updated openssl plugin to new private/public key API, use encoder framework
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_ec_public_key.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Copyright (C) 2008 Tobias Brunner
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "openssl_ec_public_key.h"
18 #include "openssl_util.h"
19
20 #include <debug.h>
21
22 #include <openssl/evp.h>
23 #include <openssl/ecdsa.h>
24 #include <openssl/x509.h>
25
26 typedef struct private_openssl_ec_public_key_t private_openssl_ec_public_key_t;
27
28 /**
29 * Private data structure with signing context.
30 */
31 struct private_openssl_ec_public_key_t {
32 /**
33 * Public interface for this signer.
34 */
35 openssl_ec_public_key_t public;
36
37 /**
38 * EC key object
39 */
40 EC_KEY *ec;
41
42 /**
43 * reference counter
44 */
45 refcount_t ref;
46 };
47
48 /**
49 * Convert a chunk to an ECDSA_SIG (which must already exist). r and s
50 * of the signature have to be concatenated in the chunk.
51 */
52 static bool chunk2sig(const EC_GROUP *group, chunk_t chunk, ECDSA_SIG *sig)
53 {
54 return openssl_bn_split(chunk, sig->r, sig->s);
55 }
56
57 /**
58 * Verification of a signature as in RFC 4754
59 */
60 static bool verify_signature(private_openssl_ec_public_key_t *this,
61 int hash_type, chunk_t data, chunk_t signature)
62 {
63 chunk_t hash = chunk_empty;
64 ECDSA_SIG *sig;
65 bool valid = FALSE;
66
67 if (hash_type == NID_undef)
68 {
69 hash = data;
70 }
71 else
72 {
73 if (!openssl_hash_chunk(hash_type, data, &hash))
74 {
75 return FALSE;
76 }
77 }
78
79 sig = ECDSA_SIG_new();
80 if (!sig)
81 {
82 goto error;
83 }
84
85 if (!chunk2sig(EC_KEY_get0_group(this->ec), signature, sig))
86 {
87 goto error;
88 }
89 valid = (ECDSA_do_verify(hash.ptr, hash.len, sig, this->ec) == 1);
90
91 error:
92 if (sig)
93 {
94 ECDSA_SIG_free(sig);
95 }
96 if (hash_type != NID_undef)
97 {
98 chunk_free(&hash);
99 }
100 return valid;
101 }
102
103
104 /**
105 * Verification of the default signature using SHA-1
106 */
107 static bool verify_default_signature(private_openssl_ec_public_key_t *this,
108 chunk_t data, chunk_t signature)
109 {
110 bool valid = FALSE;
111 chunk_t hash = chunk_empty;
112 u_char *p;
113 ECDSA_SIG *sig;
114
115 /* remove any preceding 0-bytes from signature */
116 while (signature.len && *(signature.ptr) == 0x00)
117 {
118 signature.len -= 1;
119 signature.ptr++;
120 }
121
122 p = signature.ptr;
123 sig = d2i_ECDSA_SIG(NULL, (const u_char**)&p, signature.len);
124 if (!sig)
125 {
126 return FALSE;
127 }
128
129 if (!openssl_hash_chunk(NID_sha1, data, &hash))
130 {
131 goto error;
132 }
133
134 valid = (ECDSA_do_verify(hash.ptr, hash.len, sig, this->ec) == 1);
135
136 error:
137 if (sig)
138 {
139 ECDSA_SIG_free(sig);
140 }
141 chunk_free(&hash);
142 return valid;
143 }
144
145 /**
146 * Implementation of public_key_t.get_type.
147 */
148 static key_type_t get_type(private_openssl_ec_public_key_t *this)
149 {
150 return KEY_ECDSA;
151 }
152
153 /**
154 * Implementation of public_key_t.verify.
155 */
156 static bool verify(private_openssl_ec_public_key_t *this, signature_scheme_t scheme,
157 chunk_t data, chunk_t signature)
158 {
159 switch (scheme)
160 {
161 case SIGN_ECDSA_WITH_NULL:
162 return verify_signature(this, NID_undef, data, signature);
163 case SIGN_ECDSA_WITH_SHA1:
164 return verify_default_signature(this, data, signature);
165 case SIGN_ECDSA_256:
166 return verify_signature(this, NID_sha256, data, signature);
167 case SIGN_ECDSA_384:
168 return verify_signature(this, NID_sha384, data, signature);
169 case SIGN_ECDSA_521:
170 return verify_signature(this, NID_sha512, data, signature);
171 default:
172 DBG1("signature scheme %N not supported in EC",
173 signature_scheme_names, scheme);
174 return FALSE;
175 }
176 }
177
178 /**
179 * Implementation of public_key_t.get_keysize.
180 */
181 static bool encrypt_(private_openssl_ec_public_key_t *this,
182 chunk_t crypto, chunk_t *plain)
183 {
184 DBG1("EC public key encryption not implemented");
185 return FALSE;
186 }
187
188 /**
189 * Implementation of public_key_t.get_keysize.
190 */
191 static size_t get_keysize(private_openssl_ec_public_key_t *this)
192 {
193 return EC_FIELD_ELEMENT_LEN(EC_KEY_get0_group(this->ec));
194 }
195
196 /**
197 * Implementation of private_key_t.get_fingerprint.
198 */
199 static bool get_fingerprint(private_openssl_ec_public_key_t *this,
200 key_encoding_type_t type, chunk_t *fingerprint)
201 {
202 chunk_t key;
203 u_char *p;
204 bool success;
205
206 if (lib->encoding->get_cache(lib->encoding, type, this, fingerprint))
207 {
208 return TRUE;
209 }
210 key = chunk_alloc(i2d_EC_PUBKEY(this->ec, NULL));
211 p = key.ptr;
212 i2d_EC_PUBKEY(this->ec, &p);
213 success = lib->encoding->encode(lib->encoding, type, this, fingerprint,
214 KEY_PART_ECDSA_PUB_ASN1_DER, key, KEY_PART_END);
215 free(key.ptr);
216 return success;
217 }
218
219 /**
220 * Implementation of private_key_t.get_encoding.
221 */
222 static bool get_encoding(private_openssl_ec_public_key_t *this,
223 key_encoding_type_t type, chunk_t *encoding)
224 {
225 chunk_t key;
226 u_char *p;
227 bool success;
228
229 key = chunk_alloc(i2d_EC_PUBKEY(this->ec, NULL));
230 p = key.ptr;
231 i2d_EC_PUBKEY(this->ec, &p);
232 success = lib->encoding->encode(lib->encoding, type, NULL, encoding,
233 KEY_PART_ECDSA_PUB_ASN1_DER, key, KEY_PART_END);
234 free(key.ptr);
235 return success;
236 }
237
238 /**
239 * Implementation of public_key_t.get_ref.
240 */
241 static public_key_t* get_ref(private_openssl_ec_public_key_t *this)
242 {
243 ref_get(&this->ref);
244 return &this->public.interface;
245 }
246
247 /**
248 * Implementation of openssl_ec_public_key.destroy.
249 */
250 static void destroy(private_openssl_ec_public_key_t *this)
251 {
252 if (ref_put(&this->ref))
253 {
254 if (this->ec)
255 {
256 EC_KEY_free(this->ec);
257 }
258 lib->encoding->clear_cache(lib->encoding, this);
259 free(this);
260 }
261 }
262
263 /**
264 * Generic private constructor
265 */
266 static private_openssl_ec_public_key_t *create_empty()
267 {
268 private_openssl_ec_public_key_t *this = malloc_thing(private_openssl_ec_public_key_t);
269
270 this->public.interface.get_type = (key_type_t (*)(public_key_t *this))get_type;
271 this->public.interface.verify = (bool (*)(public_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t signature))verify;
272 this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
273 this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
274 this->public.interface.equals = public_key_equals;
275 this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
276 this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
277 this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref;
278 this->public.interface.destroy = (void (*)(public_key_t *this))destroy;
279
280 this->ec = NULL;
281 this->ref = 1;
282
283 return this;
284 }
285
286 /**
287 * Load a public key from an ASN1 encoded blob
288 */
289 static openssl_ec_public_key_t *load(chunk_t blob)
290 {
291 private_openssl_ec_public_key_t *this = create_empty();
292 u_char *p = blob.ptr;
293
294 this->ec = d2i_EC_PUBKEY(NULL, (const u_char**)&p, blob.len);
295
296 if (!this->ec)
297 {
298 destroy(this);
299 return NULL;
300 }
301 return &this->public;
302 }
303
304 typedef struct private_builder_t private_builder_t;
305
306 /**
307 * Builder implementation for key loading
308 */
309 struct private_builder_t {
310 /** implements the builder interface */
311 builder_t public;
312 /** loaded public key */
313 openssl_ec_public_key_t *key;
314 };
315
316 /**
317 * Implementation of builder_t.build
318 */
319 static openssl_ec_public_key_t *build(private_builder_t *this)
320 {
321 openssl_ec_public_key_t *key = this->key;
322
323 free(this);
324 return key;
325 }
326
327 /**
328 * Implementation of builder_t.add
329 */
330 static void add(private_builder_t *this, builder_part_t part, ...)
331 {
332 if (!this->key)
333 {
334 va_list args;
335
336 switch (part)
337 {
338 case BUILD_BLOB_ASN1_DER:
339 {
340 va_start(args, part);
341 this->key = load(va_arg(args, chunk_t));
342 va_end(args);
343 return;
344 }
345 default:
346 break;
347 }
348 }
349 if (this->key)
350 {
351 destroy((private_openssl_ec_public_key_t*)this->key);
352 }
353 builder_cancel(&this->public);
354 }
355
356 /**
357 * Builder construction function
358 */
359 builder_t *openssl_ec_public_key_builder(key_type_t type)
360 {
361 private_builder_t *this;
362
363 if (type != KEY_ECDSA)
364 {
365 return NULL;
366 }
367
368 this = malloc_thing(private_builder_t);
369
370 this->key = NULL;
371 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
372 this->public.build = (void*(*)(builder_t *this))build;
373
374 return &this->public;
375 }
376