3ffa9b98d50b0508310bfa31bc40ecb490072f2f
[strongswan.git] / src / libstrongswan / credentials / keys / public_key.c
1 /*
2 * Copyright (C) 2015 Tobias Brunner
3 * Copyright (C) 2007 Martin Willi
4 * Copyright (C) 2014-2015 Andreas Steffen
5 * HSR Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include <asn1/oid.h>
19
20 #include "public_key.h"
21
22 ENUM(key_type_names, KEY_ANY, KEY_BLISS,
23 "ANY",
24 "RSA",
25 "ECDSA",
26 "DSA",
27 "BLISS"
28 );
29
30 ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA512,
31 "UNKNOWN",
32 "RSA_EMSA_PKCS1_NULL",
33 "RSA_EMSA_PKCS1_MD5",
34 "RSA_EMSA_PKCS1_SHA1",
35 "RSA_EMSA_PKCS1_SHA224",
36 "RSA_EMSA_PKCS1_SHA256",
37 "RSA_EMSA_PKCS1_SHA384",
38 "RSA_EMSA_PKCS1_SHA512",
39 "ECDSA_WITH_SHA1_DER",
40 "ECDSA_WITH_SHA256_DER",
41 "ECDSA_WITH_SHA384_DER",
42 "ECDSA_WITH_SHA512_DER",
43 "ECDSA_WITH_NULL",
44 "ECDSA-256",
45 "ECDSA-384",
46 "ECDSA-521",
47 "BLISS_WITH_SHA256",
48 "BLISS_WITH_SHA384",
49 "BLISS_WITH_SHA512",
50 "BLISS_WITH_SHA3_256",
51 "BLISS_WITH_SHA3_384",
52 "BLISS_WITH_SHA3_512",
53 );
54
55 ENUM(encryption_scheme_names, ENCRYPT_UNKNOWN, ENCRYPT_RSA_OAEP_SHA512,
56 "ENCRYPT_UNKNOWN",
57 "ENCRYPT_RSA_PKCS1",
58 "ENCRYPT_RSA_OAEP_SHA1",
59 "ENCRYPT_RSA_OAEP_SHA224",
60 "ENCRYPT_RSA_OAEP_SHA256",
61 "ENCRYPT_RSA_OAEP_SHA384",
62 "ENCRYPT_RSA_OAEP_SHA512",
63 );
64
65 /**
66 * See header.
67 */
68 bool public_key_equals(public_key_t *this, public_key_t *other)
69 {
70 cred_encoding_type_t type;
71 chunk_t a, b;
72
73 if (this == other)
74 {
75 return TRUE;
76 }
77
78 for (type = 0; type < CRED_ENCODING_MAX; type++)
79 {
80 if (this->get_fingerprint(this, type, &a) &&
81 other->get_fingerprint(other, type, &b))
82 {
83 return chunk_equals(a, b);
84 }
85 }
86 return FALSE;
87 }
88
89 /**
90 * See header.
91 */
92 bool public_key_has_fingerprint(public_key_t *public, chunk_t fingerprint)
93 {
94 cred_encoding_type_t type;
95 chunk_t current;
96
97 for (type = 0; type < KEYID_MAX; type++)
98 {
99 if (public->get_fingerprint(public, type, &current) &&
100 chunk_equals(current, fingerprint))
101 {
102 return TRUE;
103 }
104 }
105 return FALSE;
106 }
107
108 /*
109 * Defined in header.
110 */
111 signature_scheme_t signature_scheme_from_oid(int oid)
112 {
113 switch (oid)
114 {
115 case OID_MD5_WITH_RSA:
116 case OID_MD5:
117 return SIGN_RSA_EMSA_PKCS1_MD5;
118 case OID_SHA1_WITH_RSA:
119 case OID_SHA1:
120 return SIGN_RSA_EMSA_PKCS1_SHA1;
121 case OID_SHA224_WITH_RSA:
122 case OID_SHA224:
123 return SIGN_RSA_EMSA_PKCS1_SHA224;
124 case OID_SHA256_WITH_RSA:
125 case OID_SHA256:
126 return SIGN_RSA_EMSA_PKCS1_SHA256;
127 case OID_SHA384_WITH_RSA:
128 case OID_SHA384:
129 return SIGN_RSA_EMSA_PKCS1_SHA384;
130 case OID_SHA512_WITH_RSA:
131 case OID_SHA512:
132 return SIGN_RSA_EMSA_PKCS1_SHA512;
133 case OID_ECDSA_WITH_SHA1:
134 case OID_EC_PUBLICKEY:
135 return SIGN_ECDSA_WITH_SHA1_DER;
136 case OID_ECDSA_WITH_SHA256:
137 return SIGN_ECDSA_WITH_SHA256_DER;
138 case OID_ECDSA_WITH_SHA384:
139 return SIGN_ECDSA_WITH_SHA384_DER;
140 case OID_ECDSA_WITH_SHA512:
141 return SIGN_ECDSA_WITH_SHA512_DER;
142 case OID_BLISS_PUBLICKEY:
143 case OID_BLISS_WITH_SHA512:
144 return SIGN_BLISS_WITH_SHA512;
145 case OID_BLISS_WITH_SHA384:
146 return SIGN_BLISS_WITH_SHA384;
147 case OID_BLISS_WITH_SHA256:
148 return SIGN_BLISS_WITH_SHA256;
149 case OID_BLISS_WITH_SHA3_512:
150 return SIGN_BLISS_WITH_SHA3_512;
151 case OID_BLISS_WITH_SHA3_384:
152 return SIGN_BLISS_WITH_SHA3_384;
153 case OID_BLISS_WITH_SHA3_256:
154 return SIGN_BLISS_WITH_SHA3_256;
155 }
156 return SIGN_UNKNOWN;
157 }
158
159 /*
160 * Defined in header.
161 */
162 int signature_scheme_to_oid(signature_scheme_t scheme)
163 {
164 switch (scheme)
165 {
166 case SIGN_UNKNOWN:
167 case SIGN_RSA_EMSA_PKCS1_NULL:
168 case SIGN_ECDSA_WITH_NULL:
169 case SIGN_ECDSA_256:
170 case SIGN_ECDSA_384:
171 case SIGN_ECDSA_521:
172 break;
173 case SIGN_RSA_EMSA_PKCS1_MD5:
174 return OID_MD5_WITH_RSA;
175 case SIGN_RSA_EMSA_PKCS1_SHA1:
176 return OID_SHA1_WITH_RSA;
177 case SIGN_RSA_EMSA_PKCS1_SHA224:
178 return OID_SHA224_WITH_RSA;
179 case SIGN_RSA_EMSA_PKCS1_SHA256:
180 return OID_SHA256_WITH_RSA;
181 case SIGN_RSA_EMSA_PKCS1_SHA384:
182 return OID_SHA384_WITH_RSA;
183 case SIGN_RSA_EMSA_PKCS1_SHA512:
184 return OID_SHA512_WITH_RSA;
185 case SIGN_ECDSA_WITH_SHA1_DER:
186 return OID_ECDSA_WITH_SHA1;
187 case SIGN_ECDSA_WITH_SHA256_DER:
188 return OID_ECDSA_WITH_SHA256;
189 case SIGN_ECDSA_WITH_SHA384_DER:
190 return OID_ECDSA_WITH_SHA384;
191 case SIGN_ECDSA_WITH_SHA512_DER:
192 return OID_ECDSA_WITH_SHA512;
193 case SIGN_BLISS_WITH_SHA256:
194 return OID_BLISS_WITH_SHA256;
195 case SIGN_BLISS_WITH_SHA384:
196 return OID_BLISS_WITH_SHA384;
197 case SIGN_BLISS_WITH_SHA512:
198 return OID_BLISS_WITH_SHA512;
199 case SIGN_BLISS_WITH_SHA3_256:
200 return OID_BLISS_WITH_SHA3_256;
201 case SIGN_BLISS_WITH_SHA3_384:
202 return OID_BLISS_WITH_SHA3_384;
203 case SIGN_BLISS_WITH_SHA3_512:
204 return OID_BLISS_WITH_SHA3_512;
205 }
206 return OID_UNKNOWN;
207 }
208
209 /**
210 * Map for signature schemes to the key type and maximum key size allowed.
211 * We only cover schemes with hash algorithms supported by IKEv2 signature
212 * authentication.
213 */
214 static struct {
215 signature_scheme_t scheme;
216 key_type_t type;
217 int max_keysize;
218 } scheme_map[] = {
219 { SIGN_RSA_EMSA_PKCS1_SHA256, KEY_RSA, 3072 },
220 { SIGN_RSA_EMSA_PKCS1_SHA384, KEY_RSA, 7680 },
221 { SIGN_RSA_EMSA_PKCS1_SHA512, KEY_RSA, 0 },
222 { SIGN_ECDSA_WITH_SHA256_DER, KEY_ECDSA, 256 },
223 { SIGN_ECDSA_WITH_SHA384_DER, KEY_ECDSA, 384 },
224 { SIGN_ECDSA_WITH_SHA512_DER, KEY_ECDSA, 0 },
225 { SIGN_BLISS_WITH_SHA256, KEY_BLISS, 128 },
226 { SIGN_BLISS_WITH_SHA384, KEY_BLISS, 192 },
227 { SIGN_BLISS_WITH_SHA512, KEY_BLISS, 0 },
228 };
229
230 /**
231 * Private data for signature scheme enumerator
232 */
233 typedef struct {
234 enumerator_t public;
235 int index;
236 key_type_t type;
237 int size;
238 } private_enumerator_t;
239
240 METHOD(enumerator_t, signature_schemes_enumerate, bool,
241 private_enumerator_t *this, signature_scheme_t *scheme)
242 {
243 while (++this->index < countof(scheme_map))
244 {
245 if (this->type == scheme_map[this->index].type &&
246 (this->size <= scheme_map[this->index].max_keysize ||
247 !scheme_map[this->index].max_keysize))
248 {
249 *scheme = scheme_map[this->index].scheme;
250 return TRUE;
251 }
252 }
253 return FALSE;
254 }
255
256 /*
257 * Defined in header.
258 */
259 enumerator_t *signature_schemes_for_key(key_type_t type, int size)
260 {
261 private_enumerator_t *this;
262
263 INIT(this,
264 .public = {
265 .enumerate = (void*)_signature_schemes_enumerate,
266 .destroy = (void*)free,
267 },
268 .index = -1,
269 .type = type,
270 .size = size,
271 );
272
273 return &this->public;
274 }
275
276 /*
277 * Defined in header.
278 */
279 key_type_t key_type_from_signature_scheme(signature_scheme_t scheme)
280 {
281 switch (scheme)
282 {
283 case SIGN_UNKNOWN:
284 break;
285 case SIGN_RSA_EMSA_PKCS1_NULL:
286 case SIGN_RSA_EMSA_PKCS1_MD5:
287 case SIGN_RSA_EMSA_PKCS1_SHA1:
288 case SIGN_RSA_EMSA_PKCS1_SHA224:
289 case SIGN_RSA_EMSA_PKCS1_SHA256:
290 case SIGN_RSA_EMSA_PKCS1_SHA384:
291 case SIGN_RSA_EMSA_PKCS1_SHA512:
292 return KEY_RSA;
293 case SIGN_ECDSA_WITH_SHA1_DER:
294 case SIGN_ECDSA_WITH_SHA256_DER:
295 case SIGN_ECDSA_WITH_SHA384_DER:
296 case SIGN_ECDSA_WITH_SHA512_DER:
297 case SIGN_ECDSA_WITH_NULL:
298 case SIGN_ECDSA_256:
299 case SIGN_ECDSA_384:
300 case SIGN_ECDSA_521:
301 return KEY_ECDSA;
302 case SIGN_BLISS_WITH_SHA256:
303 case SIGN_BLISS_WITH_SHA384:
304 case SIGN_BLISS_WITH_SHA512:
305 case SIGN_BLISS_WITH_SHA3_256:
306 case SIGN_BLISS_WITH_SHA3_384:
307 case SIGN_BLISS_WITH_SHA3_512:
308 return KEY_BLISS;
309 }
310 return KEY_ANY;
311 }