ssh-keygen.c revision 137015
1138593Ssam/* 2138593Ssam * Author: Tatu Ylonen <ylo@cs.hut.fi> 3138593Ssam * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4138593Ssam * All rights reserved 5138593Ssam * Identity and host key generation and maintenance. 6138593Ssam * 7138593Ssam * As far as I am concerned, the code I have written for this software 8138593Ssam * can be used freely for any purpose. Any derived versions of this 9138593Ssam * software must be clearly marked as such, and if the derived work is 10138593Ssam * incompatible with the protocol description in the RFC file, it must be 11138593Ssam * called by a name other than "ssh" or "Secure Shell". 12138593Ssam */ 13138593Ssam 14138593Ssam#include "includes.h" 15138593SsamRCSID("$OpenBSD: ssh-keygen.c,v 1.117 2004/07/11 17:48:47 deraadt Exp $"); 16138593Ssam 17138593Ssam#include <openssl/evp.h> 18138593Ssam#include <openssl/pem.h> 19138593Ssam 20138593Ssam#include "xmalloc.h" 21138593Ssam#include "key.h" 22138593Ssam#include "rsa.h" 23138593Ssam#include "authfile.h" 24138593Ssam#include "uuencode.h" 25138593Ssam#include "buffer.h" 26138593Ssam#include "bufaux.h" 27138593Ssam#include "pathnames.h" 28138593Ssam#include "log.h" 29138593Ssam#include "misc.h" 30138593Ssam 31138593Ssam#ifdef SMARTCARD 32138593Ssam#include "scard.h" 33138593Ssam#endif 34138593Ssam#include "dns.h" 35138593Ssam 36138593Ssam/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */ 37138593Ssamint bits = 1024; 38138593Ssam 39138593Ssam/* 40202289Semaste * Flag indicating that we just want to change the passphrase. This can be 41138593Ssam * set on the command line. 42138593Ssam */ 43138593Ssamint change_passphrase = 0; 44138593Ssam 45138593Ssam/* 46166956Ssam * Flag indicating that we just want to change the comment. This can be set 47138593Ssam * on the command line. 48138593Ssam */ 49138593Ssamint change_comment = 0; 50138593Ssam 51138593Ssamint quiet = 0; 52138593Ssam 53138593Ssam/* Flag indicating that we just want to see the key fingerprint */ 54138593Ssamint print_fingerprint = 0; 55138593Ssamint print_bubblebabble = 0; 56191121Sbrooks 57138593Ssam/* The identity file name, given on the command line or entered by the user. */ 58138593Ssamchar identity_file[1024]; 59138593Ssamint have_identity = 0; 60166956Ssam 61138593Ssam/* This is set to the passphrase if given on the command line. */ 62138593Ssamchar *identity_passphrase = NULL; 63138593Ssam 64138593Ssam/* This is set to the new passphrase if given on the command line. */ 65138593Ssamchar *identity_new_passphrase = NULL; 66166956Ssam 67138593Ssam/* This is set to the new comment if given on the command line. */ 68138593Ssamchar *identity_comment = NULL; 69138593Ssam 70138593Ssam/* Dump public key file in format used by real and the original SSH 2 */ 71138593Ssamint convert_to_ssh2 = 0; 72166956Ssamint convert_from_ssh2 = 0; 73166956Ssamint print_public = 0; 74166956Ssamint print_generic = 0; 75138593Ssam 76138593Ssamchar *key_type_name = NULL; 77138593Ssam 78138593Ssam/* argv0 */ 79166956Ssamextern char *__progname; 80166956Ssam 81138593Ssamchar hostname[MAXHOSTNAMELEN]; 82138593Ssam 83138593Ssam/* moduli.c */ 84166956Ssamint gen_candidates(FILE *, int, int, BIGNUM *); 85166956Ssamint prime_test(FILE *, FILE *, u_int32_t, u_int32_t); 86166956Ssam 87138593Ssamstatic void 88138593Ssamask_filename(struct passwd *pw, const char *prompt) 89138593Ssam{ 90138593Ssam char buf[1024]; 91138593Ssam char *name = NULL; 92138593Ssam 93138593Ssam if (key_type_name == NULL) 94138593Ssam name = _PATH_SSH_CLIENT_ID_RSA; 95138593Ssam else 96138593Ssam switch (key_type_from_name(key_type_name)) { 97138593Ssam case KEY_RSA1: 98138593Ssam name = _PATH_SSH_CLIENT_IDENTITY; 99138593Ssam break; 100138593Ssam case KEY_DSA: 101138593Ssam name = _PATH_SSH_CLIENT_ID_DSA; 102138593Ssam break; 103138593Ssam case KEY_RSA: 104138593Ssam name = _PATH_SSH_CLIENT_ID_RSA; 105138593Ssam break; 106138593Ssam default: 107138593Ssam fprintf(stderr, "bad key type"); 108138593Ssam exit(1); 109138593Ssam break; 110138593Ssam } 111138593Ssam 112138593Ssam snprintf(identity_file, sizeof(identity_file), "%s/%s", pw->pw_dir, name); 113138593Ssam fprintf(stderr, "%s (%s): ", prompt, identity_file); 114202289Semaste if (fgets(buf, sizeof(buf), stdin) == NULL) 115138593Ssam exit(1); 116138593Ssam if (strchr(buf, '\n')) 117138593Ssam *strchr(buf, '\n') = 0; 118138593Ssam if (strcmp(buf, "") != 0) 119202289Semaste strlcpy(identity_file, buf, sizeof(identity_file)); 120202289Semaste have_identity = 1; 121202289Semaste} 122202289Semaste 123202289Semastestatic Key * 124138593Ssamload_identity(char *filename) 125202289Semaste{ 126138593Ssam char *pass; 127138593Ssam Key *prv; 128138593Ssam 129138593Ssam prv = key_load_private(filename, "", NULL); 130138593Ssam if (prv == NULL) { 131138593Ssam if (identity_passphrase) 132138593Ssam pass = xstrdup(identity_passphrase); 133138593Ssam else 134138593Ssam pass = read_passphrase("Enter passphrase: ", 135138593Ssam RP_ALLOW_STDIN); 136138593Ssam prv = key_load_private(filename, pass, NULL); 137194799Sdelphij memset(pass, 0, strlen(pass)); 138138593Ssam xfree(pass); 139138593Ssam } 140138593Ssam return prv; 141138593Ssam} 142138593Ssam 143138593Ssam#define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----" 144138593Ssam#define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----" 145138593Ssam#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" 146138593Ssam#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb 147138593Ssam 148138593Ssamstatic void 149138593Ssamdo_convert_to_ssh2(struct passwd *pw) 150138593Ssam{ 151138593Ssam Key *k; 152138593Ssam u_int len; 153138593Ssam u_char *blob; 154138593Ssam struct stat st; 155138593Ssam 156138593Ssam if (!have_identity) 157138593Ssam ask_filename(pw, "Enter file in which the key is"); 158147437Sume if (stat(identity_file, &st) < 0) { 159147437Sume perror(identity_file); 160138593Ssam exit(1); 161138593Ssam } 162138593Ssam if ((k = key_load_public(identity_file, NULL)) == NULL) { 163138593Ssam if ((k = load_identity(identity_file)) == NULL) { 164138593Ssam fprintf(stderr, "load failed\n"); 165147437Sume exit(1); 166147437Sume } 167138593Ssam } 168138593Ssam if (k->type == KEY_RSA1) { 169138593Ssam fprintf(stderr, "version 1 keys are not supported\n"); 170138593Ssam exit(1); 171138593Ssam } 172138593Ssam if (key_to_blob(k, &blob, &len) <= 0) { 173138593Ssam fprintf(stderr, "key_to_blob failed\n"); 174138593Ssam exit(1); 175138593Ssam } 176191121Sbrooks fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); 177138593Ssam fprintf(stdout, 178138593Ssam "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n", 179138593Ssam key_size(k), key_type(k), 180138593Ssam pw->pw_name, hostname); 181138593Ssam dump_base64(stdout, blob, len); 182138593Ssam fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); 183138593Ssam key_free(k); 184138593Ssam xfree(blob); 185138593Ssam exit(0); 186138593Ssam} 187138593Ssam 188138593Ssamstatic void 189138593Ssambuffer_get_bignum_bits(Buffer *b, BIGNUM *value) 190138593Ssam{ 191138593Ssam u_int bignum_bits = buffer_get_int(b); 192138593Ssam u_int bytes = (bignum_bits + 7) / 8; 193138593Ssam 194138593Ssam if (buffer_len(b) < bytes) 195138593Ssam fatal("buffer_get_bignum_bits: input buffer too small: " 196138593Ssam "need %d have %d", bytes, buffer_len(b)); 197138593Ssam BN_bin2bn(buffer_ptr(b), bytes, value); 198138593Ssam buffer_consume(b, bytes); 199138593Ssam} 200138593Ssam 201138593Ssamstatic Key * 202138593Ssamdo_convert_private_ssh2_from_blob(u_char *blob, u_int blen) 203222527Sbz{ 204222527Sbz Buffer b; 205138593Ssam Key *key = NULL; 206138593Ssam char *type, *cipher; 207 u_char *sig, data[] = "abcde12345"; 208 int magic, rlen, ktype, i1, i2, i3, i4; 209 u_int slen; 210 u_long e; 211 212 buffer_init(&b); 213 buffer_append(&b, blob, blen); 214 215 magic = buffer_get_int(&b); 216 if (magic != SSH_COM_PRIVATE_KEY_MAGIC) { 217 error("bad magic 0x%x != 0x%x", magic, SSH_COM_PRIVATE_KEY_MAGIC); 218 buffer_free(&b); 219 return NULL; 220 } 221 i1 = buffer_get_int(&b); 222 type = buffer_get_string(&b, NULL); 223 cipher = buffer_get_string(&b, NULL); 224 i2 = buffer_get_int(&b); 225 i3 = buffer_get_int(&b); 226 i4 = buffer_get_int(&b); 227 debug("ignore (%d %d %d %d)", i1,i2,i3,i4); 228 if (strcmp(cipher, "none") != 0) { 229 error("unsupported cipher %s", cipher); 230 xfree(cipher); 231 buffer_free(&b); 232 xfree(type); 233 return NULL; 234 } 235 xfree(cipher); 236 237 if (strstr(type, "dsa")) { 238 ktype = KEY_DSA; 239 } else if (strstr(type, "rsa")) { 240 ktype = KEY_RSA; 241 } else { 242 xfree(type); 243 return NULL; 244 } 245 key = key_new_private(ktype); 246 xfree(type); 247 248 switch (key->type) { 249 case KEY_DSA: 250 buffer_get_bignum_bits(&b, key->dsa->p); 251 buffer_get_bignum_bits(&b, key->dsa->g); 252 buffer_get_bignum_bits(&b, key->dsa->q); 253 buffer_get_bignum_bits(&b, key->dsa->pub_key); 254 buffer_get_bignum_bits(&b, key->dsa->priv_key); 255 break; 256 case KEY_RSA: 257 e = buffer_get_char(&b); 258 debug("e %lx", e); 259 if (e < 30) { 260 e <<= 8; 261 e += buffer_get_char(&b); 262 debug("e %lx", e); 263 e <<= 8; 264 e += buffer_get_char(&b); 265 debug("e %lx", e); 266 } 267 if (!BN_set_word(key->rsa->e, e)) { 268 buffer_free(&b); 269 key_free(key); 270 return NULL; 271 } 272 buffer_get_bignum_bits(&b, key->rsa->d); 273 buffer_get_bignum_bits(&b, key->rsa->n); 274 buffer_get_bignum_bits(&b, key->rsa->iqmp); 275 buffer_get_bignum_bits(&b, key->rsa->q); 276 buffer_get_bignum_bits(&b, key->rsa->p); 277 rsa_generate_additional_parameters(key->rsa); 278 break; 279 } 280 rlen = buffer_len(&b); 281 if (rlen != 0) 282 error("do_convert_private_ssh2_from_blob: " 283 "remaining bytes in key blob %d", rlen); 284 buffer_free(&b); 285 286 /* try the key */ 287 key_sign(key, &sig, &slen, data, sizeof(data)); 288 key_verify(key, sig, slen, data, sizeof(data)); 289 xfree(sig); 290 return key; 291} 292 293static void 294do_convert_from_ssh2(struct passwd *pw) 295{ 296 Key *k; 297 int blen; 298 u_int len; 299 char line[1024], *p; 300 u_char blob[8096]; 301 char encoded[8096]; 302 struct stat st; 303 int escaped = 0, private = 0, ok; 304 FILE *fp; 305 306 if (!have_identity) 307 ask_filename(pw, "Enter file in which the key is"); 308 if (stat(identity_file, &st) < 0) { 309 perror(identity_file); 310 exit(1); 311 } 312 fp = fopen(identity_file, "r"); 313 if (fp == NULL) { 314 perror(identity_file); 315 exit(1); 316 } 317 encoded[0] = '\0'; 318 while (fgets(line, sizeof(line), fp)) { 319 if (!(p = strchr(line, '\n'))) { 320 fprintf(stderr, "input line too long.\n"); 321 exit(1); 322 } 323 if (p > line && p[-1] == '\\') 324 escaped++; 325 if (strncmp(line, "----", 4) == 0 || 326 strstr(line, ": ") != NULL) { 327 if (strstr(line, SSH_COM_PRIVATE_BEGIN) != NULL) 328 private = 1; 329 if (strstr(line, " END ") != NULL) { 330 break; 331 } 332 /* fprintf(stderr, "ignore: %s", line); */ 333 continue; 334 } 335 if (escaped) { 336 escaped--; 337 /* fprintf(stderr, "escaped: %s", line); */ 338 continue; 339 } 340 *p = '\0'; 341 strlcat(encoded, line, sizeof(encoded)); 342 } 343 len = strlen(encoded); 344 if (((len % 4) == 3) && 345 (encoded[len-1] == '=') && 346 (encoded[len-2] == '=') && 347 (encoded[len-3] == '=')) 348 encoded[len-3] = '\0'; 349 blen = uudecode(encoded, blob, sizeof(blob)); 350 if (blen < 0) { 351 fprintf(stderr, "uudecode failed.\n"); 352 exit(1); 353 } 354 k = private ? 355 do_convert_private_ssh2_from_blob(blob, blen) : 356 key_from_blob(blob, blen); 357 if (k == NULL) { 358 fprintf(stderr, "decode blob failed.\n"); 359 exit(1); 360 } 361 ok = private ? 362 (k->type == KEY_DSA ? 363 PEM_write_DSAPrivateKey(stdout, k->dsa, NULL, NULL, 0, NULL, NULL) : 364 PEM_write_RSAPrivateKey(stdout, k->rsa, NULL, NULL, 0, NULL, NULL)) : 365 key_write(k, stdout); 366 if (!ok) { 367 fprintf(stderr, "key write failed"); 368 exit(1); 369 } 370 key_free(k); 371 if (!private) 372 fprintf(stdout, "\n"); 373 fclose(fp); 374 exit(0); 375} 376 377static void 378do_print_public(struct passwd *pw) 379{ 380 Key *prv; 381 struct stat st; 382 383 if (!have_identity) 384 ask_filename(pw, "Enter file in which the key is"); 385 if (stat(identity_file, &st) < 0) { 386 perror(identity_file); 387 exit(1); 388 } 389 prv = load_identity(identity_file); 390 if (prv == NULL) { 391 fprintf(stderr, "load failed\n"); 392 exit(1); 393 } 394 if (!key_write(prv, stdout)) 395 fprintf(stderr, "key_write failed"); 396 key_free(prv); 397 fprintf(stdout, "\n"); 398 exit(0); 399} 400 401#ifdef SMARTCARD 402static void 403do_upload(struct passwd *pw, const char *sc_reader_id) 404{ 405 Key *prv = NULL; 406 struct stat st; 407 int ret; 408 409 if (!have_identity) 410 ask_filename(pw, "Enter file in which the key is"); 411 if (stat(identity_file, &st) < 0) { 412 perror(identity_file); 413 exit(1); 414 } 415 prv = load_identity(identity_file); 416 if (prv == NULL) { 417 error("load failed"); 418 exit(1); 419 } 420 ret = sc_put_key(prv, sc_reader_id); 421 key_free(prv); 422 if (ret < 0) 423 exit(1); 424 logit("loading key done"); 425 exit(0); 426} 427 428static void 429do_download(struct passwd *pw, const char *sc_reader_id) 430{ 431 Key **keys = NULL; 432 int i; 433 434 keys = sc_get_keys(sc_reader_id, NULL); 435 if (keys == NULL) 436 fatal("cannot read public key from smartcard"); 437 for (i = 0; keys[i]; i++) { 438 key_write(keys[i], stdout); 439 key_free(keys[i]); 440 fprintf(stdout, "\n"); 441 } 442 xfree(keys); 443 exit(0); 444} 445#endif /* SMARTCARD */ 446 447static void 448do_fingerprint(struct passwd *pw) 449{ 450 FILE *f; 451 Key *public; 452 char *comment = NULL, *cp, *ep, line[16*1024], *fp; 453 int i, skip = 0, num = 1, invalid = 1; 454 enum fp_rep rep; 455 enum fp_type fptype; 456 struct stat st; 457 458 fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; 459 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; 460 461 if (!have_identity) 462 ask_filename(pw, "Enter file in which the key is"); 463 if (stat(identity_file, &st) < 0) { 464 perror(identity_file); 465 exit(1); 466 } 467 public = key_load_public(identity_file, &comment); 468 if (public != NULL) { 469 fp = key_fingerprint(public, fptype, rep); 470 printf("%u %s %s\n", key_size(public), fp, comment); 471 key_free(public); 472 xfree(comment); 473 xfree(fp); 474 exit(0); 475 } 476 if (comment) 477 xfree(comment); 478 479 f = fopen(identity_file, "r"); 480 if (f != NULL) { 481 while (fgets(line, sizeof(line), f)) { 482 i = strlen(line) - 1; 483 if (line[i] != '\n') { 484 error("line %d too long: %.40s...", num, line); 485 skip = 1; 486 continue; 487 } 488 num++; 489 if (skip) { 490 skip = 0; 491 continue; 492 } 493 line[i] = '\0'; 494 495 /* Skip leading whitespace, empty and comment lines. */ 496 for (cp = line; *cp == ' ' || *cp == '\t'; cp++) 497 ; 498 if (!*cp || *cp == '\n' || *cp == '#') 499 continue ; 500 i = strtol(cp, &ep, 10); 501 if (i == 0 || ep == NULL || (*ep != ' ' && *ep != '\t')) { 502 int quoted = 0; 503 comment = cp; 504 for (; *cp && (quoted || (*cp != ' ' && 505 *cp != '\t')); cp++) { 506 if (*cp == '\\' && cp[1] == '"') 507 cp++; /* Skip both */ 508 else if (*cp == '"') 509 quoted = !quoted; 510 } 511 if (!*cp) 512 continue; 513 *cp++ = '\0'; 514 } 515 ep = cp; 516 public = key_new(KEY_RSA1); 517 if (key_read(public, &cp) != 1) { 518 cp = ep; 519 key_free(public); 520 public = key_new(KEY_UNSPEC); 521 if (key_read(public, &cp) != 1) { 522 key_free(public); 523 continue; 524 } 525 } 526 comment = *cp ? cp : comment; 527 fp = key_fingerprint(public, fptype, rep); 528 printf("%u %s %s\n", key_size(public), fp, 529 comment ? comment : "no comment"); 530 xfree(fp); 531 key_free(public); 532 invalid = 0; 533 } 534 fclose(f); 535 } 536 if (invalid) { 537 printf("%s is not a public key file.\n", identity_file); 538 exit(1); 539 } 540 exit(0); 541} 542 543/* 544 * Perform changing a passphrase. The argument is the passwd structure 545 * for the current user. 546 */ 547static void 548do_change_passphrase(struct passwd *pw) 549{ 550 char *comment; 551 char *old_passphrase, *passphrase1, *passphrase2; 552 struct stat st; 553 Key *private; 554 555 if (!have_identity) 556 ask_filename(pw, "Enter file in which the key is"); 557 if (stat(identity_file, &st) < 0) { 558 perror(identity_file); 559 exit(1); 560 } 561 /* Try to load the file with empty passphrase. */ 562 private = key_load_private(identity_file, "", &comment); 563 if (private == NULL) { 564 if (identity_passphrase) 565 old_passphrase = xstrdup(identity_passphrase); 566 else 567 old_passphrase = 568 read_passphrase("Enter old passphrase: ", 569 RP_ALLOW_STDIN); 570 private = key_load_private(identity_file, old_passphrase, 571 &comment); 572 memset(old_passphrase, 0, strlen(old_passphrase)); 573 xfree(old_passphrase); 574 if (private == NULL) { 575 printf("Bad passphrase.\n"); 576 exit(1); 577 } 578 } 579 printf("Key has comment '%s'\n", comment); 580 581 /* Ask the new passphrase (twice). */ 582 if (identity_new_passphrase) { 583 passphrase1 = xstrdup(identity_new_passphrase); 584 passphrase2 = NULL; 585 } else { 586 passphrase1 = 587 read_passphrase("Enter new passphrase (empty for no " 588 "passphrase): ", RP_ALLOW_STDIN); 589 passphrase2 = read_passphrase("Enter same passphrase again: ", 590 RP_ALLOW_STDIN); 591 592 /* Verify that they are the same. */ 593 if (strcmp(passphrase1, passphrase2) != 0) { 594 memset(passphrase1, 0, strlen(passphrase1)); 595 memset(passphrase2, 0, strlen(passphrase2)); 596 xfree(passphrase1); 597 xfree(passphrase2); 598 printf("Pass phrases do not match. Try again.\n"); 599 exit(1); 600 } 601 /* Destroy the other copy. */ 602 memset(passphrase2, 0, strlen(passphrase2)); 603 xfree(passphrase2); 604 } 605 606 /* Save the file using the new passphrase. */ 607 if (!key_save_private(private, identity_file, passphrase1, comment)) { 608 printf("Saving the key failed: %s.\n", identity_file); 609 memset(passphrase1, 0, strlen(passphrase1)); 610 xfree(passphrase1); 611 key_free(private); 612 xfree(comment); 613 exit(1); 614 } 615 /* Destroy the passphrase and the copy of the key in memory. */ 616 memset(passphrase1, 0, strlen(passphrase1)); 617 xfree(passphrase1); 618 key_free(private); /* Destroys contents */ 619 xfree(comment); 620 621 printf("Your identification has been saved with the new passphrase.\n"); 622 exit(0); 623} 624 625/* 626 * Print the SSHFP RR. 627 */ 628static void 629do_print_resource_record(struct passwd *pw, char *hname) 630{ 631 Key *public; 632 char *comment = NULL; 633 struct stat st; 634 635 if (!have_identity) 636 ask_filename(pw, "Enter file in which the key is"); 637 if (stat(identity_file, &st) < 0) { 638 perror(identity_file); 639 exit(1); 640 } 641 public = key_load_public(identity_file, &comment); 642 if (public != NULL) { 643 export_dns_rr(hname, public, stdout, print_generic); 644 key_free(public); 645 xfree(comment); 646 exit(0); 647 } 648 if (comment) 649 xfree(comment); 650 651 printf("failed to read v2 public key from %s.\n", identity_file); 652 exit(1); 653} 654 655/* 656 * Change the comment of a private key file. 657 */ 658static void 659do_change_comment(struct passwd *pw) 660{ 661 char new_comment[1024], *comment, *passphrase; 662 Key *private; 663 Key *public; 664 struct stat st; 665 FILE *f; 666 int fd; 667 668 if (!have_identity) 669 ask_filename(pw, "Enter file in which the key is"); 670 if (stat(identity_file, &st) < 0) { 671 perror(identity_file); 672 exit(1); 673 } 674 private = key_load_private(identity_file, "", &comment); 675 if (private == NULL) { 676 if (identity_passphrase) 677 passphrase = xstrdup(identity_passphrase); 678 else if (identity_new_passphrase) 679 passphrase = xstrdup(identity_new_passphrase); 680 else 681 passphrase = read_passphrase("Enter passphrase: ", 682 RP_ALLOW_STDIN); 683 /* Try to load using the passphrase. */ 684 private = key_load_private(identity_file, passphrase, &comment); 685 if (private == NULL) { 686 memset(passphrase, 0, strlen(passphrase)); 687 xfree(passphrase); 688 printf("Bad passphrase.\n"); 689 exit(1); 690 } 691 } else { 692 passphrase = xstrdup(""); 693 } 694 if (private->type != KEY_RSA1) { 695 fprintf(stderr, "Comments are only supported for RSA1 keys.\n"); 696 key_free(private); 697 exit(1); 698 } 699 printf("Key now has comment '%s'\n", comment); 700 701 if (identity_comment) { 702 strlcpy(new_comment, identity_comment, sizeof(new_comment)); 703 } else { 704 printf("Enter new comment: "); 705 fflush(stdout); 706 if (!fgets(new_comment, sizeof(new_comment), stdin)) { 707 memset(passphrase, 0, strlen(passphrase)); 708 key_free(private); 709 exit(1); 710 } 711 if (strchr(new_comment, '\n')) 712 *strchr(new_comment, '\n') = 0; 713 } 714 715 /* Save the file using the new passphrase. */ 716 if (!key_save_private(private, identity_file, passphrase, new_comment)) { 717 printf("Saving the key failed: %s.\n", identity_file); 718 memset(passphrase, 0, strlen(passphrase)); 719 xfree(passphrase); 720 key_free(private); 721 xfree(comment); 722 exit(1); 723 } 724 memset(passphrase, 0, strlen(passphrase)); 725 xfree(passphrase); 726 public = key_from_private(private); 727 key_free(private); 728 729 strlcat(identity_file, ".pub", sizeof(identity_file)); 730 fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644); 731 if (fd == -1) { 732 printf("Could not save your public key in %s\n", identity_file); 733 exit(1); 734 } 735 f = fdopen(fd, "w"); 736 if (f == NULL) { 737 printf("fdopen %s failed", identity_file); 738 exit(1); 739 } 740 if (!key_write(public, f)) 741 fprintf(stderr, "write key failed"); 742 key_free(public); 743 fprintf(f, " %s\n", new_comment); 744 fclose(f); 745 746 xfree(comment); 747 748 printf("The comment in your key file has been changed.\n"); 749 exit(0); 750} 751 752static void 753usage(void) 754{ 755 fprintf(stderr, "Usage: %s [options]\n", __progname); 756 fprintf(stderr, "Options:\n"); 757 fprintf(stderr, " -b bits Number of bits in the key to create.\n"); 758 fprintf(stderr, " -c Change comment in private and public key files.\n"); 759 fprintf(stderr, " -e Convert OpenSSH to IETF SECSH key file.\n"); 760 fprintf(stderr, " -f filename Filename of the key file.\n"); 761 fprintf(stderr, " -g Use generic DNS resource record format.\n"); 762 fprintf(stderr, " -i Convert IETF SECSH to OpenSSH key file.\n"); 763 fprintf(stderr, " -l Show fingerprint of key file.\n"); 764 fprintf(stderr, " -p Change passphrase of private key file.\n"); 765 fprintf(stderr, " -q Quiet.\n"); 766 fprintf(stderr, " -y Read private key file and print public key.\n"); 767 fprintf(stderr, " -t type Specify type of key to create.\n"); 768 fprintf(stderr, " -B Show bubblebabble digest of key file.\n"); 769 fprintf(stderr, " -C comment Provide new comment.\n"); 770 fprintf(stderr, " -N phrase Provide new passphrase.\n"); 771 fprintf(stderr, " -P phrase Provide old passphrase.\n"); 772 fprintf(stderr, " -r hostname Print DNS resource record.\n"); 773#ifdef SMARTCARD 774 fprintf(stderr, " -D reader Download public key from smartcard.\n"); 775 fprintf(stderr, " -U reader Upload private key to smartcard.\n"); 776#endif /* SMARTCARD */ 777 778 fprintf(stderr, " -G file Generate candidates for DH-GEX moduli\n"); 779 fprintf(stderr, " -T file Screen candidates for DH-GEX moduli\n"); 780 781 exit(1); 782} 783 784/* 785 * Main program for key management. 786 */ 787int 788main(int ac, char **av) 789{ 790 char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; 791 char out_file[MAXPATHLEN], *reader_id = NULL; 792 char *resource_record_hostname = NULL; 793 Key *private, *public; 794 struct passwd *pw; 795 struct stat st; 796 int opt, type, fd, download = 0, memory = 0; 797 int generator_wanted = 0, trials = 100; 798 int do_gen_candidates = 0, do_screen_candidates = 0; 799 int log_level = SYSLOG_LEVEL_INFO; 800 BIGNUM *start = NULL; 801 FILE *f; 802 803 extern int optind; 804 extern char *optarg; 805 806 __progname = ssh_get_progname(av[0]); 807 808 SSLeay_add_all_algorithms(); 809 log_init(av[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1); 810 811 init_rng(); 812 seed_rng(); 813 814 /* we need this for the home * directory. */ 815 pw = getpwuid(getuid()); 816 if (!pw) { 817 printf("You don't exist, go away!\n"); 818 exit(1); 819 } 820 if (gethostname(hostname, sizeof(hostname)) < 0) { 821 perror("gethostname"); 822 exit(1); 823 } 824 825 while ((opt = getopt(ac, av, 826 "degiqpclBRvxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) { 827 switch (opt) { 828 case 'b': 829 bits = atoi(optarg); 830 if (bits < 512 || bits > 32768) { 831 printf("Bits has bad value.\n"); 832 exit(1); 833 } 834 break; 835 case 'l': 836 print_fingerprint = 1; 837 break; 838 case 'B': 839 print_bubblebabble = 1; 840 break; 841 case 'p': 842 change_passphrase = 1; 843 break; 844 case 'c': 845 change_comment = 1; 846 break; 847 case 'f': 848 strlcpy(identity_file, optarg, sizeof(identity_file)); 849 have_identity = 1; 850 break; 851 case 'g': 852 print_generic = 1; 853 break; 854 case 'P': 855 identity_passphrase = optarg; 856 break; 857 case 'N': 858 identity_new_passphrase = optarg; 859 break; 860 case 'C': 861 identity_comment = optarg; 862 break; 863 case 'q': 864 quiet = 1; 865 break; 866 case 'R': 867 /* unused */ 868 exit(0); 869 break; 870 case 'e': 871 case 'x': 872 /* export key */ 873 convert_to_ssh2 = 1; 874 break; 875 case 'i': 876 case 'X': 877 /* import key */ 878 convert_from_ssh2 = 1; 879 break; 880 case 'y': 881 print_public = 1; 882 break; 883 case 'd': 884 key_type_name = "dsa"; 885 break; 886 case 't': 887 key_type_name = optarg; 888 break; 889 case 'D': 890 download = 1; 891 case 'U': 892 reader_id = optarg; 893 break; 894 case 'v': 895 if (log_level == SYSLOG_LEVEL_INFO) 896 log_level = SYSLOG_LEVEL_DEBUG1; 897 else { 898 if (log_level >= SYSLOG_LEVEL_DEBUG1 && 899 log_level < SYSLOG_LEVEL_DEBUG3) 900 log_level++; 901 } 902 break; 903 case 'r': 904 resource_record_hostname = optarg; 905 break; 906 case 'W': 907 generator_wanted = atoi(optarg); 908 if (generator_wanted < 1) 909 fatal("Desired generator has bad value."); 910 break; 911 case 'a': 912 trials = atoi(optarg); 913 break; 914 case 'M': 915 memory = atoi(optarg); 916 break; 917 case 'G': 918 do_gen_candidates = 1; 919 strlcpy(out_file, optarg, sizeof(out_file)); 920 break; 921 case 'T': 922 do_screen_candidates = 1; 923 strlcpy(out_file, optarg, sizeof(out_file)); 924 break; 925 case 'S': 926 /* XXX - also compare length against bits */ 927 if (BN_hex2bn(&start, optarg) == 0) 928 fatal("Invalid start point."); 929 break; 930 case '?': 931 default: 932 usage(); 933 } 934 } 935 936 /* reinit */ 937 log_init(av[0], log_level, SYSLOG_FACILITY_USER, 1); 938 939 if (optind < ac) { 940 printf("Too many arguments.\n"); 941 usage(); 942 } 943 if (change_passphrase && change_comment) { 944 printf("Can only have one of -p and -c.\n"); 945 usage(); 946 } 947 if (print_fingerprint || print_bubblebabble) 948 do_fingerprint(pw); 949 if (change_passphrase) 950 do_change_passphrase(pw); 951 if (change_comment) 952 do_change_comment(pw); 953 if (convert_to_ssh2) 954 do_convert_to_ssh2(pw); 955 if (convert_from_ssh2) 956 do_convert_from_ssh2(pw); 957 if (print_public) 958 do_print_public(pw); 959 if (resource_record_hostname != NULL) { 960 do_print_resource_record(pw, resource_record_hostname); 961 } 962 if (reader_id != NULL) { 963#ifdef SMARTCARD 964 if (download) 965 do_download(pw, reader_id); 966 else 967 do_upload(pw, reader_id); 968#else /* SMARTCARD */ 969 fatal("no support for smartcards."); 970#endif /* SMARTCARD */ 971 } 972 973 if (do_gen_candidates) { 974 FILE *out = fopen(out_file, "w"); 975 976 if (out == NULL) { 977 error("Couldn't open modulus candidate file \"%s\": %s", 978 out_file, strerror(errno)); 979 return (1); 980 } 981 if (gen_candidates(out, memory, bits, start) != 0) 982 fatal("modulus candidate generation failed\n"); 983 984 return (0); 985 } 986 987 if (do_screen_candidates) { 988 FILE *in; 989 FILE *out = fopen(out_file, "w"); 990 991 if (have_identity && strcmp(identity_file, "-") != 0) { 992 if ((in = fopen(identity_file, "r")) == NULL) { 993 fatal("Couldn't open modulus candidate " 994 "file \"%s\": %s", identity_file, 995 strerror(errno)); 996 } 997 } else 998 in = stdin; 999 1000 if (out == NULL) { 1001 fatal("Couldn't open moduli file \"%s\": %s", 1002 out_file, strerror(errno)); 1003 } 1004 if (prime_test(in, out, trials, generator_wanted) != 0) 1005 fatal("modulus screening failed\n"); 1006 return (0); 1007 } 1008 1009 arc4random_stir(); 1010 1011 if (key_type_name == NULL) { 1012 printf("You must specify a key type (-t).\n"); 1013 usage(); 1014 } 1015 type = key_type_from_name(key_type_name); 1016 if (type == KEY_UNSPEC) { 1017 fprintf(stderr, "unknown key type %s\n", key_type_name); 1018 exit(1); 1019 } 1020 if (!quiet) 1021 printf("Generating public/private %s key pair.\n", key_type_name); 1022 private = key_generate(type, bits); 1023 if (private == NULL) { 1024 fprintf(stderr, "key_generate failed"); 1025 exit(1); 1026 } 1027 public = key_from_private(private); 1028 1029 if (!have_identity) 1030 ask_filename(pw, "Enter file in which to save the key"); 1031 1032 /* Create ~/.ssh directory if it doesn\'t already exist. */ 1033 snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", pw->pw_dir, _PATH_SSH_USER_DIR); 1034 if (strstr(identity_file, dotsshdir) != NULL && 1035 stat(dotsshdir, &st) < 0) { 1036 if (mkdir(dotsshdir, 0700) < 0) 1037 error("Could not create directory '%s'.", dotsshdir); 1038 else if (!quiet) 1039 printf("Created directory '%s'.\n", dotsshdir); 1040 } 1041 /* If the file already exists, ask the user to confirm. */ 1042 if (stat(identity_file, &st) >= 0) { 1043 char yesno[3]; 1044 printf("%s already exists.\n", identity_file); 1045 printf("Overwrite (y/n)? "); 1046 fflush(stdout); 1047 if (fgets(yesno, sizeof(yesno), stdin) == NULL) 1048 exit(1); 1049 if (yesno[0] != 'y' && yesno[0] != 'Y') 1050 exit(1); 1051 } 1052 /* Ask for a passphrase (twice). */ 1053 if (identity_passphrase) 1054 passphrase1 = xstrdup(identity_passphrase); 1055 else if (identity_new_passphrase) 1056 passphrase1 = xstrdup(identity_new_passphrase); 1057 else { 1058passphrase_again: 1059 passphrase1 = 1060 read_passphrase("Enter passphrase (empty for no " 1061 "passphrase): ", RP_ALLOW_STDIN); 1062 passphrase2 = read_passphrase("Enter same passphrase again: ", 1063 RP_ALLOW_STDIN); 1064 if (strcmp(passphrase1, passphrase2) != 0) { 1065 /* 1066 * The passphrases do not match. Clear them and 1067 * retry. 1068 */ 1069 memset(passphrase1, 0, strlen(passphrase1)); 1070 memset(passphrase2, 0, strlen(passphrase2)); 1071 xfree(passphrase1); 1072 xfree(passphrase2); 1073 printf("Passphrases do not match. Try again.\n"); 1074 goto passphrase_again; 1075 } 1076 /* Clear the other copy of the passphrase. */ 1077 memset(passphrase2, 0, strlen(passphrase2)); 1078 xfree(passphrase2); 1079 } 1080 1081 if (identity_comment) { 1082 strlcpy(comment, identity_comment, sizeof(comment)); 1083 } else { 1084 /* Create default commend field for the passphrase. */ 1085 snprintf(comment, sizeof comment, "%s@%s", pw->pw_name, hostname); 1086 } 1087 1088 /* Save the key with the given passphrase and comment. */ 1089 if (!key_save_private(private, identity_file, passphrase1, comment)) { 1090 printf("Saving the key failed: %s.\n", identity_file); 1091 memset(passphrase1, 0, strlen(passphrase1)); 1092 xfree(passphrase1); 1093 exit(1); 1094 } 1095 /* Clear the passphrase. */ 1096 memset(passphrase1, 0, strlen(passphrase1)); 1097 xfree(passphrase1); 1098 1099 /* Clear the private key and the random number generator. */ 1100 key_free(private); 1101 arc4random_stir(); 1102 1103 if (!quiet) 1104 printf("Your identification has been saved in %s.\n", identity_file); 1105 1106 strlcat(identity_file, ".pub", sizeof(identity_file)); 1107 fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644); 1108 if (fd == -1) { 1109 printf("Could not save your public key in %s\n", identity_file); 1110 exit(1); 1111 } 1112 f = fdopen(fd, "w"); 1113 if (f == NULL) { 1114 printf("fdopen %s failed", identity_file); 1115 exit(1); 1116 } 1117 if (!key_write(public, f)) 1118 fprintf(stderr, "write key failed"); 1119 fprintf(f, " %s\n", comment); 1120 fclose(f); 1121 1122 if (!quiet) { 1123 char *fp = key_fingerprint(public, SSH_FP_MD5, SSH_FP_HEX); 1124 printf("Your public key has been saved in %s.\n", 1125 identity_file); 1126 printf("The key fingerprint is:\n"); 1127 printf("%s %s\n", fp, comment); 1128 xfree(fp); 1129 } 1130 1131 key_free(public); 1132 exit(0); 1133} 1134