVP_PKEY_DSA:
1.252 djm 629: if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
630: fatal("sshkey_new failed");
1.193 djm 631: (*k)->type = KEY_DSA;
632: (*k)->dsa = EVP_PKEY_get1_DSA(pubkey);
633: break;
1.200 djm 634: case EVP_PKEY_EC:
1.252 djm 635: if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
636: fatal("sshkey_new failed");
1.200 djm 637: (*k)->type = KEY_ECDSA;
638: (*k)->ecdsa = EVP_PKEY_get1_EC_KEY(pubkey);
1.252 djm 639: (*k)->ecdsa_nid = sshkey_ecdsa_key_to_nid((*k)->ecdsa);
1.200 djm 640: break;
1.193 djm 641: default:
642: fatal("%s: unsupported pubkey type %d", __func__,
643: EVP_PKEY_type(pubkey->type));
644: }
645: EVP_PKEY_free(pubkey);
646: return;
647: }
648:
649: static void
1.252 djm 650: do_convert_from_pem(struct sshkey **k, int *private)
1.193 djm 651: {
652: FILE *fp;
653: RSA *rsa;
654: #ifdef notyet
655: DSA *dsa;
656: #endif
657:
658: if ((fp = fopen(identity_file, "r")) == NULL)
659: fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
660: if ((rsa = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL)) != NULL) {
1.252 djm 661: if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
662: fatal("sshkey_new failed");
1.193 djm 663: (*k)->type = KEY_RSA;
664: (*k)->rsa = rsa;
665: fclose(fp);
666: return;
667: }
668: #if notyet /* OpenSSH 0.9.8 lacks this function */
669: rewind(fp);
670: if ((dsa = PEM_read_DSAPublicKey(fp, NULL, NULL, NULL)) != NULL) {
1.252 djm 671: if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
672: fatal("sshkey_new failed");
1.193 djm 673: (*k)->type = KEY_DSA;
674: (*k)->dsa = dsa;
675: fclose(fp);
676: return;
677: }
1.200 djm 678: /* XXX ECDSA */
1.193 djm 679: #endif
680: fatal("%s: unrecognised raw private key format", __func__);
681: }
682:
683: static void
684: do_convert_from(struct passwd *pw)
685: {
1.252 djm 686: struct sshkey *k = NULL;
687: int r, private = 0, ok = 0;
1.193 djm 688: struct stat st;
689:
690: if (!have_identity)
691: ask_filename(pw, "Enter file in which the key is");
692: if (stat(identity_file, &st) < 0)
693: fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
694:
695: switch (convert_format) {
696: case FMT_RFC4716:
697: do_convert_from_ssh2(pw, &k, &private);
698: break;
699: case FMT_PKCS8:
700: do_convert_from_pkcs8(&k, &private);
701: break;
702: case FMT_PEM:
703: do_convert_from_pem(&k, &private);
704: break;
705: default:
706: fatal("%s: unknown key format %d", __func__, convert_format);
707: }
708:
1.260 djm 709: if (!private) {
1.252 djm 710: if ((r = sshkey_write(k, stdout)) == 0)
711: ok = 1;
1.193 djm 712: if (ok)
713: fprintf(stdout, "\n");
1.260 djm 714: } else {
1.193 djm 715: switch (k->type) {
716: case KEY_DSA:
717: ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL,
718: NULL, 0, NULL, NULL);
719: break;
1.200 djm 720: case KEY_ECDSA:
721: ok = PEM_write_ECPrivateKey(stdout, k->ecdsa, NULL,
722: NULL, 0, NULL, NULL);
723: break;
1.193 djm 724: case KEY_RSA:
725: ok = PEM_write_RSAPrivateKey(stdout, k->rsa, NULL,
726: NULL, 0, NULL, NULL);
727: break;
728: default:
729: fatal("%s: unsupported key type %s", __func__,
1.252 djm 730: sshkey_type(k));
1.193 djm 731: }
732: }
733:
1.32 markus 734: if (!ok) {
1.173 tobias 735: fprintf(stderr, "key write failed\n");
1.32 markus 736: exit(1);
737: }
1.252 djm 738: sshkey_free(k);
1.19 markus 739: exit(0);
740: }
1.246 markus 741: #endif
1.19 markus 742:
1.63 itojun 743: static void
1.19 markus 744: do_print_public(struct passwd *pw)
745: {
1.252 djm 746: struct sshkey *prv;
1.19 markus 747: struct stat st;
1.252 djm 748: int r;
1.19 markus 749:
750: if (!have_identity)
751: ask_filename(pw, "Enter file in which the key is");
752: if (stat(identity_file, &st) < 0) {
753: perror(identity_file);
754: exit(1);
755: }
1.61 markus 756: prv = load_identity(identity_file);
1.252 djm 757: if ((r = sshkey_write(prv, stdout)) != 0)
758: fprintf(stderr, "key_write failed: %s", ssh_err(r));
759: sshkey_free(prv);
1.19 markus 760: fprintf(stdout, "\n");
761: exit(0);
762: }
763:
1.66 markus 764: static void
1.197 djm 765: do_download(struct passwd *pw)
1.75 markus 766: {
1.177 markus 767: #ifdef ENABLE_PKCS11
1.252 djm 768: struct sshkey **keys = NULL;
1.177 markus 769: int i, nkeys;
1.252 djm 770: enum sshkey_fp_rep rep;
1.251 djm 771: int fptype;
1.221 djm 772: char *fp, *ra;
1.222 djm 773:
1.251 djm 774: fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash;
775: rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
1.75 markus 776:
1.177 markus 777: pkcs11_init(0);
778: nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys);
779: if (nkeys <= 0)
780: fatal("cannot read public key from pkcs11");
781: for (i = 0; i < nkeys; i++) {
1.221 djm 782: if (print_fingerprint) {
1.252 djm 783: fp = sshkey_fingerprint(keys[i], fptype, rep);
784: ra = sshkey_fingerprint(keys[i], fingerprint_hash,
1.221 djm 785: SSH_FP_RANDOMART);
1.259 djm 786: if (fp == NULL || ra == NULL)
787: fatal("%s: sshkey_fingerprint fail", __func__);
1.252 djm 788: printf("%u %s %s (PKCS11 key)\n", sshkey_size(keys[i]),
789: fp, sshkey_type(keys[i]));
1.221 djm 790: if (log_level >= SYSLOG_LEVEL_VERBOSE)
791: printf("%s\n", ra);
1.227 djm 792: free(ra);
793: free(fp);
1.221 djm 794: } else {
1.252 djm 795: (void) sshkey_write(keys[i], stdout); /* XXX check */
1.221 djm 796: fprintf(stdout, "\n");
797: }
1.252 djm 798: sshkey_free(keys[i]);
1.97 markus 799: }
1.227 djm 800: free(keys);
1.177 markus 801: pkcs11_terminate();
1.75 markus 802: exit(0);
1.177 markus 803: #else
804: fatal("no pkcs11 support");
805: #endif /* ENABLE_PKCS11 */
1.75 markus 806: }
1.66 markus 807:
1.63 itojun 808: static void
1.8 markus 809: do_fingerprint(struct passwd *pw)
810: {
1.15 markus 811: FILE *f;
1.252 djm 812: struct sshkey *public;
1.167 grunk 813: char *comment = NULL, *cp, *ep, line[16*1024], *fp, *ra;
1.252 djm 814: int r, i, skip = 0, num = 0, invalid = 1;
815: enum sshkey_fp_rep rep;
1.251 djm 816: int fptype;
1.12 markus 817: struct stat st;
818:
1.251 djm 819: fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash;
820: rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
1.12 markus 821: if (!have_identity)
822: ask_filename(pw, "Enter file in which the key is");
823: if (stat(identity_file, &st) < 0) {
824: perror(identity_file);
825: exit(1);
826: }
1.252 djm 827: if ((r = sshkey_load_public(identity_file, &public, &comment)) != 0)
828: error("Error loading public key \"%s\": %s",
829: identity_file, ssh_err(r));
830: else {
831: fp = sshkey_fingerprint(public, fptype, rep);
832: ra = sshkey_fingerprint(public, fingerprint_hash,
1.251 djm 833: SSH_FP_RANDOMART);
1.259 djm 834: if (fp == NULL || ra == NULL)
835: fatal("%s: sshkey_fingerprint fail", __func__);
1.252 djm 836: printf("%u %s %s (%s)\n", sshkey_size(public), fp, comment,
837: sshkey_type(public));
1.169 grunk 838: if (log_level >= SYSLOG_LEVEL_VERBOSE)
839: printf("%s\n", ra);
1.252 djm 840: sshkey_free(public);
1.227 djm 841: free(comment);
842: free(ra);
843: free(fp);
1.15 markus 844: exit(0);
845: }
1.144 markus 846: if (comment) {
1.227 djm 847: free(comment);
1.144 markus 848: comment = NULL;
849: }
1.15 markus 850:
1.191 djm 851: if ((f = fopen(identity_file, "r")) == NULL)
852: fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
853:
854: while (fgets(line, sizeof(line), f)) {
855: if ((cp = strchr(line, '\n')) == NULL) {
856: error("line %d too long: %.40s...",
857: num + 1, line);
858: skip = 1;
859: continue;
860: }
861: num++;
862: if (skip) {
863: skip = 0;
864: continue;
865: }
866: *cp = '\0';
867:
868: /* Skip leading whitespace, empty and comment lines. */
869: for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
870: ;
871: if (!*cp || *cp == '\n' || *cp == '#')
872: continue;
873: i = strtol(cp, &ep, 10);
874: if (i == 0 || ep == NULL || (*ep != ' ' && *ep != '\t')) {
875: int quoted = 0;
876: comment = cp;
877: for (; *cp && (quoted || (*cp != ' ' &&
878: *cp != '\t')); cp++) {
879: if (*cp == '\\' && cp[1] == '"')
880: cp++; /* Skip both */
881: else if (*cp == '"')
882: quoted = !quoted;
1.15 markus 883: }
1.191 djm 884: if (!*cp)
1.15 markus 885: continue;
1.191 djm 886: *cp++ = '\0';
887: }
888: ep = cp;
1.252 djm 889: if ((public = sshkey_new(KEY_RSA1)) == NULL)
890: fatal("sshkey_new failed");
891: if ((r = sshkey_read(public, &cp)) != 0) {
1.191 djm 892: cp = ep;
1.252 djm 893: sshkey_free(public);
894: if ((public = sshkey_new(KEY_UNSPEC)) == NULL)
895: fatal("sshkey_new failed");
896: if ((r = sshkey_read(public, &cp)) != 0) {
897: sshkey_free(public);
1.191 djm 898: continue;
1.12 markus 899: }
900: }
1.191 djm 901: comment = *cp ? cp : comment;
1.252 djm 902: fp = sshkey_fingerprint(public, fptype, rep);
903: ra = sshkey_fingerprint(public, fingerprint_hash,
1.251 djm 904: SSH_FP_RANDOMART);
1.259 djm 905: if (fp == NULL || ra == NULL)
906: fatal("%s: sshkey_fingerprint fail", __func__);
1.252 djm 907: printf("%u %s %s (%s)\n", sshkey_size(public), fp,
908: comment ? comment : "no comment", sshkey_type(public));
1.191 djm 909: if (log_level >= SYSLOG_LEVEL_VERBOSE)
910: printf("%s\n", ra);
1.227 djm 911: free(ra);
912: free(fp);
1.252 djm 913: sshkey_free(public);
1.191 djm 914: invalid = 0;
1.15 markus 915: }
1.191 djm 916: fclose(f);
917:
1.15 markus 918: if (invalid) {
1.83 markus 919: printf("%s is not a public key file.\n", identity_file);
1.15 markus 920: exit(1);
1.12 markus 921: }
922: exit(0);
1.8 markus 923: }
924:
1.119 djm 925: static void
1.206 stevesk 926: do_gen_all_hostkeys(struct passwd *pw)
927: {
928: struct {
929: char *key_type;
930: char *key_type_display;
931: char *path;
932: } key_types[] = {
933: { "rsa1", "RSA1", _PATH_HOST_KEY_FILE },
934: { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE },
935: { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE },
936: { "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE },
1.238 markus 937: { "ed25519", "ED25519",_PATH_HOST_ED25519_KEY_FILE },
1.206 stevesk 938: { NULL, NULL, NULL }
939: };
940:
941: int first = 0;
942: struct stat st;
1.252 djm 943: struct sshkey *private, *public;
1.206 stevesk 944: char comment[1024];
1.252 djm 945: int i, type, fd, r;
1.206 stevesk 946: FILE *f;
947:
948: for (i = 0; key_types[i].key_type; i++) {
949: if (stat(key_types[i].path, &st) == 0)
950: continue;
951: if (errno != ENOENT) {
952: printf("Could not stat %s: %s", key_types[i].path,
953: strerror(errno));
954: first = 0;
955: continue;
956: }
957:
958: if (first == 0) {
959: first = 1;
960: printf("%s: generating new host keys: ", __progname);
961: }
962: printf("%s ", key_types[i].key_type_display);
963: fflush(stdout);
1.252 djm 964: type = sshkey_type_from_name(key_types[i].key_type);
1.206 stevesk 965: strlcpy(identity_file, key_types[i].path, sizeof(identity_file));
966: bits = 0;
1.255 djm 967: type_bits_valid(type, NULL, &bits);
1.252 djm 968: if ((r = sshkey_generate(type, bits, &private)) != 0) {
969: fprintf(stderr, "key_generate failed: %s\n",
970: ssh_err(r));
1.206 stevesk 971: first = 0;
972: continue;
973: }
1.252 djm 974: if ((r = sshkey_from_private(private, &public)) != 0)
975: fatal("sshkey_from_private failed: %s", ssh_err(r));
1.206 stevesk 976: snprintf(comment, sizeof comment, "%s@%s", pw->pw_name,
977: hostname);
1.252 djm 978: if ((r = sshkey_save_private(private, identity_file, "",
979: comment, use_new_format, new_format_cipher, rounds)) != 0) {
980: printf("Saving key \"%s\" failed: %s\n", identity_file,
981: ssh_err(r));
982: sshkey_free(private);
983: sshkey_free(public);
1.206 stevesk 984: first = 0;
985: continue;
986: }
1.252 djm 987: sshkey_free(private);
1.206 stevesk 988: strlcat(identity_file, ".pub", sizeof(identity_file));
989: fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
990: if (fd == -1) {
991: printf("Could not save your public key in %s\n",
992: identity_file);
1.252 djm 993: sshkey_free(public);
1.206 stevesk 994: first = 0;
995: continue;
996: }
997: f = fdopen(fd, "w");
998: if (f == NULL) {
999: printf("fdopen %s failed\n", identity_file);
1.250 doug 1000: close(fd);
1.252 djm 1001: sshkey_free(public);
1.206 stevesk 1002: first = 0;
1003: continue;
1004: }
1.254 djm 1005: if ((r = sshkey_write(public, f)) != 0) {
1006: fprintf(stderr, "write key failed: %s\n", ssh_err(r));
1.250 doug 1007: fclose(f);
1.252 djm 1008: sshkey_free(public);
1.206 stevesk 1009: first = 0;
1010: continue;
1011: }
1012: fprintf(f, " %s\n", comment);
1013: fclose(f);
1.252 djm 1014: sshkey_free(public);
1.206 stevesk 1015:
1016: }
1017: if (first != 0)
1018: printf("\n");
1019: }
1020:
1.256 djm 1021: struct known_hosts_ctx {
1.257 djm 1022: const char *host; /* Hostname searched for in find/delete case */
1023: FILE *out; /* Output file, stdout for find_hosts case */
1024: int has_unhashed; /* When hashing, original had unhashed hosts */
1025: int found_key; /* For find/delete, host was found */
1026: int invalid; /* File contained invalid items; don't delete */
1.256 djm 1027: };
1028:
1029: static int
1030: known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
1.119 djm 1031: {
1.256 djm 1032: struct known_hosts_ctx *ctx = (struct known_hosts_ctx *)_ctx;
1033: char *hashed, *cp, *hosts, *ohosts;
1034: int has_wild = l->hosts && strcspn(l->hosts, "*?!") != strlen(l->hosts);
1035:
1036: /* Retain invalid lines when hashing, but mark file as invalid. */
1037: if (l->status == HKF_STATUS_INVALID) {
1038: ctx->invalid = 1;
1039: fprintf(stderr, "%s:%ld: invalid line\n", l->path, l->linenum);
1040: fprintf(ctx->out, "%s\n", l->line);
1041: return 0;
1042: }
1.252 djm 1043:
1.256 djm 1044: /*
1045: * Don't hash hosts already already hashed, with wildcard characters
1046: * or a CA/revocation marker.
1047: */
1048: if (l->was_hashed || has_wild || l->marker != MRK_NONE) {
1049: fprintf(ctx->out, "%s\n", l->line);
1050: if (has_wild && !find_host) {
1051: fprintf(stderr, "%s:%ld: ignoring host name "
1052: "with wildcard: %.64s\n", l->path,
1053: l->linenum, l->hosts);
1054: }
1055: return 0;
1056: }
1057: /*
1058: * Split any comma-separated hostnames from the host list,
1059: * hash and store separately.
1060: */
1061: ohosts = hosts = xstrdup(l->hosts);
1062: while ((cp = strsep(&hosts, ",")) != NULL && *cp != '\0') {
1063: if ((hashed = host_hash(cp, NULL, 0)) == NULL)
1.166 djm 1064: fatal("hash_host failed");
1.256 djm 1065: fprintf(ctx->out, "%s %s\n", hashed, l->rawkey);
1066: ctx->has_unhashed = 1;
1067: }
1068: free(ohosts);
1069: return 0;
1070: }
1071:
1072: static int
1073: known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
1074: {
1075: struct known_hosts_ctx *ctx = (struct known_hosts_ctx *)_ctx;
1076:
1077: if (l->status == HKF_STATUS_HOST_MATCHED) {
1078: if (delete_host) {
1079: if (l->marker != MRK_NONE) {
1080: /* Don't remove CA and revocation lines */
1081: fprintf(ctx->out, "%s\n", l->line);
1082: } else {
1083: /*
1084: * Hostname matches and has no CA/revoke
1085: * marker, delete it by *not* writing the
1086: * line to ctx->out.
1087: */
1088: ctx->found_key = 1;
1089: if (!quiet)
1090: printf("# Host %s found: line %ld\n",
1091: ctx->host, l->linenum);
1092: }
1093: return 0;
1094: } else if (find_host) {
1095: ctx->found_key = 1;
1096: if (!quiet) {
1097: printf("# Host %s found: line %ld %s\n",
1098: ctx->host,
1099: l->linenum, l->marker == MRK_CA ? "CA" :
1100: (l->marker == MRK_REVOKE ? "REVOKED" : ""));
1101: }
1102: if (hash_hosts)
1103: known_hosts_hash(l, ctx);
1104: else
1105: fprintf(ctx->out, "%s\n", l->line);
1106: return 0;
1107: }
1108: } else if (delete_host) {
1109: /* Retain non-matching hosts when deleting */
1110: if (l->status == HKF_STATUS_INVALID) {
1111: ctx->invalid = 1;
1112: fprintf(stderr, "%s:%ld: invalid line\n",
1113: l->path, l->linenum);
1114: }
1115: fprintf(ctx->out, "%s\n", l->line);
1.166 djm 1116: }
1.256 djm 1117: return 0;
1.119 djm 1118: }
1119:
1120: static void
1121: do_known_hosts(struct passwd *pw, const char *name)
1122: {
1.258 deraadt 1123: char *cp, tmp[PATH_MAX], old[PATH_MAX];
1.257 djm 1124: int r, fd, oerrno, inplace = 0;
1.256 djm 1125: struct known_hosts_ctx ctx;
1.119 djm 1126:
1127: if (!have_identity) {
1128: cp = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE, pw->pw_uid);
1129: if (strlcpy(identity_file, cp, sizeof(identity_file)) >=
1130: sizeof(identity_file))
1131: fatal("Specified known hosts path too long");
1.227 djm 1132: free(cp);
1.119 djm 1133: have_identity = 1;
1134: }
1135:
1.256 djm 1136: memset(&ctx, 0, sizeof(ctx));
1137: ctx.out = stdout;
1138: ctx.host = name;
1139:
1.119 djm 1140: /*
1141: * Find hosts goes to stdout, hash and deletions happen in-place
1142: * A corner case is ssh-keygen -HF foo, which should go to stdout
1143: */
1144: if (!find_host && (hash_hosts || delete_host)) {
1145: if (strlcpy(tmp, identity_file, sizeof(tmp)) >= sizeof(tmp) ||
1146: strlcat(tmp, ".XXXXXXXXXX", sizeof(tmp)) >= sizeof(tmp) ||
1147: strlcpy(old, identity_file, sizeof(old)) >= sizeof(old) ||
1148: strlcat(old, ".old", sizeof(old)) >= sizeof(old))
1149: fatal("known_hosts path too long");
1150: umask(077);
1.256 djm 1151: if ((fd = mkstemp(tmp)) == -1)
1.119 djm 1152: fatal("mkstemp: %s", strerror(errno));
1.256 djm 1153: if ((ctx.out = fdopen(fd, "w")) == NULL) {
1154: oerrno = errno;
1.119 djm 1155: unlink(tmp);
1.256 djm 1156: fatal("fdopen: %s", strerror(oerrno));
1.119 djm 1157: }
1.257 djm 1158: inplace = 1;
1.119 djm 1159: }
1160:
1.256 djm 1161: /* XXX support identity_file == "-" for stdin */
1162: if ((r = hostkeys_foreach(identity_file,
1163: hash_hosts ? known_hosts_hash : known_hosts_find_delete, &ctx,
1164: name, find_host ? HKF_WANT_MATCH_HOST : 0)) != 0)
1165: fatal("%s: hostkeys_foreach failed: %s", __func__, ssh_err(r));
1.119 djm 1166:
1.257 djm 1167: if (inplace)
1.256 djm 1168: fclose(ctx.out);
1.119 djm 1169:
1.256 djm 1170: if (ctx.invalid) {
1.165 djm 1171: fprintf(stderr, "%s is not a valid known_hosts file.\n",
1.119 djm 1172: identity_file);
1.257 djm 1173: if (inplace) {
1.119 djm 1174: fprintf(stderr, "Not replacing existing known_hosts "
1.122 markus 1175: "file because of errors\n");
1.119 djm 1176: unlink(tmp);
1177: }
1178: exit(1);
1.256 djm 1179: } else if (delete_host && !ctx.found_key) {
1180: fprintf(stderr, "Host %s not found in %s\n",
1181: name, identity_file);
1182: unlink(tmp);
1.257 djm 1183: } else if (inplace) {
1.119 djm 1184: /* Backup existing file */
1185: if (unlink(old) == -1 && errno != ENOENT)
1186: fatal("unlink %.100s: %s", old, strerror(errno));
1187: if (link(identity_file, old) == -1)
1188: fatal("link %.100s to %.100s: %s", identity_file, old,
1189: strerror(errno));
1190: /* Move new one into place */
1191: if (rename(tmp, identity_file) == -1) {
1192: error("rename\"%s\" to \"%s\": %s", tmp, identity_file,
1193: strerror(errno));
1194: unlink(tmp);
1195: unlink(old);
1196: exit(1);
1197: }
1198:
1199: fprintf(stderr, "%s updated.\n", identity_file);
1200: fprintf(stderr, "Original contents retained as %s\n", old);
1.256 djm 1201: if (ctx.has_unhashed) {
1.119 djm 1202: fprintf(stderr, "WARNING: %s contains unhashed "
1203: "entries\n", old);
1204: fprintf(stderr, "Delete this file to ensure privacy "
1.128 djm 1205: "of hostnames\n");
1.119 djm 1206: }
1207: }
1208:
1.256 djm 1209: exit (find_host && !ctx.found_key);
1.119 djm 1210: }
1211:
1.13 deraadt 1212: /*
1213: * Perform changing a passphrase. The argument is the passwd structure
1214: * for the current user.
1215: */
1.63 itojun 1216: static void
1.7 markus 1217: do_change_passphrase(struct passwd *pw)
1218: {
1.12 markus 1219: char *comment;
1220: char *old_passphrase, *passphrase1, *passphrase2;
1221: struct stat st;
1.252 djm 1222: struct sshkey *private;
1223: int r;
1.12 markus 1224:
1225: if (!have_identity)
1226: ask_filename(pw, "Enter file in which the key is");
1227: if (stat(identity_file, &st) < 0) {
1228: perror(identity_file);
1229: exit(1);
1230: }
1231: /* Try to load the file with empty passphrase. */
1.252 djm 1232: r = sshkey_load_private(identity_file, "", &private, &comment);
1233: if (r == SSH_ERR_KEY_WRONG_PASSPHRASE) {
1.12 markus 1234: if (identity_passphrase)
1235: old_passphrase = xstrdup(identity_passphrase);
1236: else
1.65 markus 1237: old_passphrase =
1238: read_passphrase("Enter old passphrase: ",
1239: RP_ALLOW_STDIN);
1.252 djm 1240: r = sshkey_load_private(identity_file, old_passphrase,
1241: &private, &comment);
1.240 djm 1242: explicit_bzero(old_passphrase, strlen(old_passphrase));
1.227 djm 1243: free(old_passphrase);
1.252 djm 1244: if (r != 0)
1245: goto badkey;
1246: } else if (r != 0) {
1247: badkey:
1248: fprintf(stderr, "Failed to load key \"%s\": %s\n",
1249: identity_file, ssh_err(r));
1250: exit(1);
1.12 markus 1251: }
1252: printf("Key has comment '%s'\n", comment);
1253:
1254: /* Ask the new passphrase (twice). */
1255: if (identity_new_passphrase) {
1256: passphrase1 = xstrdup(identity_new_passphrase);
1257: passphrase2 = NULL;
1258: } else {
1259: passphrase1 =
1.65 markus 1260: read_passphrase("Enter new passphrase (empty for no "
1261: "passphrase): ", RP_ALLOW_STDIN);
1262: passphrase2 = read_passphrase("Enter same passphrase again: ",
1.86 deraadt 1263: RP_ALLOW_STDIN);
1.12 markus 1264:
1265: /* Verify that they are the same. */
1266: if (strcmp(passphrase1, passphrase2) != 0) {
1.240 djm 1267: explicit_bzero(passphrase1, strlen(passphrase1));
1268: explicit_bzero(passphrase2, strlen(passphrase2));
1.227 djm 1269: free(passphrase1);
1270: free(passphrase2);
1.12 markus 1271: printf("Pass phrases do not match. Try again.\n");
1272: exit(1);
1273: }
1274: /* Destroy the other copy. */
1.240 djm 1275: explicit_bzero(passphrase2, strlen(passphrase2));
1.227 djm 1276: free(passphrase2);
1.12 markus 1277: }
1278:
1279: /* Save the file using the new passphrase. */
1.252 djm 1280: if ((r = sshkey_save_private(private, identity_file, passphrase1,
1281: comment, use_new_format, new_format_cipher, rounds)) != 0) {
1282: printf("Saving key \"%s\" failed: %s.\n",
1283: identity_file, ssh_err(r));
1.240 djm 1284: explicit_bzero(passphrase1, strlen(passphrase1));
1.227 djm 1285: free(passphrase1);
1.252 djm 1286: sshkey_free(private);
1.227 djm 1287: free(comment);
1.12 markus 1288: exit(1);
1289: }
1290: /* Destroy the passphrase and the copy of the key in memory. */
1.240 djm 1291: explicit_bzero(passphrase1, strlen(passphrase1));
1.227 djm 1292: free(passphrase1);
1.252 djm 1293: sshkey_free(private); /* Destroys contents */
1.227 djm 1294: free(comment);
1.1 deraadt 1295:
1.12 markus 1296: printf("Your identification has been saved with the new passphrase.\n");
1297: exit(0);
1.1 deraadt 1298: }
1299:
1.105 jakob 1300: /*
1301: * Print the SSHFP RR.
1302: */
1.138 jakob 1303: static int
1304: do_print_resource_record(struct passwd *pw, char *fname, char *hname)
1.105 jakob 1305: {
1.252 djm 1306: struct sshkey *public;
1.105 jakob 1307: char *comment = NULL;
1308: struct stat st;
1.252 djm 1309: int r;
1.105 jakob 1310:
1.138 jakob 1311: if (fname == NULL)
1.229 djm 1312: fatal("%s: no filename", __func__);
1.138 jakob 1313: if (stat(fname, &st) < 0) {
1314: if (errno == ENOENT)
1315: return 0;
1316: perror(fname);
1.105 jakob 1317: exit(1);
1318: }
1.252 djm 1319: if ((r = sshkey_load_public(fname, &public, &comment)) != 0) {
1320: printf("Failed to read v2 public key from \"%s\": %s.\n",
1321: fname, ssh_err(r));
1322: exit(1);
1.105 jakob 1323: }
1.252 djm 1324: export_dns_rr(hname, public, stdout, print_generic);
1325: sshkey_free(public);
1326: free(comment);
1327: return 1;
1.105 jakob 1328: }
1329:
1.13 deraadt 1330: /*
1331: * Change the comment of a private key file.
1332: */
1.63 itojun 1333: static void
1.2 provos 1334: do_change_comment(struct passwd *pw)
1.1 deraadt 1335: {
1.46 deraadt 1336: char new_comment[1024], *comment, *passphrase;
1.252 djm 1337: struct sshkey *private;
1338: struct sshkey *public;
1.12 markus 1339: struct stat st;
1340: FILE *f;
1.252 djm 1341: int r, fd;
1.12 markus 1342:
1343: if (!have_identity)
1344: ask_filename(pw, "Enter file in which the key is");
1345: if (stat(identity_file, &st) < 0) {
1346: perror(identity_file);
1347: exit(1);
1348: }
1.252 djm 1349: if ((r = sshkey_load_private(identity_file, "",
1350: &private, &comment)) == 0)
1351: passphrase = xstrdup("");
1352: else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
1353: printf("Cannot load private key \"%s\": %s.\n",
1354: identity_file, ssh_err(r));
1355: exit(1);
1356: } else {
1.12 markus 1357: if (identity_passphrase)
1358: passphrase = xstrdup(identity_passphrase);
1359: else if (identity_new_passphrase)
1360: passphrase = xstrdup(identity_new_passphrase);
1361: else
1.65 markus 1362: passphrase = read_passphrase("Enter passphrase: ",
1363: RP_ALLOW_STDIN);
1.12 markus 1364: /* Try to load using the passphrase. */
1.252 djm 1365: if ((r = sshkey_load_private(identity_file, passphrase,
1366: &private, &comment)) != 0) {
1.240 djm 1367: explicit_bzero(passphrase, strlen(passphrase));
1.227 djm 1368: free(passphrase);
1.252 djm 1369: printf("Cannot load private key \"%s\": %s.\n",
1370: identity_file, ssh_err(r));
1.12 markus 1371: exit(1);
1372: }
1373: }
1.52 markus 1374: if (private->type != KEY_RSA1) {
1375: fprintf(stderr, "Comments are only supported for RSA1 keys.\n");
1.252 djm 1376: sshkey_free(private);
1.52 markus 1377: exit(1);
1.86 deraadt 1378: }
1.12 markus 1379: printf("Key now has comment '%s'\n", comment);
1380:
1381: if (identity_comment) {
1382: strlcpy(new_comment, identity_comment, sizeof(new_comment));
1383: } else {
1384: printf("Enter new comment: ");
1385: fflush(stdout);
1386: if (!fgets(new_comment, sizeof(new_comment), stdin)) {
1.240 djm 1387: explicit_bzero(passphrase, strlen(passphrase));
1.252 djm 1388: sshkey_free(private);
1.12 markus 1389: exit(1);
1390: }
1.162 gilles 1391: new_comment[strcspn(new_comment, "\n")] = '\0';
1.12 markus 1392: }
1393:
1394: /* Save the file using the new passphrase. */
1.252 djm 1395: if ((r = sshkey_save_private(private, identity_file, passphrase,
1396: new_comment, use_new_format, new_format_cipher, rounds)) != 0) {
1397: printf("Saving key \"%s\" failed: %s\n",
1398: identity_file, ssh_err(r));
1.240 djm 1399: explicit_bzero(passphrase, strlen(passphrase));
1.227 djm 1400: free(passphrase);
1.252 djm 1401: sshkey_free(private);
1.227 djm 1402: free(comment);
1.12 markus 1403: exit(1);
1404: }
1.240 djm 1405: explicit_bzero(passphrase, strlen(passphrase));
1.227 djm 1406: free(passphrase);
1.252 djm 1407: if ((r = sshkey_from_private(private, &public)) != 0)
1408: fatal("key_from_private failed: %s", ssh_err(r));
1409: sshkey_free(private);
1.12 markus 1410:
1411: strlcat(identity_file, ".pub", sizeof(identity_file));
1.46 deraadt 1412: fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
1413: if (fd == -1) {
1.12 markus 1414: printf("Could not save your public key in %s\n", identity_file);
1415: exit(1);
1416: }
1.46 deraadt 1417: f = fdopen(fd, "w");
1418: if (f == NULL) {
1.173 tobias 1419: printf("fdopen %s failed\n", identity_file);
1.46 deraadt 1420: exit(1);
1421: }
1.252 djm 1422: if ((r = sshkey_write(public, f)) != 0)
1423: fprintf(stderr, "write key failed: %s\n", ssh_err(r));
1424: sshkey_free(public);
1.19 markus 1425: fprintf(f, " %s\n", new_comment);
1.12 markus 1426: fclose(f);
1.1 deraadt 1427:
1.227 djm 1428: free(comment);
1.1 deraadt 1429:
1.12 markus 1430: printf("The comment in your key file has been changed.\n");
1431: exit(0);
1.1 deraadt 1432: }
1433:
1.179 djm 1434: static const char *
1.182 djm 1435: fmt_validity(u_int64_t valid_from, u_int64_t valid_to)
1.179 djm 1436: {
1437: char from[32], to[32];
1438: static char ret[64];
1439: time_t tt;
1440: struct tm *tm;
1441:
1442: *from = *to = '\0';
1.182 djm 1443: if (valid_from == 0 && valid_to == 0xffffffffffffffffULL)
1.179 djm 1444: return "forever";
1445:
1.182 djm 1446: if (valid_from != 0) {
1.179 djm 1447: /* XXX revisit INT_MAX in 2038 :) */
1.182 djm 1448: tt = valid_from > INT_MAX ? INT_MAX : valid_from;
1.179 djm 1449: tm = localtime(&tt);
1450: strftime(from, sizeof(from), "%Y-%m-%dT%H:%M:%S", tm);
1451: }
1.182 djm 1452: if (valid_to != 0xffffffffffffffffULL) {
1.179 djm 1453: /* XXX revisit INT_MAX in 2038 :) */
1.182 djm 1454: tt = valid_to > INT_MAX ? INT_MAX : valid_to;
1.179 djm 1455: tm = localtime(&tt);
1456: strftime(to, sizeof(to), "%Y-%m-%dT%H:%M:%S", tm);
1457: }
1458:
1.182 djm 1459: if (valid_from == 0) {
1.179 djm 1460: snprintf(ret, sizeof(ret), "before %s", to);
1461: return ret;
1462: }
1.182 djm 1463: if (valid_to == 0xffffffffffffffffULL) {
1.179 djm 1464: snprintf(ret, sizeof(ret), "after %s", from);
1465: return ret;
1466: }
1467:
1468: snprintf(ret, sizeof(ret), "from %s to %s", from, to);
1469: return ret;
1470: }
1471:
1472: static void
1.252 djm 1473: add_flag_option(struct sshbuf *c, const char *name)
1.179 djm 1474: {
1.252 djm 1475: int r;
1476:
1.179 djm 1477: debug3("%s: %s", __func__, name);
1.252 djm 1478: if ((r = sshbuf_put_cstring(c, name)) != 0 ||
1479: (r = sshbuf_put_string(c, NULL, 0)) != 0)
1480: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.179 djm 1481: }
1482:
1483: static void
1.252 djm 1484: add_string_option(struct sshbuf *c, const char *name, const char *value)
1.179 djm 1485: {
1.252 djm 1486: struct sshbuf *b;
1487: int r;
1.179 djm 1488:
1489: debug3("%s: %s=%s", __func__, name, value);
1.252 djm 1490: if ((b = sshbuf_new()) == NULL)
1491: fatal("%s: sshbuf_new failed", __func__);
1492: if ((r = sshbuf_put_cstring(b, value)) != 0 ||
1493: (r = sshbuf_put_cstring(c, name)) != 0 ||
1494: (r = sshbuf_put_stringb(c, b)) != 0)
1495: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.179 djm 1496:
1.252 djm 1497: sshbuf_free(b);
1.179 djm 1498: }
1499:
1.190 djm 1500: #define OPTIONS_CRITICAL 1
1501: #define OPTIONS_EXTENSIONS 2
1.179 djm 1502: static void
1.252 djm 1503: prepare_options_buf(struct sshbuf *c, int which)
1.179 djm 1504: {
1.252 djm 1505: sshbuf_reset(c);
1.196 djm 1506: if ((which & OPTIONS_CRITICAL) != 0 &&
1507: certflags_command != NULL)
1508: add_string_option(c, "force-command", certflags_command);
1.190 djm 1509: if ((which & OPTIONS_EXTENSIONS) != 0 &&
1.210 djm 1510: (certflags_flags & CERTOPT_X_FWD) != 0)
1511: add_flag_option(c, "permit-X11-forwarding");
1512: if ((which & OPTIONS_EXTENSIONS) != 0 &&
1.190 djm 1513: (certflags_flags & CERTOPT_AGENT_FWD) != 0)
1.186 djm 1514: add_flag_option(c, "permit-agent-forwarding");
1.190 djm 1515: if ((which & OPTIONS_EXTENSIONS) != 0 &&
1516: (certflags_flags & CERTOPT_PORT_FWD) != 0)
1.186 djm 1517: add_flag_option(c, "permit-port-forwarding");
1.190 djm 1518: if ((which & OPTIONS_EXTENSIONS) != 0 &&
1519: (certflags_flags & CERTOPT_PTY) != 0)
1.186 djm 1520: add_flag_option(c, "permit-pty");
1.190 djm 1521: if ((which & OPTIONS_EXTENSIONS) != 0 &&
1522: (certflags_flags & CERTOPT_USER_RC) != 0)
1.186 djm 1523: add_flag_option(c, "permit-user-rc");
1.190 djm 1524: if ((which & OPTIONS_CRITICAL) != 0 &&
1525: certflags_src_addr != NULL)
1526: add_string_option(c, "source-address", certflags_src_addr);
1.179 djm 1527: }
1528:
1.252 djm 1529: static struct sshkey *
1.197 djm 1530: load_pkcs11_key(char *path)
1531: {
1532: #ifdef ENABLE_PKCS11
1.252 djm 1533: struct sshkey **keys = NULL, *public, *private = NULL;
1534: int r, i, nkeys;
1.197 djm 1535:
1.252 djm 1536: if ((r = sshkey_load_public(path, &public, NULL)) != 0)
1537: fatal("Couldn't load CA public key \"%s\": %s",
1538: path, ssh_err(r));
1.197 djm 1539:
1540: nkeys = pkcs11_add_provider(pkcs11provider, identity_passphrase, &keys);
1541: debug3("%s: %d keys", __func__, nkeys);
1542: if (nkeys <= 0)
1543: fatal("cannot read public key from pkcs11");
1544: for (i = 0; i < nkeys; i++) {
1.252 djm 1545: if (sshkey_equal_public(public, keys[i])) {
1.197 djm 1546: private = keys[i];
1547: continue;
1548: }
1.252 djm 1549: sshkey_free(keys[i]);
1.197 djm 1550: }
1.227 djm 1551: free(keys);
1.252 djm 1552: sshkey_free(public);
1.197 djm 1553: return private;
1554: #else
1555: fatal("no pkcs11 support");
1556: #endif /* ENABLE_PKCS11 */
1557: }
1558:
1.179 djm 1559: static void
1560: do_ca_sign(struct passwd *pw, int argc, char **argv)
1561: {
1.252 djm 1562: int r, i, fd;
1.179 djm 1563: u_int n;
1.252 djm 1564: struct sshkey *ca, *public;
1.179 djm 1565: char *otmp, *tmp, *cp, *out, *comment, **plist = NULL;
1566: FILE *f;
1.186 djm 1567: int v00 = 0; /* legacy keys */
1.179 djm 1568:
1.186 djm 1569: if (key_type_name != NULL) {
1.252 djm 1570: switch (sshkey_type_from_name(key_type_name)) {
1.186 djm 1571: case KEY_RSA_CERT_V00:
1572: case KEY_DSA_CERT_V00:
1573: v00 = 1;
1574: break;
1575: case KEY_UNSPEC:
1576: if (strcasecmp(key_type_name, "v00") == 0) {
1577: v00 = 1;
1578: break;
1579: } else if (strcasecmp(key_type_name, "v01") == 0)
1580: break;
1581: /* FALLTHROUGH */
1582: default:
1583: fprintf(stderr, "unknown key type %s\n", key_type_name);
1584: exit(1);
1585: }
1586: }
1587:
1.246 markus 1588: #ifdef ENABLE_PKCS11
1.197 djm 1589: pkcs11_init(1);
1.246 markus 1590: #endif
1.197 djm 1591: tmp = tilde_expand_filename(ca_key_path, pw->pw_uid);
1592: if (pkcs11provider != NULL) {
1593: if ((ca = load_pkcs11_key(tmp)) == NULL)
1594: fatal("No PKCS#11 key matching %s found", ca_key_path);
1.252 djm 1595: } else
1596: ca = load_identity(tmp);
1.227 djm 1597: free(tmp);
1.197 djm 1598:
1.179 djm 1599: for (i = 0; i < argc; i++) {
1600: /* Split list of principals */
1601: n = 0;
1602: if (cert_principals != NULL) {
1603: otmp = tmp = xstrdup(cert_principals);
1604: plist = NULL;
1605: for (; (cp = strsep(&tmp, ",")) != NULL; n++) {
1606: plist = xrealloc(plist, n + 1, sizeof(*plist));
1607: if (*(plist[n] = xstrdup(cp)) == '\0')
1608: fatal("Empty principal name");
1609: }
1.227 djm 1610: free(otmp);
1.179 djm 1611: }
1612:
1613: tmp = tilde_expand_filename(argv[i], pw->pw_uid);
1.252 djm 1614: if ((r = sshkey_load_public(tmp, &public, &comment)) != 0)
1615: fatal("%s: unable to open \"%s\": %s",
1616: __func__, tmp, ssh_err(r));
1.200 djm 1617: if (public->type != KEY_RSA && public->type != KEY_DSA &&
1.238 markus 1618: public->type != KEY_ECDSA && public->type != KEY_ED25519)
1.179 djm 1619: fatal("%s: key \"%s\" type %s cannot be certified",
1.252 djm 1620: __func__, tmp, sshkey_type(public));
1.179 djm 1621:
1622: /* Prepare certificate to sign */
1.252 djm 1623: if ((r = sshkey_to_certified(public, v00)) != 0)
1624: fatal("Could not upgrade key %s to certificate: %s",
1625: tmp, ssh_err(r));
1.179 djm 1626: public->cert->type = cert_key_type;
1.186 djm 1627: public->cert->serial = (u_int64_t)cert_serial;
1.179 djm 1628: public->cert->key_id = xstrdup(cert_key_id);
1629: public->cert->nprincipals = n;
1630: public->cert->principals = plist;
1631: public->cert->valid_after = cert_valid_from;
1632: public->cert->valid_before = cert_valid_to;
1.190 djm 1633: if (v00) {
1.247 djm 1634: prepare_options_buf(public->cert->critical,
1.190 djm 1635: OPTIONS_CRITICAL|OPTIONS_EXTENSIONS);
1636: } else {
1.247 djm 1637: prepare_options_buf(public->cert->critical,
1.190 djm 1638: OPTIONS_CRITICAL);
1.247 djm 1639: prepare_options_buf(public->cert->extensions,
1.190 djm 1640: OPTIONS_EXTENSIONS);
1641: }
1.252 djm 1642: if ((r = sshkey_from_private(ca,
1643: &public->cert->signature_key)) != 0)
1644: fatal("key_from_private (ca key): %s", ssh_err(r));
1.179 djm 1645:
1.252 djm 1646: if (sshkey_certify(public, ca) != 0)
1.179 djm 1647: fatal("Couldn't not certify key %s", tmp);
1648:
1649: if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0)
1650: *cp = '\0';
1651: xasprintf(&out, "%s-cert.pub", tmp);
1.227 djm 1652: free(tmp);
1.179 djm 1653:
1654: if ((fd = open(out, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1)
1655: fatal("Could not open \"%s\" for writing: %s", out,
1656: strerror(errno));
1657: if ((f = fdopen(fd, "w")) == NULL)
1658: fatal("%s: fdopen: %s", __func__, strerror(errno));
1.252 djm 1659: if ((r = sshkey_write(public, f)) != 0)
1660: fatal("Could not write certified key to %s: %s",
1661: out, ssh_err(r));
1.179 djm 1662: fprintf(f, " %s\n", comment);
1663: fclose(f);
1664:
1.186 djm 1665: if (!quiet) {
1666: logit("Signed %s key %s: id \"%s\" serial %llu%s%s "
1.252 djm 1667: "valid %s", sshkey_cert_type(public),
1.205 djm 1668: out, public->cert->key_id,
1669: (unsigned long long)public->cert->serial,
1.179 djm 1670: cert_principals != NULL ? " for " : "",
1671: cert_principals != NULL ? cert_principals : "",
1.182 djm 1672: fmt_validity(cert_valid_from, cert_valid_to));
1.186 djm 1673: }
1.179 djm 1674:
1.252 djm 1675: sshkey_free(public);
1.227 djm 1676: free(out);
1.179 djm 1677: }
1.246 markus 1678: #ifdef ENABLE_PKCS11
1.197 djm 1679: pkcs11_terminate();
1.246 markus 1680: #endif
1.179 djm 1681: exit(0);
1682: }
1683:
1684: static u_int64_t
1685: parse_relative_time(const char *s, time_t now)
1686: {
1687: int64_t mul, secs;
1688:
1689: mul = *s == '-' ? -1 : 1;
1690:
1691: if ((secs = convtime(s + 1)) == -1)
1692: fatal("Invalid relative certificate time %s", s);
1693: if (mul == -1 && secs > now)
1694: fatal("Certificate time %s cannot be represented", s);
1695: return now + (u_int64_t)(secs * mul);
1696: }
1697:
1698: static u_int64_t
1699: parse_absolute_time(const char *s)
1700: {
1701: struct tm tm;
1702: time_t tt;
1.180 djm 1703: char buf[32], *fmt;
1.179 djm 1704:
1.180 djm 1705: /*
1706: * POSIX strptime says "The application shall ensure that there
1707: * is white-space or other non-alphanumeric characters between
1708: * any two conversion specifications" so arrange things this way.
1709: */
1710: switch (strlen(s)) {
1711: case 8:
1.184 djm 1712: fmt = "%Y-%m-%d";
1713: snprintf(buf, sizeof(buf), "%.4s-%.2s-%.2s", s, s + 4, s + 6);
1.180 djm 1714: break;
1715: case 14:
1.184 djm 1716: fmt = "%Y-%m-%dT%H:%M:%S";
1717: snprintf(buf, sizeof(buf), "%.4s-%.2s-%.2sT%.2s:%.2s:%.2s",
1.180 djm 1718: s, s + 4, s + 6, s + 8, s + 10, s + 12);
1719: break;
1720: default:
1.179 djm 1721: fatal("Invalid certificate time format %s", s);
1.180 djm 1722: }
1.179 djm 1723:
1.239 tedu 1724: memset(&tm, 0, sizeof(tm));
1.180 djm 1725: if (strptime(buf, fmt, &tm) == NULL)
1.179 djm 1726: fatal("Invalid certificate time %s", s);
1727: if ((tt = mktime(&tm)) < 0)
1728: fatal("Certificate time %s cannot be represented", s);
1729: return (u_int64_t)tt;
1730: }
1731:
1732: static void
1733: parse_cert_times(char *timespec)
1734: {
1735: char *from, *to;
1736: time_t now = time(NULL);
1737: int64_t secs;
1738:
1739: /* +timespec relative to now */
1740: if (*timespec == '+' && strchr(timespec, ':') == NULL) {
1741: if ((secs = convtime(timespec + 1)) == -1)
1742: fatal("Invalid relative certificate life %s", timespec);
1743: cert_valid_to = now + secs;
1744: /*
1745: * Backdate certificate one minute to avoid problems on hosts
1746: * with poorly-synchronised clocks.
1747: */
1748: cert_valid_from = ((now - 59)/ 60) * 60;
1749: return;
1750: }
1751:
1752: /*
1753: * from:to, where
1754: * from := [+-]timespec | YYYYMMDD | YYYYMMDDHHMMSS
1755: * to := [+-]timespec | YYYYMMDD | YYYYMMDDHHMMSS
1756: */
1757: from = xstrdup(timespec);
1758: to = strchr(from, ':');
1759: if (to == NULL || from == to || *(to + 1) == '\0')
1.181 djm 1760: fatal("Invalid certificate life specification %s", timespec);
1.179 djm 1761: *to++ = '\0';
1762:
1763: if (*from == '-' || *from == '+')
1764: cert_valid_from = parse_relative_time(from, now);
1765: else
1766: cert_valid_from = parse_absolute_time(from);
1767:
1768: if (*to == '-' || *to == '+')
1.235 djm 1769: cert_valid_to = parse_relative_time(to, now);
1.179 djm 1770: else
1771: cert_valid_to = parse_absolute_time(to);
1772:
1773: if (cert_valid_to <= cert_valid_from)
1774: fatal("Empty certificate validity interval");
1.227 djm 1775: free(from);
1.179 djm 1776: }
1777:
1778: static void
1.186 djm 1779: add_cert_option(char *opt)
1.179 djm 1780: {
1781: char *val;
1782:
1.208 stevesk 1783: if (strcasecmp(opt, "clear") == 0)
1.190 djm 1784: certflags_flags = 0;
1.179 djm 1785: else if (strcasecmp(opt, "no-x11-forwarding") == 0)
1.190 djm 1786: certflags_flags &= ~CERTOPT_X_FWD;
1.179 djm 1787: else if (strcasecmp(opt, "permit-x11-forwarding") == 0)
1.190 djm 1788: certflags_flags |= CERTOPT_X_FWD;
1.179 djm 1789: else if (strcasecmp(opt, "no-agent-forwarding") == 0)
1.190 djm 1790: certflags_flags &= ~CERTOPT_AGENT_FWD;
1.179 djm 1791: else if (strcasecmp(opt, "permit-agent-forwarding") == 0)
1.190 djm 1792: certflags_flags |= CERTOPT_AGENT_FWD;
1.179 djm 1793: else if (strcasecmp(opt, "no-port-forwarding") == 0)
1.190 djm 1794: certflags_flags &= ~CERTOPT_PORT_FWD;
1.179 djm 1795: else if (strcasecmp(opt, "permit-port-forwarding") == 0)
1.190 djm 1796: certflags_flags |= CERTOPT_PORT_FWD;
1.179 djm 1797: else if (strcasecmp(opt, "no-pty") == 0)
1.190 djm 1798: certflags_flags &= ~CERTOPT_PTY;
1.179 djm 1799: else if (strcasecmp(opt, "permit-pty") == 0)
1.190 djm 1800: certflags_flags |= CERTOPT_PTY;
1.179 djm 1801: else if (strcasecmp(opt, "no-user-rc") == 0)
1.190 djm 1802: certflags_flags &= ~CERTOPT_USER_RC;
1.179 djm 1803: else if (strcasecmp(opt, "permit-user-rc") == 0)
1.190 djm 1804: certflags_flags |= CERTOPT_USER_RC;
1.179 djm 1805: else if (strncasecmp(opt, "force-command=", 14) == 0) {
1806: val = opt + 14;
1807: if (*val == '\0')
1.186 djm 1808: fatal("Empty force-command option");
1.190 djm 1809: if (certflags_command != NULL)
1.179 djm 1810: fatal("force-command already specified");
1.190 djm 1811: certflags_command = xstrdup(val);
1.179 djm 1812: } else if (strncasecmp(opt, "source-address=", 15) == 0) {
1813: val = opt + 15;
1814: if (*val == '\0')
1.186 djm 1815: fatal("Empty source-address option");
1.190 djm 1816: if (certflags_src_addr != NULL)
1.179 djm 1817: fatal("source-address already specified");
1818: if (addr_match_cidr_list(NULL, val) != 0)
1819: fatal("Invalid source-address list");
1.190 djm 1820: certflags_src_addr = xstrdup(val);
1.179 djm 1821: } else
1.186 djm 1822: fatal("Unsupported certificate option \"%s\"", opt);
1.179 djm 1823: }
1824:
1.63 itojun 1825: static void
1.252 djm 1826: show_options(struct sshbuf *optbuf, int v00, int in_critical)
1.192 djm 1827: {
1.245 djm 1828: char *name, *arg;
1.252 djm 1829: struct sshbuf *options, *option = NULL;
1830: int r;
1831:
1832: if ((options = sshbuf_fromb(optbuf)) == NULL)
1833: fatal("%s: sshbuf_fromb failed", __func__);
1834: while (sshbuf_len(options) != 0) {
1835: sshbuf_free(option);
1836: option = NULL;
1837: if ((r = sshbuf_get_cstring(options, &name, NULL)) != 0 ||
1838: (r = sshbuf_froms(options, &option)) != 0)
1839: fatal("%s: buffer error: %s", __func__, ssh_err(r));
1.192 djm 1840: printf(" %s", name);
1841: if ((v00 || !in_critical) &&
1842: (strcmp(name, "permit-X11-forwarding") == 0 ||
1843: strcmp(name, "permit-agent-forwarding") == 0 ||
1844: strcmp(name, "permit-port-forwarding") == 0 ||
1845: strcmp(name, "permit-pty") == 0 ||
1846: strcmp(name, "permit-user-rc") == 0))
1847: printf("\n");
1848: else if ((v00 || in_critical) &&
1849: (strcmp(name, "force-command") == 0 ||
1850: strcmp(name, "source-address") == 0)) {
1.252 djm 1851: if ((r = sshbuf_get_cstring(option, &arg, NULL)) != 0)
1852: fatal("%s: buffer error: %s",
1853: __func__, ssh_err(r));
1.245 djm 1854: printf(" %s\n", arg);
1855: free(arg);
1.192 djm 1856: } else {
1.252 djm 1857: printf(" UNKNOWN OPTION (len %zu)\n",
1858: sshbuf_len(option));
1859: sshbuf_reset(option);
1.192 djm 1860: }
1.227 djm 1861: free(name);
1.252 djm 1862: if (sshbuf_len(option) != 0)
1.192 djm 1863: fatal("Option corrupt: extra data at end");
1864: }
1.252 djm 1865: sshbuf_free(option);
1866: sshbuf_free(options);
1.192 djm 1867: }
1868:
1869: static void
1.182 djm 1870: do_show_cert(struct passwd *pw)
1871: {
1.252 djm 1872: struct sshkey *key;
1.182 djm 1873: struct stat st;
1874: char *key_fp, *ca_fp;
1.192 djm 1875: u_int i, v00;
1.252 djm 1876: int r;
1.182 djm 1877:
1878: if (!have_identity)
1879: ask_filename(pw, "Enter file in which the key is");
1.191 djm 1880: if (stat(identity_file, &st) < 0)
1881: fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
1.252 djm 1882: if ((r = sshkey_load_public(identity_file, &key, NULL)) != 0)
1883: fatal("Cannot load public key \"%s\": %s",
1884: identity_file, ssh_err(r));
1885: if (!sshkey_is_cert(key))
1.182 djm 1886: fatal("%s is not a certificate", identity_file);
1.186 djm 1887: v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00;
1888:
1.252 djm 1889: key_fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT);
1890: ca_fp = sshkey_fingerprint(key->cert->signature_key,
1.251 djm 1891: fingerprint_hash, SSH_FP_DEFAULT);
1.259 djm 1892: if (key_fp == NULL || ca_fp == NULL)
1893: fatal("%s: sshkey_fingerprint fail", __func__);
1.182 djm 1894:
1895: printf("%s:\n", identity_file);
1.252 djm 1896: printf(" Type: %s %s certificate\n", sshkey_ssh_name(key),
1897: sshkey_cert_type(key));
1898: printf(" Public key: %s %s\n", sshkey_type(key), key_fp);
1.186 djm 1899: printf(" Signing CA: %s %s\n",
1.252 djm 1900: sshkey_type(key->cert->signature_key), ca_fp);
1.186 djm 1901: printf(" Key ID: \"%s\"\n", key->cert->key_id);
1.205 djm 1902: if (!v00) {
1903: printf(" Serial: %llu\n",
1904: (unsigned long long)key->cert->serial);
1905: }
1.182 djm 1906: printf(" Valid: %s\n",
1907: fmt_validity(key->cert->valid_after, key->cert->valid_before));
1908: printf(" Principals: ");
1909: if (key->cert->nprincipals == 0)
1910: printf("(none)\n");
1911: else {
1912: for (i = 0; i < key->cert->nprincipals; i++)
1913: printf("\n %s",
1914: key->cert->principals[i]);
1915: printf("\n");
1916: }
1.186 djm 1917: printf(" Critical Options: ");
1.252 djm 1918: if (sshbuf_len(key->cert->critical) == 0)
1.182 djm 1919: printf("(none)\n");
1920: else {
1921: printf("\n");
1.247 djm 1922: show_options(key->cert->critical, v00, 1);
1.186 djm 1923: }
1924: if (!v00) {
1925: printf(" Extensions: ");
1.252 djm 1926: if (sshbuf_len(key->cert->extensions) == 0)
1.186 djm 1927: printf("(none)\n");
1928: else {
1929: printf("\n");
1.247 djm 1930: show_options(key->cert->extensions, v00, 0);
1.182 djm 1931: }
1932: }
1933: exit(0);
1934: }
1935:
1.246 markus 1936: #ifdef WITH_OPENSSL
1.182 djm 1937: static void
1.223 djm 1938: load_krl(const char *path, struct ssh_krl **krlp)
1939: {
1.252 djm 1940: struct sshbuf *krlbuf;
1941: int r, fd;
1.223 djm 1942:
1.252 djm 1943: if ((krlbuf = sshbuf_new()) == NULL)
1944: fatal("sshbuf_new failed");
1.223 djm 1945: if ((fd = open(path, O_RDONLY)) == -1)
1946: fatal("open %s: %s", path, strerror(errno));
1.252 djm 1947: if ((r = sshkey_load_file(fd, krlbuf)) != 0)
1948: fatal("Unable to load KRL: %s", ssh_err(r));
1.223 djm 1949: close(fd);
1950: /* XXX check sigs */
1.252 djm 1951: if ((r = ssh_krl_from_blob(krlbuf, krlp, NULL, 0)) != 0 ||
1.223 djm 1952: *krlp == NULL)
1.252 djm 1953: fatal("Invalid KRL file: %s", ssh_err(r));
1954: sshbuf_free(krlbuf);
1.223 djm 1955: }
1956:
1957: static void
1.261 ! djm 1958: update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
1.252 djm 1959: const struct sshkey *ca, struct ssh_krl *krl)
1.223 djm 1960: {
1.252 djm 1961: struct sshkey *key = NULL;
1.223 djm 1962: u_long lnum = 0;
1963: char *path, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES];
1964: unsigned long long serial, serial2;
1965: int i, was_explicit_key, was_sha1, r;
1966: FILE *krl_spec;
1967:
1968: path = tilde_expand_filename(file, pw->pw_uid);
1969: if (strcmp(path, "-") == 0) {
1970: krl_spec = stdin;
1971: free(path);
1972: path = xstrdup("(standard input)");
1973: } else if ((krl_spec = fopen(path, "r")) == NULL)
1974: fatal("fopen %s: %s", path, strerror(errno));
1975:
1976: if (!quiet)
1977: printf("Revoking from %s\n", path);
1978: while (read_keyfile_line(krl_spec, path, line, sizeof(line),
1979: &lnum) == 0) {
1980: was_explicit_key = was_sha1 = 0;
1981: cp = line + strspn(line, " \t");
1982: /* Trim trailing space, comments and strip \n */
1983: for (i = 0, r = -1; cp[i] != '\0'; i++) {
1984: if (cp[i] == '#' || cp[i] == '\n') {
1985: cp[i] = '\0';
1986: break;
1987: }
1988: if (cp[i] == ' ' || cp[i] == '\t') {
1989: /* Remember the start of a span of whitespace */
1990: if (r == -1)
1991: r = i;
1992: } else
1993: r = -1;
1994: }
1995: if (r != -1)
1996: cp[r] = '\0';
1997: if (*cp == '\0')
1998: continue;
1999: if (strncasecmp(cp, "serial:", 7) == 0) {
1.261 ! djm 2000: if (ca == NULL && !wild_ca) {
1.231 djm 2001: fatal("revoking certificates by serial number "
1.223 djm 2002: "requires specification of a CA key");
2003: }
2004: cp += 7;
2005: cp = cp + strspn(cp, " \t");
2006: errno = 0;
2007: serial = strtoull(cp, &ep, 0);
2008: if (*cp == '\0' || (*ep != '\0' && *ep != '-'))
2009: fatal("%s:%lu: invalid serial \"%s\"",
2010: path, lnum, cp);
2011: if (errno == ERANGE && serial == ULLONG_MAX)
2012: fatal("%s:%lu: serial out of range",
2013: path, lnum);
2014: serial2 = serial;
2015: if (*ep == '-') {
2016: cp = ep + 1;
2017: errno = 0;
2018: serial2 = strtoull(cp, &ep, 0);
2019: if (*cp == '\0' || *ep != '\0')
2020: fatal("%s:%lu: invalid serial \"%s\"",
2021: path, lnum, cp);
2022: if (errno == ERANGE && serial2 == ULLONG_MAX)
2023: fatal("%s:%lu: serial out of range",
2024: path, lnum);
2025: if (serial2 <= serial)
2026: fatal("%s:%lu: invalid serial range "
2027: "%llu:%llu", path, lnum,
2028: (unsigned long long)serial,
2029: (unsigned long long)serial2);
2030: }
2031: if (ssh_krl_revoke_cert_by_serial_range(krl,
2032: ca, serial, serial2) != 0) {
2033: fatal("%s: revoke serial failed",
2034: __func__);
2035: }
2036: } else if (strncasecmp(cp, "id:", 3) == 0) {
1.261 ! djm 2037: if (ca == NULL && !wild_ca) {
1.232 djm 2038: fatal("revoking certificates by key ID "
1.223 djm 2039: "requires specification of a CA key");
2040: }
2041: cp += 3;
2042: cp = cp + strspn(cp, " \t");
2043: if (ssh_krl_revoke_cert_by_key_id(krl, ca, cp) != 0)
2044: fatal("%s: revoke key ID failed", __func__);
2045: } else {
2046: if (strncasecmp(cp, "key:", 4) == 0) {
2047: cp += 4;
2048: cp = cp + strspn(cp, " \t");
2049: was_explicit_key = 1;
2050: } else if (strncasecmp(cp, "sha1:", 5) == 0) {
2051: cp += 5;
2052: cp = cp + strspn(cp, " \t");
2053: was_sha1 = 1;
2054: } else {
2055: /*
2056: * Just try to process the line as a key.
2057: * Parsing will fail if it isn't.
2058: */
2059: }
1.252 djm 2060: if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
1.223 djm 2061: fatal("key_new");
1.252 djm 2062: if ((r = sshkey_read(key, &cp)) != 0)
2063: fatal("%s:%lu: invalid key: %s",
2064: path, lnum, ssh_err(r));
1.223 djm 2065: if (was_explicit_key)
2066: r = ssh_krl_revoke_key_explicit(krl, key);
2067: else if (was_sha1)
2068: r = ssh_krl_revoke_key_sha1(krl, key);
2069: else
2070: r = ssh_krl_revoke_key(krl, key);
2071: if (r != 0)
1.252 djm 2072: fatal("%s: revoke key failed: %s",
2073: __func__, ssh_err(r));
2074: sshkey_free(key);
1.223 djm 2075: }
2076: }
2077: if (strcmp(path, "-") != 0)
2078: fclose(krl_spec);
1.226 djm 2079: free(path);
1.223 djm 2080: }
2081:
2082: static void
2083: do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
2084: {
2085: struct ssh_krl *krl;
2086: struct stat sb;
1.252 djm 2087: struct sshkey *ca = NULL;
1.261 ! djm 2088: int fd, i, r, wild_ca = 0;
1.223 djm 2089: char *tmp;
1.252 djm 2090: struct sshbuf *kbuf;
1.223 djm 2091:
2092: if (*identity_file == '\0')
2093: fatal("KRL generation requires an output file");
2094: if (stat(identity_file, &sb) == -1) {
2095: if (errno != ENOENT)
2096: fatal("Cannot access KRL \"%s\": %s",
2097: identity_file, strerror(errno));
2098: if (updating)
2099: fatal("KRL \"%s\" does not exist", identity_file);
2100: }
2101: if (ca_key_path != NULL) {
1.261 ! djm 2102: if (strcasecmp(ca_key_path, "none") == 0)
! 2103: wild_ca = 1;
! 2104: else {
! 2105: tmp = tilde_expand_filename(ca_key_path, pw->pw_uid);
! 2106: if ((r = sshkey_load_public(tmp, &ca, NULL)) != 0)
! 2107: fatal("Cannot load CA public key %s: %s",
! 2108: tmp, ssh_err(r));
! 2109: free(tmp);
! 2110: }
1.223 djm 2111: }
2112:
2113: if (updating)
2114: load_krl(identity_file, &krl);
2115: else if ((krl = ssh_krl_init()) == NULL)
2116: fatal("couldn't create KRL");
2117:
2118: if (cert_serial != 0)
2119: ssh_krl_set_version(krl, cert_serial);
2120: if (identity_comment != NULL)
2121: ssh_krl_set_comment(krl, identity_comment);
2122:
2123: for (i = 0; i < argc; i++)
1.261 ! djm 2124: update_krl_from_file(pw, argv[i], wild_ca, ca, krl);
1.223 djm 2125:
1.252 djm 2126: if ((kbuf = sshbuf_new()) == NULL)
2127: fatal("sshbuf_new failed");
2128: if (ssh_krl_to_blob(krl, kbuf, NULL, 0) != 0)
1.223 djm 2129: fatal("Couldn't generate KRL");
2130: if ((fd = open(identity_file, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1)
2131: fatal("open %s: %s", identity_file, strerror(errno));
1.252 djm 2132: if (atomicio(vwrite, fd, (void *)sshbuf_ptr(kbuf), sshbuf_len(kbuf)) !=
2133: sshbuf_len(kbuf))
1.223 djm 2134: fatal("write %s: %s", identity_file, strerror(errno));
2135: close(fd);
1.252 djm 2136: sshbuf_free(kbuf);
1.223 djm 2137: ssh_krl_free(krl);
1.226 djm 2138: if (ca != NULL)
1.252 djm 2139: sshkey_free(ca);
1.223 djm 2140: }
2141:
2142: static void
2143: do_check_krl(struct passwd *pw, int argc, char **argv)
2144: {
2145: int i, r, ret = 0;
2146: char *comment;
2147: struct ssh_krl *krl;
1.252 djm 2148: struct sshkey *k;
1.223 djm 2149:
2150: if (*identity_file == '\0')
2151: fatal("KRL checking requires an input file");
2152: load_krl(identity_file, &krl);
2153: for (i = 0; i < argc; i++) {
1.252 djm 2154: if ((r = sshkey_load_public(argv[i], &k, &comment)) != 0)
2155: fatal("Cannot load public key %s: %s",
2156: argv[i], ssh_err(r));
1.223 djm 2157: r = ssh_krl_check_key(krl, k);
2158: printf("%s%s%s%s: %s\n", argv[i],
2159: *comment ? " (" : "", comment, *comment ? ")" : "",
2160: r == 0 ? "ok" : "REVOKED");
2161: if (r != 0)
2162: ret = 1;
1.252 djm 2163: sshkey_free(k);
1.223 djm 2164: free(comment);
2165: }
2166: ssh_krl_free(krl);
2167: exit(ret);
2168: }
1.246 markus 2169: #endif
1.223 djm 2170:
2171: static void
1.10 markus 2172: usage(void)
2173: {
1.243 deraadt 2174: fprintf(stderr,
2175: "usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]\n"
2176: " [-N new_passphrase] [-C comment] [-f output_keyfile]\n"
2177: " ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]\n"
2178: " ssh-keygen -i [-m key_format] [-f input_keyfile]\n"
2179: " ssh-keygen -e [-m key_format] [-f input_keyfile]\n"
2180: " ssh-keygen -y [-f input_keyfile]\n"
2181: " ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]\n"
1.251 djm 2182: " ssh-keygen -l [-E fingerprint_hash] [-f input_keyfile]\n"
1.243 deraadt 2183: " ssh-keygen -B [-f input_keyfile]\n");
1.177 markus 2184: #ifdef ENABLE_PKCS11
1.243 deraadt 2185: fprintf(stderr,
2186: " ssh-keygen -D pkcs11\n");
1.177 markus 2187: #endif
1.243 deraadt 2188: fprintf(stderr,
2189: " ssh-keygen -F hostname [-f known_hosts_file] [-l]\n"
2190: " ssh-keygen -H [-f known_hosts_file]\n"
2191: " ssh-keygen -R hostname [-f known_hosts_file]\n"
2192: " ssh-keygen -r hostname [-f input_keyfile] [-g]\n"
2193: " ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]\n"
2194: " ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]\n"
2195: " [-j start_line] [-K checkpt] [-W generator]\n"
2196: " ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]\n"
2197: " [-O option] [-V validity_interval] [-z serial_number] file ...\n"
2198: " ssh-keygen -L [-f input_keyfile]\n"
2199: " ssh-keygen -A\n"
2200: " ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n"
2201: " file ...\n"
2202: " ssh-keygen -Q -f krl_file file ...\n");
1.12 markus 2203: exit(1);
1.10 markus 2204: }
2205:
1.13 deraadt 2206: /*
2207: * Main program for key management.
2208: */
1.2 provos 2209: int
1.156 deraadt 2210: main(int argc, char **argv)
1.1 deraadt 2211: {
1.253 deraadt 2212: char dotsshdir[PATH_MAX], comment[1024], *passphrase1, *passphrase2;
1.211 dtucker 2213: char *checkpoint = NULL;
1.259 djm 2214: char out_file[PATH_MAX], *rr_hostname = NULL, *ep, *fp, *ra;
1.252 djm 2215: struct sshkey *private, *public;
1.12 markus 2216: struct passwd *pw;
2217: struct stat st;
1.252 djm 2218: int r, opt, type, fd;
1.237 markus 2219: u_int32_t memory = 0, generator_wanted = 0;
1.107 djm 2220: int do_gen_candidates = 0, do_screen_candidates = 0;
1.223 djm 2221: int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0;
1.215 dtucker 2222: unsigned long start_lineno = 0, lines_to_process = 0;
1.107 djm 2223: BIGNUM *start = NULL;
1.12 markus 2224: FILE *f;
1.125 avsm 2225: const char *errstr;
1.33 markus 2226:
1.12 markus 2227: extern int optind;
2228: extern char *optarg;
1.129 djm 2229:
2230: /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
2231: sanitise_stdfd();
1.12 markus 2232:
1.201 djm 2233: OpenSSL_add_all_algorithms();
1.156 deraadt 2234: log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
1.19 markus 2235:
1.14 markus 2236: /* we need this for the home * directory. */
1.12 markus 2237: pw = getpwuid(getuid());
2238: if (!pw) {
1.230 djm 2239: printf("No user exists for uid %lu\n", (u_long)getuid());
1.12 markus 2240: exit(1);
2241: }
1.19 markus 2242: if (gethostname(hostname, sizeof(hostname)) < 0) {
2243: perror("gethostname");
2244: exit(1);
2245: }
1.14 markus 2246:
1.251 djm 2247: /* Remaining characters: UYdw */
1.237 markus 2248: while ((opt = getopt(argc, argv, "ABHLQXceghiklopquvxy"
1.251 djm 2249: "C:D:E:F:G:I:J:K:M:N:O:P:R:S:T:V:W:Z:"
2250: "a:b:f:g:j:m:n:r:s:t:z:")) != -1) {
1.12 markus 2251: switch (opt) {
1.206 stevesk 2252: case 'A':
2253: gen_all_hostkeys = 1;
2254: break;
1.12 markus 2255: case 'b':
1.202 markus 2256: bits = (u_int32_t)strtonum(optarg, 256, 32768, &errstr);
1.125 avsm 2257: if (errstr)
2258: fatal("Bits has bad value %s (%s)",
2259: optarg, errstr);
1.12 markus 2260: break;
1.251 djm 2261: case 'E':
2262: fingerprint_hash = ssh_digest_alg_by_name(optarg);
2263: if (fingerprint_hash == -1)
2264: fatal("Invalid hash algorithm \"%s\"", optarg);
2265: break;
1.119 djm 2266: case 'F':
2267: find_host = 1;
2268: rr_hostname = optarg;
2269: break;
2270: case 'H':
2271: hash_hosts = 1;
2272: break;
1.179 djm 2273: case 'I':
2274: cert_key_id = optarg;
2275: break;
1.215 dtucker 2276: case 'J':
2277: lines_to_process = strtoul(optarg, NULL, 10);
2278: break;
2279: case 'j':
2280: start_lineno = strtoul(optarg, NULL, 10);
2281: break;
1.119 djm 2282: case 'R':
2283: delete_host = 1;
2284: rr_hostname = optarg;
2285: break;
1.182 djm 2286: case 'L':
2287: show_cert = 1;
2288: break;
1.12 markus 2289: case 'l':
2290: print_fingerprint = 1;
2291: break;
1.49 markus 2292: case 'B':
2293: print_bubblebabble = 1;
2294: break;
1.193 djm 2295: case 'm':
2296: if (strcasecmp(optarg, "RFC4716") == 0 ||
2297: strcasecmp(optarg, "ssh2") == 0) {
2298: convert_format = FMT_RFC4716;
2299: break;
2300: }
2301: if (strcasecmp(optarg, "PKCS8") == 0) {
2302: convert_format = FMT_PKCS8;
2303: break;
2304: }
2305: if (strcasecmp(optarg, "PEM") == 0) {
2306: convert_format = FMT_PEM;
2307: break;
2308: }
2309: fatal("Unsupported conversion format \"%s\"", optarg);
1.179 djm 2310: case 'n':
2311: cert_principals = optarg;
2312: break;
1.237 markus 2313: case 'o':
2314: use_new_format = 1;
2315: break;
1.12 markus 2316: case 'p':
2317: change_passphrase = 1;
2318: break;
2319: case 'c':
2320: change_comment = 1;
2321: break;
2322: case 'f':
1.124 avsm 2323: if (strlcpy(identity_file, optarg, sizeof(identity_file)) >=
2324: sizeof(identity_file))
2325: fatal("Identity filename too long");
1.12 markus 2326: have_identity = 1;
2327: break;
1.105 jakob 2328: case 'g':
2329: print_generic = 1;
2330: break;
1.12 markus 2331: case 'P':
2332: identity_passphrase = optarg;
2333: break;
2334: case 'N':
2335: identity_new_passphrase = optarg;
2336: break;
1.223 djm 2337: case 'Q':
2338: check_krl = 1;
2339: break;
1.179 djm 2340: case 'O':
1.186 djm 2341: add_cert_option(optarg);
1.179 djm 2342: break;
1.237 markus 2343: case 'Z':
2344: new_format_cipher = optarg;
2345: break;
1.12 markus 2346: case 'C':
2347: identity_comment = optarg;
2348: break;
2349: case 'q':
2350: quiet = 1;
1.20 deraadt 2351: break;
1.57 markus 2352: case 'e':
1.19 markus 2353: case 'x':
1.57 markus 2354: /* export key */
1.193 djm 2355: convert_to = 1;
1.19 markus 2356: break;
1.179 djm 2357: case 'h':
2358: cert_key_type = SSH2_CERT_TYPE_HOST;
1.190 djm 2359: certflags_flags = 0;
1.179 djm 2360: break;
1.223 djm 2361: case 'k':
2362: gen_krl = 1;
2363: break;
1.57 markus 2364: case 'i':
1.19 markus 2365: case 'X':
1.57 markus 2366: /* import key */
1.193 djm 2367: convert_from = 1;
1.19 markus 2368: break;
2369: case 'y':
2370: print_public = 1;
2371: break;
1.179 djm 2372: case 's':
2373: ca_key_path = optarg;
2374: break;
1.33 markus 2375: case 't':
2376: key_type_name = optarg;
2377: break;
1.75 markus 2378: case 'D':
1.177 markus 2379: pkcs11provider = optarg;
1.66 markus 2380: break;
1.223 djm 2381: case 'u':
2382: update_krl = 1;
2383: break;
1.113 djm 2384: case 'v':
2385: if (log_level == SYSLOG_LEVEL_INFO)
2386: log_level = SYSLOG_LEVEL_DEBUG1;
2387: else {
1.117 deraadt 2388: if (log_level >= SYSLOG_LEVEL_DEBUG1 &&
1.113 djm 2389: log_level < SYSLOG_LEVEL_DEBUG3)
2390: log_level++;
2391: }
2392: break;
1.105 jakob 2393: case 'r':
1.119 djm 2394: rr_hostname = optarg;
1.105 jakob 2395: break;
1.107 djm 2396: case 'W':
1.142 deraadt 2397: generator_wanted = (u_int32_t)strtonum(optarg, 1,
2398: UINT_MAX, &errstr);
1.124 avsm 2399: if (errstr)
2400: fatal("Desired generator has bad value: %s (%s)",
2401: optarg, errstr);
1.107 djm 2402: break;
2403: case 'a':
1.237 markus 2404: rounds = (int)strtonum(optarg, 1, INT_MAX, &errstr);
1.124 avsm 2405: if (errstr)
1.237 markus 2406: fatal("Invalid number: %s (%s)",
1.124 avsm 2407: optarg, errstr);
1.107 djm 2408: break;
2409: case 'M':
1.142 deraadt 2410: memory = (u_int32_t)strtonum(optarg, 1, UINT_MAX, &errstr);
1.186 djm 2411: if (errstr)
1.124 avsm 2412: fatal("Memory limit is %s: %s", errstr, optarg);
1.107 djm 2413: break;
2414: case 'G':
2415: do_gen_candidates = 1;
1.124 avsm 2416: if (strlcpy(out_file, optarg, sizeof(out_file)) >=
2417: sizeof(out_file))
2418: fatal("Output filename too long");
1.107 djm 2419: break;
2420: case 'T':
2421: do_screen_candidates = 1;
1.124 avsm 2422: if (strlcpy(out_file, optarg, sizeof(out_file)) >=
2423: sizeof(out_file))
2424: fatal("Output filename too long");
1.107 djm 2425: break;
1.211 dtucker 2426: case 'K':
1.253 deraadt 2427: if (strlen(optarg) >= PATH_MAX)
1.211 dtucker 2428: fatal("Checkpoint filename too long");
2429: checkpoint = xstrdup(optarg);
2430: break;
1.107 djm 2431: case 'S':
2432: /* XXX - also compare length against bits */
2433: if (BN_hex2bn(&start, optarg) == 0)
2434: fatal("Invalid start point.");
2435: break;
1.179 djm 2436: case 'V':
2437: parse_cert_times(optarg);
1.186 djm 2438: break;
2439: case 'z':
1.219 djm 2440: errno = 0;
2441: cert_serial = strtoull(optarg, &ep, 10);
2442: if (*optarg < '0' || *optarg > '9' || *ep != '\0' ||
2443: (errno == ERANGE && cert_serial == ULLONG_MAX))
2444: fatal("Invalid serial number \"%s\"", optarg);
1.179 djm 2445: break;
1.12 markus 2446: case '?':
2447: default:
2448: usage();
2449: }
2450: }
1.113 djm 2451:
2452: /* reinit */
1.156 deraadt 2453: log_init(argv[0], log_level, SYSLOG_FACILITY_USER, 1);
1.113 djm 2454:
1.179 djm 2455: argv += optind;
2456: argc -= optind;
2457:
2458: if (ca_key_path != NULL) {
1.223 djm 2459: if (argc < 1 && !gen_krl) {
1.179 djm 2460: printf("Too few arguments.\n");
2461: usage();
2462: }
1.223 djm 2463: } else if (argc > 0 && !gen_krl && !check_krl) {
1.12 markus 2464: printf("Too many arguments.\n");
1.87 djm 2465: usage();
2466: }
1.12 markus 2467: if (change_passphrase && change_comment) {
2468: printf("Can only have one of -p and -c.\n");
1.166 djm 2469: usage();
2470: }
2471: if (print_fingerprint && (delete_host || hash_hosts)) {
1.221 djm 2472: printf("Cannot use -l with -H or -R.\n");
1.12 markus 2473: usage();
1.223 djm 2474: }
1.246 markus 2475: #ifdef WITH_OPENSSL
1.223 djm 2476: if (gen_krl) {
2477: do_gen_krl(pw, update_krl, argc, argv);
2478: return (0);
2479: }
2480: if (check_krl) {
2481: do_check_krl(pw, argc, argv);
2482: return (0);
1.179 djm 2483: }
1.246 markus 2484: #endif
1.179 djm 2485: if (ca_key_path != NULL) {
2486: if (cert_key_id == NULL)
2487: fatal("Must specify key id (-I) when certifying");
2488: do_ca_sign(pw, argc, argv);
1.12 markus 2489: }
1.182 djm 2490: if (show_cert)
2491: do_show_cert(pw);
1.119 djm 2492: if (delete_host || hash_hosts || find_host)
2493: do_known_hosts(pw, rr_hostname);
1.221 djm 2494: if (pkcs11provider != NULL)
2495: do_download(pw);
1.49 markus 2496: if (print_fingerprint || print_bubblebabble)
1.12 markus 2497: do_fingerprint(pw);
2498: if (change_passphrase)
2499: do_change_passphrase(pw);
2500: if (change_comment)
2501: do_change_comment(pw);
1.246 markus 2502: #ifdef WITH_OPENSSL
1.193 djm 2503: if (convert_to)
2504: do_convert_to(pw);
2505: if (convert_from)
2506: do_convert_from(pw);
1.246 markus 2507: #endif
1.19 markus 2508: if (print_public)
2509: do_print_public(pw);
1.119 djm 2510: if (rr_hostname != NULL) {
1.138 jakob 2511: unsigned int n = 0;
2512:
2513: if (have_identity) {
2514: n = do_print_resource_record(pw,
2515: identity_file, rr_hostname);
2516: if (n == 0) {
2517: perror(identity_file);
2518: exit(1);
2519: }
2520: exit(0);
2521: } else {
2522:
2523: n += do_print_resource_record(pw,
2524: _PATH_HOST_RSA_KEY_FILE, rr_hostname);
2525: n += do_print_resource_record(pw,
2526: _PATH_HOST_DSA_KEY_FILE, rr_hostname);
1.214 djm 2527: n += do_print_resource_record(pw,
2528: _PATH_HOST_ECDSA_KEY_FILE, rr_hostname);
1.244 logan 2529: n += do_print_resource_record(pw,
2530: _PATH_HOST_ED25519_KEY_FILE, rr_hostname);
1.138 jakob 2531: if (n == 0)
2532: fatal("no keys found.");
2533: exit(0);
2534: }
1.105 jakob 2535: }
1.107 djm 2536:
2537: if (do_gen_candidates) {
2538: FILE *out = fopen(out_file, "w");
1.111 djm 2539:
1.107 djm 2540: if (out == NULL) {
2541: error("Couldn't open modulus candidate file \"%s\": %s",
2542: out_file, strerror(errno));
2543: return (1);
2544: }
1.130 markus 2545: if (bits == 0)
2546: bits = DEFAULT_BITS;
1.107 djm 2547: if (gen_candidates(out, memory, bits, start) != 0)
1.131 stevesk 2548: fatal("modulus candidate generation failed");
1.107 djm 2549:
2550: return (0);
2551: }
2552:
2553: if (do_screen_candidates) {
2554: FILE *in;
1.225 djm 2555: FILE *out = fopen(out_file, "a");
1.107 djm 2556:
2557: if (have_identity && strcmp(identity_file, "-") != 0) {
2558: if ((in = fopen(identity_file, "r")) == NULL) {
2559: fatal("Couldn't open modulus candidate "
1.111 djm 2560: "file \"%s\": %s", identity_file,
1.107 djm 2561: strerror(errno));
2562: }
2563: } else
2564: in = stdin;
2565:
2566: if (out == NULL) {
2567: fatal("Couldn't open moduli file \"%s\": %s",
2568: out_file, strerror(errno));
2569: }
1.237 markus 2570: if (prime_test(in, out, rounds == 0 ? 100 : rounds,
2571: generator_wanted, checkpoint,
1.215 dtucker 2572: start_lineno, lines_to_process) != 0)
1.131 stevesk 2573: fatal("modulus screening failed");
1.108 markus 2574: return (0);
1.75 markus 2575: }
1.12 markus 2576:
1.206 stevesk 2577: if (gen_all_hostkeys) {
2578: do_gen_all_hostkeys(pw);
2579: return (0);
2580: }
2581:
1.133 djm 2582: if (key_type_name == NULL)
2583: key_type_name = "rsa";
2584:
1.252 djm 2585: type = sshkey_type_from_name(key_type_name);
1.255 djm 2586: type_bits_valid(type, key_type_name, &bits);
1.206 stevesk 2587:
1.33 markus 2588: if (!quiet)
1.252 djm 2589: printf("Generating public/private %s key pair.\n",
2590: key_type_name);
2591: if ((r = sshkey_generate(type, bits, &private)) != 0) {
1.173 tobias 2592: fprintf(stderr, "key_generate failed\n");
1.33 markus 2593: exit(1);
2594: }
1.252 djm 2595: if ((r = sshkey_from_private(private, &public)) != 0) {
2596: fprintf(stderr, "key_from_private failed: %s\n", ssh_err(r));
2597: exit(1);
2598: }
1.12 markus 2599:
2600: if (!have_identity)
2601: ask_filename(pw, "Enter file in which to save the key");
2602:
1.132 djm 2603: /* Create ~/.ssh directory if it doesn't already exist. */
1.188 djm 2604: snprintf(dotsshdir, sizeof dotsshdir, "%s/%s",
2605: pw->pw_dir, _PATH_SSH_USER_DIR);
2606: if (strstr(identity_file, dotsshdir) != NULL) {
2607: if (stat(dotsshdir, &st) < 0) {
2608: if (errno != ENOENT) {
2609: error("Could not stat %s: %s", dotsshdir,
2610: strerror(errno));
2611: } else if (mkdir(dotsshdir, 0700) < 0) {
2612: error("Could not create directory '%s': %s",
2613: dotsshdir, strerror(errno));
2614: } else if (!quiet)
2615: printf("Created directory '%s'.\n", dotsshdir);
2616: }
1.12 markus 2617: }
2618: /* If the file already exists, ask the user to confirm. */
2619: if (stat(identity_file, &st) >= 0) {
2620: char yesno[3];
2621: printf("%s already exists.\n", identity_file);
2622: printf("Overwrite (y/n)? ");
2623: fflush(stdout);
2624: if (fgets(yesno, sizeof(yesno), stdin) == NULL)
2625: exit(1);
2626: if (yesno[0] != 'y' && yesno[0] != 'Y')
2627: exit(1);
2628: }
2629: /* Ask for a passphrase (twice). */
2630: if (identity_passphrase)
2631: passphrase1 = xstrdup(identity_passphrase);
2632: else if (identity_new_passphrase)
2633: passphrase1 = xstrdup(identity_new_passphrase);
2634: else {
2635: passphrase_again:
2636: passphrase1 =
1.65 markus 2637: read_passphrase("Enter passphrase (empty for no "
2638: "passphrase): ", RP_ALLOW_STDIN);
2639: passphrase2 = read_passphrase("Enter same passphrase again: ",
2640: RP_ALLOW_STDIN);
1.12 markus 2641: if (strcmp(passphrase1, passphrase2) != 0) {
1.65 markus 2642: /*
2643: * The passphrases do not match. Clear them and
2644: * retry.
2645: */
1.240 djm 2646: explicit_bzero(passphrase1, strlen(passphrase1));
2647: explicit_bzero(passphrase2, strlen(passphrase2));
1.227 djm 2648: free(passphrase1);
2649: free(passphrase2);
1.12 markus 2650: printf("Passphrases do not match. Try again.\n");
2651: goto passphrase_again;
2652: }
2653: /* Clear the other copy of the passphrase. */
1.240 djm 2654: explicit_bzero(passphrase2, strlen(passphrase2));
1.227 djm 2655: free(passphrase2);
1.12 markus 2656: }
2657:
2658: if (identity_comment) {
2659: strlcpy(comment, identity_comment, sizeof(comment));
2660: } else {
1.172 stevesk 2661: /* Create default comment field for the passphrase. */
1.12 markus 2662: snprintf(comment, sizeof comment, "%s@%s", pw->pw_name, hostname);
2663: }
2664:
2665: /* Save the key with the given passphrase and comment. */
1.252 djm 2666: if ((r = sshkey_save_private(private, identity_file, passphrase1,
2667: comment, use_new_format, new_format_cipher, rounds)) != 0) {
2668: printf("Saving key \"%s\" failed: %s\n",
2669: identity_file, ssh_err(r));
1.240 djm 2670: explicit_bzero(passphrase1, strlen(passphrase1));
1.227 djm 2671: free(passphrase1);
1.12 markus 2672: exit(1);
2673: }
2674: /* Clear the passphrase. */
1.240 djm 2675: explicit_bzero(passphrase1, strlen(passphrase1));
1.227 djm 2676: free(passphrase1);
1.12 markus 2677:
2678: /* Clear the private key and the random number generator. */
1.252 djm 2679: sshkey_free(private);
1.12 markus 2680:
2681: if (!quiet)
2682: printf("Your identification has been saved in %s.\n", identity_file);
2683:
2684: strlcat(identity_file, ".pub", sizeof(identity_file));
1.46 deraadt 2685: fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
2686: if (fd == -1) {
1.12 markus 2687: printf("Could not save your public key in %s\n", identity_file);
1.46 deraadt 2688: exit(1);
2689: }
2690: f = fdopen(fd, "w");
2691: if (f == NULL) {
1.173 tobias 2692: printf("fdopen %s failed\n", identity_file);
1.12 markus 2693: exit(1);
2694: }
1.252 djm 2695: if ((r = sshkey_write(public, f)) != 0)
2696: fprintf(stderr, "write key failed: %s\n", ssh_err(r));
1.19 markus 2697: fprintf(f, " %s\n", comment);
1.12 markus 2698: fclose(f);
2699:
2700: if (!quiet) {
1.259 djm 2701: fp = sshkey_fingerprint(public, fingerprint_hash,
1.251 djm 2702: SSH_FP_DEFAULT);
1.259 djm 2703: ra = sshkey_fingerprint(public, fingerprint_hash,
1.167 grunk 2704: SSH_FP_RANDOMART);
1.259 djm 2705: if (fp == NULL || ra == NULL)
2706: fatal("sshkey_fingerprint failed");
1.19 markus 2707: printf("Your public key has been saved in %s.\n",
2708: identity_file);
1.12 markus 2709: printf("The key fingerprint is:\n");
1.50 markus 2710: printf("%s %s\n", fp, comment);
1.167 grunk 2711: printf("The key's randomart image is:\n");
2712: printf("%s\n", ra);
1.227 djm 2713: free(ra);
2714: free(fp);
1.12 markus 2715: }
1.19 markus 2716:
1.252 djm 2717: sshkey_free(public);
1.12 markus 2718: exit(0);
1.1 deraadt 2719: }