gen_cert.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363
  1. /*
  2. * Copyright (c) 2007, Cameron Rich
  3. *
  4. * All rights reserved.
  5. *
  6. * Redistribution and use in source and binary forms, with or without
  7. * modification, are permitted provided that the following conditions are met:
  8. *
  9. * * Redistributions of source code must retain the above copyright notice,
  10. * this list of conditions and the following disclaimer.
  11. * * Redistributions in binary form must reproduce the above copyright notice,
  12. * this list of conditions and the following disclaimer in the documentation
  13. * and/or other materials provided with the distribution.
  14. * * Neither the name of the axTLS project nor the names of its contributors
  15. * may be used to endorse or promote products derived from this software
  16. * without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
  22. * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  23. * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  24. * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  25. * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  26. * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  27. * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  28. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. */
  30. #include "config.h"
  31. #ifdef CONFIG_SSL_GENERATE_X509_CERT
  32. #include <string.h>
  33. #include <stdlib.h>
  34. #include "ssl.h"
  35. /**
  36. * Generate a basic X.509 certificate
  37. */
  38. static uint8_t set_gen_length(int len, uint8_t *buf, int *offset)
  39. {
  40. if (len < 0x80) /* short form */
  41. {
  42. buf[(*offset)++] = len;
  43. return 1;
  44. }
  45. else /* long form */
  46. {
  47. int i, length_bytes = 0;
  48. if (len & 0x00FF0000)
  49. length_bytes = 3;
  50. else if (len & 0x0000FF00)
  51. length_bytes = 2;
  52. else if (len & 0x000000FF)
  53. length_bytes = 1;
  54. buf[(*offset)++] = 0x80 + length_bytes;
  55. for (i = length_bytes-1; i >= 0; i--)
  56. {
  57. buf[*offset+i] = len & 0xFF;
  58. len >>= 8;
  59. }
  60. *offset += length_bytes;
  61. return length_bytes+1;
  62. }
  63. }
  64. static int pre_adjust_with_size(uint8_t type,
  65. int *seq_offset, uint8_t *buf, int *offset)
  66. {
  67. buf[(*offset)++] = type;
  68. *seq_offset = *offset;
  69. *offset += 4; /* fill in later */
  70. return *offset;
  71. }
  72. static void adjust_with_size(int seq_size, int seq_start,
  73. uint8_t *buf, int *offset)
  74. {
  75. uint8_t seq_byte_size;
  76. int orig_seq_size = seq_size;
  77. int orig_seq_start = seq_start;
  78. seq_size = *offset-seq_size;
  79. seq_byte_size = set_gen_length(seq_size, buf, &seq_start);
  80. if (seq_byte_size != 4)
  81. {
  82. memmove(&buf[orig_seq_start+seq_byte_size],
  83. &buf[orig_seq_size], seq_size);
  84. *offset -= 4-seq_byte_size;
  85. }
  86. }
  87. static void gen_serial_number(uint8_t *buf, int *offset)
  88. {
  89. static const uint8_t ser_oid[] = { ASN1_INTEGER, 1, 0x7F };
  90. memcpy(&buf[*offset], ser_oid , sizeof(ser_oid));
  91. *offset += sizeof(ser_oid);
  92. }
  93. static void gen_signature_alg(uint8_t *buf, int *offset)
  94. {
  95. /* OBJECT IDENTIFIER sha1withRSAEncryption (1 2 840 113549 1 1 5) */
  96. static const uint8_t sig_oid[] =
  97. {
  98. ASN1_SEQUENCE, 0x0d, ASN1_OID, 0x09,
  99. 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
  100. ASN1_NULL, 0x00
  101. };
  102. memcpy(&buf[*offset], sig_oid, sizeof(sig_oid));
  103. *offset += sizeof(sig_oid);
  104. }
  105. static int gen_dn(const char *name, uint8_t dn_type,
  106. uint8_t *buf, int *offset)
  107. {
  108. int ret = X509_OK;
  109. int name_size = strlen(name);
  110. if (name_size > 0x70) /* just too big */
  111. {
  112. ret = X509_NOT_OK;
  113. goto error;
  114. }
  115. buf[(*offset)++] = ASN1_SET;
  116. set_gen_length(9+name_size, buf, offset);
  117. buf[(*offset)++] = ASN1_SEQUENCE;
  118. set_gen_length(7+name_size, buf, offset);
  119. buf[(*offset)++] = ASN1_OID;
  120. buf[(*offset)++] = 3;
  121. buf[(*offset)++] = 0x55;
  122. buf[(*offset)++] = 0x04;
  123. buf[(*offset)++] = dn_type;
  124. buf[(*offset)++] = ASN1_PRINTABLE_STR;
  125. buf[(*offset)++] = name_size;
  126. strcpy(&buf[*offset], name);
  127. *offset += name_size;
  128. error:
  129. return ret;
  130. }
  131. static int gen_issuer(const char * dn[], uint8_t *buf, int *offset)
  132. {
  133. int ret = X509_OK;
  134. int seq_offset;
  135. int seq_size = pre_adjust_with_size(
  136. ASN1_SEQUENCE, &seq_offset, buf, offset);
  137. char fqdn[128];
  138. /* we need the common name, so if not configured, work out the fully
  139. * qualified domain name */
  140. if (dn[X509_COMMON_NAME] == NULL || strlen(dn[X509_COMMON_NAME]) == 0)
  141. {
  142. int fqdn_len;
  143. gethostname(fqdn, sizeof(fqdn));
  144. fqdn_len = strlen(fqdn);
  145. fqdn[fqdn_len++] = '.';
  146. getdomainname(&fqdn[fqdn_len], sizeof(fqdn)-fqdn_len);
  147. fqdn_len = strlen(fqdn);
  148. if (fqdn[fqdn_len-1] == '.') /* ensure '.' is not last char */
  149. fqdn[fqdn_len-1] = 0;
  150. dn[X509_COMMON_NAME] = fqdn;
  151. }
  152. if ((ret = gen_dn(dn[X509_COMMON_NAME], 3, buf, offset)))
  153. goto error;
  154. if (dn[X509_ORGANIZATION] != NULL && strlen(dn[X509_ORGANIZATION]) > 0)
  155. {
  156. if ((ret = gen_dn(dn[X509_ORGANIZATION], 10, buf, offset)))
  157. goto error;
  158. }
  159. if (dn[X509_ORGANIZATIONAL_UNIT] != NULL &&
  160. strlen(dn[X509_ORGANIZATIONAL_UNIT]) > 0)
  161. {
  162. if ((ret = gen_dn(dn[X509_ORGANIZATIONAL_UNIT], 11, buf, offset)))
  163. goto error;
  164. }
  165. adjust_with_size(seq_size, seq_offset, buf, offset);
  166. error:
  167. return ret;
  168. }
  169. static void gen_utc_time(uint8_t *buf, int *offset)
  170. {
  171. static const uint8_t time_seq[] =
  172. {
  173. ASN1_SEQUENCE, 30,
  174. ASN1_UTC_TIME, 13,
  175. '0', '7', '0', '1', '0', '1', '0', '0', '0', '0', '0', '0', 'Z',
  176. ASN1_UTC_TIME, 13, /* make it good for 30 or so years */
  177. '3', '8', '0', '1', '0', '1', '0', '0', '0', '0', '0', '0', 'Z'
  178. };
  179. /* fixed time */
  180. memcpy(&buf[*offset], time_seq, sizeof(time_seq));
  181. *offset += sizeof(time_seq);
  182. }
  183. static void gen_pub_key2(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset)
  184. {
  185. static const uint8_t pub_key_seq[] =
  186. {
  187. ASN1_INTEGER, 0x03, 0x01, 0x00, 0x01 /* INTEGER 65537 */
  188. };
  189. int seq_offset;
  190. int pub_key_size = rsa_ctx->num_octets;
  191. uint8_t *block = (uint8_t *)alloca(pub_key_size);
  192. int seq_size = pre_adjust_with_size(
  193. ASN1_SEQUENCE, &seq_offset, buf, offset);
  194. buf[(*offset)++] = ASN1_INTEGER;
  195. bi_export(rsa_ctx->bi_ctx, rsa_ctx->m, block, pub_key_size);
  196. if (*block & 0x80) /* make integer positive */
  197. {
  198. set_gen_length(pub_key_size+1, buf, offset);
  199. buf[(*offset)++] = 0;
  200. }
  201. else
  202. set_gen_length(pub_key_size, buf, offset);
  203. memcpy(&buf[*offset], block, pub_key_size);
  204. *offset += pub_key_size;
  205. memcpy(&buf[*offset], pub_key_seq, sizeof(pub_key_seq));
  206. *offset += sizeof(pub_key_seq);
  207. adjust_with_size(seq_size, seq_offset, buf, offset);
  208. }
  209. static void gen_pub_key1(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset)
  210. {
  211. int seq_offset;
  212. int seq_size = pre_adjust_with_size(
  213. ASN1_BIT_STRING, &seq_offset, buf, offset);
  214. buf[(*offset)++] = 0; /* bit string is multiple of 8 */
  215. gen_pub_key2(rsa_ctx, buf, offset);
  216. adjust_with_size(seq_size, seq_offset, buf, offset);
  217. }
  218. static void gen_pub_key(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset)
  219. {
  220. /* OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) */
  221. static const uint8_t rsa_enc_oid[] =
  222. {
  223. ASN1_SEQUENCE, 0x0d, ASN1_OID, 0x09,
  224. 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
  225. ASN1_NULL, 0x00
  226. };
  227. int seq_offset;
  228. int seq_size = pre_adjust_with_size(
  229. ASN1_SEQUENCE, &seq_offset, buf, offset);
  230. memcpy(&buf[*offset], rsa_enc_oid, sizeof(rsa_enc_oid));
  231. *offset += sizeof(rsa_enc_oid);
  232. gen_pub_key1(rsa_ctx, buf, offset);
  233. adjust_with_size(seq_size, seq_offset, buf, offset);
  234. }
  235. static void gen_signature(const RSA_CTX *rsa_ctx, const uint8_t *sha_dgst,
  236. uint8_t *buf, int *offset)
  237. {
  238. static const uint8_t asn1_sig[] =
  239. {
  240. ASN1_SEQUENCE, 0x21, ASN1_SEQUENCE, 0x09, ASN1_OID, 0x05,
  241. 0x2b, 0x0e, 0x03, 0x02, 0x1a, /* sha1 (1 3 14 3 2 26) */
  242. ASN1_NULL, 0x00, ASN1_OCTET_STRING, 0x14
  243. };
  244. uint8_t *enc_block = (uint8_t *)alloca(rsa_ctx->num_octets);
  245. uint8_t *block = (uint8_t *)alloca(sizeof(asn1_sig) + SHA1_SIZE);
  246. int sig_size;
  247. /* add the digest as an embedded asn.1 sequence */
  248. memcpy(block, asn1_sig, sizeof(asn1_sig));
  249. memcpy(&block[sizeof(asn1_sig)], sha_dgst, SHA1_SIZE);
  250. sig_size = RSA_encrypt(rsa_ctx, block,
  251. sizeof(asn1_sig) + SHA1_SIZE, enc_block, 1);
  252. buf[(*offset)++] = ASN1_BIT_STRING;
  253. set_gen_length(sig_size+1, buf, offset);
  254. buf[(*offset)++] = 0; /* bit string is multiple of 8 */
  255. memcpy(&buf[*offset], enc_block, sig_size);
  256. *offset += sig_size;
  257. }
  258. static int gen_tbs_cert(const char * dn[],
  259. const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset,
  260. uint8_t *sha_dgst)
  261. {
  262. int ret = X509_OK;
  263. SHA1_CTX sha_ctx;
  264. int seq_offset;
  265. int begin_tbs = *offset;
  266. int seq_size = pre_adjust_with_size(
  267. ASN1_SEQUENCE, &seq_offset, buf, offset);
  268. gen_serial_number(buf, offset);
  269. gen_signature_alg(buf, offset);
  270. /* CA certicate issuer */
  271. if ((ret = gen_issuer(dn, buf, offset)))
  272. goto error;
  273. gen_utc_time(buf, offset);
  274. /* certificate issuer */
  275. if ((ret = gen_issuer(dn, buf, offset)))
  276. goto error;
  277. gen_pub_key(rsa_ctx, buf, offset);
  278. adjust_with_size(seq_size, seq_offset, buf, offset);
  279. SHA1_Init(&sha_ctx);
  280. SHA1_Update(&sha_ctx, &buf[begin_tbs], *offset-begin_tbs);
  281. SHA1_Final(sha_dgst, &sha_ctx);
  282. error:
  283. return ret;
  284. }
  285. /**
  286. * Create a new certificate.
  287. */
  288. EXP_FUNC int STDCALL ssl_x509_create(SSL_CTX *ssl_ctx, uint32_t options, const char * dn[], uint8_t **cert_data)
  289. {
  290. int ret = X509_OK, offset = 0, seq_offset;
  291. /* allocate enough space to load a new certificate */
  292. uint8_t *buf = (uint8_t *)alloca(ssl_ctx->rsa_ctx->num_octets*2 + 512);
  293. uint8_t sha_dgst[SHA1_SIZE];
  294. int seq_size = pre_adjust_with_size(ASN1_SEQUENCE,
  295. &seq_offset, buf, &offset);
  296. if ((ret = gen_tbs_cert(dn, ssl_ctx->rsa_ctx, buf, &offset, sha_dgst)) < 0)
  297. goto error;
  298. gen_signature_alg(buf, &offset);
  299. gen_signature(ssl_ctx->rsa_ctx, sha_dgst, buf, &offset);
  300. adjust_with_size(seq_size, seq_offset, buf, &offset);
  301. *cert_data = (uint8_t *)malloc(offset); /* create the exact memory for it */
  302. memcpy(*cert_data, buf, offset);
  303. error:
  304. return ret < 0 ? ret : offset;
  305. }
  306. #endif