Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / dfa52c4400de8a576ea8b206135020cabe8d158d / . / src / security / sec-tpm.cpp
blob: e4e131535213e084c03751d5ad702e61bb15216b [file] [log] [blame]
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame^]3 * Copyright (c) 2013-2014, Regents of the University of California.
4 * All rights reserved.
5 *
6 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
7 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
8 *
9 * This file licensed under New BSD License. See COPYING for detailed information about
10 * ndn-cxx library copyright, permissions, and redistribution restrictions.
11 *
12 * @author Yingdi Yu <http://irl.cs.ucla.edu/~yingdi/>
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]13 */
14
15#include "sec-tpm.hpp"
16
Junxiao Shi482ccc52014-03-31 13:05:24 -0700[diff] [blame]17#include "cryptopp.hpp"
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]18
19using namespace std;
20
21namespace ndn {
22
23ConstBufferPtr
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]24SecTpm::exportPrivateKeyPkcs5FromTpm(const Name& keyName, const string& passwordStr)
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]25{
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]26 using namespace CryptoPP;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]27
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]28 uint8_t salt[8] = {0};
29 uint8_t iv[8] = {0};
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]30
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]31 // derive key
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]32 if (!generateRandomBlock(salt, 8) || !generateRandomBlock(iv, 8))
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]33 throw Error("Cannot generate salt or iv");
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]34
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]35 uint32_t iterationCount = 2048;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]36
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]37 PKCS5_PBKDF2_HMAC<SHA1> keyGenerator;
38 size_t derivedLen = 24; //For DES-EDE3-CBC-PAD
39 byte derived[24] = {0};
40 byte purpose = 0;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]41
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]42 try
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]43 {
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]44 keyGenerator.DeriveKey(derived, derivedLen, purpose,
45 reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(),
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]46 salt, 8, iterationCount);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]47 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]48 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]49 {
50 throw Error("Cannot derived the encryption key");
51 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]52
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]53 //encrypt
54 CBC_Mode< DES_EDE3 >::Encryption e;
55 e.SetKeyWithIV(derived, derivedLen, iv);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]56
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]57 ConstBufferPtr pkcs8PrivateKey = exportPrivateKeyPkcs8FromTpm(keyName);
58 if (!static_cast<bool>(pkcs8PrivateKey))
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]59 throw Error("Cannot export the private key, #1");
60
61 OBufferStream encryptedOs;
62 try
63 {
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]64 StringSource stringSource(pkcs8PrivateKey->buf(), pkcs8PrivateKey->size(), true,
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]65 new StreamTransformationFilter(e, new FileSink(encryptedOs)));
66 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]67 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]68 {
69 throw Error("Cannot export the private key, #2");
70 }
71
72 //encode
73 OID pbes2Id("1.2.840.113549.1.5.13");
74 OID pbkdf2Id("1.2.840.113549.1.5.12");
75 OID pbes2encsId("1.2.840.113549.3.7");
76
77 OBufferStream pkcs8Os;
78 try
79 {
80 FileSink sink(pkcs8Os);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]81
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]82 // EncryptedPrivateKeyInfo ::= SEQUENCE {
83 // encryptionAlgorithm EncryptionAlgorithmIdentifier,
84 // encryptedData OCTET STRING }
85 DERSequenceEncoder encryptedPrivateKeyInfo(sink);
86 {
87 // EncryptionAlgorithmIdentifier ::= SEQUENCE {
88 // algorithm OBJECT IDENTIFIER {{PBES2-id}},
89 // parameters SEQUENCE {{PBES2-params}} }
90 DERSequenceEncoder encryptionAlgorithm(encryptedPrivateKeyInfo);
91 {
92 pbes2Id.encode(encryptionAlgorithm);
93 // PBES2-params ::= SEQUENCE {
94 // keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
95 // encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }
96 DERSequenceEncoder pbes2Params(encryptionAlgorithm);
97 {
98 // AlgorithmIdentifier ::= SEQUENCE {
99 // algorithm OBJECT IDENTIFIER {{PBKDF2-id}},
100 // parameters SEQUENCE {{PBKDF2-params}} }
101 DERSequenceEncoder pbes2KDFs(pbes2Params);
102 {
103 pbkdf2Id.encode(pbes2KDFs);
104 // AlgorithmIdentifier ::= SEQUENCE {
105 // salt OCTET STRING,
106 // iterationCount INTEGER (1..MAX),
107 // keyLength INTEGER (1..MAX) OPTIONAL,
108 // prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 }
109 DERSequenceEncoder pbkdf2Params(pbes2KDFs);
110 {
111 DEREncodeOctetString(pbkdf2Params, salt, 8);
112 DEREncodeUnsigned<uint32_t>(pbkdf2Params, iterationCount, INTEGER);
113 }
114 pbkdf2Params.MessageEnd();
115 }
116 pbes2KDFs.MessageEnd();
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]117
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]118 // AlgorithmIdentifier ::= SEQUENCE {
119 // algorithm OBJECT IDENTIFIER {{DES-EDE3-CBC-PAD}},
120 // parameters OCTET STRING} {{iv}} }
121 DERSequenceEncoder pbes2Encs(pbes2Params);
122 {
123 pbes2encsId.encode(pbes2Encs);
124 DEREncodeOctetString(pbes2Encs, iv, 8);
125 }
126 pbes2Encs.MessageEnd();
127 }
128 pbes2Params.MessageEnd();
129 }
130 encryptionAlgorithm.MessageEnd();
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]131
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame]132 DEREncodeOctetString(encryptedPrivateKeyInfo,
133 encryptedOs.buf()->buf(), encryptedOs.buf()->size());
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]134 }
135 encryptedPrivateKeyInfo.MessageEnd();
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]136
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]137 return pkcs8Os.buf();
138 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]139 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]140 {
141 throw Error("Cannot export the private key, #3");
142 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]143}
144
145bool
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]146SecTpm::importPrivateKeyPkcs5IntoTpm(const Name& keyName,
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame]147 const uint8_t* buf, size_t size,
148 const string& passwordStr)
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]149{
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]150 using namespace CryptoPP;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]151
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]152 OID pbes2Id;
153 OID pbkdf2Id;
154 SecByteBlock saltBlock;
155 uint32_t iterationCount;
156 OID pbes2encsId;
157 SecByteBlock ivBlock;
158 SecByteBlock encryptedDataBlock;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]159
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]160 try
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]161 {
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame]162 // decode some decoding processes are not necessary for now,
163 // because we assume only one encryption scheme.
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]164 StringSource source(buf, size, true);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]165
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]166 // EncryptedPrivateKeyInfo ::= SEQUENCE {
167 // encryptionAlgorithm EncryptionAlgorithmIdentifier,
168 // encryptedData OCTET STRING }
169 BERSequenceDecoder encryptedPrivateKeyInfo(source);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]170 {
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]171 // EncryptionAlgorithmIdentifier ::= SEQUENCE {
172 // algorithm OBJECT IDENTIFIER {{PBES2-id}},
173 // parameters SEQUENCE {{PBES2-params}} }
174 BERSequenceDecoder encryptionAlgorithm(encryptedPrivateKeyInfo);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]175 {
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]176 pbes2Id.decode(encryptionAlgorithm);
177 // PBES2-params ::= SEQUENCE {
178 // keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
179 // encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }
180 BERSequenceDecoder pbes2Params(encryptionAlgorithm);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]181 {
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]182 // AlgorithmIdentifier ::= SEQUENCE {
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]183 // algorithm OBJECT IDENTIFIER {{PBKDF2-id}},
184 // parameters SEQUENCE {{PBKDF2-params}} }
185 BERSequenceDecoder pbes2KDFs(pbes2Params);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]186 {
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]187 pbkdf2Id.decode(pbes2KDFs);
188 // AlgorithmIdentifier ::= SEQUENCE {
189 // salt OCTET STRING,
190 // iterationCount INTEGER (1..MAX),
191 // keyLength INTEGER (1..MAX) OPTIONAL,
192 // prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 }
193 BERSequenceDecoder pbkdf2Params(pbes2KDFs);
194 {
195 BERDecodeOctetString(pbkdf2Params, saltBlock);
196 BERDecodeUnsigned<uint32_t>(pbkdf2Params, iterationCount, INTEGER);
197 }
198 pbkdf2Params.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]199 }
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]200 pbes2KDFs.MessageEnd();
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]201
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]202 // AlgorithmIdentifier ::= SEQUENCE {
203 // algorithm OBJECT IDENTIFIER {{DES-EDE3-CBC-PAD}},
204 // parameters OCTET STRING} {{iv}} }
205 BERSequenceDecoder pbes2Encs(pbes2Params);
206 {
207 pbes2encsId.decode(pbes2Encs);
208 BERDecodeOctetString(pbes2Encs, ivBlock);
209 }
210 pbes2Encs.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]211 }
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]212 pbes2Params.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]213 }
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]214 encryptionAlgorithm.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]215
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]216 BERDecodeOctetString(encryptedPrivateKeyInfo, encryptedDataBlock);
217 }
218 encryptedPrivateKeyInfo.MessageEnd();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]219 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]220 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]221 {
222 return false;
223 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]224
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]225
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]226 PKCS5_PBKDF2_HMAC<SHA1> keyGenerator;
227 size_t derivedLen = 24; //For DES-EDE3-CBC-PAD
228 byte derived[24] = {0};
229 byte purpose = 0;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]230
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]231 try
232 {
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]233 keyGenerator.DeriveKey(derived, derivedLen,
234 purpose,
235 reinterpret_cast<const byte*>(passwordStr.c_str()), passwordStr.size(),
236 saltBlock.BytePtr(), saltBlock.size(),
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]237 iterationCount);
238 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]239 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]240 {
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]241 return false;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]242 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]243
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]244 //decrypt
245 CBC_Mode< DES_EDE3 >::Decryption d;
246 d.SetKeyWithIV(derived, derivedLen, ivBlock.BytePtr());
247
248 OBufferStream privateKeyOs;
249 try
250 {
251 StringSource encryptedSource(encryptedDataBlock.BytePtr(), encryptedDataBlock.size(), true,
252 new StreamTransformationFilter(d, new FileSink(privateKeyOs)));
253 }
254 catch (CryptoPP::Exception& e)
255 {
256 return false;
257 }
258
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]259 if (!importPrivateKeyPkcs8IntoTpm(keyName,
Yingdi Yu4b8c6a22014-04-15 23:00:54 -0700[diff] [blame]260 privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()))
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]261 return false;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]262
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]263 //derive public key
264 OBufferStream publicKeyOs;
265
266 try
267 {
268 RSA::PrivateKey privateKey;
269 privateKey.Load(StringStore(privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()).Ref());
270 RSAFunction publicKey(privateKey);
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]271
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]272 FileSink publicKeySink(publicKeyOs);
273 publicKey.DEREncode(publicKeySink);
274 publicKeySink.MessageEnd();
275 }
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]276 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]277 {
278 return false;
279 }
280
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]281 if (!importPublicKeyPkcs1IntoTpm(keyName, publicKeyOs.buf()->buf(), publicKeyOs.buf()->size()))
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]282 return false;
Alexander Afanasyevfdbfc6d2014-04-14 15:12:11 -0700[diff] [blame]283
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]284 return true;
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]285}
286
287
Yingdi Yufc40d872014-02-18 12:56:04 -0800[diff] [blame]288} // namespace ndn