projects / freerdp-ubuntu-pcb-backport.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Initial commit - from Precise source
[freerdp-ubuntu-pcb-backport.git] / libfreerdp-core / crypto.c
1 /**
2  * FreeRDP: A Remote Desktop Protocol Client
3  * Cryptographic Abstraction Layer
4  *
5  * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  *       http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  */
19
20 #include "crypto.h"
21
22 CryptoSha1 crypto_sha1_init(void)
23 {
24         CryptoSha1 sha1 = xmalloc(sizeof(*sha1));
25         SHA1_Init(&sha1->sha_ctx);
26         return sha1;
27 }
28
29 void crypto_sha1_update(CryptoSha1 sha1, const uint8* data, uint32 length)
30 {
31         SHA1_Update(&sha1->sha_ctx, data, length);
32 }
33
34 void crypto_sha1_final(CryptoSha1 sha1, uint8* out_data)
35 {
36         SHA1_Final(out_data, &sha1->sha_ctx);
37         xfree(sha1);
38 }
39
40 CryptoMd5 crypto_md5_init(void)
41 {
42         CryptoMd5 md5 = xmalloc(sizeof(*md5));
43         MD5_Init(&md5->md5_ctx);
44         return md5;
45 }
46
47 void crypto_md5_update(CryptoMd5 md5, const uint8* data, uint32 length)
48 {
49         MD5_Update(&md5->md5_ctx, data, length);
50 }
51
52 void crypto_md5_final(CryptoMd5 md5, uint8* out_data)
53 {
54         MD5_Final(out_data, &md5->md5_ctx);
55         xfree(md5);
56 }
57
58 CryptoRc4 crypto_rc4_init(const uint8* key, uint32 length)
59 {
60         CryptoRc4 rc4 = xmalloc(sizeof(*rc4));
61         RC4_set_key(&rc4->rc4_key, length, key);
62         return rc4;
63 }
64
65 void crypto_rc4(CryptoRc4 rc4, uint32 length, const uint8* in_data, uint8* out_data)
66 {
67         RC4(&rc4->rc4_key, length, in_data, out_data);
68 }
69
70 void crypto_rc4_free(CryptoRc4 rc4)
71 {
72         xfree(rc4);
73 }
74
75 CryptoDes3 crypto_des3_encrypt_init(const uint8* key, const uint8* ivec)
76 {
77         CryptoDes3 des3 = xmalloc(sizeof(*des3));
78         EVP_CIPHER_CTX_init(&des3->des3_ctx);
79         EVP_EncryptInit_ex(&des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec);
80         EVP_CIPHER_CTX_set_padding(&des3->des3_ctx, 0);
81         return des3;
82 }
83
84 CryptoDes3 crypto_des3_decrypt_init(const uint8* key, const uint8* ivec)
85 {
86         CryptoDes3 des3 = xmalloc(sizeof(*des3));
87         EVP_CIPHER_CTX_init(&des3->des3_ctx);
88         EVP_DecryptInit_ex(&des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec);
89         EVP_CIPHER_CTX_set_padding(&des3->des3_ctx, 0);
90         return des3;
91 }
92
93 void crypto_des3_encrypt(CryptoDes3 des3, uint32 length, const uint8* in_data, uint8* out_data)
94 {
95         int len;
96         EVP_EncryptUpdate(&des3->des3_ctx, out_data, &len, in_data, length);
97 }
98
99 void crypto_des3_decrypt(CryptoDes3 des3, uint32 length, const uint8* in_data, uint8* out_data)
100 {
101         int len;
102         EVP_DecryptUpdate(&des3->des3_ctx, out_data, &len, in_data, length);
103
104         if (length != len)
105                 abort(); /* TODO */
106 }
107
108 void crypto_des3_free(CryptoDes3 des3)
109 {
110         EVP_CIPHER_CTX_cleanup(&des3->des3_ctx);
111         xfree(des3);
112 }
113
114 CryptoHmac crypto_hmac_new(void)
115 {
116         CryptoHmac hmac = xmalloc(sizeof(*hmac));
117         HMAC_CTX_init(&hmac->hmac_ctx);
118         return hmac;
119 }
120
121 void crypto_hmac_sha1_init(CryptoHmac hmac, const uint8* data, uint32 length)
122 {
123         HMAC_Init_ex(&hmac->hmac_ctx, data, length, EVP_sha1(), NULL);
124 }
125
126 void crypto_hmac_update(CryptoHmac hmac, const uint8* data, uint32 length)
127 {
128         HMAC_Update(&hmac->hmac_ctx, data, length);
129 }
130
131 void crypto_hmac_final(CryptoHmac hmac, uint8* out_data, uint32 length)
132 {
133         HMAC_Final(&hmac->hmac_ctx, out_data, &length);
134 }
135
136 void crypto_hmac_free(CryptoHmac hmac)
137 {
138         HMAC_CTX_cleanup(&hmac->hmac_ctx);
139         xfree(hmac);
140 }
141
142 CryptoCert crypto_cert_read(uint8* data, uint32 length)
143 {
144         CryptoCert cert = xmalloc(sizeof(*cert));
145         /* this will move the data pointer but we don't care, we don't use it again */
146         cert->px509 = d2i_X509(NULL, (D2I_X509_CONST uint8 **) &data, length);
147         return cert;
148 }
149
150 void crypto_cert_free(CryptoCert cert)
151 {
152         X509_free(cert->px509);
153         xfree(cert);
154 }
155
156 boolean crypto_cert_get_public_key(CryptoCert cert, rdpBlob* public_key)
157 {
158         uint8* p;
159         int length;
160         boolean status = true;
161         EVP_PKEY* pkey = NULL;
162
163         pkey = X509_get_pubkey(cert->px509);
164
165         if (!pkey)
166         {
167                 printf("crypto_cert_get_public_key: X509_get_pubkey() failed\n");
168                 status = false;
169                 goto exit;
170         }
171
172         length = i2d_PublicKey(pkey, NULL);
173
174         if (length < 1)
175         {
176                 printf("crypto_cert_get_public_key: i2d_PublicKey() failed\n");
177                 status = false;
178                 goto exit;
179         }
180
181         freerdp_blob_alloc(public_key, length);
182         p = (uint8*) public_key->data;
183         i2d_PublicKey(pkey, &p);
184
185 exit:
186         if (pkey)
187                 EVP_PKEY_free(pkey);
188
189         return status;
190 }
191
192 /*
193  * Terminal Services Signing Keys.
194  * Yes, Terminal Services Private Key is publicly available.
195  */
196
197 const uint8 tssk_modulus[] =
198 {
199         0x3d, 0x3a, 0x5e, 0xbd, 0x72, 0x43, 0x3e, 0xc9,
200         0x4d, 0xbb, 0xc1, 0x1e, 0x4a, 0xba, 0x5f, 0xcb,
201         0x3e, 0x88, 0x20, 0x87, 0xef, 0xf5, 0xc1, 0xe2,
202         0xd7, 0xb7, 0x6b, 0x9a, 0xf2, 0x52, 0x45, 0x95,
203         0xce, 0x63, 0x65, 0x6b, 0x58, 0x3a, 0xfe, 0xef,
204         0x7c, 0xe7, 0xbf, 0xfe, 0x3d, 0xf6, 0x5c, 0x7d,
205         0x6c, 0x5e, 0x06, 0x09, 0x1a, 0xf5, 0x61, 0xbb,
206         0x20, 0x93, 0x09, 0x5f, 0x05, 0x6d, 0xea, 0x87
207 };
208
209 const uint8 tssk_privateExponent[] =
210 {
211         0x87, 0xa7, 0x19, 0x32, 0xda, 0x11, 0x87, 0x55,
212         0x58, 0x00, 0x16, 0x16, 0x25, 0x65, 0x68, 0xf8,
213         0x24, 0x3e, 0xe6, 0xfa, 0xe9, 0x67, 0x49, 0x94,
214         0xcf, 0x92, 0xcc, 0x33, 0x99, 0xe8, 0x08, 0x60,
215         0x17, 0x9a, 0x12, 0x9f, 0x24, 0xdd, 0xb1, 0x24,
216         0x99, 0xc7, 0x3a, 0xb8, 0x0a, 0x7b, 0x0d, 0xdd,
217         0x35, 0x07, 0x79, 0x17, 0x0b, 0x51, 0x9b, 0xb3,
218         0xc7, 0x10, 0x01, 0x13, 0xe7, 0x3f, 0xf3, 0x5f
219 };
220
221 const uint8 tssk_exponent[] =
222 {
223         0x5b, 0x7b, 0x88, 0xc0
224 };
225
226 static void crypto_rsa_common(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, int exponent_size, uint8* output)
227 {
228         BN_CTX* ctx;
229         int output_length;
230         uint8* input_reverse;
231         uint8* modulus_reverse;
232         uint8* exponent_reverse;
233         BIGNUM mod, exp, x, y;
234
235         input_reverse = (uint8*) xmalloc(2 * key_length + exponent_size);
236         modulus_reverse = input_reverse + key_length;
237         exponent_reverse = modulus_reverse + key_length;
238
239         memcpy(modulus_reverse, modulus, key_length);
240         crypto_reverse(modulus_reverse, key_length);
241         memcpy(exponent_reverse, exponent, exponent_size);
242         crypto_reverse(exponent_reverse, exponent_size);
243         memcpy(input_reverse, input, length);
244         crypto_reverse(input_reverse, length);
245
246         ctx = BN_CTX_new();
247         BN_init(&mod);
248         BN_init(&exp);
249         BN_init(&x);
250         BN_init(&y);
251
252         BN_bin2bn(modulus_reverse, key_length, &mod);
253         BN_bin2bn(exponent_reverse, exponent_size, &exp);
254         BN_bin2bn(input_reverse, length, &x);
255         BN_mod_exp(&y, &x, &exp, &mod, ctx);
256
257         output_length = BN_bn2bin(&y, output);
258         crypto_reverse(output, output_length);
259
260         if (output_length < (int) key_length)
261                 memset(output + output_length, 0, key_length - output_length);
262
263         BN_free(&y);
264         BN_clear_free(&x);
265         BN_free(&exp);
266         BN_free(&mod);
267         BN_CTX_free(ctx);
268         xfree(input_reverse);
269 }
270
271 static void crypto_rsa_public(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output)
272 {
273         crypto_rsa_common(input, length, key_length, modulus, exponent, EXPONENT_MAX_SIZE, output);
274 }
275
276 static void crypto_rsa_private(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output)
277 {
278
279         crypto_rsa_common(input, length, key_length, modulus, private_exponent, key_length, output);
280 }
281
282 void crypto_rsa_public_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output)
283 {
284
285         crypto_rsa_public(input, length, key_length, modulus, exponent, output);
286 }
287
288 void crypto_rsa_public_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output)
289 {
290
291         crypto_rsa_public(input, length, key_length, modulus, exponent, output);
292 }
293
294 void crypto_rsa_private_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output)
295 {
296
297         crypto_rsa_private(input, length, key_length, modulus, private_exponent, output);
298 }
299
300 void crypto_rsa_private_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output)
301 {
302
303         crypto_rsa_private(input, length, key_length, modulus, private_exponent, output);
304 }
305
306 void crypto_rsa_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output)
307 {
308
309         crypto_rsa_common(input, length, key_length, modulus, private_exponent, key_length, output);
310 }
311
312 void crypto_reverse(uint8* data, int length)
313 {
314         int i, j;
315         uint8 temp;
316
317         for (i = 0, j = length - 1; i < j; i++, j--)
318         {
319                 temp = data[i];
320                 data[i] = data[j];
321                 data[j] = temp;
322         }
323 }
324
325 void crypto_nonce(uint8* nonce, int size)
326 {
327         RAND_bytes((void*) nonce, size);
328 }
329
330 char* crypto_cert_fingerprint(X509* xcert)
331 {
332         int i = 0;
333         char* p;
334         char* fp_buffer;
335         uint32 fp_len;
336         uint8 fp[EVP_MAX_MD_SIZE];
337
338         X509_digest(xcert, EVP_sha1(), fp, &fp_len);
339
340         fp_buffer = (char*) xzalloc(3 * fp_len);
341         p = fp_buffer;
342
343         for (i = 0; i < (int) (fp_len - 1); i++)
344         {
345                 sprintf(p, "%02x:", fp[i]);
346                 p = &fp_buffer[i * 3];
347         }
348         sprintf(p, "%02x", fp[i]);
349
350         return fp_buffer;
351 }
352
353 char* crypto_print_name(X509_NAME* name)
354 {
355         char* buffer = NULL;
356         BIO* outBIO = BIO_new(BIO_s_mem());
357         
358         if (X509_NAME_print_ex(outBIO, name, 0, XN_FLAG_ONELINE) > 0)
359         {
360                 unsigned long size = BIO_number_written(outBIO);
361                 buffer = xzalloc(size + 1);
362                 memset(buffer, 0, size + 1);
363                 BIO_read(outBIO, buffer, size);
364         }
365
366         BIO_free(outBIO);
367         return buffer;
368 }
369
370
371 char* crypto_cert_subject(X509* xcert)
372 {
373         return crypto_print_name(X509_get_subject_name(xcert));
374 }
375
376 char* crypto_cert_subject_common_name(X509* xcert, int* length)
377 {
378         int index;
379         uint8* common_name;
380         X509_NAME* subject_name;
381         X509_NAME_ENTRY* entry;
382         ASN1_STRING* entry_data;
383
384         subject_name = X509_get_subject_name(xcert);
385
386         if (subject_name == NULL)
387                 return NULL;
388
389         index = X509_NAME_get_index_by_NID(subject_name, NID_commonName, -1);
390
391         if (index < 0)
392                 return NULL;
393
394         entry = X509_NAME_get_entry(subject_name, index);
395
396         if (entry == NULL)
397                 return NULL;
398
399         entry_data = X509_NAME_ENTRY_get_data(entry);
400
401         if (entry_data == NULL)
402                 return NULL;
403
404         *length = ASN1_STRING_to_UTF8(&common_name, entry_data);
405
406         if (*length < 0)
407                 return NULL;
408
409         return (char*) common_name;
410 }
411
412 char** crypto_cert_subject_alt_name(X509* xcert, int* count, int** lengths)
413 {
414         int index;
415         int length;
416         char** strings;
417         uint8* string;
418         int num_subject_alt_names;
419         GENERAL_NAMES* subject_alt_names;
420         GENERAL_NAME* subject_alt_name;
421
422         *count = 0;
423         subject_alt_names = X509_get_ext_d2i(xcert, NID_subject_alt_name, 0, 0);
424
425         if (!subject_alt_names)
426                 return NULL;
427
428         num_subject_alt_names = sk_GENERAL_NAME_num(subject_alt_names);
429         strings = (char**) malloc(sizeof(char*) * num_subject_alt_names);
430         *lengths = (int*) malloc(sizeof(int*) * num_subject_alt_names);
431
432         for (index = 0; index < num_subject_alt_names; ++index)
433         {
434                 subject_alt_name = sk_GENERAL_NAME_value(subject_alt_names, index);
435
436                 if (subject_alt_name->type == GEN_DNS)
437                 {
438                         length = ASN1_STRING_to_UTF8(&string, subject_alt_name->d.dNSName);
439                         strings[*count] = (char*) string;
440                         *lengths[*count] = length;
441                         (*count)++;
442                 }
443         }
444
445         if (*count < 1)
446                 return NULL;
447
448         return strings;
449 }
450
451 char* crypto_cert_issuer(X509* xcert)
452 {
453         return crypto_print_name(X509_get_issuer_name(xcert));
454 }
455
456 boolean x509_verify_certificate(CryptoCert cert, char* certificate_store_path)
457 {
458         X509_STORE_CTX* csc;
459         boolean status = false;
460         X509_STORE* cert_ctx = NULL;
461         X509_LOOKUP* lookup = NULL;
462         X509* xcert = cert->px509;
463
464         cert_ctx = X509_STORE_new();
465
466         if (cert_ctx == NULL)
467                 goto end;
468
469         OpenSSL_add_all_algorithms();
470         lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
471
472         if (lookup == NULL)
473                 goto end;
474
475         lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
476
477         if (lookup == NULL)
478                 goto end;
479
480         X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
481
482         if (certificate_store_path != NULL)
483         {
484                 X509_LOOKUP_add_dir(lookup, certificate_store_path, X509_FILETYPE_ASN1);
485         }
486
487         csc = X509_STORE_CTX_new();
488
489         if (csc == NULL)
490                 goto end;
491
492         X509_STORE_set_flags(cert_ctx, 0);
493
494         if (!X509_STORE_CTX_init(csc, cert_ctx, xcert, 0))
495                 goto end;
496
497         if (X509_verify_cert(csc) == 1)
498                 status = true;
499
500         X509_STORE_CTX_free(csc);
501         X509_STORE_free(cert_ctx);
502
503 end:
504         return status;
505 }
506
507 rdpCertificateData* crypto_get_certificate_data(X509* xcert, char* hostname)
508 {
509         char* fp;
510         rdpCertificateData* certdata;
511
512         fp = crypto_cert_fingerprint(xcert);
513         certdata = certificate_data_new(hostname, fp);
514         xfree(fp);
515
516         return certdata;
517 }
518
519 void crypto_cert_print_info(X509* xcert)
520 {
521         char* fp;
522         char* issuer;
523         char* subject;
524
525         subject = crypto_cert_subject(xcert);
526         issuer = crypto_cert_issuer(xcert);
527         fp = crypto_cert_fingerprint(xcert);
528
529         printf("Certificate details:\n");
530         printf("\tSubject: %s\n", subject);
531         printf("\tIssuer: %s\n", issuer);
532         printf("\tThumbprint: %s\n", fp);
533         printf("The above X.509 certificate could not be verified, possibly because you do not have "
534                         "the CA certificate in your certificate store, or the certificate has expired. "
535                         "Please look at the documentation on how to create local certificate store for a private CA.\n");
536
537         xfree(subject);
538         xfree(issuer);
539         xfree(fp);
540 }
541
FreeRDP Ubuntu Precise package plus backport of PCB functionality