int ssls_register_ssl_key( DSSL_Session* sess,EVP_PKEY* pk )
{
struct in_addr server_ip = sess->last_packet->ip_header->ip_dst;
uint16_t server_port = ntohs(sess->last_packet->tcp_header->th_dport);
EVP_PKEY* dup_key = ssls_dup_PrivateRSA_ENV_PKEY( pk );
int rc = DSSL_RC_OK;
#if !defined(__APPLE__)
/* MacOS uses OpenSSL v 0.9.7 that doesn't have EVP_PKEY_cmp */
_ASSERT( EVP_PKEY_cmp(pk, dup_key) == 1);
#endif
rc = DSSL_EnvSetServerInfoWithKey(sess->env, &server_ip, server_port, dup_key);
if( rc == DSSL_RC_OK)
{
sess->flags |= SSF_TEST_SSL_KEY; /* set a flag to watch this key until it's proven to work */
sess->ssl_si = DSSL_EnvFindServerInfo( sess->env, server_ip, server_port);
_ASSERT(sess->ssl_si);
}
else
{
EVP_PKEY_free(dup_key);
dup_key = NULL;
}
return rc;
}
int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
{
EVP_PKEY *xk=NULL;
int ok=0;
xk=X509_REQ_get_pubkey(x);
switch (EVP_PKEY_cmp(xk, k))
{
case 1:
ok=1;
break;
case 0:
OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH);
break;
case -1:
OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH);
break;
case -2:
if (k->type == EVP_PKEY_EC)
{
OPENSSL_PUT_ERROR(X509, ERR_R_EC_LIB);
break;
}
if (k->type == EVP_PKEY_DH)
{
/* No idea */
OPENSSL_PUT_ERROR(X509, X509_R_CANT_CHECK_DH_KEY);
break;
}
OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE);
}
EVP_PKEY_free(xk);
return(ok);
}
TEST_F(KeymasterTest, ImportKeyPair_EC_Success) {
uint8_t* key_blob;
size_t key_blob_length;
ASSERT_EQ(0,
sDevice->import_keypair(sDevice, TEST_EC_KEY_1, sizeof(TEST_EC_KEY_1),
&key_blob, &key_blob_length))
<< "Should successfully import an EC key";
UniqueKey key(&sDevice, key_blob, key_blob_length);
uint8_t* x509_data;
size_t x509_data_length;
ASSERT_EQ(0,
sDevice->get_keypair_public(sDevice, key_blob, key_blob_length,
&x509_data, &x509_data_length))
<< "Should be able to retrieve EC public key successfully";
UniqueBlob x509_blob(x509_data, x509_data_length);
const unsigned char *tmp = static_cast<const unsigned char*>(x509_blob.get());
Unique_EVP_PKEY actual(d2i_PUBKEY((EVP_PKEY**) NULL, &tmp,
static_cast<long>(x509_blob.length())));
ASSERT_EQ(EVP_PKEY_type(actual.get()->type), EVP_PKEY_EC)
<< "Generated key type should be of type EC";
const unsigned char *expectedTmp = static_cast<const unsigned char*>(TEST_EC_KEY_1);
Unique_PKCS8_PRIV_KEY_INFO expectedPkcs8(
d2i_PKCS8_PRIV_KEY_INFO((PKCS8_PRIV_KEY_INFO**) NULL, &expectedTmp,
sizeof(TEST_EC_KEY_1)));
Unique_EVP_PKEY expected(EVP_PKCS82PKEY(expectedPkcs8.get()));
ASSERT_EQ(1, EVP_PKEY_cmp(expected.get(), actual.get()))
<< "Expected and actual keys should match";
}
int ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
const EVP_PKEY *privkey) {
if (EVP_PKEY_is_opaque(privkey)) {
/* We cannot check an opaque private key and have to trust that it
* matches. */
return 1;
}
int ret = 0;
switch (EVP_PKEY_cmp(pubkey, privkey)) {
case 1:
ret = 1;
break;
case 0:
OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH);
break;
case -1:
OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH);
break;
case -2:
OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE);
default:
assert(0);
break;
}
return ret;
}
TEST(SignTest, TestLoadValidPemKeys)
{
ScopedEVP_PKEY private_key(nullptr, EVP_PKEY_free);
ScopedEVP_PKEY public_key(nullptr, EVP_PKEY_free);
ScopedBIO bio_private_key_enc(BIO_new(BIO_s_mem()), BIO_free);
ASSERT_TRUE(!!bio_private_key_enc);
ScopedBIO bio_private_key_noenc(BIO_new(BIO_s_mem()), BIO_free);
ASSERT_TRUE(!!bio_private_key_noenc);
ScopedBIO bio_public_key(BIO_new(BIO_s_mem()), BIO_free);
ASSERT_TRUE(!!bio_public_key);
// Generate keys
ASSERT_TRUE(generate_keys(private_key, public_key));
// Write keys
ASSERT_TRUE(PEM_write_bio_PrivateKey(bio_private_key_enc.get(),
private_key.get(), EVP_des_ede3_cbc(),
nullptr, 0, nullptr,
const_cast<char *>("testing")));
ASSERT_TRUE(PEM_write_bio_PrivateKey(bio_private_key_noenc.get(),
private_key.get(), nullptr, nullptr, 0,
nullptr, nullptr));
ASSERT_TRUE(PEM_write_bio_PUBKEY(bio_public_key.get(), public_key.get()));
// Read back the keys
ScopedEVP_PKEY private_key_enc_read(mb::sign::load_private_key(
bio_private_key_enc.get(), mb::sign::KEY_FORMAT_PEM, "testing"),
EVP_PKEY_free);
ASSERT_TRUE(!!private_key_enc_read);
ScopedEVP_PKEY private_key_noenc_read(mb::sign::load_private_key(
bio_private_key_noenc.get(), mb::sign::KEY_FORMAT_PEM, nullptr),
EVP_PKEY_free);
ASSERT_TRUE(!!private_key_noenc_read);
ScopedEVP_PKEY public_key_read(mb::sign::load_public_key(
bio_public_key.get(), mb::sign::KEY_FORMAT_PEM, "testing"),
EVP_PKEY_free);
ASSERT_TRUE(!!public_key_read);
// Compare keys
ASSERT_EQ(EVP_PKEY_cmp(private_key.get(), private_key_enc_read.get()), 1);
ASSERT_EQ(EVP_PKEY_cmp(private_key.get(), private_key_noenc_read.get()), 1);
ASSERT_EQ(EVP_PKEY_cmp(public_key.get(), public_key_read.get()), 1);
}
extern int match_user_openssh(EVP_PKEY *authkey, const char *login)
{
char filename[PATH_MAX];
char line[OPENSSH_LINE_MAX];
struct passwd *pw;
int found;
FILE *file;
pw = getpwnam(login);
if (!pw || !pw->pw_dir)
return -1;
snprintf(filename, PATH_MAX, "%s/.ssh/authorized_keys", pw->pw_dir);
file = fopen(filename, "r");
if (!file)
return -1;
found = 0;
do {
EVP_PKEY *key = NULL;
char *cp;
if (!fgets(line, sizeof line, file))
break;
/* Skip leading whitespace, empty and comment lines. */
for (cp = line; *cp == ' ' || *cp == '\t'; cp++) {
}
if (!*cp || *cp == '\n' || *cp == '#') {
continue;
}
if (*cp >= '0' && *cp <= '9') {
/* ssh v1 key format */
key = ssh1_line_to_key(cp);
} else if (strncmp("ssh-rsa", cp, 7) == 0) {
/* ssh v2 rsa key format */
key = ssh2_line_to_key(cp);
} else if (strncmp("ecdsa-sha2-nistp", cp, 16) == 0) {
/* ssh nistp256/384/521 key */
key = ssh_nistp_line_to_key(cp);
}
if (key == NULL)
continue;
if (1 == EVP_PKEY_cmp(authkey, key)) {
found = 1;
}
EVP_PKEY_free(key);
} while (found == 0);
fclose(file);
return found;
}
static int verify_pubkey(X509* cert, const char *key, size_t key_size)
{
EVP_PKEY* cert_pubkey = NULL;
EVP_PKEY* orig_pubkey = NULL;
BIO* bio = NULL;
int ret = 0;
if (!key || key_size == 0)
return 0;
if (!cert) {
SPICE_DEBUG("warning: no cert!");
return 0;
}
cert_pubkey = X509_get_pubkey(cert);
if (!cert_pubkey) {
SPICE_DEBUG("warning: reading public key from certificate failed");
goto finish;
}
bio = BIO_new_mem_buf((void*)key, key_size);
if (!bio) {
SPICE_DEBUG("creating BIO failed");
goto finish;
}
orig_pubkey = d2i_PUBKEY_bio(bio, NULL);
if (!orig_pubkey) {
SPICE_DEBUG("reading pubkey from bio failed");
goto finish;
}
ret = EVP_PKEY_cmp(orig_pubkey, cert_pubkey);
if (ret == 1)
SPICE_DEBUG("public keys match");
else if (ret == 0)
SPICE_DEBUG("public keys mismatch");
else
SPICE_DEBUG("public keys types mismatch");
finish:
if (bio)
BIO_free(bio);
if (orig_pubkey)
EVP_PKEY_free(orig_pubkey);
if (cert_pubkey)
EVP_PKEY_free(cert_pubkey);
return ret;
}
bool pki_key::compare(pki_base *ref)
{
pki_key *kref = (pki_key *)ref;
if (kref->getKeyType() != getKeyType())
return false;
if (!kref || !kref->key || !key)
return false;
int r = EVP_PKEY_cmp(key, kref->key);
pki_openssl_error();
return r == 1;
}
EP_STAT
ep_crypto_key_compat(const EP_CRYPTO_KEY *pubkey, const EP_CRYPTO_KEY *seckey)
{
int istat = EVP_PKEY_cmp(pubkey, seckey);
int icheck;
// setting this param to false is mostly for debugging
if (ep_adm_getboolparam("libep.crypto.key.compat.strict", true))
icheck = 1; // check to see that key halves match
else
icheck = 0; // just check to see if they are the same type
if (istat >= icheck)
return EP_STAT_OK;
return EP_STAT_CRYPTO_KEYCOMPAT;
}
int ssls_register_ssl_key( DSSL_Session* sess,EVP_PKEY* pk )
{
struct ip_addr server_ip;
uint16_t server_port = ntohs(sess->last_packet->tcp_header->th_dport);
int rc = DSSL_RC_OK;
int bAddToCache = 1;
GET_IP_DST_ST(sess->last_packet->ip_header, &server_ip);
/* check if need to add the server to the cache */
if( sess->env->flags & DSSL_ENV_FORCE_TRY_SSL_KEYS )
{
/* only dup the key and add if the server is not already in the cache */
bAddToCache = (DSSL_EnvFindServerInfo(sess->env, &server_ip, server_port) == NULL);
}
if( bAddToCache )
{
EVP_PKEY* dup_key = ssls_dup_PrivateRSA_ENV_PKEY( pk );
#if !defined(__APPLE__)
/* MacOS uses OpenSSL v 0.9.7 that doesn't have EVP_PKEY_cmp */
_ASSERT( EVP_PKEY_cmp(pk, dup_key) == 1);
#endif
rc = DSSL_EnvSetServerInfoWithKey(sess->env, &server_ip, server_port, dup_key);
dup_key = NULL; /*DSSL_EnvSetServerInfoWithKey is now managing dup_key data */
}
if(rc == DSSL_RC_OK)
{
if(sess->env->flags & DSSL_ENV_FORCE_TRY_SSL_KEYS)
{
/* don't use the cached value if "force" flag is set
because it may be a wrong key due to load balancer
(multiple SSL servers at a single IP:port) */
sess->ssl_pkey = pk;
}
else
{
/* set a flag to watch this key until it's proven to work */
sess->flags |= SSF_TEST_SSL_KEY;
/* query the cached server info back and store in the session */
sess->ssl_si = DSSL_EnvFindServerInfo( sess->env, &server_ip, server_port);
_ASSERT(sess->ssl_si);
}
}
return rc;
}
static isc_boolean_t
opensslgost_compare(const dst_key_t *key1, const dst_key_t *key2) {
EVP_PKEY *pkey1, *pkey2;
pkey1 = key1->keydata.pkey;
pkey2 = key2->keydata.pkey;
if (pkey1 == NULL && pkey2 == NULL)
return (ISC_TRUE);
else if (pkey1 == NULL || pkey2 == NULL)
return (ISC_FALSE);
if (EVP_PKEY_cmp(pkey1, pkey2) != 1)
return (ISC_FALSE);
return (ISC_TRUE);
}
int CPK_PUBLIC_PARAMS_validate_private_key(CPK_PUBLIC_PARAMS *params,
const char *id, const EVP_PKEY *priv_key)
{
int ret = -3;
EVP_PKEY *pub_key = NULL;
if (!(pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY,
ERR_R_EVP_LIB);
goto err;
}
ret = EVP_PKEY_cmp(pub_key, priv_key);
err:
if (pub_key) EVP_PKEY_free(pub_key);
return ret;
}
int abac_id_privkey_from_chunk(abac_id_t *id, abac_chunk_t chunk) {
assert(id != NULL);
EVP_PKEY *key=abac_load_privkey_from_chunk(chunk.ptr, chunk.len);
if (key == NULL) return ABAC_FAILURE;
/* needs to make sure that the key matches up with the id */
/* extract the pub key from the id */
EVP_PKEY *pubkey=extract_pubkey_from_cert(id->cert);
/* cmp will just compare the pub key part of the key to see
if they are the same */
if(!EVP_PKEY_cmp(pubkey, key)) {
fprintf(stderr,"wrong private key for the cert!!\n");
return ABAC_FAILURE;
}
id->key = key;
return ABAC_SUCCESS;
}
static isc_boolean_t
opensslecdsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
isc_boolean_t ret;
int status;
EVP_PKEY *pkey1 = key1->keydata.pkey;
EVP_PKEY *pkey2 = key2->keydata.pkey;
EC_KEY *eckey1 = NULL;
EC_KEY *eckey2 = NULL;
const BIGNUM *priv1, *priv2;
if (pkey1 == NULL && pkey2 == NULL)
return (ISC_TRUE);
else if (pkey1 == NULL || pkey2 == NULL)
return (ISC_FALSE);
eckey1 = EVP_PKEY_get1_EC_KEY(pkey1);
eckey2 = EVP_PKEY_get1_EC_KEY(pkey2);
if (eckey1 == NULL && eckey2 == NULL) {
DST_RET (ISC_TRUE);
} else if (eckey1 == NULL || eckey2 == NULL)
DST_RET (ISC_FALSE);
status = EVP_PKEY_cmp(pkey1, pkey2);
if (status != 1)
DST_RET (ISC_FALSE);
priv1 = EC_KEY_get0_private_key(eckey1);
priv2 = EC_KEY_get0_private_key(eckey2);
if (priv1 != NULL || priv2 != NULL) {
if (priv1 == NULL || priv2 == NULL)
DST_RET (ISC_FALSE);
if (BN_cmp(priv1, priv2) != 0)
DST_RET (ISC_FALSE);
}
ret = ISC_TRUE;
err:
if (eckey1 != NULL)
EC_KEY_free(eckey1);
if (eckey2 != NULL)
EC_KEY_free(eckey2);
return (ret);
}
int
X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
{
EVP_PKEY *xk = NULL;
int ok = 0;
xk = X509_REQ_get_pubkey(x);
switch (EVP_PKEY_cmp(xk, k)) {
case 1:
ok = 1;
break;
case 0:
X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
X509_R_KEY_VALUES_MISMATCH);
break;
case -1:
X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
X509_R_KEY_TYPE_MISMATCH);
break;
case -2:
#ifndef OPENSSL_NO_EC
if (k->type == EVP_PKEY_EC) {
X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
ERR_R_EC_LIB);
break;
}
#endif
#ifndef OPENSSL_NO_DH
if (k->type == EVP_PKEY_DH) {
/* No idea */
X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
X509_R_CANT_CHECK_DH_KEY);
break;
}
#endif
X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
X509_R_UNKNOWN_KEY_TYPE);
}
EVP_PKEY_free(xk);
return (ok);
}
/**
* @retval 1 equal
* @retval 0 not equal
* @retval -1 error
*/
static int CompareCertToRSA(X509 *cert, RSA *rsa_key)
{
int ret;
int retval = -1; /* ERROR */
EVP_PKEY *cert_pkey = X509_get_pubkey(cert);
if (cert_pkey == NULL)
{
Log(LOG_LEVEL_ERR, "X509_get_pubkey: %s",
TLSErrorString(ERR_get_error()));
goto ret1;
}
if (EVP_PKEY_type(cert_pkey->type) != EVP_PKEY_RSA)
{
Log(LOG_LEVEL_ERR,
"Received key of unknown type, only RSA currently supported!");
goto ret2;
}
RSA *cert_rsa_key = EVP_PKEY_get1_RSA(cert_pkey);
if (cert_rsa_key == NULL)
{
Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_get1_RSA failed!");
goto ret2;
}
EVP_PKEY *rsa_pkey = EVP_PKEY_new();
if (rsa_pkey == NULL)
{
Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_new allocation failed!");
goto ret3;
}
ret = EVP_PKEY_set1_RSA(rsa_pkey, rsa_key);
if (ret == 0)
{
Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_set1_RSA failed!");
goto ret4;
}
ret = EVP_PKEY_cmp(cert_pkey, rsa_pkey);
if (ret == 1)
{
Log(LOG_LEVEL_DEBUG,
"Public key to certificate compare equal");
retval = 1; /* EQUAL */
}
else if (ret == 0 || ret == -1)
{
Log(LOG_LEVEL_DEBUG,
"Public key to certificate compare different");
retval = 0; /* NOT EQUAL */
}
else
{
Log(LOG_LEVEL_ERR, "OpenSSL EVP_PKEY_cmp: %d %s",
ret, TLSErrorString(ERR_get_error()));
}
ret4:
EVP_PKEY_free(rsa_pkey);
ret3:
RSA_free(cert_rsa_key);
ret2:
EVP_PKEY_free(cert_pkey);
ret1:
return retval;
}
ctx *
ctx_init(const char *tls, const char *enc, const char *dec)
{
const int ops = SSL_OP_NO_COMPRESSION | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
AUTO(EVP_PKEY, prv);
AUTO(FILE, file);
AUTO(ctx, ctx);
if (tls == NULL || enc == NULL || dec == NULL)
return NULL;
ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx == NULL)
return NULL;
memset(ctx, 0, sizeof(*ctx));
ctx->ctx = SSL_CTX_new(SSLv23_server_method());
if (ctx->ctx == NULL)
return NULL;
if (SSL_CTX_set_options(ctx->ctx, ops) <= 0)
return NULL;
if (SSL_CTX_use_certificate_chain_file(ctx->ctx, tls) <= 0)
return NULL;
prv = load_prv(tls);
if (prv == NULL)
return NULL;
if (SSL_CTX_use_PrivateKey(ctx->ctx, prv) <= 0)
return NULL;
file = fopen(enc, "r");
if (file == NULL)
return NULL;
ctx->crt = sk_X509_new_null();
if (ctx->crt == NULL)
return NULL;
if (!deo_load(file, ctx->crt))
return NULL;
ctx->dec = load_decryption_certs_keys(dec);
if (ctx->dec == NULL)
return NULL;
/* Check to ensure that the TLS connection key is not also listed
* in the decryption keys. This prevents an attack where, upon
* misconfiguration, this service could be used to decrypt its own
* traffic. */
for (int i = 0; i < sk_X509_INFO_num(ctx->dec); i++) {
X509_INFO *info = sk_X509_INFO_value(ctx->dec, i);
if (info->x_pkey == NULL)
continue;
if (EVP_PKEY_cmp(prv, info->x_pkey->dec_pkey) == 1) {
fprintf(stderr, "TLS private key is exposed!\n");
return NULL;
}
}
return STEAL(ctx);
}
int
ca_validate_pubkey(struct iked *env, struct iked_static_id *id,
void *data, size_t len)
{
BIO *rawcert = NULL;
RSA *peerrsa = NULL, *localrsa = NULL;
EVP_PKEY *peerkey = NULL, *localkey = NULL;
int ret = -1;
FILE *fp = NULL;
char idstr[IKED_ID_SIZE];
char file[PATH_MAX];
struct iked_id idp;
if (len == 0 && data == NULL)
return (-1);
switch (id->id_type) {
case IKEV2_ID_IPV4:
case IKEV2_ID_FQDN:
case IKEV2_ID_UFQDN:
case IKEV2_ID_IPV6:
break;
default:
/* Some types like ASN1_DN will not be mapped to file names */
return (-1);
}
bzero(&idp, sizeof(idp));
if ((idp.id_buf = ibuf_new(id->id_data, id->id_length)) == NULL)
goto done;
idp.id_type = id->id_type;
idp.id_offset = id->id_offset;
if (ikev2_print_id(&idp, idstr, sizeof(idstr)) == -1)
goto done;
if (len == 0) {
/* Data is already an public key */
peerkey = (EVP_PKEY *)data;
} else {
if ((rawcert = BIO_new_mem_buf(data, len)) == NULL)
goto done;
if ((peerrsa = d2i_RSAPublicKey_bio(rawcert, NULL)) == NULL)
goto sslerr;
if ((peerkey = EVP_PKEY_new()) == NULL)
goto sslerr;
if (!EVP_PKEY_set1_RSA(peerkey, peerrsa))
goto sslerr;
}
lc_string(idstr);
if (strlcpy(file, IKED_PUBKEY_DIR, sizeof(file)) >= sizeof(file) ||
strlcat(file, idstr, sizeof(file)) >= sizeof(file))
goto done;
if ((fp = fopen(file, "r")) == NULL)
goto done;
localkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL);
if (localkey == NULL) {
/* reading PKCS #8 failed, try PEM */
rewind(fp);
localrsa = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL);
fclose(fp);
if (localrsa == NULL)
goto sslerr;
if ((localkey = EVP_PKEY_new()) == NULL)
goto sslerr;
if (!EVP_PKEY_set1_RSA(localkey, localrsa))
goto sslerr;
} else {
fclose(fp);
}
if (localkey == NULL)
goto sslerr;
if (!EVP_PKEY_cmp(peerkey, localkey))
goto done;
log_debug("%s: valid public key in file %s", __func__, file);
ret = 0;
sslerr:
if (ret != 0)
ca_sslerror(__func__);
done:
ibuf_release(idp.id_buf);
if (peerkey != NULL)
EVP_PKEY_free(peerkey);
if (localkey != NULL)
EVP_PKEY_free(localkey);
if (peerrsa != NULL)
RSA_free(peerrsa);
if (localrsa != NULL)
RSA_free(localrsa);
if (rawcert != NULL)
BIO_free(rawcert);
return (ret);
}