eefdfa6f57c7497e5f187705d68e9861ce753f5e
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_rsa_private_key.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Copyright (C) 2008 Tobias Brunner
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "openssl_rsa_private_key.h"
18 #include "openssl_rsa_public_key.h"
19
20 #include <debug.h>
21
22 #include <openssl/evp.h>
23 #include <openssl/rsa.h>
24 #include <openssl/engine.h>
25
26 /**
27 * Public exponent to use for key generation.
28 */
29 #define PUBLIC_EXPONENT 0x10001
30
31 typedef struct private_openssl_rsa_private_key_t private_openssl_rsa_private_key_t;
32
33 /**
34 * Private data of a openssl_rsa_private_key_t object.
35 */
36 struct private_openssl_rsa_private_key_t {
37 /**
38 * Public interface for this signer.
39 */
40 openssl_rsa_private_key_t public;
41
42 /**
43 * RSA object from OpenSSL
44 */
45 RSA *rsa;
46
47 /**
48 * TRUE if the key is from an OpenSSL ENGINE and might not be readable
49 */
50 bool engine;
51
52 /**
53 * reference count
54 */
55 refcount_t ref;
56 };
57
58 /* implemented in rsa public key */
59 bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp);
60
61 /**
62 * Build an EMPSA PKCS1 signature described in PKCS#1
63 */
64 static bool build_emsa_pkcs1_signature(private_openssl_rsa_private_key_t *this,
65 int type, chunk_t data, chunk_t *sig)
66 {
67 bool success = FALSE;
68
69 *sig = chunk_alloc(RSA_size(this->rsa));
70
71 if (type == NID_undef)
72 {
73 if (RSA_private_encrypt(data.len, data.ptr, sig->ptr, this->rsa,
74 RSA_PKCS1_PADDING) == sig->len)
75 {
76 success = TRUE;
77 }
78 }
79 else
80 {
81 EVP_MD_CTX *ctx;
82 EVP_PKEY *key;
83 const EVP_MD *hasher;
84 u_int len;
85
86 hasher = EVP_get_digestbynid(type);
87 if (!hasher)
88 {
89 return FALSE;
90 }
91
92 ctx = EVP_MD_CTX_create();
93 key = EVP_PKEY_new();
94 if (!ctx || !key)
95 {
96 goto error;
97 }
98 if (!EVP_PKEY_set1_RSA(key, this->rsa))
99 {
100 goto error;
101 }
102 if (!EVP_SignInit_ex(ctx, hasher, NULL))
103 {
104 goto error;
105 }
106 if (!EVP_SignUpdate(ctx, data.ptr, data.len))
107 {
108 goto error;
109 }
110 if (EVP_SignFinal(ctx, sig->ptr, &len, key))
111 {
112 success = TRUE;
113 }
114
115 error:
116 if (key)
117 {
118 EVP_PKEY_free(key);
119 }
120 if (ctx)
121 {
122 EVP_MD_CTX_destroy(ctx);
123 }
124 }
125 if (!success)
126 {
127 free(sig->ptr);
128 }
129 return success;
130 }
131
132 /**
133 * Implementation of openssl_rsa_private_key.get_type.
134 */
135 static key_type_t get_type(private_openssl_rsa_private_key_t *this)
136 {
137 return KEY_RSA;
138 }
139
140 /**
141 * Implementation of openssl_rsa_private_key.sign.
142 */
143 static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t scheme,
144 chunk_t data, chunk_t *signature)
145 {
146 switch (scheme)
147 {
148 case SIGN_RSA_EMSA_PKCS1_NULL:
149 return build_emsa_pkcs1_signature(this, NID_undef, data, signature);
150 case SIGN_RSA_EMSA_PKCS1_SHA1:
151 return build_emsa_pkcs1_signature(this, NID_sha1, data, signature);
152 case SIGN_RSA_EMSA_PKCS1_SHA224:
153 return build_emsa_pkcs1_signature(this, NID_sha224, data, signature);
154 case SIGN_RSA_EMSA_PKCS1_SHA256:
155 return build_emsa_pkcs1_signature(this, NID_sha256, data, signature);
156 case SIGN_RSA_EMSA_PKCS1_SHA384:
157 return build_emsa_pkcs1_signature(this, NID_sha384, data, signature);
158 case SIGN_RSA_EMSA_PKCS1_SHA512:
159 return build_emsa_pkcs1_signature(this, NID_sha512, data, signature);
160 case SIGN_RSA_EMSA_PKCS1_MD5:
161 return build_emsa_pkcs1_signature(this, NID_md5, data, signature);
162 default:
163 DBG1("signature scheme %N not supported in RSA",
164 signature_scheme_names, scheme);
165 return FALSE;
166 }
167 }
168
169 /**
170 * Implementation of openssl_rsa_private_key.decrypt.
171 */
172 static bool decrypt(private_openssl_rsa_private_key_t *this,
173 chunk_t crypto, chunk_t *plain)
174 {
175 DBG1("RSA private key decryption not implemented");
176 return FALSE;
177 }
178
179 /**
180 * Implementation of openssl_rsa_private_key.get_keysize.
181 */
182 static size_t get_keysize(private_openssl_rsa_private_key_t *this)
183 {
184 return RSA_size(this->rsa);
185 }
186
187 /**
188 * Implementation of openssl_rsa_private_key.get_public_key.
189 */
190 static public_key_t* get_public_key(private_openssl_rsa_private_key_t *this)
191 {
192 chunk_t enc;
193 public_key_t *key;
194 u_char *p;
195
196 enc = chunk_alloc(i2d_RSAPublicKey(this->rsa, NULL));
197 p = enc.ptr;
198 i2d_RSAPublicKey(this->rsa, &p);
199 key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
200 BUILD_BLOB_ASN1_DER, enc, BUILD_END);
201 free(enc.ptr);
202 return key;
203 }
204
205 /**
206 * Implementation of public_key_t.get_fingerprint.
207 */
208 static bool get_fingerprint(private_openssl_rsa_private_key_t *this,
209 key_encoding_type_t type, chunk_t *fingerprint)
210 {
211 return openssl_rsa_fingerprint(this->rsa, type, fingerprint);
212 }
213
214 /*
215 * Implementation of public_key_t.get_encoding.
216 */
217 static bool get_encoding(private_openssl_rsa_private_key_t *this,
218 key_encoding_type_t type, chunk_t *encoding)
219 {
220 u_char *p;
221
222 if (this->engine)
223 {
224 return FALSE;
225 }
226 switch (type)
227 {
228 case KEY_PRIV_ASN1_DER:
229 {
230 *encoding = chunk_alloc(i2d_RSAPrivateKey(this->rsa, NULL));
231 p = encoding->ptr;
232 i2d_RSAPrivateKey(this->rsa, &p);
233 return TRUE;
234 }
235 default:
236 return FALSE;
237 }
238 }
239
240 /**
241 * Implementation of openssl_rsa_private_key.get_ref.
242 */
243 static private_openssl_rsa_private_key_t* get_ref(private_openssl_rsa_private_key_t *this)
244 {
245 ref_get(&this->ref);
246 return this;
247 }
248
249 /**
250 * Implementation of openssl_rsa_private_key.destroy.
251 */
252 static void destroy(private_openssl_rsa_private_key_t *this)
253 {
254 if (ref_put(&this->ref))
255 {
256 if (this->rsa)
257 {
258 lib->encoding->clear_cache(lib->encoding, this->rsa);
259 RSA_free(this->rsa);
260 }
261 free(this);
262 }
263 }
264
265 /**
266 * Internal generic constructor
267 */
268 static private_openssl_rsa_private_key_t *create_empty(void)
269 {
270 private_openssl_rsa_private_key_t *this = malloc_thing(private_openssl_rsa_private_key_t);
271
272 this->public.interface.get_type = (key_type_t (*) (private_key_t*))get_type;
273 this->public.interface.sign = (bool (*) (private_key_t*, signature_scheme_t, chunk_t, chunk_t*))sign;
274 this->public.interface.decrypt = (bool (*) (private_key_t*, chunk_t, chunk_t*))decrypt;
275 this->public.interface.get_keysize = (size_t (*) (private_key_t*))get_keysize;
276 this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key;
277 this->public.interface.equals = private_key_equals;
278 this->public.interface.belongs_to = private_key_belongs_to;
279 this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
280 this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
281 this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref;
282 this->public.interface.destroy = (void (*) (private_key_t*))destroy;
283
284 this->engine = FALSE;
285 this->ref = 1;
286
287 return this;
288 }
289
290 /**
291 * See header.
292 */
293 openssl_rsa_private_key_t *openssl_rsa_private_key_gen(key_type_t type,
294 va_list args)
295 {
296 private_openssl_rsa_private_key_t *this;
297 u_int key_size = 0;
298
299 while (TRUE)
300 {
301 switch (va_arg(args, builder_part_t))
302 {
303 case BUILD_KEY_SIZE:
304 key_size = va_arg(args, u_int);
305 continue;
306 case BUILD_END:
307 break;
308 default:
309 return NULL;
310 }
311 break;
312 }
313 if (!key_size)
314 {
315 return NULL;
316 }
317 this = create_empty();
318 this->rsa = RSA_generate_key(key_size, PUBLIC_EXPONENT, NULL, NULL);
319
320 return &this->public;
321 }
322
323 /**
324 * See header
325 */
326 openssl_rsa_private_key_t *openssl_rsa_private_key_load(key_type_t type,
327 va_list args)
328 {
329 private_openssl_rsa_private_key_t *this;
330 chunk_t blob, n, e, d, p, q, exp1, exp2, coeff;
331
332 blob = n = e = d = p = q = exp1 = exp2 = coeff = chunk_empty;
333 while (TRUE)
334 {
335 switch (va_arg(args, builder_part_t))
336 {
337 case BUILD_BLOB_ASN1_DER:
338 blob = va_arg(args, chunk_t);
339 continue;
340 case BUILD_RSA_MODULUS:
341 n = va_arg(args, chunk_t);
342 continue;
343 case BUILD_RSA_PUB_EXP:
344 e = va_arg(args, chunk_t);
345 continue;
346 case BUILD_RSA_PRIV_EXP:
347 d = va_arg(args, chunk_t);
348 continue;
349 case BUILD_RSA_PRIME1:
350 p = va_arg(args, chunk_t);
351 continue;
352 case BUILD_RSA_PRIME2:
353 q = va_arg(args, chunk_t);
354 continue;
355 case BUILD_RSA_EXP1:
356 exp1 = va_arg(args, chunk_t);
357 continue;
358 case BUILD_RSA_EXP2:
359 exp2 = va_arg(args, chunk_t);
360 continue;
361 case BUILD_RSA_COEFF:
362 coeff = va_arg(args, chunk_t);
363 continue;
364 case BUILD_END:
365 break;
366 default:
367 return NULL;
368 }
369 break;
370 }
371
372 this = create_empty();
373 if (blob.ptr)
374 {
375 this->rsa = d2i_RSAPrivateKey(NULL, (const u_char**)&blob.ptr, blob.len);
376 if (this->rsa && RSA_check_key(this->rsa))
377 {
378 return &this->public;
379 }
380 }
381 else if (n.ptr && e.ptr && d.ptr && p.ptr && q.ptr && coeff.ptr)
382 {
383 this->rsa = RSA_new();
384 this->rsa->n = BN_bin2bn((const u_char*)n.ptr, n.len, NULL);
385 this->rsa->e = BN_bin2bn((const u_char*)e.ptr, e.len, NULL);
386 this->rsa->d = BN_bin2bn((const u_char*)d.ptr, d.len, NULL);
387 this->rsa->p = BN_bin2bn((const u_char*)p.ptr, p.len, NULL);
388 this->rsa->q = BN_bin2bn((const u_char*)q.ptr, q.len, NULL);
389 if (exp1.ptr)
390 {
391 this->rsa->dmp1 = BN_bin2bn((const u_char*)exp1.ptr, exp1.len, NULL);
392 }
393 if (exp2.ptr)
394 {
395 this->rsa->dmq1 = BN_bin2bn((const u_char*)exp2.ptr, exp2.len, NULL);
396 }
397 this->rsa->iqmp = BN_bin2bn((const u_char*)coeff.ptr, coeff.len, NULL);
398 if (RSA_check_key(this->rsa))
399 {
400 return &this->public;
401 }
402 }
403 destroy(this);
404 return NULL;
405 }
406
407 /**
408 * See header.
409 */
410 openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
411 va_list args)
412 {
413 private_openssl_rsa_private_key_t *this;
414 char *keyid = NULL, *pin = NULL;
415 EVP_PKEY *key;
416 char *engine_id;
417 ENGINE *engine;
418
419 while (TRUE)
420 {
421 switch (va_arg(args, builder_part_t))
422 {
423 case BUILD_SMARTCARD_KEYID:
424 keyid = va_arg(args, char*);
425 continue;
426 case BUILD_SMARTCARD_PIN:
427 pin = va_arg(args, char*);
428 continue;
429 case BUILD_END:
430 break;
431 default:
432 return NULL;
433 }
434 break;
435 }
436 if (!keyid || !pin)
437 {
438 return NULL;
439 }
440
441 engine_id = lib->settings->get_str(lib->settings,
442 "library.plugins.openssl.engine_id", "pkcs11");
443 engine = ENGINE_by_id(engine_id);
444 if (!engine)
445 {
446 DBG1("engine '%s' is not available", engine_id);
447 return NULL;
448 }
449 if (!ENGINE_init(engine))
450 {
451 DBG1("failed to initialize engine '%s'", engine_id);
452 ENGINE_free(engine);
453 return NULL;
454 }
455 if (!ENGINE_ctrl_cmd_string(engine, "PIN", pin, 0))
456 {
457 DBG1("failed to set PIN on engine '%s'", engine_id);
458 ENGINE_free(engine);
459 return NULL;
460 }
461
462 key = ENGINE_load_private_key(engine, keyid, NULL, NULL);
463 if (!key)
464 {
465 DBG1("failed to load private key with ID '%s' from engine '%s'",
466 keyid, engine_id);
467 ENGINE_free(engine);
468 return NULL;
469 }
470 ENGINE_free(engine);
471
472 this = create_empty();
473 this->rsa = EVP_PKEY_get1_RSA(key);
474 this->engine = TRUE;
475
476 return &this->public;
477 }
478