ref: 88060e7501de5c117b86e1d29bc24ec8e83141a8
parent: 7010ad85c5a5648ea86d4f17a6b1547c10823938
author: cinap_lenrek <[email protected]>
date: Sun Jul 4 18:00:24 EDT 2021
libsec: add X509reqtoRSApub() function and return subject alt names in X509to*pub() name buffer We need a way to parse a rsa certificate request and return the public key and subject names. The new function X509reqtoRSApub() works the same way as X509toRSApub() but on a certificate request. We also need to support certificates that are valid for multiple domain names (as tlshand does not support certificate selection). For this reason, a comma separated list is returned as the certificate subject, making it symmetric to X509rsareq() handling. A little helper is provided with this change (auth/x5092pub) that takes a certificate (or a certificate request when -r flag is provided) and outputs the RSA public key in plan 9 format appended with the subject attribute.
--- a/sys/include/ape/libsec.h
+++ b/sys/include/ape/libsec.h
@@ -365,6 +365,7 @@
void rsaprivfree(RSApriv*);
RSApub* rsaprivtopub(RSApriv*);
RSApub* X509toRSApub(uchar*, int, char*, int);
+RSApub* X509reqtoRSApub(uchar*, int, char*, int);
RSApriv* asn1toRSApriv(uchar*, int);
RSApub* asn1toRSApub(uchar*, int);
void asn1dump(uchar *der, int len);
--- a/sys/include/libsec.h
+++ b/sys/include/libsec.h
@@ -357,6 +357,7 @@
void rsaprivfree(RSApriv*);
RSApub* rsaprivtopub(RSApriv*);
RSApub* X509toRSApub(uchar*, int, char*, int);
+RSApub* X509reqtoRSApub(uchar*, int, char*, int);
RSApub* asn1toRSApub(uchar*, int);
RSApriv* asn1toRSApriv(uchar*, int);
void asn1dump(uchar *der, int len);
--- a/sys/man/2/rsa
+++ b/sys/man/2/rsa
@@ -15,6 +15,7 @@
rsapuballoc,
rsapubfree,
X509toRSApub,
+X509reqtoRSApub,
X509rsagen,
X509rsareq,
X509rsaverify,
@@ -61,6 +62,9 @@
RSApub* X509toRSApub(uchar *cert, int ncert, char *name, int nname)
.PP
.B
+RSApub* X509reqtoRSApub(uchar *req, int nreq, char *name*, int nname)
+.PP
+.B
RSApriv* asn1toRSApriv(uchar *priv, int npriv)
.PP
.B
@@ -79,7 +83,7 @@
uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
.PP
.B
-uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen);
+uchar* X509rsareq(RSApriv *priv, char *subj, int *reqlen)
.PP
.B
char* X509rsaverify(uchar *cert, int ncert, RSApub *pk)
@@ -159,9 +163,10 @@
.I name
is not
.BR nil ,
-the CN part of the Distinguished Name of the
-certificate's Subject.
-(This is conventionally a userid or a host DNS name.)
+a concatenation of the CN part of the Distinguished Name of the
+certificate's Subject and further Subject Alternative Names
+separated by comma.
+(These are conventionally a userid or a host DNS name.)
No verification is done of the certificate signature; the
caller should check the fingerprint,
.IR sha1(cert) ,
@@ -180,6 +185,12 @@
.B nil
if successful, else an error string.
.PP
+The routine
+.I X509reqtoRSApub
+is similar to
+.I X509toRSApub
+above, but decodes a X509 certificate request.
+.PP
.I X509rsaverifydigest
takes a encoded PKCS #1 signature as used in X.509 as
.IR sig [ siglen ]
@@ -197,8 +208,8 @@
.IR subj ,
and the starting and ending validity dates,
.IR valid .
-Length of the allocated binary certificate is stored in
-.IR certlen .
+Length of the allocated binary certificate request is stored in
+.IR reqlen .
The subject line is conventionally of the form
.IP
.EX
--- a/sys/src/cmd/auth/mkfile
+++ b/sys/src/cmd/auth/mkfile
@@ -35,6 +35,7 @@
userpasswd\
warning\
wrkey\
+ x5092pub\
DIRS=\
factotum\
--- /dev/null
+++ b/sys/src/cmd/auth/x5092pub.c
@@ -1,0 +1,63 @@
+#include <u.h>
+#include <libc.h>
+#include <bio.h>
+#include <auth.h>
+#include <mp.h>
+#include <libsec.h>
+
+int fd;
+int req = 0;
+char subject[1024];
+
+void
+usage(void)
+{
+ fprint(2, "usage: aux/x5092pub [-r] [file]\n");
+ exits("usage");
+}
+
+void
+main(int argc, char **argv)
+{
+ int tot, n;
+ uchar *buf;
+ RSApub *pub;
+
+ quotefmtinstall();
+ fmtinstall('B', mpfmt);
+ fmtinstall('H', encodefmt);
+
+ ARGBEGIN{
+ case 'r':
+ req = 1;
+ break;
+ default:
+ usage();
+ }ARGEND
+
+ fd = 0;
+ if(argc == 1)
+ fd = open(argv[0], OREAD);
+ else if(argc != 0)
+ usage();
+ buf = nil;
+ tot = 0;
+ for(;;){
+ buf = realloc(buf, tot+8192);
+ if(buf == nil)
+ sysfatal("realloc: %r");
+ if((n = read(fd, buf+tot, 8192)) < 0)
+ sysfatal("read: %r");
+ if(n == 0)
+ break;
+ tot += n;
+ }
+ if(req)
+ pub = X509reqtoRSApub(buf, tot, subject, sizeof(subject));
+ else
+ pub = X509toRSApub(buf, tot, subject, sizeof(subject));
+ if(pub == nil)
+ sysfatal("X509toRSApub: %r");
+ print("key proto=rsa size=%d ek=%B n=%B subject=%q \n", mpsignif(pub->n), pub->ek, pub->n, subject);
+ exits(nil);
+}
--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -1589,6 +1589,7 @@
int signature_alg;
Bits* signature;
int curve;
+ Bytes* ext;
} CertX509;
/* Algorithm object-ids */
@@ -1724,6 +1725,8 @@
nil,
};
+static void appendaltnames(char *name, int nname, Bytes *ext, int req);
+
static void
freecert(CertX509* c)
{
@@ -1735,6 +1738,7 @@
free(c->subject);
freebits(c->publickey);
freebits(c->signature);
+ freebytes(c->ext);
free(c);
}
@@ -1863,6 +1867,7 @@
c->publickey = nil;
c->signature_alg = -1;
c->signature = nil;
+ c->ext = nil;
/* Certificate */
if(!is_seq(&ecert, &elcert) || elistlen(elcert) !=3)
@@ -1900,6 +1905,10 @@
esubj = &el->hd;
el = el->tl;
epubkey = &el->hd;
+ if(el->tl != nil && el->tl->hd.tag.class == Context && el->tl->hd.tag.num == 3){
+ c->ext = el->tl->hd.val.u.octetsval;
+ el->tl->hd.val.u.octetsval = nil; /* transfer ownership */
+ }
if(!is_int(eserial, &c->serial)) {
if(!is_bigint(eserial, &b))
goto errret;
@@ -2260,6 +2269,7 @@
if(c == nil)
return nil;
copysubject(name, nname, c->subject);
+ appendaltnames(name, nname, c->ext, 0);
pub = nil;
if(c->publickey_alg == ALG_ecPublicKey){
ecdominit(dom, namedcurves[c->curve]);
@@ -2302,6 +2312,7 @@
if(c == nil)
return nil;
copysubject(name, nname, c->subject);
+ appendaltnames(name, nname, c->ext, 0);
pub = nil;
if(c->publickey_alg == ALG_rsaEncryption)
pub = asn1toRSApub(c->publickey->data, c->publickey->len);
@@ -2644,7 +2655,7 @@
static Ints15 oid_extensionRequest = { 7, 1, 2, 840, 113549, 1, 9, 14};
static Elist*
-mkextensions(char *alts, int req)
+mkextensions(char *alts, int isreq)
{
Elist *sl, *xl;
@@ -2653,12 +2664,12 @@
xl = mkextel(mkseq(sl), (Ints*)&oid_subjectAltName, xl);
if(xl != nil){
xl = mkel(mkseq(xl), nil);
- if(req)
+ if(isreq)
xl = mkel(mkseq(
mkel(mkoid((Ints*)&oid_extensionRequest),
mkel(mkset(xl), nil))), nil);
}
- if(req)
+ if(isreq)
xl = mkel(mkcont(0, xl), nil);
else if(xl != nil)
xl = mkel(mkcont(3, xl), nil);
@@ -2681,6 +2692,85 @@
return nil;
}
+static void
+appendaltnames(char *name, int nname, Bytes *ext, int isreq)
+{
+ Elem eext, ealt, edn;
+ Elist *el, *l;
+ Ints *oid;
+ char *alt;
+ int len;
+
+ if(name == nil || ext == nil)
+ return;
+ if(decode(ext->data, ext->len, &eext) != ASN_OK)
+ return;
+ if(isreq){
+ if(!is_seq(&eext, &el) || elistlen(el) != 2)
+ goto errext;
+ if(!is_oid(&el->hd, &oid) || !ints_eq(oid, (Ints*)&oid_extensionRequest))
+ goto errext;
+ el = el->tl;
+ if(!is_set(&el->hd, &el))
+ goto errext;
+ if(!is_seq(&el->hd, &el))
+ goto errext;
+ } else {
+ if(!is_seq(&eext, &el))
+ goto errext;
+ }
+ for(; el != nil; el = el->tl){
+ if(!is_seq(&el->hd, &l) || elistlen(l) != 2)
+ goto errext;
+ if(!is_oid(&l->hd, &oid) || !ints_eq(oid, (Ints*)&oid_subjectAltName))
+ continue;
+ el = l->tl;
+ break;
+ }
+ if(el == nil)
+ goto errext;
+ if(!is_octetstring(&el->hd, &ext))
+ goto errext;
+ if(decode(ext->data, ext->len, &ealt) != ASN_OK)
+ goto errext;
+ if(!is_seq(&ealt, &el))
+ goto erralt;
+ for(; el != nil; el = el->tl){
+ ext = el->hd.val.u.octetsval;
+ switch(el->hd.tag.num){
+ default:
+ continue;
+ case 1: /* email */
+ case 2: /* DNS */
+ if(ext == nil)
+ goto erralt;
+ alt = smprint("%.*s", ext->len, (char*)ext->data);
+ break;
+ case 4: /* DN */
+ if(ext == nil || decode(ext->data, ext->len, &edn) != ASN_OK)
+ goto erralt;
+ alt = parse_name(&edn);
+ freevalfields(&edn.val);
+ break;
+ }
+ if(alt == nil)
+ goto erralt;
+ len = strlen(alt);
+ if(strncmp(name, alt, len) == 0 && strchr(",", name[len]) == nil){
+ free(alt); /* same as the subject */
+ continue;
+ }
+ if(name[0] != '\0')
+ strncat(name, ", ", nname-1);
+ strncat(name, alt, nname-1);
+ free(alt);
+ }
+erralt:
+ freevalfields(&ealt.val);
+errext:
+ freevalfields(&eext.val);
+}
+
static Bytes*
encode_rsapubkey(RSApub *pk)
{
@@ -2883,6 +2973,46 @@
freevalfields(&e.val);
free(subj);
return cert;
+}
+
+RSApub*
+X509reqtoRSApub(uchar *req, int nreq, char *name, int nname)
+{
+ Elem ereq;
+ Elist *el;
+ char *subject;
+ Bits *bits;
+ RSApub *pub;
+
+ pub = nil;
+ if(decode(req, nreq, &ereq) != ASN_OK)
+ goto errret;
+ if(!is_seq(&ereq, &el) || elistlen(el) != 3)
+ goto errret;
+ if(!is_seq(&el->hd, &el) || elistlen(el) < 3)
+ goto errret;
+ el = el->tl;
+ subject = parse_name(&el->hd);
+ if(subject == nil)
+ goto errret;
+ copysubject(name, nname, subject);
+ free(subject);
+ el = el->tl;
+ if(el->tl != nil && el->tl->hd.tag.class == Context && el->tl->hd.tag.num == 0)
+ appendaltnames(name, nname, el->tl->hd.val.u.octetsval, 1);
+ if(!is_seq(&el->hd, &el) || elistlen(el) != 2)
+ goto errret;
+ if(parse_alg(&el->hd) != ALG_rsaEncryption)
+ goto errret;
+ el = el->tl;
+ if(!is_bitstring(&el->hd, &bits))
+ goto errret;
+ pub = asn1toRSApub(bits->data, bits->len);
+ if(pub == nil)
+ goto errret;
+errret:
+ freevalfields(&ereq.val);
+ return pub;
}
static void