dowkd.in

   1 #!/usr/bin/perl
   2
   3 # Debian/OpenSSL Weak Key Detector
   4 #
   5 # Copyright (C) 2008, Florian Weimer <fw@deneb.enyo.de>
   6 #
   7 # Permission to use, copy, modify, and distribute this software for
   8 # any purpose with or without fee is hereby granted, provided that the
   9 # above copyright notice and this permission notice appear in all
  10 # copies.
  11 #
  12 # THE SOFTWARE IS PROVIDED "AS IS" AND FLORIAN WEIMER AND HIS
  13 # CONTRIBUTORS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE
  14 # INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN
  15 # NO EVENT SHALL FLORIAN WEIMER OR HIS CONTRIBUTORS BE LIABLE FOR ANY
  16 # SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  17 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
  18 # AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
  19 # OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
  20 # SOFTWARE.
  21 #
  22 # Blacklist data has been provided by Kees Cook, Peter Palfrader and
  23 # James Strandboge.
  24 #
  25 # Patches and comments are welcome.  Please send them to
  26 # <fw@deneb.enyo.de>, and use "dowkd" in the subject line.
  27
  28 use strict;
  29 use warnings;
  30
  31 sub help () {
  32     print <<EOF;
  33 usage: $0 [OPTIONS...] COMMAND [ARGUMENTS...]
  34
  35 COMMAND is one of:
  36
  37   file: examine files on the command line for weak keys
  38   host: examine the specified hosts for weak SSH keys
  39   user: examine user SSH keys for weakness; examine all users if no
  40         users are given
  41   help: show this help screen
  42
  43 OPTIONS is one pf:
  44
  45   -c FILE: set the database cache file name (default: dowkd.db)
  46
  47 dowkd currently handles the following OpenSSH host and user keys,
  48 provided they have been generated on a little-endian architecture
  49 (such as i386 or amd64): RSA/1024, RSA/2048 and DSA/1024.  (The
  50 OpenSSH version in Debian does not support DSA key generation with)
  51 other sizes.
  52
  53 OpenVPN shared also detected on little-endian architecture.
  54
  55 Note that the blacklist by dowkd may be incomplete; it is only
  56 intended as a quick check.
  57
  58 EOF
  59 }
  60
  61 use DB_File;
  62 use File::Temp;
  63 use Fcntl;
  64 use IO::Handle;
  65
  66 my $db_version = '1';
  67
  68 my $db_file = 'dowkd.db';
  69
  70 my $db;
  71 my %db;
  72
  73 sub create_db () {
  74     $db = tie %db, 'DB_File', $db_file, O_RDWR | O_CREAT, 0777, $DB_BTREE
  75         or die "error: could not open database: $!\n";
  76
  77     $db{''} = $db_version;
  78     while (my $line = <DATA>) {
  79         next if $line =~ /^\**$/;
  80         chomp $line;
  81         $line =~ /^[0-9a-f]{32}$/ or die "error: invalid data line";
  82         $line =~ s/(..)/chr(hex($1))/ge;
  83         $db{$line} = '';
  84     }
  85
  86     $db->sync;
  87 }
  88
  89 sub open_db () {
  90     if (-r $db_file) {
  91         $db = tie %db, 'DB_File', $db_file, O_RDONLY, 0777, $DB_BTREE
  92             or die "error: could not open database: $!\n";
  93         my $stored_version = $db{''};
  94         $stored_version && $stored_version eq $db_version or create_db;
  95     } else {
  96         unlink $db_file;
  97         create_db;
  98     }
  99 }
 100
 101 sub safe_backtick (@) {
 102     my @args = @_;
 103     my $fh;
 104     open $fh, '-|', @args
 105         or die "error: failed to spawn $args[0]: $!\n";
 106     my @result;
 107     if (wantarray) {
 108         @result = <$fh>;
 109     } else {
 110         local $/;
 111         @result = scalar(<$fh>);
 112     }
 113     close $fh;
 114     $? == 0 or return undef;
 115     if (wantarray) {
 116         return @result;
 117     } else {
 118         return $result[0];
 119     }
 120 }
 121
 122 my $keys_found = 0;
 123 my $keys_vulnerable = 0;
 124
 125 sub print_stats () {
 126     print STDERR "summary: keys found: $keys_found, weak keys: $keys_vulnerable\n";
 127 }
 128
 129 sub check_hash ($$) {
 130     my ($name, $hash) = @_;
 131     ++$keys_found;
 132     if (exists $db{$hash}) {
 133         ++$keys_vulnerable;
 134         print "$name: weak key\n";
 135     }
 136 }
 137
 138 sub ssh_fprint_file ($) {
 139     my $name = shift;
 140     my $data = safe_backtick qw/ssh-keygen -l -f/, $name;
 141     defined $data or return ();
 142     my @data = $data =~ /^(\d+) ([0-9a-f]{2}(?::[0-9a-f]{2}){15})/;
 143     return @data if @data == 2;
 144     return ();
 145 }
 146
 147 sub ssh_fprint_check ($$$) {
 148     my ($name, $length, $hash) = @_;
 149     if ($length == 1024 || $length == 2048) {
 150         $hash =~ y/://d;
 151         $hash =~ s/(..)/chr(hex($1))/ge;
 152         check_hash $name, $hash;
 153     } else {
 154         warn "$name: warning: no suitable blacklist\n";
 155     }
 156                       }
 157
 158 sub from_ssh_key_file ($) {
 159     my $name = shift;
 160     my ($length, $hash) = ssh_fprint_file $name;
 161     if ($length && $hash) {
 162         ssh_fprint_check "$name:1", $length, $hash;
 163     } else {
 164         warn "$name:1: warning: failed to parse SSH key file\n";
 165     }
 166 }
 167
 168 sub clear_tmp ($) {
 169     my $tmp = shift;
 170     seek $tmp, 0, 0 or die "seek: $!";
 171     truncate $tmp, 0 or die "truncate: $!";
 172 }
 173
 174 sub from_ssh_auth_file ($) {
 175     my $name = shift;
 176     my $auth;
 177     unless (open $auth, '<', $name) {
 178         warn "$name:0: error: open failed: $!\n";
 179         return;
 180     }
 181     my $tmp = new File::Temp;
 182     while (my $line = <$auth>) {
 183         chomp $line;
 184         next if $line =~ m/^\s*(#|$)/;
 185         my $lineno = $.;
 186         clear_tmp $tmp;
 187         print $tmp "$line\n" or die "print: $!";
 188         $tmp->flush;
 189         my ($length, $hash) = ssh_fprint_file "$tmp";
 190         if ($length && $hash) {
 191             ssh_fprint_check "$name:$lineno", $length, $hash;
 192         } else {
 193             warn "$name:$lineno: warning: unparsable line\n";
 194         }
 195     }
 196 }
 197
 198 sub from_openvpn_key ($) {
 199     my $name = shift;
 200     my $key;
 201     unless (open $key, '<', $name) {
 202         warn "$name:0: open failed: $!\n";
 203         return 1;
 204     }
 205
 206     my $marker;
 207     while (my $line = <$key>) {
 208         return 0 if $. > 10;
 209         if ($line =~ /^-----BEGIN OpenVPN Static key V1-----/) {
 210             $marker = 1;
 211         } elsif ($marker) {
 212             if ($line =~ /^([0-9a-f]{32})/) {
 213                 $line = $1;
 214                 $line =~ s/(..)/chr(hex($1))/ge;
 215                 check_hash "$name:$.", $line;
 216                 return 1;
 217             } else {
 218                 warn "$name:$.: warning: illegal OpenVPN file format\n";
 219                 return 1;
 220             }
 221         }
 222     }
 223 }
 224
 225 sub from_ssh_host (@) {
 226     my @names = @_;
 227     my @lines;
 228     push @lines, safe_backtick qw/ssh-keyscan -t rsa/, @names;
 229     push @lines, safe_backtick qw/ssh-keyscan -t dsa/, @names;
 230
 231     my $tmp = new File::Temp;
 232     for my $line (@lines) {
 233         next if $line =~ /^#/;
 234         my ($host, $data) = $line =~ /^(\S+) (.*)$/;
 235         clear_tmp $tmp;
 236         print $tmp "$data\n" or die "print: $!";
 237         $tmp->flush;
 238         my ($length, $hash) = ssh_fprint_file "$tmp";
 239         if ($length && $hash) {
 240             ssh_fprint_check "$host", $length, $hash;
 241         } else {
 242             warn "$host: warning: unparsable line\n";
 243         }
 244     }
 245 }
 246
 247 sub from_user ($) {
 248     my $user = shift;
 249     my ($name,$passwd,$uid,$gid,
 250         $quota,$comment,$gcos,$dir,$shell,$expire) = getpwnam($user);
 251     my $file = "$dir/.ssh/authorized_keys";
 252     from_ssh_auth_file $file if -r $file;
 253     $file = "$dir/.ssh/authorized_keys2";
 254     from_ssh_auth_file $file if -r $file;
 255     $file = "$dir/.ssh/known_hosts";
 256     from_ssh_auth_file $file if -r $file;
 257     $file = "$dir/.ssh/known_hosts2";
 258     from_ssh_auth_file $file if -r $file;
 259     $file = "$dir/.ssh/id_rsa.pub";
 260     from_ssh_key_file $file if -r $file;
 261     $file = "$dir/.ssh/id_dsa.pub";
 262     from_ssh_key_file $file if -r $file;
 263 }
 264
 265 sub from_user_all () {
 266     # This was one loop initially, but does not work with some Perl
 267     # versions.
 268     setpwent;
 269     my @names;
 270     while (my $name = getpwent) {
 271         push @names, $name;
 272     }
 273     endpwent;
 274     from_user $_ for @names;
 275 }
 276
 277 if (@ARGV && $ARGV[0] eq '-c') {
 278     shift @ARGV;
 279     $db_file = shift @ARGV if @ARGV;
 280 }
 281 if (@ARGV) {
 282     open_db;
 283     my $cmd = shift @ARGV;
 284     if ($cmd eq 'file') {
 285         for my $name (@ARGV) {
 286             next if from_openvpn_key $name;
 287             from_ssh_auth_file $name;
 288         }
 289     } elsif ($cmd eq 'host') {
 290         from_ssh_host @ARGV;
 291     } elsif ($cmd eq 'user') {
 292         if (@ARGV) {
 293             from_user $_ for @ARGV;
 294         } else {
 295             from_user_all;
 296         }
 297     } elsif ($cmd eq 'help') {
 298         help;
 299         exit 0;
 300     } else {
 301         die "error: invalid command, use \"help\" to get help\n";
 302     }
 303     print_stats;
 304 } else {
 305     help;
 306     exit 1;
 307 }
 308
 309 my %hash;
 310
 311 __DATA__