static isc_result_t
opensslgost_tofile(const dst_key_t *key, const char *directory) {
EVP_PKEY *pkey;
dst_private_t priv;
isc_result_t result;
unsigned char *der, *p;
int len;
if (key->keydata.pkey == NULL)
return (DST_R_NULLKEY);
pkey = key->keydata.pkey;
len = i2d_PrivateKey(pkey, NULL);
der = isc_mem_get(key->mctx, (size_t) len);
if (der == NULL)
return (ISC_R_NOMEMORY);
p = der;
if (i2d_PrivateKey(pkey, &p) != len) {
result = dst__openssl_toresult(DST_R_OPENSSLFAILURE);
goto fail;
}
priv.elements[0].tag = TAG_GOST_PRIVASN1;
priv.elements[0].length = len;
priv.elements[0].data = der;
priv.nelements = GOST_NTAGS;
result = dst__privstruct_writefile(key, &priv, directory);
fail:
if (der != NULL)
isc_mem_put(key->mctx, der, (size_t) len);
return (result);
}
Settings::KeyPair CertWizard::importCert(QByteArray data, const QString &pw) {
X509 *x509 = NULL;
EVP_PKEY *pkey = NULL;
PKCS12 *pkcs = NULL;
BIO *mem = NULL;
STACK_OF(X509) *certs = NULL;
Settings::KeyPair kp;
int ret = 0;
mem = BIO_new_mem_buf(data.data(), data.size());
Q_UNUSED(BIO_set_close(mem, BIO_NOCLOSE));
pkcs = d2i_PKCS12_bio(mem, NULL);
if (pkcs) {
ret = PKCS12_parse(pkcs, NULL, &pkey, &x509, &certs);
if (pkcs && !pkey && !x509 && ! pw.isEmpty()) {
if (certs) {
if (ret)
sk_X509_free(certs);
certs = NULL;
}
ret = PKCS12_parse(pkcs, pw.toUtf8().constData(), &pkey, &x509, &certs);
}
if (pkey && x509 && X509_check_private_key(x509, pkey)) {
unsigned char *dptr;
QByteArray key, crt;
key.resize(i2d_PrivateKey(pkey, NULL));
dptr=reinterpret_cast<unsigned char *>(key.data());
i2d_PrivateKey(pkey, &dptr);
crt.resize(i2d_X509(x509, NULL));
dptr=reinterpret_cast<unsigned char *>(crt.data());
i2d_X509(x509, &dptr);
QSslCertificate qscCert = QSslCertificate(crt, QSsl::Der);
QSslKey qskKey = QSslKey(key, QSsl::Rsa, QSsl::Der);
QList<QSslCertificate> qlCerts;
qlCerts << qscCert;
if (certs) {
for (int i=0;i<sk_X509_num(certs);++i) {
X509 *c = sk_X509_value(certs, i);
crt.resize(i2d_X509(c, NULL));
dptr=reinterpret_cast<unsigned char *>(crt.data());
i2d_X509(c, &dptr);
QSslCertificate cert = QSslCertificate(crt, QSsl::Der);
qlCerts << cert;
}
}
bool valid = ! qskKey.isNull();
foreach(const QSslCertificate &cert, qlCerts)
valid = valid && ! cert.isNull();
if (valid)
kp = Settings::KeyPair(qlCerts, qskKey);
}
}
static int wrap_key(EVP_PKEY* pkey, int type, uint8_t** keyBlob, size_t* keyBlobLength) {
/*
* Find the length of each size. Public key is not needed anymore
* but must be kept for alignment purposes.
*/
int publicLen = 0;
int privateLen = i2d_PrivateKey(pkey, NULL);
if (privateLen <= 0) {
ALOGE("private key size was too big");
return -1;
}
/* int type + int size + private key data + int size + public key data */
*keyBlobLength = get_softkey_header_size() + sizeof(type) + sizeof(publicLen) + privateLen +
sizeof(privateLen) + publicLen;
// derData will be returned to the caller, so allocate it with malloc.
UniquePtr<unsigned char, Malloc_Free> derData(
static_cast<unsigned char*>(malloc(*keyBlobLength)));
if (derData.get() == NULL) {
ALOGE("could not allocate memory for key blob");
return -1;
}
unsigned char* p = derData.get();
/* Write the magic value for software keys. */
p = add_softkey_header(p, *keyBlobLength);
/* Write key type to allocated buffer */
for (int i = sizeof(type) - 1; i >= 0; i--) {
*p++ = (type >> (8 * i)) & 0xFF;
}
/* Write public key to allocated buffer */
for (int i = sizeof(publicLen) - 1; i >= 0; i--) {
*p++ = (publicLen >> (8 * i)) & 0xFF;
}
/* Write private key to allocated buffer */
for (int i = sizeof(privateLen) - 1; i >= 0; i--) {
*p++ = (privateLen >> (8 * i)) & 0xFF;
}
if (i2d_PrivateKey(pkey, &p) != privateLen) {
logOpenSSLError("wrap_key");
return -1;
}
*keyBlob = derData.release();
return 0;
}
static int wrap_key(EVP_PKEY* pkey, int type, uint8_t** keyBlob, size_t* keyBlobLength) {
/* Find the length of each size */
int publicLen = i2d_PublicKey(pkey, NULL);
int privateLen = i2d_PrivateKey(pkey, NULL);
if (privateLen <= 0 || publicLen <= 0) {
ALOGE("private or public key size was too big");
return -1;
}
/* int type + int size + private key data + int size + public key data */
*keyBlobLength = get_softkey_header_size() + sizeof(int) + sizeof(int) + privateLen
+ sizeof(int) + publicLen;
UniquePtr<unsigned char[]> derData(new unsigned char[*keyBlobLength]);
if (derData.get() == NULL) {
ALOGE("could not allocate memory for key blob");
return -1;
}
unsigned char* p = derData.get();
/* Write the magic value for software keys. */
p = add_softkey_header(p, *keyBlobLength);
/* Write key type to allocated buffer */
for (int i = sizeof(int) - 1; i >= 0; i--) {
*p++ = (type >> (8*i)) & 0xFF;
}
/* Write public key to allocated buffer */
for (int i = sizeof(int) - 1; i >= 0; i--) {
*p++ = (publicLen >> (8*i)) & 0xFF;
}
if (i2d_PublicKey(pkey, &p) != publicLen) {
logOpenSSLError("wrap_key");
return -1;
}
/* Write private key to allocated buffer */
for (int i = sizeof(int) - 1; i >= 0; i--) {
*p++ = (privateLen >> (8*i)) & 0xFF;
}
if (i2d_PrivateKey(pkey, &p) != privateLen) {
logOpenSSLError("wrap_key");
return -1;
}
*keyBlob = derData.release();
return 0;
}
Settings::KeyPair CertWizard::generateNewCert(QString qsname, const QString &qsemail) {
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
X509 *x509 = X509_new();
EVP_PKEY *pkey = EVP_PKEY_new();
RSA *rsa = RSA_generate_key(2048,RSA_F4,NULL,NULL);
EVP_PKEY_assign_RSA(pkey, rsa);
X509_set_version(x509, 2);
ASN1_INTEGER_set(X509_get_serialNumber(x509),1);
X509_gmtime_adj(X509_get_notBefore(x509),0);
X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365*20);
X509_set_pubkey(x509, pkey);
X509_NAME *name=X509_get_subject_name(x509);
if (qsname.isEmpty())
qsname = tr("Mumble User");
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, reinterpret_cast<unsigned char *>(qsname.toUtf8().data()), -1, -1, 0);
X509_set_issuer_name(x509, name);
add_ext(x509, NID_basic_constraints, SSL_STRING("critical,CA:FALSE"));
add_ext(x509, NID_ext_key_usage, SSL_STRING("clientAuth"));
add_ext(x509, NID_subject_key_identifier, SSL_STRING("hash"));
add_ext(x509, NID_netscape_comment, SSL_STRING("Generated by Mumble"));
add_ext(x509, NID_subject_alt_name, QString::fromLatin1("email:%1").arg(qsemail).toUtf8().data());
X509_sign(x509, pkey, EVP_sha1());
QByteArray crt, key;
crt.resize(i2d_X509(x509, NULL));
unsigned char *dptr=reinterpret_cast<unsigned char *>(crt.data());
i2d_X509(x509, &dptr);
QSslCertificate qscCert = QSslCertificate(crt, QSsl::Der);
key.resize(i2d_PrivateKey(pkey, NULL));
dptr=reinterpret_cast<unsigned char *>(key.data());
i2d_PrivateKey(pkey, &dptr);
QSslKey qskKey = QSslKey(key, QSsl::Rsa, QSsl::Der);
QList<QSslCertificate> qlCert;
qlCert << qscCert;
return Settings::KeyPair(qlCert, qskKey);
}
PyObject *
get_key_der_private(struct ndn_pkey *private_key_ndn)
{
PyObject *result;
unsigned long err;
unsigned char *private_key_der = NULL;
int der_len;
assert(private_key_ndn);
der_len = i2d_PrivateKey((EVP_PKEY *) private_key_ndn, &private_key_der);
JUMP_IF_NEG(der_len, openssl_error);
result = PyBytes_FromStringAndSize((char *) private_key_der, der_len);
JUMP_IF_NULL(result, error);
return result;
openssl_error:
err = ERR_get_error();
PyErr_Format(g_PyExc_NDNKeyError, "Unable to write Private Key: %s",
ERR_reason_error_string(err));
error:
return NULL;
}
static char *
_SSL_get_obj_base64(void *s, int type)
{
unsigned char *pt, *ppt;
unsigned char *t;
int len = 0;
int i;
switch (type) {
case 0:
len = i2d_PublicKey(s, NULL);
break;
case 1:
len = i2d_PrivateKey(s, NULL);
break;
case 2:
len = i2d_X509(s, NULL);
break;
}
if (len < 0)
return (NULL);
pt = ppt = mmalloc(len);
switch (type) {
case 0:
i2d_PublicKey(s, &pt);
break;
case 1:
i2d_PrivateKey(s, &pt);
break;
case 2:
i2d_X509(s, &pt);
break;
}
t = mmalloc(len * 2 + 1); /* + NULL */
if ((i = EVP_EncodeBlock(t, ppt, len)) == -1) {
fprintf(stderr, "_SSL_get_key_base64 :: EVP_EncodeBlock failed\n");
exit(1);
}
free (ppt);
return (t);
}
SEXP R_parse_der_key(SEXP input){
BIO *mem = BIO_new_mem_buf(RAW(input), LENGTH(input));
EVP_PKEY *pkey = d2i_PrivateKey_bio(mem, NULL);
BIO_free(mem);
bail(!!pkey);
unsigned char *buf = NULL;
int len = i2d_PrivateKey(pkey, &buf);
bail(len);
SEXP res = allocVector(RAWSXP, len);
memcpy(RAW(res), buf, len);
OPENSSL_free(buf);
return res;
}
static PARCBuffer *
_GetDEREncodedPrivateKey(PARCPkcs12KeyStore *keystore)
{
parcSecurity_AssertIsInitialized();
assertNotNull(keystore, "Parameter must be non-null PARCPkcs12KeyStore");
if (keystore->private_key_der == NULL) {
uint8_t *der = NULL;
// this allocates memory for der
int derLength = i2d_PrivateKey(keystore->private_key, &der);
if (derLength > 0) {
keystore->private_key_der =
parcBuffer_Flip(parcBuffer_PutArray(parcBuffer_Allocate(derLength), derLength, der));
}
OPENSSL_free(der);
}
return parcBuffer_Copy(keystore->private_key_der);
}
void Server::initializeCert() {
QByteArray crt, key, pass;
crt = getConf("certificate", QString()).toByteArray();
key = getConf("key", QString()).toByteArray();
pass = getConf("passphrase", QByteArray()).toByteArray();
QList<QSslCertificate> ql;
if (! key.isEmpty()) {
qskKey = QSslKey(key, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, pass);
if (qskKey.isNull())
qskKey = QSslKey(key, QSsl::Dsa, QSsl::Pem, QSsl::PrivateKey, pass);
}
if (qskKey.isNull() && ! crt.isEmpty()) {
qskKey = QSslKey(crt, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, pass);
if (qskKey.isNull())
qskKey = QSslKey(crt, QSsl::Dsa, QSsl::Pem, QSsl::PrivateKey, pass);
}
if (! qskKey.isNull()) {
ql << QSslCertificate::fromData(crt);
ql << QSslCertificate::fromData(key);
for (int i=0;i<ql.size();++i) {
const QSslCertificate &c = ql.at(i);
if (isKeyForCert(qskKey, c)) {
qscCert = c;
ql.removeAt(i);
}
}
qlCA = ql;
}
QString issuer;
#if QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)
QStringList issuerNames = qscCert.issuerInfo(QSslCertificate::CommonName);
if (! issuerNames.isEmpty()) {
issuer = issuerNames.first();
}
#else
issuer = qscCert.issuerInfo(QSslCertificate::CommonName);
#endif
if (issuer == QString::fromUtf8("Murmur Autogenerated Certificate")) {
log("Old autogenerated certificate is unusable for registration, invalidating it");
qscCert = QSslCertificate();
qskKey = QSslKey();
}
if (!qscCert.isNull() && issuer == QString::fromUtf8("Murmur Autogenerated Certificate v2") && ! Meta::mp.qscCert.isNull() && ! Meta::mp.qskKey.isNull() && (Meta::mp.qlBind == qlBind)) {
qscCert = Meta::mp.qscCert;
qskKey = Meta::mp.qskKey;
}
if (qscCert.isNull() || qskKey.isNull()) {
if (! key.isEmpty() || ! crt.isEmpty()) {
log("Certificate specified, but failed to load.");
}
qskKey = Meta::mp.qskKey;
qscCert = Meta::mp.qscCert;
if (qscCert.isNull() || qskKey.isNull()) {
log("Generating new server certificate.");
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
X509 *x509 = X509_new();
EVP_PKEY *pkey = EVP_PKEY_new();
RSA *rsa = RSA_generate_key(2048,RSA_F4,NULL,NULL);
EVP_PKEY_assign_RSA(pkey, rsa);
X509_set_version(x509, 2);
ASN1_INTEGER_set(X509_get_serialNumber(x509),1);
X509_gmtime_adj(X509_get_notBefore(x509),0);
X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365*20);
X509_set_pubkey(x509, pkey);
X509_NAME *name=X509_get_subject_name(x509);
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, reinterpret_cast<unsigned char *>(const_cast<char *>("Murmur Autogenerated Certificate v2")), -1, -1, 0);
X509_set_issuer_name(x509, name);
add_ext(x509, NID_basic_constraints, SSL_STRING("critical,CA:FALSE"));
add_ext(x509, NID_ext_key_usage, SSL_STRING("serverAuth,clientAuth"));
add_ext(x509, NID_subject_key_identifier, SSL_STRING("hash"));
add_ext(x509, NID_netscape_comment, SSL_STRING("Generated from murmur"));
X509_sign(x509, pkey, EVP_sha1());
crt.resize(i2d_X509(x509, NULL));
unsigned char *dptr=reinterpret_cast<unsigned char *>(crt.data());
i2d_X509(x509, &dptr);
qscCert = QSslCertificate(crt, QSsl::Der);
if (qscCert.isNull())
log("Certificate generation failed");
key.resize(i2d_PrivateKey(pkey, NULL));
dptr=reinterpret_cast<unsigned char *>(key.data());
i2d_PrivateKey(pkey, &dptr);
qskKey = QSslKey(key, QSsl::Rsa, QSsl::Der);
if (qskKey.isNull())
log("Key generation failed");
setConf("certificate", qscCert.toPem());
setConf("key", qskKey.toPem());
}
}
}
void Server::initializeCert() {
QByteArray crt, key, pass, dhparams;
crt = getConf("certificate", QString()).toByteArray();
key = getConf("key", QString()).toByteArray();
pass = getConf("passphrase", QByteArray()).toByteArray();
dhparams = getConf("sslDHParams", Meta::mp.qbaDHParams).toByteArray();
QList<QSslCertificate> ql;
if (! key.isEmpty()) {
qskKey = QSslKey(key, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, pass);
if (qskKey.isNull())
qskKey = QSslKey(key, QSsl::Dsa, QSsl::Pem, QSsl::PrivateKey, pass);
}
if (qskKey.isNull() && ! crt.isEmpty()) {
qskKey = QSslKey(crt, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, pass);
if (qskKey.isNull())
qskKey = QSslKey(crt, QSsl::Dsa, QSsl::Pem, QSsl::PrivateKey, pass);
}
if (! qskKey.isNull()) {
ql << QSslCertificate::fromData(crt);
ql << QSslCertificate::fromData(key);
for (int i=0;i<ql.size();++i) {
const QSslCertificate &c = ql.at(i);
if (isKeyForCert(qskKey, c)) {
qscCert = c;
ql.removeAt(i);
}
}
qlCA = ql;
}
#if defined(USE_QSSLDIFFIEHELLMANPARAMETERS)
if (! dhparams.isEmpty()) {
QSslDiffieHellmanParameters qdhp = QSslDiffieHellmanParameters(dhparams);
if (qdhp.isValid()) {
qsdhpDHParams = qdhp;
} else {
log(QString::fromLatin1("Unable to use specified Diffie-Hellman parameters (sslDHParams): %1").arg(qdhp.errorString()));
}
}
#else
if (! dhparams.isEmpty()) {
log("Diffie-Hellman parameters (sslDHParams) were specified, but will not be used. This version of Murmur does not support Diffie-Hellman parameters.");
}
#endif
QString issuer;
#if QT_VERSION >= 0x050000
QStringList issuerNames = qscCert.issuerInfo(QSslCertificate::CommonName);
if (! issuerNames.isEmpty()) {
issuer = issuerNames.first();
}
#else
issuer = qscCert.issuerInfo(QSslCertificate::CommonName);
#endif
if (issuer == QString::fromUtf8("Murmur Autogenerated Certificate")) {
log("Old autogenerated certificate is unusable for registration, invalidating it");
qscCert = QSslCertificate();
qskKey = QSslKey();
}
if (!qscCert.isNull() && issuer == QString::fromUtf8("Murmur Autogenerated Certificate v2") && ! Meta::mp.qscCert.isNull() && ! Meta::mp.qskKey.isNull() && (Meta::mp.qlBind == qlBind)) {
qscCert = Meta::mp.qscCert;
qskKey = Meta::mp.qskKey;
}
if (qscCert.isNull() || qskKey.isNull()) {
if (! key.isEmpty() || ! crt.isEmpty()) {
log("Certificate specified, but failed to load.");
}
qskKey = Meta::mp.qskKey;
qscCert = Meta::mp.qscCert;
if (qscCert.isNull() || qskKey.isNull()) {
log("Generating new server certificate.");
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
X509 *x509 = X509_new();
EVP_PKEY *pkey = EVP_PKEY_new();
RSA *rsa = RSA_generate_key(2048,RSA_F4,NULL,NULL);
EVP_PKEY_assign_RSA(pkey, rsa);
X509_set_version(x509, 2);
ASN1_INTEGER_set(X509_get_serialNumber(x509),1);
X509_gmtime_adj(X509_get_notBefore(x509),0);
X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365*20);
X509_set_pubkey(x509, pkey);
X509_NAME *name=X509_get_subject_name(x509);
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, reinterpret_cast<unsigned char *>(const_cast<char *>("Murmur Autogenerated Certificate v2")), -1, -1, 0);
X509_set_issuer_name(x509, name);
add_ext(x509, NID_basic_constraints, SSL_STRING("critical,CA:FALSE"));
add_ext(x509, NID_ext_key_usage, SSL_STRING("serverAuth,clientAuth"));
add_ext(x509, NID_subject_key_identifier, SSL_STRING("hash"));
add_ext(x509, NID_netscape_comment, SSL_STRING("Generated from murmur"));
X509_sign(x509, pkey, EVP_sha1());
crt.resize(i2d_X509(x509, NULL));
unsigned char *dptr=reinterpret_cast<unsigned char *>(crt.data());
i2d_X509(x509, &dptr);
qscCert = QSslCertificate(crt, QSsl::Der);
if (qscCert.isNull())
log("Certificate generation failed");
key.resize(i2d_PrivateKey(pkey, NULL));
dptr=reinterpret_cast<unsigned char *>(key.data());
i2d_PrivateKey(pkey, &dptr);
qskKey = QSslKey(key, QSsl::Rsa, QSsl::Der);
if (qskKey.isNull())
log("Key generation failed");
setConf("certificate", qscCert.toPem());
setConf("key", qskKey.toPem());
}
}
#if defined(USE_QSSLDIFFIEHELLMANPARAMETERS)
if (qsdhpDHParams.isEmpty()) {
log("Generating new server 2048-bit Diffie-Hellman parameters. This could take a while...");
DH *dh = DH_new();
if (dh == NULL) {
qFatal("DH_new failed: unable to generate Diffie-Hellman parameters for virtual server");
}
// Generate DH params.
// We register a status callback in order to update the UI
// for Murmur on Windows. We don't show the actual status,
// but we do it to keep Murmur on Windows responsive while
// generating the parameters.
BN_GENCB cb;
memset(&cb, 0, sizeof(BN_GENCB));
BN_GENCB_set(&cb, dh_progress, NULL);
if (DH_generate_parameters_ex(dh, 2048, 2, &cb) == 0) {
qFatal("DH_generate_parameters_ex failed: unable to generate Diffie-Hellman parameters for virtual server");
}
BIO *mem = BIO_new(BIO_s_mem());
if (PEM_write_bio_DHparams(mem, dh) == 0) {
qFatal("PEM_write_bio_DHparams failed: unable to write generated Diffie-Hellman parameters to memory");
}
char *pem = NULL;
long len = BIO_get_mem_data(mem, &pem);
if (len <= 0) {
qFatal("BIO_get_mem_data returned an empty or invalid buffer");
}
QByteArray pemdh(pem, len);
QSslDiffieHellmanParameters qdhp(pemdh);
if (!qdhp.isValid()) {
qFatal("QSslDiffieHellmanParameters: unable to import generated Diffie-HellmanParameters: %s", qdhp.errorString().toStdString().c_str());
}
qsdhpDHParams = qdhp;
setConf("sslDHParams", pemdh);
BIO_free(mem);
DH_free(dh);
}
#endif
}
void pki_evp::encryptKey(const char *password)
{
int outl, keylen;
EVP_PKEY *pkey1 = NULL;
EVP_CIPHER_CTX ctx;
const EVP_CIPHER *cipher = EVP_des_ede3_cbc();
unsigned char iv[EVP_MAX_IV_LENGTH], *punenc, *punenc1;
unsigned char ckey[EVP_MAX_KEY_LENGTH];
char ownPassBuf[MAX_PASS_LENGTH];
/* This key has its own, private password */
if (ownPass == ptPrivate) {
int ret;
pass_info p(XCA_TITLE, tr("Please enter the password to protect the private key: '%1'").
arg(getIntName()));
ret = MainWindow::passWrite(ownPassBuf, MAX_PASS_LENGTH, 0, &p);
if (ret < 0)
throw errorEx("Password input aborted", class_name);
} else if (ownPass == ptBogus) { // BOGUS password
ownPassBuf[0] = '\0';
} else {
if (password) {
/* use the password parameter if this is a common password */
strncpy(ownPassBuf, password, MAX_PASS_LENGTH);
} else {
int ret = 0;
memcpy(ownPassBuf, passwd, MAX_PASS_LENGTH);
pass_info p(XCA_TITLE, tr("Please enter the database password for encrypting the key"));
while (md5passwd(ownPassBuf) != passHash &&
sha512passwd(ownPassBuf, passHash) != passHash )
{
ret = MainWindow::passRead(ownPassBuf, MAX_PASS_LENGTH, 0,&p);
if (ret < 0)
throw errorEx("Password input aborted", class_name);
}
}
}
/* Prepare Encryption */
memset(iv, 0, EVP_MAX_IV_LENGTH);
RAND_pseudo_bytes(iv,8); /* Generate a salt */
EVP_BytesToKey(cipher, EVP_sha1(), iv, (unsigned char *)ownPassBuf,
strlen(ownPassBuf), 1, ckey, NULL);
EVP_CIPHER_CTX_init (&ctx);
pki_openssl_error();
/* reserve space for unencrypted and encrypted key */
keylen = i2d_PrivateKey(key, NULL);
encKey.resize(keylen + EVP_MAX_KEY_LENGTH + 8);
punenc1 = punenc = (unsigned char *)OPENSSL_malloc(keylen);
check_oom(punenc);
keylen = i2d_PrivateKey(key, &punenc1);
pki_openssl_error();
memcpy(encKey.data(), iv, 8); /* store the iv */
/*
* Now DER version of privkey is in punenc
* and privkey is still in key
*/
/* do the encryption */
/* store key right after the iv */
EVP_EncryptInit(&ctx, cipher, ckey, iv);
unsigned char *penc = (unsigned char *)encKey.data() +8;
EVP_EncryptUpdate(&ctx, penc, &outl, punenc, keylen);
int encKey_len = outl;
EVP_EncryptFinal(&ctx, penc + encKey_len, &outl);
encKey.resize(encKey_len + outl +8);
/* Cleanup */
EVP_CIPHER_CTX_cleanup(&ctx);
/* wipe out the memory */
memset(punenc, 0, keylen);
OPENSSL_free(punenc);
pki_openssl_error();
pkey1 = priv2pub(key);
check_oom(pkey1);
EVP_PKEY_free(key);
key = pkey1;
pki_openssl_error();
//CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF);
//printf("Encrypt: encKey_len=%d\n", encKey_len);
return;
}
void Server::initializeCert() {
QByteArray crt, key, pass, dhparams;
crt = getConf("certificate", QString()).toByteArray();
key = getConf("key", QString()).toByteArray();
pass = getConf("passphrase", QByteArray()).toByteArray();
dhparams = getConf("sslDHParams", Meta::mp.qbaDHParams).toByteArray();
QList<QSslCertificate> ql;
// Attempt to load key as an RSA key or a DSA key
if (! key.isEmpty()) {
qskKey = QSslKey(key, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, pass);
if (qskKey.isNull())
qskKey = QSslKey(key, QSsl::Dsa, QSsl::Pem, QSsl::PrivateKey, pass);
}
// If we still can't load the key, try loading any keys from the certificate
if (qskKey.isNull() && ! crt.isEmpty()) {
qskKey = QSslKey(crt, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, pass);
if (qskKey.isNull())
qskKey = QSslKey(crt, QSsl::Dsa, QSsl::Pem, QSsl::PrivateKey, pass);
}
// If have a key, walk the list of certs, find the one for our key,
// remove any certs for our key from the list, what's left is part of
// the CA certificate chain.
if (! qskKey.isNull()) {
ql << QSslCertificate::fromData(crt);
ql << QSslCertificate::fromData(key);
for (int i=0;i<ql.size();++i) {
const QSslCertificate &c = ql.at(i);
if (isKeyForCert(qskKey, c)) {
qscCert = c;
ql.removeAt(i);
}
}
qlCA = ql;
}
#if defined(USE_QSSLDIFFIEHELLMANPARAMETERS)
if (! dhparams.isEmpty()) {
QSslDiffieHellmanParameters qdhp = QSslDiffieHellmanParameters(dhparams);
if (qdhp.isValid()) {
qsdhpDHParams = qdhp;
} else {
log(QString::fromLatin1("Unable to use specified Diffie-Hellman parameters (sslDHParams): %1").arg(qdhp.errorString()));
}
}
#else
if (! dhparams.isEmpty()) {
log("Diffie-Hellman parameters (sslDHParams) were specified, but will not be used. This version of Murmur does not support Diffie-Hellman parameters.");
}
#endif
QString issuer;
#if QT_VERSION >= 0x050000
QStringList issuerNames = qscCert.issuerInfo(QSslCertificate::CommonName);
if (! issuerNames.isEmpty()) {
issuer = issuerNames.first();
}
#else
issuer = qscCert.issuerInfo(QSslCertificate::CommonName);
#endif
// Really old certs/keys are no good, throw them away so we can
// generate a new one below.
if (issuer == QString::fromUtf8("Murmur Autogenerated Certificate")) {
log("Old autogenerated certificate is unusable for registration, invalidating it");
qscCert = QSslCertificate();
qskKey = QSslKey();
}
// If we have a cert, and it's a self-signed one, but we're binding to
// all the same addresses as the Meta server is, use it's cert instead.
// This allows a self-signed certificate generated by Murmur to be
// replaced by a CA-signed certificate in the .ini file.
if (!qscCert.isNull() && issuer == QString::fromUtf8("Murmur Autogenerated Certificate v2") && ! Meta::mp.qscCert.isNull() && ! Meta::mp.qskKey.isNull() && (Meta::mp.qlBind == qlBind)) {
qscCert = Meta::mp.qscCert;
qskKey = Meta::mp.qskKey;
}
// If we still don't have a certificate by now, try to load the one from Meta
if (qscCert.isNull() || qskKey.isNull()) {
if (! key.isEmpty() || ! crt.isEmpty()) {
log("Certificate specified, but failed to load.");
}
qskKey = Meta::mp.qskKey;
qscCert = Meta::mp.qscCert;
// If loading from Meta doesn't work, build+sign a new one
if (qscCert.isNull() || qskKey.isNull()) {
log("Generating new server certificate.");
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
X509 *x509 = X509_new();
EVP_PKEY *pkey = EVP_PKEY_new();
RSA *rsa = RSA_generate_key(2048,RSA_F4,NULL,NULL);
EVP_PKEY_assign_RSA(pkey, rsa);
X509_set_version(x509, 2);
ASN1_INTEGER_set(X509_get_serialNumber(x509),1);
X509_gmtime_adj(X509_get_notBefore(x509),0);
X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365*20);
X509_set_pubkey(x509, pkey);
X509_NAME *name=X509_get_subject_name(x509);
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, reinterpret_cast<unsigned char *>(const_cast<char *>("Murmur Autogenerated Certificate v2")), -1, -1, 0);
X509_set_issuer_name(x509, name);
add_ext(x509, NID_basic_constraints, SSL_STRING("critical,CA:FALSE"));
add_ext(x509, NID_ext_key_usage, SSL_STRING("serverAuth,clientAuth"));
add_ext(x509, NID_subject_key_identifier, SSL_STRING("hash"));
add_ext(x509, NID_netscape_comment, SSL_STRING("Generated from murmur"));
X509_sign(x509, pkey, EVP_sha1());
crt.resize(i2d_X509(x509, NULL));
unsigned char *dptr=reinterpret_cast<unsigned char *>(crt.data());
i2d_X509(x509, &dptr);
qscCert = QSslCertificate(crt, QSsl::Der);
if (qscCert.isNull())
log("Certificate generation failed");
key.resize(i2d_PrivateKey(pkey, NULL));
dptr=reinterpret_cast<unsigned char *>(key.data());
i2d_PrivateKey(pkey, &dptr);
qskKey = QSslKey(key, QSsl::Rsa, QSsl::Der);
if (qskKey.isNull())
log("Key generation failed");
setConf("certificate", qscCert.toPem());
setConf("key", qskKey.toPem());
}
}
#if defined(USE_QSSLDIFFIEHELLMANPARAMETERS)
if (qsdhpDHParams.isEmpty()) {
log("Generating new server 2048-bit Diffie-Hellman parameters. This could take a while...");
DH *dh = DH_new();
if (dh == NULL) {
qFatal("DH_new failed: unable to generate Diffie-Hellman parameters for virtual server");
}
// Generate DH params.
// We register a status callback in order to update the UI
// for Murmur on Windows. We don't show the actual status,
// but we do it to keep Murmur on Windows responsive while
// generating the parameters.
BN_GENCB cb;
memset(&cb, 0, sizeof(BN_GENCB));
BN_GENCB_set(&cb, dh_progress, NULL);
if (DH_generate_parameters_ex(dh, 2048, 2, &cb) == 0) {
qFatal("DH_generate_parameters_ex failed: unable to generate Diffie-Hellman parameters for virtual server");
}
BIO *mem = BIO_new(BIO_s_mem());
if (PEM_write_bio_DHparams(mem, dh) == 0) {
qFatal("PEM_write_bio_DHparams failed: unable to write generated Diffie-Hellman parameters to memory");
}
char *pem = NULL;
long len = BIO_get_mem_data(mem, &pem);
if (len <= 0) {
qFatal("BIO_get_mem_data returned an empty or invalid buffer");
}
QByteArray pemdh(pem, len);
QSslDiffieHellmanParameters qdhp(pemdh);
if (!qdhp.isValid()) {
qFatal("QSslDiffieHellmanParameters: unable to import generated Diffie-HellmanParameters: %s", qdhp.errorString().toStdString().c_str());
}
qsdhpDHParams = qdhp;
setConf("sslDHParams", pemdh);
BIO_free(mem);
DH_free(dh);
}
#endif
// Drain OpenSSL's per-thread error queue
// to ensure that errors from the operations
// we've done in here do not leak out into
// Qt's SSL module.
//
// If an error leaks, it can break all connections
// to the server because each invocation of Qt's SSL
// read callback checks OpenSSL's per-thread error
// queue (albeit indirectly, via SSL_get_error()).
// Qt expects any errors returned from SSL_get_error()
// to be related to the QSslSocket it is currently
// processing -- which is the obvious thing to expect:
// SSL_get_error() takes a pointer to an SSL object
// and the return code of the failed operation.
// However, it is also documented as:
//
// "In addition to ssl and ret, SSL_get_error()
// inspects the current thread's OpenSSL error
// queue."
//
// So, if any OpenSSL operation on the main thread
// forgets to clear the error queue, those errors
// *will* leak into other things that *do* error
// checking. In our case, into Qt's SSL read callback,
// resulting in all clients being disconnected.
ERR_clear_error();
}
ATF_TC_BODY(isc_gost_private, tc) {
isc_result_t result;
unsigned char privraw[31] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
};
#ifdef HAVE_OPENSSL_GOST
unsigned char rbuf[32];
unsigned char privasn1[70] = {
0x30, 0x44, 0x02, 0x01, 0x00, 0x30, 0x1c, 0x06,
0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x13, 0x30,
0x12, 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02,
0x23, 0x01, 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02,
0x02, 0x1e, 0x01, 0x04, 0x21, 0x02, 0x1f, 0x01,
0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11,
0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
0x1a, 0x1b, 0x1c, 0x1d, 0x1e
};
unsigned char abuf[71];
unsigned char gost_dummy_key[71] = {
0x30, 0x45, 0x02, 0x01, 0x00, 0x30, 0x1c, 0x06,
0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x13, 0x30,
0x12, 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02,
0x23, 0x01, 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02,
0x02, 0x1e, 0x01, 0x04, 0x22, 0x02, 0x20, 0x1b,
0x3f, 0x94, 0xf7, 0x1a, 0x5f, 0x2f, 0xe7, 0xe5,
0x74, 0x0b, 0x8c, 0xd4, 0xb7, 0x18, 0xdd, 0x65,
0x68, 0x26, 0xd1, 0x54, 0xfb, 0x77, 0xba, 0x63,
0x72, 0xd9, 0xf0, 0x63, 0x87, 0xe0, 0xd6
};
EVP_PKEY *pkey;
EC_KEY *eckey;
BIGNUM *privkey;
const BIGNUM *privkey1;
const unsigned char *p;
int len;
unsigned char *q;
result = dns_test_begin(NULL, ISC_FALSE);
ATF_REQUIRE(result == ISC_R_SUCCESS);
/* raw parse */
privkey = BN_bin2bn(privraw, (int) sizeof(privraw), NULL);
ATF_REQUIRE(privkey != NULL);
p = gost_dummy_key;
pkey = NULL;
ATF_REQUIRE(d2i_PrivateKey(NID_id_GostR3410_2001, &pkey, &p,
(long) sizeof(gost_dummy_key)) != NULL);
ATF_REQUIRE(pkey != NULL);
ATF_REQUIRE(EVP_PKEY_bits(pkey) == 256);
eckey = EVP_PKEY_get0(pkey);
ATF_REQUIRE(eckey != NULL);
ATF_REQUIRE(EC_KEY_set_private_key(eckey, privkey) == 1);
BN_clear_free(privkey);
/* asn1 tofile */
len = i2d_PrivateKey(pkey, NULL);
ATF_REQUIRE(len == 70);
q = abuf;
ATF_REQUIRE(i2d_PrivateKey(pkey, &q) == len);
ATF_REQUIRE(memcmp(abuf, privasn1, len) == 0);
EVP_PKEY_free(pkey);
/* asn1 parse */
p = privasn1;
pkey = NULL;
ATF_REQUIRE(d2i_PrivateKey(NID_id_GostR3410_2001, &pkey, &p,
(long) len) != NULL);
ATF_REQUIRE(pkey != NULL);
eckey = EVP_PKEY_get0(pkey);
ATF_REQUIRE(eckey != NULL);
privkey1 = EC_KEY_get0_private_key(eckey);
len = BN_num_bytes(privkey1);
ATF_REQUIRE(len == 31);
ATF_REQUIRE(BN_bn2bin(privkey1, rbuf) == len);
ATF_REQUIRE(memcmp(rbuf, privraw, len) == 0);
dns_test_end();
#else
CK_BBOOL truevalue = TRUE;
CK_BBOOL falsevalue = FALSE;
CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
CK_KEY_TYPE keyType = CKK_GOSTR3410;
CK_ATTRIBUTE keyTemplate[] =
{
{ CKA_CLASS, &keyClass, (CK_ULONG) sizeof(keyClass) },
{ CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
{ CKA_TOKEN, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
{ CKA_PRIVATE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
{ CKA_SENSITIVE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
{ CKA_SIGN, &truevalue, (CK_ULONG) sizeof(truevalue) },
{ CKA_VALUE, privraw, sizeof(privraw) },
{ CKA_GOSTR3410_PARAMS, pk11_gost_a_paramset,
(CK_ULONG) sizeof(pk11_gost_a_paramset) },
{ CKA_GOSTR3411_PARAMS, pk11_gost_paramset,
(CK_ULONG) sizeof(pk11_gost_paramset) }
};
CK_MECHANISM mech = { CKM_GOSTR3410_WITH_GOSTR3411, NULL, 0 };
CK_BYTE sig[64];
CK_ULONG siglen;
pk11_context_t pk11_ctx;
result = dns_test_begin(NULL, ISC_FALSE);
ATF_REQUIRE(result == ISC_R_SUCCESS);
/* create the private key */
memset(&pk11_ctx, 0, sizeof(pk11_ctx));
ATF_REQUIRE(pk11_get_session(&pk11_ctx, OP_GOST, ISC_TRUE,
ISC_FALSE, ISC_FALSE, NULL,
pk11_get_best_token(OP_GOST)) ==
ISC_R_SUCCESS);
pk11_ctx.object = CK_INVALID_HANDLE;
pk11_ctx.ontoken = ISC_FALSE;
ATF_REQUIRE(pkcs_C_CreateObject(pk11_ctx.session, keyTemplate,
(CK_ULONG) 9, &pk11_ctx.object) ==
CKR_OK);
ATF_REQUIRE(pk11_ctx.object != CK_INVALID_HANDLE);
/* sign something */
ATF_REQUIRE(pkcs_C_SignInit(pk11_ctx.session, &mech,
pk11_ctx.object) == CKR_OK);
siglen = 0;
ATF_REQUIRE(pkcs_C_Sign(pk11_ctx.session, sig, 64,
NULL, &siglen) == CKR_OK);
ATF_REQUIRE(siglen == 64);
ATF_REQUIRE(pkcs_C_Sign(pk11_ctx.session, sig, 64,
sig, &siglen) == CKR_OK);
ATF_REQUIRE(siglen == 64);
dns_test_end();
#endif
};
