_ Git - BearSSL/blob - tools/keys.c

   1 /*
   2  * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
   3  *
   4  * Permission is hereby granted, free of charge, to any person obtaining
   5  * a copy of this software and associated documentation files (the
   6  * "Software"), to deal in the Software without restriction, including
   7  * without limitation the rights to use, copy, modify, merge, publish,
   8  * distribute, sublicense, and/or sell copies of the Software, and to
   9  * permit persons to whom the Software is furnished to do so, subject to
  10  * the following conditions:
  11  *
  12  * The above copyright notice and this permission notice shall be
  13  * included in all copies or substantial portions of the Software.
  14  *
  15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  16  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  17  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  18  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
  19  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
  20  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  21  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  22  * SOFTWARE.
  23  */
  24
  25 #include <stdio.h>
  26 #include <stdlib.h>
  27 #include <string.h>
  28 #include <stdint.h>
  29 #include <errno.h>
  30
  31 #include "brssl.h"
  32 #include "bearssl.h"
  33
  34 static private_key *
  35 decode_key(const unsigned char *buf, size_t len)
  36 {
  37         br_skey_decoder_context dc;
  38         int err;
  39         private_key *sk;
  40
  41         br_skey_decoder_init(&dc);
  42         br_skey_decoder_push(&dc, buf, len);
  43         err = br_skey_decoder_last_error(&dc);
  44         if (err != 0) {
  45                 const char *errname, *errmsg;
  46
  47                 fprintf(stderr, "ERROR (decoding): err=%d\n", err);
  48                 errname = find_error_name(err, &errmsg);
  49                 if (errname != NULL) {
  50                         fprintf(stderr, "  %s: %s\n", errname, errmsg);
  51                 } else {
  52                         fprintf(stderr, "  (unknown)\n");
  53                 }
  54                 return NULL;
  55         }
  56         switch (br_skey_decoder_key_type(&dc)) {
  57                 const br_rsa_private_key *rk;
  58                 const br_ec_private_key *ek;
  59
  60         case BR_KEYTYPE_RSA:
  61                 rk = br_skey_decoder_get_rsa(&dc);
  62                 sk = xmalloc(sizeof *sk);
  63                 sk->key_type = BR_KEYTYPE_RSA;
  64                 sk->key.rsa.n_bitlen = rk->n_bitlen;
  65                 sk->key.rsa.p = xblobdup(rk->p, rk->plen);
  66                 sk->key.rsa.plen = rk->plen;
  67                 sk->key.rsa.q = xblobdup(rk->q, rk->qlen);
  68                 sk->key.rsa.qlen = rk->qlen;
  69                 sk->key.rsa.dp = xblobdup(rk->dp, rk->dplen);
  70                 sk->key.rsa.dplen = rk->dplen;
  71                 sk->key.rsa.dq = xblobdup(rk->dq, rk->dqlen);
  72                 sk->key.rsa.dqlen = rk->dqlen;
  73                 sk->key.rsa.iq = xblobdup(rk->iq, rk->iqlen);
  74                 sk->key.rsa.iqlen = rk->iqlen;
  75                 break;
  76
  77         case BR_KEYTYPE_EC:
  78                 ek = br_skey_decoder_get_ec(&dc);
  79                 sk = xmalloc(sizeof *sk);
  80                 sk->key_type = BR_KEYTYPE_EC;
  81                 sk->key.ec.curve = ek->curve;
  82                 sk->key.ec.x = xblobdup(ek->x, ek->xlen);
  83                 sk->key.ec.xlen = ek->xlen;
  84                 break;
  85
  86         default:
  87                 fprintf(stderr, "Unknown key type: %d\n",
  88                         br_skey_decoder_key_type(&dc));
  89                 sk = NULL;
  90                 break;
  91         }
  92
  93         return sk;
  94 }
  95
  96 /* see brssl.h */
  97 private_key *
  98 read_private_key(const char *fname)
  99 {
 100         unsigned char *buf;
 101         size_t len;
 102         private_key *sk;
 103         pem_object *pos;
 104         size_t num, u;
 105
 106         buf = NULL;
 107         pos = NULL;
 108         sk = NULL;
 109         buf = read_file(fname, &len);
 110         if (buf == NULL) {
 111                 goto deckey_exit;
 112         }
 113         if (looks_like_DER(buf, len)) {
 114                 sk = decode_key(buf, len);
 115                 goto deckey_exit;
 116         } else {
 117                 pos = decode_pem(buf, len, &num);
 118                 if (pos == NULL) {
 119                         goto deckey_exit;
 120                 }
 121                 for (u = 0; pos[u].name; u ++) {
 122                         const char *name;
 123
 124                         name = pos[u].name;
 125                         if (eqstr(name, "RSA PRIVATE KEY")
 126                                 || eqstr(name, "EC PRIVATE KEY")
 127                                 || eqstr(name, "PRIVATE KEY"))
 128                         {
 129                                 sk = decode_key(pos[u].data, pos[u].data_len);
 130                                 goto deckey_exit;
 131                         }
 132                 }
 133                 fprintf(stderr, "ERROR: no private key in file '%s'\n", fname);
 134                 goto deckey_exit;
 135         }
 136
 137 deckey_exit:
 138         if (buf != NULL) {
 139                 xfree(buf);
 140         }
 141         if (pos != NULL) {
 142                 for (u = 0; pos[u].name; u ++) {
 143                         free_pem_object_contents(&pos[u]);
 144                 }
 145                 xfree(pos);
 146         }
 147         return sk;
 148 }
 149
 150 /* see brssl.h */
 151 void
 152 free_private_key(private_key *sk)
 153 {
 154         if (sk == NULL) {
 155                 return;
 156         }
 157         switch (sk->key_type) {
 158         case BR_KEYTYPE_RSA:
 159                 xfree(sk->key.rsa.p);
 160                 xfree(sk->key.rsa.q);
 161                 xfree(sk->key.rsa.dp);
 162                 xfree(sk->key.rsa.dq);
 163                 xfree(sk->key.rsa.iq);
 164                 break;
 165         case BR_KEYTYPE_EC:
 166                 xfree(sk->key.ec.x);
 167                 break;
 168         }
 169         xfree(sk);
 170 }
 171
 172 /*
 173  * OID for hash functions in RSA signatures.
 174  */
 175 static const unsigned char HASH_OID_SHA1[] = {
 176         0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
 177 };
 178
 179 static const unsigned char HASH_OID_SHA224[] = {
 180         0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
 181 };
 182
 183 static const unsigned char HASH_OID_SHA256[] = {
 184         0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
 185 };
 186
 187 static const unsigned char HASH_OID_SHA384[] = {
 188         0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
 189 };
 190
 191 static const unsigned char HASH_OID_SHA512[] = {
 192         0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
 193 };
 194
 195 static const unsigned char *HASH_OID[] = {
 196         HASH_OID_SHA1,
 197         HASH_OID_SHA224,
 198         HASH_OID_SHA256,
 199         HASH_OID_SHA384,
 200         HASH_OID_SHA512
 201 };
 202
 203 /* see brssl.h */
 204 const unsigned char *
 205 get_hash_oid(int id)
 206 {
 207         if (id >= 2 && id <= 6) {
 208                 return HASH_OID[id - 2];
 209         } else {
 210                 return NULL;
 211         }
 212 }
 213
 214 /* see brssl.h */
 215 const br_hash_class *
 216 get_hash_impl(int hash_id)
 217 {
 218         size_t u;
 219
 220         if (hash_id == 0) {
 221                 return &br_md5sha1_vtable;
 222         }
 223         for (u = 0; hash_functions[u].name; u ++) {
 224                 const br_hash_class *hc;
 225                 int id;
 226
 227                 hc = hash_functions[u].hclass;
 228                 id = (hc->desc >> BR_HASHDESC_ID_OFF) & BR_HASHDESC_ID_MASK;
 229                 if (id == hash_id) {
 230                         return hc;
 231                 }
 232         }
 233         return NULL;
 234 }