2009-02-02 01:03:15 -05:00
|
|
|
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Dan Williams <dcbw@redhat.com>
|
|
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, write to the
|
|
|
|
|
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
|
|
|
|
* Boston, MA 02110-1301 USA.
|
|
|
|
|
*
|
libnm-util: add nm_utils_rsa_key_encrypt() and fix crypto padding mixups
To be backwards compatible clients need to handle both paths to private
keys and the decrypted private key data, which is what used to get passed
in the private-key and phase2-private-key attributes of the 802.1x setting.
When moving a connection around between system-settings and user-settings,
if the private key is decrypted data, the settings service needs to store
that decrypted data somewhere so that the key can be sent to NM during
the connection process.
But we don't want to store the decrypted private key data, so we have to
re-encrypt it (possibly generating a private key password if one wasn't
sent with the decrypted data) and save it to disk, then send NM a path
to that private key during connection.
To help clients do this, and so that they don't have to carry around
multiple crypto implementations depending on whether they want to use
NSS or gnutls/gcrypt, add a helper to libnm-util.
Furthermore, I misunderstood a bunch of stuff with crypto padding when
writing the encrypt/decrypt functions long ago, so fix that up. Don't
return padding as part of the decrypted data, and make sure to verify
the padding's expected lengths and values when decrypting. Many thanks
to Nalin Dahyabhai for pointing me in the right direction.
2009-09-15 16:01:50 -07:00
|
|
|
* (C) Copyright 2007 - 2009 Red Hat, Inc.
|
2009-02-02 01:03:15 -05:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <glib.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <glib/gi18n.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
|
|
|
|
|
#include "nm-test-helpers.h"
|
|
|
|
|
#include "crypto.h"
|
libnm-util: add nm_utils_rsa_key_encrypt() and fix crypto padding mixups
To be backwards compatible clients need to handle both paths to private
keys and the decrypted private key data, which is what used to get passed
in the private-key and phase2-private-key attributes of the 802.1x setting.
When moving a connection around between system-settings and user-settings,
if the private key is decrypted data, the settings service needs to store
that decrypted data somewhere so that the key can be sent to NM during
the connection process.
But we don't want to store the decrypted private key data, so we have to
re-encrypt it (possibly generating a private key password if one wasn't
sent with the decrypted data) and save it to disk, then send NM a path
to that private key during connection.
To help clients do this, and so that they don't have to carry around
multiple crypto implementations depending on whether they want to use
NSS or gnutls/gcrypt, add a helper to libnm-util.
Furthermore, I misunderstood a bunch of stuff with crypto padding when
writing the encrypt/decrypt functions long ago, so fix that up. Don't
return padding as part of the decrypted data, and make sure to verify
the padding's expected lengths and values when decrypting. Many thanks
to Nalin Dahyabhai for pointing me in the right direction.
2009-09-15 16:01:50 -07:00
|
|
|
#include "nm-utils.h"
|
2009-02-02 01:03:15 -05:00
|
|
|
|
|
|
|
|
#if 0
|
|
|
|
|
static const char *pem_rsa_key_begin = "-----BEGIN RSA PRIVATE KEY-----";
|
|
|
|
|
static const char *pem_rsa_key_end = "-----END RSA PRIVATE KEY-----";
|
|
|
|
|
|
|
|
|
|
static const char *pem_dsa_key_begin = "-----BEGIN DSA PRIVATE KEY-----";
|
|
|
|
|
static const char *pem_dsa_key_end = "-----END DSA PRIVATE KEY-----";
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
dump_key_to_pem (const char *key, gsize key_len, int key_type)
|
|
|
|
|
{
|
|
|
|
|
char *b64 = NULL;
|
|
|
|
|
GString *str = NULL;
|
|
|
|
|
const char *start_tag;
|
|
|
|
|
const char *end_tag;
|
|
|
|
|
char *p;
|
|
|
|
|
|
|
|
|
|
switch (key_type) {
|
|
|
|
|
case NM_CRYPTO_KEY_TYPE_RSA:
|
|
|
|
|
start_tag = pem_rsa_key_begin;
|
|
|
|
|
end_tag = pem_rsa_key_end;
|
|
|
|
|
break;
|
|
|
|
|
case NM_CRYPTO_KEY_TYPE_DSA:
|
|
|
|
|
start_tag = pem_dsa_key_begin;
|
|
|
|
|
end_tag = pem_dsa_key_end;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
g_warning ("Unknown key type %d", key_type);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
b64 = g_base64_encode ((const unsigned char *) key, key_len);
|
|
|
|
|
if (!b64) {
|
|
|
|
|
g_warning ("Couldn't base64 encode the key.");
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
str = g_string_new (NULL);
|
|
|
|
|
if (!str) {
|
|
|
|
|
g_warning ("Couldn't allocate buffer to write out key.");
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
g_string_append (str, start_tag);
|
|
|
|
|
g_string_append_c (str, '\n');
|
|
|
|
|
|
|
|
|
|
for (p = b64; p < (b64 + strlen (b64)); p += 64) {
|
|
|
|
|
g_string_append_len (str, p, strnlen (p, 64));
|
|
|
|
|
g_string_append_c (str, '\n');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
g_string_append (str, end_tag);
|
|
|
|
|
g_string_append_c (str, '\n');
|
|
|
|
|
|
|
|
|
|
g_message ("Decrypted private key:\n\n%s", str->str);
|
|
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
g_free (b64);
|
|
|
|
|
if (str)
|
|
|
|
|
g_string_free (str, TRUE);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
test_load_cert (const char *path, const char *desc)
|
|
|
|
|
{
|
|
|
|
|
GByteArray *array;
|
|
|
|
|
NMCryptoFileFormat format = NM_CRYPTO_FILE_FORMAT_UNKNOWN;
|
|
|
|
|
GError *error = NULL;
|
|
|
|
|
|
|
|
|
|
array = crypto_load_and_verify_certificate (path, &format, &error);
|
|
|
|
|
ASSERT (array != NULL, desc,
|
|
|
|
|
"couldn't read certificate file '%s': %d %s",
|
|
|
|
|
path, error->code, error->message);
|
|
|
|
|
|
|
|
|
|
ASSERT (format == NM_CRYPTO_FILE_FORMAT_X509, desc,
|
|
|
|
|
"%s: unexpected certificate format (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_FILE_FORMAT_X509, format);
|
|
|
|
|
|
|
|
|
|
g_byte_array_free (array, TRUE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
test_load_private_key (const char *path,
|
|
|
|
|
const char *password,
|
|
|
|
|
gboolean expect_fail,
|
|
|
|
|
const char *desc)
|
|
|
|
|
{
|
|
|
|
|
NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
|
|
|
|
|
NMCryptoFileFormat format = NM_CRYPTO_FILE_FORMAT_UNKNOWN;
|
|
|
|
|
GByteArray *array;
|
|
|
|
|
GError *error = NULL;
|
|
|
|
|
|
|
|
|
|
array = crypto_get_private_key (path, password, &key_type, &format, &error);
|
|
|
|
|
if (expect_fail) {
|
|
|
|
|
ASSERT (array == NULL, desc,
|
|
|
|
|
"unexpected success reading private key file '%s' with "
|
|
|
|
|
"invalid password",
|
|
|
|
|
path);
|
|
|
|
|
|
|
|
|
|
ASSERT (format == NM_CRYPTO_FILE_FORMAT_UNKNOWN, desc,
|
|
|
|
|
"unexpected success determining private key file '%s' "
|
|
|
|
|
"format with invalid password (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_FILE_FORMAT_UNKNOWN, format);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ASSERT (array != NULL, desc,
|
|
|
|
|
"couldn't read private key file '%s': %d %s",
|
|
|
|
|
path, error->code, error->message);
|
|
|
|
|
|
|
|
|
|
ASSERT (format == NM_CRYPTO_FILE_FORMAT_RAW_KEY, desc,
|
|
|
|
|
"%s: unexpected private key file format (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_FILE_FORMAT_RAW_KEY, format);
|
|
|
|
|
|
|
|
|
|
ASSERT (key_type == NM_CRYPTO_KEY_TYPE_RSA, desc,
|
|
|
|
|
"%s: unexpected private key type (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_KEY_TYPE_RSA, format);
|
|
|
|
|
|
|
|
|
|
g_byte_array_free (array, TRUE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
test_load_pkcs12 (const char *path,
|
|
|
|
|
const char *password,
|
|
|
|
|
gboolean expect_fail,
|
|
|
|
|
const char *desc)
|
|
|
|
|
{
|
|
|
|
|
NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
|
|
|
|
|
NMCryptoFileFormat format = NM_CRYPTO_FILE_FORMAT_UNKNOWN;
|
|
|
|
|
GByteArray *array;
|
|
|
|
|
GError *error = NULL;
|
|
|
|
|
|
|
|
|
|
array = crypto_get_private_key (path, password, &key_type, &format, &error);
|
|
|
|
|
if (expect_fail) {
|
|
|
|
|
ASSERT (array == NULL, desc,
|
|
|
|
|
"unexpected success reading PKCS#12 private key file "
|
|
|
|
|
"'%s' with invalid password",
|
|
|
|
|
path);
|
|
|
|
|
|
|
|
|
|
/* PKCS#12 file format can be determined even if the password
|
|
|
|
|
* is wrong; check that.
|
|
|
|
|
*/
|
|
|
|
|
ASSERT (format == NM_CRYPTO_FILE_FORMAT_UNKNOWN, desc,
|
|
|
|
|
"unexpected success determining PKCS#12 private key "
|
|
|
|
|
"'%s' file format with invalid password (expected %d, "
|
|
|
|
|
"got %d)",
|
|
|
|
|
path, NM_CRYPTO_FILE_FORMAT_UNKNOWN, format);
|
|
|
|
|
ASSERT (key_type == NM_CRYPTO_KEY_TYPE_UNKNOWN, desc,
|
|
|
|
|
"unexpected success determining PKCS#12 private key "
|
|
|
|
|
"'%s' type with invalid password (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_KEY_TYPE_UNKNOWN, key_type);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ASSERT (array != NULL, desc,
|
|
|
|
|
"couldn't read PKCS#12 private key file '%s': %d %s",
|
|
|
|
|
path, error->code, error->message);
|
|
|
|
|
|
|
|
|
|
ASSERT (format == NM_CRYPTO_FILE_FORMAT_PKCS12, desc,
|
|
|
|
|
"%s: unexpected PKCS#12 private key file format (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_FILE_FORMAT_RAW_KEY, format);
|
|
|
|
|
|
|
|
|
|
ASSERT (key_type == NM_CRYPTO_KEY_TYPE_ENCRYPTED, desc,
|
|
|
|
|
"%s: unexpected PKCS#12 private key type (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_KEY_TYPE_ENCRYPTED, format);
|
|
|
|
|
|
|
|
|
|
g_byte_array_free (array, TRUE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
test_is_pkcs12 (const char *path, gboolean expect_fail, const char *desc)
|
|
|
|
|
{
|
|
|
|
|
gboolean is_pkcs12;
|
|
|
|
|
|
2009-09-04 09:07:00 -05:00
|
|
|
is_pkcs12 = crypto_is_pkcs12_file (path, NULL);
|
2009-02-02 01:03:15 -05:00
|
|
|
if (expect_fail) {
|
|
|
|
|
ASSERT (is_pkcs12 == FALSE, desc,
|
|
|
|
|
"unexpected success reading non-PKCS#12 file '%s'",
|
|
|
|
|
path);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ASSERT (is_pkcs12 == TRUE, desc, "couldn't read PKCS#12 file '%s'", path);
|
|
|
|
|
}
|
|
|
|
|
|
libnm-util: add nm_utils_rsa_key_encrypt() and fix crypto padding mixups
To be backwards compatible clients need to handle both paths to private
keys and the decrypted private key data, which is what used to get passed
in the private-key and phase2-private-key attributes of the 802.1x setting.
When moving a connection around between system-settings and user-settings,
if the private key is decrypted data, the settings service needs to store
that decrypted data somewhere so that the key can be sent to NM during
the connection process.
But we don't want to store the decrypted private key data, so we have to
re-encrypt it (possibly generating a private key password if one wasn't
sent with the decrypted data) and save it to disk, then send NM a path
to that private key during connection.
To help clients do this, and so that they don't have to carry around
multiple crypto implementations depending on whether they want to use
NSS or gnutls/gcrypt, add a helper to libnm-util.
Furthermore, I misunderstood a bunch of stuff with crypto padding when
writing the encrypt/decrypt functions long ago, so fix that up. Don't
return padding as part of the decrypted data, and make sure to verify
the padding's expected lengths and values when decrypting. Many thanks
to Nalin Dahyabhai for pointing me in the right direction.
2009-09-15 16:01:50 -07:00
|
|
|
static void
|
|
|
|
|
test_encrypt_private_key (const char *path,
|
|
|
|
|
const char *password,
|
|
|
|
|
const char *desc)
|
|
|
|
|
{
|
|
|
|
|
NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
|
|
|
|
|
NMCryptoFileFormat format = NM_CRYPTO_FILE_FORMAT_UNKNOWN;
|
|
|
|
|
GByteArray *array, *encrypted, *re_decrypted;
|
|
|
|
|
GError *error = NULL;
|
|
|
|
|
|
|
|
|
|
array = crypto_get_private_key (path, password, &key_type, &format, &error);
|
|
|
|
|
|
|
|
|
|
ASSERT (array != NULL, desc,
|
|
|
|
|
"couldn't read private key file '%s': %d %s",
|
|
|
|
|
path, error->code, error->message);
|
|
|
|
|
|
|
|
|
|
ASSERT (format == NM_CRYPTO_FILE_FORMAT_RAW_KEY, desc,
|
|
|
|
|
"%s: unexpected private key file format (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_FILE_FORMAT_RAW_KEY, format);
|
|
|
|
|
|
|
|
|
|
ASSERT (key_type == NM_CRYPTO_KEY_TYPE_RSA, desc,
|
|
|
|
|
"%s: unexpected private key type (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_KEY_TYPE_RSA, format);
|
|
|
|
|
|
|
|
|
|
/* Now re-encrypt the private key */
|
|
|
|
|
encrypted = nm_utils_rsa_key_encrypt (array, password, NULL, &error);
|
|
|
|
|
ASSERT (encrypted != NULL, desc,
|
|
|
|
|
"couldn't re-encrypt private key file '%s': %d %s",
|
|
|
|
|
path, error->code, error->message);
|
|
|
|
|
|
|
|
|
|
/* Then re-decrypt the private key */
|
|
|
|
|
key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
|
|
|
|
|
format = NM_CRYPTO_FILE_FORMAT_UNKNOWN;
|
|
|
|
|
re_decrypted = crypto_get_private_key_data (encrypted, password, &key_type, &format, &error);
|
|
|
|
|
|
|
|
|
|
ASSERT (re_decrypted != NULL, desc,
|
|
|
|
|
"couldn't read private key file '%s': %d %s",
|
|
|
|
|
path, error->code, error->message);
|
|
|
|
|
|
|
|
|
|
ASSERT (format == NM_CRYPTO_FILE_FORMAT_RAW_KEY, desc,
|
|
|
|
|
"%s: unexpected private key file format (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_FILE_FORMAT_RAW_KEY, format);
|
|
|
|
|
|
|
|
|
|
ASSERT (key_type == NM_CRYPTO_KEY_TYPE_RSA, desc,
|
|
|
|
|
"%s: unexpected private key type (expected %d, got %d)",
|
|
|
|
|
path, NM_CRYPTO_KEY_TYPE_RSA, format);
|
|
|
|
|
|
|
|
|
|
/* Compare the original decrypted key with the re-decrypted key */
|
|
|
|
|
ASSERT (array->len == re_decrypted->len, desc,
|
|
|
|
|
"%s: unexpected re-decrypted private key length (expected %d, got %d)",
|
|
|
|
|
path, array->len, re_decrypted->len);
|
|
|
|
|
|
|
|
|
|
ASSERT (!memcmp (array->data, re_decrypted->data, array->len), desc,
|
|
|
|
|
"%s: unexpected private key data",
|
|
|
|
|
path);
|
|
|
|
|
|
|
|
|
|
g_byte_array_free (re_decrypted, TRUE);
|
|
|
|
|
g_byte_array_free (encrypted, TRUE);
|
|
|
|
|
g_byte_array_free (array, TRUE);
|
|
|
|
|
}
|
|
|
|
|
|
2009-02-02 01:03:15 -05:00
|
|
|
int main (int argc, char **argv)
|
|
|
|
|
{
|
|
|
|
|
GError *error = NULL;
|
|
|
|
|
char *progname;
|
|
|
|
|
|
2009-11-18 16:29:48 -08:00
|
|
|
ASSERT (argc > 2, "test-crypto",
|
|
|
|
|
"wrong number of arguments (expected at least an operation and an object)");
|
2009-02-02 01:03:15 -05:00
|
|
|
|
|
|
|
|
if (!crypto_init (&error))
|
|
|
|
|
FAIL ("crypto-init", "failed to initialize crypto: %s", error->message);
|
|
|
|
|
|
2009-11-18 16:29:48 -08:00
|
|
|
if (!strcmp (argv[1], "--cert"))
|
|
|
|
|
test_load_cert (argv[2], "cert");
|
|
|
|
|
else if (!strcmp (argv[1], "--key")) {
|
|
|
|
|
ASSERT (argc == 4, "test-crypto",
|
|
|
|
|
"wrong number of arguments (--key <key file> <password>)");
|
|
|
|
|
|
|
|
|
|
test_load_private_key (argv[2], argv[3], FALSE, "private-key");
|
|
|
|
|
test_load_private_key (argv[2], "blahblahblah", TRUE, "private-key-bad-password");
|
|
|
|
|
test_encrypt_private_key (argv[2], argv[3], "private-key-rencrypt");
|
|
|
|
|
test_is_pkcs12 (argv[2], TRUE, "is-pkcs12-not-pkcs12");
|
|
|
|
|
} else if (!strcmp (argv[1], "--p12")) {
|
|
|
|
|
test_is_pkcs12 (argv[2], FALSE, "is-pkcs12");
|
|
|
|
|
test_load_pkcs12 (argv[2], argv[3], FALSE, "pkcs12-private-key");
|
|
|
|
|
test_load_pkcs12 (argv[2], "blahblahblah", TRUE, "pkcs12-private-key-bad-password");
|
|
|
|
|
} else {
|
|
|
|
|
ASSERT (argc > 2, "test-crypto", "unknown test type (not --cert, --key, or --p12)");
|
|
|
|
|
}
|
libnm-util: add nm_utils_rsa_key_encrypt() and fix crypto padding mixups
To be backwards compatible clients need to handle both paths to private
keys and the decrypted private key data, which is what used to get passed
in the private-key and phase2-private-key attributes of the 802.1x setting.
When moving a connection around between system-settings and user-settings,
if the private key is decrypted data, the settings service needs to store
that decrypted data somewhere so that the key can be sent to NM during
the connection process.
But we don't want to store the decrypted private key data, so we have to
re-encrypt it (possibly generating a private key password if one wasn't
sent with the decrypted data) and save it to disk, then send NM a path
to that private key during connection.
To help clients do this, and so that they don't have to carry around
multiple crypto implementations depending on whether they want to use
NSS or gnutls/gcrypt, add a helper to libnm-util.
Furthermore, I misunderstood a bunch of stuff with crypto padding when
writing the encrypt/decrypt functions long ago, so fix that up. Don't
return padding as part of the decrypted data, and make sure to verify
the padding's expected lengths and values when decrypting. Many thanks
to Nalin Dahyabhai for pointing me in the right direction.
2009-09-15 16:01:50 -07:00
|
|
|
|
2009-02-02 01:03:15 -05:00
|
|
|
crypto_deinit ();
|
|
|
|
|
|
|
|
|
|
progname = g_path_get_basename (argv[0]);
|
|
|
|
|
fprintf (stdout, "%s: SUCCESS\n", progname);
|
|
|
|
|
g_free (progname);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|