From fdbfb1be2a66a1d78a6f2f60ba6b56937d31c740 Mon Sep 17 00:00:00 2001 From: Jean-Michel Picod Date: Wed, 5 Feb 2020 18:43:59 +0100 Subject: [PATCH 1/7] Change the way private key and cert are embedded. OpenSSL seems to serialize bigints as signed value, which means the ECC key may end up being 33 bytes instead of the 32 bytes we're expecting, causing build to fail. The shell script extraction is now replaced by a build.rs script that uses OpenSSL to extract the content and do sanity checks. Forcing generating cryptographic materials now always generate a key and a certificate (useful to compile/flash multiple keys without them being considered as clones). The self-signed CA is left untouched. --- .gitignore | 2 - Cargo.toml | 3 ++ build.rs | 78 +++++++++++++++++++++++++++++++++ src/ctap/key_material.rs | 21 +++++++++ tools/gen_key_materials.sh | 88 ++------------------------------------ 5 files changed, 105 insertions(+), 87 deletions(-) create mode 100644 build.rs create mode 100644 src/ctap/key_material.rs diff --git a/.gitignore b/.gitignore index 625fa19..239f05a 100644 --- a/.gitignore +++ b/.gitignore @@ -3,5 +3,3 @@ Cargo.lock # Prevent people from commiting sensitive files. crypto_data/ -src/ctap/key_material.rs - diff --git a/Cargo.toml b/Cargo.toml index 624c37a..2994acf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -26,6 +26,9 @@ panic_console = ["libtock/panic_console"] [dev-dependencies] elf2tab = "0.4.0" +[build-dependencies] +openssl = "0.10" + [profile.dev] panic = "abort" lto = true # Link Time Optimization usually reduces size of binaries and static libraries diff --git a/build.rs b/build.rs new file mode 100644 index 0000000..053277e --- /dev/null +++ b/build.rs @@ -0,0 +1,78 @@ +// Copyright 2019 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +extern crate openssl; + +use openssl::asn1; +use openssl::ec; +use openssl::nid::Nid; +use openssl::pkey::PKey; +use openssl::x509; +use std::env; +use std::fs::File; +use std::io::Write; +use std::path::Path; + +fn main() { + println!("cargo:rerun-if-changed=crypto_data/opensk.key"); + println!("cargo:rerun-if-changed=crypto_data/opensk_cert.pem"); + + let out_dir = env::var_os("OUT_DIR").unwrap(); + let priv_key_bin_path = Path::new(&out_dir).join("opensk_pkey.bin"); + let cert_bin_path = Path::new(&out_dir).join("opensk_cert.bin"); + let aaguid_bin_path = Path::new(&out_dir).join("opensk_aaguid.bin"); + + // Load the OpenSSL PEM ECC key + let ecc_data = include_bytes!("crypto_data/opensk.key"); + let pkey = ec::EcKey::private_key_from_pem(ecc_data) + .ok() + .expect("Failed to load OpenSK private key file"); + + // Check key validity + pkey.check_key().unwrap(); + assert_eq!(pkey.group().curve_name(), Some(Nid::X9_62_PRIME256V1)); + + let mut priv_key = pkey.private_key().to_vec(); + if priv_key.len() == 33 && priv_key[0] == 0 { + priv_key.remove(0); + } + assert_eq!(priv_key.len(), 32); + + // Create the raw private key out of the OpenSSL data + let mut priv_key_bin_file = File::create(&priv_key_bin_path).unwrap(); + priv_key_bin_file.write_all(&priv_key).unwrap(); + + // Convert the PEM certificate to DER and extract the serial for AAGUID + let input_pem_cert = include_bytes!("crypto_data/opensk_cert.pem"); + let cert = x509::X509::from_pem(input_pem_cert) + .ok() + .expect("Failed to load OpenSK certificate"); + + // Do some sanity check on the certificate + assert!(cert + .public_key() + .unwrap() + .public_eq(&PKey::from_ec_key(pkey).unwrap())); + let today = asn1::Asn1Time::days_from_now(0).unwrap(); + assert!(cert.not_after() > today); + assert!(cert.not_before() <= today); + + let mut cert_bin_file = File::create(&cert_bin_path).unwrap(); + cert_bin_file.write_all(&cert.to_der().unwrap()).unwrap(); + + let mut aaguid_bin_file = File::create(&aaguid_bin_path).unwrap(); + let mut serial = cert.serial_number().to_bn().unwrap().to_vec(); + serial.resize(16, 0); + aaguid_bin_file.write_all(&serial).unwrap(); +} diff --git a/src/ctap/key_material.rs b/src/ctap/key_material.rs new file mode 100644 index 0000000..56f5252 --- /dev/null +++ b/src/ctap/key_material.rs @@ -0,0 +1,21 @@ +// Copyright 2019 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +pub const AAGUID: [u8; 16] = *include_bytes!(concat!(env!("OUT_DIR"), "/opensk_aaguid.bin")); + +pub const ATTESTATION_CERTIFICATE: &[u8] = + include_bytes!(concat!(env!("OUT_DIR"), "/opensk_cert.bin")); + +pub const ATTESTATION_PRIVATE_KEY: [u8; 32] = + *include_bytes!(concat!(env!("OUT_DIR"), "/opensk_pkey.bin")); diff --git a/tools/gen_key_materials.sh b/tools/gen_key_materials.sh index 260d8eb..414626a 100644 --- a/tools/gen_key_materials.sh +++ b/tools/gen_key_materials.sh @@ -36,6 +36,7 @@ generate_crypto_materials () { exit 1 fi + force_generate="$1" mkdir -p crypto_data if [ ! -f "${ca_priv_key}" ] then @@ -60,12 +61,12 @@ generate_crypto_materials () { -sha256 fi - if [ ! -f "${opensk_key}" ] + if [ "${force_generate}" = "Y" -o ! -f "${opensk_key}" ] then "${openssl}" ecparam -genkey -name prime256v1 -out "${opensk_key}" fi - if [ ! -f "${opensk_cert_name}.pem" ] + if [ "${force_generate}" = "Y" -o ! -f "${opensk_cert_name}.pem" ] then "${openssl}" req \ -new \ @@ -83,87 +84,4 @@ generate_crypto_materials () { -out "${opensk_cert_name}.pem" \ -sha256 fi - - local cert_mtime=$(stat --printf="%Y" "${opensk_cert_name}.pem") - local rust_file_mtime=0 - # Only take into consideration the mtime of the file if it exists and if we're not forcing - # the rust file to be re-generated. - if [ -f "${rust_file}" -a "x$1" != "xY" ] - then - rust_file_mtime=$(stat --printf="%Y" "${rust_file}") - fi - if [ $cert_mtime -gt $rust_file_mtime ] - then - local cert_size=$("${openssl}" x509 \ - -in "${opensk_cert_name}.pem" \ - -outform der 2>/dev/null \ - | wc -c) - local cert_serial_hex=$("${openssl}" x509 \ - -in "${opensk_cert_name}.pem" \ - -noout \ - -serial \ - | cut -d'=' -f2) - # Pad with zeroes in case the serial is too short. We don't care if the - # serial is longer than 32 characters as we will only process the first 32 - # characters in the loop later. - cert_serial_hex="${cert_serial_hex}00000000000000000000000000000000" - - # Create header - echo "// This file had been generated by OpenSK deploy.sh script" > "${rust_file}" - echo "" >> "${rust_file}" - - echo "pub const AAGUID: [u8; 16] = [" >> "${rust_file}" - for i in `seq 0 2 30` - do - echo -n "0x${cert_serial_hex:$i:2}, " >> "${rust_file}" - done - echo "" >> "${rust_file}" - echo "];" >> "${rust_file}" - echo "" >> "${rust_file}" - - echo "pub const ATTESTATION_CERTIFICATE: [u8; ${cert_size}] = [" >> "${rust_file}" - "${openssl}" x509 \ - -in "${opensk_cert_name}.pem" \ - -outform der 2>/dev/null \ - | xxd -i >> "${rust_file}" - echo "];" >> "${rust_file}" - echo "" >> "${rust_file}" - - # Private key is tricky to extract as we want the raw value and not the DER encoding - # Example output of openssl ec -in file.key -noout -text: - # read EC key - # Private-Key: (256 bit) - # priv: - # 47:b3:58:b8:f0:09:1d:72:b1:03:34:62:9a:c7:b2: - # b2:e1:06:28:15:69:d4:82:b5:4e:21:6d:98:bf:65: - # 98:34 - # pub: - # 04:32:84:a1:3c:90:db:3f:db:d7:fb:ff:e9:00:c8: - # 8a:a1:79:2e:95:2e:7c:86:ec:19:03:97:6e:7c:d6: - # 67:eb:28:56:f1:d8:dd:cb:ae:ce:b9:cb:e4:6d:9d: - # 1d:76:96:fc:48:9b:2d:d5:80:86:04:3d:f9:fe:6c: - # f3:9a:45:bc:b1 - # ASN1 OID: prime256v1 - # NIST CURVE: P-256 - # - # The awk script starts printing lines after seeing a line starting with - # "priv:" and stops printing as soon as it reaches a line that doesn't start - # with a space. - # The sed script then converts the output into a proper hex-encode byte - # array by replacing the initial spaces on each line with "0x", replacing - # the semicolons at the end of each line by commas and replacing all - # remainging semicolons by ". 0x". - echo "pub const ATTESTATION_PRIVATE_KEY: [u8; 32] = [" >> "${rust_file}" - "${openssl}" ec \ - -in "${opensk_key}" \ - -noout \ - -text 2>/dev/null \ - | awk '/^priv:/{p=1;next}/^[^ ]/{p=0}p' \ - | sed -e 's/^ */0x/;s/:$/,/;s/:/, 0x/g' >> "${rust_file}" - echo "];" >> "${rust_file}" - echo "" >> "${rust_file}" - - # If the tool is installed, prettify the file. It will catch syntax errors earlier. - which rustfmt > /dev/null 2>&1 && rustfmt "${rust_file}" - fi } From 035609ec23011dd6383f270b744cc04b25f20a8f Mon Sep 17 00:00:00 2001 From: Jean-Michel Picod Date: Wed, 5 Feb 2020 19:27:55 +0100 Subject: [PATCH 2/7] Remove Linux distribution from Travis config. Trusty is quite old and Xenial is the default. We should be fine not giving any distribution. This will give us a more recent OpenSSL version. --- .travis.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 3cb7c35..78745a9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,8 +19,6 @@ rust: os: - linux -dist: "trusty" # we need python3-pip - addons: apt: packages: From 424d1e0be88b05f82826bcc640be36355ba41794 Mon Sep 17 00:00:00 2001 From: Jean-Michel Picod Date: Thu, 6 Feb 2020 10:31:00 +0100 Subject: [PATCH 3/7] Rename "today" to "now" to reflects resolution is seconds. --- build.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build.rs b/build.rs index 053277e..cac13b5 100644 --- a/build.rs +++ b/build.rs @@ -64,9 +64,9 @@ fn main() { .public_key() .unwrap() .public_eq(&PKey::from_ec_key(pkey).unwrap())); - let today = asn1::Asn1Time::days_from_now(0).unwrap(); - assert!(cert.not_after() > today); - assert!(cert.not_before() <= today); + let now = asn1::Asn1Time::days_from_now(0).unwrap(); + assert!(cert.not_after() > now); + assert!(cert.not_before() <= now); let mut cert_bin_file = File::create(&cert_bin_path).unwrap(); cert_bin_file.write_all(&cert.to_der().unwrap()).unwrap(); From a02cbd3c9ebeb2c5bc0f50dd64aff952be90b388 Mon Sep 17 00:00:00 2001 From: Jean-Michel Picod Date: Thu, 6 Feb 2020 10:31:56 +0100 Subject: [PATCH 4/7] Fix missing python setuptools package on Travis --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 78745a9..7577b2d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -24,6 +24,7 @@ addons: packages: - "python3" - "python3-pip" + - "python3-setuptools" cache: - rust From 3ae0337fda133ff995b567f6ca67bf7b04467cd1 Mon Sep 17 00:00:00 2001 From: Jean-Michel Picod Date: Thu, 6 Feb 2020 10:38:05 +0100 Subject: [PATCH 5/7] Install system python3-crcmod on Travis. Python3-setuptools seems old and installing crcmod (dependency from tockloader) from pip fails because of this. Installing from the system package manager should solve the problem. --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 7577b2d..5c7459e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,6 +25,7 @@ addons: - "python3" - "python3-pip" - "python3-setuptools" + - "python3-crcmod" cache: - rust From 3eef0ec859304fe22c6fc084e1d2a9d7b1f81974 Mon Sep 17 00:00:00 2001 From: Jean-Michel Picod Date: Thu, 6 Feb 2020 10:52:47 +0100 Subject: [PATCH 6/7] Package python3-wheel was also missing on Travis. --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 5c7459e..c27d0df 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,6 +25,7 @@ addons: - "python3" - "python3-pip" - "python3-setuptools" + - "python3-wheel" - "python3-crcmod" cache: From 130aec165ddcd8910cda9b99cff9a8d82b551364 Mon Sep 17 00:00:00 2001 From: Jean-Michel Picod Date: Thu, 6 Feb 2020 10:59:09 +0100 Subject: [PATCH 7/7] Revert python3-crcmod install Python3 on Travis is old (3.5) so crcmod is installed by pip anyway. --- .travis.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index c27d0df..4f92d2c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,7 +26,6 @@ addons: - "python3-pip" - "python3-setuptools" - "python3-wheel" - - "python3-crcmod" cache: - rust