Updated openssl plugin to the new builder API
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_ec_private_key.c
index de9733a..8533140 100644 (file)
@@ -1,4 +1,5 @@
 /*
+ * Copyright (C) 2009 Martin Willi
  * Copyright (C) 2008 Tobias Brunner
  * Hochschule fuer Technik Rapperswil
  *
@@ -21,6 +22,7 @@
 
 #include <openssl/evp.h>
 #include <openssl/ecdsa.h>
+#include <openssl/x509.h>
 
 typedef struct private_openssl_ec_private_key_t private_openssl_ec_private_key_t;
 
@@ -32,178 +34,138 @@ struct private_openssl_ec_private_key_t {
         * Public interface for this signer.
         */
        openssl_ec_private_key_t public;
-       
+
        /**
         * EC key object
         */
        EC_KEY *ec;
 
        /**
-        * Keyid formed as a SHA-1 hash of a privateKey object
-        */
-       identification_t* keyid;
-
-       /**
-        * Keyid formed as a SHA-1 hash of a privateKeyInfo object
-        */
-       identification_t* keyid_info;
-       
-       /**
         * reference count
         */
-       refcount_t ref; 
+       refcount_t ref;
 };
 
-/**
- * Mapping from the signature scheme defined in (RFC 4754) to the elliptic
- * curve and the hash algorithm
- */
-typedef struct {
-       /**
-        * Scheme specified in RFC 4754
-        */
-       int scheme;
-       
-       /**
-        * NID of the hash
-        */
-       int hash;
-       
-       /**
-        * NID of the curve
-        */
-       int curve;
-} openssl_ecdsa_scheme_t;
-
-#define END_OF_LIST -1
-
-/**
- * Signature schemes
- */
-static openssl_ecdsa_scheme_t ecdsa_schemes[] = {
-       {SIGN_ECDSA_256, NID_sha256, NID_X9_62_prime256v1},
-       {SIGN_ECDSA_384, NID_sha384, NID_secp384r1},
-       {SIGN_ECDSA_521, NID_sha512, NID_secp521r1},
-       {END_OF_LIST,    0,          0},
-};
+/* from ec public key */
+bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp);
 
 /**
- * Look up the hash and curve of a signature scheme
+ * Build a signature as in RFC 4754
  */
-static bool lookup_scheme(int scheme, int *hash, int *curve)
+static bool build_signature(private_openssl_ec_private_key_t *this,
+                                                       chunk_t hash, chunk_t *signature)
 {
-       openssl_ecdsa_scheme_t *ecdsa_scheme = ecdsa_schemes;
-       while (ecdsa_scheme->scheme != END_OF_LIST)
+       bool built = FALSE;
+       ECDSA_SIG *sig;
+
+       sig = ECDSA_do_sign(hash.ptr, hash.len, this->ec);
+       if (sig)
        {
-               if (scheme == ecdsa_scheme->scheme)
-               {
-                       *hash = ecdsa_scheme->hash;
-                       *curve = ecdsa_scheme->curve;
-                       return TRUE;
-               }
-               ecdsa_scheme++;
+               /* concatenate BNs r/s to a signature chunk */
+               built = openssl_bn_cat(EC_FIELD_ELEMENT_LEN(EC_KEY_get0_group(this->ec)),
+                                                          sig->r, sig->s, signature);
+               ECDSA_SIG_free(sig);
        }
-       return FALSE;
+       return built;
 }
 
 /**
- * shared functions, implemented in openssl_ec_public_key.c
+ * Build a RFC 4754 signature for a specified curve and hash algorithm
  */
-bool openssl_ec_public_key_build_id(EC_KEY *ec, identification_t **keyid,
-                                                                identification_t **keyid_info);
-
-openssl_ec_public_key_t *openssl_ec_public_key_create_from_private_key(EC_KEY *ec);
-
-
-/**
- * Convert an ECDSA_SIG to a chunk by concatenating r and s.
- * This function allocates memory for the chunk.
- */
-static bool sig2chunk(const EC_GROUP *group, ECDSA_SIG *sig, chunk_t *chunk)
+static bool build_curve_signature(private_openssl_ec_private_key_t *this,
+                                                               signature_scheme_t scheme, int nid_hash,
+                                                               int nid_curve, chunk_t data, chunk_t *signature)
 {
-       return openssl_bn_cat(EC_FIELD_ELEMENT_LEN(group), sig->r, sig->s, chunk);
-}
+       const EC_GROUP *my_group;
+       EC_GROUP *req_group;
+       chunk_t hash;
+       bool built;
 
-/**
- * Build the signature
- */
-static bool build_signature(private_openssl_ec_private_key_t *this,
-                                                       int hash_type, chunk_t data, chunk_t *signature)
-{
-       chunk_t hash = chunk_empty;
-       ECDSA_SIG *sig;
-       bool ret = FALSE;
-       
-       if (!openssl_hash_chunk(hash_type, data, &hash))
+       req_group = EC_GROUP_new_by_curve_name(nid_curve);
+       if (!req_group)
        {
+               DBG1("signature scheme %N not supported in EC (required curve "
+                        "not supported)", signature_scheme_names, scheme);
                return FALSE;
        }
-       
-       sig = ECDSA_do_sign(hash.ptr, hash.len, this->ec);
-       if (!sig)
+       my_group = EC_KEY_get0_group(this->ec);
+       if (EC_GROUP_cmp(my_group, req_group, NULL) != 0)
        {
-               goto error;
+               DBG1("signature scheme %N not supported by private key",
+                        signature_scheme_names, scheme);
+               return FALSE;
        }
-       
-       if (!sig2chunk(EC_KEY_get0_group(this->ec), sig, signature))
+       EC_GROUP_free(req_group);
+       if (!openssl_hash_chunk(nid_hash, data, &hash))
        {
-               goto error;
+               return FALSE;
        }
-       
-       ret = TRUE;
-error:
+       built = build_signature(this, hash, signature);
        chunk_free(&hash);
-       if (sig)
-       {
-               ECDSA_SIG_free(sig);
-       }
-       return ret;
+       return built;
 }
 
 /**
- * Implementation of private_key_t.get_type.
+ * Build a DER encoded signature as in RFC 3279
  */
-static key_type_t get_type(private_openssl_ec_private_key_t *this)
+static bool build_der_signature(private_openssl_ec_private_key_t *this,
+                                                               int hash_nid, chunk_t data, chunk_t *signature)
 {
-       return KEY_ECDSA;
-}
+       chunk_t hash, sig;
+       int siglen = 0;
+       bool built;
 
-/**
- * Implementation of private_key_t.sign.
- */
-static bool sign(private_openssl_ec_private_key_t *this, signature_scheme_t scheme, 
-                                chunk_t data, chunk_t *signature)
-{
-       EC_GROUP *req_group;
-       const EC_GROUP *my_group;
-       int hash, curve;
-       
-       if (!lookup_scheme(scheme, &hash, &curve))
+       if (!openssl_hash_chunk(hash_nid, data, &hash))
        {
-               DBG1("signature scheme %N not supported in EC",
-                                signature_scheme_names, scheme);
                return FALSE;
        }
-       
-       req_group = EC_GROUP_new_by_curve_name(curve);
-       if (!req_group)
+       sig = chunk_alloc(ECDSA_size(this->ec));
+       built = ECDSA_sign(0, hash.ptr, hash.len, sig.ptr, &siglen, this->ec) == 1;
+       sig.len = siglen;
+       if (built)
        {
-               DBG1("signature scheme %N not supported in EC (required curve not supported)",
-                                signature_scheme_names, scheme);
-               return FALSE;
+               *signature = sig;
        }
-       
-       my_group = EC_KEY_get0_group(this->ec);
-       if (EC_GROUP_cmp(my_group, req_group, NULL) != 0)
+       else
        {
-               DBG1("signature scheme %N not supported by private key",
+               free(sig.ptr);
+       }
+       free(hash.ptr);
+       return built;
+}
+
+/**
+ * Implementation of private_key_t.sign.
+ */
+static bool sign(private_openssl_ec_private_key_t *this,
+                                signature_scheme_t scheme, chunk_t data, chunk_t *signature)
+{
+       switch (scheme)
+       {
+               case SIGN_ECDSA_WITH_NULL:
+                       return build_signature(this, data, signature);
+               case SIGN_ECDSA_WITH_SHA1_DER:
+                       return build_der_signature(this, NID_sha1, data, signature);
+               case SIGN_ECDSA_WITH_SHA256_DER:
+                       return build_der_signature(this, NID_sha256, data, signature);
+               case SIGN_ECDSA_WITH_SHA384_DER:
+                       return build_der_signature(this, NID_sha384, data, signature);
+               case SIGN_ECDSA_WITH_SHA512_DER:
+                       return build_der_signature(this, NID_sha512, data, signature);
+               case SIGN_ECDSA_256:
+                       return build_curve_signature(this, scheme, NID_sha256,
+                                                                                NID_X9_62_prime256v1, data, signature);
+               case SIGN_ECDSA_384:
+                       return build_curve_signature(this, scheme, NID_sha384,
+                                                                                NID_secp384r1, data, signature);
+               case SIGN_ECDSA_521:
+                       return build_curve_signature(this, scheme, NID_sha512,
+                                                                                NID_secp521r1, data, signature);
+               default:
+                       DBG1("signature scheme %N not supported",
                                 signature_scheme_names, scheme);
-               return FALSE;
+                       return FALSE;
        }
-       
-       EC_GROUP_free(req_group);
-       
-       return build_signature(this, hash, data, signature);
 }
 
 /**
@@ -225,73 +187,70 @@ static size_t get_keysize(private_openssl_ec_private_key_t *this)
 }
 
 /**
- * Implementation of private_key_t.get_id.
+ * Implementation of private_key_t.get_type.
  */
-static identification_t* get_id(private_openssl_ec_private_key_t *this,
-                                                               id_type_t type)
+static key_type_t get_type(private_openssl_ec_private_key_t *this)
 {
-       switch (type)
-       {
-               case ID_PUBKEY_INFO_SHA1:
-                       return this->keyid_info;
-               case ID_PUBKEY_SHA1:
-                       return this->keyid;
-               default:
-                       return NULL;
-       }
+       return KEY_ECDSA;
 }
 
 /**
  * Implementation of private_key_t.get_public_key.
  */
-static openssl_ec_public_key_t* get_public_key(private_openssl_ec_private_key_t *this)
+static public_key_t* get_public_key(private_openssl_ec_private_key_t *this)
 {
-       return openssl_ec_public_key_create_from_private_key(this->ec);
+       public_key_t *public;
+       chunk_t key;
+       u_char *p;
+
+       key = chunk_alloc(i2d_EC_PUBKEY(this->ec, NULL));
+       p = key.ptr;
+       i2d_EC_PUBKEY(this->ec, &p);
+
+       public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ECDSA,
+                                                               BUILD_BLOB_ASN1_DER, key, BUILD_END);
+       free(key.ptr);
+       return public;
 }
 
 /**
- * Implementation of private_key_t.belongs_to.
+ * Implementation of private_key_t.get_fingerprint.
  */
-static bool belongs_to(private_openssl_ec_private_key_t *this, public_key_t *public)
+static bool get_fingerprint(private_openssl_ec_private_key_t *this,
+                                                       key_encoding_type_t type, chunk_t *fingerprint)
 {
-       identification_t *keyid;
-
-       if (public->get_type(public) != KEY_ECDSA)
-       {
-               return FALSE;
-       }
-       keyid = public->get_id(public, ID_PUBKEY_SHA1);
-       if (keyid && keyid->equals(keyid, this->keyid))
-       {
-               return TRUE;
-       }
-       keyid = public->get_id(public, ID_PUBKEY_INFO_SHA1);
-       if (keyid && keyid->equals(keyid, this->keyid_info))
-       {
-               return TRUE;
-       }
-       return FALSE;
+       return openssl_ec_fingerprint(this->ec, type, fingerprint);
 }
 
 /**
  * Implementation of private_key_t.get_encoding.
  */
-static chunk_t get_encoding(private_openssl_ec_private_key_t *this)
+static bool get_encoding(private_openssl_ec_private_key_t *this,
+                                                key_encoding_type_t type, chunk_t *encoding)
 {
-       chunk_t enc = chunk_alloc(i2d_ECPrivateKey(this->ec, NULL));
-       u_char *p = enc.ptr;
-       i2d_ECPrivateKey(this->ec, &p);
-       return enc;
+       u_char *p;
+
+       switch (type)
+       {
+               case KEY_PRIV_ASN1_DER:
+               {
+                       *encoding = chunk_alloc(i2d_ECPrivateKey(this->ec, NULL));
+                       p = encoding->ptr;
+                       i2d_ECPrivateKey(this->ec, &p);
+                       return TRUE;
+               }
+               default:
+                       return FALSE;
+       }
 }
 
 /**
  * Implementation of private_key_t.get_ref.
  */
-static private_openssl_ec_private_key_t* get_ref(private_openssl_ec_private_key_t *this)
+static private_key_t* get_ref(private_openssl_ec_private_key_t *this)
 {
        ref_get(&this->ref);
-       return this;
-
+       return &this->public.interface;
 }
 
 /**
@@ -303,10 +262,9 @@ static void destroy(private_openssl_ec_private_key_t *this)
        {
                if (this->ec)
                {
+                       lib->encoding->clear_cache(lib->encoding, this->ec);
                        EC_KEY_free(this->ec);
                }
-               DESTROY_IF(this->keyid);
-               DESTROY_IF(this->keyid_info);
                free(this);
        }
 }
@@ -314,133 +272,120 @@ static void destroy(private_openssl_ec_private_key_t *this)
 /**
  * Internal generic constructor
  */
-static private_openssl_ec_private_key_t *openssl_ec_private_key_create_empty(void)
+static private_openssl_ec_private_key_t *create_empty(void)
 {
        private_openssl_ec_private_key_t *this = malloc_thing(private_openssl_ec_private_key_t);
-       
+
        this->public.interface.get_type = (key_type_t (*)(private_key_t *this))get_type;
        this->public.interface.sign = (bool (*)(private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature))sign;
        this->public.interface.decrypt = (bool (*)(private_key_t *this, chunk_t crypto, chunk_t *plain))decrypt;
        this->public.interface.get_keysize = (size_t (*) (private_key_t *this))get_keysize;
-       this->public.interface.get_id = (identification_t* (*) (private_key_t *this,id_type_t))get_id;
        this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key;
-       this->public.interface.belongs_to = (bool (*) (private_key_t *this, public_key_t *public))belongs_to;
-       this->public.interface.get_encoding = (chunk_t(*)(private_key_t*))get_encoding;
+       this->public.interface.equals = private_key_equals;
+       this->public.interface.belongs_to = private_key_belongs_to;
+       this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
+       this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
        this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
        this->public.interface.destroy = (void (*)(private_key_t *this))destroy;
-       
+
        this->ec = NULL;
-       this->keyid = NULL;
-       this->keyid_info = NULL;
        this->ref = 1;
-       
+
        return this;
 }
 
 /**
- * load private key from an ASN1 encoded blob
+ * See header.
  */
-static openssl_ec_private_key_t *load(chunk_t blob)
+openssl_ec_private_key_t *openssl_ec_private_key_gen(key_type_t type,
+                                                                                                        va_list args)
 {
-       u_char *p = blob.ptr;
-       private_openssl_ec_private_key_t *this = openssl_ec_private_key_create_empty();
-       
-       this->ec = d2i_ECPrivateKey(NULL, (const u_char**)&p, blob.len);
-       
-       chunk_clear(&blob);
+       private_openssl_ec_private_key_t *this;
+       u_int key_size = 0;
 
-       if (!this->ec)
+       while (TRUE)
        {
-               destroy(this);
-               return NULL;
+               switch (va_arg(args, builder_part_t))
+               {
+                       case BUILD_KEY_SIZE:
+                               key_size = va_arg(args, u_int);
+                               continue;
+                       case BUILD_END:
+                               break;
+                       default:
+                               return NULL;
+               }
+               break;
        }
-       
-       if (!openssl_ec_public_key_build_id(this->ec, &this->keyid, &this->keyid_info))
+       if (!key_size)
        {
-               destroy(this);
                return NULL;
        }
-       
-       if (!EC_KEY_check_key(this->ec))
+       this = create_empty();
+       switch (key_size)
        {
+               case 256:
+                       this->ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+                       break;
+               case 384:
+                       this->ec = EC_KEY_new_by_curve_name(NID_secp384r1);
+                       break;
+               case 521:
+                       this->ec = EC_KEY_new_by_curve_name(NID_secp521r1);
+                       break;
+               default:
+                       DBG1("EC private key size %d not supported", key_size);
+                       destroy(this);
+                       return NULL;
+       }
+       if (EC_KEY_generate_key(this->ec) != 1)
+       {
+               DBG1("EC private key generation failed", key_size);
                destroy(this);
                return NULL;
        }
-       
+       /* encode as a named curve key (no parameters), uncompressed public key */
+       EC_KEY_set_asn1_flag(this->ec, OPENSSL_EC_NAMED_CURVE);
+       EC_KEY_set_conv_form(this->ec, POINT_CONVERSION_UNCOMPRESSED);
        return &this->public;
 }
 
-typedef struct private_builder_t private_builder_t;
-/**
- * Builder implementation for key loading/generation
- */
-struct private_builder_t {
-       /** implements the builder interface */
-       builder_t public;
-       /** loaded/generated private key */
-       openssl_ec_private_key_t *key;
-};
-
 /**
- * Implementation of builder_t.build
+ * See header.
  */
-static openssl_ec_private_key_t *build(private_builder_t *this)
+openssl_ec_private_key_t *openssl_ec_private_key_load(key_type_t type,
+                                                                                                         va_list args)
 {
-       openssl_ec_private_key_t *key = this->key;
-       
-       free(this);
-       return key;
-}
+       private_openssl_ec_private_key_t *this;
+       chunk_t blob = chunk_empty;
 
-/**
- * Implementation of builder_t.add
- */
-static void add(private_builder_t *this, builder_part_t part, ...)
-{
-       if (!this->key)
+       while (TRUE)
        {
-               va_list args;
-               chunk_t chunk;
-               
-               switch (part)
+               switch (va_arg(args, builder_part_t))
                {
                        case BUILD_BLOB_ASN1_DER:
-                       {
-                               va_start(args, part);
-                               chunk = va_arg(args, chunk_t);
-                               this->key = load(chunk_clone(chunk));
-                               va_end(args);
-                               return;
-                       }
-                       default:
+                               blob = va_arg(args, chunk_t);
+                               continue;
+                       case BUILD_END:
                                break;
+                       default:
+                               return NULL;
                }
+               break;
        }
-       if (this->key)
+
+       this = create_empty();
+       this->ec = d2i_ECPrivateKey(NULL, (const u_char**)&blob.ptr, blob.len);
+       if (!this->ec)
        {
-               destroy((private_openssl_ec_private_key_t*)this->key);
+               destroy(this);
+               return NULL;
        }
-       builder_cancel(&this->public);
-}
-
-/**
- * Builder construction function
- */
-builder_t *openssl_ec_private_key_builder(key_type_t type)
-{
-       private_builder_t *this;
-       
-       if (type != KEY_ECDSA)
+       if (!EC_KEY_check_key(this->ec))
        {
+               destroy(this);
                return NULL;
        }
-       
-       this = malloc_thing(private_builder_t);
-       
-       this->key = NULL;
-       this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
-       this->public.build = (void*(*)(builder_t *this))build;
-       
        return &this->public;
 }