diff options
Diffstat (limited to 'programs/scepclient')
| -rw-r--r-- | programs/scepclient/Makefile | 184 | ||||
| -rw-r--r-- | programs/scepclient/pkcs10.c | 220 | ||||
| -rw-r--r-- | programs/scepclient/pkcs10.h | 57 | ||||
| -rw-r--r-- | programs/scepclient/rsakey.c | 349 | ||||
| -rw-r--r-- | programs/scepclient/rsakey.h | 31 | ||||
| -rw-r--r-- | programs/scepclient/scep.c | 598 | ||||
| -rw-r--r-- | programs/scepclient/scep.h | 93 | ||||
| -rw-r--r-- | programs/scepclient/scepclient.8 | 288 | ||||
| -rw-r--r-- | programs/scepclient/scepclient.c | 1036 |
9 files changed, 2856 insertions, 0 deletions
diff --git a/programs/scepclient/Makefile b/programs/scepclient/Makefile new file mode 100644 index 000000000..dec36c888 --- /dev/null +++ b/programs/scepclient/Makefile @@ -0,0 +1,184 @@ +# Makefile for the scepclient +# Copyright (C) 2005 Jan Hutter, Martin Willi +# Hochschule fuer Technik Rapperswil +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# + +FREESWANSRCDIR=../.. +include ${FREESWANSRCDIR}/Makefile.inc + +PLUTODIR=../pluto +OPENACDIR=../openac + +PROGRAM=scepclient +EXTRA8PROC=${PROGRAM}.8 + +LIBS=${FREESWANLIB} $(LIBDESLITE) -lgmp +CFLAGS+= -DDEBUG -DNO_PLUTO + +# This compile option activates the leak detective +ifeq ($(USE_LEAK_DETECTIVE),true) + CFLAGS+= -DLEAK_DETECTIVE +endif + +# This compile option activates dynamic URL fetching using libcurl +ifeq ($(USE_LIBCURL),true) + CFLAGS+= -DLIBCURL + LIBS+= -lcurl +endif + +X509_OBJS= asn1.o ca.o certs.o constants.o crl.o defs.o fetch.o id.o keys.o \ + lex.o md2.o md5.o mp_defs.o ocsp.o oid.o pem.o pgp.o pkcs1.o pkcs7.o \ + rnd.o sha1.o smartcard.o x509.o + +OBJS= rsakey.o pkcs10.o loglite.o scep.o ${X509_OBJS} + +include ../Makefile.program + +loglite.o : $(OPENACDIR)/loglite.c $(PLUTODIR)/log.h + $(CC) $(CFLAGS) -c -o $@ $< + +rsakey.o : rsakey.c rsakey.h + $(CC) $(CFLAGS) -c -o $@ $< + +pkcs10.o : pkcs10.c pkcs10.h + $(CC) $(CFLAGS) -c -o $@ $< + +scep.o : scep.c scep.h + $(CC) $(CFLAGS) -c -o $@ $< + +# X.509 library + +asn1.o : $(PLUTODIR)/asn1.c $(PLUTODIR)/asn1.h + $(CC) $(CFLAGS) -c -o $@ $< + +ca.o : $(PLUTODIR)/ca.c $(PLUTODIR)/ca.h + $(CC) $(CFLAGS) -c -o $@ $< + +crl.o : $(PLUTODIR)/crl.c $(PLUTODIR)/crl.h + $(CC) $(CFLAGS) -c -o $@ $< + +certs.o : $(PLUTODIR)/certs.c $(PLUTODIR)/certs.h + $(CC) $(CFLAGS) -c -o $@ $< + +constants.o : $(PLUTODIR)/constants.c $(PLUTODIR)/constants.h + $(CC) $(CFLAGS) -c -o $@ $< + +defs.o : $(PLUTODIR)/defs.c $(PLUTODIR)/defs.h + $(CC) $(CFLAGS) -c -o $@ $< + +fetch.o : $(PLUTODIR)/fetch.c $(PLUTODIR)/fetch.h + $(CC) $(CFLAGS) -c -o $@ $< + +id.o : $(PLUTODIR)/id.c $(PLUTODIR)/id.h + $(CC) $(CFLAGS) -c -o $@ $< + +keys.o : $(PLUTODIR)/keys.c $(PLUTODIR)/keys.h + $(CC) $(CFLAGS) -c -o $@ $< + +lex.o : $(PLUTODIR)/lex.c $(PLUTODIR)/lex.h + $(CC) $(CFLAGS) -c -o $@ $< + +md2.o : $(PLUTODIR)/md2.c $(PLUTODIR)/md2.h + $(CC) $(CFLAGS) -c -o $@ $< + +md5.o : $(PLUTODIR)/md5.c $(PLUTODIR)/md5.h + $(CC) $(CFLAGS) -c -o $@ $< + +mp_defs.o : $(PLUTODIR)/mp_defs.c $(PLUTODIR)/mp_defs.h + $(CC) $(CFLAGS) -c -o $@ $< + +ocsp.o : $(PLUTODIR)/ocsp.c $(PLUTODIR)/ocsp.h + $(CC) $(CFLAGS) -c -o $@ $< + +oid.o : $(PLUTODIR)/oid.c $(PLUTODIR)/oid.h + $(CC) $(CFLAGS) -c -o $@ $< + +pem.o : $(PLUTODIR)/pem.c $(PLUTODIR)/pem.h + $(CC) $(CFLAGS) -c -o $@ $< + +pgp.o : $(PLUTODIR)/pgp.c $(PLUTODIR)/pgp.h + $(CC) $(CFLAGS) -c -o $@ $< + +pkcs1.o : $(PLUTODIR)/pkcs1.c $(PLUTODIR)/pkcs1.h + $(CC) $(CFLAGS) -c -o $@ $< + +pkcs7.o : $(PLUTODIR)/pkcs7.c $(PLUTODIR)/pkcs7.h + $(CC) $(CFLAGS) -c -o $@ $< + +rnd.o : $(PLUTODIR)/rnd.c $(PLUTODIR)/rnd.h + $(CC) $(CFLAGS) -c -o $@ $< + +sha1.o : $(PLUTODIR)/sha1.c $(PLUTODIR)/sha1.h + $(CC) $(CFLAGS) -c -o $@ $< + +smartcard.o : $(PLUTODIR)/smartcard.c $(PLUTODIR)/smartcard.h + $(CC) $(CFLAGS) -c -o $@ $< + +x509.o : $(PLUTODIR)/x509.c $(PLUTODIR)/x509.h + $(CC) $(CFLAGS) -c -o $@ $< + +doxygen : + doxygen doxyconfig.DoxyFile + +# Stolen from pluto/Makefile + +gatherdeps: + @ls | grep '\.c$$' | sed -e 's/\(.*\)\.c$$/\1.o: \1.c/' + @echo + @ls | grep '\.c$$' | xargs grep '^#[ ]*include[ ]*"' | \ + sed -e 's/\.c:#[ ]*include[ ]*"/.o: /' -e 's/".*//' + +# Dependencies generated by "make gatherdeps": + +pkcs10.o: pkcs10.c +rsakey.o: rsakey.c +scep.o: scep.c +scepclient.o: scepclient.c + +pkcs10.o: ../pluto/constants.h +pkcs10.o: ../pluto/defs.h +pkcs10.o: ../pluto/oid.h +pkcs10.o: ../pluto/asn1.h +pkcs10.o: ../pluto/pkcs1.h +pkcs10.o: ../pluto/log.h +pkcs10.o: ../pluto/x509.h +pkcs10.o: pkcs10.h +rsakey.o: ../pluto/constants.h +rsakey.o: ../pluto/defs.h +rsakey.o: ../pluto/mp_defs.h +rsakey.o: ../pluto/log.h +rsakey.o: ../pluto/asn1.h +rsakey.o: ../pluto/pkcs1.h +rsakey.o: rsakey.h +scep.o: ../pluto/constants.h +scep.o: ../pluto/defs.h +scep.o: ../pluto/rnd.h +scep.o: ../pluto/oid.h +scep.o: ../pluto/asn1.h +scep.o: ../pluto/pkcs1.h +scep.o: ../pluto/fetch.h +scep.o: ../pluto/log.h +scep.o: scep.h +scepclient.o: ../pluto/constants.h +scepclient.o: ../pluto/defs.h +scepclient.o: ../pluto/log.h +scepclient.o: ../pluto/oid.h +scepclient.o: ../pluto/asn1.h +scepclient.o: ../pluto/pkcs1.h +scepclient.o: ../pluto/pkcs7.h +scepclient.o: ../pluto/certs.h +scepclient.o: ../pluto/fetch.h +scepclient.o: ../pluto/rnd.h +scepclient.o: rsakey.h +scepclient.o: pkcs10.h +scepclient.o: scep.h diff --git a/programs/scepclient/pkcs10.c b/programs/scepclient/pkcs10.c new file mode 100644 index 000000000..de3f06e18 --- /dev/null +++ b/programs/scepclient/pkcs10.c @@ -0,0 +1,220 @@ +/** + * @file pkcs10.c + * @brief Functions to build PKCS#10 requests + * + * Contains functions to build DER encoded pkcs#10 certificate requests + */ + +/* Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <stdlib.h> +#include <string.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <arpa/inet.h> + +#include <freeswan.h> + +#include "../pluto/constants.h" +#include "../pluto/defs.h" +#include "../pluto/oid.h" +#include "../pluto/asn1.h" +#include "../pluto/pkcs1.h" +#include "../pluto/log.h" +#include "../pluto/x509.h" + +#include "pkcs10.h" + +/* some pre-coded OIDs */ + +static u_char ASN1_challengePassword_oid_str[] = { + 0x06,0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x07 +}; + +static const chunk_t ASN1_challengePassword_oid = strchunk(ASN1_challengePassword_oid_str); + +static u_char ASN1_extensionRequest_oid_str[] = { + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x0E +}; + +static const chunk_t ASN1_extensionRequest_oid = strchunk(ASN1_extensionRequest_oid_str); + +/** + * @brief Adds a subjectAltName in DER-coded form to a linked list + * + * @param[in,out] subjectAltNames head of the linked list of subjectAltNames + * @param[in] kind type of the subjectAltName (which is a generalName) + * @param[in] value value of the subjectAltName as an ASCII string + */ +void +pkcs10_add_subjectAltName(generalName_t **subjectAltNames, generalNames_t kind +, char *value) +{ + generalName_t *gn; + asn1_t asn1_type = ASN1_EOC; + chunk_t name = { value, strlen(value) }; + + switch (kind) + { + case GN_RFC822_NAME: + asn1_type = ASN1_CONTEXT_S_1; + break; + case GN_DNS_NAME: + asn1_type = ASN1_CONTEXT_S_2; + break; + case GN_IP_ADDRESS: + { + struct in_addr addr; + + /* convert an ASCII dotted IPv4 address (e.g. 123.456.78.90) + * to a byte representation in network order + */ + if (!inet_aton(value, &addr)) + { + fprintf(stderr, "error in IPv4 subjectAltName\n"); + return; + } + asn1_type = ASN1_CONTEXT_S_7; + name.ptr = (u_char *) &addr.s_addr; + name.len = sizeof(addr.s_addr); + break; + } + default: + break; + } + + gn = alloc_thing(generalName_t, "subjectAltName"); + gn->kind = kind; + gn->name = asn1_simple_object(asn1_type, name); + gn->next = *subjectAltNames; + *subjectAltNames = gn; +} + +/** + * @brief Builds the requestInfoAttributes of the certificationRequestInfo-field + * + * challenge password ans subjectAltNames are only included, + * when avaiable in given #pkcs10_t structure + * + * @param[in] pkcs10 Pointer to a #pkcs10_t structure + * @return 1 if succeeded, 0 otherwise + */ +static chunk_t +build_req_info_attributes(pkcs10_t* pkcs10) +{ + + chunk_t subjectAltNames = empty_chunk; + chunk_t challengePassword = empty_chunk; + + if (pkcs10->subjectAltNames != NULL) + { + + subjectAltNames = asn1_wrap(ASN1_SEQUENCE, "cm" + , ASN1_extensionRequest_oid + , asn1_wrap(ASN1_SET, "m" + , asn1_wrap(ASN1_SEQUENCE, "m" + , build_subjectAltNames(pkcs10->subjectAltNames) + ) + ) + ); + } + + if (pkcs10->challengePassword.len > 0) + { + asn1_t type = is_printablestring(pkcs10->challengePassword) + ? ASN1_PRINTABLESTRING : ASN1_T61STRING; + + challengePassword = asn1_wrap(ASN1_SEQUENCE, "cm" + , ASN1_challengePassword_oid + , asn1_wrap(ASN1_SET, "m" + , asn1_simple_object(type, pkcs10->challengePassword) + ) + ); + } + + return asn1_wrap(ASN1_CONTEXT_C_0, "mm" + , subjectAltNames + , challengePassword); +} + +/** + * @brief Builds a DER-code pkcs#10 certificate request + * + * @param[in] pkcs10 pointer to a pkcs10_t struct + * @return DER-code pkcs10 request + */ +static chunk_t +pkcs10_build_request(pkcs10_t *pkcs10, int signature_alg) +{ + RSA_public_key_t *rsak = (RSA_public_key_t *) pkcs10->private_key; + + chunk_t cert_req_info = asn1_wrap(ASN1_SEQUENCE, "ccmm" + , ASN1_INTEGER_0 + , pkcs10->subject + , pkcs1_build_publicKeyInfo(rsak) + , build_req_info_attributes(pkcs10)); + + chunk_t signature = pkcs1_build_signature(cert_req_info + , signature_alg, pkcs10->private_key, TRUE); + + return asn1_wrap(ASN1_SEQUENCE, "mcm" + , cert_req_info + , asn1_algorithmIdentifier(signature_alg) + , signature); +} + +/** + * @brief Creates a pkcs#10 certificate request object + * + * To create a certificate request, the RSA key and the + * names to be included as subject in the certificate request + * (e.g. commonName, organization) are needed. An optional challenge + * password or some subjectAltNames may be included. + * + * @param[in] key rsakey of type #rsakey_t + * @param[in] subject DER-coded subject distinguished name + * @param[in] challengePassword challenge password or empty_chunk + * @param[in] subjectAltNames linked list of subjectAltNames or NULL + * @return pointer to a #pkcs10_t object + */ +pkcs10_t* +pkcs10_build(RSA_private_key_t *key, chunk_t subject, chunk_t challengePassword +, generalName_t *subjectAltNames, int signature_alg) +{ + pkcs10_t *pkcs10 = alloc_thing(pkcs10_t, "pkcs10_t"); + + pkcs10->subject = subject; + pkcs10->private_key = key; + pkcs10->challengePassword = challengePassword; + pkcs10->subjectAltNames = subjectAltNames; + + pkcs10->request = pkcs10_build_request(pkcs10, signature_alg); + return pkcs10; +} + +/** + * @brief Frees the resources used by an #pkcs10_t object + * + * @param[in] pkcs10 #pkcs10_t to free + */ +void +pkcs10_free(pkcs10_t *pkcs10) +{ + if (pkcs10 != NULL) + { + freeanychunk(pkcs10->request); + pfree(pkcs10); + } +} diff --git a/programs/scepclient/pkcs10.h b/programs/scepclient/pkcs10.h new file mode 100644 index 000000000..c2a4c1b92 --- /dev/null +++ b/programs/scepclient/pkcs10.h @@ -0,0 +1,57 @@ +/** + * @file pkcs10.h + * @brief Functions to build PKCS#10 Request's + * + * Contains functions to build DER encoded pkcs#10 certificate requests + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef _PKCS10_H +#define _PKCS10_H + +#include "../pluto/defs.h" +#include "../pluto/pkcs1.h" +#include "../pluto/x509.h" + +typedef struct pkcs10_struct pkcs10_t; + +/** + * @brief type representating a pkcs#10 request. + * + * A pkcs#10 request contains a distinguished name, an optional + * challenge password, a public key and optional subjectAltNames. + * + * The RSA private key is needed to compute the signature of the given request + */ +struct pkcs10_struct { + RSA_private_key_t *private_key; + chunk_t request; + chunk_t subject; + chunk_t challengePassword; + generalName_t *subjectAltNames; +}; + +extern const pkcs10_t empty_pkcs10; + +extern void pkcs10_add_subjectAltName(generalName_t **subjectAltNames + , generalNames_t kind, char *value); +extern pkcs10_t* pkcs10_build(RSA_private_key_t *key, chunk_t subject + , chunk_t challengePassword, generalName_t *subjectAltNames + , int signature_alg); +extern void pkcs10_free(pkcs10_t *pkcs10); + +#endif /* _PKCS10_H */ diff --git a/programs/scepclient/rsakey.c b/programs/scepclient/rsakey.c new file mode 100644 index 000000000..c4f26b286 --- /dev/null +++ b/programs/scepclient/rsakey.c @@ -0,0 +1,349 @@ +/** + * @file rsakey.c + * @brief Functions for RSA key generation + */ + +/* + * Copyright (C) 1999, 2000, 2001 Henry Spencer. + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * $Id: rsakey.c,v 1.5 2006/01/04 21:16:30 as Exp $ + */ + + +#include <stdlib.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <unistd.h> +#include <assert.h> +#include <gmp.h> + +#include <freeswan.h> + +#include "../pluto/constants.h" +#include "../pluto/defs.h" +#include "../pluto/mp_defs.h" +#include "../pluto/log.h" +#include "../pluto/asn1.h" +#include "../pluto/pkcs1.h" + +#include "rsakey.h" + +/* Number of times the probabilistic primality test is applied */ +#define PRIMECHECK_ROUNDS 30 + +/* Public exponent used for signature key generation */ +#define PUBLIC_EXPONENT 0x10001 + +#ifndef RANDOM_DEVICE +#define RANDOM_DEVICE "/dev/random" +#endif + + +/** + * @brief Reads a specific number of bytes from a given device/file + * + * @param[in] nbytes number of bytes to read from random device + * @param[out] buf pointer to buffer where to write the data in. + * size of buffer has to be at least nbytes. + * @return TRUE, if succeeded, FALSE otherwise + */ + +static bool +get_true_random_bytes(size_t nbytes, char *buf) +{ + size_t ndone; + size_t got; + char *device = RANDOM_DEVICE; + + int dev = open(RANDOM_DEVICE, 0); + + if (dev < 0) + { + fprintf(stderr, "could not open random device %s", device); + return FALSE; + } + + DBG(DBG_CONTROL, + DBG_log("getting %d bytes from %s...", (int) nbytes, device) + ) + + ndone = 0; + while (ndone < nbytes) + { + got = read(dev, buf + ndone, nbytes - ndone); + if (got < 0) + { + fprintf(stderr, "read error on %s", device); + return FALSE; + } + if (got == 0) + { + fprintf(stderr, "eof on %s", device); + return FALSE; + } + ndone += got; + } + close(dev); + return TRUE; +} + +/** + * @brief initialize an mpz_t to a random number, specified bit count + * + * Converting the random value in a value of type mpz_t is done + * by creating a hexbuffer. + * Converting via hex is a bit weird, but it's the best route GMP gives us. + * Note that highmost and lowmost bits are forced on -- highmost to give a + * number of exactly the specified length, lowmost so it is an odd number. + * + * @param[out] var uninitialized mpz_t to store th random number in + * @param[in] nbits length of var in bits (known to be a multiple of BITS_PER_BYTE) + * @return TRUE on success, FALSE otherwise + */ +static bool +init_random(mpz_t var, int nbits) +{ + size_t nbytes = (size_t)(nbits/BITS_PER_BYTE); + char random_buf[RSA_MAX_OCTETS/2]; + + assert(nbytes <= sizeof(random_buf)); + + if (!get_true_random_bytes(nbytes, random_buf)) + return FALSE; + + random_buf[0] |= 01 << (BITS_PER_BYTE-1); /* force high bit on */ + random_buf[nbytes-1] |= 01; /* force low bit on */ + n_to_mpz(var, random_buf, nbytes); + return TRUE; +} + +/** + * @brief initialize an mpz_t to a random prime of specified size + * + * Efficiency tweak: we reject candidates that are 1 higher than a multiple + * of e, since they will make the internal modulus not relatively prime to e. + * + * @param[out] var mpz_t variable to initialize + * @param[in] nbits length of given prime in bits (known to be a multiple of BITS_PER_BYTE) + * @param[in] eval E-Value, 0 means don't bother w. tweak + * @return 1 on success, 0 otherwise + */ +static bool +init_prime(mpz_t var, int nbits, int eval) +{ + unsigned long tries; + size_t len; + + /* get a random value of nbits length */ + if (!init_random(var, nbits)) + return FALSE; + + /* check if odd number */ + assert(mpz_fdiv_ui(var, 2) == 1); + DBG(DBG_CONTROLMORE, + DBG_log("looking for a prime starting there (can take a while)...") + ) + + tries = 1; + while (mpz_fdiv_ui(var, eval) == 1 + || !mpz_probab_prime_p(var, PRIMECHECK_ROUNDS)) + { + /* not a prime, increase by 2 */ + mpz_add_ui(var, var, 2); + tries++; + } + + len = mpz_sizeinbase(var, 2); + + /* check bit length of primee */ + assert(len == (size_t)nbits || len == (size_t)(nbits+1)); + + if (len == (size_t)(nbits+1)) + { + DBG(DBG_CONTROLMORE, + DBG_log("carry out occurred (!), retrying...") + ) + mpz_clear(var); + /* recursive call */ + return init_prime(var, nbits, eval); + } + DBG(DBG_CONTROLMORE, + DBG_log("found it after %lu tries.",tries) + ) + return TRUE; +} + +/** + * @brief Generate a RSA key usable for encryption + * + * Generate an RSA key usable for encryption. All the + * values of the RSA key are filled into mpz_t parameters. + * These mpz_t parameters must not be initialized and have + * to be cleared with mpz_clear after using. + * + * @param[in] nbits size of rsa key in bits + * @return RSA_public_key_t containing the generated RSA key + */ +err_t +generate_rsa_private_key(int nbits, RSA_private_key_t *key) +{ + mpz_t p, q, n, e, d, exp1, exp2, coeff; + mpz_t m, q1, t; /* temporary variables*/ + + DBG(DBG_CONTROL, + DBG_log("generating %d bit RSA key:", nbits) + ) + + if (nbits <= 0) + return "negative rsa key length!"; + + /* Get values of primes p and q */ + DBG(DBG_CONTROLMORE, + DBG_log("initialize prime p") + ) + if (!init_prime(p, nbits/2, PUBLIC_EXPONENT)) + return "could not generate prime p"; + + DBG(DBG_CONTROLMORE, + DBG_log("initialize prime q") + ) + if (!init_prime(q, nbits/2, PUBLIC_EXPONENT)) + return "could not generate prime q"; + + mpz_init(t); + + /* Swapping primes so p is larger then q */ + if (mpz_cmp(p, q) < 0) + { + DBG(DBG_CONTROLMORE, + DBG_log("swapping primes so p is the larger...") + ); + mpz_set(t, p); + mpz_set(p, q); + mpz_set(q, t); + } + + DBG(DBG_CONTROLMORE, + DBG_log("computing modulus...") + ) + mpz_init(n); + /* n = p*q */ + mpz_mul(n, p, q); + + /* Assign e the value of defined PUBLIC_EXPONENT */ + mpz_init_set_ui(e, PUBLIC_EXPONENT); + + DBG(DBG_CONTROLMORE, + DBG_log("computing lcm(p-1, q-1)...") + ) + /* m = p */ + mpz_init_set(m, p); + /* m = m-1 */ + mpz_sub_ui(m, m, 1); + /* q1 = q */ + mpz_init_set(q1, q); + /* q1 = q1-1 */ + mpz_sub_ui(q1, q1, 1); + /* t = gcd(p-1, q-1) */ + mpz_gcd(t, m, q1); + /* m = (p-1)*(q-1) */ + mpz_mul(m, m, q1); + /* m = m / t */ + mpz_divexact(m, m, t); + /* t = gcd(m, e) (greatest common divisor) */ + mpz_gcd(t, m, e); + /* m and e relatively prime */ + assert(mpz_cmp_ui(t, 1) == 0); + + /* decryption key */ + DBG(DBG_CONTROLMORE, + DBG_log("computing d...") + ) + mpz_init(d); + /* e has an inverse mod m */ + assert(mpz_invert(d, e, m)); + + /* make sure d is positive */ + if (mpz_cmp_ui(d, 0) < 0) + mpz_add(d, d, m); + + /* d has to be positive */ + assert(mpz_cmp(d, m) < 0); + + /* the speedup hacks */ + DBG(DBG_CONTROLMORE, + DBG_log("computing exp1, exp1, coeff...") + ) + mpz_init(exp1); + /* t = p-1 */ + mpz_sub_ui(t, p, 1); + /* exp1 = d mod p-1 */ + mpz_mod(exp1, d, t); + + mpz_init(exp2); + /* t = q-1 */ + mpz_sub_ui(t, q, 1); + /* exp2 = d mod q-1 */ + mpz_mod(exp2, d, t); + + mpz_init(coeff); + /* coeff = q^-1 mod p */ + mpz_invert(coeff, q, p); + + /* make sure coeff is positive */ + if (mpz_cmp_ui(coeff, 0) < 0) + mpz_add(coeff, coeff, p); + + /* coeff has to be positive */ + assert(mpz_cmp(coeff, p) < 0); + + /* Clear temporary variables */ + mpz_clear(q1); + mpz_clear(m); + mpz_clear(t); + + /* form FreeS/WAN keyid */ + { + size_t e_len = (mpz_sizeinbase(e,2)+BITS_PER_BYTE-1)/BITS_PER_BYTE; + size_t n_len = (mpz_sizeinbase(n,2)+BITS_PER_BYTE-1)/BITS_PER_BYTE; + chunk_t e_ch = mpz_to_n(e, e_len); + chunk_t n_ch = mpz_to_n(n, n_len); + form_keyid(e_ch, n_ch, key->pub.keyid, &key->pub.k); + freeanychunk(e_ch); + freeanychunk(n_ch); + } + /* fill in the elements of the RSA private key */ + key->p = *p; + key->q = *q; + key->pub.n = *n; + key->pub.e = *e; + key->d = *d; + key->dP = *exp1; + key->dQ = *exp2; + key->qInv = *coeff; + + DBG(DBG_CONTROL, + DBG_log("RSA key *%s generated with %d bits", key->pub.keyid + , (int)mpz_sizeinbase(n,2)) + ) + +#ifdef DEBUG + DBG(DBG_PRIVATE, + RSA_show_private_key(key) + ) +#endif + return NULL; +} diff --git a/programs/scepclient/rsakey.h b/programs/scepclient/rsakey.h new file mode 100644 index 000000000..3e3156d81 --- /dev/null +++ b/programs/scepclient/rsakey.h @@ -0,0 +1,31 @@ +/** + * @file rsakey.h + * @brief Functions for RSA key generation + */ + +/* + * Copyright (C) 1999, 2000, 2001 Henry Spencer. + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * $Id: rsakey.h,v 1.2 2005/08/11 21:52:56 as Exp $ + */ + +#ifndef RSAKEY_H_ +#define RSAKEY_H_ + +#include "../pluto/pkcs1.h" + +extern err_t generate_rsa_private_key(int nbits, RSA_private_key_t *key); + +#endif // RSAKEY_H_ diff --git a/programs/scepclient/scep.c b/programs/scepclient/scep.c new file mode 100644 index 000000000..577191787 --- /dev/null +++ b/programs/scepclient/scep.c @@ -0,0 +1,598 @@ +/** + * @file scep.c + * @brief SCEP specific functions + * + * Contains functions to build SCEP request's and to parse SCEP reply's. + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <string.h> +#include <stdlib.h> + +#include <freeswan.h> + +#ifdef LIBCURL +#include <curl/curl.h> +#endif + +#include "../pluto/constants.h" +#include "../pluto/defs.h" +#include "../pluto/rnd.h" +#include "../pluto/oid.h" +#include "../pluto/asn1.h" +#include "../pluto/pkcs1.h" +#include "../pluto/fetch.h" +#include "../pluto/log.h" + +#include "scep.h" + +static char ASN1_messageType_oid_str[] = { + 0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x02 +}; + +static char ASN1_senderNonce_oid_str[] = { + 0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x05 +}; + +static char ASN1_transId_oid_str[] = { + 0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x07 +}; + +static const chunk_t ASN1_messageType_oid = + strchunk(ASN1_messageType_oid_str); +static const chunk_t ASN1_senderNonce_oid = + strchunk(ASN1_senderNonce_oid_str); +static const chunk_t ASN1_transId_oid = + strchunk(ASN1_transId_oid_str); + +static const char *pkiStatus_values[] = { "0", "2", "3" }; + +static const char *pkiStatus_names[] = { + "SUCCESS", + "FAILURE", + "PENDING", + "UNKNOWN" +}; + +static const char *msgType_values[] = { "3", "19", "20", "21", "22" }; + +static const char *msgType_names[] = { + "CertRep", + "PKCSReq", + "GetCertInitial", + "GetCert", + "GetCRL", + "Unknown" +}; + +static const char *failInfo_reasons[] = { + "badAlg - unrecognized or unsupported algorithm identifier", + "badMessageCheck - integrity check failed", + "badRequest - transaction not permitted or supported", + "badTime - Message time field was not sufficiently close to the system time", + "badCertId - No certificate could be identified matching the provided criteria" +}; + +const scep_attributes_t empty_scep_attributes = { + SCEP_Unknown_MSG , /* msgType */ + SCEP_UNKNOWN , /* pkiStatus */ + SCEP_unknown_REASON, /* failInfo */ + { NULL, 0 } , /* transID */ + { NULL, 0 } , /* senderNonce */ + { NULL, 0 } , /* recipientNonce */ +}; + +/* ASN.1 definition of the X.501 atttribute type */ + +static const asn1Object_t attributesObjects[] = { + { 0, "attributes", ASN1_SET, ASN1_LOOP }, /* 0 */ + { 1, "attribute", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */ + { 2, "type", ASN1_OID, ASN1_BODY }, /* 2 */ + { 2, "values", ASN1_SET, ASN1_LOOP }, /* 3 */ + { 3, "value", ASN1_EOC, ASN1_RAW }, /* 4 */ + { 2, "end loop", ASN1_EOC, ASN1_END }, /* 5 */ + { 0, "end loop", ASN1_EOC, ASN1_END }, /* 6 */ +}; + +#define ATTRIBUTE_OBJ_TYPE 2 +#define ATTRIBUTE_OBJ_VALUE 4 +#define ATTRIBUTE_OBJ_ROOF 7 + +/* + * extract and store an attribute + */ +static bool +extract_attribute(int oid, chunk_t object, u_int level +, scep_attributes_t *attrs) +{ + asn1_t type = ASN1_EOC; + const char *name = "none"; + + switch (oid) + { + case OID_PKCS9_CONTENT_TYPE: + type = ASN1_OID; + name = "contentType"; + break; + case OID_PKCS9_SIGNING_TIME: + type = ASN1_UTCTIME; + name = "signingTime"; + break; + case OID_PKCS9_MESSAGE_DIGEST: + type = ASN1_OCTET_STRING; + name = "messageDigest"; + break; + case OID_PKI_MESSAGE_TYPE: + type = ASN1_PRINTABLESTRING; + name = "messageType"; + break; + case OID_PKI_STATUS: + type = ASN1_PRINTABLESTRING; + name = "pkiStatus"; + break; + case OID_PKI_FAIL_INFO: + type = ASN1_PRINTABLESTRING; + name = "failInfo"; + break; + case OID_PKI_SENDER_NONCE: + type = ASN1_OCTET_STRING; + name = "senderNonce"; + break; + case OID_PKI_RECIPIENT_NONCE: + type = ASN1_OCTET_STRING; + name = "recipientNonce"; + break; + case OID_PKI_TRANS_ID: + type = ASN1_PRINTABLESTRING; + name = "transID"; + break; + default: + break; + } + + if (type == ASN1_EOC) + return TRUE; + + if (!parse_asn1_simple_object(&object, type, level+1, name)) + return FALSE; + + switch (oid) + { + case OID_PKCS9_CONTENT_TYPE: + break; + case OID_PKCS9_SIGNING_TIME: + break; + case OID_PKCS9_MESSAGE_DIGEST: + break; + case OID_PKI_MESSAGE_TYPE: + { + scep_msg_t m; + + for (m = SCEP_CertRep_MSG; m < SCEP_Unknown_MSG; m++) + { + if (strncmp(msgType_values[m], object.ptr, object.len) == 0) + attrs->msgType = m; + } + DBG(DBG_CONTROL, + DBG_log("messageType: %s", msgType_names[attrs->msgType]) + ) + } + break; + case OID_PKI_STATUS: + { + pkiStatus_t s; + + for (s = SCEP_SUCCESS; s < SCEP_UNKNOWN; s++) + { + if (strncmp(pkiStatus_values[s], object.ptr, object.len) == 0) + attrs->pkiStatus = s; + } + DBG(DBG_CONTROL, + DBG_log("pkiStatus: %s", pkiStatus_names[attrs->pkiStatus]) + ) + } + break; + case OID_PKI_FAIL_INFO: + if (object.len == 1 + && *object.ptr >= '0' && *object.ptr <= '4') + { + attrs->failInfo = (failInfo_t)(*object.ptr - '0'); + } + if (attrs->failInfo != SCEP_unknown_REASON) + plog("failInfo: %s", failInfo_reasons[attrs->failInfo]); + break; + case OID_PKI_SENDER_NONCE: + attrs->senderNonce = object; + break; + case OID_PKI_RECIPIENT_NONCE: + attrs->recipientNonce = object; + break; + case OID_PKI_TRANS_ID: + attrs->transID = object; + } + return TRUE; +} + +/* + * parse X.501 attributes + */ +bool +parse_attributes(chunk_t blob, scep_attributes_t *attrs) +{ + asn1_ctx_t ctx; + chunk_t object; + u_int level; + int oid = OID_UNKNOWN; + int objectID = 0; + + asn1_init(&ctx, blob, 0, FALSE, DBG_RAW); + + DBG(DBG_CONTROL | DBG_PARSING, + DBG_log("parsing attributes") + ) + while (objectID < ATTRIBUTE_OBJ_ROOF) + { + if (!extract_object(attributesObjects, &objectID + , &object, &level, &ctx)) + return FALSE; + + switch (objectID) + { + case ATTRIBUTE_OBJ_TYPE: + oid = known_oid(object); + break; + case ATTRIBUTE_OBJ_VALUE: + if (!extract_attribute(oid, object, level, attrs)) + return FALSE; + } + objectID++; + } + return TRUE; +} + +/* generates a unique fingerprint of the pkcs10 request + * by computing an MD5 hash over it + */ +void +scep_generate_pkcs10_fingerprint(chunk_t pkcs10, chunk_t *fingerprint) +{ + char buf[MD5_DIGEST_SIZE]; + chunk_t digest = { buf, sizeof(buf) }; + + /* the fingerprint is the MD5 hash in hexadecimal format */ + compute_digest(pkcs10, OID_MD5, &digest); + fingerprint->len = 2*digest.len; + fingerprint->ptr = alloc_bytes(fingerprint->len + 1, "fingerprint"); + datatot(digest.ptr, digest.len, 16, fingerprint->ptr, fingerprint->len + 1); +} + +/* generate a transaction id as the MD5 hash of an public key + * the transaction id is also used as a unique serial number + */ +void +scep_generate_transaction_id(const RSA_public_key_t *rsak +, chunk_t *transID, chunk_t *serialNumber) +{ + char buf[MD5_DIGEST_SIZE]; + + chunk_t digest = { buf, sizeof(buf) }; + chunk_t public_key = pkcs1_build_publicKeyInfo(rsak); + + bool msb_set; + u_char *pos; + + compute_digest(public_key, OID_MD5, &digest); + pfree(public_key.ptr); + + /* is the most significant bit of the digest set? */ + msb_set = (*digest.ptr & 0x80) == 0x80; + + /* allocate space for the serialNumber */ + serialNumber->len = msb_set + digest.len; + serialNumber->ptr = alloc_bytes(serialNumber->len, "serialNumber"); + + /* the serial number as the two's complement of the digest */ + pos = serialNumber->ptr; + if (msb_set) + { + *pos++ = 0x00; + } + memcpy(pos, digest.ptr, digest.len); + + /* the transaction id is the serial number in hex format */ + transID->len = 2*digest.len; + transID->ptr = alloc_bytes(transID->len + 1, "transID"); + datatot(digest.ptr, digest.len, 16, transID->ptr, transID->len + 1); +} + +/* + * builds a transId attribute + */ +chunk_t +scep_transId_attribute(chunk_t transID) +{ + return asn1_wrap(ASN1_SEQUENCE, "cm" + , ASN1_transId_oid + , asn1_wrap(ASN1_SET, "m" + , asn1_simple_object(ASN1_PRINTABLESTRING, transID) + ) + ); +} + +/* + * builds a messageType attribute + */ +chunk_t +scep_messageType_attribute(scep_msg_t m) +{ + chunk_t msgType = { + msgType_values[m], + strlen(msgType_values[m]) + }; + + return asn1_wrap(ASN1_SEQUENCE, "cm" + , ASN1_messageType_oid + , asn1_wrap(ASN1_SET, "m" + , asn1_simple_object(ASN1_PRINTABLESTRING, msgType) + ) + ); +} + +/* + * builds a senderNonce attribute + */ +chunk_t +scep_senderNonce_attribute(void) +{ + const size_t nonce_len = 16; + u_char nonce_buf[nonce_len]; + chunk_t senderNonce = { nonce_buf, nonce_len }; + + get_rnd_bytes(nonce_buf, nonce_len); + + return asn1_wrap(ASN1_SEQUENCE, "cm" + , ASN1_senderNonce_oid + , asn1_wrap(ASN1_SET, "m" + , asn1_simple_object(ASN1_OCTET_STRING, senderNonce) + ) + ); +} + +/* + * builds a pkcs7 enveloped and signed scep request + */ +chunk_t +scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg +, const x509cert_t *enc_cert, int enc_alg +, const x509cert_t *signer_cert, int digest_alg +, const RSA_private_key_t *private_key) +{ + chunk_t envelopedData, attributes, request; + + envelopedData = pkcs7_build_envelopedData(data, enc_cert, enc_alg); + + attributes = asn1_wrap(ASN1_SET, "mmmmm" + , pkcs7_contentType_attribute() + , pkcs7_messageDigest_attribute(envelopedData + , digest_alg) + , scep_transId_attribute(transID) + , scep_messageType_attribute(msg) + , scep_senderNonce_attribute()); + + request = pkcs7_build_signedData(envelopedData, attributes + , signer_cert, digest_alg, private_key); + freeanychunk(envelopedData); + freeanychunk(attributes); + return request; +} + +#ifdef LIBCURL +/* converts a binary request to base64 with 64 characters per line + * newline and '+' characters are escaped by %0A and %2B, respectively + */ +static char* +escape_http_request(chunk_t req) +{ + char *escaped_req = NULL; + char *p1, *p2; + int lines = 0; + int plus = 0; + int n = 0; + + /* compute and allocate the size of the base64-encoded request */ + int len = 1 + 4*((req.len + 2)/3); + char *encoded_req = alloc_bytes(len, "encoded request"); + + /* do the base64 conversion */ + len = datatot(req.ptr, req.len, 64, encoded_req, len); + + /* compute newline characters to be inserted every 64 characters */ + lines = (len - 2) / 64; + + /* count number of + characters to be escaped */ + p1 = encoded_req; + while (*p1 != '\0') + { + if (*p1++ == '+') + plus++; + } + + escaped_req = alloc_bytes(len + 3*(lines + plus), "escaped request"); + + /* escape special characters in the request */ + p1 = encoded_req; + p2 = escaped_req; + while (*p1 != '\0') + { + if (n == 64) + { + memcpy(p2, "%0A", 3); + p2 += 3; + n = 0; + } + if (*p1 == '+') + { + memcpy(p2, "%2B", 3); + p2 += 3; + } + else + { + *p2++ = *p1; + } + p1++; + n++; + } + *p2 = '\0'; + pfreeany(encoded_req); + return escaped_req; +} +#endif + +/* + * send a SCEP request via HTTP and wait for a response + */ +bool +scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op +, fetch_request_t req_type, chunk_t *response) +{ +#ifdef LIBCURL + char errorbuffer[CURL_ERROR_SIZE] = ""; + char *complete_url = NULL; + struct curl_slist *headers = NULL; + CURL *curl; + CURLcode res; + + /* initialize response */ + *response = empty_chunk; + + /* initialize curl context */ + curl = curl_easy_init(); + if (curl == NULL) + { + plog("could not initialize curl context"); + return FALSE; + } + + if (op == SCEP_PKI_OPERATION) + { + const char operation[] = "PKIOperation"; + + if (req_type == FETCH_GET) + { + char *escaped_req = escape_http_request(pkcs7); + + /* form complete url */ + int len = strlen(url) + 20 + strlen(operation) + strlen(escaped_req) + 1; + + complete_url = alloc_bytes(len, "complete url"); + snprintf(complete_url, len, "%s?operation=%s&message=%s" + , url, operation, escaped_req); + pfreeany(escaped_req); + + curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE); + headers = curl_slist_append(headers, "Pragma:"); + headers = curl_slist_append(headers, "Host:"); + headers = curl_slist_append(headers, "Accept:"); + curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); + } + else /* HTTP_POST */ + { + /* form complete url */ + int len = strlen(url) + 11 + strlen(operation) + 1; + + complete_url = alloc_bytes(len, "complete url"); + snprintf(complete_url, len, "%s?operation=%s", url, operation); + + curl_easy_setopt(curl, CURLOPT_HTTPGET, FALSE); + headers = curl_slist_append(headers, "Content-Type:"); + headers = curl_slist_append(headers, "Expect:"); + curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); + curl_easy_setopt(curl, CURLOPT_POSTFIELDS, pkcs7.ptr); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, pkcs7.len); + } + } + else /* SCEP_GET_CA_CERT */ + { + const char operation[] = "GetCACert"; + + /* form complete url */ + int len = strlen(url) + 32 + strlen(operation) + 1; + + complete_url = alloc_bytes(len, "complete url"); + snprintf(complete_url, len, "%s?operation=%s&message=CAIdentifier" + , url, operation); + + curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE); + } + + curl_easy_setopt(curl, CURLOPT_URL, complete_url); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)response); + curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer); + curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE); + curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT); + + DBG(DBG_CONTROL, + DBG_log("sending scep request to '%s'", url) + ) + res = curl_easy_perform(curl); + + if (res == CURLE_OK) + { + DBG(DBG_CONTROL, + DBG_log("received scep response") + ) + DBG(DBG_RAW, + DBG_dump_chunk("SCEP response:\n", *response) + ) + } + else + { + plog("failed to fetch scep response from '%s': %s", url, errorbuffer); + } + curl_slist_free_all(headers); + curl_easy_cleanup(curl); + pfreeany(complete_url); + + return (res == CURLE_OK); +#else /* !LIBCURL */ + plog("scep error: pluto wasn't compiled with libcurl support"); + return FALSE; +#endif /* !LIBCURL */ +} + +err_t +scep_parse_response(chunk_t response, chunk_t transID, contentInfo_t *data +, scep_attributes_t *attrs, x509cert_t *signer_cert) +{ + chunk_t attributes; + + if (!pkcs7_parse_signedData(response, data, NULL, &attributes, signer_cert)) + { + return "error parsing the scep response"; + } + if (!parse_attributes(attributes, attrs)) + { + return "error parsing the scep response attributes"; + } + if (!same_chunk(transID, attrs->transID)) + { + return "transaction ID of scep response does not match"; + } + return NULL; +} diff --git a/programs/scepclient/scep.h b/programs/scepclient/scep.h new file mode 100644 index 000000000..81e5d1a4b --- /dev/null +++ b/programs/scepclient/scep.h @@ -0,0 +1,93 @@ +/** + * @file scep.h + * @brief SCEP specific functions + * + * Contains functions to build and parse SCEP requests and replies + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef _SCEP_H +#define _SCEP_H + +#include "../pluto/defs.h" +#include "../pluto/pkcs1.h" +#include "../pluto/pkcs7.h" + +/* supported SCEP operation types */ +typedef enum { + SCEP_PKI_OPERATION, + SCEP_GET_CA_CERT +} scep_op_t; + +/* SCEP pkiStatus values */ +typedef enum { + SCEP_SUCCESS, + SCEP_FAILURE, + SCEP_PENDING, + SCEP_UNKNOWN +} pkiStatus_t; + +/* SCEP messageType values */ +typedef enum { + SCEP_CertRep_MSG, + SCEP_PKCSReq_MSG, + SCEP_GetCertInitial_MSG, + SCEP_GetCert_MSG, + SCEP_GetCRL_MSG, + SCEP_Unknown_MSG +} scep_msg_t; + +/* SCEP failure reasons */ +typedef enum { + SCEP_badAlg_REASON = 0, + SCEP_badMessageCheck_REASON = 1, + SCEP_badRequest_REASON = 2, + SCEP_badTime_REASON = 3, + SCEP_badCertId_REASON = 4, + SCEP_unknown_REASON = 5 +} failInfo_t; + +/* SCEP attributes */ +typedef struct { + scep_msg_t msgType; + pkiStatus_t pkiStatus; + failInfo_t failInfo; + chunk_t transID; + chunk_t senderNonce; + chunk_t recipientNonce; +} scep_attributes_t; + +extern const scep_attributes_t empty_scep_attributes; + +extern bool parse_attributes(chunk_t blob, scep_attributes_t *attrs); +extern void scep_generate_pkcs10_fingerprint(chunk_t pkcs10 + , chunk_t *fingerprint); +extern void scep_generate_transaction_id(const RSA_public_key_t *rsak + , chunk_t *transID, chunk_t *serialNumber); +extern chunk_t scep_transId_attribute(chunk_t transaction_id); +extern chunk_t scep_messageType_attribute(scep_msg_t m); +extern chunk_t scep_senderNonce_attribute(void); +extern chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg + , const x509cert_t *enc_cert, int enc_alg + , const x509cert_t *signer_cert, int digest_alg + , const RSA_private_key_t *private_key); +extern bool scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op + , fetch_request_t request_type, chunk_t *response); +extern err_t scep_parse_response(chunk_t response, chunk_t transID + , contentInfo_t *data, scep_attributes_t *attrs, x509cert_t *signer_cert); + +#endif /* _SCEP_H */ diff --git a/programs/scepclient/scepclient.8 b/programs/scepclient/scepclient.8 new file mode 100644 index 000000000..0d6364ef2 --- /dev/null +++ b/programs/scepclient/scepclient.8 @@ -0,0 +1,288 @@ +.\" +.TH "IPSEC_SCEPCLIENT" "8" "29 September 2005" "Jan Hutter, Martin Willi" "" +.SH "NAME" +ipsec scepclient \- Client for the SCEP protocol +.SH "SYNOPSIS" +.B ipsec scepclient [argument ...] +.sp +.B ipsec scepclient +.B \-\-help +.br +.B ipsec scepclient +.B \-\-version +.SH "DESCRIPTION" +.BR scepclient +is a client implementation of Cisco System's Simple Certificate Enrollment Protocol (SCEP) written for Linux strongSwan <http://www.strongswan.org>. +.BR scepclient +is designed to be used for certificate enrollment on machines using the OpenSource IPsec solution +.I strongSwan. +.SH "FEATURES" +.BR scepclient +implements the following features of SCEP: +.br +.IP "\-" 4 +Automatic enrollment of client certificate using a preshared secret +.IP "\-" 4 +Manual enrollment of client certificate. Offline fingerprint check required! +.IP "\-" 4 +Acquisition of CA certificate(s) +.SH "OPTIONS" +.SS Basic Startup Options +.B \-v, \-\-version +.RS 4 +Display the version of ipsec scepclient. +.PP +.RE +.B \-h, \-\-help +.RS 4 +Display usage of ipsec scepclient. +.RE + +.SS General Options +.B \-u, \-\-url \fIurl\fP +.RS 4 +Full HTTP URL of the SCEP server to be used for certificate enrollment and CA certificate acquisition. +.RE +.PP +.B \-+, \-\-optionsfrom \fIfilename\fP +.RS 4 +Reads additional options from \fIfilename\fP. +.RE +.PP +.B \-f, \-\-force +.RS 4 +Overwrite existing output file[s]. +.RE +.PP +.B \-q, \-\-quiet +.RS 4 +Do not write log output to stderr. +.RE + +.SS Options for CA Certificate Acquisition +.B \-o, \-\-out cacert[=\fIfilename\fP] +.RS 4 +Output file of acquired CA certificate. If more then one CA certificate is available, \fIfilename\fP is used as prefix for the resulting files. +.br +The default \fIfilename\fP is $CONFDIR/ipsec.d/cacerts/caCert.der. +.RE + +.SS Options For Certificate Enrollment +.B \-i, \-\-in \fItype\fP[=\fIfilename\fP] +.RS 4 +Input file for certificate enrollment. This option can be specified multiple times to specify input files for every \fItype\fP. +Input files can bei either DER or PEM encoded. +.PP +Supported values for \fItype\fP: +.IP "\fBpkcs1\fP" 12 +RSA private key in PKCS#1 file format. If no input of this type is specified, a RSA key gets generated. +.br +The default \fIfilename\fP is $CONFDIR/ipsec.d/private/myKey.der. +.IP "\fBcacert\-enc\fP" 12 +CA certificate to encrypt the SCEP request. Has to be specified for certificate enrollment. +.br +The default \fIfilename\fP is $CONFDIR/ipsec.d/cacerts/caCert.der. +.IP "\fBcacert\-sig\fP" 12 +CA certificate to check signature of SCEP reply. Has to be specified for certificate enrollment. +.br +The default \fIfilename\fP is $CONFDIR/ipsec.d/cacerts/caCert.der. +.RE +.PP +.B \-k, \-\-keylength \fIbits\fP +.RS 4 +sets the key length for RSA key generation. The default length for a generated rsa key is set to 2048 bit. +.RE +.PP +.B \-D, \-\-days \fIdays\fP +.RS 4 +Validity of the self-signed X.509 certificate in days. The default is 1825 days (5 years). +.RE +.PP +.B \-S, \-\-startdate \fIYYMMDDHHMMSS\fPZ +.RS 4 +defines the \fBnotBefore\fP date when the X.509 certificate becomes valid. +The date has the format \fIYYMMDDHHMMSS\fP and must be specified in UTC (Zulu time). +If the \fB--startdate\fP option is not specified then the current date is taken as a default. +.RE +.PP +.B \-E, \-\-enddate \fIYYMMDDHHMMSS\fPZ +.RS 4 +defines the \fBnotAfter\fP date when the X.509 certificate will expire. +The date has the format \fIYYMMDDHHMMSS\fP and must be specified in UTC (Zulu time). +If the \fB--enddate\fP option is not specified then the default \fBnotAfter\fP value is computed by +adding the validity interval specified by the \fB--days\fP option to the \fBnotBefore\fP date. +.RE +.PP +.B \-d, \-\-dn \fIdn\fP +.RS 4 +Distinguished name as comma separated list of relative distinguished names. Use quotation marks for a distinguished name containing spaces. If the \fB\-\-dn\fP parameter is missing then the default "C=CH, O=Linux strongSwan, CN=\fIhostname\fP" +is used with \fIhostname\fP being the return value of the \fIgethostname\fP() function. +.RE +.PP +.B \-s, \-\-subjectAltName \fItype\fP=\fIvalue\fP +.RS 4 +Include subjectAltName in certificate request. This option can be specified multiple times to specify a subjectAltName +for every \fItype\fP. +.PP +Supported values for \fItype\fP: +.IP "\fBemail\fP" 12 +subjectAltName is a email address. +.IP "\fBdns\fP" 12 +subjectAltName is a hostname. +.IP "\fBip\fP" 12 +subjectAltName is a IP address. +.RE +.PP +.B \-p, \-\-password \fIpw\fP +.RS 4 +Password to be included as a \fIchallenge password\fP in SCEP request. +If \fIpw\fP is \fB%prompt\fP', the password gets prompted for on the command line. +.IP +\- In automatic mode, this password corresponds to the preshared secret for the given enrollment. +.IP +\- In manual mode, this password can be used to later revoke the corresponding certificate. +.RE +.PP +.B \-a, \-\-algorithm \fIalgo\fP +.RS 4 +Change symmetric algorithm to use for encryption of certificate Request. +The default is \fB3des\-cbc\fP. +.PP +Supported values for \fIalgo\fP: +.IP "\fBdes\-cbc\fP" 12 +DES CBC encryption (key size = 56 bit). +.IP "\fB3des\-cbc\fP" 12 +Triple DES CBC encryption (key size = 168 bit). +.RE +.PP +.B \-o, \-\-out \fItype\fP[=\fIfilename\fP] +.RS 4 +Output file for certificate enrollment. This option can be specified multiple times to specify output files for every \fItype\fP. +.PP +Supported values for \fItype\fP: +.IP "\fBpkcs1\fP" 12 +RSA private key in PKCS#1 file format. If specified, the RSA key used for enrollment is stored in file \fIfilename\fP. +If none of the \fItypes\fP listed below are specified, \fBscepclient\fP will stop after outputting this file. +.br +The default \fIfilename\fP is $CONFDIR/ipsec.d/private/myKey.der. +.IP "\fBpkcs10\fP" 12 +PKCS#10 certificate request. If specified, the PKCS#10 request used or certificate enrollment is stored in file \fIfilename\fP. +If none of the \fItypes\fP listed below are specified, \fBscepclient\fP will stop after outputting this file. +.br +The default \fIfilename\fP is $CONFDIR/ipsec.d/req/myReq.der. +.IP "\fBpkcs7\fP" 12 +PKCS#7 SCEP request as it is sent using HTTP to the SCEP server. If specified, this SCEP request is stored in file \fIfilename\fP. +If none of \fItypes\fP listed below is not specified, \fBscepclient\fP will stop after outputting this file. +.br +The default \fIfilename\fP is $CONFDIR/ipsec.d/req/pkcs7.der. +.IP "\fBcert-self\fP" 12 +Self-signed certificate. If specified the self-signed certificate is stored in file \fIfilename\fP. +.br +The default \fIfilename\fP is $CONFDIR/ipsec.d/certs/selfCert.der. +.IP "\fBcert\fP" 12 +Enrolled certificate. This \fItype\fP must be specified for certificate enrollment. +The enrolled certificate is stored in file \fIfilename\fP. +.br +The default \fIfilename\fP is set to $CONFDIR/ipsec.d/certs/myCert.der. +.RE +.PP +.B \-m, \-\-method \fImethod\fP +.RS 4 +Change HTTP request method for certificate enrollment. Default is \fBget\fP. +.PP +Supported values for \fImethod\fP: +.IP "\fBpost\fP" 12 +Certificate enrollment using HTTP POST. Must be supported by the given SCEP server. +.IP "\fBget\fP" 12 +Certificate enrollment using HTTP GET. +.RE +.PP +.B \-t, \-\-interval \fIseconds\fP +.RS 4 +Set interval time in seconds when polling in manual mode. +The default interval is set to 5 seconds. +.RE +.PP +.B \-x, \-\-maxpolltime \fIseconds\fP +.RS 4 +Set max time in seconds to poll in manual mode. +The default max time is set to unlimited. +.RE + +.SS Debugging Output Options: +.B \-A, \-\-debug\-all +.RS 4 +Log everything except private data. +.RE +.PP +.B \-P, \-\-debug\-parsing +.RS 4 +Log parsing relevant stuff. +.RE +.PP +.B \-R, \-\-debug\-raw +.RS 4 +Log raw hex dumps. +.RE +.PP +.B \-C, \-\-debug\-control +.RS 4 +Log informations about control flow. +.RE +.PP +.B \-M, \-\-debug\-controlmore +.RS 4 +Log more detailed informations about control flow. +.RE +.PP +.B \-X, \-\-debug\-private +.RS 4 +Log sensitive data (e.g. private keys). +.RE +.SH "EXAMPLES" +.B ipsec scepclient \-\-out caCert \-\-url http://scepserver/cgi\-bin/pkiclient.exe \-f +.RS 4 +Acquire CA certificate from SCEP server and store it in the default file $CONFDIR/ipsec.d/cacerts/caCert.der. +If more then one CA certificate is returned, store them in files named caCert.der\-1', caCert.der\-2', etc. +.br +Existing files are overwritten. +.RE +.PP +.B ipsec scepclient \-\-out pkcs1=joeKey.der \-k 1024 +.RS 4 +Generate RSA private key with key length of 1024 bit and store it in file joeKey.der. +.RE +.PP +.B ipsec scepclient \-\-in pkcs1=joeKey.der \-\-out pkcs10=joeReq.der \e +.br +.B \-\-dn \*(rqC=AT, CN=John Doe\*(rq \-s email=john@doe.com \-p mypassword +.RS 4 +Generate a PKCS#10 request and store it in file joeReq.der. Use the RSA private key joeKey.der +created earlier to sign the PKCS#10\-Request. In addition to the distinguished name include a +email\-subjectAltName and a challenge password in the request. +.RE +.PP +.B ipsec scepclient \-\-out pkcs1=joeKey.der \-\-out cert==joeCert.der \e +.br +.B \-\-dn \*(rqC=CH, CN=John Doe\*(rq \-k 512 \-p 5xH2pnT7wq \e +.br +.B \-\-url http://scep.hsr.ch/cgi\-bin/pkiclient.exe \e +.br +.B \-\-in cacert\-enc=caCert.der \-\-in cacert\-sig=caCert.der +.RS 4 +Generate a new RSA key for the request and store it in joeKey.der. Then enroll a certificate and store as joeCert.der. +The challenge password is '5xH2pnT7wq'. The encryption and signature check has to be made with the same CA certificate +caCert.der. +.RE + + +.SH "BUGS" +\fB\-\-optionsfrom\fP seems to have parsing problems reading option files containing strings in quotation marks. +.SH "COPYRIGHT" +Copyright (C) 2005 Jan Hutter, Martin Willi +.br +Hochschule fuer Technik Rapperswil +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. diff --git a/programs/scepclient/scepclient.c b/programs/scepclient/scepclient.c new file mode 100644 index 000000000..bde460844 --- /dev/null +++ b/programs/scepclient/scepclient.c @@ -0,0 +1,1036 @@ +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @file main.c + * @brief scepclient main program + */ + +/** + * @mainpage SCEP for Linux strongSwan + * + * Documentation of SCEP for Linux StrongSwan + */ + +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <getopt.h> +#include <ctype.h> +#include <unistd.h> +#include <time.h> +#include <gmp.h> + +#include <freeswan.h> + +#include "../pluto/constants.h" +#include "../pluto/defs.h" +#include "../pluto/log.h" +#include "../pluto/oid.h" +#include "../pluto/asn1.h" +#include "../pluto/pkcs1.h" +#include "../pluto/pkcs7.h" +#include "../pluto/certs.h" +#include "../pluto/fetch.h" +#include "../pluto/rnd.h" + +#include "rsakey.h" +#include "pkcs10.h" +#include "scep.h" + +/* + * definition of some defaults + */ + +/* default name of DER-encoded PKCS#1 private key file */ +#define DEFAULT_FILENAME_PKCS1 "myKey.der" + +/* default name of DER-encoded PKCS#10 certificate request file */ +#define DEFAULT_FILENAME_PKCS10 "myReq.der" + +/* default name of DER-encoded PKCS#7 file */ +#define DEFAULT_FILENAME_PKCS7 "pkcs7.der" + +/* default name of DER-encoded self-signed X.509 certificate file */ +#define DEFAULT_FILENAME_CERT_SELF "selfCert.der" + +/* default name of DER-encoded X.509 certificate file */ +#define DEFAULT_FILENAME_CERT "myCert.der" + +/* default name of DER-encoded CA cert file used for key encipherment */ +#define DEFAULT_FILENAME_CACERT_ENC "caCert.der" + +/* default name of the der encoded CA cert file used for signature verification */ +#define DEFAULT_FILENAME_CACERT_SIG "caCert.der" + +/* default prefix of the der encoded CA certificates received from the SCEP server */ +#define DEFAULT_FILENAME_PREFIX_CACERT "caCert.der" + +/* default certificate validity */ +#define DEFAULT_CERT_VALIDITY 5 * 3600 * 24 * 365 /* seconds */ + +/* default polling time interval in SCEP manual mode */ +#define DEFAULT_POLL_INTERVAL 20 /* seconds */ + +/* default key length for self-generated RSA keys */ +#define DEFAULT_RSA_KEY_LENGTH 2048 /* bits */ + +/* default distinguished name */ +#define DEFAULT_DN "C=CH, O=Linux strongSwan, CN=" + +/* challenge password buffer size */ +#define MAX_PASSWORD_LENGTH 256 + +/* Max length of filename for tempfile */ +#define MAX_TEMP_FILENAME_LENGTH 256 + + +/* current scepclient version */ +static const char *scepclient_version = "1.0"; + +/* by default the CRL policy is lenient */ +bool strict_crl_policy = FALSE; + +/* by default pluto does not check crls dynamically */ +long crl_check_interval = 0; + +/* by default pluto logs out after every smartcard use */ +bool pkcs11_keep_state = FALSE; + + +/* + * Global variables + */ + +RSA_private_key_t *private_key = NULL; + +chunk_t pkcs1; +chunk_t pkcs7; +chunk_t subject; +chunk_t challengePassword; +chunk_t serialNumber; +chunk_t transID; +chunk_t fingerprint; +chunk_t issuerAndSubject; +chunk_t getCertInitial; +chunk_t scep_response; +cert_t cert; + +x509cert_t *x509_signer = NULL; +x509cert_t *x509_ca_enc = NULL; +x509cert_t *x509_ca_sig = NULL; +generalName_t *subjectAltNames = NULL; +pkcs10_t *pkcs10 = NULL; + +/** + * @brief exit scepclient + * + * The log is closed and leaks are reported + * if LEAK_DETECTIVE is activated + * + * @param status 0 = OK, 1 = general discomfort + */ +static void +exit_scepclient(err_t message, ...) +{ + if (private_key != NULL) + { + free_RSA_private_content(private_key); + pfree(private_key); + } + freeanychunk(pkcs1); + freeanychunk(pkcs7); + freeanychunk(subject); + freeanychunk(serialNumber); + freeanychunk(transID); + freeanychunk(fingerprint); + freeanychunk(issuerAndSubject); + freeanychunk(getCertInitial); + if (scep_response.ptr != NULL) + free(scep_response.ptr); + + free_generalNames(subjectAltNames, TRUE); + if (x509_signer != NULL) + x509_signer->subjectAltName = NULL; + + free_x509cert(x509_signer); + free_x509cert(x509_ca_enc); + free_x509cert(x509_ca_sig); + pkcs10_free(pkcs10); + +#ifdef LEAK_DETECTIVE + report_leaks(); +#endif /* LEAK_DETECTIVE */ + close_log(); + + /* print any error message to stderr */ + if (message != NULL && *message != '\0') + { + va_list args; + char m[LOG_WIDTH]; /* longer messages will be truncated */ + + va_start(args, message); + vsnprintf(m, sizeof(m), message, args); + va_end(args); + + fprintf(stderr, "error: %s\n", m); + exit(-1); + } + exit(0); +} + +/** + * @brief prints the program version and exits + * + */ +static void +version(void) +{ + printf("scepclient %s\n", scepclient_version); + exit_scepclient(NULL); +} + +/** + * @brief prints the usage of the program to the stderr output + * + * If message is set, program is exitet with 1 (error) + * @param message message in case of an error + */ +static void +usage(const char *message) +{ + fprintf(stderr, + "Usage: scepclient\n" + " --help (-h) show usage and exit\n" + " --version (-v) show version and exit\n" + " --quiet (-q) do not write log output to stderr\n" + " --in (-i) <type>[=<filename>] use <filename> of <type> for input \n" + " <type> = pkcs1 | cacert-enc | cacert-sig\n" + " - if no pkcs1 input is defined, a \n" + " RSA key will be generated\n" + " - if no filename is given, default is used\n" + " --out (-o) <type>[=<filename>] write output of <type> to <filename>\n" + " multiple outputs are allowed\n" + " <type> = pkcs1 | pkcs10 | pkcs7 | cert-self | cert | cacert\n" + " - type cacert defines filename prefix of\n" + " received CA certificate(s)\n" + " - if no filename is given, default is used\n" + " --optionsfrom (-+) <filename> reads additional options from given file\n" + " --force (-f) force existing file(s)\n" + "\n" + "Options for key generation (pkcs1):\n" + " --keylength (-k) <bits> key length for RSA key generation\n" + "(default: 2048 bits)\n" + "\n" + "Options for validity:\n" + " --days (-D) <days> validity in days\n" + " --startdate (-S) <YYMMDDHHMMSS>Z not valid before date\n" + " --enddate (-E) <YYMMDDHHMMSS>Z not valid after date\n" + "\n" + "Options for request generation (pkcs10):\n" + " --dn (-d) <dn> comma separated list of distinguished names\n" + " --subjectAltName (-s) <t>=<v> include subjectAltName in certificate request\n" + " <t> = email | dns | ip \n" + " --password (-p) <pw> challenge password\n" + " - if pw is '%%prompt', password gets prompted for\n" + " --algorithm (-a) <algo> use specified algorithm for PKCS#7 encryption\n" + " <algo> = des-cbc | 3des-cbc (default: 3des-cbc)\n" + "\n" + "Options for enrollment (cert):\n" + " --url (-u) <url> url of the SCEP server\n" + " --method (-m) post | get http request type\n" + " --interval (-t) <seconds> manual mode poll interval in seconds (default 20s)\n" + " --maxpolltime (-x) <seconds> max poll time in seconds when in manual mode\n" + " (default: unlimited)\n" +#ifdef DEBUG + "\n" + "Debugging output:\n" + " --debug-all (-A) show everything except private\n" + " --debug-parsing (-P) show parsing relevant stuff\n" + " --debug-raw (-R) show raw hex dumps\n" + " --debug-control (-C) show control flow output\n" + " --debug-controlmore (-M) show more control flow\n" + " --debug-private (-X) show sensitive data (private keys, etc.)\n" +#endif + ); + exit_scepclient(message); +} + +/** + * @brief main of scepclient + * + * @param argc number of arguments + * @param argv pointer to the argument values + */ +int main(int argc, char **argv) +{ + /* external values */ + extern char * optarg; + extern int optind; + + /* type of input and output files */ + typedef enum { + PKCS1 = 0x01, + PKCS10 = 0x02, + PKCS7 = 0x04, + CERT_SELF = 0x08, + CERT = 0x10, + CACERT_ENC = 0x20, + CACERT_SIG = 0x40 + } scep_filetype_t; + + /* filetype to read from, defaults to "generate a key" */ + scep_filetype_t filetype_in = 0; + + /* filetype to write to, no default here */ + scep_filetype_t filetype_out = 0; + + /* input files */ + char *file_in_pkcs1 = DEFAULT_FILENAME_PKCS1; + char *file_in_cacert_enc = DEFAULT_FILENAME_CACERT_ENC; + char *file_in_cacert_sig = DEFAULT_FILENAME_CACERT_SIG; + + /* output files */ + char *file_out_pkcs1 = DEFAULT_FILENAME_PKCS1; + char *file_out_pkcs10 = DEFAULT_FILENAME_PKCS10; + char *file_out_pkcs7 = DEFAULT_FILENAME_PKCS7; + char *file_out_cert_self = DEFAULT_FILENAME_CERT_SELF; + char *file_out_cert = DEFAULT_FILENAME_CERT; + char *file_out_prefix_cacert = DEFAULT_FILENAME_PREFIX_CACERT; + + /* by default user certificate is requested */ + bool request_ca_certificate = FALSE; + + /* by default existing files are not overwritten */ + bool force = FALSE; + + /* length of RSA key in bits */ + u_int rsa_keylength = DEFAULT_RSA_KEY_LENGTH; + + /* validity of self-signed certificate */ + time_t validity = DEFAULT_CERT_VALIDITY; + time_t notBefore = 0; + time_t notAfter = 0; + + /* distinguished name for requested certificate, ASCII format */ + char *distinguishedName = NULL; + + /* challenge password */ + char challenge_password_buffer[MAX_PASSWORD_LENGTH]; + + /* symmetric encryption algorithm used by pkcs7, default is 3DES */ + int pkcs7_symmetric_cipher = OID_3DES_EDE_CBC; + + /* digest algorithm used by pkcs7, default is MD5 */ + int pkcs7_digest_alg = OID_MD5; + + /* signature algorithm used by pkcs10, default is MD5 with RSA encryption */ + int pkcs10_signature_alg = OID_MD5; + + /* URL of the SCEP-Server */ + char *scep_url = NULL; + + /* http request method, default is GET */ + fetch_request_t request_type = FETCH_GET; + + /* poll interval time in manual mode in seconds */ + u_int poll_interval = DEFAULT_POLL_INTERVAL; + + /* maximum poll time */ + u_int max_poll_time = 0; + + err_t ugh = NULL; + + /* initialize global variables */ + pkcs1 = empty_chunk; + pkcs7 = empty_chunk; + serialNumber = empty_chunk; + transID = empty_chunk; + fingerprint = empty_chunk; + issuerAndSubject = empty_chunk; + challengePassword = empty_chunk; + getCertInitial = empty_chunk; + scep_response = empty_chunk; + log_to_stderr = TRUE; + + for (;;) + { + static const struct option long_opts[] = { + /* name, has_arg, flag, val */ + { "help", no_argument, NULL, 'h' }, + { "version", no_argument, NULL, 'v' }, + { "optionsfrom", required_argument, NULL, '+' }, + { "quiet", no_argument, NULL, 'q' }, + { "in", required_argument, NULL, 'i' }, + { "out", required_argument, NULL, 'o' }, + { "force", no_argument, NULL, 'f' }, + { "keylength", required_argument, NULL, 'k' }, + { "dn", required_argument, NULL, 'd' }, + { "days", required_argument, NULL, 'D' }, + { "startdate", required_argument, NULL, 'S' }, + { "enddate", required_argument, NULL, 'E' }, + { "subjectAltName", required_argument, NULL, 's' }, + { "password", required_argument, NULL, 'p' }, + { "algorithm", required_argument, NULL, 'a' }, + { "url", required_argument, NULL, 'u' }, + { "method", required_argument, NULL, 'm' }, + { "interval", required_argument, NULL, 't' }, + { "maxpolltime", required_argument, NULL, 'x' }, +#ifdef DEBUG + { "debug-all", no_argument, NULL, 'A' }, + { "debug-parsing", no_argument, NULL, 'P'}, + { "debug-raw", no_argument, NULL, 'R'}, + { "debug-control", no_argument, NULL, 'C'}, + { "debug-controlmore", no_argument, NULL, 'M'}, + { "debug-private", no_argument, NULL, 'X'}, +#endif + { 0,0,0,0 } + }; + + /* parse next option */ + int c = getopt_long(argc, argv, "hv+:qi:o:fk:d:s:p:a:u:m:t:x:APRCMS", long_opts, NULL); + + switch (c) + { + case EOF: /* end of flags */ + break; + + case 'h': /* --help */ + usage(NULL); + + case 'v': /* --version */ + version(); + + case 'q': /* --quiet */ + log_to_stderr = FALSE; + continue; + + case 'i': /* --in <type> [= <filename>] */ + { + char *filename = strstr(optarg, "="); + + if (filename) + { + /* replace '=' by '\0' */ + *filename = '\0'; + /* set pointer to start of filename */ + filename++; + } + if (strcasecmp("pkcs1", optarg) == 0) + { + filetype_in |= PKCS1; + if (filename) + file_in_pkcs1 = filename; + } + else if (strcasecmp("cacert-enc", optarg) == 0) + { + filetype_in |= CACERT_ENC; + if (filename) + file_in_cacert_enc = filename; + } + else if (strcasecmp("cacert-sig", optarg) == 0) + { + filetype_in |= CACERT_SIG; + if (filename) + file_in_cacert_sig = filename; + } + else + { + usage("invalid --in file type"); + } + continue; + } + + case 'o': /* --out <type> [= <filename>] */ + { + char *filename = strstr(optarg, "="); + + if (filename) + { + /* replace '=' by '\0' */ + *filename = '\0'; + /* set pointer to start of filename */ + filename++; + } + if (strcasecmp("pkcs1", optarg) == 0) + { + filetype_out |= PKCS1; + if (filename) + file_out_pkcs1 = filename; + } + else if (strcasecmp("pkcs10", optarg) == 0) + { + filetype_out |= PKCS10; + if (filename) + file_out_pkcs10 = filename; + } + else if (strcasecmp("pkcs7", optarg) == 0) + { + filetype_out |= PKCS7; + if (filename) + file_out_pkcs7 = filename; + } + else if (strcasecmp("cert-self", optarg) == 0) + { + filetype_out |= CERT_SELF; + if (filename) + file_out_cert_self = filename; + } + else if (strcasecmp("cert", optarg) == 0) + { + filetype_out |= CERT; + if (filename) + file_out_cert = filename; + } + else if (strcasecmp("cacert", optarg) == 0) + { + request_ca_certificate = TRUE; + if (filename) + file_out_prefix_cacert = filename; + } + else + { + usage("invalid --out file type"); + } + continue; + } + + case 'f': /* --force */ + force = TRUE; + continue; + + case '+': /* --optionsfrom <filename> */ + optionsfrom(optarg, &argc, &argv, optind, stderr); + /* does not return on error */ + continue; + + case 'k': /* --keylength <length> */ + { + div_t q; + + rsa_keylength = atoi(optarg); + if (rsa_keylength == 0) + usage("invalid keylength"); + + /* check if key length is a multiple of 8 bits */ + q = div(rsa_keylength, 2*BITS_PER_BYTE); + if (q.rem != 0) + { + exit_scepclient("keylength is not a multiple of %d bits!" + , 2*BITS_PER_BYTE); + } + continue; + } + + case 'D': /* --days */ + if (optarg == NULL || !isdigit(optarg[0])) + usage("missing number of days"); + { + char *endptr; + long days = strtol(optarg, &endptr, 0); + + if (*endptr != '\0' || endptr == optarg + || days <= 0) + usage("<days> must be a positive number"); + validity = 24*3600*days; + } + continue; + + case 'S': /* --startdate */ + if (optarg == NULL || strlen(optarg) != 13 || optarg[12] != 'Z') + usage("date format must be YYMMDDHHMMSSZ"); + { + chunk_t date = { optarg, 13 }; + notBefore = asn1totime(&date, ASN1_UTCTIME); + } + continue; + + case 'E': /* --enddate */ + if (optarg == NULL || strlen(optarg) != 13 || optarg[12] != 'Z') + usage("date format must be YYMMDDHHMMSSZ"); + { + chunk_t date = { optarg, 13 }; + notAfter = asn1totime(&date, ASN1_UTCTIME); + } + continue; + + case 'd': /* --dn */ + if (distinguishedName) + usage("only one distinguished name allowed"); + distinguishedName = optarg; + continue; + + case 's': /* --subjectAltName */ + { + generalNames_t kind; + char *value = strstr(optarg, "="); + + if (value) + { + /* replace '=' by '\0' */ + *value = '\0'; + /* set pointer to start of value */ + value++; + } + + if (!strcasecmp("email", optarg)) + kind = GN_RFC822_NAME; + else if (!strcasecmp("dns", optarg)) + kind = GN_DNS_NAME; + else if (!strcasecmp("ip", optarg)) + kind = GN_IP_ADDRESS; + else + { + usage("invalid --subjectAltName type"); + continue; + } + pkcs10_add_subjectAltName(&subjectAltNames, kind, value); + continue; + } + + case 'p': /* --password */ + if (challengePassword.len > 0) + usage("only one challenge password allowed"); + + if (strcasecmp("%prompt", optarg) == 0) + { + printf("Challenge password: "); + if (fgets(challenge_password_buffer, sizeof(challenge_password_buffer)-1, stdin)) + { + challengePassword.ptr = challenge_password_buffer; + /* discard the terminating '\n' from the input */ + challengePassword.len = strlen(challenge_password_buffer) - 1; + } + else + { + usage("challenge password could not be read"); + } + } + else + { + challengePassword.ptr = optarg; + challengePassword.len = strlen(optarg); + } + continue; + + case 'u': /* -- url */ + if (scep_url) + usage("only one URL argument allowed"); + scep_url = optarg; + continue; + + case 'm': /* --method */ + if (strcasecmp("post", optarg) == 0) + request_type = FETCH_POST; + else if (strcasecmp("get", optarg) == 0) + request_type = FETCH_GET; + else + usage("invalid http request method specified"); + continue; + + case 't': /* --interval */ + poll_interval = atoi(optarg); + if (poll_interval <= 0) + usage("invalid interval specified"); + continue; + + case 'x': /* --maxpolltime */ + max_poll_time = atoi(optarg); + if (max_poll_time < 0) + usage("invalid maxpolltime specified"); + continue; + + case 'a': /*--algorithm */ + if (strcasecmp("des-cbc", optarg) == 0) + pkcs7_symmetric_cipher = OID_DES_CBC; + else if (strcasecmp("3des-cbc", optarg) == 0) + pkcs7_symmetric_cipher = OID_3DES_EDE_CBC; + else + usage("invalid encryption algorithm specified"); + continue; +#ifdef DEBUG + case 'A': /* --debug-all */ + base_debugging |= DBG_ALL; + continue; + case 'P': /* debug parsing */ + base_debugging |= DBG_PARSING; + continue; + case 'R': /* debug raw */ + base_debugging |= DBG_RAW; + continue; + case 'C': /* debug control */ + base_debugging |= DBG_CONTROL; + continue; + case 'M': /* debug control more */ + base_debugging |= DBG_CONTROLMORE; + continue; + case 'X': /* debug private */ + base_debugging |= DBG_PRIVATE; + continue; +#endif + default: + usage("unknown option"); + } + /* break from loop */ + break; + } + + init_log("scepclient"); + cur_debugging = base_debugging; + init_rnd_pool(); + init_fetch(); + + if ((filetype_out == 0) && (!request_ca_certificate)) + usage ("--out filetype required"); + + if (request_ca_certificate && (filetype_out > 0 || filetype_in > 0)) + usage("in CA certificate request, no other --in or --out option allowed"); + + /* check if url is given, if cert output defined */ + if (((filetype_out & CERT) || request_ca_certificate) && !scep_url) + usage("URL of SCEP server required"); + + /* check for sanity of --in/--out */ + if (!filetype_in && (filetype_in > filetype_out)) + usage("cannot generate --out of given --in!"); + + /* + * input of PKCS#1 file + */ + private_key = alloc_thing(RSA_private_key_t, "RSA_private_key_t"); + + if (filetype_in & PKCS1) /* load an RSA key pair from file */ + { + prompt_pass_t pass = { "", FALSE, STDIN_FILENO }; + const char *path = concatenate_paths(PRIVATE_KEY_PATH, file_in_pkcs1); + + ugh = load_rsa_private_key(path, &pass, private_key); + } + else /* generate an RSA key pair */ + { + ugh = generate_rsa_private_key(rsa_keylength, private_key); + } + if (ugh != NULL) + exit_scepclient(ugh); + + /* check for minimum key length */ + if ((private_key->pub.k) < RSA_MIN_OCTETS) + { + exit_scepclient("length of RSA key has to be at least %d bits" + ,RSA_MIN_OCTETS * BITS_PER_BYTE); + } + + /* + * input of PKCS#10 file + */ + if (filetype_in & PKCS10) + { + /* user wants to load a pkcs10 request + * operation is not yet supported + * would require a PKCS#10 parsing function + + pkcs10 = pkcs10_read_from_file(file_in_pkcs10); + + */ + } + else + { + char buf[IDTOA_BUF]; + chunk_t dn = empty_chunk; + + dn.ptr = buf; + + if (distinguishedName == NULL) + { + char buf[BUF_LEN]; + int n = sprintf(buf, DEFAULT_DN); + + /* set the common name to the hostname */ + if (gethostname(buf + n, BUF_LEN - n) || strlen(buf) == n) + { + exit_scepclient("no hostname defined, use " + "--dn <distinguished name> option"); + } + distinguishedName = buf; + } + + DBG(DBG_CONTROL, + DBG_log("dn: '%s'", distinguishedName); + ) + ugh = atodn(distinguishedName, &dn); + if (ugh != NULL) + exit_scepclient(ugh); + + clonetochunk(subject, dn.ptr, dn.len, "subject dn"); + + DBG(DBG_CONTROL, + DBG_log("building pkcs10 object:") + ) + pkcs10 = pkcs10_build(private_key, subject, challengePassword + , subjectAltNames, pkcs10_signature_alg); + scep_generate_pkcs10_fingerprint(pkcs10->request, &fingerprint); + plog(" fingerprint: %.*s", (int)fingerprint.len, fingerprint.ptr); + } + + /* + * output of PKCS#10 file + */ + if (filetype_out & PKCS10) + { + const char *path = concatenate_paths(REQ_PATH, file_out_pkcs10); + + if (!write_chunk(path, "pkcs10", pkcs10->request, 0022, force)) + exit_scepclient("could not write pkcs10 file '%s'", path); + + filetype_out &= ~PKCS10; /* delete PKCS10 flag */ + } + + if (!filetype_out) + exit_scepclient(NULL); /* no further output required */ + + /* + * output of PKCS#1 file + */ + if (filetype_out & PKCS1) + { + const char *path = concatenate_paths(PRIVATE_KEY_PATH, file_out_pkcs1); + + DBG(DBG_CONTROL, + DBG_log("building pkcs1 object:") + ) + pkcs1 = pkcs1_build_private_key(private_key); + + if (!write_chunk(path, "pkcs1", pkcs1, 0066, force)) + exit_scepclient("could not write pkcs1 file '%s'", path); + + filetype_out &= ~PKCS1; /* delete PKCS1 flag */ + } + + if (!filetype_out) + exit_scepclient(NULL); /* no further output required */ + + scep_generate_transaction_id((const RSA_public_key_t *)private_key + , &transID, &serialNumber); + plog(" transaction ID: %.*s", (int)transID.len, transID.ptr); + + /* generate a self-signed X.509 certificate */ + x509_signer = alloc_thing(x509cert_t, "signer cert"); + *x509_signer = empty_x509cert; + x509_signer->serialNumber = serialNumber; + x509_signer->sigAlg = OID_SHA1_WITH_RSA; + x509_signer->issuer = subject; + x509_signer->notBefore = (notBefore)? notBefore + : time(NULL); + x509_signer->notAfter = (notAfter)? notAfter + : x509_signer->notBefore + validity; + x509_signer->subject = subject; + x509_signer->subjectAltName = subjectAltNames; + + build_x509cert(x509_signer, (const RSA_public_key_t *)private_key + , private_key); + + /* + * output of self-signed X.509 certificate file + */ + if (filetype_out & CERT_SELF) + { + const char *path = concatenate_paths(HOST_CERT_PATH, file_out_cert_self); + + if (!write_chunk(path, "self-signed cert", x509_signer->certificate, 0022, force)) + exit_scepclient("could not write self-signed cert file '%s'", path); +; + filetype_out &= ~CERT_SELF; /* delete CERT_SELF flag */ + } + + if (!filetype_out) + exit_scepclient(NULL); /* no further output required */ + + /* + * load ca encryption certificate + */ + { + const char *path = concatenate_paths(CA_CERT_PATH, file_in_cacert_enc); + cert_t cert; + + if (!load_cert(path, "encryption cacert", &cert)) + exit_scepclient("could not load encryption cacert file '%s'", path); + x509_ca_enc = cert.u.x509; + } + + /* + * input of PKCS#7 file + */ + if (filetype_in & PKCS7) + { + /* user wants to load a pkcs7 encrypted request + * operation is not yet supported! + * would require additional parsing of transaction-id + + pkcs7 = pkcs7_read_from_file(file_in_pkcs7); + + */ + } + else + { + DBG(DBG_CONTROL, + DBG_log("building pkcs7 request") + ) + pkcs7 = scep_build_request(pkcs10->request + , transID, SCEP_PKCSReq_MSG + , x509_ca_enc, pkcs7_symmetric_cipher + , x509_signer, pkcs7_digest_alg, private_key); + } + + /* + * output pkcs7 encrypted and signed certificate request + */ + if (filetype_out & PKCS7) + { + const char *path = concatenate_paths(REQ_PATH, file_out_pkcs7); + + if (!write_chunk(path, "pkcs7 encrypted request", pkcs7, 0022, force)) + exit_scepclient("could not write pkcs7 file '%s'", path); +; + filetype_out &= ~PKCS7; /* delete PKCS7 flag */ + } + + if (!filetype_out) + exit_scepclient(NULL); /* no further output required */ + + /* + * output certificate fetch from SCEP server + */ + if (filetype_out & CERT) + { + const char *path = concatenate_paths(CA_CERT_PATH, file_in_cacert_sig); + cert_t cert; + time_t poll_start; + + x509cert_t *certs = NULL; + chunk_t envelopedData = empty_chunk; + chunk_t certData = empty_chunk; + contentInfo_t data = empty_contentInfo; + scep_attributes_t attrs = empty_scep_attributes; + + if (!load_cert(path, "signature cacert", &cert)) + exit_scepclient("could not load signature cacert file '%s'", path); + x509_ca_sig = cert.u.x509; + + if (!scep_http_request(scep_url, pkcs7, SCEP_PKI_OPERATION + , request_type, &scep_response)) + { + exit_scepclient("did not receive a valid scep response"); + } + ugh = scep_parse_response(scep_response, transID, &data, &attrs + , x509_ca_sig); + if (ugh != NULL) + exit_scepclient(ugh); + + /* in case of manual mode, we are going into a polling loop */ + if (attrs.pkiStatus == SCEP_PENDING) + { + plog(" scep request pending, polling every %d seconds" + , poll_interval); + time(&poll_start); + issuerAndSubject = asn1_wrap(ASN1_SEQUENCE, "cc" + , x509_ca_sig->subject + , subject); + } + while (attrs.pkiStatus == SCEP_PENDING) + { + if (max_poll_time > 0 + && (time(NULL) - poll_start >= max_poll_time)) + { + exit_scepclient("maximum poll time reached: %d seconds" + , max_poll_time); + } + DBG(DBG_CONTROL, + DBG_log("going to sleep for %d seconds", poll_interval) + ) + sleep(poll_interval); + free(scep_response.ptr); + + DBG(DBG_CONTROL, + DBG_log("fingerprint: %.*s", (int)fingerprint.len, fingerprint.ptr); + DBG_log("transaction ID: %.*s", (int)transID.len, transID.ptr) + ) + + freeanychunk(getCertInitial); + getCertInitial = scep_build_request(issuerAndSubject + , transID, SCEP_GetCertInitial_MSG + , x509_ca_enc, pkcs7_symmetric_cipher + , x509_signer, pkcs7_digest_alg, private_key); + + if (!scep_http_request(scep_url, getCertInitial, SCEP_PKI_OPERATION + , request_type, &scep_response)) + { + exit_scepclient("did not receive a valid scep response"); + } + ugh = scep_parse_response(scep_response, transID, &data, &attrs + , x509_ca_sig); + if (ugh != NULL) + exit_scepclient(ugh); + } + + if (attrs.pkiStatus != SCEP_SUCCESS) + { + exit_scepclient("reply status is not 'SUCCESS'"); + } + + envelopedData = data.content; + + if (data.type != OID_PKCS7_DATA + || !parse_asn1_simple_object(&envelopedData, ASN1_OCTET_STRING, 0, "data")) + { + exit_scepclient("contentInfo is not of type 'data'"); + } + if (!pkcs7_parse_envelopedData(envelopedData, &certData + , serialNumber, private_key)) + { + exit_scepclient("could not decrypt envelopedData"); + } + if (!pkcs7_parse_signedData(certData, NULL, &certs, NULL, NULL)) + { + exit_scepclient("error parsing the scep response"); + } + freeanychunk(certData); + + /* store the end entity certificate */ + path = concatenate_paths(HOST_CERT_PATH, file_out_cert); + while (certs != NULL) + { + bool stored = FALSE; + x509cert_t *cert = certs; + + if (!cert->isCA) + { + if (stored) + exit_scepclient("multiple certs received, only first stored"); + if (!write_chunk(path, "requested cert", cert->certificate, 0022, force)) + exit_scepclient("could not write cert file '%s'", path); + stored = TRUE; + } + certs = certs->next; + free_x509cert(cert); + } + filetype_out &= ~CERT; /* delete CERT flag */ + } + + exit_scepclient(NULL); + return -1; /* should never be reached */ +} + + |