1 /* 2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org> 3 * 4 * Permission is hereby granted, free of charge, to any person obtaining 5 * a copy of this software and associated documentation files (the 6 * "Software"), to deal in the Software without restriction, including 7 * without limitation the rights to use, copy, modify, merge, publish, 8 * distribute, sublicense, and/or sell copies of the Software, and to 9 * permit persons to whom the Software is furnished to do so, subject to 10 * the following conditions: 11 * 12 * The above copyright notice and this permission notice shall be 13 * included in all copies or substantial portions of the Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * SOFTWARE. 23 */ 24 25 #include <stdio.h> 26 #include <stdlib.h> 27 #include <string.h> 28 #include <stdint.h> 29 #include <errno.h> 30 31 #include "brssl.h" 32 #include "bearssl.h" 33 34 static private_key * 35 decode_key(const unsigned char *buf, size_t len) 36 { 37 br_skey_decoder_context dc; 38 int err; 39 private_key *sk; 40 41 br_skey_decoder_init(&dc); 42 br_skey_decoder_push(&dc, buf, len); 43 err = br_skey_decoder_last_error(&dc); 44 if (err != 0) { 45 const char *errname, *errmsg; 46 47 fprintf(stderr, "ERROR (decoding): err=%d\n", err); 48 errname = find_error_name(err, &errmsg); 49 if (errname != NULL) { 50 fprintf(stderr, " %s: %s\n", errname, errmsg); 51 } else { 52 fprintf(stderr, " (unknown)\n"); 53 } 54 return NULL; 55 } 56 switch (br_skey_decoder_key_type(&dc)) { 57 const br_rsa_private_key *rk; 58 const br_ec_private_key *ek; 59 60 case BR_KEYTYPE_RSA: 61 rk = br_skey_decoder_get_rsa(&dc); 62 sk = xmalloc(sizeof *sk); 63 sk->key_type = BR_KEYTYPE_RSA; 64 sk->key.rsa.n_bitlen = rk->n_bitlen; 65 sk->key.rsa.p = xblobdup(rk->p, rk->plen); 66 sk->key.rsa.plen = rk->plen; 67 sk->key.rsa.q = xblobdup(rk->q, rk->qlen); 68 sk->key.rsa.qlen = rk->qlen; 69 sk->key.rsa.dp = xblobdup(rk->dp, rk->dplen); 70 sk->key.rsa.dplen = rk->dplen; 71 sk->key.rsa.dq = xblobdup(rk->dq, rk->dqlen); 72 sk->key.rsa.dqlen = rk->dqlen; 73 sk->key.rsa.iq = xblobdup(rk->iq, rk->iqlen); 74 sk->key.rsa.iqlen = rk->iqlen; 75 break; 76 77 case BR_KEYTYPE_EC: 78 ek = br_skey_decoder_get_ec(&dc); 79 sk = xmalloc(sizeof *sk); 80 sk->key_type = BR_KEYTYPE_EC; 81 sk->key.ec.curve = ek->curve; 82 sk->key.ec.x = xblobdup(ek->x, ek->xlen); 83 sk->key.ec.xlen = ek->xlen; 84 break; 85 86 default: 87 fprintf(stderr, "Unknown key type: %d\n", 88 br_skey_decoder_key_type(&dc)); 89 sk = NULL; 90 break; 91 } 92 93 return sk; 94 } 95 96 /* see brssl.h */ 97 private_key * 98 read_private_key(const char *fname) 99 { 100 unsigned char *buf; 101 size_t len; 102 private_key *sk; 103 pem_object *pos; 104 size_t num, u; 105 106 buf = NULL; 107 pos = NULL; 108 sk = NULL; 109 buf = read_file(fname, &len); 110 if (buf == NULL) { 111 goto deckey_exit; 112 } 113 if (looks_like_DER(buf, len)) { 114 sk = decode_key(buf, len); 115 goto deckey_exit; 116 } else { 117 pos = decode_pem(buf, len, &num); 118 if (pos == NULL) { 119 goto deckey_exit; 120 } 121 for (u = 0; pos[u].name; u ++) { 122 const char *name; 123 124 name = pos[u].name; 125 if (eqstr(name, "RSA PRIVATE KEY") 126 || eqstr(name, "EC PRIVATE KEY") 127 || eqstr(name, "PRIVATE KEY")) 128 { 129 sk = decode_key(pos[u].data, pos[u].data_len); 130 goto deckey_exit; 131 } 132 } 133 fprintf(stderr, "ERROR: no private key in file '%s'\n", fname); 134 goto deckey_exit; 135 } 136 137 deckey_exit: 138 if (buf != NULL) { 139 xfree(buf); 140 } 141 if (pos != NULL) { 142 for (u = 0; pos[u].name; u ++) { 143 free_pem_object_contents(&pos[u]); 144 } 145 xfree(pos); 146 } 147 return sk; 148 } 149 150 /* see brssl.h */ 151 void 152 free_private_key(private_key *sk) 153 { 154 if (sk == NULL) { 155 return; 156 } 157 switch (sk->key_type) { 158 case BR_KEYTYPE_RSA: 159 xfree(sk->key.rsa.p); 160 xfree(sk->key.rsa.q); 161 xfree(sk->key.rsa.dp); 162 xfree(sk->key.rsa.dq); 163 xfree(sk->key.rsa.iq); 164 break; 165 case BR_KEYTYPE_EC: 166 xfree(sk->key.ec.x); 167 break; 168 } 169 xfree(sk); 170 } 171 172 /* 173 * OID for hash functions in RSA signatures. 174 */ 175 static const unsigned char HASH_OID_SHA1[] = { 176 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A 177 }; 178 179 static const unsigned char HASH_OID_SHA224[] = { 180 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04 181 }; 182 183 static const unsigned char HASH_OID_SHA256[] = { 184 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01 185 }; 186 187 static const unsigned char HASH_OID_SHA384[] = { 188 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02 189 }; 190 191 static const unsigned char HASH_OID_SHA512[] = { 192 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03 193 }; 194 195 static const unsigned char *HASH_OID[] = { 196 HASH_OID_SHA1, 197 HASH_OID_SHA224, 198 HASH_OID_SHA256, 199 HASH_OID_SHA384, 200 HASH_OID_SHA512 201 }; 202 203 /* see brssl.h */ 204 const unsigned char * 205 get_hash_oid(int id) 206 { 207 if (id >= 2 && id <= 6) { 208 return HASH_OID[id - 2]; 209 } else { 210 return NULL; 211 } 212 } 213 214 /* see brssl.h */ 215 const br_hash_class * 216 get_hash_impl(int hash_id) 217 { 218 size_t u; 219 220 if (hash_id == 0) { 221 return &br_md5sha1_vtable; 222 } 223 for (u = 0; hash_functions[u].name; u ++) { 224 const br_hash_class *hc; 225 int id; 226 227 hc = hash_functions[u].hclass; 228 id = (hc->desc >> BR_HASHDESC_ID_OFF) & BR_HASHDESC_ID_MASK; 229 if (id == hash_id) { 230 return hc; 231 } 232 } 233 return NULL; 234 } 235