0568b6e17396b5de648a6222a42445e24805b150
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_rsa_private_key.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Copyright (C) 2008 Tobias Brunner
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "openssl_rsa_private_key.h"
18 #include "openssl_rsa_public_key.h"
19
20 #include <debug.h>
21
22 #include <openssl/evp.h>
23 #include <openssl/rsa.h>
24 #include <openssl/engine.h>
25
26 /**
27 * Public exponent to use for key generation.
28 */
29 #define PUBLIC_EXPONENT 0x10001
30
31 typedef struct private_openssl_rsa_private_key_t private_openssl_rsa_private_key_t;
32
33 /**
34 * Private data of a openssl_rsa_private_key_t object.
35 */
36 struct private_openssl_rsa_private_key_t {
37 /**
38 * Public interface for this signer.
39 */
40 openssl_rsa_private_key_t public;
41
42 /**
43 * RSA object from OpenSSL
44 */
45 RSA *rsa;
46
47 /**
48 * TRUE if the key is from an OpenSSL ENGINE and might not be readable
49 */
50 bool engine;
51
52 /**
53 * reference count
54 */
55 refcount_t ref;
56 };
57
58 /* implemented in rsa public key */
59 bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp);
60
61 /**
62 * Build an EMPSA PKCS1 signature described in PKCS#1
63 */
64 static bool build_emsa_pkcs1_signature(private_openssl_rsa_private_key_t *this,
65 int type, chunk_t data, chunk_t *sig)
66 {
67 bool success = FALSE;
68
69 *sig = chunk_alloc(RSA_size(this->rsa));
70
71 if (type == NID_undef)
72 {
73 if (RSA_private_encrypt(data.len, data.ptr, sig->ptr, this->rsa,
74 RSA_PKCS1_PADDING) == sig->len)
75 {
76 success = TRUE;
77 }
78 }
79 else
80 {
81 EVP_MD_CTX *ctx;
82 EVP_PKEY *key;
83 const EVP_MD *hasher;
84 u_int len;
85
86 hasher = EVP_get_digestbynid(type);
87 if (!hasher)
88 {
89 return FALSE;
90 }
91
92 ctx = EVP_MD_CTX_create();
93 key = EVP_PKEY_new();
94 if (!ctx || !key)
95 {
96 goto error;
97 }
98 if (!EVP_PKEY_set1_RSA(key, this->rsa))
99 {
100 goto error;
101 }
102 if (!EVP_SignInit_ex(ctx, hasher, NULL))
103 {
104 goto error;
105 }
106 if (!EVP_SignUpdate(ctx, data.ptr, data.len))
107 {
108 goto error;
109 }
110 if (EVP_SignFinal(ctx, sig->ptr, &len, key))
111 {
112 success = TRUE;
113 }
114
115 error:
116 if (key)
117 {
118 EVP_PKEY_free(key);
119 }
120 if (ctx)
121 {
122 EVP_MD_CTX_destroy(ctx);
123 }
124 }
125 if (!success)
126 {
127 free(sig->ptr);
128 }
129 return success;
130 }
131
132 /**
133 * Implementation of openssl_rsa_private_key.get_type.
134 */
135 static key_type_t get_type(private_openssl_rsa_private_key_t *this)
136 {
137 return KEY_RSA;
138 }
139
140 /**
141 * Implementation of openssl_rsa_private_key.sign.
142 */
143 static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t scheme,
144 chunk_t data, chunk_t *signature)
145 {
146 switch (scheme)
147 {
148 case SIGN_RSA_EMSA_PKCS1_NULL:
149 return build_emsa_pkcs1_signature(this, NID_undef, data, signature);
150 case SIGN_RSA_EMSA_PKCS1_SHA1:
151 return build_emsa_pkcs1_signature(this, NID_sha1, data, signature);
152 case SIGN_RSA_EMSA_PKCS1_SHA224:
153 return build_emsa_pkcs1_signature(this, NID_sha224, data, signature);
154 case SIGN_RSA_EMSA_PKCS1_SHA256:
155 return build_emsa_pkcs1_signature(this, NID_sha256, data, signature);
156 case SIGN_RSA_EMSA_PKCS1_SHA384:
157 return build_emsa_pkcs1_signature(this, NID_sha384, data, signature);
158 case SIGN_RSA_EMSA_PKCS1_SHA512:
159 return build_emsa_pkcs1_signature(this, NID_sha512, data, signature);
160 case SIGN_RSA_EMSA_PKCS1_MD5:
161 return build_emsa_pkcs1_signature(this, NID_md5, data, signature);
162 default:
163 DBG1("signature scheme %N not supported in RSA",
164 signature_scheme_names, scheme);
165 return FALSE;
166 }
167 }
168
169 /**
170 * Implementation of openssl_rsa_private_key.decrypt.
171 */
172 static bool decrypt(private_openssl_rsa_private_key_t *this,
173 chunk_t crypto, chunk_t *plain)
174 {
175 DBG1("RSA private key decryption not implemented");
176 return FALSE;
177 }
178
179 /**
180 * Implementation of openssl_rsa_private_key.get_keysize.
181 */
182 static size_t get_keysize(private_openssl_rsa_private_key_t *this)
183 {
184 return RSA_size(this->rsa);
185 }
186
187 /**
188 * Implementation of openssl_rsa_private_key.get_public_key.
189 */
190 static public_key_t* get_public_key(private_openssl_rsa_private_key_t *this)
191 {
192 chunk_t enc;
193 public_key_t *key;
194 u_char *p;
195
196 enc = chunk_alloc(i2d_RSAPublicKey(this->rsa, NULL));
197 p = enc.ptr;
198 i2d_RSAPublicKey(this->rsa, &p);
199 key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
200 BUILD_BLOB_ASN1_DER, enc, BUILD_END);
201 free(enc.ptr);
202 return key;
203 }
204
205 /**
206 * Implementation of public_key_t.get_fingerprint.
207 */
208 static bool get_fingerprint(private_openssl_rsa_private_key_t *this,
209 key_encoding_type_t type, chunk_t *fingerprint)
210 {
211 return openssl_rsa_fingerprint(this->rsa, type, fingerprint);
212 }
213
214 /*
215 * Implementation of public_key_t.get_encoding.
216 */
217 static bool get_encoding(private_openssl_rsa_private_key_t *this,
218 key_encoding_type_t type, chunk_t *encoding)
219 {
220 u_char *p;
221
222 if (this->engine)
223 {
224 return FALSE;
225 }
226 switch (type)
227 {
228 case KEY_PRIV_ASN1_DER:
229 {
230 *encoding = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL));
231 p = encoding->ptr;
232 i2d_RSAPrivateKey(this->rsa, &p);
233 return TRUE;
234 }
235 default:
236 return FALSE;
237 }
238 }
239
240 /**
241 * Implementation of openssl_rsa_private_key.get_ref.
242 */
243 static private_openssl_rsa_private_key_t* get_ref(private_openssl_rsa_private_key_t *this)
244 {
245 ref_get(&this->ref);
246 return this;
247 }
248
249 /**
250 * Implementation of openssl_rsa_private_key.destroy.
251 */
252 static void destroy(private_openssl_rsa_private_key_t *this)
253 {
254 if (ref_put(&this->ref))
255 {
256 if (this->rsa)
257 {
258 lib->encoding->clear_cache(lib->encoding, this->rsa);
259 RSA_free(this->rsa);
260 }
261 free(this);
262 }
263 }
264
265 /**
266 * Internal generic constructor
267 */
268 static private_openssl_rsa_private_key_t *create_empty(void)
269 {
270 private_openssl_rsa_private_key_t *this = malloc_thing(private_openssl_rsa_private_key_t);
271
272 this->public.interface.get_type = (key_type_t (*) (private_key_t*))get_type;
273 this->public.interface.sign = (bool (*) (private_key_t*, signature_scheme_t, chunk_t, chunk_t*))sign;
274 this->public.interface.decrypt = (bool (*) (private_key_t*, chunk_t, chunk_t*))decrypt;
275 this->public.interface.get_keysize = (size_t (*) (private_key_t*))get_keysize;
276 this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key;
277 this->public.interface.equals = private_key_equals;
278 this->public.interface.belongs_to = private_key_belongs_to;
279 this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
280 this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
281 this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
282 this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref;
283 this->public.interface.destroy = (void (*) (private_key_t*))destroy;
284
285 this->engine = FALSE;
286 this->ref = 1;
287
288 return this;
289 }
290
291 /**
292 * See header.
293 */
294 openssl_rsa_private_key_t *openssl_rsa_private_key_gen(key_type_t type,
295 va_list args)
296 {
297 private_openssl_rsa_private_key_t *this;
298 u_int key_size = 0;
299 RSA *rsa = NULL;
300 BIGNUM *e = NULL;
301
302 while (TRUE)
303 {
304 switch (va_arg(args, builder_part_t))
305 {
306 case BUILD_KEY_SIZE:
307 key_size = va_arg(args, u_int);
308 continue;
309 case BUILD_END:
310 break;
311 default:
312 return NULL;
313 }
314 break;
315 }
316 if (!key_size)
317 {
318 return NULL;
319 }
320 e = BN_new();
321 if (!e || !BN_set_word(e, PUBLIC_EXPONENT))
322 {
323 goto error;
324 }
325 rsa = RSA_new();
326 if (!rsa || !RSA_generate_key_ex(rsa, key_size, e, NULL))
327 {
328 goto error;
329 }
330 this = create_empty();
331 this->rsa = rsa;
332 BN_free(e);
333 return &this->public;
334
335 error:
336 if (e)
337 {
338 BN_free(e);
339 }
340 if (rsa)
341 {
342 RSA_free(rsa);
343 }
344 return NULL;
345 }
346
347 /**
348 * See header
349 */
350 openssl_rsa_private_key_t *openssl_rsa_private_key_load(key_type_t type,
351 va_list args)
352 {
353 private_openssl_rsa_private_key_t *this;
354 chunk_t blob, n, e, d, p, q, exp1, exp2, coeff;
355
356 blob = n = e = d = p = q = exp1 = exp2 = coeff = chunk_empty;
357 while (TRUE)
358 {
359 switch (va_arg(args, builder_part_t))
360 {
361 case BUILD_BLOB_ASN1_DER:
362 blob = va_arg(args, chunk_t);
363 continue;
364 case BUILD_RSA_MODULUS:
365 n = va_arg(args, chunk_t);
366 continue;
367 case BUILD_RSA_PUB_EXP:
368 e = va_arg(args, chunk_t);
369 continue;
370 case BUILD_RSA_PRIV_EXP:
371 d = va_arg(args, chunk_t);
372 continue;
373 case BUILD_RSA_PRIME1:
374 p = va_arg(args, chunk_t);
375 continue;
376 case BUILD_RSA_PRIME2:
377 q = va_arg(args, chunk_t);
378 continue;
379 case BUILD_RSA_EXP1:
380 exp1 = va_arg(args, chunk_t);
381 continue;
382 case BUILD_RSA_EXP2:
383 exp2 = va_arg(args, chunk_t);
384 continue;
385 case BUILD_RSA_COEFF:
386 coeff = va_arg(args, chunk_t);
387 continue;
388 case BUILD_END:
389 break;
390 default:
391 return NULL;
392 }
393 break;
394 }
395
396 this = create_empty();
397 if (blob.ptr)
398 {
399 this->rsa = d2i_RSAPrivateKey(NULL, (const u_char**)&blob.ptr, blob.len);
400 if (this->rsa && RSA_check_key(this->rsa))
401 {
402 return &this->public;
403 }
404 }
405 else if (n.ptr && e.ptr && d.ptr && p.ptr && q.ptr && coeff.ptr)
406 {
407 this->rsa = RSA_new();
408 this->rsa->n = BN_bin2bn((const u_char*)n.ptr, n.len, NULL);
409 this->rsa->e = BN_bin2bn((const u_char*)e.ptr, e.len, NULL);
410 this->rsa->d = BN_bin2bn((const u_char*)d.ptr, d.len, NULL);
411 this->rsa->p = BN_bin2bn((const u_char*)p.ptr, p.len, NULL);
412 this->rsa->q = BN_bin2bn((const u_char*)q.ptr, q.len, NULL);
413 if (exp1.ptr)
414 {
415 this->rsa->dmp1 = BN_bin2bn((const u_char*)exp1.ptr, exp1.len, NULL);
416 }
417 if (exp2.ptr)
418 {
419 this->rsa->dmq1 = BN_bin2bn((const u_char*)exp2.ptr, exp2.len, NULL);
420 }
421 this->rsa->iqmp = BN_bin2bn((const u_char*)coeff.ptr, coeff.len, NULL);
422 if (RSA_check_key(this->rsa))
423 {
424 return &this->public;
425 }
426 }
427 destroy(this);
428 return NULL;
429 }
430
431 /**
432 * See header.
433 */
434 openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
435 va_list args)
436 {
437 private_openssl_rsa_private_key_t *this;
438 char *keyid = NULL, *pin = NULL;
439 EVP_PKEY *key;
440 char *engine_id;
441 ENGINE *engine;
442
443 while (TRUE)
444 {
445 switch (va_arg(args, builder_part_t))
446 {
447 case BUILD_SMARTCARD_KEYID:
448 keyid = va_arg(args, char*);
449 continue;
450 case BUILD_SMARTCARD_PIN:
451 pin = va_arg(args, char*);
452 continue;
453 case BUILD_END:
454 break;
455 default:
456 return NULL;
457 }
458 break;
459 }
460 if (!keyid || !pin)
461 {
462 return NULL;
463 }
464
465 engine_id = lib->settings->get_str(lib->settings,
466 "library.plugins.openssl.engine_id", "pkcs11");
467 engine = ENGINE_by_id(engine_id);
468 if (!engine)
469 {
470 DBG1("engine '%s' is not available", engine_id);
471 return NULL;
472 }
473 if (!ENGINE_init(engine))
474 {
475 DBG1("failed to initialize engine '%s'", engine_id);
476 ENGINE_free(engine);
477 return NULL;
478 }
479 if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0))
480 {
481 DBG1("failed to set PIN on engine '%s'", engine_id);
482 ENGINE_free(engine);
483 return NULL;
484 }
485
486 key = ENGINE_load_private_key(engine, keyid, NULL, NULL);
487 if (!key)
488 {
489 DBG1("failed to load private key with ID '%s' from engine '%s'",
490 keyid, engine_id);
491 ENGINE_free(engine);
492 return NULL;
493 }
494 ENGINE_free(engine);
495
496 this = create_empty();
497 this->rsa = EVP_PKEY_get1_RSA(key);
498 this->engine = TRUE;
499
500 return &this->public;
501 }
502