Annotation of embedaddon/strongswan/src/libstrongswan/plugins/pem/pem_builder.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2013 Tobias Brunner
! 3: * Copyright (C) 2009 Martin Willi
! 4: * Copyright (C) 2001-2008 Andreas Steffen
! 5: * HSR Hochschule fuer Technik Rapperswil
! 6: *
! 7: * This program is free software; you can redistribute it and/or modify it
! 8: * under the terms of the GNU General Public License as published by the
! 9: * Free Software Foundation; either version 2 of the License, or (at your
! 10: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 11: *
! 12: * This program is distributed in the hope that it will be useful, but
! 13: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 14: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 15: * for more details.
! 16: */
! 17:
! 18: #include "pem_builder.h"
! 19:
! 20: #include <stdio.h>
! 21: #include <stdlib.h>
! 22: #include <unistd.h>
! 23: #include <errno.h>
! 24: #include <string.h>
! 25: #include <stddef.h>
! 26: #include <fcntl.h>
! 27: #include <sys/types.h>
! 28: #include <sys/stat.h>
! 29:
! 30: #include <utils/debug.h>
! 31: #include <library.h>
! 32: #include <utils/lexparser.h>
! 33: #include <asn1/asn1.h>
! 34: #include <crypto/hashers/hasher.h>
! 35: #include <crypto/crypters/crypter.h>
! 36: #include <credentials/certificates/x509.h>
! 37:
! 38: #define PKCS5_SALT_LEN 8 /* bytes */
! 39:
! 40: /**
! 41: * check the presence of a pattern in a character string, skip if found
! 42: */
! 43: static bool present(char* pattern, chunk_t* ch)
! 44: {
! 45: u_int len = strlen(pattern);
! 46:
! 47: if (ch->len >= len && strneq(ch->ptr, pattern, len))
! 48: {
! 49: *ch = chunk_skip(*ch, len);
! 50: return TRUE;
! 51: }
! 52: return FALSE;
! 53: }
! 54:
! 55: /**
! 56: * find a boundary of the form -----tag name-----
! 57: */
! 58: static bool find_boundary(char* tag, chunk_t *line)
! 59: {
! 60: chunk_t name = chunk_empty;
! 61:
! 62: if (!present("-----", line) ||
! 63: !present(tag, line) ||
! 64: !line->len || *line->ptr != ' ')
! 65: {
! 66: return FALSE;
! 67: }
! 68: *line = chunk_skip(*line, 1);
! 69:
! 70: /* extract name */
! 71: name.ptr = line->ptr;
! 72: while (line->len > 0)
! 73: {
! 74: if (present("-----", line))
! 75: {
! 76: DBG2(DBG_ASN, " -----%s %.*s-----", tag, (int)name.len, name.ptr);
! 77: return TRUE;
! 78: }
! 79: line->ptr++; line->len--; name.len++;
! 80: }
! 81: return FALSE;
! 82: }
! 83:
! 84: /*
! 85: * decrypts a passphrase protected encrypted data block
! 86: */
! 87: static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
! 88: size_t key_size, chunk_t iv, chunk_t passphrase)
! 89: {
! 90: hasher_t *hasher;
! 91: crypter_t *crypter;
! 92: chunk_t salt = { iv.ptr, PKCS5_SALT_LEN };
! 93: chunk_t hash;
! 94: chunk_t decrypted;
! 95: chunk_t key = {alloca(key_size), key_size};
! 96: uint8_t padding, *last_padding_pos, *first_padding_pos;
! 97:
! 98: /* build key from passphrase and IV */
! 99: hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
! 100: if (hasher == NULL)
! 101: {
! 102: DBG1(DBG_ASN, " MD5 hash algorithm not available");
! 103: return NOT_SUPPORTED;
! 104: }
! 105: hash.len = hasher->get_hash_size(hasher);
! 106: hash.ptr = alloca(hash.len);
! 107: if (!hasher->get_hash(hasher, passphrase, NULL) ||
! 108: !hasher->get_hash(hasher, salt, hash.ptr))
! 109: {
! 110: return FAILED;
! 111: }
! 112: memcpy(key.ptr, hash.ptr, hash.len);
! 113:
! 114: if (key.len > hash.len)
! 115: {
! 116: if (!hasher->get_hash(hasher, hash, NULL) ||
! 117: !hasher->get_hash(hasher, passphrase, NULL) ||
! 118: !hasher->get_hash(hasher, salt, hash.ptr))
! 119: {
! 120: return FAILED;
! 121: }
! 122: memcpy(key.ptr + hash.len, hash.ptr, key.len - hash.len);
! 123: }
! 124: hasher->destroy(hasher);
! 125:
! 126: /* decrypt blob */
! 127: crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size);
! 128: if (crypter == NULL)
! 129: {
! 130: DBG1(DBG_ASN, " %N encryption algorithm not available",
! 131: encryption_algorithm_names, alg);
! 132: return NOT_SUPPORTED;
! 133: }
! 134:
! 135: if (iv.len != crypter->get_iv_size(crypter) ||
! 136: blob->len % crypter->get_block_size(crypter))
! 137: {
! 138: crypter->destroy(crypter);
! 139: DBG1(DBG_ASN, " data size is not multiple of block size");
! 140: return PARSE_ERROR;
! 141: }
! 142: if (!crypter->set_key(crypter, key) ||
! 143: !crypter->decrypt(crypter, *blob, iv, &decrypted))
! 144: {
! 145: crypter->destroy(crypter);
! 146: return FAILED;
! 147: }
! 148: crypter->destroy(crypter);
! 149: memcpy(blob->ptr, decrypted.ptr, blob->len);
! 150: chunk_free(&decrypted);
! 151:
! 152: /* determine amount of padding */
! 153: last_padding_pos = blob->ptr + blob->len - 1;
! 154: padding = *last_padding_pos;
! 155: if (padding > blob->len)
! 156: {
! 157: first_padding_pos = blob->ptr;
! 158: }
! 159: else
! 160: {
! 161: first_padding_pos = last_padding_pos - padding;
! 162: }
! 163: /* check the padding pattern */
! 164: while (--last_padding_pos > first_padding_pos)
! 165: {
! 166: if (*last_padding_pos != padding)
! 167: {
! 168: DBG1(DBG_ASN, " invalid passphrase");
! 169: return INVALID_ARG;
! 170: }
! 171: }
! 172: /* remove padding */
! 173: blob->len -= padding;
! 174: return SUCCESS;
! 175: }
! 176:
! 177: /**
! 178: * Converts a PEM encoded file into its binary form (RFC 1421, RFC 934)
! 179: */
! 180: static status_t pem_to_bin(chunk_t *blob, bool *pgp)
! 181: {
! 182: typedef enum {
! 183: PEM_PRE = 0,
! 184: PEM_MSG = 1,
! 185: PEM_HEADER = 2,
! 186: PEM_BODY = 3,
! 187: PEM_POST = 4,
! 188: PEM_ABORT = 5
! 189: } state_t;
! 190:
! 191: encryption_algorithm_t alg = ENCR_UNDEFINED;
! 192: size_t key_size = 0;
! 193: bool encrypted = FALSE;
! 194: state_t state = PEM_PRE;
! 195: chunk_t src = *blob;
! 196: chunk_t dst = *blob;
! 197: chunk_t line = chunk_empty;
! 198: chunk_t iv = chunk_empty;
! 199: u_char iv_buf[HASH_SIZE_MD5];
! 200: status_t status = NOT_FOUND;
! 201: enumerator_t *enumerator;
! 202: shared_key_t *shared;
! 203:
! 204: dst.len = 0;
! 205: iv.ptr = iv_buf;
! 206: iv.len = 0;
! 207:
! 208: while (fetchline(&src, &line))
! 209: {
! 210: if (state == PEM_PRE)
! 211: {
! 212: if (find_boundary("BEGIN", &line))
! 213: {
! 214: state = PEM_MSG;
! 215: }
! 216: continue;
! 217: }
! 218: else
! 219: {
! 220: if (find_boundary("END", &line))
! 221: {
! 222: state = PEM_POST;
! 223: break;
! 224: }
! 225: if (state == PEM_MSG)
! 226: {
! 227: state = PEM_HEADER;
! 228: if (memchr(line.ptr, ':', line.len) == NULL)
! 229: {
! 230: state = PEM_BODY;
! 231: }
! 232: }
! 233: if (state == PEM_HEADER)
! 234: {
! 235: err_t ugh = NULL;
! 236: chunk_t name = chunk_empty;
! 237: chunk_t value = chunk_empty;
! 238:
! 239: /* an empty line separates HEADER and BODY */
! 240: if (line.len == 0)
! 241: {
! 242: state = PEM_BODY;
! 243: continue;
! 244: }
! 245:
! 246: /* we are looking for a parameter: value pair */
! 247: DBG2(DBG_ASN, " %.*s", (int)line.len, line.ptr);
! 248: ugh = extract_parameter_value(&name, &value, &line);
! 249: if (ugh != NULL)
! 250: {
! 251: continue;
! 252: }
! 253: if (match("Proc-Type", &name) && value.len && *value.ptr == '4')
! 254: {
! 255: encrypted = TRUE;
! 256: }
! 257: else if (match("DEK-Info", &name))
! 258: {
! 259: chunk_t dek;
! 260:
! 261: if (!extract_token(&dek, ',', &value))
! 262: {
! 263: dek = value;
! 264: }
! 265: if (match("DES-EDE3-CBC", &dek))
! 266: {
! 267: alg = ENCR_3DES;
! 268: key_size = 24;
! 269: }
! 270: else if (match("AES-128-CBC", &dek))
! 271: {
! 272: alg = ENCR_AES_CBC;
! 273: key_size = 16;
! 274: }
! 275: else if (match("AES-192-CBC", &dek))
! 276: {
! 277: alg = ENCR_AES_CBC;
! 278: key_size = 24;
! 279: }
! 280: else if (match("AES-256-CBC", &dek))
! 281: {
! 282: alg = ENCR_AES_CBC;
! 283: key_size = 32;
! 284: }
! 285: else
! 286: {
! 287: DBG1(DBG_ASN, " encryption algorithm '%.*s'"
! 288: " not supported", (int)dek.len, dek.ptr);
! 289: return NOT_SUPPORTED;
! 290: }
! 291: if (!eat_whitespace(&value) || value.len > 2*sizeof(iv_buf))
! 292: {
! 293: return PARSE_ERROR;
! 294: }
! 295: iv = chunk_from_hex(value, iv_buf);
! 296: }
! 297: }
! 298: else /* state is PEM_BODY */
! 299: {
! 300: chunk_t data;
! 301:
! 302: /* remove any trailing whitespace */
! 303: if (!extract_token(&data ,' ', &line))
! 304: {
! 305: data = line;
! 306: }
! 307:
! 308: /* check for PGP armor checksum */
! 309: if (data.len && *data.ptr == '=')
! 310: {
! 311: *pgp = TRUE;
! 312: data.ptr++;
! 313: data.len--;
! 314: DBG2(DBG_ASN, " armor checksum: %.*s", (int)data.len,
! 315: data.ptr);
! 316: continue;
! 317: }
! 318:
! 319: if (blob->len - dst.len < data.len / 4 * 3)
! 320: {
! 321: state = PEM_ABORT;
! 322: }
! 323: data = chunk_from_base64(data, dst.ptr);
! 324:
! 325: dst.ptr += data.len;
! 326: dst.len += data.len;
! 327: }
! 328: }
! 329: }
! 330: /* set length to size of binary blob */
! 331: blob->len = dst.len;
! 332:
! 333: if (state != PEM_POST)
! 334: {
! 335: DBG1(DBG_LIB, " file coded in unknown format, discarded");
! 336: return PARSE_ERROR;
! 337: }
! 338: if (!encrypted)
! 339: {
! 340: return SUCCESS;
! 341: }
! 342:
! 343: enumerator = lib->credmgr->create_shared_enumerator(lib->credmgr,
! 344: SHARED_PRIVATE_KEY_PASS, NULL, NULL);
! 345: while (enumerator->enumerate(enumerator, &shared, NULL, NULL))
! 346: {
! 347: chunk_t passphrase, chunk;
! 348:
! 349: passphrase = shared->get_key(shared);
! 350: chunk = chunk_clone(*blob);
! 351: status = pem_decrypt(&chunk, alg, key_size, iv, passphrase);
! 352: if (status == SUCCESS)
! 353: {
! 354: memcpy(blob->ptr, chunk.ptr, chunk.len);
! 355: blob->len = chunk.len;
! 356: }
! 357: free(chunk.ptr);
! 358: if (status != INVALID_ARG)
! 359: { /* try again only if passphrase invalid */
! 360: break;
! 361: }
! 362: }
! 363: enumerator->destroy(enumerator);
! 364: return status;
! 365: }
! 366:
! 367: /**
! 368: * Check if a blob looks like an ASN1 SEQUENCE or SET with BER indefinite length
! 369: */
! 370: static bool is_ber_indefinite_length(chunk_t blob)
! 371: {
! 372: if (blob.len >= 4)
! 373: {
! 374: switch (blob.ptr[0])
! 375: {
! 376: case ASN1_SEQUENCE:
! 377: case ASN1_SET:
! 378: /* BER indefinite length uses 0x80, and is terminated with
! 379: * end-of-content using 0x00,0x00 */
! 380: return blob.ptr[1] == 0x80 &&
! 381: blob.ptr[blob.len - 2] == 0 &&
! 382: blob.ptr[blob.len - 1] == 0;
! 383: default:
! 384: break;
! 385: }
! 386: }
! 387: return FALSE;
! 388: }
! 389:
! 390: /**
! 391: * load the credential from a blob
! 392: */
! 393: static void *load_from_blob(chunk_t blob, credential_type_t type, int subtype,
! 394: identification_t *subject, x509_flag_t flags)
! 395: {
! 396: void *cred = NULL;
! 397: bool pgp = FALSE;
! 398:
! 399: blob = chunk_clone(blob);
! 400: if (!is_ber_indefinite_length(blob) && !is_asn1(blob))
! 401: {
! 402: if (pem_to_bin(&blob, &pgp) != SUCCESS)
! 403: {
! 404: chunk_clear(&blob);
! 405: return NULL;
! 406: }
! 407: if (pgp && type == CRED_PRIVATE_KEY)
! 408: {
! 409: /* PGP encoded keys are parsed with a KEY_ANY key type, as it
! 410: * can contain any type of key. However, ipsec.secrets uses
! 411: * RSA for PGP keys, which is actually wrong. */
! 412: subtype = KEY_ANY;
! 413: }
! 414: }
! 415: /* if CERT_ANY is given, ASN1 encoded blob is handled as X509 */
! 416: if (type == CRED_CERTIFICATE && subtype == CERT_ANY)
! 417: {
! 418: subtype = pgp ? CERT_GPG : CERT_X509;
! 419: }
! 420: if (type == CRED_CERTIFICATE && subtype == CERT_TRUSTED_PUBKEY && subject)
! 421: {
! 422: cred = lib->creds->create(lib->creds, type, subtype,
! 423: BUILD_BLOB_ASN1_DER, blob, BUILD_SUBJECT, subject,
! 424: BUILD_END);
! 425: }
! 426: else
! 427: {
! 428: cred = lib->creds->create(lib->creds, type, subtype,
! 429: pgp ? BUILD_BLOB_PGP : BUILD_BLOB_ASN1_DER, blob,
! 430: flags ? BUILD_X509_FLAG : BUILD_END,
! 431: flags, BUILD_END);
! 432: }
! 433: chunk_clear(&blob);
! 434: return cred;
! 435: }
! 436:
! 437: /**
! 438: * load the credential from a file
! 439: */
! 440: static void *load_from_file(char *file, credential_type_t type, int subtype,
! 441: identification_t *subject, x509_flag_t flags)
! 442: {
! 443: void *cred;
! 444: chunk_t *chunk;
! 445:
! 446: chunk = chunk_map(file, FALSE);
! 447: if (!chunk)
! 448: {
! 449: DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno));
! 450: return NULL;
! 451: }
! 452: cred = load_from_blob(*chunk, type, subtype, subject, flags);
! 453: chunk_unmap(chunk);
! 454: return cred;
! 455: }
! 456:
! 457: /**
! 458: * Load all kind of PEM encoded credentials.
! 459: */
! 460: static void *pem_load(credential_type_t type, int subtype, va_list args)
! 461: {
! 462: char *file = NULL;
! 463: chunk_t pem = chunk_empty;
! 464: identification_t *subject = NULL;
! 465: int flags = 0;
! 466:
! 467: while (TRUE)
! 468: {
! 469: switch (va_arg(args, builder_part_t))
! 470: {
! 471: case BUILD_FROM_FILE:
! 472: file = va_arg(args, char*);
! 473: continue;
! 474: case BUILD_BLOB:
! 475: case BUILD_BLOB_PEM:
! 476: pem = va_arg(args, chunk_t);
! 477: continue;
! 478: case BUILD_SUBJECT:
! 479: subject = va_arg(args, identification_t*);
! 480: continue;
! 481: case BUILD_X509_FLAG:
! 482: flags = va_arg(args, int);
! 483: continue;
! 484: case BUILD_END:
! 485: break;
! 486: default:
! 487: return NULL;
! 488: }
! 489: break;
! 490: }
! 491:
! 492: if (pem.len)
! 493: {
! 494: return load_from_blob(pem, type, subtype, subject, flags);
! 495: }
! 496: if (file)
! 497: {
! 498: return load_from_file(file, type, subtype, subject, flags);
! 499: }
! 500: return NULL;
! 501: }
! 502:
! 503: /**
! 504: * Private key PEM loader.
! 505: */
! 506: private_key_t *pem_private_key_load(key_type_t type, va_list args)
! 507: {
! 508: return pem_load(CRED_PRIVATE_KEY, type, args);
! 509: }
! 510:
! 511: /**
! 512: * Public key PEM loader.
! 513: */
! 514: public_key_t *pem_public_key_load(key_type_t type, va_list args)
! 515: {
! 516: return pem_load(CRED_PUBLIC_KEY, type, args);
! 517: }
! 518:
! 519: /**
! 520: * Certificate PEM loader.
! 521: */
! 522: certificate_t *pem_certificate_load(certificate_type_t type, va_list args)
! 523: {
! 524: return pem_load(CRED_CERTIFICATE, type, args);
! 525: }
! 526:
! 527: /**
! 528: * Container PEM loader.
! 529: */
! 530: container_t *pem_container_load(container_type_t type, va_list args)
! 531: {
! 532: return pem_load(CRED_CONTAINER, type, args);
! 533: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to pem_builder.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / plugins / pem