Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 4b8c6a20bbc8207e7044da000c4af1ffeea07717 / . / src / security / sec-tpm.cpp
blob: d2e4af536b2804638b26ca4119acc00bb7c8f4bf [file] [log] [blame]
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * See COPYING for copyright and distribution information.
6 */
7
8#include "sec-tpm.hpp"
9
Junxiao Shi482ccc52014-03-31 13:05:24 -0700[diff] [blame]10#include "cryptopp.hpp"
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]11
12using namespace std;
13
14namespace ndn {
15
16ConstBufferPtr
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]17SecTpm::exportPrivateKeyPkcs8FromTpm(const Name& keyName, const string& passwordStr)
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]18{
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]19 using namespace CryptoPP;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]20
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]21 uint8_t salt[8] = {0};
22 uint8_t iv[8] = {0};
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]23
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]24 // derive key
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]25 if (!generateRandomBlock(salt, 8) || !generateRandomBlock(iv, 8))
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]26 throw Error("Cannot generate salt or iv");
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]27
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]28 uint32_t iterationCount = 2048;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]29
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]30 PKCS5_PBKDF2_HMAC<SHA1> keyGenerator;
31 size_t derivedLen = 24; //For DES-EDE3-CBC-PAD
32 byte derived[24] = {0};
33 byte purpose = 0;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]34
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]35 try
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]36 {
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]37 keyGenerator.DeriveKey(derived, derivedLen, purpose,
38 reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(),
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]39 salt, 8, iterationCount);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]40 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]41 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]42 {
43 throw Error("Cannot derived the encryption key");
44 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]45
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]46 //encrypt
47 CBC_Mode< DES_EDE3 >::Encryption e;
48 e.SetKeyWithIV(derived, derivedLen, iv);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]49
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]50 ConstBufferPtr pkcs1PrivateKey = exportPrivateKeyPkcs1FromTpm(keyName);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]51 if (!static_cast<bool>(pkcs1PrivateKey))
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]52 throw Error("Cannot export the private key, #1");
53
54 OBufferStream encryptedOs;
55 try
56 {
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]57 StringSource stringSource(pkcs1PrivateKey->buf(), pkcs1PrivateKey->size(), true,
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]58 new StreamTransformationFilter(e, new FileSink(encryptedOs)));
59 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]60 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]61 {
62 throw Error("Cannot export the private key, #2");
63 }
64
65 //encode
66 OID pbes2Id("1.2.840.113549.1.5.13");
67 OID pbkdf2Id("1.2.840.113549.1.5.12");
68 OID pbes2encsId("1.2.840.113549.3.7");
69
70 OBufferStream pkcs8Os;
71 try
72 {
73 FileSink sink(pkcs8Os);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]74
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]75 // EncryptedPrivateKeyInfo ::= SEQUENCE {
76 // encryptionAlgorithm EncryptionAlgorithmIdentifier,
77 // encryptedData OCTET STRING }
78 DERSequenceEncoder encryptedPrivateKeyInfo(sink);
79 {
80 // EncryptionAlgorithmIdentifier ::= SEQUENCE {
81 // algorithm OBJECT IDENTIFIER {{PBES2-id}},
82 // parameters SEQUENCE {{PBES2-params}} }
83 DERSequenceEncoder encryptionAlgorithm(encryptedPrivateKeyInfo);
84 {
85 pbes2Id.encode(encryptionAlgorithm);
86 // PBES2-params ::= SEQUENCE {
87 // keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
88 // encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }
89 DERSequenceEncoder pbes2Params(encryptionAlgorithm);
90 {
91 // AlgorithmIdentifier ::= SEQUENCE {
92 // algorithm OBJECT IDENTIFIER {{PBKDF2-id}},
93 // parameters SEQUENCE {{PBKDF2-params}} }
94 DERSequenceEncoder pbes2KDFs(pbes2Params);
95 {
96 pbkdf2Id.encode(pbes2KDFs);
97 // AlgorithmIdentifier ::= SEQUENCE {
98 // salt OCTET STRING,
99 // iterationCount INTEGER (1..MAX),
100 // keyLength INTEGER (1..MAX) OPTIONAL,
101 // prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 }
102 DERSequenceEncoder pbkdf2Params(pbes2KDFs);
103 {
104 DEREncodeOctetString(pbkdf2Params, salt, 8);
105 DEREncodeUnsigned<uint32_t>(pbkdf2Params, iterationCount, INTEGER);
106 }
107 pbkdf2Params.MessageEnd();
108 }
109 pbes2KDFs.MessageEnd();
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]110
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]111 // AlgorithmIdentifier ::= SEQUENCE {
112 // algorithm OBJECT IDENTIFIER {{DES-EDE3-CBC-PAD}},
113 // parameters OCTET STRING} {{iv}} }
114 DERSequenceEncoder pbes2Encs(pbes2Params);
115 {
116 pbes2encsId.encode(pbes2Encs);
117 DEREncodeOctetString(pbes2Encs, iv, 8);
118 }
119 pbes2Encs.MessageEnd();
120 }
121 pbes2Params.MessageEnd();
122 }
123 encryptionAlgorithm.MessageEnd();
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]124
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame^]125 DEREncodeOctetString(encryptedPrivateKeyInfo,
126 encryptedOs.buf()->buf(), encryptedOs.buf()->size());
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]127 }
128 encryptedPrivateKeyInfo.MessageEnd();
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]129
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]130 return pkcs8Os.buf();
131 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]132 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]133 {
134 throw Error("Cannot export the private key, #3");
135 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]136}
137
138bool
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame^]139SecTpm::importPrivateKeyPkcs8IntoTpm(const Name& keyName,
140 const uint8_t* buf, size_t size,
141 const string& passwordStr)
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]142{
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]143 using namespace CryptoPP;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]144
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]145 OID pbes2Id;
146 OID pbkdf2Id;
147 SecByteBlock saltBlock;
148 uint32_t iterationCount;
149 OID pbes2encsId;
150 SecByteBlock ivBlock;
151 SecByteBlock encryptedDataBlock;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]152
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]153 try
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]154 {
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame^]155 // decode some decoding processes are not necessary for now,
156 // because we assume only one encryption scheme.
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]157 StringSource source(buf, size, true);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]158
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]159 // EncryptedPrivateKeyInfo ::= SEQUENCE {
160 // encryptionAlgorithm EncryptionAlgorithmIdentifier,
161 // encryptedData OCTET STRING }
162 BERSequenceDecoder encryptedPrivateKeyInfo(source);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]163 {
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]164 // EncryptionAlgorithmIdentifier ::= SEQUENCE {
165 // algorithm OBJECT IDENTIFIER {{PBES2-id}},
166 // parameters SEQUENCE {{PBES2-params}} }
167 BERSequenceDecoder encryptionAlgorithm(encryptedPrivateKeyInfo);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]168 {
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]169 pbes2Id.decode(encryptionAlgorithm);
170 // PBES2-params ::= SEQUENCE {
171 // keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
172 // encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }
173 BERSequenceDecoder pbes2Params(encryptionAlgorithm);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]174 {
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]175 // AlgorithmIdentifier ::= SEQUENCE {
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]176 // algorithm OBJECT IDENTIFIER {{PBKDF2-id}},
177 // parameters SEQUENCE {{PBKDF2-params}} }
178 BERSequenceDecoder pbes2KDFs(pbes2Params);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]179 {
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]180 pbkdf2Id.decode(pbes2KDFs);
181 // AlgorithmIdentifier ::= SEQUENCE {
182 // salt OCTET STRING,
183 // iterationCount INTEGER (1..MAX),
184 // keyLength INTEGER (1..MAX) OPTIONAL,
185 // prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 }
186 BERSequenceDecoder pbkdf2Params(pbes2KDFs);
187 {
188 BERDecodeOctetString(pbkdf2Params, saltBlock);
189 BERDecodeUnsigned<uint32_t>(pbkdf2Params, iterationCount, INTEGER);
190 }
191 pbkdf2Params.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]192 }
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]193 pbes2KDFs.MessageEnd();
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]194
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]195 // AlgorithmIdentifier ::= SEQUENCE {
196 // algorithm OBJECT IDENTIFIER {{DES-EDE3-CBC-PAD}},
197 // parameters OCTET STRING} {{iv}} }
198 BERSequenceDecoder pbes2Encs(pbes2Params);
199 {
200 pbes2encsId.decode(pbes2Encs);
201 BERDecodeOctetString(pbes2Encs, ivBlock);
202 }
203 pbes2Encs.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]204 }
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]205 pbes2Params.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]206 }
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]207 encryptionAlgorithm.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]208
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]209 BERDecodeOctetString(encryptedPrivateKeyInfo, encryptedDataBlock);
210 }
211 encryptedPrivateKeyInfo.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]212 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]213 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]214 {
215 return false;
216 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]217
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]218
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]219 PKCS5_PBKDF2_HMAC<SHA1> keyGenerator;
220 size_t derivedLen = 24; //For DES-EDE3-CBC-PAD
221 byte derived[24] = {0};
222 byte purpose = 0;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]223
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]224 try
225 {
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]226 keyGenerator.DeriveKey(derived, derivedLen,
227 purpose,
228 reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(),
229 saltBlock.BytePtr(), saltBlock.size(),
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]230 iterationCount);
231 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]232 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]233 {
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]234 return false;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]235 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]236
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]237 //decrypt
238 CBC_Mode< DES_EDE3 >::Decryption d;
239 d.SetKeyWithIV(derived, derivedLen, ivBlock.BytePtr());
240
241 OBufferStream privateKeyOs;
242 try
243 {
244 StringSource encryptedSource(encryptedDataBlock.BytePtr(), encryptedDataBlock.size(), true,
245 new StreamTransformationFilter(d, new FileSink(privateKeyOs)));
246 }
247 catch (CryptoPP::Exception& e)
248 {
249 return false;
250 }
251
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame^]252 if (!importPrivateKeyPkcs1IntoTpm(keyName,
253 privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()))
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]254 return false;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]255
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]256 //derive public key
257 OBufferStream publicKeyOs;
258
259 try
260 {
261 RSA::PrivateKey privateKey;
262 privateKey.Load(StringStore(privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()).Ref());
263 RSAFunction publicKey(privateKey);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]264
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]265 FileSink publicKeySink(publicKeyOs);
266 publicKey.DEREncode(publicKeySink);
267 publicKeySink.MessageEnd();
268 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]269 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]270 {
271 return false;
272 }
273
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]274 if (!importPublicKeyPkcs1IntoTpm(keyName, publicKeyOs.buf()->buf(), publicKeyOs.buf()->size()))
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]275 return false;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]276
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]277 return true;
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]278}
279
280
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame]281} // namespace ndn