diff options
author | Graeme Lunt <graeme.lunt@smhs.co.uk> | 2007-08-17 18:52:40 +0000 |
---|---|---|
committer | Graeme Lunt <graeme.lunt@smhs.co.uk> | 2007-08-17 18:52:40 +0000 |
commit | 54aa46c2bbaccb8b865de75e140e36cde9919e83 (patch) | |
tree | df0587947cba05d747852f15906b504cf18429cd /asn1/pkcs12 | |
parent | 47ec0bead948443f243c38fa83bbed335189b81a (diff) |
Support for decrypting of PKCS#12 bag contents.
Supports RC2, RC4 and 3DES with SHA1 Password-based Encryption using libgcrypt functions.
Password is provided as a preference, as is trying to decode with a empty/NULL password.
svn path=/trunk/; revision=22534
Diffstat (limited to 'asn1/pkcs12')
-rw-r--r-- | asn1/pkcs12/Makefile | 2 | ||||
-rw-r--r-- | asn1/pkcs12/Makefile.nmake | 2 | ||||
-rw-r--r-- | asn1/pkcs12/packet-pkcs12-template.c | 381 | ||||
-rw-r--r-- | asn1/pkcs12/packet-pkcs12-template.h | 3 | ||||
-rw-r--r-- | asn1/pkcs12/pkcs12.cnf | 36 |
5 files changed, 391 insertions, 33 deletions
diff --git a/asn1/pkcs12/Makefile b/asn1/pkcs12/Makefile index 11f1a0e3d0..cd770bec11 100644 --- a/asn1/pkcs12/Makefile +++ b/asn1/pkcs12/Makefile @@ -7,7 +7,7 @@ all: generate_dissector generate_dissector: $(DISSECTOR_FILES) $(DISSECTOR_FILES): ../../tools/asn2wrs.py pkcs12.asn packet-pkcs12-template.c packet-pkcs12-template.h pkcs12.cnf ../cms/cms-exp.cnf ../x509af/x509af-exp.cnf ../x509if/x509if-exp.cnf - python ../../tools/asn2wrs.py -b -e -p pkcs12 -c pkcs12.cnf -s packet-pkcs12-template pkcs12.asn + python ../../tools/asn2wrs.py -X -T -b -e -p pkcs12 -c pkcs12.cnf -s packet-pkcs12-template pkcs12.asn clean: rm -f parsetab.py $(DISSECTOR_FILES) *~ diff --git a/asn1/pkcs12/Makefile.nmake b/asn1/pkcs12/Makefile.nmake index faad458bf0..16a15f745a 100644 --- a/asn1/pkcs12/Makefile.nmake +++ b/asn1/pkcs12/Makefile.nmake @@ -15,7 +15,7 @@ generate_dissector: $(DISSECTOR_FILES) $(DISSECTOR_FILES): ../../tools/asn2wrs.py pkcs12.asn packet-pkcs12-template.c packet-pkcs12-template.h pkcs12.cnf ../cms/cms-exp.cnf ../x509af/x509af-exp.cnf ../x509if/x509if-exp.cnf !IFDEF PYTHON - $(PYTHON) "../../tools/asn2wrs.py" -b -e -p $(PROTOCOL_NAME) -c pkcs12.cnf -s packet-pkcs12-template pkcs12.asn + $(PYTHON) "../../tools/asn2wrs.py" -X -T -b -e -p $(PROTOCOL_NAME) -c pkcs12.cnf -s packet-pkcs12-template pkcs12.asn !ELSE @echo Error: You need Python to use asn2wrs.py @exit 1 diff --git a/asn1/pkcs12/packet-pkcs12-template.c b/asn1/pkcs12/packet-pkcs12-template.c index 2df5f2df33..b09917c14b 100644 --- a/asn1/pkcs12/packet-pkcs12-template.c +++ b/asn1/pkcs12/packet-pkcs12-template.c @@ -32,6 +32,7 @@ #include <epan/conversation.h> #include <epan/oid_resolv.h> #include <epan/asn1.h> +#include <epan/prefs.h> #include <stdio.h> #include <string.h> @@ -42,18 +43,41 @@ #include "packet-x509if.h" #include "packet-cms.h" +#ifdef _WIN32 +#include <winposixtype.h> +#else +#include <sys/types.h> +#include <sys/time.h> +#include <sys/sysinfo.h> +#endif + +#ifdef HAVE_LIBGCRYPT +#include "gcrypt.h" +#endif + #define PNAME "PKCS#12: Personal Information Exchange" #define PSNAME "PKCS12" #define PFNAME "pkcs12" +#define PKCS12_PBE_ARCFOUR_SHA1_OID "1.2.840.113549.1.12.1.1" +#define PKCS12_PBE_3DES_SHA1_OID "1.2.840.113549.1.12.1.3" +#define PKCS12_PBE_RC2_40_SHA1_OID "1.2.840.113549.1.12.1.6" + /* Initialize the protocol and registered fields */ int proto_pkcs12 = -1; -static const char *object_identifier_id = NULL; +static int hf_pkcs12_X509Certificate_PDU = -1; +static gint ett_decrypted_pbe = -1; +static const char *object_identifier_id = NULL; +static int iteration_count = 0; +static tvbuff_t *salt = NULL; +static gchar *password = NULL; +static gboolean try_null_password = FALSE; static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); +static void dissect_PrivateKeyInfo_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); #include "packet-pkcs12-hf.c" @@ -65,12 +89,303 @@ static void append_oid(proto_tree *tree, const char *oid) const char *name = NULL; name = get_oid_str_name(oid); - proto_item_append_text(tree, " (%%s)", name ? name : oid); + proto_item_append_text(tree, " (%s)", name ? name : oid); +} + +#ifdef HAVE_LIBGCRYPT + +int +generate_key_or_iv(unsigned int id, tvbuff_t *salt_tvb, unsigned int iter, + const char *pw, unsigned int req_keylen, char * keybuf) +{ + int rc; + unsigned int i, j; + gcry_md_hd_t md; + gcry_mpi_t num_b1 = NULL; + unsigned int pwlen; + char hash[20], buf_b[64], buf_i[128], *p; + char *salt; + int salt_size; + size_t cur_keylen; + size_t n; + gcry_error_t err; + + cur_keylen = 0; + + salt_size = tvb_length(salt_tvb); + salt = tvb_get_ephemeral_string(salt_tvb, 0, salt_size); + + if (pw == NULL) + pwlen = 0; + else + pwlen = strlen (pw); + + if (pwlen > 63 / 2) + { + return FALSE; + } + + /* Store salt and password in BUF_I */ + p = buf_i; + for (i = 0; i < 64; i++) + *p++ = salt[i % salt_size]; + if (pw) + { + for (i = j = 0; i < 64; i += 2) + { + *p++ = 0; + *p++ = pw[j]; + if (++j > pwlen) /* Note, that we include the trailing zero */ + j = 0; + } + } + else + memset (p, 0, 64); + + for (;;){ + err = gcry_md_open(&md, GCRY_MD_SHA1, 0); + if (gcry_err_code(err)) { + return FALSE; + } + for (i = 0; i < 64; i++) { + unsigned char lid = id & 0xFF; + gcry_md_write (md, &lid, 1); + } + + gcry_md_write(md, buf_i, pw ? 128 : 64); + + gcry_md_final (md); + memcpy (hash, gcry_md_read (md, 0), 20); + + gcry_md_close (md); + + for (i = 1; i < iter; i++) + gcry_md_hash_buffer (GCRY_MD_SHA1, hash, hash, 20); + + for (i = 0; i < 20 && cur_keylen < req_keylen; i++) + keybuf[cur_keylen++] = hash[i]; + + if (cur_keylen == req_keylen) { + gcry_mpi_release (num_b1); + return TRUE; /* ready */ + } + + /* need more bytes. */ + for (i = 0; i < 64; i++) + buf_b[i] = hash[i % 20]; + + n = 64; + + rc = gcry_mpi_scan (&num_b1, GCRYMPI_FMT_USG, buf_b, n, &n); + + if (rc != 0) { + return FALSE; + } + + gcry_mpi_add_ui (num_b1, num_b1, 1); + + for (i = 0; i < 128; i += 64) { + gcry_mpi_t num_ij; + + n = 64; + rc = gcry_mpi_scan (&num_ij, GCRYMPI_FMT_USG, buf_i + i, n, &n); + + if (rc != 0) { + return FALSE; + } + + gcry_mpi_add (num_ij, num_ij, num_b1); + gcry_mpi_clear_highbit (num_ij, 64 * 8); + + n = 64; + + rc = gcry_mpi_print (GCRYMPI_FMT_USG, buf_i + i, n, &n, num_ij); + if (rc != 0){ + return FALSE; + } + + gcry_mpi_release (num_ij); + } + } +} + +#endif + +void PBE_reset_parameters() +{ + iteration_count = 0; + salt = NULL; +} + +int PBE_decrypt_data(const char *object_identifier_id _U_, tvbuff_t *encrypted_tvb _U_, asn1_ctx_t *actx _U_, proto_item *item _U_) +{ +#ifdef HAVE_LIBGCRYPT + const char *encryption_algorithm; + gcry_cipher_hd_t cipher; + gcry_error_t err; + int algo; + int mode; + int ivlen = 0; + int keylen = 0; + int datalen = 0; + char *key = NULL; + char *iv = NULL; + char *clear_data = NULL; + tvbuff_t *clear_tvb = NULL; + const gchar *oidname; + GString *name; + proto_tree *tree; + char byte; + gboolean decrypt_ok = TRUE; + + if(((password == NULL) || (*password == '\0')) && (try_null_password == FALSE)) { + /* we are not configured to decrypt */ + return FALSE; + } + + encryption_algorithm = x509af_get_last_algorithm_id(); + + /* these are the only encryption schemes we understand for now */ + if(!strcmp(encryption_algorithm, PKCS12_PBE_3DES_SHA1_OID)) { + ivlen = 8; + keylen = 24; + algo = GCRY_CIPHER_3DES; + mode = GCRY_CIPHER_MODE_CBC; + } else if(!strcmp(encryption_algorithm, PKCS12_PBE_ARCFOUR_SHA1_OID)) { + ivlen = 0; + keylen = 16; + algo = GCRY_CIPHER_ARCFOUR; + mode = GCRY_CIPHER_MODE_NONE; + } else if(!strcmp(encryption_algorithm, PKCS12_PBE_RC2_40_SHA1_OID)) { + ivlen = 8; + keylen = 5; + algo = GCRY_CIPHER_RFC2268_40; + mode = GCRY_CIPHER_MODE_CBC; + } else { + /* we don't know how to decrypt this */ + + proto_item_append_text(item, " [Unsupported encryption algorithm]"); + return FALSE; + } + + if((iteration_count == 0) || (salt == NULL)) { + proto_item_append_text(item, " [Insufficient parameters]"); + return FALSE; + } + + /* allocate buffers */ + key = ep_alloc(keylen); + + if(!generate_key_or_iv(1 /*LEY */, salt, iteration_count, password, keylen, key)) + return FALSE; + + if(ivlen) { + + iv = ep_alloc(ivlen); + + if(!generate_key_or_iv(2 /* IV */, salt, iteration_count, password, ivlen, iv)) + return FALSE; + } + + /* now try an internal function */ + err = gcry_cipher_open(&cipher, algo, mode, NULL); + if (gcry_err_code (err)) + return FALSE; + + err = gcry_cipher_setkey (cipher, key, keylen); + if (gcry_err_code (err)) { + gcry_cipher_close (cipher); + return FALSE; + } + + if(ivlen) { + err = gcry_cipher_setiv (cipher, iv, ivlen); + if (gcry_err_code (err)) { + gcry_cipher_close (cipher); + return FALSE; + } + } + + datalen = tvb_length(encrypted_tvb); + clear_data = g_malloc(datalen); + + err = gcry_cipher_decrypt (cipher, clear_data, datalen, tvb_get_ephemeral_string(encrypted_tvb, 0, datalen), datalen); + if (gcry_err_code (err)) { + + proto_item_append_text(item, " [Failed to decrypt with password preference]"); + + gcry_cipher_close (cipher); + g_free(clear_data); + return FALSE; + } + + gcry_cipher_close (cipher); + + /* We don't know if we have successfully decrypted the data or not so we: + a) check the trailing bytes + b) see if we start with a sequence or a set (is this too constraining? + */ + + /* first the trailing bytes */ + byte = clear_data[datalen-1]; + if(byte <= 0x08) { + int i; + + for(i = (int)byte; i > 0 ; i--) { + if(clear_data[datalen - i] != byte) { + decrypt_ok = FALSE; + break; + } + } + } else { + /* XXX: is this a failure? */ + } + + /* we assume the result is ASN.1 - check it is a SET or SEQUENCE */ + byte = clear_data[0]; + if((byte != 0x30) && (byte != 0x31)) { /* do we need more here? OCTET STRING? */ + decrypt_ok = FALSE; + } + + if(!decrypt_ok) { + g_free(clear_data); + proto_item_append_text(item, " [Failed to decrypt with supplied password]"); + + return FALSE; + } + + proto_item_append_text(item, " [Decrypted successfully]"); + + tree = proto_item_add_subtree(item, ett_decrypted_pbe); + + /* OK - so now clear_data contains the decrypted data */ + + clear_tvb = tvb_new_real_data((const guint8 *)clear_data, datalen, datalen); + tvb_set_free_cb(clear_tvb, g_free); + + name = g_string_new(""); + oidname = get_oid_str_name(object_identifier_id); + g_string_sprintf(name, "Decrypted %s", oidname ? oidname : object_identifier_id); + + /* add it as a new source */ + add_new_data_source(actx->pinfo, clear_tvb, name->str); + + g_string_free(name, TRUE); + + /* now try and decode it */ + call_ber_oid_callback(object_identifier_id, clear_tvb, 0, actx->pinfo, tree); + + return TRUE; +#else + /* we cannot decrypt */ + return FALSE; + +#endif } #include "packet-pkcs12-fn.c" -static int strip_octet_string(tvbuff_t *tvb, proto_tree *tree) +static int strip_octet_string(tvbuff_t *tvb) { gint8 class; gboolean pc, ind; @@ -88,8 +403,6 @@ static int strip_octet_string(tvbuff_t *tvb, proto_tree *tree) if((class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_OCTETSTRING)) return offset; - proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected"); - return 0; } @@ -99,8 +412,10 @@ static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info asn1_ctx_t asn1_ctx; asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); - if((offset = strip_octet_string(tvb, tree)) > 0) + if((offset = strip_octet_string(tvb)) > 0) dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_AuthenticatedSafe_PDU); + else + proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected"); } static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) @@ -109,46 +424,41 @@ static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pin asn1_ctx_t asn1_ctx; asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); - if((offset = strip_octet_string(tvb, tree)) > 0) - dissect_pkcs12_SafeContents(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU); + offset = strip_octet_string(tvb); + + dissect_pkcs12_SafeContents(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU); } -#if 0 -static int decrypt_data(tvbuff_t *encrypted_data, - /* enc_params */ - gnu_tls_ciper_algorithm cipher, - int iter_count, - /* kdf_params */ - gnutls_datum_t *salt, size_t salt_size, - gnutls_datum_t *iv, size_t iv_size, - size_t key_size, - tvb_buff_t **decrypted_data) +static void dissect_X509Certificate_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { + int offset = 0; + asn1_ctx_t asn1_ctx; + asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); - - - - if(key_size == 0) - key_size = gnutls_cipher_get_key_size(cipher); - - + if((offset = strip_octet_string(tvb)) > 0) + dissect_x509af_Certificate(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_X509Certificate_PDU); + else + proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected"); } - -# endif /* 0 */ /*--- proto_register_pkcs12 ----------------------------------------------*/ void proto_register_pkcs12(void) { /* List of fields */ static hf_register_info hf[] = { - + { &hf_pkcs12_X509Certificate_PDU, + { "X509Certificate", "pkcs12.X509Certificate", + FT_NONE, BASE_NONE, NULL, 0, + "pkcs12.X509Certificate", HFILL }}, #include "packet-pkcs12-hfarr.c" }; /* List of subtrees */ static gint *ett[] = { + &ett_decrypted_pbe, #include "packet-pkcs12-ettarr.c" }; + module_t *pkcs12_module; /* Register protocol */ proto_pkcs12 = proto_register_protocol(PNAME, PSNAME, PFNAME); @@ -157,6 +467,19 @@ void proto_register_pkcs12(void) { proto_register_field_array(proto_pkcs12, hf, array_length(hf)); proto_register_subtree_array(ett, array_length(ett)); + /* Register preferences */ + pkcs12_module = prefs_register_protocol(proto_pkcs12, NULL); + + prefs_register_string_preference(pkcs12_module, "password", + "Password to decrypt the file with", + "The password to used to decrypt the encrypted elements within" + " the PKCS#12 file", &password); + + prefs_register_bool_preference(pkcs12_module, "try_null_password", + "Try to decrypt with a empty password", + "Whether to try and decrypt the encrypted data within the" + " PKCS#12 with a NULL password", &try_null_password); + register_ber_syntax_dissector("PKCS#12", proto_pkcs12, dissect_PFX_PDU); register_ber_oid_syntax(".p12", NULL, "PKCS#12"); register_ber_oid_syntax(".pfx", NULL, "PKCS#12"); @@ -167,5 +490,7 @@ void proto_register_pkcs12(void) { void proto_reg_handoff_pkcs12(void) { #include "packet-pkcs12-dis-tab.c" + register_ber_oid_dissector("1.2.840.113549.1.9.22.1", dissect_X509Certificate_OCTETSTRING_PDU, proto_pkcs12, "x509Certificate"); + } diff --git a/asn1/pkcs12/packet-pkcs12-template.h b/asn1/pkcs12/packet-pkcs12-template.h index ec83dd7bca..9f46059d12 100644 --- a/asn1/pkcs12/packet-pkcs12-template.h +++ b/asn1/pkcs12/packet-pkcs12-template.h @@ -26,5 +26,8 @@ #ifndef PACKET_PKCS12_H #define PACKET_PKCS12_H +void PBE_reset_parameters(void); +int PBE_decrypt_data(const char *object_identifier_id, tvbuff_t *encrypted_tvb, asn1_ctx_t *actx, proto_item *item); + #endif /* PACKET_PKCS12_H */ diff --git a/asn1/pkcs12/pkcs12.cnf b/asn1/pkcs12/pkcs12.cnf index 562c9027eb..39e95352ed 100644 --- a/asn1/pkcs12/pkcs12.cnf +++ b/asn1/pkcs12/pkcs12.cnf @@ -13,7 +13,6 @@ PKCS-5 x509af #.EXPORTS - #.REGISTER KeyBag B "1.2.840.113549.1.12.10.1.1" "keyBag" PKCS8ShroudedKeyBag B "1.2.840.113549.1.12.10.1.2" "pkcs8ShroudedKeyBag" @@ -55,6 +54,7 @@ PBKDF2Params/salt saltChoice #.PDU AuthenticatedSafe +PrivateKeyInfo #.FN_BODY PFX dissector_handle_t dissector_handle; @@ -96,8 +96,8 @@ AuthenticatedSafe append_oid(tree, object_identifier_id); #.END -#.FN_PARS SecretBag/secretId FN_VARIANT = _str VAL_PTR = &object_identifier_id -#.FN_FTR SecretBag/secretId +#.FN_PARS SecretBag/secretTypeId FN_VARIANT = _str VAL_PTR = &object_identifier_id +#.FN_FTR SecretBag/secretTypeId append_oid(tree, object_identifier_id); #.END @@ -125,7 +125,37 @@ AuthenticatedSafe #.FN_BODY SecretBag/secretValue if(object_identifier_id) offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree); + +#.FN_HDR PBEParameter + /* initialise the encryption parameters */ + PBE_reset_parameters(); + +#.END + +#.FN_PARS OCTET_STRING VAL_PTR = (hf_index == hf_pkcs12_salt ? &salt : NULL) +#.FN_PARS INTEGER VAL_PTR = (hf_index == hf_pkcs12_iterationCount ? &iteration_count : NULL) + +#.FN_PARS EncryptedData VAL_PTR = &encrypted_tvb + +#.FN_HDR EncryptedData + tvbuff_t *encrypted_tvb; + dissector_handle_t dissector_handle; + proto_item *item; +#.END + +#.FN_FTR EncryptedData + item = get_ber_last_created_item(); + + dissector_handle=create_dissector_handle(dissect_PrivateKeyInfo_PDU, proto_pkcs12); + dissector_change_string("ber.oid", (gchar*) object_identifier_id, dissector_handle); + + PBE_decrypt_data(object_identifier_id, encrypted_tvb, actx, item); + + /* restore the original dissector */ + dissector_reset_string("ber.oid", object_identifier_id); + #.END + |