1296781Sdes/* $OpenBSD: ssh-pkcs11-helper.c,v 1.12 2016/02/15 09:47:49 dtucker Exp $ */
2204861Sdes/*
3204861Sdes * Copyright (c) 2010 Markus Friedl.  All rights reserved.
4204861Sdes *
5204861Sdes * Permission to use, copy, modify, and distribute this software for any
6204861Sdes * purpose with or without fee is hereby granted, provided that the above
7204861Sdes * copyright notice and this permission notice appear in all copies.
8204861Sdes *
9204861Sdes * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10204861Sdes * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11204861Sdes * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12204861Sdes * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13204861Sdes * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14204861Sdes * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15204861Sdes * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16204861Sdes */
17204861Sdes
18204861Sdes#include "includes.h"
19204861Sdes
20204861Sdes#include <sys/types.h>
21204861Sdes#ifdef HAVE_SYS_TIME_H
22204861Sdes# include <sys/time.h>
23204861Sdes#endif
24204861Sdes
25204861Sdes#include "openbsd-compat/sys-queue.h"
26204861Sdes
27204861Sdes#include <stdarg.h>
28204861Sdes#include <string.h>
29204861Sdes#include <unistd.h>
30204861Sdes#include <errno.h>
31204861Sdes
32204861Sdes#include "xmalloc.h"
33204861Sdes#include "buffer.h"
34204861Sdes#include "log.h"
35204861Sdes#include "misc.h"
36204861Sdes#include "key.h"
37204861Sdes#include "authfd.h"
38204861Sdes#include "ssh-pkcs11.h"
39204861Sdes
40207319Sdes#ifdef ENABLE_PKCS11
41207319Sdes
42204861Sdes/* borrows code from sftp-server and ssh-agent */
43204861Sdes
44204861Sdesstruct pkcs11_keyinfo {
45204861Sdes	Key		*key;
46204861Sdes	char		*providername;
47204861Sdes	TAILQ_ENTRY(pkcs11_keyinfo) next;
48204861Sdes};
49204861Sdes
50204861SdesTAILQ_HEAD(, pkcs11_keyinfo) pkcs11_keylist;
51204861Sdes
52204861Sdes#define MAX_MSG_LENGTH		10240 /*XXX*/
53204861Sdes
54204861Sdes/* helper */
55204861Sdes#define get_int()			buffer_get_int(&iqueue);
56204861Sdes#define get_string(lenp)		buffer_get_string(&iqueue, lenp);
57204861Sdes
58204861Sdes/* input and output queue */
59204861SdesBuffer iqueue;
60204861SdesBuffer oqueue;
61204861Sdes
62204861Sdesstatic void
63204861Sdesadd_key(Key *k, char *name)
64204861Sdes{
65204861Sdes	struct pkcs11_keyinfo *ki;
66204861Sdes
67204861Sdes	ki = xcalloc(1, sizeof(*ki));
68204861Sdes	ki->providername = xstrdup(name);
69204861Sdes	ki->key = k;
70204861Sdes	TAILQ_INSERT_TAIL(&pkcs11_keylist, ki, next);
71204861Sdes}
72204861Sdes
73204861Sdesstatic void
74204861Sdesdel_keys_by_name(char *name)
75204861Sdes{
76204861Sdes	struct pkcs11_keyinfo *ki, *nxt;
77204861Sdes
78204861Sdes	for (ki = TAILQ_FIRST(&pkcs11_keylist); ki; ki = nxt) {
79204861Sdes		nxt = TAILQ_NEXT(ki, next);
80204861Sdes		if (!strcmp(ki->providername, name)) {
81204861Sdes			TAILQ_REMOVE(&pkcs11_keylist, ki, next);
82255767Sdes			free(ki->providername);
83204861Sdes			key_free(ki->key);
84204861Sdes			free(ki);
85204861Sdes		}
86204861Sdes	}
87204861Sdes}
88204861Sdes
89204861Sdes/* lookup matching 'private' key */
90204861Sdesstatic Key *
91204861Sdeslookup_key(Key *k)
92204861Sdes{
93204861Sdes	struct pkcs11_keyinfo *ki;
94204861Sdes
95204861Sdes	TAILQ_FOREACH(ki, &pkcs11_keylist, next) {
96204861Sdes		debug("check %p %s", ki, ki->providername);
97204861Sdes		if (key_equal(k, ki->key))
98204861Sdes			return (ki->key);
99204861Sdes	}
100204861Sdes	return (NULL);
101204861Sdes}
102204861Sdes
103204861Sdesstatic void
104204861Sdessend_msg(Buffer *m)
105204861Sdes{
106204861Sdes	int mlen = buffer_len(m);
107204861Sdes
108204861Sdes	buffer_put_int(&oqueue, mlen);
109204861Sdes	buffer_append(&oqueue, buffer_ptr(m), mlen);
110204861Sdes	buffer_consume(m, mlen);
111204861Sdes}
112204861Sdes
113204861Sdesstatic void
114204861Sdesprocess_add(void)
115204861Sdes{
116204861Sdes	char *name, *pin;
117204861Sdes	Key **keys;
118204861Sdes	int i, nkeys;
119204861Sdes	u_char *blob;
120204861Sdes	u_int blen;
121204861Sdes	Buffer msg;
122204861Sdes
123204861Sdes	buffer_init(&msg);
124204861Sdes	name = get_string(NULL);
125204861Sdes	pin = get_string(NULL);
126204861Sdes	if ((nkeys = pkcs11_add_provider(name, pin, &keys)) > 0) {
127204861Sdes		buffer_put_char(&msg, SSH2_AGENT_IDENTITIES_ANSWER);
128204861Sdes		buffer_put_int(&msg, nkeys);
129204861Sdes		for (i = 0; i < nkeys; i++) {
130262566Sdes			if (key_to_blob(keys[i], &blob, &blen) == 0)
131262566Sdes				continue;
132204861Sdes			buffer_put_string(&msg, blob, blen);
133204861Sdes			buffer_put_cstring(&msg, name);
134255767Sdes			free(blob);
135204861Sdes			add_key(keys[i], name);
136204861Sdes		}
137255767Sdes		free(keys);
138204861Sdes	} else {
139204861Sdes		buffer_put_char(&msg, SSH_AGENT_FAILURE);
140204861Sdes	}
141255767Sdes	free(pin);
142255767Sdes	free(name);
143204861Sdes	send_msg(&msg);
144204861Sdes	buffer_free(&msg);
145204861Sdes}
146204861Sdes
147204861Sdesstatic void
148204861Sdesprocess_del(void)
149204861Sdes{
150204861Sdes	char *name, *pin;
151204861Sdes	Buffer msg;
152204861Sdes
153204861Sdes	buffer_init(&msg);
154204861Sdes	name = get_string(NULL);
155204861Sdes	pin = get_string(NULL);
156204861Sdes	del_keys_by_name(name);
157204861Sdes	if (pkcs11_del_provider(name) == 0)
158204861Sdes		 buffer_put_char(&msg, SSH_AGENT_SUCCESS);
159204861Sdes	else
160204861Sdes		 buffer_put_char(&msg, SSH_AGENT_FAILURE);
161255767Sdes	free(pin);
162255767Sdes	free(name);
163204861Sdes	send_msg(&msg);
164204861Sdes	buffer_free(&msg);
165204861Sdes}
166204861Sdes
167204861Sdesstatic void
168204861Sdesprocess_sign(void)
169204861Sdes{
170204861Sdes	u_char *blob, *data, *signature = NULL;
171204861Sdes	u_int blen, dlen, slen = 0;
172295367Sdes	int ok = -1;
173204861Sdes	Key *key, *found;
174204861Sdes	Buffer msg;
175204861Sdes
176204861Sdes	blob = get_string(&blen);
177204861Sdes	data = get_string(&dlen);
178240075Sdes	(void)get_int(); /* XXX ignore flags */
179204861Sdes
180204861Sdes	if ((key = key_from_blob(blob, blen)) != NULL) {
181204861Sdes		if ((found = lookup_key(key)) != NULL) {
182295367Sdes#ifdef WITH_OPENSSL
183295367Sdes			int ret;
184295367Sdes
185204861Sdes			slen = RSA_size(key->rsa);
186204861Sdes			signature = xmalloc(slen);
187204861Sdes			if ((ret = RSA_private_encrypt(dlen, data, signature,
188204861Sdes			    found->rsa, RSA_PKCS1_PADDING)) != -1) {
189204861Sdes				slen = ret;
190204861Sdes				ok = 0;
191204861Sdes			}
192295367Sdes#endif /* WITH_OPENSSL */
193204861Sdes		}
194204861Sdes		key_free(key);
195204861Sdes	}
196204861Sdes	buffer_init(&msg);
197204861Sdes	if (ok == 0) {
198204861Sdes		buffer_put_char(&msg, SSH2_AGENT_SIGN_RESPONSE);
199204861Sdes		buffer_put_string(&msg, signature, slen);
200204861Sdes	} else {
201204861Sdes		buffer_put_char(&msg, SSH_AGENT_FAILURE);
202204861Sdes	}
203255767Sdes	free(data);
204255767Sdes	free(blob);
205255767Sdes	free(signature);
206204861Sdes	send_msg(&msg);
207204861Sdes	buffer_free(&msg);
208204861Sdes}
209204861Sdes
210204861Sdesstatic void
211204861Sdesprocess(void)
212204861Sdes{
213204861Sdes	u_int msg_len;
214204861Sdes	u_int buf_len;
215204861Sdes	u_int consumed;
216204861Sdes	u_int type;
217204861Sdes	u_char *cp;
218204861Sdes
219204861Sdes	buf_len = buffer_len(&iqueue);
220204861Sdes	if (buf_len < 5)
221204861Sdes		return;		/* Incomplete message. */
222204861Sdes	cp = buffer_ptr(&iqueue);
223204861Sdes	msg_len = get_u32(cp);
224204861Sdes	if (msg_len > MAX_MSG_LENGTH) {
225204861Sdes		error("bad message len %d", msg_len);
226204861Sdes		cleanup_exit(11);
227204861Sdes	}
228204861Sdes	if (buf_len < msg_len + 4)
229204861Sdes		return;
230204861Sdes	buffer_consume(&iqueue, 4);
231204861Sdes	buf_len -= 4;
232204861Sdes	type = buffer_get_char(&iqueue);
233204861Sdes	switch (type) {
234204861Sdes	case SSH_AGENTC_ADD_SMARTCARD_KEY:
235204861Sdes		debug("process_add");
236204861Sdes		process_add();
237204861Sdes		break;
238204861Sdes	case SSH_AGENTC_REMOVE_SMARTCARD_KEY:
239204861Sdes		debug("process_del");
240204861Sdes		process_del();
241204861Sdes		break;
242204861Sdes	case SSH2_AGENTC_SIGN_REQUEST:
243204861Sdes		debug("process_sign");
244204861Sdes		process_sign();
245204861Sdes		break;
246204861Sdes	default:
247204861Sdes		error("Unknown message %d", type);
248204861Sdes		break;
249204861Sdes	}
250204861Sdes	/* discard the remaining bytes from the current packet */
251204861Sdes	if (buf_len < buffer_len(&iqueue)) {
252204861Sdes		error("iqueue grew unexpectedly");
253204861Sdes		cleanup_exit(255);
254204861Sdes	}
255204861Sdes	consumed = buf_len - buffer_len(&iqueue);
256204861Sdes	if (msg_len < consumed) {
257204861Sdes		error("msg_len %d < consumed %d", msg_len, consumed);
258204861Sdes		cleanup_exit(255);
259204861Sdes	}
260204861Sdes	if (msg_len > consumed)
261204861Sdes		buffer_consume(&iqueue, msg_len - consumed);
262204861Sdes}
263204861Sdes
264204861Sdesvoid
265204861Sdescleanup_exit(int i)
266204861Sdes{
267204861Sdes	/* XXX */
268204861Sdes	_exit(i);
269204861Sdes}
270204861Sdes
271204861Sdesint
272204861Sdesmain(int argc, char **argv)
273204861Sdes{
274204861Sdes	fd_set *rset, *wset;
275204861Sdes	int in, out, max, log_stderr = 0;
276204861Sdes	ssize_t len, olen, set_size;
277204861Sdes	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
278204861Sdes	LogLevel log_level = SYSLOG_LEVEL_ERROR;
279204861Sdes	char buf[4*4096];
280204861Sdes
281204861Sdes	extern char *__progname;
282204861Sdes
283296781Sdes	ssh_malloc_init();	/* must be called before any mallocs */
284204861Sdes	TAILQ_INIT(&pkcs11_keylist);
285204861Sdes	pkcs11_init(0);
286204861Sdes
287204861Sdes	seed_rng();
288204861Sdes	__progname = ssh_get_progname(argv[0]);
289204861Sdes
290204861Sdes	log_init(__progname, log_level, log_facility, log_stderr);
291204861Sdes
292204861Sdes	in = STDIN_FILENO;
293204861Sdes	out = STDOUT_FILENO;
294204861Sdes
295204861Sdes	max = 0;
296204861Sdes	if (in > max)
297204861Sdes		max = in;
298204861Sdes	if (out > max)
299204861Sdes		max = out;
300204861Sdes
301204861Sdes	buffer_init(&iqueue);
302204861Sdes	buffer_init(&oqueue);
303204861Sdes
304204861Sdes	set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
305295367Sdes	rset = xmalloc(set_size);
306295367Sdes	wset = xmalloc(set_size);
307204861Sdes
308204861Sdes	for (;;) {
309204861Sdes		memset(rset, 0, set_size);
310204861Sdes		memset(wset, 0, set_size);
311204861Sdes
312204861Sdes		/*
313204861Sdes		 * Ensure that we can read a full buffer and handle
314204861Sdes		 * the worst-case length packet it can generate,
315204861Sdes		 * otherwise apply backpressure by stopping reads.
316204861Sdes		 */
317204861Sdes		if (buffer_check_alloc(&iqueue, sizeof(buf)) &&
318204861Sdes		    buffer_check_alloc(&oqueue, MAX_MSG_LENGTH))
319204861Sdes			FD_SET(in, rset);
320204861Sdes
321204861Sdes		olen = buffer_len(&oqueue);
322204861Sdes		if (olen > 0)
323204861Sdes			FD_SET(out, wset);
324204861Sdes
325204861Sdes		if (select(max+1, rset, wset, NULL, NULL) < 0) {
326204861Sdes			if (errno == EINTR)
327204861Sdes				continue;
328204861Sdes			error("select: %s", strerror(errno));
329204861Sdes			cleanup_exit(2);
330204861Sdes		}
331204861Sdes
332204861Sdes		/* copy stdin to iqueue */
333204861Sdes		if (FD_ISSET(in, rset)) {
334204861Sdes			len = read(in, buf, sizeof buf);
335204861Sdes			if (len == 0) {
336204861Sdes				debug("read eof");
337204861Sdes				cleanup_exit(0);
338204861Sdes			} else if (len < 0) {
339204861Sdes				error("read: %s", strerror(errno));
340204861Sdes				cleanup_exit(1);
341204861Sdes			} else {
342204861Sdes				buffer_append(&iqueue, buf, len);
343204861Sdes			}
344204861Sdes		}
345204861Sdes		/* send oqueue to stdout */
346204861Sdes		if (FD_ISSET(out, wset)) {
347204861Sdes			len = write(out, buffer_ptr(&oqueue), olen);
348204861Sdes			if (len < 0) {
349204861Sdes				error("write: %s", strerror(errno));
350204861Sdes				cleanup_exit(1);
351204861Sdes			} else {
352204861Sdes				buffer_consume(&oqueue, len);
353204861Sdes			}
354204861Sdes		}
355204861Sdes
356204861Sdes		/*
357204861Sdes		 * Process requests from client if we can fit the results
358204861Sdes		 * into the output buffer, otherwise stop processing input
359204861Sdes		 * and let the output queue drain.
360204861Sdes		 */
361204861Sdes		if (buffer_check_alloc(&oqueue, MAX_MSG_LENGTH))
362204861Sdes			process();
363204861Sdes	}
364204861Sdes}
365204861Sdes#else /* ENABLE_PKCS11 */
366204861Sdesint
367204861Sdesmain(int argc, char **argv)
368204861Sdes{
369204861Sdes	extern char *__progname;
370204861Sdes
371204861Sdes	__progname = ssh_get_progname(argv[0]);
372204861Sdes	log_init(__progname, SYSLOG_LEVEL_ERROR, SYSLOG_FACILITY_AUTH, 0);
373204861Sdes	fatal("PKCS#11 support disabled at compile time");
374204861Sdes}
375204861Sdes#endif /* ENABLE_PKCS11 */
376