add support for smartcards in charon by using the ENGINE API provided by OpenSSL...
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_rsa_private_key.c
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 *
15 * $Id$
16 */
17
18 #include "openssl_rsa_private_key.h"
19 #include "openssl_rsa_public_key.h"
20
21 #include <debug.h>
22
23 #include <openssl/evp.h>
24 #include <openssl/rsa.h>
25 #include <openssl/engine.h>
26
27 /**
28 * Public exponent to use for key generation.
29 */
30 #define PUBLIC_EXPONENT 0x10001
31
32 typedef struct private_openssl_rsa_private_key_t private_openssl_rsa_private_key_t;
33
34 /**
35 * Private data of a openssl_rsa_private_key_t object.
36 */
37 struct private_openssl_rsa_private_key_t {
38 /**
39 * Public interface for this signer.
40 */
41 openssl_rsa_private_key_t public;
42
43 /**
44 * RSA object from OpenSSL
45 */
46 RSA *rsa;
47
48 /**
49 * TRUE if the key is from an OpenSSL ENGINE and might not be readable
50 */
51 bool engine;
52
53 /**
54 * Keyid formed as a SHA-1 hash of a privateKey object
55 */
56 identification_t* keyid;
57
58 /**
59 * Keyid formed as a SHA-1 hash of a privateKeyInfo object
60 */
61 identification_t* keyid_info;
62
63 /**
64 * reference count
65 */
66 refcount_t ref;
67 };
68
69 /**
70 * shared functions, implemented in openssl_rsa_public_key.c
71 */
72 bool openssl_rsa_public_key_build_id(RSA *rsa, identification_t **keyid,
73 identification_t **keyid_info);
74
75
76 openssl_rsa_public_key_t *openssl_rsa_public_key_create_from_n_e(BIGNUM *n, BIGNUM *e);
77
78
79 /**
80 * Build an EMPSA PKCS1 signature described in PKCS#1
81 */
82 static bool build_emsa_pkcs1_signature(private_openssl_rsa_private_key_t *this,
83 int type, chunk_t data, chunk_t *out)
84 {
85 bool success = FALSE;
86 u_char *sig = NULL;
87 u_int len;
88 const EVP_MD *hasher = EVP_get_digestbynid(type);
89 if (!hasher)
90 {
91 return FALSE;
92 }
93
94 EVP_MD_CTX *ctx = EVP_MD_CTX_create();
95 EVP_PKEY *key = EVP_PKEY_new();
96 if (!ctx || !key)
97 {
98 goto error;
99 }
100
101 if (!EVP_PKEY_set1_RSA(key, this->rsa))
102 {
103 goto error;
104 }
105
106 if (!EVP_SignInit_ex(ctx, hasher, NULL))
107 {
108 goto error;
109 }
110
111 if (!EVP_SignUpdate(ctx, data.ptr, data.len))
112 {
113 goto error;
114 }
115
116 sig = malloc(EVP_PKEY_size(key));
117 if (EVP_SignFinal(ctx, sig, &len, key))
118 {
119 out->ptr = sig;
120 out->len = len;
121 success = TRUE;
122 }
123 else
124 {
125 free(sig);
126 }
127
128 error:
129 if (key)
130 {
131 EVP_PKEY_free(key);
132 }
133 if (ctx)
134 {
135 EVP_MD_CTX_destroy(ctx);
136 }
137 return success;
138 }
139
140 /**
141 * Implementation of openssl_rsa_private_key.destroy.
142 */
143 static key_type_t get_type(private_openssl_rsa_private_key_t *this)
144 {
145 return KEY_RSA;
146 }
147
148 /**
149 * Implementation of openssl_rsa_private_key.destroy.
150 */
151 static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t scheme,
152 chunk_t data, chunk_t *signature)
153 {
154 switch (scheme)
155 {
156 case SIGN_DEFAULT:
157 /* default is EMSA-PKCS1 using SHA1 */
158 case SIGN_RSA_EMSA_PKCS1_SHA1:
159 return build_emsa_pkcs1_signature(this, NID_sha1, data, signature);
160 case SIGN_RSA_EMSA_PKCS1_SHA256:
161 return build_emsa_pkcs1_signature(this, NID_sha256, data, signature);
162 case SIGN_RSA_EMSA_PKCS1_SHA384:
163 return build_emsa_pkcs1_signature(this, NID_sha384, data, signature);
164 case SIGN_RSA_EMSA_PKCS1_SHA512:
165 return build_emsa_pkcs1_signature(this, NID_sha512, data, signature);
166 case SIGN_RSA_EMSA_PKCS1_MD5:
167 return build_emsa_pkcs1_signature(this, NID_md5, data, signature);
168 default:
169 DBG1("signature scheme %N not supported in RSA",
170 signature_scheme_names, scheme);
171 return FALSE;
172 }
173 }
174
175 /**
176 * Implementation of openssl_rsa_private_key.destroy.
177 */
178 static bool decrypt(private_openssl_rsa_private_key_t *this,
179 chunk_t crypto, chunk_t *plain)
180 {
181 DBG1("RSA private key decryption not implemented");
182 return FALSE;
183 }
184
185 /**
186 * Implementation of openssl_rsa_private_key.destroy.
187 */
188 static size_t get_keysize(private_openssl_rsa_private_key_t *this)
189 {
190 return RSA_size(this->rsa);
191 }
192
193 /**
194 * Implementation of openssl_rsa_private_key.destroy.
195 */
196 static identification_t* get_id(private_openssl_rsa_private_key_t *this,
197 id_type_t type)
198 {
199 switch (type)
200 {
201 case ID_PUBKEY_INFO_SHA1:
202 return this->keyid_info;
203 case ID_PUBKEY_SHA1:
204 return this->keyid;
205 default:
206 return NULL;
207 }
208 }
209
210 /**
211 * Implementation of openssl_rsa_private_key.destroy.
212 */
213 static openssl_rsa_public_key_t* get_public_key(private_openssl_rsa_private_key_t *this)
214 {
215 return openssl_rsa_public_key_create_from_n_e(this->rsa->n, this->rsa->e);
216 }
217
218 /**
219 * Implementation of openssl_rsa_private_key.destroy.
220 */
221 static bool belongs_to(private_openssl_rsa_private_key_t *this, public_key_t *public)
222 {
223 identification_t *keyid;
224
225 if (public->get_type(public) != KEY_RSA)
226 {
227 return FALSE;
228 }
229 keyid = public->get_id(public, ID_PUBKEY_SHA1);
230 if (keyid && keyid->equals(keyid, this->keyid))
231 {
232 return TRUE;
233 }
234 keyid = public->get_id(public, ID_PUBKEY_INFO_SHA1);
235 if (keyid && keyid->equals(keyid, this->keyid_info))
236 {
237 return TRUE;
238 }
239 return FALSE;
240 }
241
242 /**
243 * Implementation of private_key_t.get_encoding.
244 */
245 static chunk_t get_encoding(private_openssl_rsa_private_key_t *this)
246 {
247 chunk_t enc = chunk_empty;
248 if (!this->engine)
249 {
250 enc = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL));
251 u_char *p = enc.ptr;
252 i2d_RSAPrivateKey(this->rsa, &p);
253 }
254 return enc;
255 }
256
257 /**
258 * Implementation of openssl_rsa_private_key.destroy.
259 */
260 static private_openssl_rsa_private_key_t* get_ref(private_openssl_rsa_private_key_t *this)
261 {
262 ref_get(&this->ref);
263 return this;
264
265 }
266
267 /**
268 * Implementation of openssl_rsa_private_key.destroy.
269 */
270 static void destroy(private_openssl_rsa_private_key_t *this)
271 {
272 if (ref_put(&this->ref))
273 {
274 if (this->rsa)
275 {
276 RSA_free(this->rsa);
277 }
278 DESTROY_IF(this->keyid);
279 DESTROY_IF(this->keyid_info);
280 free(this);
281 }
282 }
283
284 /**
285 * Internal generic constructor
286 */
287 static private_openssl_rsa_private_key_t *openssl_rsa_private_key_create_empty(void)
288 {
289 private_openssl_rsa_private_key_t *this = malloc_thing(private_openssl_rsa_private_key_t);
290
291 this->public.interface.get_type = (key_type_t (*)(private_key_t *this))get_type;
292 this->public.interface.sign = (bool (*)(private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature))sign;
293 this->public.interface.decrypt = (bool (*)(private_key_t *this, chunk_t crypto, chunk_t *plain))decrypt;
294 this->public.interface.get_keysize = (size_t (*) (private_key_t *this))get_keysize;
295 this->public.interface.get_id = (identification_t* (*) (private_key_t *this,id_type_t))get_id;
296 this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key;
297 this->public.interface.belongs_to = (bool (*) (private_key_t *this, public_key_t *public))belongs_to;
298 this->public.interface.get_encoding = (chunk_t(*)(private_key_t*))get_encoding;
299 this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
300 this->public.interface.destroy = (void (*)(private_key_t *this))destroy;
301
302 this->engine = FALSE;
303 this->keyid = NULL;
304 this->keyid_info = NULL;
305 this->ref = 1;
306
307 return this;
308 }
309
310 /**
311 * Generate an RSA key of specified key size
312 */
313 static openssl_rsa_private_key_t *generate(size_t key_size)
314 {
315 private_openssl_rsa_private_key_t *this = openssl_rsa_private_key_create_empty();
316
317 this->rsa = RSA_generate_key(key_size, PUBLIC_EXPONENT, NULL, NULL);
318
319 if (!openssl_rsa_public_key_build_id(this->rsa, &this->keyid, &this->keyid_info))
320 {
321 destroy(this);
322 return NULL;
323 }
324
325 return &this->public;
326 }
327
328 /**
329 * load private key from an ASN1 encoded blob
330 */
331 static openssl_rsa_private_key_t *load(chunk_t blob)
332 {
333 u_char *p = blob.ptr;
334 private_openssl_rsa_private_key_t *this = openssl_rsa_private_key_create_empty();
335
336 this->rsa = d2i_RSAPrivateKey(NULL, (const u_char**)&p, blob.len);
337
338 chunk_clear(&blob);
339
340 if (!this->rsa)
341 {
342 destroy(this);
343 return NULL;
344 }
345
346 if (!openssl_rsa_public_key_build_id(this->rsa, &this->keyid, &this->keyid_info))
347 {
348 destroy(this);
349 return NULL;
350 }
351
352 if (!RSA_check_key(this->rsa))
353 {
354 destroy(this);
355 return NULL;
356 }
357
358 return &this->public;
359 }
360
361 /**
362 * load private key from a smart card
363 */
364 static openssl_rsa_private_key_t *load_from_smartcard(char *keyid, char *pin)
365 {
366 private_openssl_rsa_private_key_t *this = NULL;
367 EVP_PKEY *key;
368 char *engine_id = lib->settings->get_str(lib->settings,
369 "library.plugins.openssl.engine_id", "pkcs11");
370
371 ENGINE *engine = ENGINE_by_id(engine_id);
372 if (!engine)
373 {
374 DBG1("engine '%s' is not available", engine_id);
375 return NULL;
376 }
377
378 if (!ENGINE_init(engine))
379 {
380 DBG1("failed to initialize engine '%s'", engine_id);
381 goto error;
382 }
383
384 if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0))
385 {
386 DBG1("failed to set PIN on engine '%s'", engine_id);
387 goto error;
388 }
389
390 key = ENGINE_load_private_key(engine, keyid, NULL, NULL);
391
392 if (!key)
393 {
394 DBG1("failed to load private key with ID '%s' from engine '%s'", keyid,
395 engine_id);
396 goto error;
397 }
398 ENGINE_free(engine);
399
400 this = openssl_rsa_private_key_create_empty();
401 this->rsa = EVP_PKEY_get1_RSA(key);
402 this->engine = TRUE;
403
404 if (!openssl_rsa_public_key_build_id(this->rsa, &this->keyid, &this->keyid_info))
405 {
406 destroy(this);
407 return NULL;
408 }
409 return &this->public;
410
411 error:
412 ENGINE_free(engine);
413 return NULL;
414 }
415
416 typedef struct private_builder_t private_builder_t;
417 /**
418 * Builder implementation for key loading/generation
419 */
420 struct private_builder_t {
421 /** implements the builder interface */
422 builder_t public;
423 /** loaded/generated private key */
424 openssl_rsa_private_key_t *key;
425 /** temporary stored smartcard key ID */
426 char *keyid;
427 /** temporary stored smartcard pin */
428 char *pin;
429 };
430
431 /**
432 * Implementation of builder_t.build
433 */
434 static openssl_rsa_private_key_t *build(private_builder_t *this)
435 {
436 openssl_rsa_private_key_t *key = this->key;
437
438 if (this->keyid && this->pin)
439 {
440 key = load_from_smartcard(this->keyid, this->pin);
441 }
442 free(this);
443 return key;
444 }
445
446 /**
447 * Implementation of builder_t.add
448 */
449 static void add(private_builder_t *this, builder_part_t part, ...)
450 {
451 if (!this->key)
452 {
453 va_list args;
454 chunk_t chunk;
455
456 switch (part)
457 {
458 case BUILD_BLOB_ASN1_DER:
459 {
460 va_start(args, part);
461 chunk = va_arg(args, chunk_t);
462 this->key = load(chunk_clone(chunk));
463 va_end(args);
464 return;
465 }
466 case BUILD_KEY_SIZE:
467 {
468 va_start(args, part);
469 this->key = generate(va_arg(args, u_int));
470 va_end(args);
471 return;
472 }
473 case BUILD_SMARTCARD_KEYID:
474 {
475 va_start(args, part);
476 this->keyid = va_arg(args, char*);
477 va_end(args);
478 return;
479 }
480 case BUILD_SMARTCARD_PIN:
481 {
482 va_start(args, part);
483 this->pin = va_arg(args, char*);
484 va_end(args);
485 return;
486 }
487 default:
488 break;
489 }
490 }
491 if (this->key)
492 {
493 destroy((private_openssl_rsa_private_key_t*)this->key);
494 }
495 builder_cancel(&this->public);
496 }
497
498 /**
499 * Builder construction function
500 */
501 builder_t *openssl_rsa_private_key_builder(key_type_t type)
502 {
503 private_builder_t *this;
504
505 if (type != KEY_RSA)
506 {
507 return NULL;
508 }
509
510 this = malloc_thing(private_builder_t);
511
512 this->key = NULL;
513 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
514 this->public.build = (void*(*)(builder_t *this))build;
515 this->keyid = NULL;
516 this->pin = NULL;
517
518 return &this->public;
519 }
520