removed old leak detective
[strongswan.git] / src / scepclient / scep.c
1 /**
2 * @file scep.c
3 * @brief SCEP specific functions
4 *
5 * Contains functions to build SCEP request's and to parse SCEP reply's.
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <string.h>
24 #include <stdlib.h>
25
26 #include <freeswan.h>
27 #include <asn1/oid.h>
28
29 #ifdef LIBCURL
30 #include <curl/curl.h>
31 #endif
32
33 #include "../pluto/constants.h"
34 #include "../pluto/defs.h"
35 #include "../pluto/rnd.h"
36 #include "../pluto/asn1.h"
37 #include "../pluto/pkcs1.h"
38 #include "../pluto/fetch.h"
39 #include "../pluto/log.h"
40
41 #include "scep.h"
42
43 static char ASN1_messageType_oid_str[] = {
44 0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x02
45 };
46
47 static char ASN1_senderNonce_oid_str[] = {
48 0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x05
49 };
50
51 static char ASN1_transId_oid_str[] = {
52 0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x07
53 };
54
55 static const chunk_t ASN1_messageType_oid =
56 strchunk(ASN1_messageType_oid_str);
57 static const chunk_t ASN1_senderNonce_oid =
58 strchunk(ASN1_senderNonce_oid_str);
59 static const chunk_t ASN1_transId_oid =
60 strchunk(ASN1_transId_oid_str);
61
62 static const char *pkiStatus_values[] = { "0", "2", "3" };
63
64 static const char *pkiStatus_names[] = {
65 "SUCCESS",
66 "FAILURE",
67 "PENDING",
68 "UNKNOWN"
69 };
70
71 static const char *msgType_values[] = { "3", "19", "20", "21", "22" };
72
73 static const char *msgType_names[] = {
74 "CertRep",
75 "PKCSReq",
76 "GetCertInitial",
77 "GetCert",
78 "GetCRL",
79 "Unknown"
80 };
81
82 static const char *failInfo_reasons[] = {
83 "badAlg - unrecognized or unsupported algorithm identifier",
84 "badMessageCheck - integrity check failed",
85 "badRequest - transaction not permitted or supported",
86 "badTime - Message time field was not sufficiently close to the system time",
87 "badCertId - No certificate could be identified matching the provided criteria"
88 };
89
90 const scep_attributes_t empty_scep_attributes = {
91 SCEP_Unknown_MSG , /* msgType */
92 SCEP_UNKNOWN , /* pkiStatus */
93 SCEP_unknown_REASON, /* failInfo */
94 { NULL, 0 } , /* transID */
95 { NULL, 0 } , /* senderNonce */
96 { NULL, 0 } , /* recipientNonce */
97 };
98
99 /* ASN.1 definition of the X.501 atttribute type */
100
101 static const asn1Object_t attributesObjects[] = {
102 { 0, "attributes", ASN1_SET, ASN1_LOOP }, /* 0 */
103 { 1, "attribute", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
104 { 2, "type", ASN1_OID, ASN1_BODY }, /* 2 */
105 { 2, "values", ASN1_SET, ASN1_LOOP }, /* 3 */
106 { 3, "value", ASN1_EOC, ASN1_RAW }, /* 4 */
107 { 2, "end loop", ASN1_EOC, ASN1_END }, /* 5 */
108 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 6 */
109 };
110
111 #define ATTRIBUTE_OBJ_TYPE 2
112 #define ATTRIBUTE_OBJ_VALUE 4
113 #define ATTRIBUTE_OBJ_ROOF 7
114
115 /*
116 * extract and store an attribute
117 */
118 static bool
119 extract_attribute(int oid, chunk_t object, u_int level
120 , scep_attributes_t *attrs)
121 {
122 asn1_t type = ASN1_EOC;
123 const char *name = "none";
124
125 switch (oid)
126 {
127 case OID_PKCS9_CONTENT_TYPE:
128 type = ASN1_OID;
129 name = "contentType";
130 break;
131 case OID_PKCS9_SIGNING_TIME:
132 type = ASN1_UTCTIME;
133 name = "signingTime";
134 break;
135 case OID_PKCS9_MESSAGE_DIGEST:
136 type = ASN1_OCTET_STRING;
137 name = "messageDigest";
138 break;
139 case OID_PKI_MESSAGE_TYPE:
140 type = ASN1_PRINTABLESTRING;
141 name = "messageType";
142 break;
143 case OID_PKI_STATUS:
144 type = ASN1_PRINTABLESTRING;
145 name = "pkiStatus";
146 break;
147 case OID_PKI_FAIL_INFO:
148 type = ASN1_PRINTABLESTRING;
149 name = "failInfo";
150 break;
151 case OID_PKI_SENDER_NONCE:
152 type = ASN1_OCTET_STRING;
153 name = "senderNonce";
154 break;
155 case OID_PKI_RECIPIENT_NONCE:
156 type = ASN1_OCTET_STRING;
157 name = "recipientNonce";
158 break;
159 case OID_PKI_TRANS_ID:
160 type = ASN1_PRINTABLESTRING;
161 name = "transID";
162 break;
163 default:
164 break;
165 }
166
167 if (type == ASN1_EOC)
168 return TRUE;
169
170 if (!parse_asn1_simple_object(&object, type, level+1, name))
171 return FALSE;
172
173 switch (oid)
174 {
175 case OID_PKCS9_CONTENT_TYPE:
176 break;
177 case OID_PKCS9_SIGNING_TIME:
178 break;
179 case OID_PKCS9_MESSAGE_DIGEST:
180 break;
181 case OID_PKI_MESSAGE_TYPE:
182 {
183 scep_msg_t m;
184
185 for (m = SCEP_CertRep_MSG; m < SCEP_Unknown_MSG; m++)
186 {
187 if (strncmp(msgType_values[m], object.ptr, object.len) == 0)
188 attrs->msgType = m;
189 }
190 DBG(DBG_CONTROL,
191 DBG_log("messageType: %s", msgType_names[attrs->msgType])
192 )
193 }
194 break;
195 case OID_PKI_STATUS:
196 {
197 pkiStatus_t s;
198
199 for (s = SCEP_SUCCESS; s < SCEP_UNKNOWN; s++)
200 {
201 if (strncmp(pkiStatus_values[s], object.ptr, object.len) == 0)
202 attrs->pkiStatus = s;
203 }
204 DBG(DBG_CONTROL,
205 DBG_log("pkiStatus: %s", pkiStatus_names[attrs->pkiStatus])
206 )
207 }
208 break;
209 case OID_PKI_FAIL_INFO:
210 if (object.len == 1
211 && *object.ptr >= '0' && *object.ptr <= '4')
212 {
213 attrs->failInfo = (failInfo_t)(*object.ptr - '0');
214 }
215 if (attrs->failInfo != SCEP_unknown_REASON)
216 plog("failInfo: %s", failInfo_reasons[attrs->failInfo]);
217 break;
218 case OID_PKI_SENDER_NONCE:
219 attrs->senderNonce = object;
220 break;
221 case OID_PKI_RECIPIENT_NONCE:
222 attrs->recipientNonce = object;
223 break;
224 case OID_PKI_TRANS_ID:
225 attrs->transID = object;
226 }
227 return TRUE;
228 }
229
230 /*
231 * parse X.501 attributes
232 */
233 bool
234 parse_attributes(chunk_t blob, scep_attributes_t *attrs)
235 {
236 asn1_ctx_t ctx;
237 chunk_t object;
238 u_int level;
239 int oid = OID_UNKNOWN;
240 int objectID = 0;
241
242 asn1_init(&ctx, blob, 0, FALSE, DBG_RAW);
243
244 DBG(DBG_CONTROL | DBG_PARSING,
245 DBG_log("parsing attributes")
246 )
247 while (objectID < ATTRIBUTE_OBJ_ROOF)
248 {
249 if (!extract_object(attributesObjects, &objectID
250 , &object, &level, &ctx))
251 return FALSE;
252
253 switch (objectID)
254 {
255 case ATTRIBUTE_OBJ_TYPE:
256 oid = asn1_known_oid(object);
257 break;
258 case ATTRIBUTE_OBJ_VALUE:
259 if (!extract_attribute(oid, object, level, attrs))
260 return FALSE;
261 }
262 objectID++;
263 }
264 return TRUE;
265 }
266
267 /* generates a unique fingerprint of the pkcs10 request
268 * by computing an MD5 hash over it
269 */
270 void
271 scep_generate_pkcs10_fingerprint(chunk_t pkcs10, chunk_t *fingerprint)
272 {
273 char buf[MD5_DIGEST_SIZE];
274 chunk_t digest = { buf, sizeof(buf) };
275
276 /* the fingerprint is the MD5 hash in hexadecimal format */
277 compute_digest(pkcs10, OID_MD5, &digest);
278 fingerprint->len = 2*digest.len;
279 fingerprint->ptr = alloc_bytes(fingerprint->len + 1, "fingerprint");
280 datatot(digest.ptr, digest.len, 16, fingerprint->ptr, fingerprint->len + 1);
281 }
282
283 /* generate a transaction id as the MD5 hash of an public key
284 * the transaction id is also used as a unique serial number
285 */
286 void
287 scep_generate_transaction_id(const RSA_public_key_t *rsak
288 , chunk_t *transID, chunk_t *serialNumber)
289 {
290 char buf[MD5_DIGEST_SIZE];
291
292 chunk_t digest = { buf, sizeof(buf) };
293 chunk_t public_key = pkcs1_build_publicKeyInfo(rsak);
294
295 bool msb_set;
296 u_char *pos;
297
298 compute_digest(public_key, OID_MD5, &digest);
299 pfree(public_key.ptr);
300
301 /* is the most significant bit of the digest set? */
302 msb_set = (*digest.ptr & 0x80) == 0x80;
303
304 /* allocate space for the serialNumber */
305 serialNumber->len = msb_set + digest.len;
306 serialNumber->ptr = alloc_bytes(serialNumber->len, "serialNumber");
307
308 /* the serial number as the two's complement of the digest */
309 pos = serialNumber->ptr;
310 if (msb_set)
311 {
312 *pos++ = 0x00;
313 }
314 memcpy(pos, digest.ptr, digest.len);
315
316 /* the transaction id is the serial number in hex format */
317 transID->len = 2*digest.len;
318 transID->ptr = alloc_bytes(transID->len + 1, "transID");
319 datatot(digest.ptr, digest.len, 16, transID->ptr, transID->len + 1);
320 }
321
322 /*
323 * builds a transId attribute
324 */
325 chunk_t
326 scep_transId_attribute(chunk_t transID)
327 {
328 return asn1_wrap(ASN1_SEQUENCE, "cm"
329 , ASN1_transId_oid
330 , asn1_wrap(ASN1_SET, "m"
331 , asn1_simple_object(ASN1_PRINTABLESTRING, transID)
332 )
333 );
334 }
335
336 /*
337 * builds a messageType attribute
338 */
339 chunk_t
340 scep_messageType_attribute(scep_msg_t m)
341 {
342 chunk_t msgType = {
343 (u_char*)msgType_values[m],
344 strlen(msgType_values[m])
345 };
346
347 return asn1_wrap(ASN1_SEQUENCE, "cm"
348 , ASN1_messageType_oid
349 , asn1_wrap(ASN1_SET, "m"
350 , asn1_simple_object(ASN1_PRINTABLESTRING, msgType)
351 )
352 );
353 }
354
355 /*
356 * builds a senderNonce attribute
357 */
358 chunk_t
359 scep_senderNonce_attribute(void)
360 {
361 const size_t nonce_len = 16;
362 u_char nonce_buf[nonce_len];
363 chunk_t senderNonce = { nonce_buf, nonce_len };
364
365 get_rnd_bytes(nonce_buf, nonce_len);
366
367 return asn1_wrap(ASN1_SEQUENCE, "cm"
368 , ASN1_senderNonce_oid
369 , asn1_wrap(ASN1_SET, "m"
370 , asn1_simple_object(ASN1_OCTET_STRING, senderNonce)
371 )
372 );
373 }
374
375 /*
376 * builds a pkcs7 enveloped and signed scep request
377 */
378 chunk_t
379 scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg
380 , const x509cert_t *enc_cert, int enc_alg
381 , const x509cert_t *signer_cert, int digest_alg
382 , const RSA_private_key_t *private_key)
383 {
384 chunk_t envelopedData, attributes, request;
385
386 envelopedData = pkcs7_build_envelopedData(data, enc_cert, enc_alg);
387
388 attributes = asn1_wrap(ASN1_SET, "mmmmm"
389 , pkcs7_contentType_attribute()
390 , pkcs7_messageDigest_attribute(envelopedData
391 , digest_alg)
392 , scep_transId_attribute(transID)
393 , scep_messageType_attribute(msg)
394 , scep_senderNonce_attribute());
395
396 request = pkcs7_build_signedData(envelopedData, attributes
397 , signer_cert, digest_alg, private_key);
398 freeanychunk(envelopedData);
399 freeanychunk(attributes);
400 return request;
401 }
402
403 #ifdef LIBCURL
404 /* converts a binary request to base64 with 64 characters per line
405 * newline and '+' characters are escaped by %0A and %2B, respectively
406 */
407 static char*
408 escape_http_request(chunk_t req)
409 {
410 char *escaped_req = NULL;
411 char *p1, *p2;
412 int lines = 0;
413 int plus = 0;
414 int n = 0;
415
416 /* compute and allocate the size of the base64-encoded request */
417 int len = 1 + 4*((req.len + 2)/3);
418 char *encoded_req = alloc_bytes(len, "encoded request");
419
420 /* do the base64 conversion */
421 len = datatot(req.ptr, req.len, 64, encoded_req, len);
422
423 /* compute newline characters to be inserted every 64 characters */
424 lines = (len - 2) / 64;
425
426 /* count number of + characters to be escaped */
427 p1 = encoded_req;
428 while (*p1 != '\0')
429 {
430 if (*p1++ == '+')
431 plus++;
432 }
433
434 escaped_req = alloc_bytes(len + 3*(lines + plus), "escaped request");
435
436 /* escape special characters in the request */
437 p1 = encoded_req;
438 p2 = escaped_req;
439 while (*p1 != '\0')
440 {
441 if (n == 64)
442 {
443 memcpy(p2, "%0A", 3);
444 p2 += 3;
445 n = 0;
446 }
447 if (*p1 == '+')
448 {
449 memcpy(p2, "%2B", 3);
450 p2 += 3;
451 }
452 else
453 {
454 *p2++ = *p1;
455 }
456 p1++;
457 n++;
458 }
459 *p2 = '\0';
460 pfreeany(encoded_req);
461 return escaped_req;
462 }
463 #endif
464
465 /*
466 * send a SCEP request via HTTP and wait for a response
467 */
468 bool
469 scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op
470 , fetch_request_t req_type, chunk_t *response)
471 {
472 #ifdef LIBCURL
473 char errorbuffer[CURL_ERROR_SIZE] = "";
474 char *complete_url = NULL;
475 struct curl_slist *headers = NULL;
476 CURL *curl;
477 CURLcode res;
478
479 /* initialize response */
480 *response = empty_chunk;
481
482 /* initialize curl context */
483 curl = curl_easy_init();
484 if (curl == NULL)
485 {
486 plog("could not initialize curl context");
487 return FALSE;
488 }
489
490 if (op == SCEP_PKI_OPERATION)
491 {
492 const char operation[] = "PKIOperation";
493
494 if (req_type == FETCH_GET)
495 {
496 char *escaped_req = escape_http_request(pkcs7);
497
498 /* form complete url */
499 int len = strlen(url) + 20 + strlen(operation) + strlen(escaped_req) + 1;
500
501 complete_url = alloc_bytes(len, "complete url");
502 snprintf(complete_url, len, "%s?operation=%s&message=%s"
503 , url, operation, escaped_req);
504 pfreeany(escaped_req);
505
506 curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE);
507 headers = curl_slist_append(headers, "Pragma:");
508 headers = curl_slist_append(headers, "Host:");
509 headers = curl_slist_append(headers, "Accept:");
510 curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
511 curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
512 }
513 else /* HTTP_POST */
514 {
515 /* form complete url */
516 int len = strlen(url) + 11 + strlen(operation) + 1;
517
518 complete_url = alloc_bytes(len, "complete url");
519 snprintf(complete_url, len, "%s?operation=%s", url, operation);
520
521 curl_easy_setopt(curl, CURLOPT_HTTPGET, FALSE);
522 headers = curl_slist_append(headers, "Content-Type:");
523 headers = curl_slist_append(headers, "Expect:");
524 curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
525 curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (char*)pkcs7.ptr);
526 curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, pkcs7.len);
527 }
528 }
529 else /* SCEP_GET_CA_CERT */
530 {
531 const char operation[] = "GetCACert";
532
533 /* form complete url */
534 int len = strlen(url) + 32 + strlen(operation) + 1;
535
536 complete_url = alloc_bytes(len, "complete url");
537 snprintf(complete_url, len, "%s?operation=%s&message=CAIdentifier"
538 , url, operation);
539
540 curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE);
541 }
542
543 curl_easy_setopt(curl, CURLOPT_URL, complete_url);
544 curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer);
545 curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)response);
546 curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
547 curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE);
548 curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT);
549
550 DBG(DBG_CONTROL,
551 DBG_log("sending scep request to '%s'", url)
552 )
553 res = curl_easy_perform(curl);
554
555 if (res == CURLE_OK)
556 {
557 DBG(DBG_CONTROL,
558 DBG_log("received scep response")
559 )
560 DBG(DBG_RAW,
561 DBG_dump_chunk("SCEP response:\n", *response)
562 )
563 }
564 else
565 {
566 plog("failed to fetch scep response from '%s': %s", url, errorbuffer);
567 }
568 curl_slist_free_all(headers);
569 curl_easy_cleanup(curl);
570 pfreeany(complete_url);
571
572 return (res == CURLE_OK);
573 #else /* !LIBCURL */
574 plog("scep error: pluto wasn't compiled with libcurl support");
575 return FALSE;
576 #endif /* !LIBCURL */
577 }
578
579 err_t
580 scep_parse_response(chunk_t response, chunk_t transID, contentInfo_t *data
581 , scep_attributes_t *attrs, x509cert_t *signer_cert)
582 {
583 chunk_t attributes;
584
585 if (!pkcs7_parse_signedData(response, data, NULL, &attributes, signer_cert))
586 {
587 return "error parsing the scep response";
588 }
589 if (!parse_attributes(attributes, attrs))
590 {
591 return "error parsing the scep response attributes";
592 }
593 if (!same_chunk(transID, attrs->transID))
594 {
595 return "transaction ID of scep response does not match";
596 }
597 return NULL;
598 }