1/* 2 * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#include "hx_locl.h" 35 36typedef enum { USE_PEM, USE_DER } outformat; 37 38struct ks_file { 39 hx509_certs certs; 40 char *fn; 41 outformat format; 42}; 43 44/* 45 * 46 */ 47 48static int 49parse_certificate(hx509_context context, const char *fn, 50 struct hx509_collector *c, 51 const hx509_pem_header *headers, 52 const void *data, size_t len, 53 const AlgorithmIdentifier *ai) 54{ 55 hx509_cert cert; 56 int ret; 57 58 ret = hx509_cert_init_data(context, data, len, &cert); 59 if (ret) 60 return ret; 61 62 ret = _hx509_collector_certs_add(context, c, cert); 63 hx509_cert_free(cert); 64 return ret; 65} 66 67static int 68try_decrypt(hx509_context context, 69 struct hx509_collector *collector, 70 const AlgorithmIdentifier *alg, 71 const EVP_CIPHER *c, 72 const void *ivdata, 73 const void *password, 74 size_t passwordlen, 75 const void *cipher, 76 size_t len) 77{ 78 heim_octet_string clear; 79 size_t keylen; 80 void *key; 81 int ret; 82 83 keylen = EVP_CIPHER_key_length(c); 84 85 key = malloc(keylen); 86 if (key == NULL) { 87 hx509_clear_error_string(context); 88 return ENOMEM; 89 } 90 91 ret = EVP_BytesToKey(c, EVP_md5(), ivdata, 92 password, passwordlen, 93 1, key, NULL); 94 if (ret <= 0) { 95 hx509_set_error_string(context, 0, HX509_CRYPTO_INTERNAL_ERROR, 96 "Failed to do string2key for private key"); 97 return HX509_CRYPTO_INTERNAL_ERROR; 98 } 99 100 clear.data = malloc(len); 101 if (clear.data == NULL) { 102 hx509_set_error_string(context, 0, ENOMEM, 103 "Out of memory to decrypt for private key"); 104 ret = ENOMEM; 105 goto out; 106 } 107 clear.length = len; 108 109 { 110 EVP_CIPHER_CTX ctx; 111 EVP_CIPHER_CTX_init(&ctx); 112 EVP_CipherInit_ex(&ctx, c, NULL, key, ivdata, 0); 113 EVP_Cipher(&ctx, clear.data, cipher, len); 114 EVP_CIPHER_CTX_cleanup(&ctx); 115 } 116 117 ret = _hx509_collector_private_key_add(context, 118 collector, 119 alg, 120 NULL, 121 &clear, 122 NULL); 123 124 memset(clear.data, 0, clear.length); 125 free(clear.data); 126out: 127 memset(key, 0, keylen); 128 free(key); 129 return ret; 130} 131 132static int 133parse_pkcs8_private_key(hx509_context context, const char *fn, 134 struct hx509_collector *c, 135 const hx509_pem_header *headers, 136 const void *data, size_t length, 137 const AlgorithmIdentifier *ai) 138{ 139 PKCS8PrivateKeyInfo ki; 140 heim_octet_string keydata; 141 142 int ret; 143 144 ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL); 145 if (ret) 146 return ret; 147 148 keydata.data = rk_UNCONST(data); 149 keydata.length = length; 150 151 ret = _hx509_collector_private_key_add(context, 152 c, 153 &ki.privateKeyAlgorithm, 154 NULL, 155 &ki.privateKey, 156 &keydata); 157 free_PKCS8PrivateKeyInfo(&ki); 158 return ret; 159} 160 161static int 162parse_pem_private_key(hx509_context context, const char *fn, 163 struct hx509_collector *c, 164 const hx509_pem_header *headers, 165 const void *data, size_t len, 166 const AlgorithmIdentifier *ai) 167{ 168 int ret = 0; 169 const char *enc; 170 171 enc = hx509_pem_find_header(headers, "Proc-Type"); 172 if (enc) { 173 const char *dek; 174 char *type, *iv; 175 ssize_t ssize, size; 176 void *ivdata; 177 const EVP_CIPHER *cipher; 178 const struct _hx509_password *pw; 179 hx509_lock lock; 180 int decrypted = 0; 181 size_t i; 182 183 lock = _hx509_collector_get_lock(c); 184 if (lock == NULL) { 185 hx509_set_error_string(context, 0, HX509_ALG_NOT_SUPP, 186 "Failed to get password for " 187 "password protected file %s", fn); 188 return HX509_ALG_NOT_SUPP; 189 } 190 191 if (strcmp(enc, "4,ENCRYPTED") != 0) { 192 hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, 193 "Private key encrypted in unknown method %s " 194 "in file %s", 195 enc, fn); 196 hx509_clear_error_string(context); 197 return HX509_PARSING_KEY_FAILED; 198 } 199 200 dek = hx509_pem_find_header(headers, "DEK-Info"); 201 if (dek == NULL) { 202 hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, 203 "Encrypted private key missing DEK-Info"); 204 return HX509_PARSING_KEY_FAILED; 205 } 206 207 type = strdup(dek); 208 if (type == NULL) { 209 hx509_clear_error_string(context); 210 return ENOMEM; 211 } 212 213 iv = strchr(type, ','); 214 if (iv == NULL) { 215 free(type); 216 hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, 217 "IV missing"); 218 return HX509_PARSING_KEY_FAILED; 219 } 220 221 *iv++ = '\0'; 222 223 size = strlen(iv); 224 ivdata = malloc(size); 225 if (ivdata == NULL) { 226 hx509_clear_error_string(context); 227 free(type); 228 return ENOMEM; 229 } 230 231 cipher = EVP_get_cipherbyname(type); 232 if (cipher == NULL) { 233 free(ivdata); 234 hx509_set_error_string(context, 0, HX509_ALG_NOT_SUPP, 235 "Private key encrypted with " 236 "unsupported cipher: %s", 237 type); 238 free(type); 239 return HX509_ALG_NOT_SUPP; 240 } 241 242#define PKCS5_SALT_LEN 8 243 244 ssize = hex_decode(iv, ivdata, size); 245 free(type); 246 type = NULL; 247 iv = NULL; 248 249 if (ssize < 0 || ssize < PKCS5_SALT_LEN || (size_t)ssize < EVP_CIPHER_iv_length(cipher)) { 250 free(ivdata); 251 hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, 252 "Salt have wrong length in " 253 "private key file"); 254 return HX509_PARSING_KEY_FAILED; 255 } 256 257 pw = _hx509_lock_get_passwords(lock); 258 if (pw != NULL) { 259 const void *password; 260 size_t passwordlen; 261 262 for (i = 0; i < pw->len; i++) { 263 password = pw->val[i]; 264 passwordlen = strlen(password); 265 266 ret = try_decrypt(context, c, ai, cipher, ivdata, 267 password, passwordlen, data, len); 268 if (ret == 0) { 269 decrypted = 1; 270 break; 271 } 272 } 273 } 274 if (!decrypted) { 275 hx509_prompt prompt; 276 char password[128]; 277 278 memset(&prompt, 0, sizeof(prompt)); 279 280 prompt.prompt = "Password for keyfile: "; 281 prompt.type = HX509_PROMPT_TYPE_PASSWORD; 282 prompt.reply.data = password; 283 prompt.reply.length = sizeof(password); 284 285 ret = hx509_lock_prompt(lock, &prompt); 286 if (ret == 0) 287 ret = try_decrypt(context, c, ai, cipher, ivdata, password, 288 strlen(password), data, len); 289 /* XXX add password to lock password collection ? */ 290 memset(password, 0, sizeof(password)); 291 } 292 free(ivdata); 293 294 } else { 295 heim_octet_string keydata; 296 297 keydata.data = rk_UNCONST(data); 298 keydata.length = len; 299 300 ret = _hx509_collector_private_key_add(context, c, ai, NULL, 301 &keydata, NULL); 302 } 303 304 return ret; 305} 306 307 308struct pem_formats { 309 const char *name; 310 int (*func)(hx509_context, const char *, struct hx509_collector *, 311 const hx509_pem_header *, const void *, size_t, 312 const AlgorithmIdentifier *); 313 const AlgorithmIdentifier *(*ai)(void); 314} formats[] = { 315 { "CERTIFICATE", parse_certificate, NULL }, 316 { "PRIVATE KEY", parse_pkcs8_private_key, NULL }, 317 { "RSA PRIVATE KEY", parse_pem_private_key, hx509_signature_rsa }, 318 { "EC PRIVATE KEY", parse_pem_private_key, hx509_signature_ecPublicKey } 319}; 320 321 322struct pem_ctx { 323 int flags; 324 struct hx509_collector *c; 325}; 326 327static int 328pem_func(hx509_context context, const char *type, 329 const hx509_pem_header *header, 330 const void *data, size_t len, void *ctx) 331{ 332 struct pem_ctx *pem_ctx = (struct pem_ctx*)ctx; 333 int ret = 0; 334 size_t j; 335 336 for (j = 0; j < sizeof(formats)/sizeof(formats[0]); j++) { 337 const char *q = formats[j].name; 338 if (strcasecmp(type, q) == 0) { 339 const AlgorithmIdentifier *ai = NULL; 340 if (formats[j].ai != NULL) 341 ai = (*formats[j].ai)(); 342 343 ret = (*formats[j].func)(context, NULL, pem_ctx->c, 344 header, data, len, ai); 345 if (ret && (pem_ctx->flags & HX509_CERTS_UNPROTECT_ALL)) { 346 hx509_set_error_string(context, HX509_ERROR_APPEND, ret, 347 "Failed parseing PEM format %s", type); 348 return ret; 349 } 350 break; 351 } 352 } 353 if (j == sizeof(formats)/sizeof(formats[0])) { 354 ret = HX509_UNSUPPORTED_OPERATION; 355 hx509_set_error_string(context, 0, ret, 356 "Found no matching PEM format for %s", type); 357 return ret; 358 } 359 return 0; 360} 361 362/* 363 * 364 */ 365 366static int 367file_init_common(hx509_context context, 368 hx509_certs certs, void **data, int flags, 369 const char *residue, hx509_lock lock, outformat format) 370{ 371 char *p, *pnext; 372 struct ks_file *ksf = NULL; 373 hx509_private_key *keys = NULL; 374 int ret; 375 struct pem_ctx pem_ctx; 376 377 pem_ctx.flags = flags; 378 pem_ctx.c = NULL; 379 380 *data = NULL; 381 382 if (lock == NULL) 383 lock = _hx509_empty_lock; 384 385 ksf = calloc(1, sizeof(*ksf)); 386 if (ksf == NULL) { 387 hx509_clear_error_string(context); 388 return ENOMEM; 389 } 390 ksf->format = format; 391 392 ksf->fn = strdup(residue); 393 if (ksf->fn == NULL) { 394 hx509_clear_error_string(context); 395 ret = ENOMEM; 396 goto out; 397 } 398 399 /* 400 * XXX this is broken, the function should parse the file before 401 * overwriting it 402 */ 403 404 if (flags & HX509_CERTS_CREATE) { 405 ret = hx509_certs_init(context, "MEMORY:ks-file-create", 406 0, lock, &ksf->certs); 407 if (ret) 408 goto out; 409 *data = ksf; 410 return 0; 411 } 412 413 ret = _hx509_collector_alloc(context, lock, &pem_ctx.c); 414 if (ret) 415 goto out; 416 417 for (p = ksf->fn; p != NULL; p = pnext) { 418 FILE *f; 419 420 pnext = strchr(p, ','); 421 if (pnext) 422 *pnext++ = '\0'; 423 424 425 if ((f = fopen(p, "r")) == NULL) { 426 ret = ENOENT; 427 hx509_set_error_string(context, 0, ret, 428 "Failed to open PEM file \"%s\": %s", 429 p, strerror(errno)); 430 goto out; 431 } 432 rk_cloexec_file(f); 433 434 ret = hx509_pem_read(context, f, pem_func, &pem_ctx); 435 fclose(f); 436 if (ret != 0 && ret != HX509_PARSING_KEY_FAILED) 437 goto out; 438 else if (ret == HX509_PARSING_KEY_FAILED) { 439 size_t length; 440 void *ptr; 441 size_t i; 442 443 ret = rk_undumpdata(p, &ptr, &length); 444 if (ret) { 445 hx509_clear_error_string(context); 446 goto out; 447 } 448 449 for (i = 0; i < sizeof(formats)/sizeof(formats[0]); i++) { 450 const AlgorithmIdentifier *ai = NULL; 451 if (formats[i].ai != NULL) 452 ai = (*formats[i].ai)(); 453 454 ret = (*formats[i].func)(context, p, pem_ctx.c, NULL, ptr, length, ai); 455 if (ret == 0) 456 break; 457 } 458 rk_xfree(ptr); 459 if (ret) { 460 hx509_clear_error_string(context); 461 goto out; 462 } 463 } 464 } 465 466 ret = _hx509_collector_collect_certs(context, pem_ctx.c, &ksf->certs); 467 if (ret) 468 goto out; 469 470 ret = _hx509_collector_collect_private_keys(context, pem_ctx.c, &keys); 471 if (ret == 0) { 472 int i; 473 474 for (i = 0; keys[i]; i++) 475 _hx509_certs_keys_add(context, ksf->certs, keys[i]); 476 _hx509_certs_keys_free(context, keys); 477 } 478 479out: 480 if (ret == 0) 481 *data = ksf; 482 else { 483 if (ksf->fn) 484 free(ksf->fn); 485 free(ksf); 486 } 487 if (pem_ctx.c) 488 _hx509_collector_free(pem_ctx.c); 489 490 return ret; 491} 492 493static int 494file_init_pem(hx509_context context, 495 hx509_certs certs, void **data, int flags, 496 const char *residue, hx509_lock lock) 497{ 498 return file_init_common(context, certs, data, flags, residue, lock, USE_PEM); 499} 500 501static int 502file_init_der(hx509_context context, 503 hx509_certs certs, void **data, int flags, 504 const char *residue, hx509_lock lock) 505{ 506 return file_init_common(context, certs, data, flags, residue, lock, USE_DER); 507} 508 509static int 510file_free(hx509_certs certs, void *data) 511{ 512 struct ks_file *ksf = data; 513 hx509_certs_free(&ksf->certs); 514 free(ksf->fn); 515 free(ksf); 516 return 0; 517} 518 519struct store_ctx { 520 FILE *f; 521 outformat format; 522}; 523 524static int 525store_func(hx509_context context, void *ctx, hx509_cert c) 526{ 527 struct store_ctx *sc = ctx; 528 heim_octet_string data; 529 int ret; 530 531 ret = hx509_cert_binary(context, c, &data); 532 if (ret) 533 return ret; 534 535 switch (sc->format) { 536 case USE_DER: 537 fwrite(data.data, data.length, 1, sc->f); 538 free(data.data); 539 break; 540 case USE_PEM: 541 hx509_pem_write(context, "CERTIFICATE", NULL, sc->f, 542 data.data, data.length); 543 free(data.data); 544 if (_hx509_cert_private_key_exportable(c)) { 545 hx509_private_key key = _hx509_cert_private_key(c); 546 ret = _hx509_private_key_export(context, key, 547 HX509_KEY_FORMAT_DER, &data); 548 if (ret) 549 break; 550 hx509_pem_write(context, _hx509_private_pem_name(key), NULL, sc->f, 551 data.data, data.length); 552 free(data.data); 553 } 554 break; 555 } 556 557 return 0; 558} 559 560static int 561file_store(hx509_context context, 562 hx509_certs certs, void *data, int flags, hx509_lock lock) 563{ 564 struct ks_file *ksf = data; 565 struct store_ctx sc; 566 int ret; 567 568 sc.f = fopen(ksf->fn, "w"); 569 if (sc.f == NULL) { 570 hx509_set_error_string(context, 0, ENOENT, 571 "Failed to open file %s for writing", ksf->fn); 572 return ENOENT; 573 } 574 rk_cloexec_file(sc.f); 575 sc.format = ksf->format; 576 577 ret = hx509_certs_iter_f(context, ksf->certs, store_func, &sc); 578 fclose(sc.f); 579 return ret; 580} 581 582static int 583file_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) 584{ 585 struct ks_file *ksf = data; 586 return hx509_certs_add(context, ksf->certs, c); 587} 588 589static int 590file_iter_start(hx509_context context, 591 hx509_certs certs, void *data, void **cursor) 592{ 593 struct ks_file *ksf = data; 594 return hx509_certs_start_seq(context, ksf->certs, cursor); 595} 596 597static int 598file_iter(hx509_context context, 599 hx509_certs certs, void *data, void *iter, hx509_cert *cert) 600{ 601 struct ks_file *ksf = data; 602 return hx509_certs_next_cert(context, ksf->certs, iter, cert); 603} 604 605static int 606file_iter_end(hx509_context context, 607 hx509_certs certs, 608 void *data, 609 void *cursor) 610{ 611 struct ks_file *ksf = data; 612 return hx509_certs_end_seq(context, ksf->certs, cursor); 613} 614 615static int 616file_getkeys(hx509_context context, 617 hx509_certs certs, 618 void *data, 619 hx509_private_key **keys) 620{ 621 struct ks_file *ksf = data; 622 return _hx509_certs_keys_get(context, ksf->certs, keys); 623} 624 625static int 626file_addkey(hx509_context context, 627 hx509_certs certs, 628 void *data, 629 hx509_private_key key) 630{ 631 struct ks_file *ksf = data; 632 return _hx509_certs_keys_add(context, ksf->certs, key); 633} 634 635static struct hx509_keyset_ops keyset_file = { 636 "FILE", 637 0, 638 file_init_pem, 639 file_store, 640 file_free, 641 file_add, 642 NULL, 643 file_iter_start, 644 file_iter, 645 file_iter_end, 646 NULL, 647 file_getkeys, 648 file_addkey 649}; 650 651static struct hx509_keyset_ops keyset_pemfile = { 652 "PEM-FILE", 653 0, 654 file_init_pem, 655 file_store, 656 file_free, 657 file_add, 658 NULL, 659 file_iter_start, 660 file_iter, 661 file_iter_end, 662 NULL, 663 file_getkeys, 664 file_addkey 665}; 666 667static struct hx509_keyset_ops keyset_derfile = { 668 "DER-FILE", 669 0, 670 file_init_der, 671 file_store, 672 file_free, 673 file_add, 674 NULL, 675 file_iter_start, 676 file_iter, 677 file_iter_end, 678 NULL, 679 file_getkeys, 680 file_addkey 681}; 682 683 684void 685_hx509_ks_file_register(hx509_context context) 686{ 687 _hx509_ks_register(context, &keyset_file); 688 _hx509_ks_register(context, &keyset_pemfile); 689 _hx509_ks_register(context, &keyset_derfile); 690} 691