19aad06bf4ddd1e4ae010f78f44323be5938dbef
[strongswan.git] / src / charon / sa / authenticators / rsa_authenticator.c
1 /**
2 * @file rsa_authenticator.c
3 *
4 * @brief Implementation of rsa_authenticator_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005-2006 Martin Willi
10 * Copyright (C) 2005 Jan Hutter
11 * Hochschule fuer Technik Rapperswil
12 *
13 * This program is free software; you can redistribute it and/or modify it
14 * under the terms of the GNU General Public License as published by the
15 * Free Software Foundation; either version 2 of the License, or (at your
16 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 *
18 * This program is distributed in the hope that it will be useful, but
19 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
20 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
21 * for more details.
22 */
23
24 #include <string.h>
25
26 #include "rsa_authenticator.h"
27
28 #include <daemon.h>
29
30
31 typedef struct private_rsa_authenticator_t private_rsa_authenticator_t;
32
33 /**
34 * Private data of an rsa_authenticator_t object.
35 */
36 struct private_rsa_authenticator_t {
37
38 /**
39 * Public authenticator_t interface.
40 */
41 rsa_authenticator_t public;
42
43 /**
44 * Assigned IKE_SA
45 */
46 ike_sa_t *ike_sa;
47 };
48
49 /**
50 * Function implemented in psk_authenticator.c
51 */
52 extern chunk_t build_tbs_octets(chunk_t ike_sa_init, chunk_t nonce,
53 identification_t *id, prf_t *prf);
54
55 /**
56 * Implementation of authenticator_t.verify.
57 */
58 static status_t verify(private_rsa_authenticator_t *this, chunk_t ike_sa_init,
59 chunk_t my_nonce, auth_payload_t *auth_payload)
60 {
61 status_t status;
62 chunk_t auth_data, octets;
63 rsa_public_key_t *public_key;
64 identification_t *other_id;
65 prf_t *prf;
66
67 other_id = this->ike_sa->get_other_id(this->ike_sa);
68
69 if (auth_payload->get_auth_method(auth_payload) != AUTH_RSA)
70 {
71 return INVALID_ARG;
72 }
73 auth_data = auth_payload->get_data(auth_payload);
74 public_key = charon->credentials->get_trusted_public_key(charon->credentials,
75 other_id);
76 if (public_key == NULL)
77 {
78 DBG1(DBG_IKE, "no RSA public key found for '%D'", other_id);
79 return NOT_FOUND;
80 }
81 prf = this->ike_sa->get_prf(this->ike_sa);
82 prf->set_key(prf, this->ike_sa->get_skp_verify(this->ike_sa));
83 octets = build_tbs_octets(ike_sa_init, my_nonce, other_id, prf);
84 status = public_key->verify_emsa_pkcs1_signature(public_key, octets, auth_data);
85 chunk_free(&octets);
86
87 if (status != SUCCESS)
88 {
89 DBG1(DBG_IKE, "RSA signature verification failed");
90 return status;
91 }
92
93 DBG1(DBG_IKE, "authentication of '%D' with %N successful",
94 other_id, auth_method_names, AUTH_RSA);
95 return SUCCESS;
96 }
97
98 /**
99 * Implementation of authenticator_t.build.
100 */
101 static status_t build(private_rsa_authenticator_t *this, chunk_t ike_sa_init,
102 chunk_t other_nonce, auth_payload_t **auth_payload)
103 {
104 chunk_t chunk;
105 chunk_t octets;
106 chunk_t auth_data;
107 status_t status;
108 rsa_public_key_t *my_pubkey;
109 rsa_private_key_t *my_key;
110 identification_t *my_id;
111 prf_t *prf;
112
113 my_id = this->ike_sa->get_my_id(this->ike_sa);
114 DBG1(DBG_IKE, "authentication of '%D' (myself) with %N",
115 my_id, auth_method_names, AUTH_RSA);
116 DBG2(DBG_IKE, "looking for RSA public key belonging to '%D'", my_id);
117
118 my_pubkey = charon->credentials->get_rsa_public_key(charon->credentials, my_id);
119 if (my_pubkey == NULL)
120 {
121 DBG1(DBG_IKE, "no RSA public key found for '%D'", my_id);
122 return NOT_FOUND;
123 }
124 DBG2(DBG_IKE, "matching RSA public key found");
125 chunk = my_pubkey->get_keyid(my_pubkey);
126 DBG2(DBG_IKE, "looking for RSA private key with keyid %#B", &chunk);
127 my_key = charon->credentials->get_rsa_private_key(charon->credentials, my_pubkey);
128 if (my_key == NULL)
129 {
130 DBG1(DBG_IKE, "no RSA private key found with for %D with keyid %#B",
131 my_id, &chunk);
132 return NOT_FOUND;
133 }
134 DBG2(DBG_IKE, "matching RSA private key found");
135
136 prf = this->ike_sa->get_prf(this->ike_sa);
137 prf->set_key(prf, this->ike_sa->get_skp_build(this->ike_sa));
138 octets = build_tbs_octets(ike_sa_init, other_nonce, my_id, prf);
139 status = my_key->build_emsa_pkcs1_signature(my_key, HASH_SHA1, octets, &auth_data);
140 chunk_free(&octets);
141
142 if (status != SUCCESS)
143 {
144 my_key->destroy(my_key);
145 DBG1(DBG_IKE, "build signature of SHA1 hash failed");
146 return status;
147 }
148 DBG2(DBG_IKE, "successfully signed with RSA private key");
149
150 *auth_payload = auth_payload_create();
151 (*auth_payload)->set_auth_method(*auth_payload, AUTH_RSA);
152 (*auth_payload)->set_data(*auth_payload, auth_data);
153
154 my_key->destroy(my_key);
155 chunk_free(&auth_data);
156 return SUCCESS;
157 }
158
159 /**
160 * Implementation of authenticator_t.destroy.
161 */
162 static void destroy(private_rsa_authenticator_t *this)
163 {
164 free(this);
165 }
166
167 /*
168 * Described in header.
169 */
170 rsa_authenticator_t *rsa_authenticator_create(ike_sa_t *ike_sa)
171 {
172 private_rsa_authenticator_t *this = malloc_thing(private_rsa_authenticator_t);
173
174 /* public functions */
175 this->public.authenticator_interface.verify = (status_t(*)(authenticator_t*,chunk_t,chunk_t,auth_payload_t*))verify;
176 this->public.authenticator_interface.build = (status_t(*)(authenticator_t*,chunk_t,chunk_t,auth_payload_t**))build;
177 this->public.authenticator_interface.destroy = (void(*)(authenticator_t*))destroy;
178
179 /* private data */
180 this->ike_sa = ike_sa;
181
182 return &this->public;
183 }