becef184177f9c1b9035a8cf6db9572e87f6d4f7
[strongswan.git] / src / charon / sa / authenticators / rsa_authenticator.c
1 /*
2 * Copyright (C) 2005-2006 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 *
16 * $Id$
17 */
18
19 #include <string.h>
20
21 #include "rsa_authenticator.h"
22
23 #include <daemon.h>
24 #include <credentials/auth_info.h>
25
26
27 typedef struct private_rsa_authenticator_t private_rsa_authenticator_t;
28
29 /**
30 * Private data of an rsa_authenticator_t object.
31 */
32 struct private_rsa_authenticator_t {
33
34 /**
35 * Public authenticator_t interface.
36 */
37 rsa_authenticator_t public;
38
39 /**
40 * Assigned IKE_SA
41 */
42 ike_sa_t *ike_sa;
43 };
44
45 /**
46 * Function implemented in psk_authenticator.c
47 */
48 extern chunk_t build_tbs_octets(chunk_t ike_sa_init, chunk_t nonce,
49 identification_t *id, prf_t *prf);
50
51 /**
52 * Implementation of authenticator_t.verify.
53 */
54 static status_t verify(private_rsa_authenticator_t *this, chunk_t ike_sa_init,
55 chunk_t my_nonce, auth_payload_t *auth_payload)
56 {
57 public_key_t *public;
58 chunk_t auth_data, octets;
59 identification_t *other_id;
60 prf_t *prf;
61 auth_info_t *auth;
62 status_t status = FAILED;
63
64 other_id = this->ike_sa->get_other_id(this->ike_sa);
65
66 if (auth_payload->get_auth_method(auth_payload) != AUTH_RSA)
67 {
68 return INVALID_ARG;
69 }
70 auth_data = auth_payload->get_data(auth_payload);
71 prf = this->ike_sa->get_prf(this->ike_sa);
72 prf->set_key(prf, this->ike_sa->get_skp_verify(this->ike_sa));
73 octets = build_tbs_octets(ike_sa_init, my_nonce, other_id, prf);
74
75 auth = this->ike_sa->get_other_auth(this->ike_sa);
76 public = charon->credentials->get_public(charon->credentials, KEY_RSA,
77 other_id, auth);
78 if (public)
79 {
80 /* We are currently fixed to SHA1 hashes.
81 * TODO: allow other hash algorithms and note it in "auth" */
82 if (public->verify(public, SIGN_RSA_EMSA_PKCS1_SHA1, octets, auth_data))
83 {
84 DBG1(DBG_IKE, "authentication of %D with %N successful",
85 other_id, auth_method_names, AUTH_RSA);
86 status = SUCCESS;
87 }
88 public->destroy(public);
89 }
90 else
91 {
92 DBG1(DBG_IKE, "no trusted public key found for %D", other_id);
93 }
94 chunk_free(&octets);
95 return status;
96 }
97
98 /**
99 * Implementation of authenticator_t.build.
100 */
101 static status_t build(private_rsa_authenticator_t *this, chunk_t ike_sa_init,
102 chunk_t other_nonce, auth_payload_t **auth_payload)
103 {
104 chunk_t octets, auth_data;
105 status_t status = FAILED;
106 private_key_t *private;
107 identification_t *my_id;
108 prf_t *prf;
109 auth_info_t *auth;
110
111 my_id = this->ike_sa->get_my_id(this->ike_sa);
112 DBG1(DBG_IKE, "authentication of %D (myself) with %N",
113 my_id, auth_method_names, AUTH_RSA);
114
115 auth = this->ike_sa->get_my_auth(this->ike_sa);
116 private = charon->credentials->get_private(charon->credentials, KEY_RSA,
117 my_id, auth);
118 if (private == NULL)
119 {
120 DBG1(DBG_IKE, "no RSA private key found for %D", my_id);
121 return NOT_FOUND;
122 }
123 prf = this->ike_sa->get_prf(this->ike_sa);
124 prf->set_key(prf, this->ike_sa->get_skp_build(this->ike_sa));
125 octets = build_tbs_octets(ike_sa_init, other_nonce, my_id, prf);
126 /* we currently use always SHA1 for signatures,
127 * TODO: support other hashes depending on configuration/auth */
128 if (private->sign(private, SIGN_RSA_EMSA_PKCS1_SHA1, octets, &auth_data))
129 {
130 auth_payload_t *payload = auth_payload_create();
131 payload->set_auth_method(payload, AUTH_RSA);
132 payload->set_data(payload, auth_data);
133 *auth_payload = payload;
134 chunk_free(&auth_data);
135 status = SUCCESS;
136 DBG2(DBG_IKE, "successfully signed with RSA private key");
137 }
138 else
139 {
140 DBG1(DBG_IKE, "building RSA signature failed");
141 }
142 chunk_free(&octets);
143 private->destroy(private);
144
145 return status;
146 }
147
148 /**
149 * Implementation of authenticator_t.destroy.
150 */
151 static void destroy(private_rsa_authenticator_t *this)
152 {
153 free(this);
154 }
155
156 /*
157 * Described in header.
158 */
159 rsa_authenticator_t *rsa_authenticator_create(ike_sa_t *ike_sa)
160 {
161 private_rsa_authenticator_t *this = malloc_thing(private_rsa_authenticator_t);
162
163 /* public functions */
164 this->public.authenticator_interface.verify = (status_t(*)(authenticator_t*,chunk_t,chunk_t,auth_payload_t*))verify;
165 this->public.authenticator_interface.build = (status_t(*)(authenticator_t*,chunk_t,chunk_t,auth_payload_t**))build;
166 this->public.authenticator_interface.destroy = (void(*)(authenticator_t*))destroy;
167
168 /* private data */
169 this->ike_sa = ike_sa;
170
171 return &this->public;
172 }