/* Converts an X.509 certificate to subjectPublicKeyInfo */
int x509_crt_to_raw_pubkey(gnutls_x509_crt_t crt,
gnutls_datum_t * rpubkey)
{
gnutls_pubkey_t pubkey = NULL;
int ret;
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0)
return gnutls_assert_val(ret);
ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
gnutls_pubkey_export2(pubkey, GNUTLS_X509_FMT_DER, rpubkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = 0;
cleanup:
gnutls_pubkey_deinit(pubkey);
return ret;
}
gnutls_pubkey_t load_public_key_or_import(int mand,
gnutls_privkey_t privkey,
common_info_st * info)
{
gnutls_pubkey_t pubkey;
int ret;
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0) {
fprintf(stderr, "gnutls_pubkey_init: %s\n",
gnutls_strerror(ret));
exit(1);
}
if (!privkey || (ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0)) < 0) { /* could not get (e.g. on PKCS #11 */
gnutls_pubkey_deinit(pubkey);
pubkey = load_pubkey(0, info);
if (pubkey == NULL && mand) {
fprintf(stderr, "You must specify --load-privkey\n");
exit(1);
}
}
return pubkey;
}
/**
* gnutls_pcert_import_x509:
* @pcert: The pcert structure
* @crt: The raw certificate to be imported
* @flags: zero for now
*
* This convenience function will import the given certificate to a
* #gnutls_pcert_st structure. The structure must be deinitialized
* afterwards using gnutls_pcert_deinit();
*
* Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
* negative error value.
**/
int gnutls_pcert_import_x509 (gnutls_pcert_st* pcert,
gnutls_x509_crt_t crt, unsigned int flags)
{
int ret;
size_t sz;
memset(pcert, 0, sizeof(*pcert));
pcert->type = GNUTLS_CRT_X509;
pcert->cert.data = NULL;
sz = 0;
ret = gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_DER, NULL, &sz);
if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
{
ret = gnutls_assert_val(ret);
goto cleanup;
}
pcert->cert.data = gnutls_malloc(sz);
if (pcert->cert.data == NULL)
{
ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
goto cleanup;
}
ret = gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_DER, pcert->cert.data, &sz);
if (ret < 0)
{
ret = gnutls_assert_val(ret);
goto cleanup;
}
pcert->cert.size = sz;
ret = gnutls_pubkey_init(&pcert->pubkey);
if (ret < 0)
{
ret = gnutls_assert_val(ret);
goto cleanup;
}
ret = gnutls_pubkey_import_x509(pcert->pubkey, crt, 0);
if (ret < 0)
{
gnutls_pubkey_deinit(pcert->pubkey);
ret = gnutls_assert_val(ret);
goto cleanup;
}
return 0;
cleanup:
gnutls_free(pcert->cert.data);
return ret;
}
static CURLcode pkp_pin_peer_pubkey(struct SessionHandle *data,
gnutls_x509_crt_t cert,
const char *pinnedpubkey)
{
/* Scratch */
size_t len1 = 0, len2 = 0;
unsigned char *buff1 = NULL;
gnutls_pubkey_t key = NULL;
/* Result is returned to caller */
int ret = 0;
CURLcode result = CURLE_SSL_PINNEDPUBKEYNOTMATCH;
/* if a path wasn't specified, don't pin */
if(NULL == pinnedpubkey)
return CURLE_OK;
if(NULL == cert)
return result;
do {
/* Begin Gyrations to get the public key */
gnutls_pubkey_init(&key);
ret = gnutls_pubkey_import_x509(key, cert, 0);
if(ret < 0)
break; /* failed */
ret = gnutls_pubkey_export(key, GNUTLS_X509_FMT_DER, NULL, &len1);
if(ret != GNUTLS_E_SHORT_MEMORY_BUFFER || len1 == 0)
break; /* failed */
buff1 = malloc(len1);
if(NULL == buff1)
break; /* failed */
len2 = len1;
ret = gnutls_pubkey_export(key, GNUTLS_X509_FMT_DER, buff1, &len2);
if(ret < 0 || len1 != len2)
break; /* failed */
/* End Gyrations */
/* The one good exit point */
result = Curl_pin_peer_pubkey(data, pinnedpubkey, buff1, len1);
} while(0);
if(NULL != key)
gnutls_pubkey_deinit(key);
Curl_safefree(buff1);
return result;
}
PublicKey
PrivateKey::getPublicKey() const
{
gnutls_pubkey_t pk;
gnutls_pubkey_init(&pk);
PublicKey pk_ret {pk};
if (gnutls_pubkey_import_privkey(pk, key, GNUTLS_KEY_KEY_CERT_SIGN | GNUTLS_KEY_CRL_SIGN, 0) != GNUTLS_E_SUCCESS)
return {};
return pk_ret;
}
PublicKey
Certificate::getPublicKey() const
{
gnutls_pubkey_t pk;
gnutls_pubkey_init(&pk);
PublicKey pk_ret(pk);
if (gnutls_pubkey_import_x509(pk, cert, 0) != GNUTLS_E_SUCCESS)
return {};
return pk_ret;
}
static
int dcrypt_gnutls_private_to_public_key(struct dcrypt_private_key *priv_key, struct dcrypt_public_key **pub_key_r, const char **error_r)
{
int ec;
gnutls_privkey_t priv = (gnutls_privkey_t)priv_key;
if (gnutls_privkey_get_pk_algorithm(priv, NULL) == GNUTLS_PK_RSA) {
gnutls_datum_t m,e;
/* do not extract anything we don't need */
ec = gnutls_privkey_export_rsa_raw(priv, &m, &e, NULL, NULL, NULL, NULL, NULL, NULL);
if (ec != GNUTLS_E_SUCCESS) return dcrypt_gnutls_error(ec, error_r);
gnutls_pubkey_t pub;
gnutls_pubkey_init(&pub);
ec = gnutls_pubkey_import_rsa_raw(pub, &m, &e);
gnutls_free(m.data);
gnutls_free(e.data);
if (ec < 0) {
gnutls_pubkey_deinit(pub);
return dcrypt_gnutls_error(ec, error_r);
}
*pub_key_r = (struct dcrypt_public_key*)pub;
return 0;
} else if (gnutls_privkey_get_pk_algorithm(priv, NULL) == GNUTLS_PK_EC) {
gnutls_ecc_curve_t curve;
gnutls_datum_t x,y,k;
ec = gnutls_privkey_export_ecc_raw(priv, &curve, &x, &y, NULL);
if (ec != GNUTLS_E_SUCCESS) return dcrypt_gnutls_error(ec, error_r);
gnutls_pubkey_t pub;
gnutls_pubkey_init(&pub);
ec = gnutls_pubkey_import_ecc_raw(pub, curve, &x, &y);
gnutls_free(x.data);
gnutls_free(y.data);
if (ec < 0) {
gnutls_pubkey_deinit(pub);
return dcrypt_gnutls_error(ec, error_r);
}
*pub_key_r = (struct dcrypt_public_key*)pub;
return 0;
}
return -1;
}
/* Load a public key.
* @mand should be non zero if it is required to read a public key.
*/
gnutls_pubkey_t load_pubkey(int mand, common_info_st * info)
{
gnutls_pubkey_t key;
int ret;
gnutls_datum_t dat;
size_t size;
if (!info->pubkey && !mand)
return NULL;
if (info->pubkey == NULL) {
fprintf(stderr, "missing --load-pubkey\n");
exit(1);
}
if (gnutls_url_is_supported(info->pubkey) != 0)
return _load_url_pubkey(info->pubkey);
ret = gnutls_pubkey_init(&key);
if (ret < 0) {
fprintf(stderr, "privkey_init: %s\n", gnutls_strerror(ret));
exit(1);
}
dat.data = (void *) read_binary_file(info->pubkey, &size);
dat.size = size;
if (!dat.data) {
fprintf(stderr, "reading --load-pubkey: %s\n", info->pubkey);
exit(1);
}
ret = gnutls_pubkey_import(key, &dat, info->incert_format);
free(dat.data);
if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) {
fprintf(stderr,
"import error: could not find a valid PEM header; "
"check if your key has the PUBLIC KEY header\n");
exit(1);
}
if (ret < 0) {
fprintf(stderr, "importing --load-pubkey: %s: %s\n",
info->pubkey, gnutls_strerror(ret));
exit(1);
}
return key;
}
void
PublicKey::unpack(Blob::const_iterator& begin, Blob::const_iterator& end)
{
Blob tmp = deserialize<Blob>(begin, end);
if (pk)
gnutls_pubkey_deinit(pk);
gnutls_pubkey_init(&pk);
const gnutls_datum_t dat {(uint8_t*)tmp.data(), (unsigned)tmp.size()};
int err = gnutls_pubkey_import(pk, &dat, GNUTLS_X509_FMT_PEM);
if (err != GNUTLS_E_SUCCESS)
err = gnutls_pubkey_import(pk, &dat, GNUTLS_X509_FMT_DER);
if (err != GNUTLS_E_SUCCESS)
throw CryptoException(std::string("Could not read public key: ") + gnutls_strerror(err));
}
static gnutls_digest_algorithm_t get_dig(gnutls_x509_crt_t crt)
{
gnutls_pubkey_t pubkey;
gnutls_pubkey_init(&pubkey);
int result = gnutls_pubkey_import_x509(pubkey, crt, 0);
if (result < 0) {
gnutls_pubkey_deinit(pubkey);
return GNUTLS_DIG_UNKNOWN;
}
gnutls_digest_algorithm_t dig = get_dig_for_pub(pubkey);
gnutls_pubkey_deinit(pubkey);
return dig;
}
/* Load a public key.
* @mand should be non zero if it is required to read a public key.
*/
gnutls_pubkey_t
load_pubkey (int mand, common_info_st * info)
{
gnutls_pubkey_t key;
int ret;
gnutls_datum_t dat;
size_t size;
if (!info->pubkey && !mand)
return NULL;
if (info->pubkey == NULL)
error (EXIT_FAILURE, 0, "missing --load-pubkey");
#ifdef ENABLE_PKCS11
if (strncmp(info->pubkey, "pkcs11:", 7) == 0)
return _load_pkcs11_pubkey(info->pubkey);
#endif
ret = gnutls_pubkey_init (&key);
if (ret < 0)
error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
dat.data = read_binary_file (info->pubkey, &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-pubkey: %s", info->pubkey);
ret = gnutls_pubkey_import (key, &dat, info->incert_format);
free (dat.data);
if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
{
error (EXIT_FAILURE, 0,
"import error: could not find a valid PEM header; "
"check if your key has the PUBLIC KEY header");
}
if (ret < 0)
error (EXIT_FAILURE, 0, "importing --load-pubkey: %s: %s",
info->pubkey, gnutls_strerror (ret));
return key;
}
gnutls_pubkey_t load_public_key_or_import(int mand, gnutls_privkey_t privkey, common_info_st * info)
{
gnutls_pubkey_t pubkey;
int ret;
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0)
error (EXIT_FAILURE, 0, "gnutls_pubkey_init: %s",
gnutls_strerror (ret));
if (!privkey || (ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0)) < 0)
{ /* could not get (e.g. on PKCS #11 */
gnutls_pubkey_deinit(pubkey);
return load_pubkey(mand, info);
}
return pubkey;
}
int main(void)
{
gnutls_x509_crt_t crt;
gnutls_pubkey_t pubkey;
gnutls_datum_t data = { (void *) "foo", 3 };
gnutls_datum_t sig = { (void *) "bar", 3 };
int ret;
global_init();
ret = gnutls_x509_crt_init(&crt);
if (ret < 0)
return 1;
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0)
return 1;
ret =
gnutls_x509_crt_import(crt, &dsa_cert_dat,
GNUTLS_X509_FMT_PEM);
if (ret < 0)
return 1;
ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
if (ret < 0)
return 1;
ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_DSA_SHA1, 0, &data, &sig);
if (ret < 0 && ret != GNUTLS_E_PK_SIG_VERIFY_FAILED)
return 1;
//printf ("success!\n");
gnutls_x509_crt_deinit(crt);
gnutls_pubkey_deinit(pubkey);
gnutls_global_deinit();
return 0;
}
static gnutls_pubkey_t _load_url_pubkey(const char *url)
{
int ret;
gnutls_pubkey_t pubkey;
unsigned int obj_flags = 0;
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0) {
fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pubkey_import_url(pubkey, url, obj_flags);
if (ret < 0) {
fprintf(stderr, "Error in %s:%d: %s: %s\n", __func__,
__LINE__, gnutls_strerror(ret), url);
exit(1);
}
return pubkey;
}
static void dane_info(const char *host, const char *proto,
unsigned int port, unsigned int ca,
unsigned int domain, common_info_st * cinfo)
{
gnutls_pubkey_t pubkey;
gnutls_x509_crt_t crt;
unsigned char digest[64];
gnutls_datum_t t;
int ret;
unsigned int usage, selector, type;
size_t size;
if (proto == NULL)
proto = "tcp";
if (port == 0)
port = 443;
crt = load_cert(0, cinfo);
if (crt != NULL && HAVE_OPT(X509)) {
selector = 0; /* X.509 */
size = lbuffer_size;
ret =
gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_DER,
lbuffer, &size);
if (ret < 0) {
fprintf(stderr, "export error: %s\n",
gnutls_strerror(ret));
exit(1);
}
gnutls_x509_crt_deinit(crt);
} else { /* use public key only */
selector = 1;
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0) {
fprintf(stderr, "pubkey_init: %s\n",
gnutls_strerror(ret));
exit(1);
}
if (crt != NULL) {
ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
if (ret < 0) {
fprintf(stderr, "pubkey_import_x509: %s\n",
gnutls_strerror(ret));
exit(1);
}
size = lbuffer_size;
ret =
gnutls_pubkey_export(pubkey,
GNUTLS_X509_FMT_DER,
lbuffer, &size);
if (ret < 0) {
fprintf(stderr, "pubkey_export: %s\n",
gnutls_strerror(ret));
exit(1);
}
gnutls_x509_crt_deinit(crt);
} else {
pubkey = load_pubkey(1, cinfo);
size = lbuffer_size;
ret =
gnutls_pubkey_export(pubkey,
GNUTLS_X509_FMT_DER,
lbuffer, &size);
if (ret < 0) {
fprintf(stderr, "export error: %s\n",
gnutls_strerror(ret));
exit(1);
}
}
gnutls_pubkey_deinit(pubkey);
}
if (default_dig != GNUTLS_DIG_SHA256
&& default_dig != GNUTLS_DIG_SHA512) {
if (default_dig != GNUTLS_DIG_UNKNOWN)
fprintf(stderr,
"Unsupported digest. Assuming SHA256.\n");
default_dig = GNUTLS_DIG_SHA256;
}
ret = gnutls_hash_fast(default_dig, lbuffer, size, digest);
if (ret < 0) {
fprintf(stderr, "hash error: %s\n", gnutls_strerror(ret));
exit(1);
}
if (default_dig == GNUTLS_DIG_SHA256)
type = 1;
else
type = 2;
/* DANE certificate classification crap */
if (domain == 0) {
if (ca)
usage = 0;
else
usage = 1;
} else {
if (ca)
usage = 2;
else
usage = 3;
}
t.data = digest;
t.size = gnutls_hash_get_len(default_dig);
size = lbuffer_size;
ret = gnutls_hex_encode(&t, (void *) lbuffer, &size);
if (ret < 0) {
fprintf(stderr, "hex encode error: %s\n",
gnutls_strerror(ret));
exit(1);
}
fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n",
port, proto, host, usage, selector, type, lbuffer);
}
const void *
eet_identity_check(const void *data_base,
unsigned int data_length,
void **sha1,
int *sha1_length,
const void *signature_base,
unsigned int signature_length,
const void **raw_signature_base,
unsigned int *raw_signature_length,
int *x509_length)
{
#ifdef HAVE_SIGNATURE
const int *header = signature_base;
const unsigned char *sign;
const unsigned char *cert_der;
int sign_len;
int cert_len;
int magic;
/* At least the header size */
if (signature_length < sizeof(int) * 3)
return NULL;
if (!emile_cipher_init()) return NULL;
/* Get the header */
memcpy(&magic, header, sizeof(int));
memcpy(&sign_len, header+1, sizeof(int));
memcpy(&cert_len, header+2, sizeof(int));
magic = ntohl(magic);
sign_len = ntohl(sign_len);
cert_len = ntohl(cert_len);
/* Verify the header */
if (magic != EET_MAGIC_SIGN)
return NULL;
if (sign_len + cert_len + sizeof(int) * 3 > signature_length)
return NULL;
/* Update the signature and certificate pointer */
sign = (unsigned char *)signature_base + sizeof(int) * 3;
cert_der = sign + sign_len;
# ifdef HAVE_GNUTLS
gnutls_x509_crt_t cert;
gnutls_datum_t datum;
gnutls_datum_t signature;
gnutls_pubkey_t pubkey;
unsigned char *hash;
gcry_md_hd_t md;
int err;
/* Create an understanding certificate structure for gnutls */
datum.data = (void *)cert_der;
datum.size = cert_len;
gnutls_x509_crt_init(&cert);
gnutls_x509_crt_import(cert, &datum, GNUTLS_X509_FMT_DER);
signature.data = (void *)sign;
signature.size = sign_len;
/* Verify the signature */
/*
I am waiting for my patch being accepted in GnuTLS release.
But we now have a way to prevent double computation of SHA1.
*/
err = gcry_md_open (&md, GCRY_MD_SHA1, 0);
if (err < 0)
return NULL;
gcry_md_write(md, data_base, data_length);
hash = gcry_md_read(md, GCRY_MD_SHA1);
if (!hash)
goto on_error;
datum.size = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
datum.data = hash;
if (gnutls_pubkey_init(&pubkey) < 0)
goto on_error;
if (gnutls_pubkey_import_x509(pubkey, cert, 0) < 0)
goto on_error;
if (gnutls_pubkey_verify_hash2(pubkey,
gnutls_x509_crt_get_signature_algorithm(cert),
0,
&datum, &signature) < 0)
goto on_error;
if (sha1)
{
*sha1 = malloc(datum.size);
if (!*sha1) goto on_error;
memcpy(*sha1, hash, datum.size);
*sha1_length = datum.size;
}
gcry_md_close(md);
gnutls_x509_crt_deinit(cert);
# else /* ifdef HAVE_GNUTLS */
const unsigned char *tmp;
EVP_PKEY *pkey;
X509 *x509;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX *md_ctx;
#else
EVP_MD_CTX md_ctx;
#endif
int err;
/* Strange but d2i_X509 seems to put 0 all over the place. */
tmp = alloca(cert_len);
memcpy((char *)tmp, cert_der, cert_len);
x509 = d2i_X509(NULL, &tmp, cert_len);
if (!x509)
return NULL;
/* Get public key - eay */
pkey = X509_get_pubkey(x509);
if (!pkey)
{
X509_free(x509);
return NULL;
}
/* Verify the signature */
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
md_ctx = EVP_MD_CTX_new();
EVP_VerifyInit(md_ctx, EVP_sha1());
EVP_VerifyUpdate(md_ctx, data_base, data_length);
err = EVP_VerifyFinal(md_ctx, sign, sign_len, pkey);
EVP_MD_CTX_free(md_ctx);
#else
EVP_VerifyInit(&md_ctx, EVP_sha1());
EVP_VerifyUpdate(&md_ctx, data_base, data_length);
err = EVP_VerifyFinal(&md_ctx, sign, sign_len, pkey);
EVP_MD_CTX_cleanup(&md_ctx);
#endif
X509_free(x509);
EVP_PKEY_free(pkey);
if (sha1)
{
*sha1 = NULL;
*sha1_length = -1;
}
if (err != 1)
return NULL;
# endif /* ifdef HAVE_GNUTLS */
if (x509_length)
*x509_length = cert_len;
if (raw_signature_base)
*raw_signature_base = sign;
if (raw_signature_length)
*raw_signature_length = sign_len;
return cert_der;
# ifdef HAVE_GNUTLS
on_error:
gcry_md_close(md);
return NULL;
# endif
#else /* ifdef HAVE_SIGNATURE */
data_base = NULL;
data_length = 0;
sha1 = NULL;
sha1_length = NULL;
signature_base = NULL;
signature_length = 0;
raw_signature_base = NULL;
raw_signature_length = NULL;
x509_length = NULL;
return NULL;
#endif /* ifdef HAVE_SIGNATURE */
}
void doit(void)
{
int ret;
const char *lib;
gnutls_privkey_t key;
gnutls_pubkey_t pub;
gnutls_datum_t m1, e1;
gnutls_datum_t m2, e2;
ret = global_init();
if (ret != 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
gnutls_global_set_log_function(tls_log_func);
if (debug)
gnutls_global_set_log_level(4711);
lib = getenv("P11MOCKLIB1");
if (lib == NULL)
lib = P11LIB;
ret = gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL);
if (ret != 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pkcs11_add_provider(lib, NULL);
if (ret != 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_privkey_init(&key);
assert(ret>=0);
ret = gnutls_pubkey_init(&pub);
assert(ret>=0);
gnutls_privkey_set_pin_function(key, pin_func, NULL);
ret = gnutls_privkey_import_url(key, "pkcs11:object=test", GNUTLS_PKCS11_OBJ_FLAG_LOGIN);
if (ret < 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pubkey_import_privkey(pub, key, 0, 0);
if (ret < 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pubkey_export_rsa_raw(pub, &m1, &e1);
if (ret < 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
gnutls_pubkey_deinit(pub);
gnutls_privkey_deinit(key);
/* try again using gnutls_pubkey_import_url */
ret = gnutls_pubkey_init(&pub);
assert(ret>=0);
ret = gnutls_pubkey_import_url(pub, "pkcs11:object=test;type=public", 0);
if (ret < 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pubkey_export_rsa_raw(pub, &m2, &e2);
if (ret < 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
exit(1);
}
assert(m1.size == m2.size);
assert(e1.size == e2.size);
assert(memcmp(e1.data, e2.data, e2.size)==0);
assert(memcmp(m1.data, m2.data, m2.size)==0);
gnutls_pubkey_deinit(pub);
gnutls_free(m1.data);
gnutls_free(e1.data);
gnutls_free(m2.data);
gnutls_free(e2.data);
gnutls_pkcs11_deinit();
gnutls_global_deinit();
}
int
_pkcs11_privkey_get_pubkey (gnutls_pkcs11_privkey_t pkey, gnutls_pubkey_t *pub, unsigned flags)
{
gnutls_pubkey_t pubkey = NULL;
gnutls_pkcs11_obj_t obj = NULL;
ck_key_type_t key_type;
int ret;
PKCS11_CHECK_INIT_PRIVKEY(pkey);
if (!pkey) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = gnutls_pkcs11_obj_init(&obj);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
obj->pk_algorithm = gnutls_pkcs11_privkey_get_pk_algorithm(pkey, 0);
obj->type = GNUTLS_PKCS11_OBJ_PUBKEY;
pk_to_genmech(obj->pk_algorithm, &key_type);
gnutls_pubkey_set_pin_function(pubkey, pkey->pin.cb, pkey->pin.data);
/* we can only read the public key from RSA keys */
if (key_type != CKK_RSA) {
/* try opening the public key object if it exists */
ret = load_pubkey_obj(pkey, pubkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
} else {
ret = pkcs11_read_pubkey(pkey->sinfo.module, pkey->sinfo.pks, pkey->ref, key_type, obj);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_import_pkcs11(pubkey, obj, 0);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
}
*pub = pubkey;
pubkey = NULL;
ret = 0;
cleanup:
if (obj != NULL)
gnutls_pkcs11_obj_deinit(obj);
if (pubkey != NULL)
gnutls_pubkey_deinit(pubkey);
return ret;
}
static int x509_crt_to_raw_pubkey(const gnutls_datum_t * cert, gnutls_datum_t *rpubkey)
{
gnutls_x509_crt_t crt = NULL;
gnutls_pubkey_t pubkey = NULL;
size_t size;
int ret;
ret = gnutls_x509_crt_init(&crt);
if (ret < 0)
return gnutls_assert_val(ret);
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
ret = gnutls_x509_crt_import(crt, cert, GNUTLS_X509_FMT_DER);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_import_x509 (pubkey, crt, 0);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
size = 0;
ret = gnutls_pubkey_export(pubkey, GNUTLS_X509_FMT_DER, NULL, &size);
if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
{
gnutls_assert();
goto cleanup;
}
rpubkey->data = gnutls_malloc(size);
if (rpubkey->data == NULL)
if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
{
ret = GNUTLS_E_MEMORY_ERROR;
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_export(pubkey, GNUTLS_X509_FMT_DER, rpubkey->data, &size);
if (ret < 0)
{
gnutls_free(rpubkey->data);
gnutls_assert();
goto cleanup;
}
rpubkey->size = size;
ret = 0;
cleanup:
gnutls_x509_crt_deinit(crt);
gnutls_pubkey_deinit(pubkey);
return ret;
}
int
main(int argc, char *argv[])
{
int ret = 1;
int i;
gnutls_pubkey_t pubkey = NULL;
gnutls_x509_privkey_t sigkey = NULL;
gnutls_x509_crt_t sigcert = NULL;
gnutls_x509_crt_t crt = NULL;
const char *pubkey_filename = NULL;
const char *sigkey_filename = NULL;
const char *cert_filename = NULL;
const char *modulus_str = NULL;
const char *issuercert_filename = NULL;
unsigned char *modulus_bin = NULL;
int modulus_len = 0;
gnutls_datum_t datum = { NULL, 0}, out = { NULL, 0};
int serial = 1;
time_t now;
int err;
FILE *cert_file;
char *subject = NULL;
const char *error = NULL;
int days = 365;
char *sigkeypass = NULL;
uint32_t ser_number;
long int exponent = 0x10001;
bool write_pem = false;
uint8_t id[512];
size_t id_size = sizeof(id);
enum cert_type_t certtype = CERT_TYPE_EK;
const char *oid;
unsigned int key_usage;
char *tpm_manufacturer = NULL;
char *tpm_version = NULL;
char *tpm_model = NULL;
char *platf_manufacturer = NULL;
char *platf_version = NULL;
char *platf_model = NULL;
i = 1;
while (i < argc) {
if (!strcmp(argv[i], "--pubkey")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --pubkey.\n");
goto cleanup;
}
pubkey_filename = argv[i];
} else if (!strcmp(argv[i], "--modulus")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --modulus.\n");
goto cleanup;
}
modulus_str = argv[i];
if (!(modulus_bin = hex_str_to_bin(modulus_str, &modulus_len))) {
goto cleanup;
}
} else if (!strcmp(argv[i], "--exponent")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --exponent.\n");
goto cleanup;
}
exponent = strtol(argv[i], NULL, 0);
if (exponent == 0) {
fprintf(stderr, "Exponent is wrong and cannot be 0.\n");
goto cleanup;
}
if (exponent > UINT_MAX) {
fprintf(stderr, "Exponent must fit into 32bits.\n");
goto cleanup;
}
} else if (!strcmp(argv[i], "--signkey")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --signkey.\n");
goto cleanup;
}
sigkey_filename = argv[i];
} else if (!strcmp(argv[i], "--signkey-password")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --signkey-password.\n");
goto cleanup;
}
sigkeypass = argv[i];
} else if (!strcmp(argv[i], "--issuercert")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --issuercert.\n");
goto cleanup;
}
issuercert_filename = argv[i];
} else if (!strcmp(argv[i], "--out-cert")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --out-cert.\n");
goto cleanup;
}
cert_filename = argv[i];
} else if (!strcmp(argv[i], "--subject")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --subject.\n");
goto cleanup;
}
subject = argv[i];
} else if (!strcmp(argv[i], "--days")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --days.\n");
goto cleanup;
}
days = atoi(argv[i]);
} else if (!strcmp(argv[i], "--serial")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --serial.\n");
goto cleanup;
}
serial = atoi(argv[i]);
} else if (!strcmp(argv[i], "--type")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --type.\n");
goto cleanup;
}
if (!strcasecmp(argv[i], "ek")) {
certtype = CERT_TYPE_EK;
} else if (!strcasecmp(argv[i], "platform")) {
certtype = CERT_TYPE_PLATFORM;
// } else if (!strcasecmp(argv[i], "aik")) {
// /* AIK cert needs EK cert as input */
// certtype = CERT_TYPE_AIK;
} else {
fprintf(stderr, "Unknown certificate type '%s'.\n",
argv[i]);
goto cleanup;
}
} else if (!strcmp(argv[i], "--tpm-manufacturer")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --tpm-manufacturer.\n");
goto cleanup;
}
tpm_manufacturer = argv[i];
} else if (!strcmp(argv[i], "--tpm-model")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --tpm-model.\n");
goto cleanup;
}
tpm_model = argv[i];
} else if (!strcmp(argv[i], "--tpm-version")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --tpm-version.\n");
goto cleanup;
}
tpm_version = argv[i];
} else if (!strcmp(argv[i], "--platform-manufacturer")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --platform-manufacturer.\n");
goto cleanup;
}
platf_manufacturer = argv[i];
} else if (!strcmp(argv[i], "--platform-model")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --platform-model.\n");
goto cleanup;
}
platf_model = argv[i];
} else if (!strcmp(argv[i], "--platform-version")) {
i++;
if (i == argc) {
fprintf(stderr, "Missing argument for --platform-version.\n");
goto cleanup;
}
platf_version = argv[i];
} else if (!strcmp(argv[i], "--pem")) {
write_pem = true;
} else if (!strcmp(argv[i], "--help")) {
usage(argv[0]);
exit(0);
} else {
fprintf(stderr, "Unknown command line parameter '%s'.\n", argv[i]);
usage(argv[0]);
exit(1);
}
i++;
}
ser_number = htonl(serial);
if (pubkey_filename == NULL && modulus_bin == NULL) {
fprintf(stderr, "Missing public EK file and modulus.\n");
usage(argv[0]);
goto cleanup;
}
if (issuercert_filename == NULL) {
fprintf(stderr, "The issuer certificate name is required.\n");
goto cleanup;
}
switch (certtype) {
case CERT_TYPE_EK:
case CERT_TYPE_PLATFORM:
if (tpm_manufacturer == NULL ||
tpm_model == NULL ||
tpm_version == NULL) {
fprintf(stderr, "--tpm-manufacturer and --tpm-model and "
"--tpm version "
"must all be provided\n");
goto cleanup;
}
break;
case CERT_TYPE_AIK:
break;
}
switch (certtype) {
case CERT_TYPE_PLATFORM:
if (platf_manufacturer == NULL ||
platf_model == NULL ||
platf_version == NULL) {
fprintf(stderr, "--platform-manufacturer and --platform-model and "
"--platform version "
"must all be provided\n");
goto cleanup;
}
break;
case CERT_TYPE_EK:
case CERT_TYPE_AIK:
break;
}
err = gnutls_global_init();
if (err < 0) {
fprintf(stderr, "gnutls_global_init failed.\n");
goto cleanup;
}
gnutls_x509_privkey_init(&sigkey);
if (pubkey_filename) {
gnutls_pubkey_init(&pubkey);
err = gnutls_load_file(pubkey_filename, &datum);
if (err != GNUTLS_E_SUCCESS) {
fprintf(stderr, "Could not open file for EK public key: %s\n",
strerror(errno));
goto cleanup;
}
err = gnutls_pubkey_import(pubkey, &datum, GNUTLS_X509_FMT_PEM);
gnutls_free(datum.data);
datum.data = NULL;
if (err != GNUTLS_E_SUCCESS) {
fprintf(stderr, "Could not import EK.\n");
goto cleanup;
}
} else {
pubkey = create_rsa_from_modulus(modulus_bin, modulus_len,
exponent);
free(modulus_bin);
modulus_bin = NULL;
if (pubkey == NULL)
goto cleanup;
}
/* all types of keys must have pubkey set now otherwise the signing
will not work */
if (sigkey_filename == NULL) {
fprintf(stderr, "Missing signature key.\n");
usage(argv[0]);
exit(1);
}
#define CHECK_GNUTLS_ERROR(_err, _msg, ...) \
if (_err != GNUTLS_E_SUCCESS) { \
fprintf(stderr, _msg, __VA_ARGS__); \
goto cleanup; \
}
err = gnutls_load_file(sigkey_filename, &datum);
CHECK_GNUTLS_ERROR(err, "Could not read signing key from file %s: %s\n",
sigkey_filename, gnutls_strerror(err));
if (sigkeypass) {
err = gnutls_x509_privkey_import2(sigkey, &datum, GNUTLS_X509_FMT_PEM,
sigkeypass, 0);
} else {
err = gnutls_x509_privkey_import(sigkey, &datum, GNUTLS_X509_FMT_PEM);
}
gnutls_free(datum.data);
datum.data = NULL;
CHECK_GNUTLS_ERROR(err, "Could not import signing key : %s\n",
gnutls_strerror(err));
err = gnutls_load_file(issuercert_filename, &datum);
CHECK_GNUTLS_ERROR(err, "Could not read certificate from file %s : %s\n",
issuercert_filename, gnutls_strerror(err));
gnutls_x509_crt_init(&sigcert);
err = gnutls_x509_crt_import(sigcert, &datum, GNUTLS_X509_FMT_PEM);
gnutls_free(datum.data);
datum.data = NULL;
CHECK_GNUTLS_ERROR(err, "Could not import issuer certificate: %s\n",
gnutls_strerror(err));
err = gnutls_x509_crt_init(&crt);
CHECK_GNUTLS_ERROR(err, "CRT init failed: %s\n", gnutls_strerror(err))
/* 3.5.1 Version */
err = gnutls_x509_crt_set_version(crt, 3);
CHECK_GNUTLS_ERROR(err, "Could not set version on CRT: %s\n",
gnutls_strerror(err))
/* 3.5.2 Serial Number */
err = gnutls_x509_crt_set_serial(crt, &ser_number, sizeof(ser_number));
CHECK_GNUTLS_ERROR(err, "Could not set serial on CRT: %s\n",
gnutls_strerror(err))
/* 3.5.5 Validity */
now = time(NULL);
err = gnutls_x509_crt_set_activation_time(crt, now);
CHECK_GNUTLS_ERROR(err, "Could not set activation time on CRT: %s\n",
gnutls_strerror(err))
err = gnutls_x509_crt_set_expiration_time(crt,
now + (time_t)days * 24 * 60 * 60);
CHECK_GNUTLS_ERROR(err, "Could not set expiration time on CRT: %s\n",
gnutls_strerror(err))
/* 3.5.6 Subject -- should be empty, but we allow it anyway */
if (subject) {
err = gnutls_x509_crt_set_dn(crt, subject, &error);
CHECK_GNUTLS_ERROR(err,
"Could not set DN on CRT: %s\n"
"DN '%s must be fault after %s\n.'",
gnutls_strerror(err),
subject, error)
}
/* 3.5.7 Public Key Info */
switch (certtype) {
case CERT_TYPE_EK:
oid = "1.2.840.113549.1.1.7";
break;
case CERT_TYPE_PLATFORM:
oid = NULL;
break;
case CERT_TYPE_AIK:
oid = "1.2.840.113549.1.1.1";
break;
default:
fprintf(stderr, "Internal error: unhandle case in line %d\n",
__LINE__);
goto cleanup;
}
if (oid) {
err = gnutls_x509_crt_set_key_purpose_oid(crt, oid, 0);
CHECK_GNUTLS_ERROR(err, "Could not set key purpose on CRT: %s\n",
gnutls_strerror(err))
}
/* 3.5.8 Certificate Policies -- skip since not mandated */
/* 3.5.9 Subject Alternative Names -- missing code */
err = create_tpm_manufacturer_info(tpm_manufacturer, tpm_model,
tpm_version, &datum);
if (!err && datum.size > 0) {
/*
* GNUTLS's write_new_general_name can only handle a few GNUTLS_SAN_*
* -> we have to use GNUTLS_SAN_URI
*/
err = gnutls_x509_crt_set_subject_alt_name(crt,
GNUTLS_SAN_URI,
datum.data, datum.size,
GNUTLS_FSAN_SET);
CHECK_GNUTLS_ERROR(err, "Could not set subject alt name: %s\n",
gnutls_strerror(err))
}
static gnutls_pubkey_t
create_rsa_from_modulus(unsigned char *modulus, unsigned int modulus_len,
uint32_t exponent)
{
unsigned char exp_array[4];
uint32_t exponent_no = htonl(exponent);
gnutls_pubkey_t rsa = NULL;
gnutls_datum_t mod;
gnutls_datum_t exp = {
.data = exp_array,
.size = sizeof(exp_array),
};
int err;
memcpy(exp_array, &exponent_no, sizeof(exp_array));
err = gnutls_pubkey_init(&rsa);
if (err < 0) {
fprintf(stderr, "Could not initialized public key structure : %s\n",
gnutls_strerror(err));
return NULL;
}
mod.data = modulus;
mod.size = modulus_len;
err = gnutls_pubkey_import_rsa_raw(rsa, &mod, &exp);
if (err < 0) {
fprintf(stderr, "Could not set modulus and exponent on RSA key : %s\n",
gnutls_strerror(err));
gnutls_pubkey_deinit(rsa);
rsa = NULL;
}
return rsa;
}
static int
asn_init()
{
static bool inited;
int err;
if (inited)
return ASN1_SUCCESS;
err = asn1_array2tree(tpm_asn1_tab, &_tpm_asn, NULL);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "array2tree error: %d", err);
goto cleanup;
}
inited = true;
cleanup:
return err;
}
static int
create_tpm_manufacturer_info(const char *manufacturer,
const char *tpm_model,
const char *tpm_version,
gnutls_datum_t *asn1)
{
ASN1_TYPE at = ASN1_TYPE_EMPTY;
int err;
err = asn_init();
if (err != ASN1_SUCCESS) {
goto cleanup;
}
err = asn1_create_element(_tpm_asn, "TPM.TPMManufacturerInfo", &at);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "asn1_create_element error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmManufacturer.id", "2.23.133.2.1", 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "1. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmManufacturer.manufacturer",
manufacturer, 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "2. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmModel.id", "2.23.133.2.2", 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "3. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmModel.model", manufacturer, 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "4. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmVersion.id", "2.23.133.2.3", 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "5. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmVersion.version", manufacturer, 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "6. asn1_write_value error: %d\n", err);
goto cleanup;
}
/* determine needed size of byte array */
asn1->size = 0;
err = asn1_der_coding(at, "", NULL, (int *)&asn1->size, NULL);
if (err != ASN1_MEM_ERROR) {
fprintf(stderr, "1. asn1_der_coding error: %d\n", err);
goto cleanup;
}
//fprintf(stderr, "size=%d\n", asn1->size);
asn1->data = gnutls_malloc(asn1->size + 16);
err = asn1_der_coding(at, "", asn1->data, (int *)&asn1->size, NULL);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "2. asn1_der_coding error: %d\n", err);
gnutls_free(asn1->data);
asn1->data = NULL;
goto cleanup;
}
#if 0
fprintf(stderr, "size=%d\n", asn1->size);
unsigned int i = 0;
for (i = 0; i < asn1->size; i++) {
fprintf(stderr, "%02x ", asn1->data[i]);
}
fprintf(stderr, "\n");
#endif
cleanup:
asn1_delete_structure(&at);
return err;
}
void Plugin::_loadCertificate()
{
QFile file(this->crtFile);
gnutls_datum_t datum;
size_t size = 2048;
QByteArray data;
gnutls_privkey_t privkey;
gnutls_pubkey_t pubkey;
gnutls_pubkey_t pubkeyCrt;
int error;
QMap<char *, QByteArray> oid;
gnutls_digest_algorithm_t digest;
if (!file.open(QIODevice::ReadWrite))
throw Properties("error", "Unable to open the certificate file").add("file", this->crtFile);
ASSERT_INIT(gnutls_x509_crt_init(&this->crt), "crt");
ASSERT(gnutls_privkey_init(&privkey));
ASSERT(gnutls_privkey_import_x509(privkey, this->key, 0));
ASSERT(gnutls_pubkey_init(&pubkey));
ASSERT(gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0));
// Verifies that the certificate is valid
if (file.size() > 0)
{
ASSERT(gnutls_pubkey_init(&pubkeyCrt));
data = file.readAll();
datum.size = data.size();
datum.data = (unsigned char *)data.data();
if (gnutls_x509_crt_import(this->crt, &datum, GNUTLS_X509_FMT_PEM) != GNUTLS_E_SUCCESS)
file.resize(0);
else if (gnutls_x509_crt_get_expiration_time(this->crt) < ::time(NULL) + CRT_EXPIRATION_REGEN)
file.resize(0);
else if (gnutls_pubkey_import_x509(pubkeyCrt, this->crt, 0) != GNUTLS_E_SUCCESS)
file.resize(0);
// Ensures that the public keys of the certificate and the private key match
size_t size1 = size, size2 = size;
QByteArray pub1((int)size1, 0), pub2((int)size2, 0);
if (gnutls_pubkey_export(pubkey, GNUTLS_X509_FMT_PEM, pub1.data(), &size1) != GNUTLS_E_SUCCESS
|| gnutls_pubkey_export(pubkeyCrt, GNUTLS_X509_FMT_PEM, pub2.data(), &size2) != GNUTLS_E_SUCCESS
|| size1 != size2 || pub1 != pub2)
file.resize(0);
gnutls_pubkey_deinit(pubkeyCrt);
}
// Generates a new certificate
if (file.size() == 0)
{
gnutls_x509_crt_deinit(this->crt);
this->init.removeAll("crt");
ASSERT_INIT(gnutls_x509_crt_init(&this->crt), "crt");
LOG_INFO("Generating a new certificate", "Plugin", "_generateCertificate");
oid.insert((char *)GNUTLS_OID_X520_COMMON_NAME, "LightBird");
oid.insert((char *)GNUTLS_OID_X520_ORGANIZATION_NAME, "LightBird");
QMapIterator<char *, QByteArray> it(oid);
while (it.hasNext())
ASSERT(gnutls_x509_crt_set_dn_by_oid(this->crt, it.key(), 0, it.value().data(), it.next().value().size()));
ASSERT(gnutls_x509_crt_set_pubkey(this->crt, pubkey));
data = this->_generateSerial();
ASSERT(gnutls_x509_crt_set_serial(this->crt, data.data(), data.size()));
ASSERT(gnutls_x509_crt_set_activation_time(this->crt, ::time(NULL)));
ASSERT(gnutls_x509_crt_set_expiration_time(this->crt, ::time(NULL) + CRT_EXPIRATION));
ASSERT(gnutls_x509_crt_set_basic_constraints(this->crt, 0, -1));
ASSERT(gnutls_x509_crt_set_key_purpose_oid(this->crt, GNUTLS_KP_TLS_WWW_SERVER, 0));
ASSERT(gnutls_x509_crt_set_key_usage(this->crt, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT));
data.resize((int)size);
ASSERT(gnutls_x509_crt_get_key_id(this->crt, 0, (unsigned char *)data.data(), &size));
ASSERT(gnutls_x509_crt_set_subject_key_id(this->crt, (unsigned char *)data.data(), size));
ASSERT(gnutls_x509_crt_set_version(this->crt, 3));
ASSERT(gnutls_pubkey_get_preferred_hash_algorithm(pubkey, &digest, NULL));
ASSERT(gnutls_x509_crt_privkey_sign(this->crt, this->crt, privkey, digest, 0));
size = data.size();
ASSERT(gnutls_x509_crt_export(this->crt, GNUTLS_X509_FMT_PEM, data.data(), &size));
data.resize((int)size);
file.write(data);
}
gnutls_pubkey_deinit(pubkey);
gnutls_privkey_deinit(privkey);
}
static gnutls_pubkey_t _load_pkcs11_pubkey(const char* url)
{
int ret;
gnutls_pkcs11_obj_t obj;
gnutls_x509_crt_t xcrt;
gnutls_pubkey_t pubkey;
unsigned int obj_flags = 0;
ret = gnutls_pubkey_init (&pubkey);
if (ret < 0)
{
fprintf (stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
gnutls_strerror (ret));
exit (1);
}
ret = gnutls_pkcs11_obj_init (&obj);
if (ret < 0)
{
fprintf (stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
gnutls_strerror (ret));
exit (1);
}
ret = gnutls_pkcs11_obj_import_url (obj, url, obj_flags);
if (ret < 0)
{
fprintf (stderr, "Error in %s:%d: %s: %s\n", __func__, __LINE__,
gnutls_strerror (ret), url);
exit (1);
}
switch (gnutls_pkcs11_obj_get_type (obj))
{
case GNUTLS_PKCS11_OBJ_X509_CRT:
ret = gnutls_x509_crt_init (&xcrt);
if (ret < 0)
{
fprintf (stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
gnutls_strerror (ret));
exit (1);
}
ret = gnutls_x509_crt_import_pkcs11 (xcrt, obj);
if (ret < 0)
{
fprintf (stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
gnutls_strerror (ret));
exit (1);
}
ret = gnutls_pubkey_import_x509 (pubkey, xcrt, 0);
if (ret < 0)
{
fprintf (stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
gnutls_strerror (ret));
exit (1);
}
gnutls_x509_crt_deinit (xcrt);
break;
case GNUTLS_PKCS11_OBJ_PUBKEY:
ret = gnutls_pubkey_import_pkcs11 (pubkey, obj, 0);
if (ret < 0)
{
fprintf (stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
gnutls_strerror (ret));
exit (1);
}
break;
default:
{
fprintf(stderr, "Unsupported PKCS #11 object\n");
exit (1);
break;
}
}
gnutls_pkcs11_obj_deinit (obj);
return pubkey;
}
/**
* gnutls_pkcs11_privkey_generate2:
* @url: a token URL
* @pk: the public key algorithm
* @bits: the security bits
* @label: a label
* @fmt: the format of output params. PEM or DER.
* @pubkey: will hold the public key (may be %NULL)
* @flags: should be zero
*
* This function will generate a private key in the specified
* by the @url token. The private key will be generate within
* the token and will not be exportable. This function will
* store the DER-encoded public key in the SubjectPublicKeyInfo format
* in @pubkey. The @pubkey should be deinitialized using gnutls_free().
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.1.5
**/
int
gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk,
unsigned int bits, const char *label,
gnutls_x509_crt_fmt_t fmt,
gnutls_datum_t * pubkey,
unsigned int flags)
{
int ret;
const ck_bool_t tval = 1;
const ck_bool_t fval = 0;
struct pkcs11_session_info sinfo;
struct p11_kit_uri *info = NULL;
ck_rv_t rv;
struct ck_attribute a[10], p[10];
ck_object_handle_t pub, priv;
unsigned long _bits = bits;
int a_val, p_val;
struct ck_mechanism mech;
gnutls_pubkey_t pkey = NULL;
gnutls_pkcs11_obj_t obj = NULL;
PKCS11_CHECK_INIT;
memset(&sinfo, 0, sizeof(sinfo));
ret = pkcs11_url_to_info(url, &info);
if (ret < 0) {
gnutls_assert();
return ret;
}
ret =
pkcs11_open_session(&sinfo, NULL, info,
SESSION_WRITE |
pkcs11_obj_flags_to_int(flags));
p11_kit_uri_free(info);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
/* a holds the public key template
* and p the private key */
a_val = p_val = 0;
mech.parameter = NULL;
mech.parameter_len = 0;
mech.mechanism = pk_to_genmech(pk);
switch (pk) {
case GNUTLS_PK_RSA:
p[p_val].type = CKA_DECRYPT;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
p[p_val].type = CKA_SIGN;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
a[a_val].type = CKA_ENCRYPT;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
a[a_val].type = CKA_VERIFY;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
a[a_val].type = CKA_MODULUS_BITS;
a[a_val].value = &_bits;
a[a_val].value_len = sizeof(_bits);
a_val++;
break;
case GNUTLS_PK_DSA:
p[p_val].type = CKA_SIGN;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
a[a_val].type = CKA_VERIFY;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
a[a_val].type = CKA_MODULUS_BITS;
a[a_val].value = &_bits;
a[a_val].value_len = sizeof(_bits);
a_val++;
break;
case GNUTLS_PK_EC:
p[p_val].type = CKA_SIGN;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
a[a_val].type = CKA_VERIFY;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
a[a_val].type = CKA_MODULUS_BITS;
a[a_val].value = &_bits;
a[a_val].value_len = sizeof(_bits);
a_val++;
break;
default:
ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
goto cleanup;
}
/* a private key is set always as private unless
* requested otherwise
*/
if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE) {
p[p_val].type = CKA_PRIVATE;
p[p_val].value = (void *) &fval;
p[p_val].value_len = sizeof(fval);
p_val++;
} else {
p[p_val].type = CKA_PRIVATE;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
}
p[p_val].type = CKA_TOKEN;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
if (label) {
p[p_val].type = CKA_LABEL;
p[p_val].value = (void *) label;
p[p_val].value_len = strlen(label);
p_val++;
a[a_val].type = CKA_LABEL;
a[a_val].value = (void *) label;
a[a_val].value_len = strlen(label);
a_val++;
}
if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE) {
p[p_val].type = CKA_SENSITIVE;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
} else {
p[p_val].type = CKA_SENSITIVE;
p[p_val].value = (void *) &fval;
p[p_val].value_len = sizeof(fval);
p_val++;
}
rv = pkcs11_generate_key_pair(sinfo.module, sinfo.pks, &mech, a,
a_val, p, p_val, &pub, &priv);
if (rv != CKR_OK) {
gnutls_assert();
_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
ret = pkcs11_rv_to_err(rv);
goto cleanup;
}
/* extract the public key */
if (pubkey) {
ret = gnutls_pubkey_init(&pkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = gnutls_pkcs11_obj_init(&obj);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
obj->pk_algorithm = pk;
obj->type = GNUTLS_PKCS11_OBJ_PUBKEY;
ret =
pkcs11_read_pubkey(sinfo.module, sinfo.pks, pub,
mech.mechanism, obj->pubkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_import_pkcs11(pkey, obj, 0);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_export2(pkey, fmt, pubkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
}
cleanup:
if (obj != NULL)
gnutls_pkcs11_obj_deinit(obj);
if (pkey != NULL)
gnutls_pubkey_deinit(pkey);
if (sinfo.pks != 0)
pkcs11_close_session(&sinfo);
return ret;
}
void doit(void)
{
int ret;
unsigned int mode;
gnutls_cipher_hd_t ch;
gnutls_hmac_hd_t mh;
gnutls_session_t session;
gnutls_pubkey_t pubkey;
gnutls_x509_privkey_t xprivkey;
gnutls_privkey_t privkey;
gnutls_datum_t key = { key16, sizeof(key16) };
gnutls_datum_t iv = { iv16, sizeof(iv16) };
fprintf(stderr,
"Please note that if in FIPS140 mode, you need to assure the library's integrity prior to running this test\n");
gnutls_global_set_log_function(tls_log_func);
if (debug)
gnutls_global_set_log_level(4711);
mode = gnutls_fips140_mode_enabled();
if (mode == 0) {
success("We are not in FIPS140 mode\n");
exit(77);
}
ret = global_init();
if (ret < 0) {
fail("Cannot initialize library\n");
}
/* Try crypto.h functionality */
ret =
gnutls_cipher_init(&ch, GNUTLS_CIPHER_AES_128_CBC, &key, &iv);
if (ret < 0) {
fail("gnutls_cipher_init failed\n");
}
gnutls_cipher_deinit(ch);
ret = gnutls_hmac_init(&mh, GNUTLS_MAC_SHA1, key.data, key.size);
if (ret < 0) {
fail("gnutls_hmac_init failed\n");
}
gnutls_hmac_deinit(mh, NULL);
ret = gnutls_rnd(GNUTLS_RND_NONCE, key16, sizeof(key16));
if (ret < 0) {
fail("gnutls_rnd failed\n");
}
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0) {
fail("gnutls_pubkey_init failed\n");
}
gnutls_pubkey_deinit(pubkey);
ret = gnutls_privkey_init(&privkey);
if (ret < 0) {
fail("gnutls_privkey_init failed\n");
}
gnutls_privkey_deinit(privkey);
ret = gnutls_x509_privkey_init(&xprivkey);
if (ret < 0) {
fail("gnutls_privkey_init failed\n");
}
gnutls_x509_privkey_deinit(xprivkey);
ret = gnutls_init(&session, 0);
if (ret < 0) {
fail("gnutls_init failed\n");
}
gnutls_deinit(session);
/* Test when FIPS140 is set to error state */
_gnutls_lib_simulate_error();
/* Try crypto.h functionality */
ret =
gnutls_cipher_init(&ch, GNUTLS_CIPHER_AES_128_CBC, &key, &iv);
if (ret >= 0) {
fail("gnutls_cipher_init succeeded when in FIPS140 error state\n");
}
ret = gnutls_hmac_init(&mh, GNUTLS_MAC_SHA1, key.data, key.size);
if (ret >= 0) {
fail("gnutls_hmac_init succeeded when in FIPS140 error state\n");
}
ret = gnutls_rnd(GNUTLS_RND_NONCE, key16, sizeof(key16));
if (ret >= 0) {
fail("gnutls_rnd succeeded when in FIPS140 error state\n");
}
ret = gnutls_pubkey_init(&pubkey);
if (ret >= 0) {
fail("gnutls_pubkey_init succeeded when in FIPS140 error state\n");
}
ret = gnutls_privkey_init(&privkey);
if (ret >= 0) {
fail("gnutls_privkey_init succeeded when in FIPS140 error state\n");
}
ret = gnutls_x509_privkey_init(&xprivkey);
if (ret >= 0) {
fail("gnutls_x509_privkey_init succeeded when in FIPS140 error state\n");
}
ret = gnutls_init(&session, 0);
if (ret >= 0) {
fail("gnutls_init succeeded when in FIPS140 error state\n");
}
gnutls_global_deinit();
return;
}
static int pgp_crt_to_raw_pubkey(const gnutls_datum_t * cert, gnutls_datum_t *rpubkey)
{
#ifdef ENABLE_OPENPGP
gnutls_openpgp_crt_t crt = NULL;
gnutls_pubkey_t pubkey = NULL;
size_t size;
int ret;
ret = gnutls_openpgp_crt_init(&crt);
if (ret < 0)
return gnutls_assert_val(ret);
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
ret = gnutls_openpgp_crt_import(crt, cert, GNUTLS_OPENPGP_FMT_RAW);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_import_openpgp (pubkey, crt, 0);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
size = 0;
ret = gnutls_pubkey_export(pubkey, GNUTLS_X509_FMT_DER, NULL, &size);
if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
{
gnutls_assert();
goto cleanup;
}
rpubkey->data = gnutls_malloc(size);
if (rpubkey->data == NULL)
if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
{
ret = GNUTLS_E_MEMORY_ERROR;
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_export(pubkey, GNUTLS_X509_FMT_DER, rpubkey->data, &size);
if (ret < 0)
{
gnutls_free(rpubkey->data);
gnutls_assert();
goto cleanup;
}
rpubkey->size = size;
ret = 0;
cleanup:
gnutls_openpgp_crt_deinit(crt);
gnutls_pubkey_deinit(pubkey);
return ret;
#else
return GNUTLS_E_UNIMPLEMENTED_FEATURE;
#endif
}
/**
* gnutls_pkcs11_privkey_generate3:
* @url: a token URL
* @pk: the public key algorithm
* @bits: the security bits
* @label: a label
* @cid: The CKA_ID to use for the new object
* @fmt: the format of output params. PEM or DER
* @pubkey: will hold the public key (may be %NULL)
* @key_usage: One of GNUTLS_KEY_*
* @flags: zero or an OR'ed sequence of %GNUTLS_PKCS11_OBJ_FLAGs
*
* This function will generate a private key in the specified
* by the @url token. The private key will be generate within
* the token and will not be exportable. This function will
* store the DER-encoded public key in the SubjectPublicKeyInfo format
* in @pubkey. The @pubkey should be deinitialized using gnutls_free().
*
* Note that when generating an elliptic curve key, the curve
* can be substituted in the place of the bits parameter using the
* GNUTLS_CURVE_TO_BITS() macro.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.4.0
**/
int
gnutls_pkcs11_privkey_generate3(const char *url, gnutls_pk_algorithm_t pk,
unsigned int bits, const char *label,
const gnutls_datum_t *cid,
gnutls_x509_crt_fmt_t fmt,
gnutls_datum_t * pubkey,
unsigned int key_usage,
unsigned int flags)
{
int ret;
const ck_bool_t tval = 1;
const ck_bool_t fval = 0;
struct pkcs11_session_info sinfo;
struct p11_kit_uri *info = NULL;
ck_rv_t rv;
struct ck_attribute a[22], p[22];
ck_object_handle_t pub_ctx, priv_ctx;
unsigned long _bits = bits;
int a_val, p_val;
struct ck_mechanism mech;
gnutls_pubkey_t pkey = NULL;
gnutls_pkcs11_obj_t obj = NULL;
gnutls_datum_t der = {NULL, 0};
ck_key_type_t key_type;
uint8_t id[20];
struct dsa_params dsa_params;
PKCS11_CHECK_INIT;
FIX_KEY_USAGE(pk, key_usage);
memset(&sinfo, 0, sizeof(sinfo));
ret = pkcs11_url_to_info(url, &info, 0);
if (ret < 0) {
gnutls_assert();
return ret;
}
ret =
pkcs11_open_session(&sinfo, NULL, info,
SESSION_WRITE |
pkcs11_obj_flags_to_int(flags));
p11_kit_uri_free(info);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
/* a holds the public key template
* and p the private key */
a_val = p_val = 0;
mech.parameter = NULL;
mech.parameter_len = 0;
mech.mechanism = pk_to_genmech(pk, &key_type);
if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY)) {
a[a_val].type = CKA_TOKEN;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
a[a_val].type = CKA_PRIVATE;
a[a_val].value = (void *) &fval;
a[a_val].value_len = sizeof(fval);
a_val++;
}
a[a_val].type = CKA_ID;
if (cid == NULL || cid->size == 0) {
ret = gnutls_rnd(GNUTLS_RND_NONCE, id, sizeof(id));
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
a[a_val].value = (void *) id;
a[a_val].value_len = sizeof(id);
} else {
a[a_val].value = (void *) cid->data;
a[a_val].value_len = cid->size;
}
p[p_val].type = CKA_ID;
p[p_val].value = a[a_val].value;
p[p_val].value_len = a[a_val].value_len;
a_val++;
p_val++;
switch (pk) {
case GNUTLS_PK_RSA:
p[p_val].type = CKA_DECRYPT;
if (key_usage & (GNUTLS_KEY_DECIPHER_ONLY|GNUTLS_KEY_ENCIPHER_ONLY)) {
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
} else {
p[p_val].value = (void *) &fval;
p[p_val].value_len = sizeof(fval);
}
p_val++;
p[p_val].type = CKA_SIGN;
if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE) {
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
} else {
p[p_val].value = (void *) &fval;
p[p_val].value_len = sizeof(fval);
}
p_val++;
a[a_val].type = CKA_ENCRYPT;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
a[a_val].type = CKA_VERIFY;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
a[a_val].type = CKA_MODULUS_BITS;
a[a_val].value = &_bits;
a[a_val].value_len = sizeof(_bits);
a_val++;
a[a_val].type = CKA_PUBLIC_EXPONENT;
a[a_val].value = (char*)def_rsa_pub_exp;
a[a_val].value_len = sizeof(def_rsa_pub_exp);
a_val++;
break;
case GNUTLS_PK_DSA:
p[p_val].type = CKA_SIGN;
if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE) {
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
} else {
p[p_val].value = (void *) &fval;
p[p_val].value_len = sizeof(fval);
}
p_val++;
a[a_val].type = CKA_VERIFY;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
ret = _dsa_params_generate(sinfo.module, sinfo.pks, _bits,
&dsa_params, a, &a_val);
if (ret < 0) {
goto cleanup;
}
break;
case GNUTLS_PK_EC:
p[p_val].type = CKA_SIGN;
if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE) {
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
} else {
p[p_val].value = (void *) &fval;
p[p_val].value_len = sizeof(fval);
}
p_val++;
a[a_val].type = CKA_VERIFY;
a[a_val].value = (void *) &tval;
a[a_val].value_len = sizeof(tval);
a_val++;
if (GNUTLS_BITS_ARE_CURVE(bits)) {
bits = GNUTLS_BITS_TO_CURVE(bits);
} else {
bits = _gnutls_ecc_bits_to_curve(bits);
}
ret = _gnutls_x509_write_ecc_params(bits, &der);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
a[a_val].type = CKA_EC_PARAMS;
a[a_val].value = der.data;
a[a_val].value_len = der.size;
a_val++;
break;
default:
ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
goto cleanup;
}
/*
* on request, add the CKA_WRAP/CKA_UNWRAP key attribute
*/
if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP) {
p[p_val].type = CKA_UNWRAP;
p[p_val].value = (void*)&tval;
p[p_val].value_len = sizeof(tval);
p_val++;
a[a_val].type = CKA_WRAP;
a[a_val].value = (void*)&tval;
a[a_val].value_len = sizeof(tval);
a_val++;
}
/* a private key is set always as private unless
* requested otherwise
*/
if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE) {
p[p_val].type = CKA_PRIVATE;
p[p_val].value = (void *) &fval;
p[p_val].value_len = sizeof(fval);
p_val++;
} else {
p[p_val].type = CKA_PRIVATE;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
}
p[p_val].type = CKA_TOKEN;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
if (label) {
p[p_val].type = CKA_LABEL;
p[p_val].value = (void *) label;
p[p_val].value_len = strlen(label);
p_val++;
a[a_val].type = CKA_LABEL;
a[a_val].value = (void *) label;
a[a_val].value_len = strlen(label);
a_val++;
}
if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE) {
p[p_val].type = CKA_SENSITIVE;
p[p_val].value = (void *) &tval;
p[p_val].value_len = sizeof(tval);
p_val++;
} else {
p[p_val].type = CKA_SENSITIVE;
p[p_val].value = (void *) &fval;
p[p_val].value_len = sizeof(fval);
p_val++;
}
rv = pkcs11_generate_key_pair(sinfo.module, sinfo.pks, &mech, a,
a_val, p, p_val, &pub_ctx, &priv_ctx);
if (rv != CKR_OK) {
gnutls_assert();
_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
ret = pkcs11_rv_to_err(rv);
goto cleanup;
}
/* extract the public key */
if (pubkey) {
ret = gnutls_pubkey_init(&pkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = gnutls_pkcs11_obj_init(&obj);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
obj->pk_algorithm = pk;
obj->type = GNUTLS_PKCS11_OBJ_PUBKEY;
ret =
pkcs11_read_pubkey(sinfo.module, sinfo.pks, pub_ctx,
key_type, obj);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_import_pkcs11(pkey, obj, 0);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret = gnutls_pubkey_export2(pkey, fmt, pubkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
}
cleanup:
if (obj != NULL)
gnutls_pkcs11_obj_deinit(obj);
if (pkey != NULL)
gnutls_pubkey_deinit(pkey);
if (sinfo.pks != 0)
pkcs11_close_session(&sinfo);
gnutls_free(der.data);
return ret;
}
/**
* gnutls_tpm_privkey_generate:
* @pk: the public key algorithm
* @bits: the security bits
* @srk_password: a password to protect the exported key (optional)
* @key_password: the password for the TPM (optional)
* @format: the format of the private key
* @pub_format: the format of the public key
* @privkey: the generated key
* @pubkey: the corresponding public key (may be null)
* @flags: should be a list of GNUTLS_TPM_* flags
*
* This function will generate a private key in the TPM
* chip. The private key will be generated within the chip
* and will be exported in a wrapped with TPM's master key
* form. Furthermore the wrapped key can be protected with
* the provided @password.
*
* Note that bits in TPM is quantized value. If the input value
* is not one of the allowed values, then it will be quantized to
* one of 512, 1024, 2048, 4096, 8192 and 16384.
*
* Allowed flags are:
*
* %GNUTLS_TPM_KEY_SIGNING: Generate a signing key instead of a legacy,
* %GNUTLS_TPM_REGISTER_KEY: Register the generate key in TPM. In that
* case @privkey would contain a URL with the UUID.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.1.0
**/
int
gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, unsigned int bits,
const char *srk_password,
const char *key_password,
gnutls_tpmkey_fmt_t format,
gnutls_x509_crt_fmt_t pub_format,
gnutls_datum_t * privkey,
gnutls_datum_t * pubkey, unsigned int flags)
{
TSS_FLAG tpm_flags = TSS_KEY_VOLATILE;
TSS_HKEY key_ctx;
TSS_RESULT tssret;
int ret;
void *tdata;
UINT32 tint;
gnutls_datum_t tmpkey = { NULL, 0 };
TSS_HPOLICY key_policy;
gnutls_pubkey_t pub;
struct tpm_ctx_st s;
TSS_FLAG storage_type;
TSS_HTPM htpm;
uint8_t buf[32];
if (flags & GNUTLS_TPM_KEY_SIGNING)
tpm_flags |= TSS_KEY_TYPE_SIGNING;
else
tpm_flags |= TSS_KEY_TYPE_LEGACY;
if (flags & GNUTLS_TPM_KEY_USER)
storage_type = TSS_PS_TYPE_USER;
else
storage_type = TSS_PS_TYPE_SYSTEM;
if (bits <= 512)
tpm_flags |= TSS_KEY_SIZE_512;
else if (bits <= 1024)
tpm_flags |= TSS_KEY_SIZE_1024;
else if (bits <= 2048)
tpm_flags |= TSS_KEY_SIZE_2048;
else if (bits <= 4096)
tpm_flags |= TSS_KEY_SIZE_4096;
else if (bits <= 8192)
tpm_flags |= TSS_KEY_SIZE_8192;
else
tpm_flags |= TSS_KEY_SIZE_16384;
ret = tpm_open_session(&s, srk_password);
if (ret < 0)
return gnutls_assert_val(ret);
/* put some randomness into TPM.
* Let's not trust it completely.
*/
tssret = Tspi_Context_GetTpmObject(s.tpm_ctx, &htpm);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_cc;
}
ret = _gnutls_rnd(GNUTLS_RND_RANDOM, buf, sizeof(buf));
if (ret < 0) {
gnutls_assert();
goto err_cc;
}
tssret = Tspi_TPM_StirRandom(htpm, sizeof(buf), buf);
if (tssret) {
gnutls_assert();
}
tssret =
Tspi_Context_CreateObject(s.tpm_ctx, TSS_OBJECT_TYPE_RSAKEY,
tpm_flags, &key_ctx);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_cc;
}
tssret =
Tspi_SetAttribUint32(key_ctx, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
TSS_SS_RSASSAPKCS1V15_DER);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
/* set the password of the actual key */
if (key_password) {
tssret =
Tspi_GetPolicyObject(key_ctx, TSS_POLICY_USAGE,
&key_policy);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
tssret = myTspi_Policy_SetSecret(key_policy,
SAFE_LEN(key_password),
(void *) key_password);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
}
tssret = Tspi_Key_CreateKey(key_ctx, s.srk, 0);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
if (flags & GNUTLS_TPM_REGISTER_KEY) {
TSS_UUID key_uuid;
ret = randomize_uuid(&key_uuid);
if (ret < 0) {
gnutls_assert();
goto err_sa;
}
tssret =
Tspi_Context_RegisterKey(s.tpm_ctx, key_ctx,
storage_type, key_uuid,
TSS_PS_TYPE_SYSTEM, srk_uuid);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
ret =
encode_tpmkey_url((char **) &privkey->data, &key_uuid,
storage_type);
if (ret < 0) {
TSS_HKEY tkey;
Tspi_Context_UnregisterKey(s.tpm_ctx, storage_type,
key_uuid, &tkey);
gnutls_assert();
goto err_sa;
}
privkey->size = strlen((char *) privkey->data);
} else { /* get the key as blob */
tssret =
Tspi_GetAttribData(key_ctx, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_BLOB, &tint,
(void *) &tdata);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
if (format == GNUTLS_TPMKEY_FMT_CTK_PEM) {
ret =
_gnutls_x509_encode_string
(ASN1_ETYPE_OCTET_STRING, tdata, tint,
&tmpkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_fbase64_encode("TSS KEY BLOB",
tmpkey.data,
tmpkey.size, privkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
} else {
UINT32 tint2;
tmpkey.size = tint + 32; /* spec says no more than 20 */
tmpkey.data = gnutls_malloc(tmpkey.size);
if (tmpkey.data == NULL) {
gnutls_assert();
ret = GNUTLS_E_MEMORY_ERROR;
goto cleanup;
}
tint2 = tmpkey.size;
tssret =
Tspi_EncodeDER_TssBlob(tint, tdata,
TSS_BLOB_TYPE_PRIVATEKEY,
&tint2, tmpkey.data);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto cleanup;
}
tmpkey.size = tint2;
privkey->data = tmpkey.data;
privkey->size = tmpkey.size;
tmpkey.data = NULL;
}
}
/* read the public key */
if (pubkey != NULL) {
size_t psize;
ret = gnutls_pubkey_init(&pub);
if (ret < 0) {
gnutls_assert();
goto privkey_cleanup;
}
ret = read_pubkey(pub, key_ctx, &psize);
if (ret < 0) {
gnutls_assert();
goto privkey_cleanup;
}
psize += 512;
pubkey->data = gnutls_malloc(psize);
if (pubkey->data == NULL) {
gnutls_assert();
ret = GNUTLS_E_MEMORY_ERROR;
goto pubkey_cleanup;
}
ret =
gnutls_pubkey_export(pub, pub_format, pubkey->data,
&psize);
if (ret < 0) {
gnutls_assert();
goto pubkey_cleanup;
}
pubkey->size = psize;
gnutls_pubkey_deinit(pub);
}
ret = 0;
goto cleanup;
pubkey_cleanup:
gnutls_pubkey_deinit(pub);
privkey_cleanup:
gnutls_free(privkey->data);
privkey->data = NULL;
cleanup:
gnutls_free(tmpkey.data);
tmpkey.data = NULL;
err_sa:
Tspi_Context_CloseObject(s.tpm_ctx, key_ctx);
err_cc:
tpm_close_session(&s);
return ret;
}
void doit(void)
{
char buf[128];
int ret;
const char *lib, *bin;
gnutls_x509_crt_t crt;
gnutls_x509_privkey_t key;
gnutls_datum_t tmp, sig;
gnutls_privkey_t pkey;
gnutls_pubkey_t pubkey;
gnutls_pubkey_t pubkey2;
unsigned i, sigalgo;
bin = softhsm_bin();
lib = softhsm_lib();
ret = global_init();
if (ret != 0) {
fail("%d: %s\n", ret, gnutls_strerror(ret));
}
gnutls_pkcs11_set_pin_function(pin_func, NULL);
gnutls_global_set_log_function(tls_log_func);
if (debug)
gnutls_global_set_log_level(4711);
set_softhsm_conf(CONFIG);
snprintf(buf, sizeof(buf),
"%s --init-token --slot 0 --label test --so-pin " PIN " --pin "
PIN, bin);
system(buf);
ret = gnutls_pkcs11_add_provider(lib, NULL);
if (ret < 0) {
fail("gnutls_x509_crt_init: %s\n", gnutls_strerror(ret));
}
if (verify_eddsa_presence() == 0) {
fprintf(stderr, "Skipping test as no EDDSA mech is supported\n");
exit(77);
}
ret = gnutls_x509_crt_init(&crt);
if (ret < 0)
fail("gnutls_x509_crt_init: %s\n", gnutls_strerror(ret));
ret =
gnutls_x509_crt_import(crt, &server_ca3_eddsa_cert,
GNUTLS_X509_FMT_PEM);
if (ret < 0)
fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret));
if (debug) {
gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_ONELINE, &tmp);
printf("\tCertificate: %.*s\n", tmp.size, tmp.data);
gnutls_free(tmp.data);
}
ret = gnutls_x509_privkey_init(&key);
if (ret < 0) {
fail("gnutls_x509_privkey_init: %s\n", gnutls_strerror(ret));
}
ret =
gnutls_x509_privkey_import(key, &server_ca3_eddsa_key,
GNUTLS_X509_FMT_PEM);
if (ret < 0) {
fail("gnutls_x509_privkey_import: %s\n", gnutls_strerror(ret));
}
/* initialize softhsm token */
ret = gnutls_pkcs11_token_init(SOFTHSM_URL, PIN, "test");
if (ret < 0) {
fail("gnutls_pkcs11_token_init: %s\n", gnutls_strerror(ret));
}
ret =
gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN,
GNUTLS_PIN_USER);
if (ret < 0) {
fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret));
}
ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, crt, "cert",
GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE |
GNUTLS_PKCS11_OBJ_FLAG_LOGIN);
if (ret < 0) {
fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret));
}
ret =
gnutls_pkcs11_copy_x509_privkey(SOFTHSM_URL, key, "cert",
GNUTLS_KEY_DIGITAL_SIGNATURE |
GNUTLS_KEY_KEY_ENCIPHERMENT,
GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE
|
GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE
| GNUTLS_PKCS11_OBJ_FLAG_LOGIN);
if (ret < 0) {
fail("gnutls_pkcs11_copy_x509_privkey: %s\n",
gnutls_strerror(ret));
}
gnutls_x509_crt_deinit(crt);
gnutls_x509_privkey_deinit(key);
gnutls_pkcs11_set_pin_function(NULL, NULL);
assert(gnutls_privkey_init(&pkey) == 0);
ret =
gnutls_privkey_import_pkcs11_url(pkey,
SOFTHSM_URL
";object=cert;object-type=private;pin-value="
PIN);
if (ret < 0) {
fail("error in gnutls_privkey_import_pkcs11_url: %s\n", gnutls_strerror(ret));
}
assert(gnutls_pubkey_init(&pubkey) == 0);
assert(gnutls_pubkey_import_privkey(pubkey, pkey, 0, 0) == 0);
assert(gnutls_pubkey_init(&pubkey2) == 0);
assert(gnutls_pubkey_import_x509_raw
(pubkey2, &server_ca3_eddsa_cert, GNUTLS_X509_FMT_PEM, 0) == 0);
/* this is the algorithm supported by the certificate */
sigalgo = GNUTLS_SIGN_EDDSA_ED25519;
for (i = 0; i < 20; i++) {
/* check whether privkey and pubkey are operational
* by signing and verifying */
ret =
gnutls_privkey_sign_data2(pkey, sigalgo, 0,
&testdata, &sig);
if (ret < 0)
myfail("Error signing data %s\n", gnutls_strerror(ret));
/* verify against the pubkey in PKCS #11 */
ret =
gnutls_pubkey_verify_data2(pubkey, sigalgo, 0,
&testdata, &sig);
if (ret < 0)
myfail("Error verifying data1: %s\n",
gnutls_strerror(ret));
/* verify against the raw pubkey */
ret =
gnutls_pubkey_verify_data2(pubkey2, sigalgo, 0,
&testdata, &sig);
if (ret < 0)
myfail("Error verifying data2: %s\n",
gnutls_strerror(ret));
gnutls_free(sig.data);
}
gnutls_pubkey_deinit(pubkey2);
gnutls_pubkey_deinit(pubkey);
gnutls_privkey_deinit(pkey);
gnutls_global_deinit();
remove(CONFIG);
}
void
pkcs11_test_sign(FILE * outfile, const char *url, unsigned int flags,
common_info_st * info)
{
gnutls_privkey_t privkey;
gnutls_pubkey_t pubkey;
int ret;
gnutls_datum_t data, sig = {NULL, 0};
int pk;
pkcs11_common(info);
FIX(url, outfile, 0, info);
data.data = (void*)TEST_DATA;
data.size = sizeof(TEST_DATA)-1;
ret = gnutls_privkey_init(&privkey);
if (ret < 0) {
fprintf(stderr, "Error in %s:%d: %s\n", __func__,
__LINE__, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0) {
fprintf(stderr, "Error in %s:%d: %s\n", __func__,
__LINE__, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_privkey_import_url(privkey, url, flags);
if (ret < 0) {
fprintf(stderr, "Cannot import private key: %s\n",
gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pubkey_import_privkey(pubkey, privkey, GNUTLS_KEY_DIGITAL_SIGNATURE, flags);
if (ret < 0) {
fprintf(stderr, "Cannot import public key: %s\n",
gnutls_strerror(ret));
exit(1);
}
ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, &data, &sig);
if (ret < 0) {
fprintf(stderr, "Cannot sign data: %s\n",
gnutls_strerror(ret));
exit(1);
}
pk = gnutls_pubkey_get_pk_algorithm(pubkey, NULL);
fprintf(stderr, "Verifying against private key parameters... ");
ret = gnutls_pubkey_verify_data2(pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA1),
0, &data, &sig);
if (ret < 0) {
fprintf(stderr, "Cannot verify signed data: %s\n",
gnutls_strerror(ret));
exit(1);
}
fprintf(stderr, "ok\n");
/* now try to verify against a public key within the token */
gnutls_pubkey_deinit(pubkey);
ret = gnutls_pubkey_init(&pubkey);
if (ret < 0) {
fprintf(stderr, "Error in %s:%d: %s\n", __func__,
__LINE__, gnutls_strerror(ret));
exit(1);
}
ret = gnutls_pubkey_import_url(pubkey, url, flags);
if (ret < 0) {
fprintf(stderr, "Cannot find a corresponding public key object in token: %s\n",
gnutls_strerror(ret));
if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
exit(0);
exit(1);
}
fprintf(stderr, "Verifying against public key in the token... ");
ret = gnutls_pubkey_verify_data2(pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA1),
0, &data, &sig);
if (ret < 0) {
fprintf(stderr, "Cannot verify signed data: %s\n",
gnutls_strerror(ret));
exit(1);
}
fprintf(stderr, "ok\n");
gnutls_free(sig.data);
gnutls_pubkey_deinit(pubkey);
gnutls_privkey_deinit(privkey);
UNFIX;
}
