diff --git a/Meta/Lagom/CMakeLists.txt b/Meta/Lagom/CMakeLists.txt index 99789ee99e3..b621d35a7c3 100644 --- a/Meta/Lagom/CMakeLists.txt +++ b/Meta/Lagom/CMakeLists.txt @@ -683,7 +683,7 @@ if (BUILD_LAGOM) # LibTLS needs a special working directory to find cacert.pem lagom_test(../../Tests/LibTLS/TestTLSHandshake.cpp LibTLS LIBS LibTLS LibCrypto) - lagom_test(../../Tests/LibTLS/TestTLSCertificateParser.cpp LibTLS LIBS LibTLS) + lagom_test(../../Tests/LibTLS/TestTLSCertificateParser.cpp LibTLS LIBS LibTLS LibCrypto) # The FLAC tests need a special working directory to find the test files lagom_test(../../Tests/LibAudio/TestFLACSpec.cpp LIBS LibAudio WORKING_DIRECTORY "${FLAC_TEST_PATH}/..") diff --git a/Tests/LibTLS/TestTLSCertificateParser.cpp b/Tests/LibTLS/TestTLSCertificateParser.cpp index 407e0067fe7..76ef590b78a 100644 --- a/Tests/LibTLS/TestTLSCertificateParser.cpp +++ b/Tests/LibTLS/TestTLSCertificateParser.cpp @@ -4,6 +4,7 @@ * SPDX-License-Identifier: BSD-2-Clause */ +#include #include #include @@ -13,3 +14,83 @@ TEST_CASE(certificate_with_malformed_tbscertificate_should_fail_gracefully) auto parse_result = TLS::Certificate::parse_certificate(invalid_certificate_data); EXPECT(parse_result.is_error()); } + +TEST_CASE(test_private_key_info_decode) +{ + constexpr auto keyder = "MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA5HMXMnY+RhEcYXsa" + "OyB/YkcrO1nxIeyDCMqwg5MDrSXO8vPXSEb9AZUNMF1jKiFWPoHxZ+foRxrLv4d9" + "sV/ETwIDAQABAkBpC37UJkjWQRHyxP83xuasExuO6/mT5sQN692kcppTJ9wHNWoD" + "9ZcREk4GGiklu4qx48/fYt8Cv6z6JuQ0ZQExAiEA9XRZVUnCJ2xOcCFCbyIF+d3F" + "9Kht5rR77F9KsRlgUbkCIQDuQ7YzLpQ8V8BJwKbDeXw1vQvcPEnyKnTOoALpF6bq" + "RwIhAIDSm8Ajgf7m3RQEoLVrCe/l8WtCqsuWliOsr6rbQq4hAiEAx8R16wvOtZlN" + "W4jvSU1+WwAaBZl21lfKf8OhLRXrmNkCIG9IRdcSiNR/Ut8QfD3N9Bb1HsUm+Bvz" + "c8yGzl89pYST"sv; + + static_assert(keyder.length() == 460u, "keyder length is not 340"); + + auto decoded_keyder = TRY_OR_FAIL(decode_base64(keyder)); + + Crypto::ASN1::Decoder decoder(decoded_keyder); + auto private_key_info = TRY_OR_FAIL(TLS::parse_private_key_info(decoder)); + + EXPECT_EQ(private_key_info.algorithm.identifier, TLS::rsa_encryption_oid); + auto& key = private_key_info.rsa; + + EXPECT_EQ(key.length() * 8, 512u); + EXPECT_EQ(key.public_exponent(), 65537); + + // $ openssl rsa -in testcase.pem -text + + u8 const modulus[] = { + 0x00, 0xe4, 0x73, 0x17, 0x32, 0x76, 0x3e, 0x46, 0x11, 0x1c, 0x61, 0x7b, 0x1a, 0x3b, 0x20, + 0x7f, 0x62, 0x47, 0x2b, 0x3b, 0x59, 0xf1, 0x21, 0xec, 0x83, 0x08, 0xca, 0xb0, 0x83, 0x93, + 0x03, 0xad, 0x25, 0xce, 0xf2, 0xf3, 0xd7, 0x48, 0x46, 0xfd, 0x01, 0x95, 0x0d, 0x30, 0x5d, + 0x63, 0x2a, 0x21, 0x56, 0x3e, 0x81, 0xf1, 0x67, 0xe7, 0xe8, 0x47, 0x1a, 0xcb, 0xbf, 0x87, + 0x7d, 0xb1, 0x5f, 0xc4, 0x4f + }; + EXPECT_EQ(key.modulus(), Crypto::UnsignedBigInteger(modulus, sizeof(modulus))); + + u8 const private_exponent[] = { + 0x69, 0x0b, 0x7e, 0xd4, 0x26, 0x48, 0xd6, 0x41, 0x11, 0xf2, 0xc4, 0xff, 0x37, 0xc6, 0xe6, + 0xac, 0x13, 0x1b, 0x8e, 0xeb, 0xf9, 0x93, 0xe6, 0xc4, 0x0d, 0xeb, 0xdd, 0xa4, 0x72, 0x9a, + 0x53, 0x27, 0xdc, 0x07, 0x35, 0x6a, 0x03, 0xf5, 0x97, 0x11, 0x12, 0x4e, 0x06, 0x1a, 0x29, + 0x25, 0xbb, 0x8a, 0xb1, 0xe3, 0xcf, 0xdf, 0x62, 0xdf, 0x02, 0xbf, 0xac, 0xfa, 0x26, 0xe4, + 0x34, 0x65, 0x01, 0x31 + }; + EXPECT_EQ(key.private_exponent(), Crypto::UnsignedBigInteger(private_exponent, sizeof(private_exponent))); + + u8 const prime1[] = { + 0x00, 0xf5, 0x74, 0x59, 0x55, 0x49, 0xc2, 0x27, 0x6c, 0x4e, 0x70, 0x21, 0x42, 0x6f, 0x22, + 0x05, 0xf9, 0xdd, 0xc5, 0xf4, 0xa8, 0x6d, 0xe6, 0xb4, 0x7b, 0xec, 0x5f, 0x4a, 0xb1, 0x19, + 0x60, 0x51, 0xb9 + }; + EXPECT_EQ(key.prime1(), Crypto::UnsignedBigInteger(prime1, sizeof(prime1))); + + u8 const prime2[] = { + 0x00, 0xee, 0x43, 0xb6, 0x33, 0x2e, 0x94, 0x3c, 0x57, 0xc0, 0x49, 0xc0, 0xa6, 0xc3, 0x79, + 0x7c, 0x35, 0xbd, 0x0b, 0xdc, 0x3c, 0x49, 0xf2, 0x2a, 0x74, 0xce, 0xa0, 0x02, 0xe9, 0x17, + 0xa6, 0xea, 0x47 + }; + EXPECT_EQ(key.prime2(), Crypto::UnsignedBigInteger(prime2, sizeof(prime2))); + + u8 const exponent1[] = { + 0x00, 0x80, 0xd2, 0x9b, 0xc0, 0x23, 0x81, 0xfe, 0xe6, 0xdd, 0x14, 0x04, 0xa0, 0xb5, 0x6b, + 0x09, 0xef, 0xe5, 0xf1, 0x6b, 0x42, 0xaa, 0xcb, 0x96, 0x96, 0x23, 0xac, 0xaf, 0xaa, 0xdb, + 0x42, 0xae, 0x21 + }; + EXPECT_EQ(key.exponent1(), Crypto::UnsignedBigInteger(exponent1, sizeof(exponent1))); + + u8 const exponent2[] = { + 0x00, 0xc7, 0xc4, 0x75, 0xeb, 0x0b, 0xce, 0xb5, 0x99, 0x4d, 0x5b, 0x88, 0xef, 0x49, 0x4d, + 0x7e, 0x5b, 0x00, 0x1a, 0x05, 0x99, 0x76, 0xd6, 0x57, 0xca, 0x7f, 0xc3, 0xa1, 0x2d, 0x15, + 0xeb, 0x98, 0xd9 + }; + EXPECT_EQ(key.exponent2(), Crypto::UnsignedBigInteger(exponent2, sizeof(exponent2))); + + u8 const coefficient[] = { + 0x6f, 0x48, 0x45, 0xd7, 0x12, 0x88, 0xd4, 0x7f, 0x52, 0xdf, 0x10, 0x7c, 0x3d, 0xcd, 0xf4, + 0x16, 0xf5, 0x1e, 0xc5, 0x26, 0xf8, 0x1b, 0xf3, 0x73, 0xcc, 0x86, 0xce, 0x5f, 0x3d, 0xa5, + 0x84, 0x93 + }; + EXPECT_EQ(key.coefficient(), Crypto::UnsignedBigInteger(coefficient, sizeof(coefficient))); +} diff --git a/Userland/Libraries/LibTLS/Certificate.cpp b/Userland/Libraries/LibTLS/Certificate.cpp index 444fbae19ba..63bee5c2a80 100644 --- a/Userland/Libraries/LibTLS/Certificate.cpp +++ b/Userland/Libraries/LibTLS/Certificate.cpp @@ -389,6 +389,53 @@ ErrorOr parse_subject_public_key_info(Crypto::ASN1::Decoder& d ERROR_WITH_SCOPE(TRY(String::formatted("Unhandled algorithm {}", algo_oid))); } +// https://www.rfc-editor.org/rfc/rfc5208#section-5 +ErrorOr parse_private_key_info(Crypto::ASN1::Decoder& decoder, Vector current_scope) +{ + // PrivateKeyInfo ::= SEQUENCE { + // version Version, + // privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, + // privateKey PrivateKey, + // attributes [0] IMPLICIT Attributes OPTIONAL + // } + + PrivateKey private_key; + ENTER_TYPED_SCOPE(Sequence, "PrivateKeyInfo"sv); + + READ_OBJECT(Integer, Crypto::UnsignedBigInteger, version); + if (version != 0) { + ERROR_WITH_SCOPE(TRY(String::formatted("Invalid version value at {}", current_scope))); + } + private_key.algorithm = TRY(parse_algorithm_identifier(decoder, current_scope)); + + PUSH_SCOPE("privateKey"sv); + READ_OBJECT(OctetString, StringView, value); + POP_SCOPE(); + + private_key.raw_key = TRY(ByteBuffer::copy(value.bytes())); + + if (private_key.algorithm.identifier.span() == rsa_encryption_oid.span()) { + auto key = Crypto::PK::RSA::parse_rsa_key(value.bytes()); + if (key.private_key.length() == 0) { + ERROR_WITH_SCOPE(TRY(String::formatted("Invalid RSA key at {}", current_scope))); + } + + private_key.rsa = move(key.private_key); + + EXIT_SCOPE(); + return private_key; + } + + if (private_key.algorithm.identifier.span() == ec_public_key_encryption_oid.span()) { + // Note: Raw key is already stored, so we can just exit out at this point. + EXIT_SCOPE(); + return private_key; + } + + String algo_oid = TRY(String::join("."sv, private_key.algorithm.identifier)); + ERROR_WITH_SCOPE(TRY(String::formatted("Unhandled algorithm {}", algo_oid))); +} + static ErrorOr parse_unique_identifier(Crypto::ASN1::Decoder& decoder, Vector current_scope) { // UniqueIdentifier ::= BIT STRING diff --git a/Userland/Libraries/LibTLS/Certificate.h b/Userland/Libraries/LibTLS/Certificate.h index 24eb951e1fc..69559b4482f 100644 --- a/Userland/Libraries/LibTLS/Certificate.h +++ b/Userland/Libraries/LibTLS/Certificate.h @@ -247,6 +247,18 @@ public: }; ErrorOr parse_subject_public_key_info(Crypto::ASN1::Decoder& decoder, Vector current_scope = {}); +// https://www.rfc-editor.org/rfc/rfc5208#section-5 +class PrivateKey { +public: + Crypto::PK::RSAPrivateKey rsa; + + AlgorithmIdentifier algorithm; + ByteBuffer raw_key; + + // FIXME: attributes [0] IMPLICIT Attributes OPTIONAL +}; +ErrorOr parse_private_key_info(Crypto::ASN1::Decoder& decoder, Vector current_scope = {}); + class Certificate { public: u16 version { 0 };