projects / strongswan.git / blob
? search:


c5d4142da8c394123e9cd6b63de57707f3f2dfc7
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_rsa_private_key.c
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "openssl_rsa_private_key.h"
17 #include "openssl_rsa_public_key.h"
18
19 #include <debug.h>
20
21 #include <openssl/evp.h>
22 #include <openssl/rsa.h>
23 #include <openssl/engine.h>
24
25 /**
26 * Public exponent to use for key generation.
27 */
28 #define PUBLIC_EXPONENT 0x10001
29
30 typedef struct private_openssl_rsa_private_key_t private_openssl_rsa_private_key_t;
31
32 /**
33 * Private data of a openssl_rsa_private_key_t object.
34 */
35 struct private_openssl_rsa_private_key_t {
36 /**
37 * Public interface for this signer.
38 */
39 openssl_rsa_private_key_t public;
40
41 /**
42 * RSA object from OpenSSL
43 */
44 RSA *rsa;
45
46 /**
47 * TRUE if the key is from an OpenSSL ENGINE and might not be readable
48 */
49 bool engine;
50
51 /**
52 * Keyid formed as a SHA-1 hash of a privateKey object
53 */
54 identification_t* keyid;
55
56 /**
57 * Keyid formed as a SHA-1 hash of a privateKeyInfo object
58 */
59 identification_t* keyid_info;
60
61 /**
62 * reference count
63 */
64 refcount_t ref;
65 };
66
67 /**
68 * shared functions, implemented in openssl_rsa_public_key.c
69 */
70 bool openssl_rsa_public_key_build_id(RSA *rsa, identification_t **keyid,
71 identification_t **keyid_info);
72
73
74 openssl_rsa_public_key_t *openssl_rsa_public_key_create_from_n_e(BIGNUM *n, BIGNUM *e);
75
76
77 /**
78 * Build an EMPSA PKCS1 signature described in PKCS#1
79 */
80 static bool build_emsa_pkcs1_signature(private_openssl_rsa_private_key_t *this,
81 int type, chunk_t data, chunk_t *sig)
82 {
83 bool success = FALSE;
84
85 *sig = chunk_alloc(RSA_size(this->rsa));
86
87 if (type == NID_undef)
88 {
89 if (RSA_private_encrypt(data.len, data.ptr, sig->ptr, this->rsa,
90 RSA_PKCS1_PADDING) == sig->len)
91 {
92 success = TRUE;
93 }
94 }
95 else
96 {
97 EVP_MD_CTX *ctx;
98 EVP_PKEY *key;
99 const EVP_MD *hasher;
100 u_int len;
101
102 hasher = EVP_get_digestbynid(type);
103 if (!hasher)
104 {
105 return FALSE;
106 }
107
108 ctx = EVP_MD_CTX_create();
109 key = EVP_PKEY_new();
110 if (!ctx || !key)
111 {
112 goto error;
113 }
114 if (!EVP_PKEY_set1_RSA(key, this->rsa))
115 {
116 goto error;
117 }
118 if (!EVP_SignInit_ex(ctx, hasher, NULL))
119 {
120 goto error;
121 }
122 if (!EVP_SignUpdate(ctx, data.ptr, data.len))
123 {
124 goto error;
125 }
126 if (EVP_SignFinal(ctx, sig->ptr, &len, key))
127 {
128 success = TRUE;
129 }
130
131 error:
132 if (key)
133 {
134 EVP_PKEY_free(key);
135 }
136 if (ctx)
137 {
138 EVP_MD_CTX_destroy(ctx);
139 }
140 }
141 if (!success)
142 {
143 free(sig->ptr);
144 }
145 return success;
146 }
147
148 /**
149 * Implementation of openssl_rsa_private_key.get_type.
150 */
151 static key_type_t get_type(private_openssl_rsa_private_key_t *this)
152 {
153 return KEY_RSA;
154 }
155
156 /**
157 * Implementation of openssl_rsa_private_key.sign.
158 */
159 static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t scheme,
160 chunk_t data, chunk_t *signature)
161 {
162 switch (scheme)
163 {
164 case SIGN_RSA_EMSA_PKCS1_NULL:
165 return build_emsa_pkcs1_signature(this, NID_undef, data, signature);
166 case SIGN_RSA_EMSA_PKCS1_SHA1:
167 return build_emsa_pkcs1_signature(this, NID_sha1, data, signature);
168 case SIGN_RSA_EMSA_PKCS1_SHA256:
169 return build_emsa_pkcs1_signature(this, NID_sha256, data, signature);
170 case SIGN_RSA_EMSA_PKCS1_SHA384:
171 return build_emsa_pkcs1_signature(this, NID_sha384, data, signature);
172 case SIGN_RSA_EMSA_PKCS1_SHA512:
173 return build_emsa_pkcs1_signature(this, NID_sha512, data, signature);
174 case SIGN_RSA_EMSA_PKCS1_MD5:
175 return build_emsa_pkcs1_signature(this, NID_md5, data, signature);
176 default:
177 DBG1("signature scheme %N not supported in RSA",
178 signature_scheme_names, scheme);
179 return FALSE;
180 }
181 }
182
183 /**
184 * Implementation of openssl_rsa_private_key.decrypt.
185 */
186 static bool decrypt(private_openssl_rsa_private_key_t *this,
187 chunk_t crypto, chunk_t *plain)
188 {
189 DBG1("RSA private key decryption not implemented");
190 return FALSE;
191 }
192
193 /**
194 * Implementation of openssl_rsa_private_key.get_keysize.
195 */
196 static size_t get_keysize(private_openssl_rsa_private_key_t *this)
197 {
198 return RSA_size(this->rsa);
199 }
200
201 /**
202 * Implementation of openssl_rsa_private_key.get_id.
203 */
204 static identification_t* get_id(private_openssl_rsa_private_key_t *this,
205 id_type_t type)
206 {
207 switch (type)
208 {
209 case ID_PUBKEY_INFO_SHA1:
210 return this->keyid_info;
211 case ID_PUBKEY_SHA1:
212 return this->keyid;
213 default:
214 return NULL;
215 }
216 }
217
218 /**
219 * Implementation of openssl_rsa_private_key.get_public_key.
220 */
221 static openssl_rsa_public_key_t* get_public_key(private_openssl_rsa_private_key_t *this)
222 {
223 return openssl_rsa_public_key_create_from_n_e(this->rsa->n, this->rsa->e);
224 }
225
226 /**
227 * Implementation of openssl_rsa_private_key.equals.
228 */
229 static bool equals(private_openssl_rsa_private_key_t *this, private_key_t *other)
230 {
231 identification_t *keyid;
232
233 if (&this->public.interface == other)
234 {
235 return TRUE;
236 }
237 if (other->get_type(other) != KEY_RSA)
238 {
239 return FALSE;
240 }
241 keyid = other->get_id(other, ID_PUBKEY_SHA1);
242 if (keyid && keyid->equals(keyid, this->keyid))
243 {
244 return TRUE;
245 }
246 keyid = other->get_id(other, ID_PUBKEY_INFO_SHA1);
247 if (keyid && keyid->equals(keyid, this->keyid_info))
248 {
249 return TRUE;
250 }
251 return FALSE;
252 }
253
254 /**
255 * Implementation of openssl_rsa_private_key.belongs_to.
256 */
257 static bool belongs_to(private_openssl_rsa_private_key_t *this, public_key_t *public)
258 {
259 identification_t *keyid;
260
261 if (public->get_type(public) != KEY_RSA)
262 {
263 return FALSE;
264 }
265 keyid = public->get_id(public, ID_PUBKEY_SHA1);
266 if (keyid && keyid->equals(keyid, this->keyid))
267 {
268 return TRUE;
269 }
270 keyid = public->get_id(public, ID_PUBKEY_INFO_SHA1);
271 if (keyid && keyid->equals(keyid, this->keyid_info))
272 {
273 return TRUE;
274 }
275 return FALSE;
276 }
277
278 /**
279 * Implementation of private_key_t.get_encoding.
280 */
281 static chunk_t get_encoding(private_openssl_rsa_private_key_t *this)
282 {
283 chunk_t enc = chunk_empty;
284 if (!this->engine)
285 {
286 enc = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL));
287 u_char *p = enc.ptr;
288 i2d_RSAPrivateKey(this->rsa, &p);
289 }
290 return enc;
291 }
292
293 /**
294 * Implementation of openssl_rsa_private_key.get_ref.
295 */
296 static private_openssl_rsa_private_key_t* get_ref(private_openssl_rsa_private_key_t *this)
297 {
298 ref_get(&this->ref);
299 return this;
300
301 }
302
303 /**
304 * Implementation of openssl_rsa_private_key.destroy.
305 */
306 static void destroy(private_openssl_rsa_private_key_t *this)
307 {
308 if (ref_put(&this->ref))
309 {
310 if (this->rsa)
311 {
312 RSA_free(this->rsa);
313 }
314 DESTROY_IF(this->keyid);
315 DESTROY_IF(this->keyid_info);
316 free(this);
317 }
318 }
319
320 /**
321 * Internal generic constructor
322 */
323 static private_openssl_rsa_private_key_t *openssl_rsa_private_key_create_empty(void)
324 {
325 private_openssl_rsa_private_key_t *this = malloc_thing(private_openssl_rsa_private_key_t);
326
327 this->public.interface.get_type = (key_type_t (*) (private_key_t*))get_type;
328 this->public.interface.sign = (bool (*) (private_key_t*, signature_scheme_t, chunk_t, chunk_t*))sign;
329 this->public.interface.decrypt = (bool (*) (private_key_t*, chunk_t, chunk_t*))decrypt;
330 this->public.interface.get_keysize = (size_t (*) (private_key_t*))get_keysize;
331 this->public.interface.get_id = (identification_t* (*) (private_key_t*, id_type_t))get_id;
332 this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key;
333 this->public.interface.equals = (bool (*) (private_key_t*, private_key_t*))equals;
334 this->public.interface.belongs_to = (bool (*) (private_key_t*, public_key_t*))belongs_to;
335 this->public.interface.get_encoding = (chunk_t(*) (private_key_t*))get_encoding;
336 this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref;
337 this->public.interface.destroy = (void (*) (private_key_t*))destroy;
338
339 this->engine = FALSE;
340 this->keyid = NULL;
341 this->keyid_info = NULL;
342 this->ref = 1;
343
344 return this;
345 }
346
347 /**
348 * Generate an RSA key of specified key size
349 */
350 static openssl_rsa_private_key_t *generate(size_t key_size)
351 {
352 private_openssl_rsa_private_key_t *this = openssl_rsa_private_key_create_empty();
353
354 this->rsa = RSA_generate_key(key_size, PUBLIC_EXPONENT, NULL, NULL);
355
356 if (!openssl_rsa_public_key_build_id(this->rsa, &this->keyid, &this->keyid_info))
357 {
358 destroy(this);
359 return NULL;
360 }
361
362 return &this->public;
363 }
364
365 /**
366 * load private key from an ASN1 encoded blob
367 */
368 static openssl_rsa_private_key_t *load(chunk_t blob)
369 {
370 u_char *p = blob.ptr;
371 private_openssl_rsa_private_key_t *this = openssl_rsa_private_key_create_empty();
372
373 this->rsa = d2i_RSAPrivateKey(NULL, (const u_char**)&p, blob.len);
374
375 chunk_clear(&blob);
376
377 if (!this->rsa)
378 {
379 destroy(this);
380 return NULL;
381 }
382
383 if (!openssl_rsa_public_key_build_id(this->rsa, &this->keyid, &this->keyid_info))
384 {
385 destroy(this);
386 return NULL;
387 }
388
389 if (!RSA_check_key(this->rsa))
390 {
391 destroy(this);
392 return NULL;
393 }
394
395 return &this->public;
396 }
397
398 /**
399 * load private key from a smart card
400 */
401 static openssl_rsa_private_key_t *load_from_smartcard(char *keyid, char *pin)
402 {
403 private_openssl_rsa_private_key_t *this = NULL;
404 EVP_PKEY *key;
405 char *engine_id = lib->settings->get_str(lib->settings,
406 "library.plugins.openssl.engine_id", "pkcs11");
407
408 ENGINE *engine = ENGINE_by_id(engine_id);
409 if (!engine)
410 {
411 DBG1("engine '%s' is not available", engine_id);
412 return NULL;
413 }
414
415 if (!ENGINE_init(engine))
416 {
417 DBG1("failed to initialize engine '%s'", engine_id);
418 goto error;
419 }
420
421 if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0))
422 {
423 DBG1("failed to set PIN on engine '%s'", engine_id);
424 goto error;
425 }
426
427 key = ENGINE_load_private_key(engine, keyid, NULL, NULL);
428
429 if (!key)
430 {
431 DBG1("failed to load private key with ID '%s' from engine '%s'", keyid,
432 engine_id);
433 goto error;
434 }
435 ENGINE_free(engine);
436
437 this = openssl_rsa_private_key_create_empty();
438 this->rsa = EVP_PKEY_get1_RSA(key);
439 this->engine = TRUE;
440
441 if (!openssl_rsa_public_key_build_id(this->rsa, &this->keyid, &this->keyid_info))
442 {
443 destroy(this);
444 return NULL;
445 }
446 return &this->public;
447
448 error:
449 ENGINE_free(engine);
450 return NULL;
451 }
452
453 typedef struct private_builder_t private_builder_t;
454 /**
455 * Builder implementation for key loading/generation
456 */
457 struct private_builder_t {
458 /** implements the builder interface */
459 builder_t public;
460 /** loaded/generated private key */
461 openssl_rsa_private_key_t *key;
462 /** temporary stored smartcard key ID */
463 char *keyid;
464 /** temporary stored smartcard pin */
465 char *pin;
466 };
467
468 /**
469 * Implementation of builder_t.build
470 */
471 static openssl_rsa_private_key_t *build(private_builder_t *this)
472 {
473 openssl_rsa_private_key_t *key = this->key;
474
475 if (this->keyid && this->pin)
476 {
477 key = load_from_smartcard(this->keyid, this->pin);
478 }
479 free(this);
480 return key;
481 }
482
483 /**
484 * Implementation of builder_t.add
485 */
486 static void add(private_builder_t *this, builder_part_t part, ...)
487 {
488 if (!this->key)
489 {
490 va_list args;
491 chunk_t chunk;
492
493 switch (part)
494 {
495 case BUILD_BLOB_ASN1_DER:
496 {
497 va_start(args, part);
498 chunk = va_arg(args, chunk_t);
499 this->key = load(chunk_clone(chunk));
500 va_end(args);
501 return;
502 }
503 case BUILD_KEY_SIZE:
504 {
505 va_start(args, part);
506 this->key = generate(va_arg(args, u_int));
507 va_end(args);
508 return;
509 }
510 case BUILD_SMARTCARD_KEYID:
511 {
512 va_start(args, part);
513 this->keyid = va_arg(args, char*);
514 va_end(args);
515 return;
516 }
517 case BUILD_SMARTCARD_PIN:
518 {
519 va_start(args, part);
520 this->pin = va_arg(args, char*);
521 va_end(args);
522 return;
523 }
524 default:
525 break;
526 }
527 }
528 if (this->key)
529 {
530 destroy((private_openssl_rsa_private_key_t*)this->key);
531 }
532 builder_cancel(&this->public);
533 }
534
535 /**
536 * Builder construction function
537 */
538 builder_t *openssl_rsa_private_key_builder(key_type_t type)
539 {
540 private_builder_t *this;
541
542 if (type != KEY_RSA)
543 {
544 return NULL;
545 }
546
547 this = malloc_thing(private_builder_t);
548
549 this->key = NULL;
550 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
551 this->public.build = (void*(*)(builder_t *this))build;
552 this->keyid = NULL;
553 this->pin = NULL;
554
555 return &this->public;
556 }
557
strongSwan - IPsec VPN