Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1 | /* |
| 2 | * TLSv1 credentials |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 3 | * Copyright (c) 2006-2015, Jouni Malinen <j@w1.fi> |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 4 | * |
Dmitry Shmidt | c5ec7f5 | 2012-03-06 16:33:24 -0800 | [diff] [blame] | 5 | * This software may be distributed under the terms of the BSD license. |
| 6 | * See README for more details. |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 7 | */ |
| 8 | |
| 9 | #include "includes.h" |
| 10 | |
| 11 | #include "common.h" |
| 12 | #include "base64.h" |
| 13 | #include "crypto/crypto.h" |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 14 | #include "crypto/sha1.h" |
| 15 | #include "pkcs5.h" |
| 16 | #include "pkcs8.h" |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 17 | #include "x509v3.h" |
| 18 | #include "tlsv1_cred.h" |
| 19 | |
| 20 | |
| 21 | struct tlsv1_credentials * tlsv1_cred_alloc(void) |
| 22 | { |
| 23 | struct tlsv1_credentials *cred; |
| 24 | cred = os_zalloc(sizeof(*cred)); |
| 25 | return cred; |
| 26 | } |
| 27 | |
| 28 | |
| 29 | void tlsv1_cred_free(struct tlsv1_credentials *cred) |
| 30 | { |
| 31 | if (cred == NULL) |
| 32 | return; |
| 33 | |
| 34 | x509_certificate_chain_free(cred->trusted_certs); |
| 35 | x509_certificate_chain_free(cred->cert); |
| 36 | crypto_private_key_free(cred->key); |
| 37 | os_free(cred->dh_p); |
| 38 | os_free(cred->dh_g); |
Dmitry Shmidt | d97138d | 2015-12-28 13:27:49 -0800 | [diff] [blame] | 39 | os_free(cred->ocsp_stapling_response); |
| 40 | os_free(cred->ocsp_stapling_response_multi); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 41 | os_free(cred); |
| 42 | } |
| 43 | |
| 44 | |
| 45 | static int tlsv1_add_cert_der(struct x509_certificate **chain, |
| 46 | const u8 *buf, size_t len) |
| 47 | { |
Dmitry Shmidt | 1f69aa5 | 2012-01-24 16:10:04 -0800 | [diff] [blame] | 48 | struct x509_certificate *cert, *p; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 49 | char name[128]; |
| 50 | |
| 51 | cert = x509_certificate_parse(buf, len); |
| 52 | if (cert == NULL) { |
| 53 | wpa_printf(MSG_INFO, "TLSv1: %s - failed to parse certificate", |
| 54 | __func__); |
| 55 | return -1; |
| 56 | } |
| 57 | |
Dmitry Shmidt | 1f69aa5 | 2012-01-24 16:10:04 -0800 | [diff] [blame] | 58 | p = *chain; |
| 59 | while (p && p->next) |
| 60 | p = p->next; |
| 61 | if (p && x509_name_compare(&cert->subject, &p->issuer) == 0) { |
| 62 | /* |
| 63 | * The new certificate is the issuer of the last certificate in |
| 64 | * the chain - add the new certificate to the end. |
| 65 | */ |
| 66 | p->next = cert; |
| 67 | } else { |
| 68 | /* Add to the beginning of the chain */ |
| 69 | cert->next = *chain; |
| 70 | *chain = cert; |
| 71 | } |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 72 | |
| 73 | x509_name_string(&cert->subject, name, sizeof(name)); |
| 74 | wpa_printf(MSG_DEBUG, "TLSv1: Added certificate: %s", name); |
| 75 | |
| 76 | return 0; |
| 77 | } |
| 78 | |
| 79 | |
| 80 | static const char *pem_cert_begin = "-----BEGIN CERTIFICATE-----"; |
| 81 | static const char *pem_cert_end = "-----END CERTIFICATE-----"; |
| 82 | static const char *pem_key_begin = "-----BEGIN RSA PRIVATE KEY-----"; |
| 83 | static const char *pem_key_end = "-----END RSA PRIVATE KEY-----"; |
| 84 | static const char *pem_key2_begin = "-----BEGIN PRIVATE KEY-----"; |
| 85 | static const char *pem_key2_end = "-----END PRIVATE KEY-----"; |
| 86 | static const char *pem_key_enc_begin = "-----BEGIN ENCRYPTED PRIVATE KEY-----"; |
| 87 | static const char *pem_key_enc_end = "-----END ENCRYPTED PRIVATE KEY-----"; |
| 88 | |
| 89 | |
| 90 | static const u8 * search_tag(const char *tag, const u8 *buf, size_t len) |
| 91 | { |
| 92 | size_t i, plen; |
| 93 | |
| 94 | plen = os_strlen(tag); |
| 95 | if (len < plen) |
| 96 | return NULL; |
| 97 | |
| 98 | for (i = 0; i < len - plen; i++) { |
| 99 | if (os_memcmp(buf + i, tag, plen) == 0) |
| 100 | return buf + i; |
| 101 | } |
| 102 | |
| 103 | return NULL; |
| 104 | } |
| 105 | |
| 106 | |
| 107 | static int tlsv1_add_cert(struct x509_certificate **chain, |
| 108 | const u8 *buf, size_t len) |
| 109 | { |
| 110 | const u8 *pos, *end; |
| 111 | unsigned char *der; |
| 112 | size_t der_len; |
| 113 | |
| 114 | pos = search_tag(pem_cert_begin, buf, len); |
| 115 | if (!pos) { |
| 116 | wpa_printf(MSG_DEBUG, "TLSv1: No PEM certificate tag found - " |
| 117 | "assume DER format"); |
| 118 | return tlsv1_add_cert_der(chain, buf, len); |
| 119 | } |
| 120 | |
| 121 | wpa_printf(MSG_DEBUG, "TLSv1: Converting PEM format certificate into " |
| 122 | "DER format"); |
| 123 | |
| 124 | while (pos) { |
| 125 | pos += os_strlen(pem_cert_begin); |
| 126 | end = search_tag(pem_cert_end, pos, buf + len - pos); |
| 127 | if (end == NULL) { |
| 128 | wpa_printf(MSG_INFO, "TLSv1: Could not find PEM " |
| 129 | "certificate end tag (%s)", pem_cert_end); |
| 130 | return -1; |
| 131 | } |
| 132 | |
Ahmed ElArabawy | 0ff61c5 | 2019-12-26 12:38:39 -0800 | [diff] [blame] | 133 | der = base64_decode((const char *) pos, end - pos, &der_len); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 134 | if (der == NULL) { |
| 135 | wpa_printf(MSG_INFO, "TLSv1: Could not decode PEM " |
| 136 | "certificate"); |
| 137 | return -1; |
| 138 | } |
| 139 | |
| 140 | if (tlsv1_add_cert_der(chain, der, der_len) < 0) { |
| 141 | wpa_printf(MSG_INFO, "TLSv1: Failed to parse PEM " |
| 142 | "certificate after DER conversion"); |
| 143 | os_free(der); |
| 144 | return -1; |
| 145 | } |
| 146 | |
| 147 | os_free(der); |
| 148 | |
| 149 | end += os_strlen(pem_cert_end); |
| 150 | pos = search_tag(pem_cert_begin, end, buf + len - end); |
| 151 | } |
| 152 | |
| 153 | return 0; |
| 154 | } |
| 155 | |
| 156 | |
| 157 | static int tlsv1_set_cert_chain(struct x509_certificate **chain, |
| 158 | const char *cert, const u8 *cert_blob, |
| 159 | size_t cert_blob_len) |
| 160 | { |
| 161 | if (cert_blob) |
| 162 | return tlsv1_add_cert(chain, cert_blob, cert_blob_len); |
| 163 | |
| 164 | if (cert) { |
| 165 | u8 *buf; |
| 166 | size_t len; |
| 167 | int ret; |
| 168 | |
| 169 | buf = (u8 *) os_readfile(cert, &len); |
| 170 | if (buf == NULL) { |
| 171 | wpa_printf(MSG_INFO, "TLSv1: Failed to read '%s'", |
| 172 | cert); |
| 173 | return -1; |
| 174 | } |
| 175 | |
| 176 | ret = tlsv1_add_cert(chain, buf, len); |
| 177 | os_free(buf); |
| 178 | return ret; |
| 179 | } |
| 180 | |
| 181 | return 0; |
| 182 | } |
| 183 | |
| 184 | |
| 185 | /** |
| 186 | * tlsv1_set_ca_cert - Set trusted CA certificate(s) |
| 187 | * @cred: TLSv1 credentials from tlsv1_cred_alloc() |
| 188 | * @cert: File or reference name for X.509 certificate in PEM or DER format |
| 189 | * @cert_blob: cert as inlined data or %NULL if not used |
| 190 | * @cert_blob_len: ca_cert_blob length |
| 191 | * @path: Path to CA certificates (not yet supported) |
| 192 | * Returns: 0 on success, -1 on failure |
| 193 | */ |
| 194 | int tlsv1_set_ca_cert(struct tlsv1_credentials *cred, const char *cert, |
| 195 | const u8 *cert_blob, size_t cert_blob_len, |
| 196 | const char *path) |
| 197 | { |
Dmitry Shmidt | d7ff03d | 2015-12-04 14:49:35 -0800 | [diff] [blame] | 198 | if (cert && os_strncmp(cert, "hash://", 7) == 0) { |
| 199 | const char *pos = cert + 7; |
| 200 | if (os_strncmp(pos, "server/sha256/", 14) != 0) { |
| 201 | wpa_printf(MSG_DEBUG, |
| 202 | "TLSv1: Unsupported ca_cert hash value '%s'", |
| 203 | cert); |
| 204 | return -1; |
| 205 | } |
| 206 | pos += 14; |
| 207 | if (os_strlen(pos) != 32 * 2) { |
| 208 | wpa_printf(MSG_DEBUG, |
| 209 | "TLSv1: Unexpected SHA256 hash length in ca_cert '%s'", |
| 210 | cert); |
| 211 | return -1; |
| 212 | } |
| 213 | if (hexstr2bin(pos, cred->srv_cert_hash, 32) < 0) { |
| 214 | wpa_printf(MSG_DEBUG, |
| 215 | "TLSv1: Invalid SHA256 hash value in ca_cert '%s'", |
| 216 | cert); |
| 217 | return -1; |
| 218 | } |
| 219 | cred->server_cert_only = 1; |
| 220 | cred->ca_cert_verify = 0; |
| 221 | wpa_printf(MSG_DEBUG, |
| 222 | "TLSv1: Checking only server certificate match"); |
| 223 | return 0; |
| 224 | } |
| 225 | |
| 226 | if (cert && os_strncmp(cert, "probe://", 8) == 0) { |
| 227 | cred->cert_probe = 1; |
| 228 | cred->ca_cert_verify = 0; |
| 229 | wpa_printf(MSG_DEBUG, "TLSv1: Only probe server certificate"); |
| 230 | return 0; |
| 231 | } |
| 232 | |
| 233 | cred->ca_cert_verify = cert || cert_blob || path; |
| 234 | |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 235 | if (tlsv1_set_cert_chain(&cred->trusted_certs, cert, |
| 236 | cert_blob, cert_blob_len) < 0) |
| 237 | return -1; |
| 238 | |
| 239 | if (path) { |
| 240 | /* TODO: add support for reading number of certificate files */ |
| 241 | wpa_printf(MSG_INFO, "TLSv1: Use of CA certificate directory " |
| 242 | "not yet supported"); |
| 243 | return -1; |
| 244 | } |
| 245 | |
| 246 | return 0; |
| 247 | } |
| 248 | |
| 249 | |
| 250 | /** |
| 251 | * tlsv1_set_cert - Set certificate |
| 252 | * @cred: TLSv1 credentials from tlsv1_cred_alloc() |
| 253 | * @cert: File or reference name for X.509 certificate in PEM or DER format |
| 254 | * @cert_blob: cert as inlined data or %NULL if not used |
| 255 | * @cert_blob_len: cert_blob length |
| 256 | * Returns: 0 on success, -1 on failure |
| 257 | */ |
| 258 | int tlsv1_set_cert(struct tlsv1_credentials *cred, const char *cert, |
| 259 | const u8 *cert_blob, size_t cert_blob_len) |
| 260 | { |
| 261 | return tlsv1_set_cert_chain(&cred->cert, cert, |
| 262 | cert_blob, cert_blob_len); |
| 263 | } |
| 264 | |
| 265 | |
| 266 | static struct crypto_private_key * tlsv1_set_key_pem(const u8 *key, size_t len) |
| 267 | { |
| 268 | const u8 *pos, *end; |
| 269 | unsigned char *der; |
| 270 | size_t der_len; |
| 271 | struct crypto_private_key *pkey; |
| 272 | |
| 273 | pos = search_tag(pem_key_begin, key, len); |
| 274 | if (!pos) { |
| 275 | pos = search_tag(pem_key2_begin, key, len); |
| 276 | if (!pos) |
| 277 | return NULL; |
| 278 | pos += os_strlen(pem_key2_begin); |
| 279 | end = search_tag(pem_key2_end, pos, key + len - pos); |
| 280 | if (!end) |
| 281 | return NULL; |
| 282 | } else { |
Dmitry Shmidt | 1f69aa5 | 2012-01-24 16:10:04 -0800 | [diff] [blame] | 283 | const u8 *pos2; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 284 | pos += os_strlen(pem_key_begin); |
| 285 | end = search_tag(pem_key_end, pos, key + len - pos); |
| 286 | if (!end) |
| 287 | return NULL; |
Dmitry Shmidt | 1f69aa5 | 2012-01-24 16:10:04 -0800 | [diff] [blame] | 288 | pos2 = search_tag("Proc-Type: 4,ENCRYPTED", pos, end - pos); |
| 289 | if (pos2) { |
| 290 | wpa_printf(MSG_DEBUG, "TLSv1: Unsupported private key " |
| 291 | "format (Proc-Type/DEK-Info)"); |
| 292 | return NULL; |
| 293 | } |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 294 | } |
| 295 | |
Ahmed ElArabawy | 0ff61c5 | 2019-12-26 12:38:39 -0800 | [diff] [blame] | 296 | der = base64_decode((const char *) pos, end - pos, &der_len); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 297 | if (!der) |
| 298 | return NULL; |
| 299 | pkey = crypto_private_key_import(der, der_len, NULL); |
| 300 | os_free(der); |
| 301 | return pkey; |
| 302 | } |
| 303 | |
| 304 | |
| 305 | static struct crypto_private_key * tlsv1_set_key_enc_pem(const u8 *key, |
| 306 | size_t len, |
| 307 | const char *passwd) |
| 308 | { |
| 309 | const u8 *pos, *end; |
| 310 | unsigned char *der; |
| 311 | size_t der_len; |
| 312 | struct crypto_private_key *pkey; |
| 313 | |
| 314 | if (passwd == NULL) |
| 315 | return NULL; |
| 316 | pos = search_tag(pem_key_enc_begin, key, len); |
| 317 | if (!pos) |
| 318 | return NULL; |
| 319 | pos += os_strlen(pem_key_enc_begin); |
| 320 | end = search_tag(pem_key_enc_end, pos, key + len - pos); |
| 321 | if (!end) |
| 322 | return NULL; |
| 323 | |
Ahmed ElArabawy | 0ff61c5 | 2019-12-26 12:38:39 -0800 | [diff] [blame] | 324 | der = base64_decode((const char *) pos, end - pos, &der_len); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 325 | if (!der) |
| 326 | return NULL; |
| 327 | pkey = crypto_private_key_import(der, der_len, passwd); |
| 328 | os_free(der); |
| 329 | return pkey; |
| 330 | } |
| 331 | |
| 332 | |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 333 | #ifdef PKCS12_FUNCS |
| 334 | |
| 335 | static int oid_is_rsadsi(struct asn1_oid *oid) |
| 336 | { |
| 337 | return oid->len >= 4 && |
| 338 | oid->oid[0] == 1 /* iso */ && |
| 339 | oid->oid[1] == 2 /* member-body */ && |
| 340 | oid->oid[2] == 840 /* us */ && |
| 341 | oid->oid[3] == 113549 /* rsadsi */; |
| 342 | } |
| 343 | |
| 344 | |
| 345 | static int pkcs12_is_bagtype_oid(struct asn1_oid *oid, unsigned long type) |
| 346 | { |
| 347 | return oid->len == 9 && |
| 348 | oid_is_rsadsi(oid) && |
| 349 | oid->oid[4] == 1 /* pkcs */ && |
| 350 | oid->oid[5] == 12 /* pkcs-12 */ && |
| 351 | oid->oid[6] == 10 && |
| 352 | oid->oid[7] == 1 /* bagtypes */ && |
| 353 | oid->oid[8] == type; |
| 354 | } |
| 355 | |
| 356 | |
| 357 | static int is_oid_pkcs7(struct asn1_oid *oid) |
| 358 | { |
| 359 | return oid->len == 7 && |
| 360 | oid->oid[0] == 1 /* iso */ && |
| 361 | oid->oid[1] == 2 /* member-body */ && |
| 362 | oid->oid[2] == 840 /* us */ && |
| 363 | oid->oid[3] == 113549 /* rsadsi */ && |
| 364 | oid->oid[4] == 1 /* pkcs */ && |
| 365 | oid->oid[5] == 7 /* pkcs-7 */; |
| 366 | } |
| 367 | |
| 368 | |
| 369 | static int is_oid_pkcs7_data(struct asn1_oid *oid) |
| 370 | { |
| 371 | return is_oid_pkcs7(oid) && oid->oid[6] == 1 /* data */; |
| 372 | } |
| 373 | |
| 374 | |
| 375 | static int is_oid_pkcs7_enc_data(struct asn1_oid *oid) |
| 376 | { |
| 377 | return is_oid_pkcs7(oid) && oid->oid[6] == 6 /* encryptedData */; |
| 378 | } |
| 379 | |
| 380 | |
| 381 | static int is_oid_pkcs9(struct asn1_oid *oid) |
| 382 | { |
| 383 | return oid->len >= 6 && |
| 384 | oid->oid[0] == 1 /* iso */ && |
| 385 | oid->oid[1] == 2 /* member-body */ && |
| 386 | oid->oid[2] == 840 /* us */ && |
| 387 | oid->oid[3] == 113549 /* rsadsi */ && |
| 388 | oid->oid[4] == 1 /* pkcs */ && |
| 389 | oid->oid[5] == 9 /* pkcs-9 */; |
| 390 | } |
| 391 | |
| 392 | |
| 393 | static int is_oid_pkcs9_friendly_name(struct asn1_oid *oid) |
| 394 | { |
| 395 | return oid->len == 7 && is_oid_pkcs9(oid) && |
| 396 | oid->oid[6] == 20; |
| 397 | } |
| 398 | |
| 399 | |
| 400 | static int is_oid_pkcs9_local_key_id(struct asn1_oid *oid) |
| 401 | { |
| 402 | return oid->len == 7 && is_oid_pkcs9(oid) && |
| 403 | oid->oid[6] == 21; |
| 404 | } |
| 405 | |
| 406 | |
| 407 | static int is_oid_pkcs9_x509_cert(struct asn1_oid *oid) |
| 408 | { |
| 409 | return oid->len == 8 && is_oid_pkcs9(oid) && |
| 410 | oid->oid[6] == 22 /* certTypes */ && |
| 411 | oid->oid[7] == 1 /* x509Certificate */; |
| 412 | } |
| 413 | |
| 414 | |
| 415 | static int pkcs12_keybag(struct tlsv1_credentials *cred, |
| 416 | const u8 *buf, size_t len) |
| 417 | { |
| 418 | /* TODO */ |
| 419 | return 0; |
| 420 | } |
| 421 | |
| 422 | |
| 423 | static int pkcs12_pkcs8_keybag(struct tlsv1_credentials *cred, |
| 424 | const u8 *buf, size_t len, |
| 425 | const char *passwd) |
| 426 | { |
| 427 | struct crypto_private_key *key; |
| 428 | |
| 429 | /* PKCS8ShroudedKeyBag ::= EncryptedPrivateKeyInfo */ |
| 430 | key = pkcs8_enc_key_import(buf, len, passwd); |
| 431 | if (!key) |
| 432 | return -1; |
| 433 | |
| 434 | wpa_printf(MSG_DEBUG, |
| 435 | "PKCS #12: Successfully decrypted PKCS8ShroudedKeyBag"); |
| 436 | crypto_private_key_free(cred->key); |
| 437 | cred->key = key; |
| 438 | |
| 439 | return 0; |
| 440 | } |
| 441 | |
| 442 | |
| 443 | static int pkcs12_certbag(struct tlsv1_credentials *cred, |
| 444 | const u8 *buf, size_t len) |
| 445 | { |
| 446 | struct asn1_hdr hdr; |
| 447 | struct asn1_oid oid; |
| 448 | char obuf[80]; |
| 449 | const u8 *pos, *end; |
| 450 | |
| 451 | /* |
| 452 | * CertBag ::= SEQUENCE { |
| 453 | * certId BAG-TYPE.&id ({CertTypes}), |
| 454 | * certValue [0] EXPLICIT BAG-TYPE.&Type ({CertTypes}{@certId}) |
| 455 | * } |
| 456 | */ |
| 457 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 458 | if (asn1_get_next(buf, len, &hdr) < 0 || !asn1_is_sequence(&hdr)) { |
| 459 | asn1_unexpected(&hdr, "PKCS #12: Expected SEQUENCE (CertBag)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 460 | return -1; |
| 461 | } |
| 462 | |
| 463 | pos = hdr.payload; |
| 464 | end = hdr.payload + hdr.length; |
| 465 | |
| 466 | if (asn1_get_oid(pos, end - pos, &oid, &pos)) { |
| 467 | wpa_printf(MSG_DEBUG, |
| 468 | "PKCS #12: Failed to parse OID (certId)"); |
| 469 | return -1; |
| 470 | } |
| 471 | |
| 472 | asn1_oid_to_str(&oid, obuf, sizeof(obuf)); |
| 473 | wpa_printf(MSG_DEBUG, "PKCS #12: certId %s", obuf); |
| 474 | |
| 475 | if (!is_oid_pkcs9_x509_cert(&oid)) { |
| 476 | wpa_printf(MSG_DEBUG, |
| 477 | "PKCS #12: Ignored unsupported certificate type (certId %s)", |
| 478 | obuf); |
| 479 | } |
| 480 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 481 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || !hdr.constructed || |
| 482 | !asn1_is_cs_tag(&hdr, 0)) { |
| 483 | asn1_unexpected(&hdr, |
| 484 | "PKCS #12: Expected [0] EXPLICIT (certValue)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 485 | return -1; |
| 486 | } |
| 487 | |
| 488 | if (asn1_get_next(hdr.payload, hdr.length, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 489 | !asn1_is_octetstring(&hdr)) { |
| 490 | asn1_unexpected(&hdr, |
| 491 | "PKCS #12: Expected OCTET STRING (x509Certificate)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 492 | return -1; |
| 493 | } |
| 494 | |
| 495 | wpa_hexdump(MSG_DEBUG, "PKCS #12: x509Certificate", |
| 496 | hdr.payload, hdr.length); |
| 497 | if (cred->cert) { |
| 498 | struct x509_certificate *cert; |
| 499 | |
| 500 | wpa_printf(MSG_DEBUG, "PKCS #12: Ignore extra certificate"); |
| 501 | cert = x509_certificate_parse(hdr.payload, hdr.length); |
| 502 | if (!cert) { |
| 503 | wpa_printf(MSG_DEBUG, |
| 504 | "PKCS #12: Failed to parse x509Certificate"); |
| 505 | return 0; |
| 506 | } |
| 507 | x509_certificate_chain_free(cert); |
| 508 | |
| 509 | return 0; |
| 510 | } |
| 511 | return tlsv1_set_cert(cred, NULL, hdr.payload, hdr.length); |
| 512 | } |
| 513 | |
| 514 | |
| 515 | static int pkcs12_parse_attr_friendly_name(const u8 *pos, const u8 *end) |
| 516 | { |
| 517 | struct asn1_hdr hdr; |
| 518 | |
| 519 | /* |
| 520 | * RFC 2985, 5.5.1: |
| 521 | * friendlyName ATTRIBUTE ::= { |
| 522 | * WITH SYNTAX BMPString (SIZE(1..pkcs-9-ub-friendlyName)) |
| 523 | * EQUALITY MATCHING RULE caseIgnoreMatch |
| 524 | * SINGLE VALUE TRUE |
| 525 | * ID pkcs-9-at-friendlyName |
| 526 | * } |
| 527 | */ |
| 528 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 529 | !asn1_is_bmpstring(&hdr)) { |
| 530 | asn1_unexpected(&hdr, |
| 531 | "PKCS #12: Expected BMPSTRING (friendlyName)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 532 | return 0; |
| 533 | } |
| 534 | wpa_hexdump_ascii(MSG_DEBUG, "PKCS #12: friendlyName", |
| 535 | hdr.payload, hdr.length); |
| 536 | return 0; |
| 537 | } |
| 538 | |
| 539 | |
| 540 | static int pkcs12_parse_attr_local_key_id(const u8 *pos, const u8 *end) |
| 541 | { |
| 542 | struct asn1_hdr hdr; |
| 543 | |
| 544 | /* |
| 545 | * RFC 2985, 5.5.2: |
| 546 | * localKeyId ATTRIBUTE ::= { |
| 547 | * WITH SYNTAX OCTET STRING |
| 548 | * EQUALITY MATCHING RULE octetStringMatch |
| 549 | * SINGLE VALUE TRUE |
| 550 | * ID pkcs-9-at-localKeyId |
| 551 | * } |
| 552 | */ |
| 553 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 554 | !asn1_is_octetstring(&hdr)) { |
| 555 | asn1_unexpected(&hdr, |
| 556 | "PKCS #12: Expected OCTET STRING (localKeyID)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 557 | return -1; |
| 558 | } |
| 559 | wpa_hexdump_key(MSG_DEBUG, "PKCS #12: localKeyID", |
| 560 | hdr.payload, hdr.length); |
| 561 | return 0; |
| 562 | } |
| 563 | |
| 564 | |
| 565 | static int pkcs12_parse_attr(const u8 *pos, size_t len) |
| 566 | { |
| 567 | const u8 *end = pos + len; |
| 568 | struct asn1_hdr hdr; |
| 569 | struct asn1_oid a_oid; |
| 570 | char obuf[80]; |
| 571 | |
| 572 | /* |
| 573 | * PKCS12Attribute ::= SEQUENCE { |
| 574 | * attrId ATTRIBUTE.&id ({PKCS12AttrSet}), |
| 575 | * attrValues SET OF ATTRIBUTE.&Type ({PKCS12AttrSet}{@attrId}) |
| 576 | * } |
| 577 | */ |
| 578 | |
| 579 | if (asn1_get_oid(pos, end - pos, &a_oid, &pos)) { |
| 580 | wpa_printf(MSG_DEBUG, "PKCS #12: Failed to parse OID (attrId)"); |
| 581 | return -1; |
| 582 | } |
| 583 | |
| 584 | asn1_oid_to_str(&a_oid, obuf, sizeof(obuf)); |
| 585 | wpa_printf(MSG_DEBUG, "PKCS #12: attrId %s", obuf); |
| 586 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 587 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || !asn1_is_set(&hdr)) { |
| 588 | asn1_unexpected(&hdr, "PKCS #12: Expected SET (attrValues)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 589 | return -1; |
| 590 | } |
| 591 | wpa_hexdump_key(MSG_MSGDUMP, "PKCS #12: attrValues", |
| 592 | hdr.payload, hdr.length); |
| 593 | pos = hdr.payload; |
| 594 | end = hdr.payload + hdr.length; |
| 595 | |
| 596 | if (is_oid_pkcs9_friendly_name(&a_oid)) |
| 597 | return pkcs12_parse_attr_friendly_name(pos, end); |
| 598 | if (is_oid_pkcs9_local_key_id(&a_oid)) |
| 599 | return pkcs12_parse_attr_local_key_id(pos, end); |
| 600 | |
| 601 | wpa_printf(MSG_DEBUG, "PKCS #12: Ignore unknown attribute"); |
| 602 | return 0; |
| 603 | } |
| 604 | |
| 605 | |
| 606 | static int pkcs12_safebag(struct tlsv1_credentials *cred, |
| 607 | const u8 *buf, size_t len, const char *passwd) |
| 608 | { |
| 609 | struct asn1_hdr hdr; |
| 610 | struct asn1_oid oid; |
| 611 | char obuf[80]; |
| 612 | const u8 *pos = buf, *end = buf + len; |
| 613 | const u8 *value; |
| 614 | size_t value_len; |
| 615 | |
| 616 | wpa_hexdump_key(MSG_MSGDUMP, "PKCS #12: SafeBag", buf, len); |
| 617 | |
| 618 | /* BAG-TYPE ::= TYPE-IDENTIFIER */ |
| 619 | if (asn1_get_oid(pos, end - pos, &oid, &pos)) { |
| 620 | wpa_printf(MSG_DEBUG, |
| 621 | "PKCS #12: Failed to parse OID (BAG-TYPE)"); |
| 622 | return -1; |
| 623 | } |
| 624 | |
| 625 | asn1_oid_to_str(&oid, obuf, sizeof(obuf)); |
| 626 | wpa_printf(MSG_DEBUG, "PKCS #12: BAG-TYPE %s", obuf); |
| 627 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 628 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || !hdr.constructed || |
| 629 | !asn1_is_cs_tag(&hdr, 0)) { |
| 630 | asn1_unexpected(&hdr, |
| 631 | "PKCS #12: Expected [0] EXPLICIT (bagValue)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 632 | return 0; |
| 633 | } |
| 634 | value = hdr.payload; |
| 635 | value_len = hdr.length; |
| 636 | wpa_hexdump_key(MSG_MSGDUMP, "PKCS #12: bagValue", value, value_len); |
| 637 | pos = hdr.payload + hdr.length; |
| 638 | |
| 639 | if (pos < end) { |
| 640 | /* bagAttributes SET OF PKCS12Attribute OPTIONAL */ |
| 641 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 642 | !asn1_is_set(&hdr)) { |
| 643 | asn1_unexpected(&hdr, |
| 644 | "PKCS #12: Expected SET (bagAttributes)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 645 | return -1; |
| 646 | } |
| 647 | wpa_hexdump_key(MSG_MSGDUMP, "PKCS #12: bagAttributes", |
| 648 | hdr.payload, hdr.length); |
| 649 | |
| 650 | pos = hdr.payload; |
| 651 | end = hdr.payload + hdr.length; |
| 652 | while (pos < end) { |
| 653 | /* PKCS12Attribute ::= SEQUENCE */ |
| 654 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 655 | !asn1_is_sequence(&hdr)) { |
| 656 | asn1_unexpected(&hdr, |
| 657 | "PKCS #12: Expected SEQUENCE (PKCS12Attribute)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 658 | return -1; |
| 659 | } |
| 660 | if (pkcs12_parse_attr(hdr.payload, hdr.length) < 0) |
| 661 | return -1; |
| 662 | pos = hdr.payload + hdr.length; |
| 663 | } |
| 664 | } |
| 665 | |
| 666 | if (pkcs12_is_bagtype_oid(&oid, 1)) |
| 667 | return pkcs12_keybag(cred, value, value_len); |
| 668 | if (pkcs12_is_bagtype_oid(&oid, 2)) |
| 669 | return pkcs12_pkcs8_keybag(cred, value, value_len, passwd); |
| 670 | if (pkcs12_is_bagtype_oid(&oid, 3)) |
| 671 | return pkcs12_certbag(cred, value, value_len); |
| 672 | |
| 673 | wpa_printf(MSG_DEBUG, "PKCS #12: Ignore unsupported BAG-TYPE"); |
| 674 | return 0; |
| 675 | } |
| 676 | |
| 677 | |
| 678 | static int pkcs12_safecontents(struct tlsv1_credentials *cred, |
| 679 | const u8 *buf, size_t len, |
| 680 | const char *passwd) |
| 681 | { |
| 682 | struct asn1_hdr hdr; |
| 683 | const u8 *pos, *end; |
| 684 | |
| 685 | /* SafeContents ::= SEQUENCE OF SafeBag */ |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 686 | if (asn1_get_next(buf, len, &hdr) < 0 || !asn1_is_sequence(&hdr)) { |
| 687 | asn1_unexpected(&hdr, |
| 688 | "PKCS #12: Expected SEQUENCE (SafeContents)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 689 | return -1; |
| 690 | } |
| 691 | pos = hdr.payload; |
| 692 | end = hdr.payload + hdr.length; |
| 693 | |
| 694 | /* |
| 695 | * SafeBag ::= SEQUENCE { |
| 696 | * bagId BAG-TYPE.&id ({PKCS12BagSet}) |
| 697 | * bagValue [0] EXPLICIT BAG-TYPE.&Type({PKCS12BagSet}{@bagId}), |
| 698 | * bagAttributes SET OF PKCS12Attribute OPTIONAL |
| 699 | * } |
| 700 | */ |
| 701 | |
| 702 | while (pos < end) { |
| 703 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 704 | !asn1_is_sequence(&hdr)) { |
| 705 | asn1_unexpected(&hdr, |
| 706 | "PKCS #12: Expected SEQUENCE (SafeBag)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 707 | return -1; |
| 708 | } |
| 709 | if (pkcs12_safebag(cred, hdr.payload, hdr.length, passwd) < 0) |
| 710 | return -1; |
| 711 | pos = hdr.payload + hdr.length; |
| 712 | } |
| 713 | |
| 714 | return 0; |
| 715 | } |
| 716 | |
| 717 | |
| 718 | static int pkcs12_parse_content_data(struct tlsv1_credentials *cred, |
| 719 | const u8 *pos, const u8 *end, |
| 720 | const char *passwd) |
| 721 | { |
| 722 | struct asn1_hdr hdr; |
| 723 | |
| 724 | /* Data ::= OCTET STRING */ |
| 725 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 726 | !asn1_is_octetstring(&hdr)) { |
| 727 | asn1_unexpected(&hdr, "PKCS #12: Expected OCTET STRING (Data)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 728 | return -1; |
| 729 | } |
| 730 | |
| 731 | wpa_hexdump(MSG_MSGDUMP, "PKCS #12: Data", hdr.payload, hdr.length); |
| 732 | |
| 733 | return pkcs12_safecontents(cred, hdr.payload, hdr.length, passwd); |
| 734 | } |
| 735 | |
| 736 | |
| 737 | static int pkcs12_parse_content_enc_data(struct tlsv1_credentials *cred, |
| 738 | const u8 *pos, const u8 *end, |
| 739 | const char *passwd) |
| 740 | { |
| 741 | struct asn1_hdr hdr; |
| 742 | struct asn1_oid oid; |
| 743 | char buf[80]; |
| 744 | const u8 *enc_alg; |
| 745 | u8 *data; |
| 746 | size_t enc_alg_len, data_len; |
| 747 | int res = -1; |
| 748 | |
| 749 | /* |
| 750 | * EncryptedData ::= SEQUENCE { |
| 751 | * version Version, |
| 752 | * encryptedContentInfo EncryptedContentInfo } |
| 753 | */ |
| 754 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 755 | !asn1_is_sequence(&hdr)) { |
| 756 | asn1_unexpected(&hdr, |
| 757 | "PKCS #12: Expected SEQUENCE (EncryptedData)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 758 | return 0; |
| 759 | } |
| 760 | pos = hdr.payload; |
| 761 | |
| 762 | /* Version ::= INTEGER */ |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 763 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || !asn1_is_integer(&hdr)) { |
| 764 | asn1_unexpected(&hdr, |
| 765 | "PKCS #12: No INTEGER tag found for version"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 766 | return -1; |
| 767 | } |
| 768 | if (hdr.length != 1 || hdr.payload[0] != 0) { |
| 769 | wpa_printf(MSG_DEBUG, "PKCS #12: Unrecognized PKCS #7 version"); |
| 770 | return -1; |
| 771 | } |
| 772 | pos = hdr.payload + hdr.length; |
| 773 | |
| 774 | wpa_hexdump(MSG_MSGDUMP, "PKCS #12: EncryptedContentInfo", |
| 775 | pos, end - pos); |
| 776 | |
| 777 | /* |
| 778 | * EncryptedContentInfo ::= SEQUENCE { |
| 779 | * contentType ContentType, |
| 780 | * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, |
| 781 | * encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL } |
| 782 | */ |
| 783 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 784 | !asn1_is_sequence(&hdr)) { |
| 785 | asn1_unexpected(&hdr, |
| 786 | "PKCS #12: Expected SEQUENCE (EncryptedContentInfo)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 787 | return -1; |
| 788 | } |
| 789 | |
| 790 | pos = hdr.payload; |
| 791 | end = pos + hdr.length; |
| 792 | |
| 793 | /* ContentType ::= OBJECT IDENTIFIER */ |
| 794 | if (asn1_get_oid(pos, end - pos, &oid, &pos)) { |
| 795 | wpa_printf(MSG_DEBUG, |
| 796 | "PKCS #12: Could not find OBJECT IDENTIFIER (contentType)"); |
| 797 | return -1; |
| 798 | } |
| 799 | asn1_oid_to_str(&oid, buf, sizeof(buf)); |
| 800 | wpa_printf(MSG_DEBUG, "PKCS #12: EncryptedContentInfo::contentType %s", |
| 801 | buf); |
| 802 | |
| 803 | if (!is_oid_pkcs7_data(&oid)) { |
| 804 | wpa_printf(MSG_DEBUG, |
| 805 | "PKCS #12: Unsupported EncryptedContentInfo::contentType %s", |
| 806 | buf); |
| 807 | return 0; |
| 808 | } |
| 809 | |
| 810 | /* ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier */ |
| 811 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 812 | !asn1_is_sequence(&hdr)) { |
| 813 | asn1_unexpected(&hdr, |
| 814 | "PKCS #12: Expected SEQUENCE (ContentEncryptionAlgorithmIdentifier)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 815 | return -1; |
| 816 | } |
| 817 | enc_alg = hdr.payload; |
| 818 | enc_alg_len = hdr.length; |
| 819 | pos = hdr.payload + hdr.length; |
| 820 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 821 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || hdr.constructed || |
| 822 | !asn1_is_cs_tag(&hdr, 0)) { |
| 823 | asn1_unexpected(&hdr, |
| 824 | "PKCS #12: Expected [0] IMPLICIT (encryptedContent)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 825 | return -1; |
| 826 | } |
| 827 | |
| 828 | /* EncryptedContent ::= OCTET STRING */ |
| 829 | data = pkcs5_decrypt(enc_alg, enc_alg_len, hdr.payload, hdr.length, |
| 830 | passwd, &data_len); |
| 831 | if (data) { |
| 832 | wpa_hexdump_key(MSG_MSGDUMP, |
| 833 | "PKCS #12: Decrypted encryptedContent", |
| 834 | data, data_len); |
| 835 | res = pkcs12_safecontents(cred, data, data_len, passwd); |
| 836 | os_free(data); |
| 837 | } |
| 838 | |
| 839 | return res; |
| 840 | } |
| 841 | |
| 842 | |
| 843 | static int pkcs12_parse_content(struct tlsv1_credentials *cred, |
| 844 | const u8 *buf, size_t len, |
| 845 | const char *passwd) |
| 846 | { |
| 847 | const u8 *pos = buf; |
| 848 | const u8 *end = buf + len; |
| 849 | struct asn1_oid oid; |
| 850 | char txt[80]; |
| 851 | struct asn1_hdr hdr; |
| 852 | |
| 853 | wpa_hexdump(MSG_MSGDUMP, "PKCS #12: ContentInfo", buf, len); |
| 854 | |
| 855 | if (asn1_get_oid(pos, end - pos, &oid, &pos)) { |
| 856 | wpa_printf(MSG_DEBUG, |
| 857 | "PKCS #12: Could not find OBJECT IDENTIFIER (contentType)"); |
| 858 | return 0; |
| 859 | } |
| 860 | |
| 861 | asn1_oid_to_str(&oid, txt, sizeof(txt)); |
| 862 | wpa_printf(MSG_DEBUG, "PKCS #12: contentType %s", txt); |
| 863 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 864 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || !hdr.constructed || |
| 865 | !asn1_is_cs_tag(&hdr, 0)) { |
| 866 | asn1_unexpected(&hdr, |
| 867 | "PKCS #12: Expected [0] EXPLICIT (content)"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 868 | return 0; |
| 869 | } |
| 870 | pos = hdr.payload; |
| 871 | |
| 872 | if (is_oid_pkcs7_data(&oid)) |
| 873 | return pkcs12_parse_content_data(cred, pos, end, passwd); |
| 874 | if (is_oid_pkcs7_enc_data(&oid)) |
| 875 | return pkcs12_parse_content_enc_data(cred, pos, end, passwd); |
| 876 | |
| 877 | wpa_printf(MSG_DEBUG, "PKCS #12: Ignored unsupported contentType %s", |
| 878 | txt); |
| 879 | |
| 880 | return 0; |
| 881 | } |
| 882 | |
| 883 | |
| 884 | static int pkcs12_parse(struct tlsv1_credentials *cred, |
| 885 | const u8 *key, size_t len, const char *passwd) |
| 886 | { |
| 887 | struct asn1_hdr hdr; |
| 888 | const u8 *pos, *end; |
| 889 | struct asn1_oid oid; |
| 890 | char buf[80]; |
| 891 | |
| 892 | /* |
| 893 | * PFX ::= SEQUENCE { |
| 894 | * version INTEGER {v3(3)}(v3,...), |
| 895 | * authSafe ContentInfo, |
| 896 | * macData MacData OPTIONAL |
| 897 | * } |
| 898 | */ |
| 899 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 900 | if (asn1_get_next(key, len, &hdr) < 0 || !asn1_is_sequence(&hdr)) { |
| 901 | asn1_unexpected(&hdr, |
| 902 | "PKCS #12: Expected SEQUENCE (PFX); assume PKCS #12 not used"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 903 | return -1; |
| 904 | } |
| 905 | |
| 906 | pos = hdr.payload; |
| 907 | end = pos + hdr.length; |
| 908 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 909 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || !asn1_is_integer(&hdr)) { |
| 910 | asn1_unexpected(&hdr, |
| 911 | "PKCS #12: No INTEGER tag found for version"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 912 | return -1; |
| 913 | } |
| 914 | if (hdr.length != 1 || hdr.payload[0] != 3) { |
| 915 | wpa_printf(MSG_DEBUG, "PKCS #12: Unrecognized version"); |
| 916 | return -1; |
| 917 | } |
| 918 | pos = hdr.payload + hdr.length; |
| 919 | |
| 920 | /* |
| 921 | * ContentInfo ::= SEQUENCE { |
| 922 | * contentType ContentType, |
| 923 | * content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } |
| 924 | */ |
| 925 | |
| 926 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 927 | !asn1_is_sequence(&hdr)) { |
| 928 | asn1_unexpected(&hdr, |
| 929 | "PKCS #12: Expected SEQUENCE (authSafe); assume PKCS #12 not used"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 930 | return -1; |
| 931 | } |
| 932 | |
| 933 | pos = hdr.payload; |
| 934 | end = pos + hdr.length; |
| 935 | |
| 936 | /* ContentType ::= OBJECT IDENTIFIER */ |
| 937 | if (asn1_get_oid(pos, end - pos, &oid, &pos)) { |
| 938 | wpa_printf(MSG_DEBUG, |
| 939 | "PKCS #12: Could not find OBJECT IDENTIFIER (contentType); assume PKCS #12 not used"); |
| 940 | return -1; |
| 941 | } |
| 942 | asn1_oid_to_str(&oid, buf, sizeof(buf)); |
| 943 | wpa_printf(MSG_DEBUG, "PKCS #12: contentType %s", buf); |
| 944 | if (!is_oid_pkcs7_data(&oid)) { |
| 945 | wpa_printf(MSG_DEBUG, "PKCS #12: Unsupported contentType %s", |
| 946 | buf); |
| 947 | return -1; |
| 948 | } |
| 949 | |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 950 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || !hdr.constructed || |
| 951 | !asn1_is_cs_tag(&hdr, 0)) { |
| 952 | asn1_unexpected(&hdr, |
| 953 | "PKCS #12: Expected [0] EXPLICIT (content); assume PKCS #12 not used"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 954 | return -1; |
| 955 | } |
| 956 | |
| 957 | pos = hdr.payload; |
| 958 | |
| 959 | /* Data ::= OCTET STRING */ |
| 960 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 961 | !asn1_is_octetstring(&hdr)) { |
| 962 | asn1_unexpected(&hdr, |
| 963 | "PKCS #12: Expected OCTET STRING (Data); assume PKCS #12 not used"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 964 | return -1; |
| 965 | } |
| 966 | |
| 967 | /* |
| 968 | * AuthenticatedSafe ::= SEQUENCE OF ContentInfo |
| 969 | * -- Data if unencrypted |
| 970 | * -- EncryptedData if password-encrypted |
| 971 | * -- EnvelopedData if public key-encrypted |
| 972 | */ |
| 973 | wpa_hexdump(MSG_MSGDUMP, "PKCS #12: Data content", |
| 974 | hdr.payload, hdr.length); |
| 975 | |
| 976 | if (asn1_get_next(hdr.payload, hdr.length, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 977 | !asn1_is_sequence(&hdr)) { |
| 978 | asn1_unexpected(&hdr, |
| 979 | "PKCS #12: Expected SEQUENCE within Data content; assume PKCS #12 not used"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 980 | return -1; |
| 981 | } |
| 982 | |
| 983 | pos = hdr.payload; |
| 984 | end = pos + hdr.length; |
| 985 | |
| 986 | while (end > pos) { |
| 987 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 988 | !asn1_is_sequence(&hdr)) { |
| 989 | asn1_unexpected(&hdr, |
| 990 | "PKCS #12: Expected SEQUENCE (ContentInfo); assume PKCS #12 not used"); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 991 | return -1; |
| 992 | } |
| 993 | if (pkcs12_parse_content(cred, hdr.payload, hdr.length, |
| 994 | passwd) < 0) |
| 995 | return -1; |
| 996 | |
| 997 | pos = hdr.payload + hdr.length; |
| 998 | } |
| 999 | |
| 1000 | return 0; |
| 1001 | } |
| 1002 | |
| 1003 | #endif /* PKCS12_FUNCS */ |
| 1004 | |
| 1005 | |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1006 | static int tlsv1_set_key(struct tlsv1_credentials *cred, |
| 1007 | const u8 *key, size_t len, const char *passwd) |
| 1008 | { |
| 1009 | cred->key = crypto_private_key_import(key, len, passwd); |
| 1010 | if (cred->key == NULL) |
| 1011 | cred->key = tlsv1_set_key_pem(key, len); |
| 1012 | if (cred->key == NULL) |
| 1013 | cred->key = tlsv1_set_key_enc_pem(key, len, passwd); |
Dmitry Shmidt | 1b46775 | 2015-12-14 12:45:46 -0800 | [diff] [blame] | 1014 | #ifdef PKCS12_FUNCS |
| 1015 | if (!cred->key) |
| 1016 | pkcs12_parse(cred, key, len, passwd); |
| 1017 | #endif /* PKCS12_FUNCS */ |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1018 | if (cred->key == NULL) { |
| 1019 | wpa_printf(MSG_INFO, "TLSv1: Failed to parse private key"); |
| 1020 | return -1; |
| 1021 | } |
| 1022 | return 0; |
| 1023 | } |
| 1024 | |
| 1025 | |
| 1026 | /** |
| 1027 | * tlsv1_set_private_key - Set private key |
| 1028 | * @cred: TLSv1 credentials from tlsv1_cred_alloc() |
| 1029 | * @private_key: File or reference name for the key in PEM or DER format |
| 1030 | * @private_key_passwd: Passphrase for decrypted private key, %NULL if no |
| 1031 | * passphrase is used. |
| 1032 | * @private_key_blob: private_key as inlined data or %NULL if not used |
| 1033 | * @private_key_blob_len: private_key_blob length |
| 1034 | * Returns: 0 on success, -1 on failure |
| 1035 | */ |
| 1036 | int tlsv1_set_private_key(struct tlsv1_credentials *cred, |
| 1037 | const char *private_key, |
| 1038 | const char *private_key_passwd, |
| 1039 | const u8 *private_key_blob, |
| 1040 | size_t private_key_blob_len) |
| 1041 | { |
| 1042 | crypto_private_key_free(cred->key); |
| 1043 | cred->key = NULL; |
| 1044 | |
| 1045 | if (private_key_blob) |
| 1046 | return tlsv1_set_key(cred, private_key_blob, |
| 1047 | private_key_blob_len, |
| 1048 | private_key_passwd); |
| 1049 | |
| 1050 | if (private_key) { |
| 1051 | u8 *buf; |
| 1052 | size_t len; |
| 1053 | int ret; |
| 1054 | |
| 1055 | buf = (u8 *) os_readfile(private_key, &len); |
| 1056 | if (buf == NULL) { |
| 1057 | wpa_printf(MSG_INFO, "TLSv1: Failed to read '%s'", |
| 1058 | private_key); |
| 1059 | return -1; |
| 1060 | } |
| 1061 | |
| 1062 | ret = tlsv1_set_key(cred, buf, len, private_key_passwd); |
| 1063 | os_free(buf); |
| 1064 | return ret; |
| 1065 | } |
| 1066 | |
| 1067 | return 0; |
| 1068 | } |
| 1069 | |
| 1070 | |
| 1071 | static int tlsv1_set_dhparams_der(struct tlsv1_credentials *cred, |
| 1072 | const u8 *dh, size_t len) |
| 1073 | { |
| 1074 | struct asn1_hdr hdr; |
| 1075 | const u8 *pos, *end; |
| 1076 | |
| 1077 | pos = dh; |
| 1078 | end = dh + len; |
| 1079 | |
| 1080 | /* |
| 1081 | * DHParameter ::= SEQUENCE { |
| 1082 | * prime INTEGER, -- p |
| 1083 | * base INTEGER, -- g |
| 1084 | * privateValueLength INTEGER OPTIONAL } |
| 1085 | */ |
| 1086 | |
| 1087 | /* DHParamer ::= SEQUENCE */ |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 1088 | if (asn1_get_next(pos, len, &hdr) < 0 || !asn1_is_sequence(&hdr)) { |
| 1089 | asn1_unexpected(&hdr, |
| 1090 | "DH: DH parameters did not start with a valid SEQUENCE"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1091 | return -1; |
| 1092 | } |
| 1093 | pos = hdr.payload; |
| 1094 | |
| 1095 | /* prime INTEGER */ |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 1096 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
| 1097 | !asn1_is_integer(&hdr)) { |
| 1098 | asn1_unexpected(&hdr, "DH: No INTEGER tag found for p"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1099 | return -1; |
| 1100 | } |
| 1101 | |
| 1102 | wpa_hexdump(MSG_MSGDUMP, "DH: prime (p)", hdr.payload, hdr.length); |
| 1103 | if (hdr.length == 0) |
| 1104 | return -1; |
| 1105 | os_free(cred->dh_p); |
Dmitry Shmidt | d2986c2 | 2017-10-23 14:22:09 -0700 | [diff] [blame] | 1106 | cred->dh_p = os_memdup(hdr.payload, hdr.length); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1107 | if (cred->dh_p == NULL) |
| 1108 | return -1; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1109 | cred->dh_p_len = hdr.length; |
| 1110 | pos = hdr.payload + hdr.length; |
| 1111 | |
| 1112 | /* base INTEGER */ |
Hai Shalom | c1a2144 | 2022-02-04 13:43:00 -0800 | [diff] [blame^] | 1113 | if (asn1_get_next(pos, end - pos, &hdr) < 0 || |
| 1114 | !asn1_is_integer(&hdr)) { |
| 1115 | asn1_unexpected(&hdr, "DH: No INTEGER tag found for g"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1116 | return -1; |
| 1117 | } |
| 1118 | |
| 1119 | wpa_hexdump(MSG_MSGDUMP, "DH: base (g)", hdr.payload, hdr.length); |
| 1120 | if (hdr.length == 0) |
| 1121 | return -1; |
| 1122 | os_free(cred->dh_g); |
Dmitry Shmidt | d2986c2 | 2017-10-23 14:22:09 -0700 | [diff] [blame] | 1123 | cred->dh_g = os_memdup(hdr.payload, hdr.length); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1124 | if (cred->dh_g == NULL) |
| 1125 | return -1; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1126 | cred->dh_g_len = hdr.length; |
| 1127 | |
| 1128 | return 0; |
| 1129 | } |
| 1130 | |
| 1131 | |
| 1132 | static const char *pem_dhparams_begin = "-----BEGIN DH PARAMETERS-----"; |
| 1133 | static const char *pem_dhparams_end = "-----END DH PARAMETERS-----"; |
| 1134 | |
| 1135 | |
| 1136 | static int tlsv1_set_dhparams_blob(struct tlsv1_credentials *cred, |
| 1137 | const u8 *buf, size_t len) |
| 1138 | { |
| 1139 | const u8 *pos, *end; |
| 1140 | unsigned char *der; |
| 1141 | size_t der_len; |
| 1142 | |
| 1143 | pos = search_tag(pem_dhparams_begin, buf, len); |
| 1144 | if (!pos) { |
| 1145 | wpa_printf(MSG_DEBUG, "TLSv1: No PEM dhparams tag found - " |
| 1146 | "assume DER format"); |
| 1147 | return tlsv1_set_dhparams_der(cred, buf, len); |
| 1148 | } |
| 1149 | |
| 1150 | wpa_printf(MSG_DEBUG, "TLSv1: Converting PEM format dhparams into DER " |
| 1151 | "format"); |
| 1152 | |
| 1153 | pos += os_strlen(pem_dhparams_begin); |
| 1154 | end = search_tag(pem_dhparams_end, pos, buf + len - pos); |
| 1155 | if (end == NULL) { |
| 1156 | wpa_printf(MSG_INFO, "TLSv1: Could not find PEM dhparams end " |
| 1157 | "tag (%s)", pem_dhparams_end); |
| 1158 | return -1; |
| 1159 | } |
| 1160 | |
Ahmed ElArabawy | 0ff61c5 | 2019-12-26 12:38:39 -0800 | [diff] [blame] | 1161 | der = base64_decode((const char *) pos, end - pos, &der_len); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1162 | if (der == NULL) { |
| 1163 | wpa_printf(MSG_INFO, "TLSv1: Could not decode PEM dhparams"); |
| 1164 | return -1; |
| 1165 | } |
| 1166 | |
| 1167 | if (tlsv1_set_dhparams_der(cred, der, der_len) < 0) { |
| 1168 | wpa_printf(MSG_INFO, "TLSv1: Failed to parse PEM dhparams " |
| 1169 | "DER conversion"); |
| 1170 | os_free(der); |
| 1171 | return -1; |
| 1172 | } |
| 1173 | |
| 1174 | os_free(der); |
| 1175 | |
| 1176 | return 0; |
| 1177 | } |
| 1178 | |
| 1179 | |
| 1180 | /** |
| 1181 | * tlsv1_set_dhparams - Set Diffie-Hellman parameters |
| 1182 | * @cred: TLSv1 credentials from tlsv1_cred_alloc() |
| 1183 | * @dh_file: File or reference name for the DH params in PEM or DER format |
| 1184 | * @dh_blob: DH params as inlined data or %NULL if not used |
| 1185 | * @dh_blob_len: dh_blob length |
| 1186 | * Returns: 0 on success, -1 on failure |
| 1187 | */ |
| 1188 | int tlsv1_set_dhparams(struct tlsv1_credentials *cred, const char *dh_file, |
| 1189 | const u8 *dh_blob, size_t dh_blob_len) |
| 1190 | { |
| 1191 | if (dh_blob) |
| 1192 | return tlsv1_set_dhparams_blob(cred, dh_blob, dh_blob_len); |
| 1193 | |
| 1194 | if (dh_file) { |
| 1195 | u8 *buf; |
| 1196 | size_t len; |
| 1197 | int ret; |
| 1198 | |
| 1199 | buf = (u8 *) os_readfile(dh_file, &len); |
| 1200 | if (buf == NULL) { |
| 1201 | wpa_printf(MSG_INFO, "TLSv1: Failed to read '%s'", |
| 1202 | dh_file); |
| 1203 | return -1; |
| 1204 | } |
| 1205 | |
| 1206 | ret = tlsv1_set_dhparams_blob(cred, buf, len); |
| 1207 | os_free(buf); |
| 1208 | return ret; |
| 1209 | } |
| 1210 | |
| 1211 | return 0; |
| 1212 | } |