Head

GCC Code Coverage Report

Directory:	./		Exec	Total	Coverage
File:	usr.sbin/acme-client/keyproc.c	Lines:	0	108	0.0 %
Date:	2017-11-07	Branches:	0	62	0.0 %


/*	$Id: keyproc.c,v 1.9 2017/03/26 18:41:02 deraadt Exp $ */
/*
 * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <sys/stat.h>

#include <err.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>

#include "extern.h"
#include "rsa.h"

/*
 * This was lifted more or less directly from demos/x509/mkreq.c of the
 * OpenSSL source code.
 */
static int
add_ext(STACK_OF(X509_EXTENSION) *sk, int nid, const char *value)
{
	X509_EXTENSION	*ex;
	char		*cp;

	/*
	 * XXX: I don't like this at all.
	 * There's no documentation for X509V3_EXT_conf_nid, so I'm not
	 * sure if the "value" parameter is ever written to, touched,
	 * etc.
	 * The 'official' examples suggest not (they use a string
	 * literal as the input), but to be safe, I'm doing an
	 * allocation here and just letting it go.
	 * This leaks memory, but bounded to the number of SANs.
	 */

	if ((cp = strdup(value)) == NULL) {
		warn("strdup");
		return (0);
	}
	ex = X509V3_EXT_conf_nid(NULL, NULL, nid, cp);
	if (ex == NULL) {
		warnx("X509V3_EXT_conf_nid");
		free(cp);
		return (0);
	}
	sk_X509_EXTENSION_push(sk, ex);
	return (1);
}

/*
 * Create an X509 certificate from the private key we have on file.
 * To do this, we first open the key file, then jail ourselves.
 * We then use the crypto library to create the certificate within the
 * jail and, on success, ship it to "netsock" as an X509 request.
 */
int
keyproc(int netsock, const char *keyfile,
    const char **alts, size_t altsz, int newkey)
{
	char		*der64 = NULL, *der = NULL, *dercp;
	char		*sans = NULL, *san = NULL;
	FILE		*f;
	size_t		 i, sansz;
	void		*pp;
	EVP_PKEY	*pkey = NULL;
	X509_REQ	*x = NULL;
	X509_NAME	*name = NULL;
	int		 len, rc = 0, cc, nid;
	mode_t		 prev;
	STACK_OF(X509_EXTENSION) *exts = NULL;

	/*
	 * First, open our private key file read-only or write-only if
	 * we're creating from scratch.
	 * Set our umask to be maximally restrictive.
	 */

	prev = umask((S_IWUSR | S_IXUSR) | S_IRWXG | S_IRWXO);
	f = fopen(keyfile, newkey ? "wx" : "r");
	umask(prev);

	if (f == NULL) {
		warn("%s", keyfile);
		goto out;
	}

	/* File-system, user, and sandbox jail. */

	ERR_load_crypto_strings();

	if (pledge("stdio flock rpath cpath wpath", NULL) == -1) {
		warn("pledge");
		goto out;
	}

	if (newkey) {
		if ((pkey = rsa_key_create(f, keyfile)) == NULL)
			goto out;
		dodbg("%s: generated RSA domain key", keyfile);
	} else {
		if ((pkey = rsa_key_load(f, keyfile)) == NULL)
			goto out;
		doddbg("%s: loaded RSA domain key", keyfile);
	}

	fclose(f);
	f = NULL;

	/*
	 * Generate our certificate from the EVP public key.
	 * Then set it as the X509 requester's key.
	 */

	if ((x = X509_REQ_new()) == NULL) {
		warnx("X509_new");
		goto out;
	} else if (!X509_REQ_set_pubkey(x, pkey)) {
		warnx("X509_set_pubkey");
		goto out;
	}

	/* Now specify the common name that we'll request. */

	if ((name = X509_NAME_new()) == NULL) {
		warnx("X509_NAME_new");
		goto out;
	} else if (!X509_NAME_add_entry_by_txt(name, "CN",
		MBSTRING_ASC, (u_char *)alts[0], -1, -1, 0)) {
		warnx("X509_NAME_add_entry_by_txt: CN=%s", alts[0]);
		goto out;
	} else if (!X509_REQ_set_subject_name(x, name)) {
		warnx("X509_req_set_issuer_name");
		goto out;
	}

	/*
	 * Now add the SAN extensions.
	 * This was lifted more or less directly from demos/x509/mkreq.c
	 * of the OpenSSL source code.
	 * (The zeroth altname is the domain name.)
	 * TODO: is this the best way of doing this?
	 */

	if (altsz > 1) {
		nid = NID_subject_alt_name;
		if ((exts = sk_X509_EXTENSION_new_null()) == NULL) {
			warnx("sk_X509_EXTENSION_new_null");
			goto out;
		}
		/* Initialise to empty string. */
		if ((sans = strdup("")) == NULL) {
			warn("strdup");
			goto out;
		}
		sansz = strlen(sans) + 1;

		/*
		 * For each SAN entry, append it to the string.
		 * We need a single SAN entry for all of the SAN
		 * domains: NOT an entry per domain!
		 */

		for (i = 1; i < altsz; i++) {
			cc = asprintf(&san, "%sDNS:%s",
			    i > 1 ? "," : "", alts[i]);
			if (cc == -1) {
				warn("asprintf");
				goto out;
			}
			pp = recallocarray(sans, sansz, sansz + strlen(san), 1);
			if (pp == NULL) {
				warn("recallocarray");
				goto out;
			}
			sans = pp;
			sansz += strlen(san);
			strlcat(sans, san, sansz);
			free(san);
			san = NULL;
		}

		if (!add_ext(exts, nid, sans)) {
			warnx("add_ext");
			goto out;
		} else if (!X509_REQ_add_extensions(x, exts)) {
			warnx("X509_REQ_add_extensions");
			goto out;
		}
		sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
	}

	/* Sign the X509 request using SHA256. */

	if (!X509_REQ_sign(x, pkey, EVP_sha256())) {
		warnx("X509_sign");
		goto out;
	}

	/* Now, serialise to DER, then base64. */

	if ((len = i2d_X509_REQ(x, NULL)) < 0) {
		warnx("i2d_X509");
		goto out;
	} else if ((der = dercp = malloc(len)) == NULL) {
		warn("malloc");
		goto out;
	} else if (len != i2d_X509_REQ(x, (u_char **)&dercp)) {
		warnx("i2d_X509");
		goto out;
	} else if ((der64 = base64buf_url(der, len)) == NULL) {
		warnx("base64buf_url");
		goto out;
	}

	/*
	 * Write that we're ready, then write.
	 * We ignore reader-closed failure, as we're just going to roll
	 * into the exit case anyway.
	 */

	if (writeop(netsock, COMM_KEY_STAT, KEY_READY) < 0)
		goto out;
	if (writestr(netsock, COMM_CERT, der64) < 0)
		goto out;

	rc = 1;
out:
	close(netsock);
	if (f != NULL)
		fclose(f);
	free(der);
	free(der64);
	free(sans);
	free(san);
	if (x != NULL)
		X509_REQ_free(x);
	if (name != NULL)
		X509_NAME_free(name);
	if (pkey != NULL)
		EVP_PKEY_free(pkey);
	ERR_print_errors_fp(stderr);
	ERR_free_strings();
	return (rc);
}


Generated by: GCOVR (Version 3.3)

Line	Branch	Exec	Source
1			/* $Id: keyproc.c,v 1.9 2017/03/26 18:41:02 deraadt Exp $ */
2			/*
3			* Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
4			*
5			* Permission to use, copy, modify, and distribute this software for any
6			* purpose with or without fee is hereby granted, provided that the above
7			* copyright notice and this permission notice appear in all copies.
8			*
9			* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
10			* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11			* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
12			* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13			* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14			* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15			* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16			*/
17
18			#include <sys/stat.h>
19
20			#include <err.h>
21			#include <stdio.h>
22			#include <stdlib.h>
23			#include <string.h>
24			#include <unistd.h>
25
26			#include <openssl/pem.h>
27			#include <openssl/err.h>
28			#include <openssl/rand.h>
29			#include <openssl/x509.h>
30			#include <openssl/x509v3.h>
31
32			#include "extern.h"
33			#include "rsa.h"
34
35			/*
36			* This was lifted more or less directly from demos/x509/mkreq.c of the
37			* OpenSSL source code.
38			*/
39			static int
40			add_ext(STACK_OF(X509_EXTENSION) sk, int nid, const char value)
41			{
42			X509_EXTENSION *ex;
43			char *cp;
44
45			/*
46			* XXX: I don't like this at all.
47			* There's no documentation for X509V3_EXT_conf_nid, so I'm not
48			* sure if the "value" parameter is ever written to, touched,
49			* etc.
50			* The 'official' examples suggest not (they use a string
51			* literal as the input), but to be safe, I'm doing an
52			* allocation here and just letting it go.
53			* This leaks memory, but bounded to the number of SANs.
54			*/
55
56			if ((cp = strdup(value)) == NULL) {
57			warn("strdup");
58			return (0);
59			}
60			ex = X509V3_EXT_conf_nid(NULL, NULL, nid, cp);
61			if (ex == NULL) {
62			warnx("X509V3_EXT_conf_nid");
63			free(cp);
64			return (0);
65			}
66			sk_X509_EXTENSION_push(sk, ex);
67			return (1);
68			}
69
70			/*
71			* Create an X509 certificate from the private key we have on file.
72			* To do this, we first open the key file, then jail ourselves.
73			* We then use the crypto library to create the certificate within the
74			* jail and, on success, ship it to "netsock" as an X509 request.
75			*/
76			int
77			keyproc(int netsock, const char *keyfile,
78			const char **alts, size_t altsz, int newkey)
79			{
80			char der64 = NULL, der = NULL, *dercp;
81			char sans = NULL, san = NULL;
82			FILE *f;
83			size_t i, sansz;
84			void *pp;
85			EVP_PKEY *pkey = NULL;
86			X509_REQ *x = NULL;
87			X509_NAME *name = NULL;
88			int len, rc = 0, cc, nid;
89			mode_t prev;
90			STACK_OF(X509_EXTENSION) *exts = NULL;
91
92			/*
93			* First, open our private key file read-only or write-only if
94			* we're creating from scratch.
95			* Set our umask to be maximally restrictive.
96			*/
97
98			prev = umask((S_IWUSR \| S_IXUSR) \| S_IRWXG \| S_IRWXO);
99			f = fopen(keyfile, newkey ? "wx" : "r");
100			umask(prev);
101
102			if (f == NULL) {
103			warn("%s", keyfile);
104			goto out;
105			}
106
107			/* File-system, user, and sandbox jail. */
108
109			ERR_load_crypto_strings();
110
111			if (pledge("stdio flock rpath cpath wpath", NULL) == -1) {
112			warn("pledge");
113			goto out;
114			}
115
116			if (newkey) {
117			if ((pkey = rsa_key_create(f, keyfile)) == NULL)
118			goto out;
119			dodbg("%s: generated RSA domain key", keyfile);
120			} else {
121			if ((pkey = rsa_key_load(f, keyfile)) == NULL)
122			goto out;
123			doddbg("%s: loaded RSA domain key", keyfile);
124			}
125
126			fclose(f);
127			f = NULL;
128
129			/*
130			* Generate our certificate from the EVP public key.
131			* Then set it as the X509 requester's key.
132			*/
133
134			if ((x = X509_REQ_new()) == NULL) {
135			warnx("X509_new");
136			goto out;
137			} else if (!X509_REQ_set_pubkey(x, pkey)) {
138			warnx("X509_set_pubkey");
139			goto out;
140			}
141
142			/* Now specify the common name that we'll request. */
143
144			if ((name = X509_NAME_new()) == NULL) {
145			warnx("X509_NAME_new");
146			goto out;
147			} else if (!X509_NAME_add_entry_by_txt(name, "CN",
148			MBSTRING_ASC, (u_char *)alts[0], -1, -1, 0)) {
149			warnx("X509_NAME_add_entry_by_txt: CN=%s", alts[0]);
150			goto out;
151			} else if (!X509_REQ_set_subject_name(x, name)) {
152			warnx("X509_req_set_issuer_name");
153			goto out;
154			}
155
156			/*
157			* Now add the SAN extensions.
158			* This was lifted more or less directly from demos/x509/mkreq.c
159			* of the OpenSSL source code.
160			* (The zeroth altname is the domain name.)
161			* TODO: is this the best way of doing this?
162			*/
163
164			if (altsz > 1) {
165			nid = NID_subject_alt_name;
166			if ((exts = sk_X509_EXTENSION_new_null()) == NULL) {
167			warnx("sk_X509_EXTENSION_new_null");
168			goto out;
169			}
170			/* Initialise to empty string. */
171			if ((sans = strdup("")) == NULL) {
172			warn("strdup");
173			goto out;
174			}
175			sansz = strlen(sans) + 1;
176
177			/*
178			* For each SAN entry, append it to the string.
179			* We need a single SAN entry for all of the SAN
180			* domains: NOT an entry per domain!
181			*/
182
183			for (i = 1; i < altsz; i++) {
184			cc = asprintf(&san, "%sDNS:%s",
185			i > 1 ? "," : "", alts[i]);
186			if (cc == -1) {
187			warn("asprintf");
188			goto out;
189			}
190			pp = recallocarray(sans, sansz, sansz + strlen(san), 1);
191			if (pp == NULL) {
192			warn("recallocarray");
193			goto out;
194			}
195			sans = pp;
196			sansz += strlen(san);
197			strlcat(sans, san, sansz);
198			free(san);
199			san = NULL;
200			}
201
202			if (!add_ext(exts, nid, sans)) {
203			warnx("add_ext");
204			goto out;
205			} else if (!X509_REQ_add_extensions(x, exts)) {
206			warnx("X509_REQ_add_extensions");
207			goto out;
208			}
209			sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
210			}
211
212			/* Sign the X509 request using SHA256. */
213
214			if (!X509_REQ_sign(x, pkey, EVP_sha256())) {
215			warnx("X509_sign");
216			goto out;
217			}
218
219			/* Now, serialise to DER, then base64. */
220
221			if ((len = i2d_X509_REQ(x, NULL)) < 0) {
222			warnx("i2d_X509");
223			goto out;
224			} else if ((der = dercp = malloc(len)) == NULL) {
225			warn("malloc");
226			goto out;
227			} else if (len != i2d_X509_REQ(x, (u_char **)&dercp)) {
228			warnx("i2d_X509");
229			goto out;
230			} else if ((der64 = base64buf_url(der, len)) == NULL) {
231			warnx("base64buf_url");
232			goto out;
233			}
234
235			/*
236			* Write that we're ready, then write.
237			* We ignore reader-closed failure, as we're just going to roll
238			* into the exit case anyway.
239			*/
240
241			if (writeop(netsock, COMM_KEY_STAT, KEY_READY) < 0)
242			goto out;
243			if (writestr(netsock, COMM_CERT, der64) < 0)
244			goto out;
245
246			rc = 1;
247			out:
248			close(netsock);
249			if (f != NULL)
250			fclose(f);
251			free(der);
252			free(der64);
253			free(sans);
254			free(san);
255			if (x != NULL)
256			X509_REQ_free(x);
257			if (name != NULL)
258			X509_NAME_free(name);
259			if (pkey != NULL)
260			EVP_PKEY_free(pkey);
261			ERR_print_errors_fp(stderr);
262			ERR_free_strings();
263			return (rc);
264			}