version 1.17, 2020/08/31 00:17:41 |
version 1.18, 2020/10/18 11:32:02 |
|
|
*out = NULL; |
*out = NULL; |
|
|
if ((buf = sshbuf_new()) == NULL) { |
if ((buf = sshbuf_new()) == NULL) { |
error("%s: sshbuf_new failed", __func__); |
error_f("sshbuf_new failed"); |
r = SSH_ERR_ALLOC_FAIL; |
r = SSH_ERR_ALLOC_FAIL; |
goto out; |
goto out; |
} |
} |
|
|
if ((r = sshbuf_put(buf, BEGIN_SIGNATURE, |
if ((r = sshbuf_put(buf, BEGIN_SIGNATURE, |
sizeof(BEGIN_SIGNATURE)-1)) != 0) { |
sizeof(BEGIN_SIGNATURE)-1)) != 0) { |
error("%s: sshbuf_putf failed: %s", __func__, ssh_err(r)); |
error_fr(r, "sshbuf_putf"); |
goto out; |
goto out; |
} |
} |
|
|
if ((r = sshbuf_dtob64(blob, buf, 1)) != 0) { |
if ((r = sshbuf_dtob64(blob, buf, 1)) != 0) { |
error("%s: Couldn't base64 encode signature blob: %s", |
error_fr(r, "base64 encode signature"); |
__func__, ssh_err(r)); |
|
goto out; |
goto out; |
} |
} |
|
|
if ((r = sshbuf_put(buf, END_SIGNATURE, |
if ((r = sshbuf_put(buf, END_SIGNATURE, |
sizeof(END_SIGNATURE)-1)) != 0 || |
sizeof(END_SIGNATURE)-1)) != 0 || |
(r = sshbuf_put_u8(buf, '\n')) != 0) { |
(r = sshbuf_put_u8(buf, '\n')) != 0) { |
error("%s: sshbuf_put failed: %s", __func__, ssh_err(r)); |
error_fr(r, "sshbuf_put"); |
goto out; |
goto out; |
} |
} |
/* success */ |
/* success */ |
|
|
char *b64 = NULL; |
char *b64 = NULL; |
|
|
if ((sbuf = sshbuf_fromb(sig)) == NULL) { |
if ((sbuf = sshbuf_fromb(sig)) == NULL) { |
error("%s: sshbuf_fromb failed", __func__); |
error_f("sshbuf_fromb failed"); |
return SSH_ERR_ALLOC_FAIL; |
return SSH_ERR_ALLOC_FAIL; |
} |
} |
|
|
|
|
} |
} |
|
|
if ((r = sshbuf_consume(sbuf, sizeof(BEGIN_SIGNATURE)-1)) != 0) { |
if ((r = sshbuf_consume(sbuf, sizeof(BEGIN_SIGNATURE)-1)) != 0) { |
error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r)); |
error_fr(r, "consume"); |
goto done; |
goto done; |
} |
} |
|
|
|
|
} |
} |
|
|
if ((r = sshbuf_consume_end(sbuf, sshbuf_len(sbuf)-eoffset)) != 0) { |
if ((r = sshbuf_consume_end(sbuf, sshbuf_len(sbuf)-eoffset)) != 0) { |
error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r)); |
error_fr(r, "consume"); |
goto done; |
goto done; |
} |
} |
|
|
if ((b64 = sshbuf_dup_string(sbuf)) == NULL) { |
if ((b64 = sshbuf_dup_string(sbuf)) == NULL) { |
error("%s: sshbuf_dup_string failed", __func__); |
error_f("sshbuf_dup_string failed"); |
r = SSH_ERR_ALLOC_FAIL; |
r = SSH_ERR_ALLOC_FAIL; |
goto done; |
goto done; |
} |
} |
|
|
if ((buf = sshbuf_new()) == NULL) { |
if ((buf = sshbuf_new()) == NULL) { |
error("%s: sshbuf_new() failed", __func__); |
error_f("sshbuf_new() failed"); |
r = SSH_ERR_ALLOC_FAIL; |
r = SSH_ERR_ALLOC_FAIL; |
goto done; |
goto done; |
} |
} |
|
|
if ((r = sshbuf_b64tod(buf, b64)) != 0) { |
if ((r = sshbuf_b64tod(buf, b64)) != 0) { |
error("Couldn't decode signature: %s", ssh_err(r)); |
error_fr(r, "decode base64"); |
goto done; |
goto done; |
} |
} |
|
|
|
|
|
|
if ((tosign = sshbuf_new()) == NULL || |
if ((tosign = sshbuf_new()) == NULL || |
(blob = sshbuf_new()) == NULL) { |
(blob = sshbuf_new()) == NULL) { |
error("%s: sshbuf_new failed", __func__); |
error_f("sshbuf_new failed"); |
r = SSH_ERR_ALLOC_FAIL; |
r = SSH_ERR_ALLOC_FAIL; |
goto done; |
goto done; |
} |
} |
|
|
(r = sshbuf_put_string(tosign, NULL, 0)) != 0 || /* reserved */ |
(r = sshbuf_put_string(tosign, NULL, 0)) != 0 || /* reserved */ |
(r = sshbuf_put_cstring(tosign, hashalg)) != 0 || |
(r = sshbuf_put_cstring(tosign, hashalg)) != 0 || |
(r = sshbuf_put_stringb(tosign, h_message)) != 0) { |
(r = sshbuf_put_stringb(tosign, h_message)) != 0) { |
error("Couldn't construct message to sign: %s", ssh_err(r)); |
error_fr(r, "assemble message to sign"); |
goto done; |
goto done; |
} |
} |
|
|
|
|
if ((r = signer(key, &sig, &slen, |
if ((r = signer(key, &sig, &slen, |
sshbuf_ptr(tosign), sshbuf_len(tosign), |
sshbuf_ptr(tosign), sshbuf_len(tosign), |
sign_alg, sk_provider, sk_pin, 0, signer_ctx)) != 0) { |
sign_alg, sk_provider, sk_pin, 0, signer_ctx)) != 0) { |
error("Couldn't sign message: %s", ssh_err(r)); |
error_r(r, "Couldn't sign message (signer)"); |
goto done; |
goto done; |
} |
} |
} else { |
} else { |
if ((r = sshkey_sign(key, &sig, &slen, |
if ((r = sshkey_sign(key, &sig, &slen, |
sshbuf_ptr(tosign), sshbuf_len(tosign), |
sshbuf_ptr(tosign), sshbuf_len(tosign), |
sign_alg, sk_provider, sk_pin, 0)) != 0) { |
sign_alg, sk_provider, sk_pin, 0)) != 0) { |
error("Couldn't sign message: %s", ssh_err(r)); |
error_r(r, "Couldn't sign message"); |
goto done; |
goto done; |
} |
} |
} |
} |
|
|
(r = sshbuf_put_string(blob, NULL, 0)) != 0 || /* reserved */ |
(r = sshbuf_put_string(blob, NULL, 0)) != 0 || /* reserved */ |
(r = sshbuf_put_cstring(blob, hashalg)) != 0 || |
(r = sshbuf_put_cstring(blob, hashalg)) != 0 || |
(r = sshbuf_put_string(blob, sig, slen)) != 0) { |
(r = sshbuf_put_string(blob, sig, slen)) != 0) { |
error("Couldn't populate blob: %s", ssh_err(r)); |
error_fr(r, "assemble signature object"); |
goto done; |
goto done; |
} |
} |
|
|
|
|
if (hashalg == NULL || |
if (hashalg == NULL || |
match_pattern_list(hashalg, HASHALG_ALLOWED, 0) == 1) |
match_pattern_list(hashalg, HASHALG_ALLOWED, 0) == 1) |
return 0; |
return 0; |
error("%s: unsupported hash algorithm \"%.100s\"", __func__, hashalg); |
error_f("unsupported hash algorithm \"%.100s\"", hashalg); |
return SSH_ERR_SIGN_ALG_UNSUPPORTED; |
return SSH_ERR_SIGN_ALG_UNSUPPORTED; |
} |
} |
|
|
|
|
(r = sshbuf_get_string(buf, NULL, NULL)) != 0 || |
(r = sshbuf_get_string(buf, NULL, NULL)) != 0 || |
(r = sshbuf_get_cstring(buf, &hashalg, NULL)) != 0 || |
(r = sshbuf_get_cstring(buf, &hashalg, NULL)) != 0 || |
(r = sshbuf_get_string_direct(buf, NULL, NULL)) != 0) { |
(r = sshbuf_get_string_direct(buf, NULL, NULL)) != 0) { |
error("Couldn't parse signature blob: %s", ssh_err(r)); |
error_fr(r, "parse signature object"); |
goto done; |
goto done; |
} |
} |
|
|
|
|
char *got_namespace = NULL, *sigtype = NULL, *sig_hashalg = NULL; |
char *got_namespace = NULL, *sigtype = NULL, *sig_hashalg = NULL; |
size_t siglen; |
size_t siglen; |
|
|
debug("%s: verify message length %zu", __func__, sshbuf_len(h_message)); |
debug_f("verify message length %zu", sshbuf_len(h_message)); |
if (sig_details != NULL) |
if (sig_details != NULL) |
*sig_details = NULL; |
*sig_details = NULL; |
if (sign_keyp != NULL) |
if (sign_keyp != NULL) |
*sign_keyp = NULL; |
*sign_keyp = NULL; |
|
|
if ((toverify = sshbuf_new()) == NULL) { |
if ((toverify = sshbuf_new()) == NULL) { |
error("%s: sshbuf_new failed", __func__); |
error_f("sshbuf_new failed"); |
r = SSH_ERR_ALLOC_FAIL; |
r = SSH_ERR_ALLOC_FAIL; |
goto done; |
goto done; |
} |
} |
|
|
(r = sshbuf_put_string(toverify, NULL, 0)) != 0 || /* reserved */ |
(r = sshbuf_put_string(toverify, NULL, 0)) != 0 || /* reserved */ |
(r = sshbuf_put_cstring(toverify, hashalg)) != 0 || |
(r = sshbuf_put_cstring(toverify, hashalg)) != 0 || |
(r = sshbuf_put_stringb(toverify, h_message)) != 0) { |
(r = sshbuf_put_stringb(toverify, h_message)) != 0) { |
error("Couldn't construct message to verify: %s", ssh_err(r)); |
error_fr(r, "assemble message to verify"); |
goto done; |
goto done; |
} |
} |
|
|
|
|
(r = sshbuf_get_string(signature, NULL, NULL)) != 0 || |
(r = sshbuf_get_string(signature, NULL, NULL)) != 0 || |
(r = sshbuf_get_cstring(signature, &sig_hashalg, NULL)) != 0 || |
(r = sshbuf_get_cstring(signature, &sig_hashalg, NULL)) != 0 || |
(r = sshbuf_get_string_direct(signature, &sig, &siglen)) != 0) { |
(r = sshbuf_get_string_direct(signature, &sig, &siglen)) != 0) { |
error("Couldn't parse signature blob: %s", ssh_err(r)); |
error_fr(r, "parse signature object"); |
goto done; |
goto done; |
} |
} |
|
|
|
|
|
|
if (strcmp(expect_namespace, got_namespace) != 0) { |
if (strcmp(expect_namespace, got_namespace) != 0) { |
error("Couldn't verify signature: namespace does not match"); |
error("Couldn't verify signature: namespace does not match"); |
debug("%s: expected namespace \"%s\" received \"%s\"", |
debug_f("expected namespace \"%s\" received \"%s\"", |
__func__, expect_namespace, got_namespace); |
expect_namespace, got_namespace); |
r = SSH_ERR_SIGNATURE_INVALID; |
r = SSH_ERR_SIGNATURE_INVALID; |
goto done; |
goto done; |
} |
} |
if (strcmp(hashalg, sig_hashalg) != 0) { |
if (strcmp(hashalg, sig_hashalg) != 0) { |
error("Couldn't verify signature: hash algorithm mismatch"); |
error("Couldn't verify signature: hash algorithm mismatch"); |
debug("%s: expected algorithm \"%s\" received \"%s\"", |
debug_f("expected algorithm \"%s\" received \"%s\"", |
__func__, hashalg, sig_hashalg); |
hashalg, sig_hashalg); |
r = SSH_ERR_SIGNATURE_INVALID; |
r = SSH_ERR_SIGNATURE_INVALID; |
goto done; |
goto done; |
} |
} |
/* Ensure that RSA keys use an acceptable signature algorithm */ |
/* Ensure that RSA keys use an acceptable signature algorithm */ |
if (sshkey_type_plain(key->type) == KEY_RSA) { |
if (sshkey_type_plain(key->type) == KEY_RSA) { |
if ((r = sshkey_get_sigtype(sig, siglen, &sigtype)) != 0) { |
if ((r = sshkey_get_sigtype(sig, siglen, &sigtype)) != 0) { |
error("Couldn't verify signature: unable to get " |
error_r(r, "Couldn't verify signature: unable to get " |
"signature type: %s", ssh_err(r)); |
"signature type"); |
goto done; |
goto done; |
} |
} |
if (match_pattern_list(sigtype, RSA_SIGN_ALLOWED, 0) != 1) { |
if (match_pattern_list(sigtype, RSA_SIGN_ALLOWED, 0) != 1) { |
|
|
} |
} |
if ((r = sshkey_verify(key, sig, siglen, sshbuf_ptr(toverify), |
if ((r = sshkey_verify(key, sig, siglen, sshbuf_ptr(toverify), |
sshbuf_len(toverify), NULL, 0, sig_details)) != 0) { |
sshbuf_len(toverify), NULL, 0, sig_details)) != 0) { |
error("Signature verification failed: %s", ssh_err(r)); |
error_r(r, "Signature verification failed"); |
goto done; |
goto done; |
} |
} |
|
|
|
|
if ((r = sshsig_check_hashalg(hashalg)) != 0) |
if ((r = sshsig_check_hashalg(hashalg)) != 0) |
return r; |
return r; |
if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) { |
if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) { |
error("%s: can't look up hash algorithm %s", |
error_f("can't look up hash algorithm %s", hashalg); |
__func__, hashalg); |
|
return SSH_ERR_INTERNAL_ERROR; |
return SSH_ERR_INTERNAL_ERROR; |
} |
} |
if ((r = ssh_digest_buffer(alg, m, hash, sizeof(hash))) != 0) { |
if ((r = ssh_digest_buffer(alg, m, hash, sizeof(hash))) != 0) { |
error("%s: ssh_digest_buffer failed: %s", __func__, ssh_err(r)); |
error_fr(r, "ssh_digest_buffer"); |
return r; |
return r; |
} |
} |
if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) { |
if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) { |
debug3("%s: final hash: %s", __func__, hex); |
debug3_f("final hash: %s", hex); |
freezero(hex, strlen(hex)); |
freezero(hex, strlen(hex)); |
} |
} |
if ((b = sshbuf_new()) == NULL) { |
if ((b = sshbuf_new()) == NULL) { |
|
|
goto out; |
goto out; |
} |
} |
if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) { |
if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) { |
error("%s: sshbuf_put: %s", __func__, ssh_err(r)); |
error_fr(r, "sshbuf_put"); |
goto out; |
goto out; |
} |
} |
*bp = b; |
*bp = b; |
|
|
if (out != NULL) |
if (out != NULL) |
*out = NULL; |
*out = NULL; |
if ((r = hash_buffer(message, hashalg, &b)) != 0) { |
if ((r = hash_buffer(message, hashalg, &b)) != 0) { |
error("%s: hash_buffer failed: %s", __func__, ssh_err(r)); |
error_fr(r, "hash buffer"); |
goto out; |
goto out; |
} |
} |
if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, sk_pin, b, |
if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, sk_pin, b, |
|
|
*sign_keyp = NULL; |
*sign_keyp = NULL; |
if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0) |
if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0) |
return r; |
return r; |
debug("%s: signature made with hash \"%s\"", __func__, hashalg); |
debug_f("signature made with hash \"%s\"", hashalg); |
if ((r = hash_buffer(message, hashalg, &b)) != 0) { |
if ((r = hash_buffer(message, hashalg, &b)) != 0) { |
error("%s: hash_buffer failed: %s", __func__, ssh_err(r)); |
error_fr(r, "hash buffer"); |
goto out; |
goto out; |
} |
} |
if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace, |
if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace, |
|
|
if ((r = sshsig_check_hashalg(hashalg)) != 0) |
if ((r = sshsig_check_hashalg(hashalg)) != 0) |
return r; |
return r; |
if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) { |
if ((alg = ssh_digest_alg_by_name(hashalg)) == -1) { |
error("%s: can't look up hash algorithm %s", |
error_f("can't look up hash algorithm %s", hashalg); |
__func__, hashalg); |
|
return SSH_ERR_INTERNAL_ERROR; |
return SSH_ERR_INTERNAL_ERROR; |
} |
} |
if ((ctx = ssh_digest_start(alg)) == NULL) { |
if ((ctx = ssh_digest_start(alg)) == NULL) { |
error("%s: ssh_digest_start failed", __func__); |
error_f("ssh_digest_start failed"); |
return SSH_ERR_INTERNAL_ERROR; |
return SSH_ERR_INTERNAL_ERROR; |
} |
} |
for (;;) { |
for (;;) { |
|
|
if (errno == EINTR || errno == EAGAIN) |
if (errno == EINTR || errno == EAGAIN) |
continue; |
continue; |
oerrno = errno; |
oerrno = errno; |
error("%s: read: %s", __func__, strerror(errno)); |
error_f("read: %s", strerror(errno)); |
ssh_digest_free(ctx); |
ssh_digest_free(ctx); |
errno = oerrno; |
errno = oerrno; |
r = SSH_ERR_SYSTEM_ERROR; |
r = SSH_ERR_SYSTEM_ERROR; |
goto out; |
goto out; |
} else if (n == 0) { |
} else if (n == 0) { |
debug2("%s: hashed %zu bytes", __func__, total); |
debug2_f("hashed %zu bytes", total); |
break; /* EOF */ |
break; /* EOF */ |
} |
} |
total += (size_t)n; |
total += (size_t)n; |
if ((r = ssh_digest_update(ctx, rbuf, (size_t)n)) != 0) { |
if ((r = ssh_digest_update(ctx, rbuf, (size_t)n)) != 0) { |
error("%s: ssh_digest_update: %s", |
error_fr(r, "ssh_digest_update"); |
__func__, ssh_err(r)); |
|
goto out; |
goto out; |
} |
} |
} |
} |
if ((r = ssh_digest_final(ctx, hash, sizeof(hash))) != 0) { |
if ((r = ssh_digest_final(ctx, hash, sizeof(hash))) != 0) { |
error("%s: ssh_digest_final: %s", __func__, ssh_err(r)); |
error_fr(r, "ssh_digest_final"); |
goto out; |
goto out; |
} |
} |
if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) { |
if ((hex = tohex(hash, ssh_digest_bytes(alg))) != NULL) { |
debug3("%s: final hash: %s", __func__, hex); |
debug3_f("final hash: %s", hex); |
freezero(hex, strlen(hex)); |
freezero(hex, strlen(hex)); |
} |
} |
if ((b = sshbuf_new()) == NULL) { |
if ((b = sshbuf_new()) == NULL) { |
|
|
goto out; |
goto out; |
} |
} |
if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) { |
if ((r = sshbuf_put(b, hash, ssh_digest_bytes(alg))) != 0) { |
error("%s: sshbuf_put: %s", __func__, ssh_err(r)); |
error_fr(r, "sshbuf_put"); |
goto out; |
goto out; |
} |
} |
*bp = b; |
*bp = b; |
|
|
if (out != NULL) |
if (out != NULL) |
*out = NULL; |
*out = NULL; |
if ((r = hash_file(fd, hashalg, &b)) != 0) { |
if ((r = hash_file(fd, hashalg, &b)) != 0) { |
error("%s: hash_file failed: %s", __func__, ssh_err(r)); |
error_fr(r, "hash_file"); |
return r; |
return r; |
} |
} |
if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, sk_pin, b, |
if ((r = sshsig_wrap_sign(key, hashalg, sk_provider, sk_pin, b, |
|
|
*sign_keyp = NULL; |
*sign_keyp = NULL; |
if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0) |
if ((r = sshsig_peek_hashalg(signature, &hashalg)) != 0) |
return r; |
return r; |
debug("%s: signature made with hash \"%s\"", __func__, hashalg); |
debug_f("signature made with hash \"%s\"", hashalg); |
if ((r = hash_file(fd, hashalg, &b)) != 0) { |
if ((r = hash_file(fd, hashalg, &b)) != 0) { |
error("%s: hash_file failed: %s", __func__, ssh_err(r)); |
error_fr(r, "hash_file"); |
goto out; |
goto out; |
} |
} |
if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace, |
if ((r = sshsig_wrap_verify(signature, hashalg, b, expect_namespace, |
|
|
goto out; |
goto out; |
} |
} |
if ((principals = strdup(tmp)) == NULL) { |
if ((principals = strdup(tmp)) == NULL) { |
error("%s: strdup failed", __func__); |
error_f("strdup failed"); |
r = SSH_ERR_ALLOC_FAIL; |
r = SSH_ERR_ALLOC_FAIL; |
goto out; |
goto out; |
} |
} |
|
|
r = SSH_ERR_KEY_NOT_FOUND; |
r = SSH_ERR_KEY_NOT_FOUND; |
goto out; |
goto out; |
} |
} |
debug("%s: %s:%lu: matched principal \"%s\"", |
debug_f("%s:%lu: matched principal \"%s\"", |
__func__, path, linenum, required_principal); |
path, linenum, required_principal); |
} |
} |
|
|
if ((key = sshkey_new(KEY_UNSPEC)) == NULL) { |
if ((key = sshkey_new(KEY_UNSPEC)) == NULL) { |
error("%s: sshkey_new failed", __func__); |
error_f("sshkey_new failed"); |
r = SSH_ERR_ALLOC_FAIL; |
r = SSH_ERR_ALLOC_FAIL; |
goto out; |
goto out; |
} |
} |
|
|
} |
} |
if ((r = sshbuf_putf(nprincipals, "%s%s", |
if ((r = sshbuf_putf(nprincipals, "%s%s", |
sshbuf_len(nprincipals) != 0 ? "," : "", cp)) != 0) { |
sshbuf_len(nprincipals) != 0 ? "," : "", cp)) != 0) { |
error("%s: buffer error", __func__); |
error_f("buffer error"); |
goto out; |
goto out; |
} |
} |
} |
} |
|
|
goto out; |
goto out; |
} |
} |
if ((principals = sshbuf_dup_string(nprincipals)) == NULL) { |
if ((principals = sshbuf_dup_string(nprincipals)) == NULL) { |
error("%s: buffer error", __func__); |
error_f("buffer error"); |
goto out; |
goto out; |
} |
} |
/* success */ |
/* success */ |
|
|
if ((r = cert_filter_principals(path, linenum, |
if ((r = cert_filter_principals(path, linenum, |
&principals, sign_key)) != 0) { |
&principals, sign_key)) != 0) { |
/* error already displayed */ |
/* error already displayed */ |
debug("%s:%lu: cert_filter_principals: %s", |
debug_r(r, "%s:%lu: cert_filter_principals", |
path, linenum, ssh_err(r)); |
path, linenum); |
goto done; |
goto done; |
} |
} |
debug("%s:%lu: matched certificate CA key", path, linenum); |
debug("%s:%lu: matched certificate CA key", path, linenum); |