Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */ |
| 2 | /** |
| 3 | * Copyright (C) 2013 Regents of the University of California. |
| 4 | * @author: Yingdi Yu <yingdi@cs.ucla.edu> |
| 5 | * See COPYING for copyright and distribution information. |
| 6 | */ |
| 7 | |
| 8 | #include "sec-tpm.hpp" |
| 9 | |
Junxiao Shi | 482ccc5 | 2014-03-31 13:05:24 -0700 | [diff] [blame^] | 10 | #include "cryptopp.hpp" |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 11 | |
| 12 | using namespace std; |
| 13 | |
| 14 | namespace ndn { |
| 15 | |
| 16 | ConstBufferPtr |
Yingdi Yu | be4150e | 2014-02-18 13:02:46 -0800 | [diff] [blame] | 17 | SecTpm::exportPrivateKeyPkcs8FromTpm(const Name& keyName, const string& passwordStr) |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 18 | { |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 19 | using namespace CryptoPP; |
| 20 | |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 21 | uint8_t salt[8] = {0}; |
| 22 | uint8_t iv[8] = {0}; |
| 23 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 24 | // derive key |
| 25 | if(!generateRandomBlock(salt, 8) || !generateRandomBlock(iv, 8)) |
| 26 | throw Error("Cannot generate salt or iv"); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 27 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 28 | uint32_t iterationCount = 2048; |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 29 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 30 | PKCS5_PBKDF2_HMAC<SHA1> keyGenerator; |
| 31 | size_t derivedLen = 24; //For DES-EDE3-CBC-PAD |
| 32 | byte derived[24] = {0}; |
| 33 | byte purpose = 0; |
| 34 | |
| 35 | try |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 36 | { |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 37 | keyGenerator.DeriveKey(derived, derivedLen, purpose, |
| 38 | reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(), |
| 39 | salt, 8, iterationCount); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 40 | } |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 41 | catch(CryptoPP::Exception& e) |
| 42 | { |
| 43 | throw Error("Cannot derived the encryption key"); |
| 44 | } |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 45 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 46 | //encrypt |
| 47 | CBC_Mode< DES_EDE3 >::Encryption e; |
| 48 | e.SetKeyWithIV(derived, derivedLen, iv); |
| 49 | |
| 50 | ConstBufferPtr pkcs1PrivateKey = exportPrivateKeyPkcs1FromTpm(keyName); |
| 51 | if(!static_cast<bool>(pkcs1PrivateKey)) |
| 52 | throw Error("Cannot export the private key, #1"); |
| 53 | |
| 54 | OBufferStream encryptedOs; |
| 55 | try |
| 56 | { |
| 57 | StringSource stringSource(pkcs1PrivateKey->buf(), pkcs1PrivateKey->size(), true, |
| 58 | new StreamTransformationFilter(e, new FileSink(encryptedOs))); |
| 59 | } |
| 60 | catch(CryptoPP::Exception& e) |
| 61 | { |
| 62 | throw Error("Cannot export the private key, #2"); |
| 63 | } |
| 64 | |
| 65 | //encode |
| 66 | OID pbes2Id("1.2.840.113549.1.5.13"); |
| 67 | OID pbkdf2Id("1.2.840.113549.1.5.12"); |
| 68 | OID pbes2encsId("1.2.840.113549.3.7"); |
| 69 | |
| 70 | OBufferStream pkcs8Os; |
| 71 | try |
| 72 | { |
| 73 | FileSink sink(pkcs8Os); |
| 74 | |
| 75 | // EncryptedPrivateKeyInfo ::= SEQUENCE { |
| 76 | // encryptionAlgorithm EncryptionAlgorithmIdentifier, |
| 77 | // encryptedData OCTET STRING } |
| 78 | DERSequenceEncoder encryptedPrivateKeyInfo(sink); |
| 79 | { |
| 80 | // EncryptionAlgorithmIdentifier ::= SEQUENCE { |
| 81 | // algorithm OBJECT IDENTIFIER {{PBES2-id}}, |
| 82 | // parameters SEQUENCE {{PBES2-params}} } |
| 83 | DERSequenceEncoder encryptionAlgorithm(encryptedPrivateKeyInfo); |
| 84 | { |
| 85 | pbes2Id.encode(encryptionAlgorithm); |
| 86 | // PBES2-params ::= SEQUENCE { |
| 87 | // keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, |
| 88 | // encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} } |
| 89 | DERSequenceEncoder pbes2Params(encryptionAlgorithm); |
| 90 | { |
| 91 | // AlgorithmIdentifier ::= SEQUENCE { |
| 92 | // algorithm OBJECT IDENTIFIER {{PBKDF2-id}}, |
| 93 | // parameters SEQUENCE {{PBKDF2-params}} } |
| 94 | DERSequenceEncoder pbes2KDFs(pbes2Params); |
| 95 | { |
| 96 | pbkdf2Id.encode(pbes2KDFs); |
| 97 | // AlgorithmIdentifier ::= SEQUENCE { |
| 98 | // salt OCTET STRING, |
| 99 | // iterationCount INTEGER (1..MAX), |
| 100 | // keyLength INTEGER (1..MAX) OPTIONAL, |
| 101 | // prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 } |
| 102 | DERSequenceEncoder pbkdf2Params(pbes2KDFs); |
| 103 | { |
| 104 | DEREncodeOctetString(pbkdf2Params, salt, 8); |
| 105 | DEREncodeUnsigned<uint32_t>(pbkdf2Params, iterationCount, INTEGER); |
| 106 | } |
| 107 | pbkdf2Params.MessageEnd(); |
| 108 | } |
| 109 | pbes2KDFs.MessageEnd(); |
| 110 | |
| 111 | // AlgorithmIdentifier ::= SEQUENCE { |
| 112 | // algorithm OBJECT IDENTIFIER {{DES-EDE3-CBC-PAD}}, |
| 113 | // parameters OCTET STRING} {{iv}} } |
| 114 | DERSequenceEncoder pbes2Encs(pbes2Params); |
| 115 | { |
| 116 | pbes2encsId.encode(pbes2Encs); |
| 117 | DEREncodeOctetString(pbes2Encs, iv, 8); |
| 118 | } |
| 119 | pbes2Encs.MessageEnd(); |
| 120 | } |
| 121 | pbes2Params.MessageEnd(); |
| 122 | } |
| 123 | encryptionAlgorithm.MessageEnd(); |
| 124 | |
| 125 | DEREncodeOctetString(encryptedPrivateKeyInfo, encryptedOs.buf()->buf(), encryptedOs.buf()->size()); |
| 126 | } |
| 127 | encryptedPrivateKeyInfo.MessageEnd(); |
| 128 | |
| 129 | return pkcs8Os.buf(); |
| 130 | } |
| 131 | catch(CryptoPP::Exception& e) |
| 132 | { |
| 133 | throw Error("Cannot export the private key, #3"); |
| 134 | } |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 135 | } |
| 136 | |
| 137 | bool |
Yingdi Yu | be4150e | 2014-02-18 13:02:46 -0800 | [diff] [blame] | 138 | SecTpm::importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buf, size_t size, const string& passwordStr) |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 139 | { |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 140 | using namespace CryptoPP; |
| 141 | |
| 142 | OID pbes2Id; |
| 143 | OID pbkdf2Id; |
| 144 | SecByteBlock saltBlock; |
| 145 | uint32_t iterationCount; |
| 146 | OID pbes2encsId; |
| 147 | SecByteBlock ivBlock; |
| 148 | SecByteBlock encryptedDataBlock; |
| 149 | |
| 150 | try |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 151 | { |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 152 | //decode some decoding processes are not necessary for now, because we assume only one encryption scheme. |
| 153 | StringSource source(buf, size, true); |
| 154 | |
| 155 | // EncryptedPrivateKeyInfo ::= SEQUENCE { |
| 156 | // encryptionAlgorithm EncryptionAlgorithmIdentifier, |
| 157 | // encryptedData OCTET STRING } |
| 158 | BERSequenceDecoder encryptedPrivateKeyInfo(source); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 159 | { |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 160 | // EncryptionAlgorithmIdentifier ::= SEQUENCE { |
| 161 | // algorithm OBJECT IDENTIFIER {{PBES2-id}}, |
| 162 | // parameters SEQUENCE {{PBES2-params}} } |
| 163 | BERSequenceDecoder encryptionAlgorithm(encryptedPrivateKeyInfo); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 164 | { |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 165 | pbes2Id.decode(encryptionAlgorithm); |
| 166 | // PBES2-params ::= SEQUENCE { |
| 167 | // keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, |
| 168 | // encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} } |
| 169 | BERSequenceDecoder pbes2Params(encryptionAlgorithm); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 170 | { |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 171 | // AlgorithmIdentifier ::= SEQUENCE { |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 172 | // algorithm OBJECT IDENTIFIER {{PBKDF2-id}}, |
| 173 | // parameters SEQUENCE {{PBKDF2-params}} } |
| 174 | BERSequenceDecoder pbes2KDFs(pbes2Params); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 175 | { |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 176 | pbkdf2Id.decode(pbes2KDFs); |
| 177 | // AlgorithmIdentifier ::= SEQUENCE { |
| 178 | // salt OCTET STRING, |
| 179 | // iterationCount INTEGER (1..MAX), |
| 180 | // keyLength INTEGER (1..MAX) OPTIONAL, |
| 181 | // prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 } |
| 182 | BERSequenceDecoder pbkdf2Params(pbes2KDFs); |
| 183 | { |
| 184 | BERDecodeOctetString(pbkdf2Params, saltBlock); |
| 185 | BERDecodeUnsigned<uint32_t>(pbkdf2Params, iterationCount, INTEGER); |
| 186 | } |
| 187 | pbkdf2Params.MessageEnd(); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 188 | } |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 189 | pbes2KDFs.MessageEnd(); |
| 190 | |
| 191 | // AlgorithmIdentifier ::= SEQUENCE { |
| 192 | // algorithm OBJECT IDENTIFIER {{DES-EDE3-CBC-PAD}}, |
| 193 | // parameters OCTET STRING} {{iv}} } |
| 194 | BERSequenceDecoder pbes2Encs(pbes2Params); |
| 195 | { |
| 196 | pbes2encsId.decode(pbes2Encs); |
| 197 | BERDecodeOctetString(pbes2Encs, ivBlock); |
| 198 | } |
| 199 | pbes2Encs.MessageEnd(); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 200 | } |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 201 | pbes2Params.MessageEnd(); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 202 | } |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 203 | encryptionAlgorithm.MessageEnd(); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 204 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 205 | BERDecodeOctetString(encryptedPrivateKeyInfo, encryptedDataBlock); |
| 206 | } |
| 207 | encryptedPrivateKeyInfo.MessageEnd(); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 208 | } |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 209 | catch(CryptoPP::Exception& e) |
| 210 | { |
| 211 | return false; |
| 212 | } |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 213 | |
| 214 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 215 | PKCS5_PBKDF2_HMAC<SHA1> keyGenerator; |
| 216 | size_t derivedLen = 24; //For DES-EDE3-CBC-PAD |
| 217 | byte derived[24] = {0}; |
| 218 | byte purpose = 0; |
| 219 | |
| 220 | try |
| 221 | { |
| 222 | keyGenerator.DeriveKey(derived, derivedLen, |
| 223 | purpose, |
| 224 | reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(), |
| 225 | saltBlock.BytePtr(), saltBlock.size(), |
| 226 | iterationCount); |
| 227 | } |
| 228 | catch(CryptoPP::Exception& e) |
| 229 | { |
| 230 | return false; |
| 231 | } |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 232 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 233 | //decrypt |
| 234 | CBC_Mode< DES_EDE3 >::Decryption d; |
| 235 | d.SetKeyWithIV(derived, derivedLen, ivBlock.BytePtr()); |
| 236 | |
| 237 | OBufferStream privateKeyOs; |
| 238 | try |
| 239 | { |
| 240 | StringSource encryptedSource(encryptedDataBlock.BytePtr(), encryptedDataBlock.size(), true, |
| 241 | new StreamTransformationFilter(d, new FileSink(privateKeyOs))); |
| 242 | } |
| 243 | catch(CryptoPP::Exception& e) |
| 244 | { |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 245 | return false; |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 246 | } |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 247 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 248 | if(!importPrivateKeyPkcs1IntoTpm(keyName, privateKeyOs.buf()->buf(), privateKeyOs.buf()->size())) |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 249 | return false; |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 250 | |
| 251 | //derive public key |
| 252 | OBufferStream publicKeyOs; |
| 253 | |
| 254 | try |
| 255 | { |
| 256 | RSA::PrivateKey privateKey; |
| 257 | privateKey.Load(StringStore(privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()).Ref()); |
| 258 | RSAFunction publicKey(privateKey); |
| 259 | |
| 260 | FileSink publicKeySink(publicKeyOs); |
| 261 | publicKey.DEREncode(publicKeySink); |
| 262 | publicKeySink.MessageEnd(); |
| 263 | } |
| 264 | catch(CryptoPP::Exception& e) |
| 265 | { |
| 266 | return false; |
| 267 | } |
| 268 | |
| 269 | if(!importPublicKeyPkcs1IntoTpm(keyName, publicKeyOs.buf()->buf(), publicKeyOs.buf()->size())) |
| 270 | return false; |
| 271 | |
| 272 | return true; |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 273 | } |
| 274 | |
| 275 | |
Yingdi Yu | fc40d87 | 2014-02-18 12:56:04 -0800 | [diff] [blame] | 276 | } // namespace ndn |