1 /* $NetBSD: nbsvtool.c,v 1.2 2008/06/11 16:31:09 joerg Exp $ */ 2 3 /*- 4 * Copyright (c) 2004, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Love H�rnquist �strand <lha@it.su.se> 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <err.h> 33 #include <stdio.h> 34 #include <stdlib.h> 35 #include <string.h> 36 #include <unistd.h> 37 38 #include <openssl/pkcs7.h> 39 #include <openssl/evp.h> 40 #include <openssl/x509.h> 41 #include <openssl/x509v3.h> 42 #include <openssl/pem.h> 43 #include <openssl/err.h> 44 #include <openssl/ui.h> 45 46 static int verbose_flag; 47 static unsigned long key_usage = 0; 48 49 /* 50 * openssl command line equivalents 51 * 52 * openssl smime -verify \ 53 * -inform PEM -in nbsvtool.c.sig -content nbsvtool.c \ 54 * -CAfile /secure/lha/su/CA/swupki-pca.crt -out /dev/null 55 * openssl smime -sign \ 56 * -noattr -binary -outform PEM -out nbsvtool.c.sig \ 57 * -in nbsvtool.c -signer /secure/lha/su/CA/lha.crt \ 58 * -certfile /secure/lha/su/CA/lha-chain \ 59 * -inkey /secure/lha/su/CA/lha.key 60 */ 61 62 /* 63 * Create a detach PEM signature of file `infile' and store it in 64 * `outfile'. The signer certificate `cert' and private key 65 * `private_key' must be given. An additional hint to the verifier how 66 * to find the path from the `cert' to the x509 anchor can be passed 67 * in `cert_chain'. 68 */ 69 70 static void 71 sign_file(X509 *cert, EVP_PKEY *private_key, STACK_OF(X509) *cert_chain, 72 const char *infile, const char *outfile) 73 { 74 BIO *out, *in; 75 PKCS7 *p7; 76 77 out = BIO_new_file(outfile, "w"); 78 if (out == NULL) 79 err(EXIT_FAILURE, "Failed to open signature output file: %s", 80 outfile); 81 82 in = BIO_new_file(infile, "r"); 83 if (in == NULL) 84 err(EXIT_FAILURE, "Failed to input file: %s", infile); 85 86 p7 = PKCS7_sign(cert, private_key, cert_chain, in, 87 PKCS7_DETACHED|PKCS7_NOATTR|PKCS7_BINARY); 88 if (p7 == NULL) 89 errx(EXIT_FAILURE, "Failed to create signature structure"); 90 91 PEM_write_bio_PKCS7(out, p7); 92 93 PKCS7_free(p7); 94 BIO_free(in); 95 BIO_free_all(out); 96 } 97 98 /* 99 * Verifies a detached PEM signature in the file `sigfile' of file 100 * `infile'. The trust anchor file `anchor' to the trust anchors must 101 * be given. If its suspended that the sender didn't inlude the whole 102 * path from the signing certificate to the given trust anchor, extra 103 * certificates can be passed in `cert_chain'. 104 */ 105 106 static void 107 verify_file(STACK_OF(X509) *cert_chain, const char *anchor, 108 const char *infile, const char *sigfile) 109 { 110 STACK_OF(X509) *signers; 111 X509_STORE *store; 112 BIO *sig, *in; 113 PKCS7 *p7; 114 int ret, i; 115 X509_NAME *name; 116 char *subject; 117 118 store = X509_STORE_new(); 119 if (store == NULL) 120 err(1, "Failed to create store"); 121 122 X509_STORE_load_locations(store, anchor, NULL); 123 124 in = BIO_new_file(infile, "r"); 125 if (in == NULL) 126 err(EXIT_FAILURE, "Failed to open input data file: %s", infile); 127 128 sig = BIO_new_file(sigfile, "r"); 129 if (sig == NULL) 130 err(EXIT_FAILURE, "Failed to open signature input file: %s", 131 sigfile); 132 133 p7 = PEM_read_bio_PKCS7(sig, NULL, NULL, NULL); 134 if (p7 == NULL) 135 errx(EXIT_FAILURE, "Failed to parse the signature file %s", 136 sigfile); 137 138 ret = PKCS7_verify(p7, cert_chain, store, in, NULL, 0); 139 if (ret != 1) 140 errx(EXIT_FAILURE, "Failed to verify signature"); 141 142 signers = PKCS7_get0_signers(p7, NULL, 0); 143 if (signers == NULL) 144 errx(EXIT_FAILURE, "Failed to get signers"); 145 146 if (sk_X509_num(signers) == 0) 147 errx(EXIT_FAILURE, "No signers ?"); 148 149 if (key_usage != 0) { 150 for (i = 0; i < sk_X509_num(signers); i++) { 151 if ((sk_X509_value(signers, i)->ex_xkusage & key_usage) 152 == key_usage) 153 continue; 154 name = X509_get_subject_name(sk_X509_value(signers, i)); 155 subject = X509_NAME_oneline(name, NULL, 0); 156 errx(EXIT_FAILURE, 157 "Certificate doesn't match required key usage: %s", 158 subject); 159 } 160 } 161 162 if (verbose_flag) 163 printf("Sigature ok, signed by:\n"); 164 165 for (i = 0; i < sk_X509_num(signers); i++) { 166 name = X509_get_subject_name(sk_X509_value(signers, i)); 167 subject = X509_NAME_oneline(name, NULL, 0); 168 169 if (verbose_flag) 170 printf("\t%s\n", subject); 171 172 OPENSSL_free(subject); 173 } 174 175 PKCS7_free(p7); 176 BIO_free(in); 177 BIO_free(sig); 178 } 179 180 /* 181 * Parse and return a list PEM encoded certificates in the file 182 * `file'. In case of error or an empty file, and error text will be 183 * printed and the function will exit(3). 184 */ 185 186 static STACK_OF(X509) * 187 file_to_certs(const char *file) 188 { 189 STACK_OF(X509) *certs; 190 FILE *f; 191 192 f = fopen(file, "r"); 193 if (f == NULL) 194 err(EXIT_FAILURE, "Cannot open certificate file %s", file); 195 certs = sk_X509_new_null(); 196 while (1) { 197 X509 *cert; 198 199 cert = PEM_read_X509(f, NULL, NULL, NULL); 200 if (cert == NULL) { 201 unsigned long ret; 202 203 ret = ERR_GET_REASON(ERR_peek_error()); 204 if (ret == PEM_R_NO_START_LINE) { 205 /* End of file reached. no error */ 206 ERR_clear_error(); 207 break; 208 } 209 errx(EXIT_FAILURE, "Can't read certificate file %s", 210 file); 211 } 212 sk_X509_insert(certs, cert, sk_X509_num(certs)); 213 } 214 fclose(f); 215 if (sk_X509_num(certs) == 0) 216 errx(EXIT_FAILURE, "No certificate found file %s", file); 217 218 return certs; 219 } 220 221 static int 222 ssl_pass_cb(char *buf, int size, int rwflag, void *u) 223 { 224 225 if (UI_UTIL_read_pw_string(buf, size, "Passphrase: ", 0)) 226 return 0; 227 return strlen(buf); 228 } 229 230 static struct { 231 X509 *certificate; 232 STACK_OF(X509) *cert_chain; 233 EVP_PKEY *private_key; 234 } crypto_state; 235 236 /* 237 * Load the certificate file `cert_file' with the associated private 238 * key file `key_file'. The private key is checked to make sure it 239 * matches the certificate. The optional hints for the path to the CA 240 * is stored in `chain_file'. 241 */ 242 243 static void 244 load_keys(const char *cert_file, const char *chain_file, const char *key_file) 245 { 246 STACK_OF(X509) *c; 247 FILE *f; 248 int ret; 249 250 if (cert_file == NULL) 251 errx(EXIT_FAILURE, "No certificate file given"); 252 if (key_file == NULL) 253 errx(EXIT_FAILURE, "No private key file given"); 254 255 c = file_to_certs(cert_file); 256 257 if (sk_X509_num(c) != 1) 258 errx(EXIT_FAILURE, 259 "More then one certificate in the certificate file"); 260 crypto_state.certificate = sk_X509_value(c, 0); 261 262 if (chain_file) 263 crypto_state.cert_chain = file_to_certs(chain_file); 264 265 /* load private key */ 266 f = fopen(key_file, "r"); 267 if (f == NULL) 268 errx(1, "Failed to open private key file %s", key_file); 269 270 crypto_state.private_key = 271 PEM_read_PrivateKey(f, NULL, ssl_pass_cb, NULL); 272 fclose(f); 273 if (crypto_state.private_key == NULL) 274 errx(EXIT_FAILURE, "Can't read private key %s", key_file); 275 276 ret = X509_check_private_key(crypto_state.certificate, 277 crypto_state.private_key); 278 if (ret != 1) 279 errx(EXIT_FAILURE, 280 "The private key %s doesn't match the certificate %s", 281 key_file, cert_file); 282 } 283 284 static void __dead 285 usage(int exit_code) 286 { 287 288 printf("%s usage\n", getprogname()); 289 printf("%s -k keyfile -c cert-chain [-f cert-chain] sign file\n", 290 getprogname()); 291 printf("%s [-u code|...] [-a x509-anchor-file] verify filename.sp7\n", 292 getprogname()); 293 printf("%s [-u code|...] [-a x509-anchor-file] verify filename otherfilename.sp7\n", 294 getprogname()); 295 printf("%s [-u code|...] [-a x509-anchor-file] verify-code file ...\n", 296 getprogname()); 297 exit(exit_code); 298 } 299 300 int 301 main(int argc, char **argv) 302 { 303 const char *anchors = NULL; 304 const char *cert_file = NULL, *key_file = NULL, *chain_file = NULL; 305 const char *file; 306 char *sigfile; 307 int ch; 308 309 setprogname(argv[0]); 310 311 OpenSSL_add_all_algorithms(); 312 ERR_load_crypto_strings(); 313 314 while ((ch = getopt(argc, argv, "a:c:f:hk:u:v")) != -1) { 315 switch (ch) { 316 case 'a': 317 anchors = optarg; 318 break; 319 case 'f': 320 chain_file = optarg; 321 break; 322 case 'k': 323 key_file = optarg; 324 break; 325 case 'c': 326 cert_file = optarg; 327 break; 328 case 'u': 329 if (strcmp("ssl-server", optarg) == 0) 330 key_usage |= XKU_SSL_SERVER; 331 else if (strcmp("ssl-client", optarg) == 0) 332 key_usage |= XKU_SSL_CLIENT; 333 else if (strcmp("code", optarg) == 0) 334 key_usage |= XKU_CODE_SIGN; 335 else if (strcmp("smime", optarg) == 0) 336 key_usage |= XKU_SMIME; 337 else 338 errx(1, "Unknown keyusage: %s", optarg); 339 break; 340 case 'v': 341 verbose_flag = 1; 342 break; 343 case 'h': 344 usage(EXIT_SUCCESS); 345 default: 346 usage(EXIT_FAILURE); 347 } 348 } 349 350 argc -= optind; 351 argv += optind; 352 353 if (argc < 1) { 354 fprintf(stderr, "Command missing [sign|verify]\n"); 355 usage(EXIT_FAILURE); 356 } 357 358 if (strcmp(argv[0], "sign") == 0) { 359 360 if (argc < 2) 361 usage(1); 362 363 file = argv[1]; 364 365 asprintf(&sigfile, "%s.sp7", file); 366 if (sigfile == NULL) 367 err(EXIT_FAILURE, "asprintf failed"); 368 369 load_keys(cert_file, chain_file, key_file); 370 371 sign_file(crypto_state.certificate, 372 crypto_state.private_key, 373 crypto_state.cert_chain, 374 file, 375 sigfile); 376 377 } else if (strcmp(argv[0], "verify") == 0 378 || strcmp(argv[0], "verify-code") == 0) { 379 380 if (strcmp(argv[0], "verify-code") == 0) 381 key_usage |= XKU_CODE_SIGN; 382 383 if (argc < 2) 384 usage(1); 385 else if (argc < 3) { 386 char *dot; 387 388 sigfile = argv[1]; 389 390 file = strdup(sigfile); 391 if (file == NULL) 392 err(1, "strdup failed"); 393 394 dot = strrchr(file, '.'); 395 if (dot == NULL || strchr(dot, '/') != NULL) 396 errx(EXIT_FAILURE, 397 "File name missing suffix"); 398 if (strcmp(".sp7", dot) != 0) 399 errx(EXIT_FAILURE, 400 "File name bad suffix (%s)", dot); 401 *dot = '\0'; 402 } else { 403 file = argv[1]; 404 sigfile = argv[2]; 405 } 406 verify_file(crypto_state.cert_chain, anchors, file, sigfile); 407 } else { 408 fprintf(stderr, "Unknown command: %s\n", argv[0]); 409 usage(EXIT_FAILURE); 410 } 411 412 return 0; 413 } 414