nbsvtool.c revision 1.2 
1/*	$NetBSD: nbsvtool.c,v 1.2 2008/06/11 16:31:09 joerg Exp $	*/
2
3/*-
4 * Copyright (c) 2004, 2008 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Love H�rnquist �strand <lha@it.su.se>
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 *    notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 *    notice, this list of conditions and the following disclaimer in the
17 *    documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31
32#include <err.h>
33#include <stdio.h>
34#include <stdlib.h>
35#include <string.h>
36#include <unistd.h>
37
38#include <openssl/pkcs7.h>
39#include <openssl/evp.h>
40#include <openssl/x509.h>
41#include <openssl/x509v3.h>
42#include <openssl/pem.h>
43#include <openssl/err.h>
44#include <openssl/ui.h>
45
46static int verbose_flag;
47static unsigned long key_usage = 0;
48
49/*
50 * openssl command line equivalents
51 *
52 *    openssl smime -verify \
53 *		-inform PEM -in nbsvtool.c.sig -content nbsvtool.c \
54 *		-CAfile /secure/lha/su/CA/swupki-pca.crt -out /dev/null
55 *    openssl smime -sign \
56 *		-noattr -binary -outform PEM -out nbsvtool.c.sig \
57 *		-in nbsvtool.c -signer /secure/lha/su/CA/lha.crt \
58 *		-certfile /secure/lha/su/CA/lha-chain \
59 *		-inkey /secure/lha/su/CA/lha.key
60 */
61
62/*
63 * Create a detach PEM signature of file `infile' and store it in
64 * `outfile'. The signer certificate `cert' and private key
65 * `private_key' must be given. An additional hint to the verifier how
66 * to find the path from the `cert' to the x509 anchor can be passed
67 * in `cert_chain'.
68 */
69
70static void
71sign_file(X509 *cert, EVP_PKEY *private_key, STACK_OF(X509) *cert_chain,
72	  const char *infile, const char *outfile)
73{
74	BIO *out, *in;
75	PKCS7 *p7;
76
77	out = BIO_new_file(outfile, "w");
78	if (out == NULL)
79		err(EXIT_FAILURE, "Failed to open signature output file: %s",
80		    outfile);
81
82	in = BIO_new_file(infile, "r");
83	if (in == NULL)
84		err(EXIT_FAILURE, "Failed to input file: %s", infile);
85
86	p7 = PKCS7_sign(cert, private_key, cert_chain, in,
87	    PKCS7_DETACHED|PKCS7_NOATTR|PKCS7_BINARY);
88	if (p7 == NULL)
89		errx(EXIT_FAILURE, "Failed to create signature structure");
90
91	PEM_write_bio_PKCS7(out, p7);
92
93	PKCS7_free(p7);
94	BIO_free(in);
95	BIO_free_all(out);
96}
97
98/*
99 * Verifies a detached PEM signature in the file `sigfile' of file
100 * `infile'. The trust anchor file `anchor' to the trust anchors must
101 * be given. If its suspended that the sender didn't inlude the whole
102 * path from the signing certificate to the given trust anchor, extra
103 * certificates can be passed in `cert_chain'.
104 */
105
106static void
107verify_file(STACK_OF(X509) *cert_chain, const char *anchor,
108	    const char *infile, const char *sigfile)
109{
110	STACK_OF(X509) *signers;
111	X509_STORE *store;
112	BIO *sig, *in;
113	PKCS7 *p7;
114	int ret, i;
115	X509_NAME *name;
116	char *subject;
117
118	store = X509_STORE_new();
119	if (store == NULL)
120		err(1, "Failed to create store");
121
122	X509_STORE_load_locations(store, anchor, NULL);
123
124	in = BIO_new_file(infile, "r");
125	if (in == NULL)
126		err(EXIT_FAILURE, "Failed to open input data file: %s", infile);
127
128	sig = BIO_new_file(sigfile, "r");
129	if (sig == NULL)
130		err(EXIT_FAILURE, "Failed to open signature input file: %s",
131		    sigfile);
132
133	p7 = PEM_read_bio_PKCS7(sig, NULL, NULL, NULL);
134	if (p7 == NULL)
135		errx(EXIT_FAILURE, "Failed to parse the signature file %s",
136		    sigfile);
137
138	ret = PKCS7_verify(p7, cert_chain, store, in, NULL, 0);
139	if (ret != 1)
140		errx(EXIT_FAILURE, "Failed to verify signature");
141
142	signers = PKCS7_get0_signers(p7, NULL, 0);
143	if (signers == NULL)
144		errx(EXIT_FAILURE, "Failed to get signers");
145
146	if (sk_X509_num(signers) == 0)
147		errx(EXIT_FAILURE, "No signers ?");
148
149	if (key_usage != 0) {
150		for (i = 0; i < sk_X509_num(signers); i++) {
151			if ((sk_X509_value(signers, i)->ex_xkusage & key_usage)
152			    == key_usage)
153				continue;
154			name = X509_get_subject_name(sk_X509_value(signers, i));
155			subject = X509_NAME_oneline(name, NULL, 0);
156			errx(EXIT_FAILURE,
157			    "Certificate doesn't match required key usage: %s",
158			    subject);
159		}
160	}
161
162	if (verbose_flag)
163		printf("Sigature ok, signed by:\n");
164
165	for (i = 0; i < sk_X509_num(signers); i++) {
166		name = X509_get_subject_name(sk_X509_value(signers, i));
167		subject = X509_NAME_oneline(name, NULL, 0);
168
169		if (verbose_flag)
170			printf("\t%s\n", subject);
171
172		OPENSSL_free(subject);
173	}
174
175	PKCS7_free(p7);
176	BIO_free(in);
177	BIO_free(sig);
178}
179
180/*
181 * Parse and return a list PEM encoded certificates in the file
182 * `file'. In case of error or an empty file, and error text will be
183 * printed and the function will exit(3).
184 */
185
186static STACK_OF(X509) *
187file_to_certs(const char *file)
188{
189	STACK_OF(X509) *certs;
190	FILE *f;
191
192	f = fopen(file, "r");
193	if (f == NULL)
194		err(EXIT_FAILURE, "Cannot open certificate file %s", file);
195	certs = sk_X509_new_null();
196	while (1) {
197		X509 *cert;
198
199		cert = PEM_read_X509(f, NULL, NULL, NULL);
200		if (cert == NULL) {
201			unsigned long ret;
202
203			ret = ERR_GET_REASON(ERR_peek_error());
204			if (ret == PEM_R_NO_START_LINE) {
205				/* End of file reached. no error */
206				ERR_clear_error();
207				break;
208			}
209			errx(EXIT_FAILURE, "Can't read certificate file %s",
210			    file);
211		}
212		sk_X509_insert(certs, cert, sk_X509_num(certs));
213	}
214	fclose(f);
215	if (sk_X509_num(certs) == 0)
216		errx(EXIT_FAILURE, "No certificate found file %s", file);
217
218	return certs;
219}
220
221static int
222ssl_pass_cb(char *buf, int size, int rwflag, void *u)
223{
224
225	if (UI_UTIL_read_pw_string(buf, size, "Passphrase: ", 0))
226		return 0;
227	return strlen(buf);
228}
229
230static struct {
231	X509 *certificate;
232	STACK_OF(X509) *cert_chain;
233	EVP_PKEY *private_key;
234} crypto_state;
235
236/*
237 * Load the certificate file `cert_file' with the associated private
238 * key file `key_file'. The private key is checked to make sure it
239 * matches the certificate. The optional hints for the path to the CA
240 * is stored in `chain_file'.
241 */
242
243static void
244load_keys(const char *cert_file, const char *chain_file, const char *key_file)
245{
246	STACK_OF(X509) *c;
247	FILE *f;
248	int ret;
249
250	if (cert_file == NULL)
251		errx(EXIT_FAILURE, "No certificate file given");
252	if (key_file == NULL)
253		errx(EXIT_FAILURE, "No private key file given");
254
255	c = file_to_certs(cert_file);
256
257	if (sk_X509_num(c) != 1)
258		errx(EXIT_FAILURE,
259		    "More then one certificate in the certificate file");
260	crypto_state.certificate = sk_X509_value(c, 0);
261
262	if (chain_file)
263		crypto_state.cert_chain = file_to_certs(chain_file);
264
265	/* load private key */
266	f = fopen(key_file, "r");
267	if (f == NULL)
268		errx(1, "Failed to open private key file %s", key_file);
269
270	crypto_state.private_key =
271		PEM_read_PrivateKey(f, NULL, ssl_pass_cb, NULL);
272	fclose(f);
273	if (crypto_state.private_key == NULL)
274		errx(EXIT_FAILURE, "Can't read private key %s", key_file);
275
276	ret = X509_check_private_key(crypto_state.certificate,
277	    crypto_state.private_key);
278	if (ret != 1)
279		errx(EXIT_FAILURE,
280		    "The private key %s doesn't match the certificate %s",
281		    key_file, cert_file);
282}
283
284static void __dead
285usage(int exit_code)
286{
287
288	printf("%s usage\n", getprogname());
289	printf("%s -k keyfile -c cert-chain [-f cert-chain] sign file\n",
290	    getprogname());
291	printf("%s [-u code|...] [-a x509-anchor-file] verify filename.sp7\n",
292	    getprogname());
293	printf("%s [-u code|...] [-a x509-anchor-file] verify filename otherfilename.sp7\n",
294	    getprogname());
295	printf("%s [-u code|...] [-a x509-anchor-file] verify-code file ...\n",
296	    getprogname());
297	exit(exit_code);
298}
299
300int
301main(int argc, char **argv)
302{
303	const char *anchors = NULL;
304	const char *cert_file = NULL, *key_file = NULL, *chain_file = NULL;
305	const char *file;
306	char *sigfile;
307	int ch;
308
309	setprogname(argv[0]);
310
311	OpenSSL_add_all_algorithms();
312	ERR_load_crypto_strings();
313
314	while ((ch = getopt(argc, argv, "a:c:f:hk:u:v")) != -1) {
315		switch (ch) {
316		case 'a':
317			anchors = optarg;
318			break;
319		case 'f':
320			chain_file = optarg;
321			break;
322		case 'k':
323			key_file = optarg;
324			break;
325		case 'c':
326			cert_file = optarg;
327			break;
328		case 'u':
329			if (strcmp("ssl-server", optarg) == 0)
330				key_usage |= XKU_SSL_SERVER;
331			else if (strcmp("ssl-client", optarg) == 0)
332				key_usage |= XKU_SSL_CLIENT;
333			else if (strcmp("code", optarg) == 0)
334				key_usage |= XKU_CODE_SIGN;
335			else if (strcmp("smime", optarg) == 0)
336				key_usage |= XKU_SMIME;
337			else
338				errx(1, "Unknown keyusage: %s", optarg);
339			break;
340		case 'v':
341			verbose_flag = 1;
342			break;
343		case 'h':
344			usage(EXIT_SUCCESS);
345		default:
346			usage(EXIT_FAILURE);
347		}
348	}
349
350	argc -= optind;
351	argv += optind;
352
353	if (argc < 1) {
354		fprintf(stderr, "Command missing [sign|verify]\n");
355		usage(EXIT_FAILURE);
356	}
357
358	if (strcmp(argv[0], "sign") == 0) {
359
360		if (argc < 2)
361			usage(1);
362
363		file = argv[1];
364
365		asprintf(&sigfile, "%s.sp7", file);
366		if (sigfile == NULL)
367			err(EXIT_FAILURE, "asprintf failed");
368
369		load_keys(cert_file, chain_file, key_file);
370
371		sign_file(crypto_state.certificate,
372		    crypto_state.private_key,
373		    crypto_state.cert_chain,
374		    file,
375		    sigfile);
376
377	} else if (strcmp(argv[0], "verify") == 0
378	    || strcmp(argv[0], "verify-code") == 0) {
379
380		if (strcmp(argv[0], "verify-code") == 0)
381			key_usage |= XKU_CODE_SIGN;
382
383		if (argc < 2)
384			usage(1);
385		else if (argc < 3) {
386			char *dot;
387
388			sigfile = argv[1];
389
390			file = strdup(sigfile);
391			if (file == NULL)
392				err(1, "strdup failed");
393
394			dot = strrchr(file, '.');
395			if (dot == NULL || strchr(dot, '/') != NULL)
396				errx(EXIT_FAILURE,
397				    "File name missing suffix");
398			if (strcmp(".sp7", dot) != 0)
399				errx(EXIT_FAILURE,
400				    "File name bad suffix (%s)", dot);
401			*dot = '\0';
402		} else {
403			file = argv[1];
404			sigfile = argv[2];
405		}
406		verify_file(crypto_state.cert_chain, anchors, file, sigfile);
407	} else {
408		fprintf(stderr, "Unknown command: %s\n", argv[0]);
409		usage(EXIT_FAILURE);
410	}
411
412	return 0;
413}
414