parse_key_file.cpp 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
  1. /*
  2. * Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. /**
  32. * File:
  33. * parse_key_file.cpp
  34. * Description:
  35. * Parse the RSA key file that user inputs
  36. * to get the key type and RSA structure.
  37. */
  38. #include "parse_key_file.h"
  39. #include "se_trace.h"
  40. #include "util_st.h"
  41. #include <stdio.h>
  42. #include <stdlib.h>
  43. #include <string.h>
  44. #include <assert.h>
  45. #include <openssl/pem.h>
  46. #if OPENSSL_VERSION_NUMBER < 0x10100000L
  47. void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
  48. {
  49. assert(rsa != NULL);
  50. if(n != NULL)
  51. *n = rsa->n;
  52. if(e != NULL)
  53. *e = rsa->e;
  54. if(d != NULL)
  55. *d = rsa->d;
  56. }
  57. #endif
  58. //parse_key_file():
  59. // parse the RSA key file
  60. //Return Value:
  61. // true: success
  62. // false: fail
  63. bool parse_key_file(int mode, const char *key_path, RSA **prsa, int *pkey_type)
  64. {
  65. assert(prsa != NULL && pkey_type != NULL);
  66. if(key_path == NULL)
  67. {
  68. *pkey_type = NO_KEY;
  69. return false;
  70. }
  71. FILE *fp = fopen(key_path, "rb");
  72. if(fp == NULL)
  73. {
  74. se_trace(SE_TRACE_ERROR, OPEN_FILE_ERROR, key_path);
  75. return false;
  76. }
  77. int key_type = UNIDENTIFIABLE_KEY;
  78. RSA *rsa = NULL;
  79. if(mode == SIGN)
  80. {
  81. rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);
  82. fclose(fp);
  83. if(!rsa)
  84. {
  85. se_trace(SE_TRACE_ERROR, KEY_FORMAT_ERROR);
  86. return false;
  87. }
  88. key_type = PRIVATE_KEY;
  89. }
  90. else if(mode == CATSIG)
  91. {
  92. rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
  93. fclose(fp);
  94. if(!rsa)
  95. {
  96. se_trace(SE_TRACE_ERROR, KEY_FORMAT_ERROR);
  97. return false;
  98. }
  99. key_type = PUBLIC_KEY;
  100. }
  101. else
  102. {
  103. se_trace(SE_TRACE_ERROR, "ERROR: Invalid command\n %s", USAGE_STRING);
  104. fclose(fp);
  105. return false;
  106. }
  107. // Check the key size and exponent
  108. const BIGNUM *n = NULL, *e = NULL;
  109. RSA_get0_key(rsa, &n, &e, NULL);
  110. if(BN_num_bytes(n) != N_SIZE_IN_BYTES)
  111. {
  112. se_trace(SE_TRACE_ERROR, INVALID_KEYSIZE_ERROR);
  113. RSA_free(rsa);
  114. return false;
  115. }
  116. char *p = BN_bn2dec(e);
  117. if(memcmp(p, "3", 2))
  118. {
  119. se_trace(SE_TRACE_ERROR, INVALID_EXPONENT_ERROR);
  120. OPENSSL_free(p);
  121. RSA_free(rsa);
  122. return false;
  123. }
  124. OPENSSL_free(p);
  125. *prsa = rsa;
  126. *pkey_type = key_type;
  127. return true;
  128. }