[thirdparty/strongswan.git] / src / libstrongswan / plugins / pem / pem_builder.c

/*
 * Copyright (C) 2009 Martin Willi
 * Copyright (C) 2001-2008 Andreas Steffen
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include "pem_builder.h"

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
#include <stddef.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/mman.h>
#include <sys/stat.h>

#include <debug.h>
#include <library.h>
#include <utils/lexparser.h>
#include <asn1/asn1.h>
#include <crypto/hashers/hasher.h>
#include <crypto/crypters/crypter.h>
#include <credentials/certificates/x509.h>

#define PKCS5_SALT_LEN	8	/* bytes */

/**
 * check the presence of a pattern in a character string, skip if found
 */
static bool present(char* pattern, chunk_t* ch)
{
	u_int len = strlen(pattern);

	if (ch->len >= len && strneq(ch->ptr, pattern, len))
	{
		*ch = chunk_skip(*ch, len);
		return TRUE;
	}
	return FALSE;
}

/**
 * find a boundary of the form -----tag name-----
 */
static bool find_boundary(char* tag, chunk_t *line)
{
	chunk_t name = chunk_empty;

	if (!present("-----", line) ||
		!present(tag, line) ||
		*line->ptr != ' ')
	{
		return FALSE;
	}
	*line = chunk_skip(*line, 1);

	/* extract name */
	name.ptr = line->ptr;
	while (line->len > 0)
	{
		if (present("-----", line))
		{
			DBG2(DBG_ASN, "  -----%s %.*s-----", tag, (int)name.len, name.ptr);
			return TRUE;
		}
		line->ptr++;  line->len--;  name.len++;
	}
	return FALSE;
}

/*
 * decrypts a passphrase protected encrypted data block
 */
static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
							size_t key_size, chunk_t iv, chunk_t passphrase)
{
	hasher_t *hasher;
	crypter_t *crypter;
	chunk_t salt = { iv.ptr, PKCS5_SALT_LEN };
	chunk_t hash;
	chunk_t decrypted;
	chunk_t key = {alloca(key_size), key_size};
	u_int8_t padding, *last_padding_pos, *first_padding_pos;

	/* build key from passphrase and IV */
	hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
	if (hasher == NULL)
	{
		DBG1(DBG_ASN, "  MD5 hash algorithm not available");
		return NOT_SUPPORTED;
	}
	hash.len = hasher->get_hash_size(hasher);
	hash.ptr = alloca(hash.len);
	hasher->get_hash(hasher, passphrase, NULL);
	hasher->get_hash(hasher, salt, hash.ptr);
	memcpy(key.ptr, hash.ptr, hash.len);

	if (key.len > hash.len)
	{
		hasher->get_hash(hasher, hash, NULL);
		hasher->get_hash(hasher, passphrase, NULL);
		hasher->get_hash(hasher, salt, hash.ptr);
		memcpy(key.ptr + hash.len, hash.ptr, key.len - hash.len);
	}
	hasher->destroy(hasher);

	/* decrypt blob */
	crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size);
	if (crypter == NULL)
	{
		DBG1(DBG_ASN, "  %N encryption algorithm not available",
			 encryption_algorithm_names, alg);
		return NOT_SUPPORTED;
	}
	crypter->set_key(crypter, key);

	if (iv.len != crypter->get_iv_size(crypter) ||
		blob->len % crypter->get_block_size(crypter))
	{
		crypter->destroy(crypter);
		DBG1(DBG_ASN, "  data size is not multiple of block size");
		return PARSE_ERROR;
	}
	crypter->decrypt(crypter, *blob, iv, &decrypted);
	crypter->destroy(crypter);
	memcpy(blob->ptr, decrypted.ptr, blob->len);
	chunk_free(&decrypted);

	/* determine amount of padding */
	last_padding_pos = blob->ptr + blob->len - 1;
	padding = *last_padding_pos;
	if (padding > blob->len)
	{
		first_padding_pos = blob->ptr;
	}
	else
	{
		first_padding_pos = last_padding_pos - padding;
	}
	/* check the padding pattern */
	while (--last_padding_pos > first_padding_pos)
	{
		if (*last_padding_pos != padding)
		{
			DBG1(DBG_ASN, "  invalid passphrase");
			return INVALID_ARG;
		}
	}
	/* remove padding */
	blob->len -= padding;
	return SUCCESS;
}

/**
 * Converts a PEM encoded file into its binary form (RFC 1421, RFC 934)
 */
static status_t pem_to_bin(chunk_t *blob, bool *pgp)
{
	typedef enum {
		PEM_PRE    = 0,
		PEM_MSG    = 1,
		PEM_HEADER = 2,
		PEM_BODY   = 3,
		PEM_POST   = 4,
		PEM_ABORT  = 5
	} state_t;

	encryption_algorithm_t alg = ENCR_UNDEFINED;
	size_t key_size = 0;
	bool encrypted = FALSE;
	state_t state  = PEM_PRE;
	chunk_t src    = *blob;
	chunk_t dst    = *blob;
	chunk_t line   = chunk_empty;
	chunk_t iv     = chunk_empty;
	u_char iv_buf[HASH_SIZE_MD5];
	status_t status = NOT_FOUND;
	enumerator_t *enumerator;
	shared_key_t *shared;

	dst.len = 0;
	iv.ptr = iv_buf;
	iv.len = 0;

	while (fetchline(&src, &line))
	{
		if (state == PEM_PRE)
		{
			if (find_boundary("BEGIN", &line))
			{
				state = PEM_MSG;
			}
			continue;
		}
		else
		{
			if (find_boundary("END", &line))
			{
				state = PEM_POST;
				break;
			}
			if (state == PEM_MSG)
			{
				state = PEM_HEADER;
				if (memchr(line.ptr, ':', line.len) == NULL)
				{
					state = PEM_BODY;
				}
			}
			if (state == PEM_HEADER)
			{
				err_t ugh = NULL;
				chunk_t name  = chunk_empty;
				chunk_t value = chunk_empty;

				/* an empty line separates HEADER and BODY */
				if (line.len == 0)
				{
					state = PEM_BODY;
					continue;
				}

				/* we are looking for a parameter: value pair */
				DBG2(DBG_ASN, "  %.*s", (int)line.len, line.ptr);
				ugh = extract_parameter_value(&name, &value, &line);
				if (ugh != NULL)
				{
					continue;
				}
				if (match("Proc-Type", &name) && *value.ptr == '4')
				{
					encrypted = TRUE;
				}
				else if (match("DEK-Info", &name))
				{
					chunk_t dek;

					if (!extract_token(&dek, ',', &value))
					{
						dek = value;
					}
					if (match("DES-EDE3-CBC", &dek))
					{
						alg = ENCR_3DES;
						key_size = 24;
					}
					else if (match("AES-128-CBC", &dek))
					{
						alg = ENCR_AES_CBC;
						key_size = 16;
					}
					else if (match("AES-192-CBC", &dek))
					{
						alg = ENCR_AES_CBC;
						key_size = 24;
					}
					else if (match("AES-256-CBC", &dek))
					{
						alg = ENCR_AES_CBC;
						key_size = 32;
					}
					else
					{
						DBG1(DBG_ASN, "  encryption algorithm '%.*s'"
							 " not supported", dek.len, dek.ptr);
						return NOT_SUPPORTED;
					}
					eat_whitespace(&value);
					iv = chunk_from_hex(value, iv.ptr);
				}
			}
			else /* state is PEM_BODY */
			{
				chunk_t data;

				/* remove any trailing whitespace */
				if (!extract_token(&data ,' ', &line))
				{
					data = line;
				}

				/* check for PGP armor checksum */
				if (*data.ptr == '=')
				{
					*pgp = TRUE;
					data.ptr++;
					data.len--;
					DBG2(DBG_ASN, "  armor checksum: %.*s", (int)data.len,
						 data.ptr);
					continue;
				}

				if (blob->len - dst.len < data.len / 4 * 3)
				{
					state = PEM_ABORT;
				}
				data = chunk_from_base64(data, dst.ptr);

				dst.ptr += data.len;
				dst.len += data.len;
			}
		}
	}
	/* set length to size of binary blob */
	blob->len = dst.len;

	if (state != PEM_POST)
	{
		DBG1(DBG_LIB, "  file coded in unknown format, discarded");
		return PARSE_ERROR;
	}
	if (!encrypted)
	{
		return SUCCESS;
	}

	enumerator = lib->credmgr->create_shared_enumerator(lib->credmgr,
											SHARED_PRIVATE_KEY_PASS, NULL, NULL);
	while (enumerator->enumerate(enumerator, &shared, NULL, NULL))
	{
		chunk_t passphrase, chunk;

		passphrase = shared->get_key(shared);
		chunk = chunk_clone(*blob);
		status = pem_decrypt(&chunk, alg, key_size, iv, passphrase);
		if (status == SUCCESS)
		{
			memcpy(blob->ptr, chunk.ptr, chunk.len);
			blob->len = chunk.len;
		}
		free(chunk.ptr);
		if (status != INVALID_ARG)
		{	/* try again only if passphrase invalid */
			break;
		}
	}
	enumerator->destroy(enumerator);
	return status;
}

/**
 * load the credential from a blob
 */
static void *load_from_blob(chunk_t blob, credential_type_t type, int subtype,
							x509_flag_t flags)
{
	void *cred = NULL;
	bool pgp = FALSE;

	blob = chunk_clone(blob);
	if (!is_asn1(blob))
	{
		if (pem_to_bin(&blob, &pgp) != SUCCESS)
		{
			chunk_clear(&blob);
			return NULL;
		}
		if (pgp && type == CRED_PRIVATE_KEY)
		{
			/* PGP encoded keys are parsed with a KEY_ANY key type, as it
			 * can contain any type of key. However, ipsec.secrets uses
			 * RSA for PGP keys, which is actually wrong. */
			subtype = KEY_ANY;
		}
	}
	/* if CERT_ANY is given, ASN1 encoded blob is handled as X509 */
	if (type == CRED_CERTIFICATE && subtype == CERT_ANY)
	{
		subtype = pgp ? CERT_GPG : CERT_X509;
	}
	cred = lib->creds->create(lib->creds, type, subtype,
							  pgp ? BUILD_BLOB_PGP : BUILD_BLOB_ASN1_DER, blob,
							  flags ? BUILD_X509_FLAG : BUILD_END,
							  flags, BUILD_END);
	chunk_clear(&blob);
	return cred;
}

/**
 * load the credential from a file
 */
static void *load_from_file(char *file, credential_type_t type, int subtype,
							x509_flag_t flags)
{
	void *cred = NULL;
	struct stat sb;
	void *addr;
	int fd;

	fd = open(file, O_RDONLY);
	if (fd == -1)
	{
		DBG1(DBG_LIB, "  opening '%s' failed: %s", file, strerror(errno));
		return NULL;
	}

	if (fstat(fd, &sb) == -1)
	{
		DBG1(DBG_LIB, "  getting file size of '%s' failed: %s", file,
			 strerror(errno));
		close(fd);
		return NULL;
	}

	addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
	if (addr == MAP_FAILED)
	{
		DBG1(DBG_LIB, "  mapping '%s' failed: %s", file, strerror(errno));
		close(fd);
		return NULL;
	}

	cred = load_from_blob(chunk_create(addr, sb.st_size), type, subtype, flags);

	munmap(addr, sb.st_size);
	close(fd);
	return cred;
}

/**
 * load the credential from a file descriptor
 */
static void *load_from_fd(int fd, credential_type_t type, int subtype,
						  x509_flag_t flags)
{
	char buf[8096];
	char *pos = buf;
	ssize_t len, total = 0;

	while (TRUE)
	{
		len = read(fd, pos, buf + sizeof(buf) - pos);
		if (len < 0)
		{
			DBG1(DBG_LIB, "reading from file descriptor failed: %s",
				 strerror(errno));
			return NULL;
		}
		if (len == 0)
		{
			break;
		}
		total += len;
		if (total == sizeof(buf))
		{
			DBG1(DBG_LIB, "buffer too small to read from file descriptor");
			return NULL;
		}
	}
	return load_from_blob(chunk_create(buf, total), type, subtype, flags);
}

/**
 * Load all kind of PEM encoded credentials.
 */
static void *pem_load(credential_type_t type, int subtype, va_list args)
{
	char *file = NULL;
	int fd = -1;
	chunk_t pem = chunk_empty;
	int flags = 0;

	while (TRUE)
	{
		switch (va_arg(args, builder_part_t))
		{
			case BUILD_FROM_FILE:
				file = va_arg(args, char*);
				continue;
			case BUILD_FROM_FD:
				fd = va_arg(args, int);
				continue;
			case BUILD_BLOB_PEM:
				pem = va_arg(args, chunk_t);
				continue;
			case BUILD_X509_FLAG:
				flags = va_arg(args, int);
				continue;
			case BUILD_END:
				break;
			default:
				return NULL;
		}
		break;
	}

	if (pem.len)
	{
		return load_from_blob(pem, type, subtype, flags);
	}
	if (file)
	{
		return load_from_file(file, type, subtype, flags);
	}
	if (fd != -1)
	{
		return load_from_fd(fd, type, subtype, flags);
	}
	return NULL;
}

/**
 * Private key PEM loader.
 */
private_key_t *pem_private_key_load(key_type_t type, va_list args)
{
	return pem_load(CRED_PRIVATE_KEY, type, args);
}

/**
 * Public key PEM loader.
 */
public_key_t *pem_public_key_load(key_type_t type, va_list args)
{
	return pem_load(CRED_PUBLIC_KEY, type, args);
}

/**
 * Certificate PEM loader.
 */
certificate_t *pem_certificate_load(certificate_type_t type, va_list args)
{
	return pem_load(CRED_CERTIFICATE, type, args);
}
Commit	Line	Data
160f4c22 MW	1	/*
	2	* Copyright (C) 2009 Martin Willi
	3	* Copyright (C) 2001-2008 Andreas Steffen
	4	* Hochschule fuer Technik Rapperswil
	5	*
	6	* This program is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 2 of the License, or (at your
	9	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	10	*
	11	* This program is distributed in the hope that it will be useful, but
	12	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	13	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	14	* for more details.
	15	*/
	16
	17	#include "pem_builder.h"
	18
	19	#include <stdio.h>
	20	#include <stdlib.h>
	21	#include <unistd.h>
	22	#include <errno.h>
	23	#include <string.h>
	24	#include <stddef.h>
c9db16b7	25	#include <fcntl.h>
160f4c22	26	#include <sys/types.h>
c9db16b7 MW	27	#include <sys/mman.h>
c9db16b7 MW	28	#include <sys/stat.h>
160f4c22 MW	29
	30	#include <debug.h>
	31	#include <library.h>
	32	#include <utils/lexparser.h>
c9db16b7	33	#include <asn1/asn1.h>
160f4c22 MW	34	#include <crypto/hashers/hasher.h>
160f4c22 MW	35	#include <crypto/crypters/crypter.h>
de408caf	36	#include <credentials/certificates/x509.h>
160f4c22 MW	37
	38	#define PKCS5_SALT_LEN 8 /* bytes */
	39
160f4c22 MW	40	/**
	41	* check the presence of a pattern in a character string, skip if found
	42	*/
	43	static bool present(char* pattern, chunk_t* ch)
	44	{
	45	u_int len = strlen(pattern);
7daf5226	46
160f4c22 MW	47	if (ch->len >= len && strneq(ch->ptr, pattern, len))
	48	{
	49	ch = chunk_skip(ch, len);
	50	return TRUE;
	51	}
	52	return FALSE;
	53	}
	54
	55	/**
	56	* find a boundary of the form -----tag name-----
	57	*/
	58	static bool find_boundary(char* tag, chunk_t *line)
	59	{
	60	chunk_t name = chunk_empty;
7daf5226	61
160f4c22 MW	62	if (!present("-----", line) \|\|
	63	!present(tag, line) \|\|
	64	*line->ptr != ' ')
	65	{
	66	return FALSE;
	67	}
	68	line = chunk_skip(line, 1);
7daf5226	69
160f4c22 MW	70	/* extract name */
	71	name.ptr = line->ptr;
	72	while (line->len > 0)
	73	{
	74	if (present("-----", line))
	75	{
b6e07843	76	DBG2(DBG_ASN, " -----%s %.*s-----", tag, (int)name.len, name.ptr);
160f4c22 MW	77	return TRUE;
	78	}
	79	line->ptr++; line->len--; name.len++;
	80	}
	81	return FALSE;
	82	}
	83
	84	/*
	85	* decrypts a passphrase protected encrypted data block
	86	*/
	87	static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
	88	size_t key_size, chunk_t iv, chunk_t passphrase)
	89	{
	90	hasher_t *hasher;
	91	crypter_t *crypter;
	92	chunk_t salt = { iv.ptr, PKCS5_SALT_LEN };
	93	chunk_t hash;
	94	chunk_t decrypted;
	95	chunk_t key = {alloca(key_size), key_size};
	96	u_int8_t padding, last_padding_pos, first_padding_pos;
7daf5226	97
160f4c22 MW	98	/* build key from passphrase and IV */
	99	hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
	100	if (hasher == NULL)
	101	{
b6e07843	102	DBG1(DBG_ASN, " MD5 hash algorithm not available");
160f4c22 MW	103	return NOT_SUPPORTED;
	104	}
	105	hash.len = hasher->get_hash_size(hasher);
	106	hash.ptr = alloca(hash.len);
	107	hasher->get_hash(hasher, passphrase, NULL);
	108	hasher->get_hash(hasher, salt, hash.ptr);
	109	memcpy(key.ptr, hash.ptr, hash.len);
7daf5226	110
160f4c22 MW	111	if (key.len > hash.len)
	112	{
	113	hasher->get_hash(hasher, hash, NULL);
	114	hasher->get_hash(hasher, passphrase, NULL);
	115	hasher->get_hash(hasher, salt, hash.ptr);
	116	memcpy(key.ptr + hash.len, hash.ptr, key.len - hash.len);
	117	}
	118	hasher->destroy(hasher);
7daf5226	119
160f4c22 MW	120	/* decrypt blob */
	121	crypter = lib->crypto->create_crypter(lib->crypto, alg, key_size);
	122	if (crypter == NULL)
	123	{
b6e07843	124	DBG1(DBG_ASN, " %N encryption algorithm not available",
160f4c22 MW	125	encryption_algorithm_names, alg);
	126	return NOT_SUPPORTED;
	127	}
	128	crypter->set_key(crypter, key);
7daf5226	129
3102d866 MW	130	if (iv.len != crypter->get_iv_size(crypter) \|\|
3102d866 MW	131	blob->len % crypter->get_block_size(crypter))
160f4c22 MW	132	{
160f4c22 MW	133	crypter->destroy(crypter);
b6e07843	134	DBG1(DBG_ASN, " data size is not multiple of block size");
160f4c22 MW	135	return PARSE_ERROR;
	136	}
	137	crypter->decrypt(crypter, *blob, iv, &decrypted);
	138	crypter->destroy(crypter);
	139	memcpy(blob->ptr, decrypted.ptr, blob->len);
	140	chunk_free(&decrypted);
7daf5226	141
160f4c22 MW	142	/* determine amount of padding */
	143	last_padding_pos = blob->ptr + blob->len - 1;
	144	padding = *last_padding_pos;
	145	if (padding > blob->len)
	146	{
	147	first_padding_pos = blob->ptr;
	148	}
	149	else
	150	{
	151	first_padding_pos = last_padding_pos - padding;
	152	}
	153	/* check the padding pattern */
	154	while (--last_padding_pos > first_padding_pos)
	155	{
	156	if (*last_padding_pos != padding)
	157	{
b6e07843	158	DBG1(DBG_ASN, " invalid passphrase");
160f4c22 MW	159	return INVALID_ARG;
	160	}
	161	}
	162	/* remove padding */
	163	blob->len -= padding;
	164	return SUCCESS;
	165	}
	166
	167	/**
	168	* Converts a PEM encoded file into its binary form (RFC 1421, RFC 934)
	169	*/
15177f57	170	static status_t pem_to_bin(chunk_t blob, bool pgp)
160f4c22 MW	171	{
	172	typedef enum {
	173	PEM_PRE = 0,
	174	PEM_MSG = 1,
	175	PEM_HEADER = 2,
	176	PEM_BODY = 3,
	177	PEM_POST = 4,
	178	PEM_ABORT = 5
	179	} state_t;
7daf5226	180
160f4c22 MW	181	encryption_algorithm_t alg = ENCR_UNDEFINED;
	182	size_t key_size = 0;
	183	bool encrypted = FALSE;
	184	state_t state = PEM_PRE;
	185	chunk_t src = *blob;
	186	chunk_t dst = *blob;
	187	chunk_t line = chunk_empty;
	188	chunk_t iv = chunk_empty;
160f4c22	189	u_char iv_buf[HASH_SIZE_MD5];
15177f57 MW	190	status_t status = NOT_FOUND;
	191	enumerator_t *enumerator;
	192	shared_key_t *shared;
7daf5226	193
160f4c22 MW	194	dst.len = 0;
	195	iv.ptr = iv_buf;
	196	iv.len = 0;
7daf5226	197
160f4c22 MW	198	while (fetchline(&src, &line))
	199	{
	200	if (state == PEM_PRE)
	201	{
	202	if (find_boundary("BEGIN", &line))
	203	{
	204	state = PEM_MSG;
	205	}
	206	continue;
	207	}
	208	else
	209	{
	210	if (find_boundary("END", &line))
	211	{
	212	state = PEM_POST;
	213	break;
	214	}
	215	if (state == PEM_MSG)
	216	{
	217	state = PEM_HEADER;
	218	if (memchr(line.ptr, ':', line.len) == NULL)
	219	{
	220	state = PEM_BODY;
	221	}
	222	}
	223	if (state == PEM_HEADER)
	224	{
	225	err_t ugh = NULL;
	226	chunk_t name = chunk_empty;
	227	chunk_t value = chunk_empty;
7daf5226	228
160f4c22 MW	229	/* an empty line separates HEADER and BODY */
	230	if (line.len == 0)
	231	{
	232	state = PEM_BODY;
	233	continue;
	234	}
7daf5226	235
160f4c22	236	/* we are looking for a parameter: value pair */
b6e07843	237	DBG2(DBG_ASN, " %.*s", (int)line.len, line.ptr);
160f4c22 MW	238	ugh = extract_parameter_value(&name, &value, &line);
	239	if (ugh != NULL)
	240	{
	241	continue;
	242	}
	243	if (match("Proc-Type", &name) && *value.ptr == '4')
	244	{
	245	encrypted = TRUE;
	246	}
	247	else if (match("DEK-Info", &name))
	248	{
	249	chunk_t dek;
7daf5226	250
160f4c22 MW	251	if (!extract_token(&dek, ',', &value))
	252	{
	253	dek = value;
	254	}
	255	if (match("DES-EDE3-CBC", &dek))
	256	{
	257	alg = ENCR_3DES;
	258	key_size = 24;
	259	}
	260	else if (match("AES-128-CBC", &dek))
	261	{
	262	alg = ENCR_AES_CBC;
	263	key_size = 16;
	264	}
	265	else if (match("AES-192-CBC", &dek))
	266	{
	267	alg = ENCR_AES_CBC;
	268	key_size = 24;
	269	}
	270	else if (match("AES-256-CBC", &dek))
	271	{
	272	alg = ENCR_AES_CBC;
	273	key_size = 32;
	274	}
	275	else
	276	{
b6e07843	277	DBG1(DBG_ASN, " encryption algorithm '%.*s'"
8b0e0910	278	" not supported", dek.len, dek.ptr);
160f4c22 MW	279	return NOT_SUPPORTED;
	280	}
	281	eat_whitespace(&value);
	282	iv = chunk_from_hex(value, iv.ptr);
	283	}
	284	}
	285	else /* state is PEM_BODY */
	286	{
	287	chunk_t data;
7daf5226	288
160f4c22 MW	289	/* remove any trailing whitespace */
	290	if (!extract_token(&data ,' ', &line))
	291	{
	292	data = line;
	293	}
7daf5226	294
160f4c22 MW	295	/* check for PGP armor checksum */
	296	if (*data.ptr == '=')
	297	{
	298	*pgp = TRUE;
	299	data.ptr++;
	300	data.len--;
b6e07843	301	DBG2(DBG_ASN, " armor checksum: %.*s", (int)data.len,
8b0e0910	302	data.ptr);
160f4c22 MW	303	continue;
160f4c22 MW	304	}
7daf5226	305
160f4c22 MW	306	if (blob->len - dst.len < data.len / 4 * 3)
	307	{
	308	state = PEM_ABORT;
	309	}
	310	data = chunk_from_base64(data, dst.ptr);
	311
	312	dst.ptr += data.len;
	313	dst.len += data.len;
	314	}
	315	}
	316	}
	317	/* set length to size of binary blob */
	318	blob->len = dst.len;
	319
	320	if (state != PEM_POST)
	321	{
8b0e0910	322	DBG1(DBG_LIB, " file coded in unknown format, discarded");
160f4c22 MW	323	return PARSE_ERROR;
	324	}
	325	if (!encrypted)
	326	{
	327	return SUCCESS;
	328	}
15177f57 MW	329
	330	enumerator = lib->credmgr->create_shared_enumerator(lib->credmgr,
	331	SHARED_PRIVATE_KEY_PASS, NULL, NULL);
	332	while (enumerator->enumerate(enumerator, &shared, NULL, NULL))
160f4c22	333	{
15177f57 MW	334	chunk_t passphrase, chunk;
	335
	336	passphrase = shared->get_key(shared);
	337	chunk = chunk_clone(*blob);
	338	status = pem_decrypt(&chunk, alg, key_size, iv, passphrase);
	339	if (status == SUCCESS)
160f4c22	340	{
15177f57 MW	341	memcpy(blob->ptr, chunk.ptr, chunk.len);
15177f57 MW	342	blob->len = chunk.len;
160f4c22	343	}
15177f57 MW	344	free(chunk.ptr);
	345	if (status != INVALID_ARG)
	346	{ /* try again only if passphrase invalid */
	347	break;
160f4c22 MW	348	}
160f4c22 MW	349	}
15177f57 MW	350	enumerator->destroy(enumerator);
15177f57 MW	351	return status;
160f4c22 MW	352	}
	353
	354	/**
de408caf	355	* load the credential from a blob
160f4c22	356	*/
de408caf	357	static void *load_from_blob(chunk_t blob, credential_type_t type, int subtype,
de408caf	358	x509_flag_t flags)
160f4c22	359	{
c9db16b7	360	void *cred = NULL;
160f4c22	361	bool pgp = FALSE;
7daf5226	362
c9db16b7 MW	363	blob = chunk_clone(blob);
	364	if (!is_asn1(blob))
	365	{
15177f57	366	if (pem_to_bin(&blob, &pgp) != SUCCESS)
c9db16b7 MW	367	{
	368	chunk_clear(&blob);
	369	return NULL;
	370	}
de408caf	371	if (pgp && type == CRED_PRIVATE_KEY)
bf3b8c90 MW	372	{
	373	/* PGP encoded keys are parsed with a KEY_ANY key type, as it
	374	* can contain any type of key. However, ipsec.secrets uses
	375	* RSA for PGP keys, which is actually wrong. */
de408caf	376	subtype = KEY_ANY;
bf3b8c90	377	}
4e1cade5 MW	378	}
	379	/* if CERT_ANY is given, ASN1 encoded blob is handled as X509 */
	380	if (type == CRED_CERTIFICATE && subtype == CERT_ANY)
	381	{
	382	subtype = pgp ? CERT_GPG : CERT_X509;
c9db16b7	383	}
de408caf	384	cred = lib->creds->create(lib->creds, type, subtype,
c9db16b7	385	pgp ? BUILD_BLOB_PGP : BUILD_BLOB_ASN1_DER, blob,
de408caf MW	386	flags ? BUILD_X509_FLAG : BUILD_END,
de408caf MW	387	flags, BUILD_END);
c9db16b7 MW	388	chunk_clear(&blob);
	389	return cred;
	390	}
	391
	392	/**
de408caf	393	* load the credential from a file
c9db16b7	394	*/
de408caf	395	static void load_from_file(char file, credential_type_t type, int subtype,
de408caf	396	x509_flag_t flags)
c9db16b7	397	{
160f4c22	398	void *cred = NULL;
c9db16b7 MW	399	struct stat sb;
	400	void *addr;
	401	int fd;
7daf5226	402
c9db16b7 MW	403	fd = open(file, O_RDONLY);
c9db16b7 MW	404	if (fd == -1)
160f4c22	405	{
8b0e0910	406	DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno));
160f4c22 MW	407	return NULL;
160f4c22 MW	408	}
7daf5226	409
c9db16b7	410	if (fstat(fd, &sb) == -1)
160f4c22	411	{
8b0e0910 TB	412	DBG1(DBG_LIB, " getting file size of '%s' failed: %s", file,
8b0e0910 TB	413	strerror(errno));
c9db16b7 MW	414	close(fd);
	415	return NULL;
	416	}
7daf5226	417
c9db16b7 MW	418	addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
	419	if (addr == MAP_FAILED)
	420	{
8b0e0910	421	DBG1(DBG_LIB, " mapping '%s' failed: %s", file, strerror(errno));
c9db16b7 MW	422	close(fd);
	423	return NULL;
	424	}
7daf5226	425
15177f57	426	cred = load_from_blob(chunk_create(addr, sb.st_size), type, subtype, flags);
7daf5226	427
c9db16b7 MW	428	munmap(addr, sb.st_size);
	429	close(fd);
	430	return cred;
	431	}
	432
df5c60bc	433	/**
de408caf	434	* load the credential from a file descriptor
df5c60bc	435	*/
de408caf	436	static void *load_from_fd(int fd, credential_type_t type, int subtype,
de408caf	437	x509_flag_t flags)
df5c60bc MW	438	{
	439	char buf[8096];
	440	char *pos = buf;
	441	ssize_t len, total = 0;
7daf5226	442
df5c60bc MW	443	while (TRUE)
	444	{
	445	len = read(fd, pos, buf + sizeof(buf) - pos);
	446	if (len < 0)
	447	{
8b0e0910 TB	448	DBG1(DBG_LIB, "reading from file descriptor failed: %s",
8b0e0910 TB	449	strerror(errno));
df5c60bc MW	450	return NULL;
	451	}
	452	if (len == 0)
	453	{
	454	break;
	455	}
	456	total += len;
	457	if (total == sizeof(buf))
	458	{
8b0e0910	459	DBG1(DBG_LIB, "buffer too small to read from file descriptor");
df5c60bc MW	460	return NULL;
	461	}
	462	}
15177f57	463	return load_from_blob(chunk_create(buf, total), type, subtype, flags);
160f4c22 MW	464	}
	465
	466	/**
de408caf	467	* Load all kind of PEM encoded credentials.
160f4c22	468	*/
de408caf	469	static void *pem_load(credential_type_t type, int subtype, va_list args)
160f4c22	470	{
de408caf MW	471	char *file = NULL;
de408caf MW	472	int fd = -1;
15177f57	473	chunk_t pem = chunk_empty;
de408caf	474	int flags = 0;
7daf5226	475
de408caf	476	while (TRUE)
160f4c22	477	{
de408caf MW	478	switch (va_arg(args, builder_part_t))
	479	{
	480	case BUILD_FROM_FILE:
	481	file = va_arg(args, char*);
	482	continue;
	483	case BUILD_FROM_FD:
	484	fd = va_arg(args, int);
	485	continue;
	486	case BUILD_BLOB_PEM:
	487	pem = va_arg(args, chunk_t);
	488	continue;
de408caf MW	489	case BUILD_X509_FLAG:
	490	flags = va_arg(args, int);
	491	continue;
	492	case BUILD_END:
	493	break;
	494	default:
	495	return NULL;
	496	}
	497	break;
160f4c22	498	}
160f4c22	499
75d4322d	500	if (pem.len)
de408caf	501	{
15177f57	502	return load_from_blob(pem, type, subtype, flags);
de408caf MW	503	}
	504	if (file)
	505	{
15177f57	506	return load_from_file(file, type, subtype, flags);
de408caf MW	507	}
	508	if (fd != -1)
	509	{
15177f57	510	return load_from_fd(fd, type, subtype, flags);
de408caf MW	511	}
de408caf MW	512	return NULL;
160f4c22 MW	513	}
	514
	515	/**
de408caf	516	* Private key PEM loader.
160f4c22	517	*/
de408caf	518	private_key_t *pem_private_key_load(key_type_t type, va_list args)
160f4c22	519	{
de408caf	520	return pem_load(CRED_PRIVATE_KEY, type, args);
160f4c22 MW	521	}
	522
	523	/**
de408caf	524	* Public key PEM loader.
160f4c22	525	*/
de408caf	526	public_key_t *pem_public_key_load(key_type_t type, va_list args)
160f4c22	527	{
de408caf	528	return pem_load(CRED_PUBLIC_KEY, type, args);
160f4c22 MW	529	}
	530
	531	/**
de408caf	532	* Certificate PEM loader.
160f4c22	533	*/
de408caf	534	certificate_t *pem_certificate_load(certificate_type_t type, va_list args)
160f4c22	535	{
de408caf	536	return pem_load(CRED_CERTIFICATE, type, args);
160f4c22 MW	537	}
160f4c22 MW	538