/*
* Build an EVP_PKEY object
*/
static EVP_PKEY *pkcs11_get_evp_key_rsa(PKCS11_KEY *key)
{
EVP_PKEY *pk;
RSA *rsa;
rsa = pkcs11_get_rsa(key);
if (rsa == NULL)
return NULL;
pk = EVP_PKEY_new();
if (pk == NULL) {
RSA_free(rsa);
return NULL;
}
EVP_PKEY_set1_RSA(pk, rsa); /* Also increments the rsa ref count */
if (key->isPrivate)
RSA_set_method(rsa, PKCS11_get_rsa_method());
/* TODO: Retrieve the RSA private key object attributes instead,
* unless the key has the "sensitive" attribute set */
#if OPENSSL_VERSION_NUMBER < 0x01010000L
/* RSA_FLAG_SIGN_VER is no longer needed since OpenSSL 1.1 */
rsa->flags |= RSA_FLAG_SIGN_VER;
#endif
RSA_set_ex_data(rsa, rsa_ex_index, key);
RSA_free(rsa); /* Drops our reference to it */
return pk;
}
static EVP_PKEY *create_pkey(neverbleed_t *nb, size_t key_index, const char *ebuf, const char *nbuf)
{
struct st_neverbleed_rsa_exdata_t *exdata;
RSA *rsa;
EVP_PKEY *pkey;
if ((exdata = malloc(sizeof(*exdata))) == NULL) {
fprintf(stderr, "no memory\n");
abort();
}
exdata->nb = nb;
exdata->key_index = key_index;
rsa = RSA_new_method(nb->engine);
RSA_set_ex_data(rsa, 0, exdata);
if (BN_hex2bn(&rsa->e, ebuf) == 0) {
fprintf(stderr, "failed to parse e:%s\n", ebuf);
abort();
}
if (BN_hex2bn(&rsa->n, nbuf) == 0) {
fprintf(stderr, "failed to parse n:%s\n", nbuf);
abort();
}
rsa->flags |= RSA_FLAG_EXT_PKEY;
pkey = EVP_PKEY_new();
EVP_PKEY_set1_RSA(pkey, rsa);
RSA_free(rsa);
return pkey;
}
int
ssl_load_pkey(const void *data, size_t datalen, char *buf, off_t len,
X509 **x509ptr, EVP_PKEY **pkeyptr)
{
BIO *in;
X509 *x509 = NULL;
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
void *exdata = NULL;
if ((in = BIO_new_mem_buf(buf, len)) == NULL) {
SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_BUF_LIB);
return (0);
}
if ((x509 = PEM_read_bio_X509(in, NULL,
ssl_password_cb, NULL)) == NULL) {
SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PEM_LIB);
goto fail;
}
if ((pkey = X509_get_pubkey(x509)) == NULL) {
SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_X509_LIB);
goto fail;
}
BIO_free(in);
in = NULL;
if (data != NULL && datalen) {
if ((rsa = EVP_PKEY_get1_RSA(pkey)) == NULL ||
(exdata = malloc(datalen)) == NULL) {
SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_EVP_LIB);
goto fail;
}
memcpy(exdata, data, datalen);
RSA_set_ex_data(rsa, 0, exdata);
RSA_free(rsa); /* dereference, will be cleaned up with pkey */
}
*x509ptr = x509;
*pkeyptr = pkey;
return (1);
fail:
if (rsa != NULL)
RSA_free(rsa);
if (in != NULL)
BIO_free(in);
if (pkey != NULL)
EVP_PKEY_free(pkey);
if (x509 != NULL)
X509_free(x509);
free(exdata);
return (0);
}
static int capi_rsa_free(RSA *rsa)
{
CAPI_KEY *capi_key;
capi_key = RSA_get_ex_data(rsa, rsa_capi_idx);
capi_free_key(capi_key);
RSA_set_ex_data(rsa, rsa_capi_idx, 0);
return 1;
}
static E_GMP_RSA_CTX *e_gmp_get_rsa(RSA *rsa)
{
E_GMP_RSA_CTX *hptr = RSA_get_ex_data(rsa, hndidx_rsa);
if (hptr)
return hptr;
hptr = OPENSSL_malloc(sizeof(*hptr));
if (!hptr)
return NULL;
/*
* These inits could probably be replaced by more intelligent mpz_init2()
* versions, to reduce malloc-thrashing.
*/
mpz_init(hptr->n);
mpz_init(hptr->d);
mpz_init(hptr->e);
mpz_init(hptr->p);
mpz_init(hptr->q);
mpz_init(hptr->dmp1);
mpz_init(hptr->dmq1);
mpz_init(hptr->iqmp);
mpz_init(hptr->r0);
mpz_init(hptr->r1);
mpz_init(hptr->I0);
mpz_init(hptr->m1);
if (!bn2gmp(rsa->n, hptr->n) || !bn2gmp(rsa->e, hptr->e))
goto err;
if (!rsa->p || !rsa->q || !rsa->d || !rsa->dmp1 || !rsa->dmq1
|| !rsa->iqmp) {
hptr->public_only = 1;
return hptr;
}
if (!bn2gmp(rsa->d, hptr->d) || !bn2gmp(rsa->p, hptr->p) ||
!bn2gmp(rsa->q, hptr->q) || !bn2gmp(rsa->dmp1, hptr->dmp1) ||
!bn2gmp(rsa->dmq1, hptr->dmq1) || !bn2gmp(rsa->iqmp, hptr->iqmp))
goto err;
hptr->public_only = 0;
RSA_set_ex_data(rsa, hndidx_rsa, hptr);
return hptr;
err:
mpz_clear(hptr->n);
mpz_clear(hptr->d);
mpz_clear(hptr->e);
mpz_clear(hptr->p);
mpz_clear(hptr->q);
mpz_clear(hptr->dmp1);
mpz_clear(hptr->dmq1);
mpz_clear(hptr->iqmp);
mpz_clear(hptr->r0);
mpz_clear(hptr->r1);
mpz_clear(hptr->I0);
mpz_clear(hptr->m1);
OPENSSL_free(hptr);
return NULL;
}
static
PKCS11H_BOOL
__pkcs11h_openssl_session_setRSA(
IN const pkcs11h_openssl_session_t openssl_session,
IN EVP_PKEY * evp
) {
PKCS11H_BOOL ret = FALSE;
RSA *rsa = NULL;
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: __pkcs11h_openssl_session_setRSA - entered openssl_session=%p, evp=%p",
(void *)openssl_session,
(void *)evp
);
if (
(rsa = EVP_PKEY_get1_RSA (evp)) == NULL
) {
_PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: Cannot get RSA key");
goto cleanup;
}
RSA_set_method (rsa, __openssl_methods.rsa);
RSA_set_ex_data (rsa, __openssl_methods.rsa_index, openssl_session);
#if OPENSSL_VERSION_NUMBER < 0x10100001L
rsa->flags |= RSA_FLAG_SIGN_VER;
#endif
#ifdef BROKEN_OPENSSL_ENGINE
if (!rsa->engine) {
rsa->engine = ENGINE_get_default_RSA ();
}
ENGINE_set_RSA(ENGINE_get_default_RSA (), &openssl_session->rsa);
_PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: OpenSSL engine support is broken! Workaround enabled");
#endif
ret = TRUE;
cleanup:
if (rsa != NULL) {
RSA_free (rsa);
rsa = NULL;
}
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: __pkcs11h_openssl_session_setRSA - return ret=%d",
ret
);
return ret;
}
static int hwcrhk_rsa_finish(RSA *rsa)
{
HWCryptoHook_RSAKeyHandle *hptr;
hptr = RSA_get_ex_data(rsa, hndidx_rsa);
if (hptr) {
p_hwcrhk_RSAUnloadKey(*hptr, NULL);
OPENSSL_free(hptr);
RSA_set_ex_data(rsa, hndidx_rsa, NULL);
}
return 1;
}
static EVP_PKEY* keystore_loadkey(ENGINE* e, const char* key_id, UI_METHOD *ui_method,
void *callback_data) {
ALOGV("keystore_loadkey(%p, \"%s\", %p, %p)", e, key_id, ui_method, callback_data);
Keystore_Reply reply;
if (keystore_cmd(CommandCodes[GET_PUBKEY], &reply, 1, strlen(key_id), key_id) != NO_ERROR) {
ALOGV("Cannot get public key for %s", key_id);
return NULL;
}
const unsigned char* tmp = reinterpret_cast<const unsigned char*>(reply.get());
Unique_EVP_PKEY pkey(d2i_PUBKEY(NULL, &tmp, reply.length()));
if (pkey.get() == NULL) {
ALOGW("Cannot convert pubkey");
return NULL;
}
switch (EVP_PKEY_type(pkey->type)) {
case EVP_PKEY_RSA: {
Unique_RSA rsa(EVP_PKEY_get1_RSA(pkey.get()));
if (!RSA_set_ex_data(rsa.get(), rsa_key_handle, reinterpret_cast<void*>(strdup(key_id)))) {
ALOGW("Could not set ex_data for loaded RSA key");
return NULL;
}
RSA_set_method(rsa.get(), &keystore_rsa_meth);
RSA_blinding_off(rsa.get());
/*
* This should probably be an OpenSSL API, but EVP_PKEY_free calls
* ENGINE_finish(), so we need to call ENGINE_init() here.
*/
ENGINE_init(e);
rsa->engine = e;
rsa->flags |= RSA_FLAG_EXT_PKEY;
break;
}
default:
ALOGE("Unsupported key type %d", EVP_PKEY_type(pkey->type));
return NULL;
}
return pkey.release();
}
static int e_gmp_rsa_finish(RSA *rsa)
{
E_GMP_RSA_CTX *hptr = RSA_get_ex_data(rsa, hndidx_rsa);
if(!hptr) return 0;
mpz_clear(hptr->n);
mpz_clear(hptr->d);
mpz_clear(hptr->e);
mpz_clear(hptr->p);
mpz_clear(hptr->q);
mpz_clear(hptr->dmp1);
mpz_clear(hptr->dmq1);
mpz_clear(hptr->iqmp);
mpz_clear(hptr->r0);
mpz_clear(hptr->r1);
mpz_clear(hptr->I0);
mpz_clear(hptr->m1);
OPENSSL_free(hptr);
RSA_set_ex_data(rsa, hndidx_rsa, NULL);
return 1;
}
static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key)
{
unsigned char *pubkey = NULL;
DWORD len;
BLOBHEADER *bh;
RSA *rkey = NULL;
DSA *dkey = NULL;
EVP_PKEY *ret = NULL;
if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, NULL, &len))
{
CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR);
capi_addlasterror();
return NULL;
}
pubkey = OPENSSL_malloc(len);
if (!pubkey)
goto memerr;
if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, pubkey, &len))
{
CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_PUBKEY_EXPORT_ERROR);
capi_addlasterror();
goto err;
}
bh = (BLOBHEADER *)pubkey;
if (bh->bType != PUBLICKEYBLOB)
{
CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_INVALID_PUBLIC_KEY_BLOB);
goto err;
}
if (bh->aiKeyAlg == CALG_RSA_SIGN || bh->aiKeyAlg == CALG_RSA_KEYX)
{
RSAPUBKEY *rp;
DWORD rsa_modlen;
unsigned char *rsa_modulus;
rp = (RSAPUBKEY *)(bh + 1);
if (rp->magic != 0x31415352)
{
char magstr[10];
BIO_snprintf(magstr, 10, "%lx", rp->magic);
CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER);
ERR_add_error_data(2, "magic=0x", magstr);
goto err;
}
rsa_modulus = (unsigned char *)(rp + 1);
rkey = RSA_new_method(eng);
if (!rkey)
goto memerr;
rkey->e = BN_new();
rkey->n = BN_new();
if (!rkey->e || !rkey->n)
goto memerr;
if (!BN_set_word(rkey->e, rp->pubexp))
goto memerr;
rsa_modlen = rp->bitlen / 8;
if (!lend_tobn(rkey->n, rsa_modulus, rsa_modlen))
goto memerr;
RSA_set_ex_data(rkey, rsa_capi_idx, key);
if (!(ret = EVP_PKEY_new()))
goto memerr;
EVP_PKEY_assign_RSA(ret, rkey);
rkey = NULL;
}
else if (bh->aiKeyAlg == CALG_DSS_SIGN)
{
DSSPUBKEY *dp;
DWORD dsa_plen;
unsigned char *btmp;
dp = (DSSPUBKEY *)(bh + 1);
if (dp->magic != 0x31535344)
{
char magstr[10];
BIO_snprintf(magstr, 10, "%lx", dp->magic);
CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER);
ERR_add_error_data(2, "magic=0x", magstr);
goto err;
}
dsa_plen = dp->bitlen / 8;
btmp = (unsigned char *)(dp + 1);
dkey = DSA_new_method(eng);
if (!dkey)
goto memerr;
dkey->p = BN_new();
dkey->q = BN_new();
dkey->g = BN_new();
dkey->pub_key = BN_new();
if (!dkey->p || !dkey->q || !dkey->g || !dkey->pub_key)
goto memerr;
if (!lend_tobn(dkey->p, btmp, dsa_plen))
goto memerr;
btmp += dsa_plen;
if (!lend_tobn(dkey->q, btmp, 20))
goto memerr;
btmp += 20;
if (!lend_tobn(dkey->g, btmp, dsa_plen))
goto memerr;
btmp += dsa_plen;
if (!lend_tobn(dkey->pub_key, btmp, dsa_plen))
goto memerr;
btmp += dsa_plen;
DSA_set_ex_data(dkey, dsa_capi_idx, key);
if (!(ret = EVP_PKEY_new()))
goto memerr;
EVP_PKEY_assign_DSA(ret, dkey);
dkey = NULL;
}
else
{
char algstr[10];
BIO_snprintf(algstr, 10, "%lx", bh->aiKeyAlg);
CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM);
ERR_add_error_data(2, "aiKeyAlg=0x", algstr);
goto err;
}
err:
if (pubkey)
OPENSSL_free(pubkey);
if (!ret)
{
if (rkey)
RSA_free(rkey);
if (dkey)
DSA_free(dkey);
}
return ret;
memerr:
CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,unsigned long el,char keytype)
{
EVP_PKEY *res = NULL;
#ifndef OPENSSL_NO_RSA
RSA *rsatmp = NULL;
#endif
#ifndef OPENSSL_NO_DSA
DSA *dsatmp=NULL;
#endif
char msg[64]="sureware_load_public";
int ret=0;
if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey)
{
SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_NOT_INITIALISED);
goto err;
}
switch (keytype)
{
#ifndef OPENSSL_NO_RSA
case 1: /*RSA*/
/* set private external reference */
rsatmp = RSA_new_method(e);
RSA_set_ex_data(rsatmp,rsaHndidx,hptr);
rsatmp->flags |= RSA_FLAG_EXT_PKEY;
/* set public big nums*/
rsatmp->e = BN_new();
rsatmp->n = BN_new();
bn_expand2(rsatmp->e, el/sizeof(BN_ULONG));
bn_expand2(rsatmp->n, el/sizeof(BN_ULONG));
if (!rsatmp->e || rsatmp->e->dmax!=(int)(el/sizeof(BN_ULONG))||
!rsatmp->n || rsatmp->n->dmax!=(int)(el/sizeof(BN_ULONG)))
goto err;
ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el,
(unsigned long *)rsatmp->n->d,
(unsigned long *)rsatmp->e->d);
surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
if (ret!=1)
{
SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
goto err;
}
/* normalise pub e and pub n */
rsatmp->e->top=el/sizeof(BN_ULONG);
bn_fix_top(rsatmp->e);
rsatmp->n->top=el/sizeof(BN_ULONG);
bn_fix_top(rsatmp->n);
/* create an EVP object: engine + rsa key */
res = EVP_PKEY_new();
EVP_PKEY_assign_RSA(res, rsatmp);
break;
#endif
#ifndef OPENSSL_NO_DSA
case 2:/*DSA*/
/* set private/public external reference */
dsatmp = DSA_new_method(e);
DSA_set_ex_data(dsatmp,dsaHndidx,hptr);
/*dsatmp->flags |= DSA_FLAG_EXT_PKEY;*/
/* set public key*/
dsatmp->pub_key = BN_new();
dsatmp->p = BN_new();
dsatmp->q = BN_new();
dsatmp->g = BN_new();
bn_expand2(dsatmp->pub_key, el/sizeof(BN_ULONG));
bn_expand2(dsatmp->p, el/sizeof(BN_ULONG));
bn_expand2(dsatmp->q, 20/sizeof(BN_ULONG));
bn_expand2(dsatmp->g, el/sizeof(BN_ULONG));
if (!dsatmp->pub_key || dsatmp->pub_key->dmax!=(int)(el/sizeof(BN_ULONG))||
!dsatmp->p || dsatmp->p->dmax!=(int)(el/sizeof(BN_ULONG)) ||
!dsatmp->q || dsatmp->q->dmax!=20/sizeof(BN_ULONG) ||
!dsatmp->g || dsatmp->g->dmax!=(int)(el/sizeof(BN_ULONG)))
goto err;
ret=p_surewarehk_Load_Dsa_Pubkey(msg,key_id,el,
(unsigned long *)dsatmp->pub_key->d,
(unsigned long *)dsatmp->p->d,
(unsigned long *)dsatmp->q->d,
(unsigned long *)dsatmp->g->d);
surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
if (ret!=1)
{
SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
goto err;
}
/* set parameters */
/* normalise pubkey and parameters in case of */
dsatmp->pub_key->top=el/sizeof(BN_ULONG);
bn_fix_top(dsatmp->pub_key);
dsatmp->p->top=el/sizeof(BN_ULONG);
bn_fix_top(dsatmp->p);
dsatmp->q->top=20/sizeof(BN_ULONG);
bn_fix_top(dsatmp->q);
dsatmp->g->top=el/sizeof(BN_ULONG);
bn_fix_top(dsatmp->g);
/* create an EVP object: engine + rsa key */
res = EVP_PKEY_new();
EVP_PKEY_assign_DSA(res, dsatmp);
break;
#endif
default:
SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
goto err;
}
return res;
err:
#ifndef OPENSSL_NO_RSA
if (rsatmp)
RSA_free(rsatmp);
#endif
#ifndef OPENSSL_NO_DSA
if (dsatmp)
DSA_free(dsatmp);
#endif
return NULL;
}
static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *e, const char *key_id,
UI_METHOD *ui_method,
void *callback_data)
{
RSA *rtmp = NULL;
EVP_PKEY *res = NULL;
unsigned char *keyToken = NULL;
long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
long returnCode;
long reasonCode;
long exitDataLength = 0;
long ruleArrayLength = 0;
unsigned char exitData[8];
unsigned char ruleArray[8];
unsigned char keyLabel[64];
unsigned long keyLabelLength = strlen(key_id);
unsigned char modulus[512];
long modulusFieldLength = sizeof(modulus);
long modulusLength = 0;
unsigned char exponent[512];
long exponentLength = sizeof(exponent);
if (keyLabelLength > sizeof(keyLabel)) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
return NULL;
}
memset(keyLabel, ' ', sizeof(keyLabel));
memcpy(keyLabel, key_id, keyLabelLength);
keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
if (!keyToken) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData,
&ruleArrayLength, ruleArray, keyLabel, &keyTokenLength,
keyToken + sizeof(long));
if (returnCode) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!getModulusAndExponent(keyToken + sizeof(long), &exponentLength,
exponent, &modulusLength, &modulusFieldLength,
modulus)) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
goto err;
}
(*(long *)keyToken) = keyTokenLength;
rtmp = RSA_new_method(e);
RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
rtmp->flags |= RSA_FLAG_EXT_PKEY;
res = EVP_PKEY_new();
EVP_PKEY_assign_RSA(res, rtmp);
return res;
err:
if (keyToken)
OPENSSL_free(keyToken);
return NULL;
}
static int pkcs11_rsa_free_method(RSA *rsa)
{
RSA_set_ex_data(rsa, rsa_ex_index, NULL);
return 1;
}
static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
UI_METHOD *ui_method, void *callback_data)
{
#ifndef OPENSSL_NO_RSA
RSA *rtmp = NULL;
#endif
EVP_PKEY *res = NULL;
#ifndef OPENSSL_NO_RSA
HWCryptoHook_MPI e, n;
HWCryptoHook_RSAKeyHandle *hptr;
#endif
#if !defined(OPENSSL_NO_RSA)
char tempbuf[1024];
HWCryptoHook_ErrMsgBuf rmsg;
HWCryptoHook_PassphraseContext ppctx;
#endif
#if !defined(OPENSSL_NO_RSA)
rmsg.buf = tempbuf;
rmsg.size = sizeof(tempbuf);
#endif
if(!hwcrhk_context)
{
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
HWCRHK_R_NOT_INITIALISED);
goto err;
}
#ifndef OPENSSL_NO_RSA
hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
if (!hptr)
{
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
ppctx.ui_method = ui_method;
ppctx.callback_data = callback_data;
if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr,
&rmsg, &ppctx))
{
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
HWCRHK_R_CHIL_ERROR);
ERR_add_error_data(1,rmsg.buf);
goto err;
}
if (!*hptr)
{
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
HWCRHK_R_NO_KEY);
goto err;
}
#endif
#ifndef OPENSSL_NO_RSA
rtmp = RSA_new_method(eng);
RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
rtmp->e = BN_new();
rtmp->n = BN_new();
rtmp->flags |= RSA_FLAG_EXT_PKEY;
MPI2BN(rtmp->e, e);
MPI2BN(rtmp->n, n);
if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
!= HWCRYPTOHOOK_ERROR_MPISIZE)
{
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,HWCRHK_R_CHIL_ERROR);
ERR_add_error_data(1,rmsg.buf);
goto err;
}
bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG));
bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG));
MPI2BN(rtmp->e, e);
MPI2BN(rtmp->n, n);
if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg))
{
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
HWCRHK_R_CHIL_ERROR);
ERR_add_error_data(1,rmsg.buf);
goto err;
}
rtmp->e->top = e.size / sizeof(BN_ULONG);
bn_fix_top(rtmp->e);
rtmp->n->top = n.size / sizeof(BN_ULONG);
bn_fix_top(rtmp->n);
res = EVP_PKEY_new();
EVP_PKEY_assign_RSA(res, rtmp);
#endif
if (!res)
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
return res;
err:
#ifndef OPENSSL_NO_RSA
if (rtmp)
RSA_free(rtmp);
#endif
return NULL;
}
PKI_RSA_KEY * _pki_pkcs11_rsakey_new( PKI_KEYPARAMS *kp, URL *url,
PKCS11_HANDLER *lib, void *driver) {
PKI_RSA_KEY *ret = NULL;
CK_OBJECT_HANDLE *handler_pubkey = NULL;
CK_OBJECT_HANDLE *handler_privkey = NULL;
CK_ATTRIBUTE privTemp[32];
CK_ATTRIBUTE pubTemp[32];
CK_RV rv;
CK_MECHANISM * RSA_MECH_PTR = NULL;
CK_ULONG i = 0;
CK_ULONG n = 0;
CK_ULONG bits = 0;
size_t label_len = 0;
unsigned char *data = NULL;
CK_BYTE *esp = NULL;
CK_ULONG size = 0;
BIGNUM *bn = NULL;
BIGNUM *id_num = NULL;
char *id = NULL;
int id_len = 8;
int idx = 0;
if ( !url || !url->addr ) {
PKI_ERROR(PKI_ERR_PARAM_NULL, NULL);
return ( NULL );
}
label_len = strlen( url->addr );
/* Check the min size for the key */
if ( kp ) {
if( kp->bits < PKI_RSA_KEY_MIN_SIZE ) {
PKI_ERROR(PKI_ERR_X509_KEYPAIR_SIZE_SHORT, NULL);
} else {
bits = (CK_ULONG) kp->bits;
}
} else {
bits = PKI_RSA_KEY_DEFAULT_SIZE;
}
// Look for a supported key generation mechanism
for (idx = 0; idx < RSA_MECH_LIST_SIZE; idx++) {
// Checks if the mechanism is supported
if (HSM_PKCS11_check_mechanism(lib,
RSA_MECH_LIST[idx].mechanism) == PKI_OK) {
// Set the pointer to the supported mechanism
RSA_MECH_PTR = &RSA_MECH_LIST[idx];
// Debugging Information
PKI_DEBUG("Found RSA KEY GEN MECHANISM 0x%8.8X",
RSA_MECH_LIST[idx].mechanism);
// Breaks out of the loop
break;
} else {
// Let's provide debug information for not-supported mechs
PKI_DEBUG("RSA KEY GEN MECHANISM 0x%8.8X not supported",
RSA_MECH_LIST[idx].mechanism);
}
}
// If no key gen algors are supported, abort
if (RSA_MECH_PTR == NULL) {
PKI_ERROR(PKI_ERR_HSM_KEYPAIR_GENERATE, "No KeyGen Mechanisms supported!");
return NULL;
}
PKI_DEBUG("BITS FOR KEY GENERATION %lu (def: %lu)", bits, PKI_RSA_KEY_DEFAULT_SIZE);
if (kp && kp->rsa.exponent > 3) {
// TO be Implemented
} else {
if( BN_hex2bn(&bn, "10001") == 0 ) {
PKI_log_debug("ERROR, can not convert 10001 to BIGNUM");
return ( NULL );
}
}
if( url->path != NULL ) {
if((BN_hex2bn(&id_num, url->path )) == 0 ) {
PKI_log_debug("ERROR, can not convert %s to BIGNUM",
url->path );
return ( NULL );
}
if((id_len = BN_num_bytes(id_num)) < 0 ) {
if ( bn ) BN_free ( bn );
if ( id_num ) BN_free ( id_num );
return ( NULL );
}
id = PKI_Malloc ( (size_t ) id_len );
BN_bn2bin( id_num, (unsigned char *) id );
} else {
id_len = 10;
if((id = PKI_Malloc ( (size_t) id_len )) == NULL ) {
if ( bn ) BN_free ( bn );
return ( NULL );
}
if( RAND_bytes( (unsigned char *) id, id_len) == 0 ) {
PKI_ERROR(PKI_ERR_X509_KEYPAIR_GENERATION, "Can not generate RAND bytes");
if( bn ) BN_free ( bn );
return ( NULL );
}
}
PKI_DEBUG("Setting the Bits to %lu", bits);
/* Setting Attributes for the public Key Template */
n = 0;
//HSM_PKCS11_set_attr_int( CKA_CLASS, CKO_PUBLIC_KEY, &pubTemp[n++]);
//HSM_PKCS11_set_attr_int( CKA_KEY_TYPE, CKK_RSA, &pubTemp[n++]);
HSM_PKCS11_set_attr_int( CKA_MODULUS_BITS, bits, &pubTemp[n++]);
HSM_PKCS11_set_attr_bool( CKA_TOKEN, CK_TRUE, &pubTemp[n++]);
HSM_PKCS11_set_attr_bool( CKA_ENCRYPT, CK_TRUE, &pubTemp[n++]);
HSM_PKCS11_set_attr_bool( CKA_VERIFY, CK_TRUE, &pubTemp[n++]);
HSM_PKCS11_set_attr_bool( CKA_WRAP, CK_TRUE, &pubTemp[n++]);
HSM_PKCS11_set_attr_bn(CKA_PUBLIC_EXPONENT, bn, &pubTemp[n++]);
HSM_PKCS11_set_attr_sn(CKA_LABEL, url->addr, label_len, &pubTemp[n++]);
HSM_PKCS11_set_attr_sn(CKA_ID, id, (size_t) id_len, &pubTemp[n++]);
/* Setting Attributes for the private Key Template */
i = 0;
//HSM_PKCS11_set_attr_int( CKA_CLASS, CKO_PRIVATE_KEY, &privTemp[i++]);
//HSM_PKCS11_set_attr_int( CKA_KEY_TYPE, CKK_RSA, &privTemp[i++]);
//HSM_PKCS11_set_attr_int( CKA_MODULUS_BITS, bits, &privTemp[i++]);
HSM_PKCS11_set_attr_bool( CKA_TOKEN, CK_TRUE, &privTemp[i++]);
HSM_PKCS11_set_attr_bool( CKA_PRIVATE, CK_TRUE, &privTemp[i++]);
HSM_PKCS11_set_attr_bool( CKA_SENSITIVE, CK_TRUE, &privTemp[i++]);
HSM_PKCS11_set_attr_bool( CKA_DECRYPT, CK_TRUE, &privTemp[i++]);
HSM_PKCS11_set_attr_bool( CKA_SIGN, CK_TRUE, &privTemp[i++]);
// HSM_PKCS11_set_attr_bool( CKA_NEVER_EXTRACTABLE, CK_TRUE,
// &privTemp[i++]);
// HSM_PKCS11_set_attr_bool( CKA_EXTRACTABLE, CK_FALSE, &privTemp[i++]);
HSM_PKCS11_set_attr_bool( CKA_UNWRAP, CK_TRUE, &privTemp[i++]);
// HSM_PKCS11_set_attr_bn(CKA_PUBLIC_EXPONENT, bn, &privTemp[i++]);
HSM_PKCS11_set_attr_sn(CKA_LABEL, url->addr, label_len, &privTemp[i++]);
HSM_PKCS11_set_attr_sn(CKA_ID, id, (size_t) id_len, &privTemp[i++]);
/* Allocate the handlers for pub and priv keys */
handler_pubkey = (CK_OBJECT_HANDLE *) PKI_Malloc (
sizeof( CK_OBJECT_HANDLE ));
handler_privkey = (CK_OBJECT_HANDLE *) PKI_Malloc (
sizeof( CK_OBJECT_HANDLE ));
if( !handler_pubkey || !handler_privkey ) {
if ( bn ) BN_free ( bn );
if ( esp ) PKI_Free ( esp );
return ( NULL );
}
PKI_log_debug("HSM_PKCS11_KEYPAIR_new()::Generating a new Key ... ");
rv = lib->callbacks->C_GenerateKeyPair (
lib->session, RSA_MECH_PTR,
pubTemp, n,
privTemp, i,
handler_pubkey,
handler_privkey);
if( rv != CKR_OK ) {
if ( rv == CKR_MECHANISM_INVALID ) {
PKI_log_err("HSM_PKCS11_KEYPAIR_new()::RSA Algorithm "
"is not supported by the Token" );
} else {
PKI_log_debug ("HSM_PKCS11_KEYPAIR_new()::Failed with "
"code 0x%8.8X", rv );
};
if ( bn ) BN_free ( bn );
if ( esp ) PKI_Free ( esp );
return ( NULL );
}
/* Clean up the Memory we are not using anymore */
if ( bn ) BN_free ( bn );
if ( esp ) PKI_Free ( esp );
/* Generate a new RSA container */
if((ret = RSA_new()) == NULL ) {
goto err;
};
if( HSM_PKCS11_get_attribute ( handler_pubkey, &lib->session,
CKA_PUBLIC_EXPONENT, (void **) &data,
&size, lib ) != PKI_OK ) {
goto err;
};
#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
RSA_set0_key(ret, NULL, BN_bin2bn( data, (int) size, NULL), NULL);
#else
ret->e = BN_bin2bn( data, (int) size, NULL );
#endif
PKI_Free ( data );
data = NULL;
if( HSM_PKCS11_get_attribute ( handler_pubkey, &lib->session,
CKA_MODULUS, (void **) &data, &size, lib ) != PKI_OK ) {
goto err;
};
#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
RSA_set0_key(ret, BN_bin2bn(data, (int) size, NULL), NULL, NULL);
#else
ret->n = BN_bin2bn( data, (int) size, NULL );
#endif
PKI_Free ( data );
data = NULL;
/* Let's get the Attributes from the Keypair and store into the
key's pointer */
RSA_set_method( ret, HSM_PKCS11_get_rsa_method());
#ifdef RSA_FLAG_SIGN_VER
# if OPENSSL_VERSION_NUMBER >= 0x1010000fL
RSA_set_flags( ret, RSA_FLAG_SIGN_VER);
# else
ret->flags |= RSA_FLAG_SIGN_VER;
# endif
#endif
/* Push the priv and pub key handlers to the rsa->ex_data */
RSA_set_ex_data( ret, KEYPAIR_DRIVER_HANDLER_IDX, driver );
RSA_set_ex_data( ret, KEYPAIR_PRIVKEY_HANDLER_IDX, handler_privkey );
RSA_set_ex_data( ret, KEYPAIR_PUBKEY_HANDLER_IDX, handler_pubkey );
/* Cleanup the memory for Templates */
HSM_PKCS11_clean_template ( pubTemp, (int) n );
HSM_PKCS11_clean_template ( privTemp, (int) i );
/* Let's return the RSA_KEY infrastructure */
return (ret);
err:
if( ret ) RSA_free ((RSA *) ret );
if ( handler_pubkey ) {
if((rv = lib->callbacks->C_DestroyObject( lib->session,
*handler_pubkey )) != CKR_OK ) {
PKI_log_debug ("HSM_PKCS11_KEYPAIR_new()::Failed to delete "
"pubkey object");
};
PKI_Free ( handler_pubkey );
}
if( handler_privkey ) {
if((rv = lib->callbacks->C_DestroyObject( lib->session,
*handler_privkey)) != CKR_OK ) {
PKI_log_debug ("HSM_PKCS11_KEYPAIR_new()::Failed to delete "
"privkey object");
};
PKI_Free ( handler_privkey );
}
PKI_log_debug("HSM_PKCS11_KEYPAIR_new()::Key material DELETED!");
return ( NULL );
}
int fill_out_rsa_object(RSA *rsa, TSS_HKEY hKey)
{
TSS_RESULT result;
UINT32 pubkey_len, encScheme, sigScheme;
BYTE *pubkey;
struct rsa_app_data *app_data;
DBG("%s", __FUNCTION__);
if ((result = Tspi_GetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
&encScheme))) {
TSSerr(TPM_F_TPM_FILL_RSA_OBJECT, TPM_R_REQUEST_FAILED);
return 0;
}
if ((result = Tspi_GetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
&sigScheme))) {
TSSerr(TPM_F_TPM_FILL_RSA_OBJECT, TPM_R_REQUEST_FAILED);
return 0;
}
/* pull out the public key and put it into the RSA object */
if ((result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO,
TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,
&pubkey_len, &pubkey))) {
TSSerr(TPM_F_TPM_FILL_RSA_OBJECT, TPM_R_REQUEST_FAILED);
return 0;
}
if ((rsa->n = BN_bin2bn(pubkey, pubkey_len, rsa->n)) == NULL) {
Tspi_Context_FreeMemory(hContext, pubkey);
TSSerr(TPM_F_TPM_FILL_RSA_OBJECT, TPM_R_BN_CONVERSION_FAILED);
return 0;
}
Tspi_Context_FreeMemory(hContext, pubkey);
/* set e in the RSA object */
if (!rsa->e && ((rsa->e = BN_new()) == NULL)) {
TSSerr(TPM_F_TPM_FILL_RSA_OBJECT, ERR_R_MALLOC_FAILURE);
return 0;
}
if (!BN_set_word(rsa->e, 65537)) {
TSSerr(TPM_F_TPM_FILL_RSA_OBJECT, TPM_R_REQUEST_FAILED);
BN_free(rsa->e);
rsa->e = NULL;
return 0;
}
if ((app_data = OPENSSL_malloc(sizeof(struct rsa_app_data))) == NULL) {
TSSerr(TPM_F_TPM_FILL_RSA_OBJECT, ERR_R_MALLOC_FAILURE);
BN_free(rsa->e);
rsa->e = NULL;
return 0;
}
DBG("Setting hKey(0x%x) in RSA object", hKey);
DBG("Setting encScheme(0x%x) in RSA object", encScheme);
DBG("Setting sigScheme(0x%x) in RSA object", sigScheme);
memset(app_data, 0, sizeof(struct rsa_app_data));
app_data->hKey = hKey;
app_data->encScheme = encScheme;
app_data->sigScheme = sigScheme;
RSA_set_ex_data(rsa, ex_app_data, app_data);
return 1;
}
int
tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
struct tls_keypair *keypair, int required)
{
EVP_PKEY *pkey = NULL;
BIO *bio = NULL;
if (!required &&
keypair->cert_mem == NULL &&
keypair->key_mem == NULL)
return(0);
if (keypair->cert_mem != NULL) {
if (keypair->cert_len > INT_MAX) {
tls_set_errorx(ctx, "certificate too long");
goto err;
}
if (SSL_CTX_use_certificate_chain_mem(ssl_ctx,
keypair->cert_mem, keypair->cert_len) != 1) {
tls_set_errorx(ctx, "failed to load certificate");
goto err;
}
if (tls_keypair_pubkey_hash(keypair, &keypair->pubkey_hash) == -1)
goto err;
}
if (keypair->key_mem != NULL) {
if (keypair->key_len > INT_MAX) {
tls_set_errorx(ctx, "key too long");
goto err;
}
if ((bio = BIO_new_mem_buf(keypair->key_mem,
keypair->key_len)) == NULL) {
tls_set_errorx(ctx, "failed to create buffer");
goto err;
}
if ((pkey = PEM_read_bio_PrivateKey(bio, NULL, tls_password_cb,
NULL)) == NULL) {
tls_set_errorx(ctx, "failed to read private key");
goto err;
}
if (keypair->pubkey_hash != NULL) {
RSA *rsa;
/* XXX only RSA for now for relayd privsep */
if ((rsa = EVP_PKEY_get1_RSA(pkey)) != NULL) {
RSA_set_ex_data(rsa, 0, keypair->pubkey_hash);
RSA_free(rsa);
}
}
if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1) {
tls_set_errorx(ctx, "failed to load private key");
goto err;
}
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
}
if (!ctx->config->skip_private_key_check &&
SSL_CTX_check_private_key(ssl_ctx) != 1) {
tls_set_errorx(ctx, "private/public key mismatch");
goto err;
}
return (0);
err:
EVP_PKEY_free(pkey);
BIO_free(bio);
return (1);
}
inline void rsa_key::set_external_data(int index, void* data)
{
error::throw_error_if(RSA_set_ex_data(raw(), index, data) == 0);
}
