3 Converting pkcs#1 and related keys to sexp format.
5 Copyright (C) 2005, 2009 Niels Möller, Magnus Holmgren
6 Copyright (C) 2014 Niels Möller
8 This file is part of GNU Nettle.
10 GNU Nettle is free software: you can redistribute it and/or
11 modify it under the terms of either:
13 * the GNU Lesser General Public License as published by the Free
14 Software Foundation; either version 3 of the License, or (at your
15 option) any later version.
19 * the GNU General Public License as published by the Free
20 Software Foundation; either version 2 of the License, or (at your
21 option) any later version.
23 or both in parallel, as here.
25 GNU Nettle is distributed in the hope that it will be useful,
26 but WITHOUT ANY WARRANTY; without even the implied warranty of
27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
28 General Public License for more details.
30 You should have received copies of the GNU General Public License and
31 the GNU Lesser General Public License along with this program. If
32 not, see http://www.gnu.org/licenses/.
55 /* Use a range of values which also work as option id:s */
56 RSA_PRIVATE_KEY = 0x200,
59 /* DSA public keys only supported as part of a
60 SubjectPublicKeyInfo, i.e., the GENERAL_PUBLIC_KEY case. */
65 write_file(struct nettle_buffer *buffer, FILE *f)
67 size_t res = fwrite(buffer->contents, 1, buffer->size, f);
68 if (res < buffer->size)
70 werror("Write failed: %s.\n", strerror(errno));
77 /* Return 1 on success, 0 on error, -1 on eof */
79 read_line(struct nettle_buffer *buffer, FILE *f)
83 while ((c = getc(f)) != EOF)
85 if (!NETTLE_BUFFER_PUTC(buffer, c))
93 werror("Read failed: %s\n", strerror(errno));
102 read_file(struct nettle_buffer *buffer, FILE *f)
106 while ((c = getc(f)) != EOF)
107 if (!NETTLE_BUFFER_PUTC(buffer, c))
112 werror("Read failed: %s\n", strerror(errno));
120 pem_start_pattern[11] = "-----BEGIN ";
123 pem_end_pattern[9] = "-----END ";
126 pem_trailer_pattern[5] = "-----";
130 0, 0, 0, 0, 0, 0, 0, 0,
131 0, 1, 1, 1, 1, 1, 0, 0, /* \t, \n, \v, \f, \r */
132 0, 0, 0, 0, 0, 0, 0, 0,
133 0, 0, 0, 0, 0, 0, 0, 0,
137 #define PEM_IS_SPACE(c) ((c) < sizeof(pem_ws) && pem_ws[(c)])
139 /* Returns 1 on match, otherwise 0. */
141 match_pem_start(size_t length, const uint8_t *line,
142 size_t *marker_start,
143 size_t *marker_length)
145 while (length > 0 && PEM_IS_SPACE(line[length - 1]))
148 if (length > (sizeof(pem_start_pattern) + sizeof(pem_trailer_pattern))
149 && memcmp(line, pem_start_pattern, sizeof(pem_start_pattern)) == 0
150 && memcmp(line + length - sizeof(pem_trailer_pattern),
151 pem_trailer_pattern, sizeof(pem_trailer_pattern)) == 0)
154 *marker_length = length - (sizeof(pem_start_pattern) + sizeof(pem_trailer_pattern));
162 /* Returns 1 on match, -1 if the line is of the right form except for
163 the marker, otherwise 0. */
165 match_pem_end(size_t length, const uint8_t *line,
166 size_t marker_length,
167 const uint8_t *marker)
169 while (length > 0 && PEM_IS_SPACE(line[length - 1]))
172 if (length > (sizeof(pem_end_pattern) + sizeof(pem_trailer_pattern))
173 && memcmp(line, pem_end_pattern, sizeof(pem_end_pattern)) == 0
174 && memcmp(line + length - sizeof(pem_trailer_pattern),
175 pem_trailer_pattern, sizeof(pem_trailer_pattern)) == 0)
177 /* Right form. Check marker */
178 if (length == marker_length + (sizeof(pem_end_pattern) + sizeof(pem_trailer_pattern))
179 && memcmp(line + sizeof(pem_end_pattern), marker, marker_length) == 0)
190 /* The FOO part in "-----BEGIN FOO-----" */
192 size_t marker_length;
198 read_pem(struct nettle_buffer *buffer, FILE *f,
199 struct pem_info *info)
201 /* Find start line */
206 nettle_buffer_reset(buffer);
208 res = read_line(buffer, f);
212 if (match_pem_start(buffer->size, buffer->contents,
213 &info->marker_start, &info->marker_length))
217 /* NUL-terminate the marker. Don't care to check for embedded NULs. */
218 buffer->contents[info->marker_start + info->marker_length] = 0;
220 info->data_start = buffer->size;
224 size_t line_start = buffer->size;
226 if (read_line(buffer, f) != 1)
229 switch (match_pem_end(buffer->size - line_start,
230 buffer->contents + line_start,
232 buffer->contents + info->marker_start))
237 werror("PEM END line doesn't match BEGIN.\n");
240 /* Return base 64 data; let caller do the decoding */
241 info->data_length = line_start - info->data_start;
248 decode_base64(struct nettle_buffer *buffer,
249 size_t start, size_t *length)
251 struct base64_decode_ctx ctx;
253 base64_decode_init(&ctx);
255 /* Decode in place */
256 if (base64_decode_update(&ctx,
257 length, buffer->contents + start,
258 *length, buffer->contents + start)
259 && base64_decode_final(&ctx))
264 werror("Invalid base64 date.\n");
270 convert_rsa_public_key(struct nettle_buffer *buffer, size_t length, const uint8_t *data)
272 struct rsa_public_key pub;
275 rsa_public_key_init(&pub);
277 if (rsa_keypair_from_der(&pub, NULL, 0,
280 /* Reuses the buffer */
281 nettle_buffer_reset(buffer);
282 res = rsa_keypair_to_sexp(buffer, NULL, &pub, NULL);
286 werror("Invalid PKCS#1 public key.\n");
289 rsa_public_key_clear(&pub);
294 convert_rsa_private_key(struct nettle_buffer *buffer, size_t length, const uint8_t *data)
296 struct rsa_public_key pub;
297 struct rsa_private_key priv;
300 rsa_public_key_init(&pub);
301 rsa_private_key_init(&priv);
303 if (rsa_keypair_from_der(&pub, &priv, 0,
306 /* Reuses the buffer */
307 nettle_buffer_reset(buffer);
308 res = rsa_keypair_to_sexp(buffer, NULL, &pub, &priv);
312 werror("Invalid PKCS#1 private key.\n");
315 rsa_public_key_clear(&pub);
316 rsa_private_key_clear(&priv);
322 convert_dsa_private_key(struct nettle_buffer *buffer, size_t length, const uint8_t *data)
324 struct dsa_params params;
329 dsa_params_init (¶ms);
333 if (dsa_openssl_private_key_from_der(¶ms, pub, priv, 0,
336 /* Reuses the buffer */
337 nettle_buffer_reset(buffer);
338 res = dsa_keypair_to_sexp(buffer, NULL, ¶ms, pub, priv);
342 werror("Invalid OpenSSL private key.\n");
345 dsa_params_clear (¶ms);
352 /* Returns 1 on success, 0 on error, and -1 for unsupported algorithms. */
354 convert_public_key(struct nettle_buffer *buffer, size_t length, const uint8_t *data)
356 /* SubjectPublicKeyInfo ::= SEQUENCE {
357 algorithm AlgorithmIdentifier,
358 subjectPublicKey BIT STRING
361 AlgorithmIdentifier ::= SEQUENCE {
362 algorithm OBJECT IDENTIFIER,
366 struct asn1_der_iterator i;
367 struct asn1_der_iterator j;
370 if (asn1_der_iterator_first(&i, length, data) == ASN1_ITERATOR_CONSTRUCTED
371 && i.type == ASN1_SEQUENCE
372 && asn1_der_decode_constructed_last(&i) == ASN1_ITERATOR_CONSTRUCTED
373 && i.type == ASN1_SEQUENCE
375 /* Use the j iterator to parse the algorithm identifier */
376 && asn1_der_decode_constructed(&i, &j) == ASN1_ITERATOR_PRIMITIVE
377 && j.type == ASN1_IDENTIFIER
378 && asn1_der_iterator_next(&i) == ASN1_ITERATOR_PRIMITIVE
379 && i.type == ASN1_BITSTRING
381 /* Use i to parse the object wrapped in the bit string.*/
382 && asn1_der_decode_bitstring_last(&i))
385 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1)
390 -- When rsaEncryption is used in an AlgorithmIdentifier the
391 -- parameters MUST be present and MUST be NULL.
393 rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
395 static const uint8_t id_rsaEncryption[9] =
396 { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01 };
399 -- When dsa is used in an AlgorithmIdentifier the
400 -- parameters MUST be present and MUST NOT be NULL.
402 dsa OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 }
404 static const uint8_t id_dsa[7] =
405 { 0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x01 };
411 werror("SubjectPublicKeyInfo: Unsupported algorithm.\n");
416 if (memcmp(j.data, id_dsa, 7) == 0)
418 if (asn1_der_iterator_next(&j) == ASN1_ITERATOR_CONSTRUCTED
419 && asn1_der_decode_constructed_last(&j) == ASN1_ITERATOR_PRIMITIVE)
421 struct dsa_params params;
424 dsa_params_init (¶ms);
427 if (dsa_params_from_der_iterator(¶ms, 0, 0, &i)
428 && dsa_public_key_from_der_iterator(¶ms, pub, &j))
430 nettle_buffer_reset(buffer);
431 res = dsa_keypair_to_sexp(buffer, NULL,
432 ¶ms, pub, NULL) > 0;
434 dsa_params_clear(¶ms);
438 werror("SubjectPublicKeyInfo: Invalid DSA key.\n");
443 if (memcmp(j.data, id_rsaEncryption, 9) == 0)
445 if (asn1_der_iterator_next(&j) == ASN1_ITERATOR_PRIMITIVE
446 && j.type == ASN1_NULL
448 && asn1_der_iterator_next(&j) == ASN1_ITERATOR_END)
450 struct rsa_public_key pub;
452 rsa_public_key_init(&pub);
454 if (rsa_public_key_from_der_iterator(&pub, 0, &i))
456 nettle_buffer_reset(buffer);
457 res = rsa_keypair_to_sexp(buffer, NULL, &pub, NULL) > 0;
459 rsa_public_key_clear(&pub);
462 werror("SubjectPublicKeyInfo: Invalid RSA key.\n");
469 werror("SubjectPublicKeyInfo: Invalid object.\n");
474 /* NOTE: Destroys contents of buffer */
475 /* Returns 1 on success, 0 on error, and -1 for unsupported algorithms. */
477 convert_type(struct nettle_buffer *buffer,
478 enum object_type type,
479 size_t length, const uint8_t *data)
488 case GENERAL_PUBLIC_KEY:
489 res = convert_public_key(buffer, length, data);
493 res = convert_rsa_public_key(buffer, length, data);
496 case RSA_PRIVATE_KEY:
497 res = convert_rsa_private_key(buffer, length, data);
500 case DSA_PRIVATE_KEY:
501 res = convert_dsa_private_key(buffer, length, data);
506 res = write_file(buffer, stdout);
512 convert_file(struct nettle_buffer *buffer,
514 enum object_type type,
519 read_file(buffer, f);
520 if (base64 && !decode_base64(buffer, 0, &buffer->size))
523 if (convert_type(buffer, type,
524 buffer->size, buffer->contents) != 1)
534 struct pem_info info;
535 const uint8_t *marker;
537 nettle_buffer_reset(buffer);
538 switch (read_pem(buffer, f, &info))
549 if (!decode_base64(buffer, info.data_start, &info.data_length))
552 marker = buffer->contents + info.marker_start;
555 switch (info.marker_length)
558 if (memcmp(marker, "PUBLIC KEY", 10) == 0)
560 type = GENERAL_PUBLIC_KEY;
564 if (memcmp(marker, "RSA PUBLIC KEY", 14) == 0)
566 type = RSA_PUBLIC_KEY;
571 if (memcmp(marker, "RSA PRIVATE KEY", 15) == 0)
573 type = RSA_PRIVATE_KEY;
576 if (memcmp(marker, "DSA PRIVATE KEY", 15) == 0)
578 type = DSA_PRIVATE_KEY;
584 werror("Ignoring unsupported object type `%s'.\n", marker);
586 else if (convert_type(buffer, type,
588 buffer->contents + info.data_start) != 1)
595 main(int argc, char **argv)
597 struct nettle_buffer buffer;
598 enum object_type type = 0;
604 OPT_PRIVATE_RSA = RSA_PRIVATE_KEY,
605 OPT_PUBLIC_RSA = RSA_PUBLIC_KEY,
606 OPT_PRIVATE_DSA = DSA_PRIVATE_KEY,
607 OPT_PUBLIC_KEY = GENERAL_PUBLIC_KEY,
610 static const struct option options[] =
612 /* Name, args, flag, val */
613 { "help", no_argument, NULL, OPT_HELP },
614 { "version", no_argument, NULL, 'V' },
615 { "private-rsa-key", no_argument, NULL, OPT_PRIVATE_RSA },
616 { "public-rsa-key", no_argument, NULL, OPT_PUBLIC_RSA },
617 { "private-dsa-key", no_argument, NULL, OPT_PRIVATE_DSA },
618 { "public-key-info", no_argument, NULL, OPT_PUBLIC_KEY },
619 { "base-64", no_argument, NULL, 'b' },
623 while ( (c = getopt_long(argc, argv, "Vb", options, NULL)) != -1)
634 case OPT_PRIVATE_RSA:
636 case OPT_PRIVATE_DSA:
638 /* Same values as the type codes. */
643 printf("FIXME: Usage information.\n");
649 printf("pkcs1-conv (" PACKAGE_STRING ")\n");
654 nettle_buffer_init_realloc(&buffer, NULL, nettle_xrealloc);
658 if (!convert_file(&buffer, stdin, type, base64))
664 const char *mode = (type || base64) ? "r" : "rb";
666 for (i = optind; i < argc; i++)
668 FILE *f = fopen(argv[i], mode);
670 die("Failed to open `%s': %s.\n", argv[i], strerror(errno));
672 if (!convert_file(&buffer, f, type, base64))
678 nettle_buffer_clear (&buffer);