1 /*
2  * Copyright (C) 2015 Red Hat, Inc.
3  *
4  * This library is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU Lesser General Public
6  * License as published by the Free Software Foundation; either
7  * version 2.1 of the License, or (at your option) any later version.
8  *
9  * This library is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12  * Lesser General Public License for more details.
13  *
14  * You should have received a copy of the GNU Lesser General Public
15  * License along with this library.  If not, see
16  * <http://www.gnu.org/licenses/>.
17  *
18  * Author: Daniel P. Berrange <berrange@redhat.com>
19  */
20 
21 #include "qemu/osdep.h"
22 
23 #include "crypto-tls-x509-helpers.h"
24 #include "crypto/init.h"
25 #include "qemu/sockets.h"
26 
27 #ifdef QCRYPTO_HAVE_TLS_TEST_SUPPORT
28 
29 /*
30  * This stores some static data that is needed when
31  * encoding extensions in the x509 certs
32  */
33 ASN1_TYPE pkix_asn1;
34 
35 /*
36  * To avoid consuming random entropy to generate keys,
37  * here's one we prepared earlier :-)
38  */
39 gnutls_x509_privkey_t privkey;
40 # define PRIVATE_KEY                                              \
41     "-----BEGIN PRIVATE KEY-----\n"                               \
42     "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBALVcr\n"     \
43     "BL40Tm6yq88FBhJNw1aaoCjmtg0l4dWQZ/e9Fimx4ARxFpT+ji4FE\n"     \
44     "Cgl9s/SGqC+1nvlkm9ViSo0j7MKDbnDB+VRHDvMAzQhA2X7e8M0n9\n"     \
45     "rPolUY2lIVC83q0BBaOBkCj2RSmT2xTEbbC2xLukSrg2WP/ihVOxc\n"     \
46     "kXRuyFtzAgMBAAECgYB7slBexDwXrtItAMIH6m/U+LUpNe0Xx48OL\n"     \
47     "IOn4a4whNgO/o84uIwygUK27ZGFZT0kAGAk8CdF9hA6ArcbQ62s1H\n"     \
48     "myxrUbF9/mrLsQw1NEqpuUk9Ay2Tx5U/wPx35S3W/X2AvR/ZpTnCn\n"     \
49     "2q/7ym9fyiSoj86drD7BTvmKXlOnOwQJBAPOFMp4mMa9NGpGuEssO\n"     \
50     "m3Uwbp6lhcP0cA9MK+iOmeANpoKWfBdk5O34VbmeXnGYWEkrnX+9J\n"     \
51     "bM4wVhnnBWtgBMCQQC+qAEmvwcfhauERKYznMVUVksyeuhxhCe7EK\n"     \
52     "mPh+U2+g0WwdKvGDgO0PPt1gq0ILEjspMDeMHVdTwkaVBo/uMhAkA\n"     \
53     "Z5SsZyCP2aTOPFDypXRdI4eqRcjaEPOUBq27r3uYb/jeboVb2weLa\n"     \
54     "L1MmVuHiIHoa5clswPdWVI2y0em2IGoDAkBPSp/v9VKJEZabk9Frd\n"     \
55     "a+7u4fanrM9QrEjY3KhduslSilXZZSxrWjjAJPyPiqFb3M8XXA26W\n"     \
56     "nz1KYGnqYKhLcBAkB7dt57n9xfrhDpuyVEv+Uv1D3VVAhZlsaZ5Pp\n"     \
57     "dcrhrkJn2sa/+O8OKvdrPSeeu/N5WwYhJf61+CPoenMp7IFci\n"         \
58     "-----END PRIVATE KEY-----\n"
59 
60 /*
61  * This loads the private key we defined earlier
62  */
test_tls_load_key(void)63 static gnutls_x509_privkey_t test_tls_load_key(void)
64 {
65     gnutls_x509_privkey_t key;
66     const gnutls_datum_t data = { (unsigned char *)PRIVATE_KEY,
67                                   strlen(PRIVATE_KEY) };
68     int err;
69 
70     err = gnutls_x509_privkey_init(&key);
71     if (err < 0) {
72         g_critical("Failed to init key %s", gnutls_strerror(err));
73         abort();
74     }
75 
76     err = gnutls_x509_privkey_import(key, &data,
77                                      GNUTLS_X509_FMT_PEM);
78     if (err < 0) {
79         if (err != GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR &&
80             err != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
81             g_critical("Failed to import key %s", gnutls_strerror(err));
82             abort();
83         }
84 
85         err = gnutls_x509_privkey_import_pkcs8(
86             key, &data, GNUTLS_X509_FMT_PEM, NULL, 0);
87         if (err < 0) {
88             g_critical("Failed to import PKCS8 key %s", gnutls_strerror(err));
89             abort();
90         }
91     }
92 
93     return key;
94 }
95 
96 
test_tls_init(const char * keyfile)97 void test_tls_init(const char *keyfile)
98 {
99     qcrypto_init(&error_abort);
100 
101     if (asn1_array2tree(pkix_asn1_tab, &pkix_asn1, NULL) != ASN1_SUCCESS) {
102         abort();
103     }
104 
105     privkey = test_tls_load_key();
106     if (!g_file_set_contents(keyfile, PRIVATE_KEY, -1, NULL)) {
107         abort();
108     }
109 }
110 
111 
test_tls_cleanup(const char * keyfile)112 void test_tls_cleanup(const char *keyfile)
113 {
114     asn1_delete_structure(&pkix_asn1);
115     unlink(keyfile);
116 }
117 
118 /*
119  * Turns an ASN1 object into a DER encoded byte array
120  */
test_tls_der_encode(ASN1_TYPE src,const char * src_name,gnutls_datum_t * res)121 static void test_tls_der_encode(ASN1_TYPE src,
122                                 const char *src_name,
123                                 gnutls_datum_t *res)
124 {
125   int size;
126   char *data = NULL;
127 
128   size = 0;
129   asn1_der_coding(src, src_name, NULL, &size, NULL);
130 
131   data = g_new0(char, size);
132 
133   asn1_der_coding(src, src_name, data, &size, NULL);
134 
135   res->data = (unsigned char *)data;
136   res->size = size;
137 }
138 
139 
140 static void
test_tls_get_ipaddr(const char * addrstr,char ** data,int * datalen)141 test_tls_get_ipaddr(const char *addrstr,
142                     char **data,
143                     int *datalen)
144 {
145     struct addrinfo *res;
146     struct addrinfo hints;
147 
148     memset(&hints, 0, sizeof(hints));
149     hints.ai_flags = AI_NUMERICHOST;
150     g_assert(getaddrinfo(addrstr, NULL, &hints, &res) == 0);
151 
152     *datalen = res->ai_addrlen;
153     *data = g_new(char, *datalen);
154     memcpy(*data, res->ai_addr, *datalen);
155     freeaddrinfo(res);
156 }
157 
158 /*
159  * This is a fairly lame x509 certificate generator.
160  *
161  * Do not copy/use this code for generating real certificates
162  * since it leaves out many things that you would want in
163  * certificates for real world usage.
164  *
165  * This is good enough only for doing tests of the QEMU
166  * TLS certificate code
167  */
168 void
test_tls_generate_cert(QCryptoTLSTestCertReq * req,gnutls_x509_crt_t ca)169 test_tls_generate_cert(QCryptoTLSTestCertReq *req,
170                        gnutls_x509_crt_t ca)
171 {
172     gnutls_x509_crt_t crt;
173     int err;
174     static char buffer[1024 * 1024];
175     size_t size = sizeof(buffer);
176     char serial[5] = { 1, 2, 3, 4, 0 };
177     gnutls_datum_t der;
178     time_t start = time(NULL) + (60 * 60 * req->start_offset);
179     time_t expire = time(NULL) + (60 * 60 * (req->expire_offset
180                                              ? req->expire_offset : 24));
181 
182     /*
183      * Prepare our new certificate object
184      */
185     err = gnutls_x509_crt_init(&crt);
186     if (err < 0) {
187         g_critical("Failed to initialize certificate %s", gnutls_strerror(err));
188         abort();
189     }
190     err = gnutls_x509_crt_set_key(crt, privkey);
191     if (err < 0) {
192         g_critical("Failed to set certificate key %s", gnutls_strerror(err));
193         abort();
194     }
195 
196     /*
197      * A v3 certificate is required in order to be able
198      * set any of the basic constraints, key purpose and
199      * key usage data
200      */
201     gnutls_x509_crt_set_version(crt, 3);
202 
203     if (req->country) {
204         err = gnutls_x509_crt_set_dn_by_oid(
205             crt, GNUTLS_OID_X520_COUNTRY_NAME, 0,
206             req->country, strlen(req->country));
207         if (err < 0) {
208             g_critical("Failed to set certificate country name %s",
209                        gnutls_strerror(err));
210             abort();
211         }
212     }
213     if (req->cn) {
214         err = gnutls_x509_crt_set_dn_by_oid(
215             crt, GNUTLS_OID_X520_COMMON_NAME, 0,
216             req->cn, strlen(req->cn));
217         if (err < 0) {
218             g_critical("Failed to set certificate common name %s",
219                        gnutls_strerror(err));
220             abort();
221         }
222     }
223 
224     /*
225      * Setup the subject altnames, which are used
226      * for hostname checks in live sessions
227      */
228     if (req->altname1) {
229         err = gnutls_x509_crt_set_subject_alt_name(
230             crt, GNUTLS_SAN_DNSNAME,
231             req->altname1,
232             strlen(req->altname1),
233             GNUTLS_FSAN_APPEND);
234         if (err < 0) {
235             g_critical("Failed to set certificate alt name %s",
236                        gnutls_strerror(err));
237             abort();
238         }
239     }
240     if (req->altname2) {
241         err = gnutls_x509_crt_set_subject_alt_name(
242             crt, GNUTLS_SAN_DNSNAME,
243             req->altname2,
244             strlen(req->altname2),
245             GNUTLS_FSAN_APPEND);
246         if (err < 0) {
247             g_critical("Failed to set certificate %s alt name",
248                        gnutls_strerror(err));
249             abort();
250         }
251     }
252 
253     /*
254      * IP address need to be put into the cert in their
255      * raw byte form, not strings, hence this is a little
256      * more complicated
257      */
258     if (req->ipaddr1) {
259         char *data;
260         int len;
261 
262         test_tls_get_ipaddr(req->ipaddr1, &data, &len);
263 
264         err = gnutls_x509_crt_set_subject_alt_name(
265             crt, GNUTLS_SAN_IPADDRESS,
266             data, len, GNUTLS_FSAN_APPEND);
267         if (err < 0) {
268             g_critical("Failed to set certificate alt name %s",
269                        gnutls_strerror(err));
270             abort();
271         }
272         g_free(data);
273     }
274     if (req->ipaddr2) {
275         char *data;
276         int len;
277 
278         test_tls_get_ipaddr(req->ipaddr2, &data, &len);
279 
280         err = gnutls_x509_crt_set_subject_alt_name(
281             crt, GNUTLS_SAN_IPADDRESS,
282             data, len, GNUTLS_FSAN_APPEND);
283         if (err < 0) {
284             g_critical("Failed to set certificate alt name %s",
285                        gnutls_strerror(err));
286             abort();
287         }
288         g_free(data);
289     }
290 
291 
292     /*
293      * Basic constraints are used to decide if the cert
294      * is for a CA or not. We can't use the convenient
295      * gnutls API for setting this, since it hardcodes
296      * the 'critical' field which we want control over
297      */
298     if (req->basicConstraintsEnable) {
299         ASN1_TYPE ext = ASN1_TYPE_EMPTY;
300 
301         asn1_create_element(pkix_asn1, "PKIX1.BasicConstraints", &ext);
302         asn1_write_value(ext, "cA",
303                          req->basicConstraintsIsCA ? "TRUE" : "FALSE", 1);
304         asn1_write_value(ext, "pathLenConstraint", NULL, 0);
305         test_tls_der_encode(ext, "", &der);
306         err = gnutls_x509_crt_set_extension_by_oid(
307             crt, "2.5.29.19",
308             der.data, der.size,
309             req->basicConstraintsCritical);
310         if (err < 0) {
311             g_critical("Failed to set certificate basic constraints %s",
312                        gnutls_strerror(err));
313             g_free(der.data);
314             abort();
315         }
316         asn1_delete_structure(&ext);
317         g_free(der.data);
318     }
319 
320     /*
321      * Next up the key usage extension. Again we can't
322      * use the gnutls API since it hardcodes the extension
323      * to be 'critical'
324      */
325     if (req->keyUsageEnable) {
326         ASN1_TYPE ext = ASN1_TYPE_EMPTY;
327         char str[2];
328 
329         str[0] = req->keyUsageValue & 0xff;
330         str[1] = (req->keyUsageValue >> 8) & 0xff;
331 
332         asn1_create_element(pkix_asn1, "PKIX1.KeyUsage", &ext);
333         asn1_write_value(ext, "", str, 9);
334         test_tls_der_encode(ext, "", &der);
335         err = gnutls_x509_crt_set_extension_by_oid(
336             crt, "2.5.29.15",
337             der.data, der.size,
338             req->keyUsageCritical);
339         if (err < 0) {
340             g_critical("Failed to set certificate key usage %s",
341                        gnutls_strerror(err));
342             g_free(der.data);
343             abort();
344         }
345         asn1_delete_structure(&ext);
346         g_free(der.data);
347     }
348 
349     /*
350      * Finally the key purpose extension. This time
351      * gnutls has the opposite problem, always hardcoding
352      * it to be non-critical. So once again we have to
353      * set this the hard way building up ASN1 data ourselves
354      */
355     if (req->keyPurposeEnable) {
356         ASN1_TYPE ext = ASN1_TYPE_EMPTY;
357 
358         asn1_create_element(pkix_asn1, "PKIX1.ExtKeyUsageSyntax", &ext);
359         if (req->keyPurposeOID1) {
360             asn1_write_value(ext, "", "NEW", 1);
361             asn1_write_value(ext, "?LAST", req->keyPurposeOID1, 1);
362         }
363         if (req->keyPurposeOID2) {
364             asn1_write_value(ext, "", "NEW", 1);
365             asn1_write_value(ext, "?LAST", req->keyPurposeOID2, 1);
366         }
367         test_tls_der_encode(ext, "", &der);
368         err = gnutls_x509_crt_set_extension_by_oid(
369             crt, "2.5.29.37",
370             der.data, der.size,
371             req->keyPurposeCritical);
372         if (err < 0) {
373             g_critical("Failed to set certificate key purpose %s",
374                        gnutls_strerror(err));
375             g_free(der.data);
376             abort();
377         }
378         asn1_delete_structure(&ext);
379         g_free(der.data);
380     }
381 
382     /*
383      * Any old serial number will do, so lets pick 5
384      */
385     err = gnutls_x509_crt_set_serial(crt, serial, 5);
386     if (err < 0) {
387         g_critical("Failed to set certificate serial %s",
388                    gnutls_strerror(err));
389         abort();
390     }
391 
392     err = gnutls_x509_crt_set_activation_time(crt, start);
393     if (err < 0) {
394         g_critical("Failed to set certificate activation %s",
395                    gnutls_strerror(err));
396         abort();
397     }
398     err = gnutls_x509_crt_set_expiration_time(crt, expire);
399     if (err < 0) {
400         g_critical("Failed to set certificate expiration %s",
401                    gnutls_strerror(err));
402         abort();
403     }
404 
405 
406     /*
407      * If no 'ca' is set then we are self signing
408      * the cert. This is done for the root CA certs
409      */
410     err = gnutls_x509_crt_sign2(crt, ca ? ca : crt, privkey,
411                                 GNUTLS_DIG_SHA256, 0);
412     if (err < 0) {
413         g_critical("Failed to sign certificate %s",
414                    gnutls_strerror(err));
415         abort();
416     }
417 
418     /*
419      * Finally write the new cert out to disk
420      */
421     err = gnutls_x509_crt_export(
422         crt, GNUTLS_X509_FMT_PEM, buffer, &size);
423     if (err < 0) {
424         g_critical("Failed to export certificate %s: %d",
425                    gnutls_strerror(err), err);
426         abort();
427     }
428 
429     if (!g_file_set_contents(req->filename, buffer, -1, NULL)) {
430         g_critical("Failed to write certificate %s",
431                    req->filename);
432         abort();
433     }
434 
435     req->crt = crt;
436 }
437 
438 
test_tls_write_cert_chain(const char * filename,gnutls_x509_crt_t * certs,size_t ncerts)439 void test_tls_write_cert_chain(const char *filename,
440                                gnutls_x509_crt_t *certs,
441                                size_t ncerts)
442 {
443     size_t i;
444     size_t capacity = 1024, offset = 0;
445     char *buffer = g_new0(char, capacity);
446     int err;
447 
448     for (i = 0; i < ncerts; i++) {
449         size_t len = capacity - offset;
450     retry:
451         err = gnutls_x509_crt_export(certs[i], GNUTLS_X509_FMT_PEM,
452                                      buffer + offset, &len);
453         if (err < 0) {
454             if (err == GNUTLS_E_SHORT_MEMORY_BUFFER) {
455                 buffer = g_renew(char, buffer, offset + len);
456                 capacity = offset + len;
457                 goto retry;
458             }
459             g_critical("Failed to export certificate chain %s: %d",
460                        gnutls_strerror(err), err);
461             abort();
462         }
463         offset += len;
464     }
465 
466     if (!g_file_set_contents(filename, buffer, offset, NULL)) {
467         abort();
468     }
469     g_free(buffer);
470 }
471 
472 
test_tls_discard_cert(QCryptoTLSTestCertReq * req)473 void test_tls_discard_cert(QCryptoTLSTestCertReq *req)
474 {
475     if (!req->crt) {
476         return;
477     }
478 
479     gnutls_x509_crt_deinit(req->crt);
480     req->crt = NULL;
481 
482     if (getenv("QEMU_TEST_DEBUG_CERTS") == NULL) {
483         unlink(req->filename);
484     }
485 }
486 
487 #endif /* QCRYPTO_HAVE_TLS_TEST_SUPPORT */
488