FreeRDP
Loading...
Searching...
No Matches
certificate.c
1
25#include <freerdp/config.h>
26
27#include <errno.h>
28#include <stdio.h>
29#include <string.h>
30
31#include <winpr/assert.h>
32#include <winpr/wtypes.h>
33#include <winpr/crt.h>
34#include <winpr/file.h>
35#include <winpr/print.h>
36#include <winpr/crypto.h>
37
38#include <freerdp/crypto/certificate.h>
39
40#include <openssl/err.h>
41#include <openssl/pem.h>
42#include <openssl/rsa.h>
43#include <openssl/bn.h>
44
45#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
46#include <openssl/core_names.h>
47#include <openssl/param_build.h>
48#include <openssl/evp.h>
49#include <openssl/x509.h>
50#endif
51
52#include "certificate.h"
53#include "cert_common.h"
54#include "crypto.h"
55
56#include "x509_utils.h"
57#include "privatekey.h"
58#include "opensslcompat.h"
59
60#define TAG FREERDP_TAG("core")
61
62#ifdef WITH_DEBUG_CERTIFICATE
63#define CERTIFICATE_TAG FREERDP_TAG("core.certificate")
64#define DEBUG_CERTIFICATE(...) WLog_DBG(TAG, __VA_ARGS__)
65#else
66#define DEBUG_CERTIFICATE(...) \
67 do \
68 { \
69 } while (0)
70#endif
71
72#define TSSK_KEY_LENGTH 64
73
74struct rdp_CertBlob
75{
76 UINT32 length;
77 BYTE* data;
78};
79typedef struct rdp_CertBlob rdpCertBlob;
80
81struct rdp_X509CertChain
82{
83 UINT32 count;
84 rdpCertBlob* array;
85};
86typedef struct rdp_X509CertChain rdpX509CertChain;
87
88struct rdp_certificate
89{
90 X509* x509;
91 STACK_OF(X509) * chain;
92
93 rdpCertInfo cert_info;
94 rdpX509CertChain x509_cert_chain;
95};
96
185static const char rsa_magic[4] = "RSA1";
186
187static const char* certificate_read_errors[] = { "Certificate tag",
188 "TBSCertificate",
189 "Explicit Contextual Tag [0]",
190 "version",
191 "CertificateSerialNumber",
192 "AlgorithmIdentifier",
193 "Issuer Name",
194 "Validity",
195 "Subject Name",
196 "SubjectPublicKeyInfo Tag",
197 "subjectPublicKeyInfo::AlgorithmIdentifier",
198 "subjectPublicKeyInfo::subjectPublicKey",
199 "RSAPublicKey Tag",
200 "modulusLength",
201 "zero padding",
202 "modulusLength",
203 "modulus",
204 "publicExponent length",
205 "publicExponent" };
206
207static const BYTE initial_signature[] = {
208 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
209 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
210 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
211 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x01
212};
213
214#if defined(CERT_VALIDATE_RSA)
215static const BYTE tssk_exponent[] = { 0x5b, 0x7b, 0x88, 0xc0 };
216#endif
217
218static void certificate_free_int(rdpCertificate* certificate);
219static BOOL cert_clone_int(rdpCertificate* dst, const rdpCertificate* src);
220
221/* [MS-RDPBCGR] 5.3.3.2 X.509 Certificate Chains:
222 *
223 * More detail[MS-RDPELE] section 2.2.1.4.2.
224 */
225static BOOL cert_blob_copy(rdpCertBlob* dst, const rdpCertBlob* src);
226static void cert_blob_free(rdpCertBlob* blob);
227static BOOL cert_blob_write(const rdpCertBlob* blob, wStream* s);
228static BOOL cert_blob_read(rdpCertBlob* blob, wStream* s);
229
230BOOL cert_blob_read(rdpCertBlob* blob, wStream* s)
231{
232 UINT32 certLength = 0;
233 WINPR_ASSERT(blob);
234 cert_blob_free(blob);
235
236 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
237 goto fail;
238
239 Stream_Read_UINT32(s, certLength);
240
241 if (!Stream_CheckAndLogRequiredLength(TAG, s, certLength))
242 goto fail;
243
244 DEBUG_CERTIFICATE("X.509 Certificate length:%" PRIu32 "", certLength);
245 blob->data = (BYTE*)malloc(certLength);
246
247 if (!blob->data)
248 goto fail;
249
250 Stream_Read(s, blob->data, certLength);
251 blob->length = certLength;
252
253 return TRUE;
254
255fail:
256 cert_blob_free(blob);
257 return FALSE;
258}
259
260BOOL cert_blob_write(const rdpCertBlob* blob, wStream* s)
261{
262 WINPR_ASSERT(blob);
263
264 if (!Stream_EnsureRemainingCapacity(s, 4 + blob->length))
265 return FALSE;
266
267 Stream_Write_UINT32(s, blob->length);
268 Stream_Write(s, blob->data, blob->length);
269 return TRUE;
270}
271
272void cert_blob_free(rdpCertBlob* blob)
273{
274 if (!blob)
275 return;
276 free(blob->data);
277 blob->data = NULL;
278 blob->length = 0;
279}
280
285static BOOL is_rsa_key(const X509* x509)
286{
287 EVP_PKEY* evp = X509_get0_pubkey(x509);
288 if (!evp)
289 return FALSE;
290
291 return (EVP_PKEY_id(evp) == EVP_PKEY_RSA);
292}
293
294static BOOL certificate_read_x509_certificate(const rdpCertBlob* cert, rdpCertInfo* info)
295{
296 wStream sbuffer = { 0 };
297 wStream* s = NULL;
298 size_t length = 0;
299 BYTE padding = 0;
300 UINT32 version = 0;
301 size_t modulus_length = 0;
302 size_t exponent_length = 0;
303 int error = 0;
304
305 WINPR_ASSERT(cert);
306 WINPR_ASSERT(info);
307
308 cert_info_free(info);
309
310 s = Stream_StaticConstInit(&sbuffer, cert->data, cert->length);
311
312 if (!s)
313 return FALSE;
314
315 if (!ber_read_sequence_tag(s, &length)) /* Certificate (SEQUENCE) */
316 goto error;
317
318 error++;
319
320 if (!ber_read_sequence_tag(s, &length)) /* TBSCertificate (SEQUENCE) */
321 goto error;
322
323 error++;
324
325 if (!ber_read_contextual_tag(s, 0, &length, TRUE)) /* Explicit Contextual Tag [0] */
326 goto error;
327
328 error++;
329
330 if (!ber_read_integer(s, &version)) /* version (INTEGER) */
331 goto error;
332
333 error++;
334 version++;
335
336 /* serialNumber */
337 if (!ber_read_integer(s, NULL)) /* CertificateSerialNumber (INTEGER) */
338 goto error;
339
340 error++;
341
342 /* signature */
343 if (!ber_read_sequence_tag(s, &length) ||
344 !Stream_SafeSeek(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
345 goto error;
346
347 error++;
348
349 /* issuer */
350 if (!ber_read_sequence_tag(s, &length) || !Stream_SafeSeek(s, length)) /* Name (SEQUENCE) */
351 goto error;
352
353 error++;
354
355 /* validity */
356 if (!ber_read_sequence_tag(s, &length) || !Stream_SafeSeek(s, length)) /* Validity (SEQUENCE) */
357 goto error;
358
359 error++;
360
361 /* subject */
362 if (!ber_read_sequence_tag(s, &length) || !Stream_SafeSeek(s, length)) /* Name (SEQUENCE) */
363 goto error;
364
365 error++;
366
367 /* subjectPublicKeyInfo */
368 if (!ber_read_sequence_tag(s, &length)) /* SubjectPublicKeyInfo (SEQUENCE) */
369 goto error;
370
371 error++;
372
373 /* subjectPublicKeyInfo::AlgorithmIdentifier */
374 if (!ber_read_sequence_tag(s, &length) ||
375 !Stream_SafeSeek(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
376 goto error;
377
378 error++;
379
380 /* subjectPublicKeyInfo::subjectPublicKey */
381 if (!ber_read_bit_string(s, &length, &padding)) /* BIT_STRING */
382 goto error;
383
384 error++;
385
386 /* RSAPublicKey (SEQUENCE) */
387 if (!ber_read_sequence_tag(s, &length)) /* SEQUENCE */
388 goto error;
389
390 error++;
391
392 if (!ber_read_integer_length(s, &modulus_length)) /* modulus (INTEGER) */
393 goto error;
394
395 error++;
396
397 /* skip zero padding, if any */
398 do
399 {
400 if (!Stream_CheckAndLogRequiredLength(TAG, s, 1))
401 goto error;
402
403 Stream_Peek_UINT8(s, padding);
404
405 if (padding == 0)
406 {
407 if (!Stream_SafeSeek(s, 1))
408 goto error;
409
410 modulus_length--;
411 }
412 } while (padding == 0);
413
414 error++;
415
416 if (!cert_info_read_modulus(info, modulus_length, s))
417 goto error;
418
419 error++;
420
421 if (!ber_read_integer_length(s, &exponent_length)) /* publicExponent (INTEGER) */
422 goto error;
423
424 error++;
425
426 if (!cert_info_read_exponent(info, exponent_length, s))
427 goto error;
428 return TRUE;
429error:
430 WLog_ERR(TAG, "error reading when reading certificate: part=%s error=%d",
431 certificate_read_errors[error], error);
432 cert_info_free(info);
433 return FALSE;
434}
435
442static rdpX509CertChain certificate_new_x509_certificate_chain(UINT32 count)
443{
444 rdpX509CertChain x509_cert_chain = { 0 };
445
446 x509_cert_chain.array = (rdpCertBlob*)calloc(count, sizeof(rdpCertBlob));
447
448 if (x509_cert_chain.array)
449 x509_cert_chain.count = count;
450
451 return x509_cert_chain;
452}
453
459static void certificate_free_x509_certificate_chain(rdpX509CertChain* x509_cert_chain)
460{
461 if (!x509_cert_chain)
462 return;
463
464 if (x509_cert_chain->array)
465 {
466 for (UINT32 i = 0; i < x509_cert_chain->count; i++)
467 {
468 rdpCertBlob* element = &x509_cert_chain->array[i];
469 cert_blob_free(element);
470 }
471 }
472
473 free(x509_cert_chain->array);
474 x509_cert_chain->array = NULL;
475 x509_cert_chain->count = 0;
476}
477
478#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
479static OSSL_PARAM* get_params(const BIGNUM* e, const BIGNUM* mod)
480{
481 WINPR_ASSERT(e);
482 WINPR_ASSERT(mod);
483
484 OSSL_PARAM* parameters = NULL;
485 OSSL_PARAM_BLD* param = OSSL_PARAM_BLD_new();
486 if (!param)
487 {
488 WLog_ERR(TAG, "OSSL_PARAM_BLD_new() failed");
489 return NULL;
490 }
491
492 const int bits = BN_num_bits(e);
493 if ((bits < 0) || (bits > 32))
494 {
495 WLog_ERR(TAG, "BN_num_bits(e) out of range: 0 <= %d <= 32", bits);
496 goto fail;
497 }
498
499 UINT ie = 0;
500 const int ne = BN_bn2nativepad(e, (BYTE*)&ie, sizeof(ie));
501 if ((ne < 0) || (ne > 4))
502 {
503 WLog_ERR(TAG, "BN_bn2nativepad(e, (BYTE*)&ie, sizeof(ie)) out of range: 0<= %d <= 4", ne);
504 goto fail;
505 }
506 if (OSSL_PARAM_BLD_push_BN(param, OSSL_PKEY_PARAM_RSA_N, mod) != 1)
507 {
508 WLog_ERR(TAG, "OSSL_PARAM_BLD_push_BN(param, OSSL_PKEY_PARAM_RSA_N, mod) failed");
509 goto fail;
510 }
511 if (OSSL_PARAM_BLD_push_uint(param, OSSL_PKEY_PARAM_RSA_E, ie) != 1)
512 {
513 WLog_ERR(TAG, "OSSL_PARAM_BLD_push_uint(param, OSSL_PKEY_PARAM_RSA_E, ie) failed");
514 goto fail;
515 }
516
517 parameters = OSSL_PARAM_BLD_to_param(param);
518 if (!parameters)
519 WLog_ERR(TAG, "OSSL_PARAM_BLD_to_param(param) failed");
520fail:
521 OSSL_PARAM_BLD_free(param);
522
523 return parameters;
524}
525#endif
526
527static BOOL update_x509_from_info(rdpCertificate* cert)
528{
529 BOOL rc = FALSE;
530
531 WINPR_ASSERT(cert);
532
533 X509_free(cert->x509);
534 cert->x509 = NULL;
535
536 rdpCertInfo* info = &cert->cert_info;
537
538 BIGNUM* e = BN_new();
539 BIGNUM* mod = BN_new();
540#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
541 RSA* rsa = RSA_new();
542 if (!rsa)
543 {
544 WLog_ERR(TAG, "RSA_new() failed");
545 goto fail;
546 }
547#endif
548
549 if (!mod || !e)
550 {
551 WLog_ERR(TAG, "failure: mod=%p, e=%p", mod, e);
552 goto fail;
553 }
554
555 WINPR_ASSERT(info->ModulusLength <= INT_MAX);
556 if (!BN_bin2bn(info->Modulus, (int)info->ModulusLength, mod))
557 {
558 WLog_ERR(TAG, "BN_bin2bn(info->Modulus, (int)info->ModulusLength, mod) failed");
559 goto fail;
560 }
561
562 if (!BN_bin2bn(info->exponent, (int)sizeof(info->exponent), e))
563 {
564 WLog_ERR(TAG, "BN_bin2bn(info->exponent, (int)sizeof(info->exponent), e) failed");
565 goto fail;
566 }
567
568#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
569 const int rec = RSA_set0_key(rsa, mod, e, NULL);
570 if (rec != 1)
571 {
572 WLog_ERR(TAG, "RSA_set0_key(rsa, mod, e, NULL) failed");
573 goto fail;
574 }
575
576 cert->x509 = x509_from_rsa(rsa);
577#else
578 EVP_PKEY* pkey = NULL;
579 EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
580 if (!ctx)
581 {
582 WLog_ERR(TAG, "EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL) failed");
583 goto fail2;
584 }
585 const int xx = EVP_PKEY_fromdata_init(ctx);
586 if (xx != 1)
587 {
588 WLog_ERR(TAG, "EVP_PKEY_fromdata_init(ctx) failed");
589 goto fail2;
590 }
591
592 OSSL_PARAM* parameters = get_params(e, mod);
593 if (!parameters)
594 goto fail2;
595
596 const int rc2 = EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_PUBLIC_KEY, parameters);
597 OSSL_PARAM_free(parameters);
598 if (rc2 <= 0)
599 {
600 WLog_ERR(TAG, "EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_PUBLIC_KEY, parameters) failed");
601 goto fail2;
602 }
603
604 cert->x509 = X509_new();
605 if (!cert->x509)
606 {
607 WLog_ERR(TAG, "X509_new() failed");
608 goto fail2;
609 }
610
611 if (X509_set_pubkey(cert->x509, pkey) != 1)
612 {
613 WLog_ERR(TAG, "X509_set_pubkey(cert->x509, pkey) failed");
614 X509_free(cert->x509);
615 cert->x509 = NULL;
616 }
617fail2:
618 EVP_PKEY_free(pkey);
619 EVP_PKEY_CTX_free(ctx);
620#endif
621 if (!cert->x509)
622 goto fail;
623
624 rc = TRUE;
625
626fail:
627 if (!rc)
628 WLog_ERR(TAG, "failed to update x509 from rdpCertInfo");
629
630#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
631 if (rsa)
632 RSA_free(rsa);
633 else
634#endif
635 {
636 BN_free(mod);
637 BN_free(e);
638 }
639 return rc;
640}
641
642static BOOL certificate_process_server_public_key(rdpCertificate* cert, wStream* s,
643 WINPR_ATTR_UNUSED UINT32 length)
644{
645 char magic[sizeof(rsa_magic)] = { 0 };
646 UINT32 keylen = 0;
647 UINT32 bitlen = 0;
648 UINT32 datalen = 0;
649
650 WINPR_ASSERT(cert);
651 WINPR_ASSERT(s);
652
653 if (!Stream_CheckAndLogRequiredLength(TAG, s, 20))
654 return FALSE;
655
656 Stream_Read(s, magic, sizeof(magic));
657
658 if (memcmp(magic, rsa_magic, sizeof(magic)) != 0)
659 {
660 WLog_ERR(TAG, "invalid RSA magic bytes");
661 return FALSE;
662 }
663
664 rdpCertInfo* info = &cert->cert_info;
665 cert_info_free(info);
666
667 Stream_Read_UINT32(s, keylen);
668 Stream_Read_UINT32(s, bitlen);
669 Stream_Read_UINT32(s, datalen);
670 Stream_Read(s, info->exponent, 4);
671
672 if (keylen <= 8)
673 {
674 WLog_ERR(TAG, "Invalid RSA keylen=%" PRIu32 " <= 8", keylen);
675 return FALSE;
676 }
677 if (!Stream_CheckAndLogRequiredLength(TAG, s, keylen))
678 return FALSE;
679 if (keylen != (bitlen / 8ull) + 8ull)
680 {
681 WLog_ERR(TAG, "Invalid RSA key bitlen %" PRIu32 ", expected %" PRIu32, bitlen,
682 (keylen - 8) * 8);
683 return FALSE;
684 }
685 if (datalen != (bitlen / 8ull) - 1ull)
686 {
687 WLog_ERR(TAG, "Invalid RSA key datalen %" PRIu32 ", expected %" PRIu32, datalen,
688 (bitlen / 8ull) - 1ull);
689 return FALSE;
690 }
691 info->ModulusLength = keylen - 8;
692 BYTE* tmp = realloc(info->Modulus, info->ModulusLength);
693
694 if (!tmp)
695 {
696 WLog_ERR(TAG, "Failed to reallocate modulus of length %" PRIu32, info->ModulusLength);
697 return FALSE;
698 }
699 info->Modulus = tmp;
700
701 Stream_Read(s, info->Modulus, info->ModulusLength);
702 Stream_Seek(s, 8); /* 8 bytes of zero padding */
703 return update_x509_from_info(cert);
704}
705
706static BOOL certificate_process_server_public_signature(rdpCertificate* certificate,
707 const BYTE* sigdata, size_t sigdatalen,
708 wStream* s, UINT32 siglen)
709{
710 WINPR_ASSERT(certificate);
711#if defined(CERT_VALIDATE_RSA)
712 BYTE sig[TSSK_KEY_LENGTH];
713#endif
714 BYTE encsig[TSSK_KEY_LENGTH + 8];
715#if defined(CERT_VALIDATE_MD5) && defined(CERT_VALIDATE_RSA)
716 BYTE md5hash[WINPR_MD5_DIGEST_LENGTH];
717#endif
718#if !defined(CERT_VALIDATE_MD5) || !defined(CERT_VALIDATE_RSA)
719 (void)sigdata;
720 (void)sigdatalen;
721#endif
722 (void)certificate;
723 /* Do not bother with validation of server proprietary certificate. The use of MD5 here is not
724 * allowed under FIPS. Since the validation is not protecting against anything since the
725 * private/public keys are well known and documented in MS-RDPBCGR section 5.3.3.1, we are not
726 * gaining any security by using MD5 for signature comparison. Rather then use MD5
727 * here we just don't do the validation to avoid its use. Historically, freerdp has been ignoring
728 * a failed validation anyways. */
729#if defined(CERT_VALIDATE_MD5)
730
731 if (!winpr_Digest(WINPR_MD_MD5, sigdata, sigdatalen, md5hash, sizeof(md5hash)))
732 return FALSE;
733
734#endif
735 Stream_Read(s, encsig, siglen);
736
737 if (siglen < 8)
738 return FALSE;
739
740 /* Last 8 bytes shall be all zero. */
741#if defined(CERT_VALIDATE_PADDING)
742 {
743 size_t sum = 0;
744 for (size_t i = sizeof(encsig) - 8; i < sizeof(encsig); i++)
745 sum += encsig[i];
746
747 if (sum != 0)
748 {
749 WLog_ERR(TAG, "invalid signature");
750 return FALSE;
751 }
752 }
753#endif
754#if defined(CERT_VALIDATE_RSA)
755
756 if (crypto_rsa_public_decrypt(encsig, siglen - 8, TSSK_KEY_LENGTH, tssk_modulus, tssk_exponent,
757 sig) <= 0)
758 {
759 WLog_ERR(TAG, "invalid RSA decrypt");
760 return FALSE;
761 }
762
763 /* Verify signature. */
764 /* Do not bother with validation of server proprietary certificate as described above. */
765#if defined(CERT_VALIDATE_MD5)
766
767 if (memcmp(md5hash, sig, sizeof(md5hash)) != 0)
768 {
769 WLog_ERR(TAG, "invalid signature");
770 return FALSE;
771 }
772
773#endif
774 /*
775 * Verify rest of decrypted data:
776 * The 17th byte is 0x00.
777 * The 18th through 62nd bytes are each 0xFF.
778 * The 63rd byte is 0x01.
779 */
780 {
781 size_t sum = 0;
782 for (size_t i = 17; i < 62; i++)
783 sum += sig[i];
784
785 if (sig[16] != 0x00 || sum != 0xFF * (62 - 17) || sig[62] != 0x01)
786 {
787 WLog_ERR(TAG, "invalid signature");
788 return FALSE;
789 }
790 }
791#endif
792 return TRUE;
793}
794
795static BOOL certificate_read_server_proprietary_certificate(rdpCertificate* certificate, wStream* s)
796{
797 UINT32 dwSigAlgId = 0;
798 UINT32 dwKeyAlgId = 0;
799 UINT16 wPublicKeyBlobType = 0;
800 UINT16 wPublicKeyBlobLen = 0;
801 UINT16 wSignatureBlobType = 0;
802 UINT16 wSignatureBlobLen = 0;
803 size_t sigdatalen = 0;
804
805 WINPR_ASSERT(certificate);
806 if (!Stream_CheckAndLogRequiredLength(TAG, s, 12))
807 return FALSE;
808
809 /* -4, because we need to include dwVersion */
810 const BYTE* sigdata = Stream_PointerAs(s, const BYTE) - 4;
811 Stream_Read_UINT32(s, dwSigAlgId);
812 Stream_Read_UINT32(s, dwKeyAlgId);
813
814 if (!((dwSigAlgId == SIGNATURE_ALG_RSA) && (dwKeyAlgId == KEY_EXCHANGE_ALG_RSA)))
815 {
816 WLog_ERR(TAG,
817 "unsupported signature or key algorithm, dwSigAlgId=%" PRIu32
818 " dwKeyAlgId=%" PRIu32 "",
819 dwSigAlgId, dwKeyAlgId);
820 return FALSE;
821 }
822
823 Stream_Read_UINT16(s, wPublicKeyBlobType);
824
825 if (wPublicKeyBlobType != BB_RSA_KEY_BLOB)
826 {
827 WLog_ERR(TAG, "unsupported public key blob type %" PRIu16 "", wPublicKeyBlobType);
828 return FALSE;
829 }
830
831 Stream_Read_UINT16(s, wPublicKeyBlobLen);
832
833 if (!Stream_CheckAndLogRequiredLength(TAG, s, wPublicKeyBlobLen))
834 return FALSE;
835
836 if (!certificate_process_server_public_key(certificate, s, wPublicKeyBlobLen))
837 return FALSE;
838
839 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
840 return FALSE;
841
842 sigdatalen = WINPR_ASSERTING_INT_CAST(size_t, Stream_PointerAs(s, const BYTE) - sigdata);
843 Stream_Read_UINT16(s, wSignatureBlobType);
844
845 if (wSignatureBlobType != BB_RSA_SIGNATURE_BLOB)
846 {
847 WLog_ERR(TAG, "unsupported blob signature %" PRIu16 "", wSignatureBlobType);
848 return FALSE;
849 }
850
851 Stream_Read_UINT16(s, wSignatureBlobLen);
852
853 if (!Stream_CheckAndLogRequiredLength(TAG, s, wSignatureBlobLen))
854 return FALSE;
855
856 if (wSignatureBlobLen != 72)
857 {
858 WLog_ERR(TAG, "invalid signature length (got %" PRIu16 ", expected 72)", wSignatureBlobLen);
859 return FALSE;
860 }
861
862 if (!certificate_process_server_public_signature(certificate, sigdata, sigdatalen, s,
863 wSignatureBlobLen))
864 {
865 WLog_ERR(TAG, "unable to parse server public signature");
866 return FALSE;
867 }
868 return TRUE;
869}
870
871/* [MS-RDPBCGR] 2.2.1.4.3.1.1.1 RSA Public Key (RSA_PUBLIC_KEY) */
872static BOOL cert_write_rsa_public_key(wStream* s, const rdpCertificate* cert)
873{
874 WINPR_ASSERT(cert);
875 WINPR_ASSERT(freerdp_certificate_is_rsa(cert));
876
877 const rdpCertInfo* info = &cert->cert_info;
878
879 const UINT32 keyLen = info->ModulusLength + 8;
880 const UINT32 bitLen = info->ModulusLength * 8;
881 const UINT32 dataLen = (bitLen / 8) - 1;
882 const size_t pubExpLen = sizeof(info->exponent);
883 const BYTE* pubExp = info->exponent;
884 const BYTE* modulus = info->Modulus;
885
886 const size_t wPublicKeyBlobLen = 16 + pubExpLen + keyLen;
887 WINPR_ASSERT(wPublicKeyBlobLen <= UINT16_MAX);
888 if (!Stream_EnsureRemainingCapacity(s, 2 + wPublicKeyBlobLen))
889 return FALSE;
890 Stream_Write_UINT16(s, (UINT16)wPublicKeyBlobLen);
891 Stream_Write(s, rsa_magic, sizeof(rsa_magic));
892 Stream_Write_UINT32(s, keyLen);
893 Stream_Write_UINT32(s, bitLen);
894 Stream_Write_UINT32(s, dataLen);
895 Stream_Write(s, pubExp, pubExpLen);
896 Stream_Write(s, modulus, info->ModulusLength);
897 Stream_Zero(s, 8);
898 return TRUE;
899}
900
901static BOOL cert_write_rsa_signature(wStream* s, const void* sigData, size_t sigDataLen)
902{
903 BYTE encryptedSignature[TSSK_KEY_LENGTH] = { 0 };
904 BYTE signature[sizeof(initial_signature)] = { 0 };
905
906 memcpy(signature, initial_signature, sizeof(initial_signature));
907 if (!winpr_Digest(WINPR_MD_MD5, sigData, sigDataLen, signature, sizeof(signature)))
908 return FALSE;
909
910 crypto_rsa_private_encrypt(signature, sizeof(signature), priv_key_tssk, encryptedSignature,
911 sizeof(encryptedSignature));
912
913 if (!Stream_EnsureRemainingCapacity(s, 2 * sizeof(UINT16) + sizeof(encryptedSignature) + 8))
914 return FALSE;
915 Stream_Write_UINT16(s, BB_RSA_SIGNATURE_BLOB);
916 Stream_Write_UINT16(s, sizeof(encryptedSignature) + 8); /* wSignatureBlobLen */
917 Stream_Write(s, encryptedSignature, sizeof(encryptedSignature));
918 Stream_Zero(s, 8);
919 return TRUE;
920}
921
922/* [MS-RDPBCGR] 2.2.1.4.3.1.1 Server Proprietary Certificate (PROPRIETARYSERVERCERTIFICATE) */
923static BOOL cert_write_server_certificate_v1(wStream* s, const rdpCertificate* certificate)
924{
925 const size_t start = Stream_GetPosition(s);
926 const BYTE* sigData = Stream_PointerAs(s, const BYTE) - sizeof(UINT32);
927
928 WINPR_ASSERT(start >= 4);
929 if (!Stream_EnsureRemainingCapacity(s, 10))
930 return FALSE;
931 Stream_Write_UINT32(s, SIGNATURE_ALG_RSA);
932 Stream_Write_UINT32(s, KEY_EXCHANGE_ALG_RSA);
933 Stream_Write_UINT16(s, BB_RSA_KEY_BLOB);
934 if (!cert_write_rsa_public_key(s, certificate))
935 return FALSE;
936
937 const size_t end = Stream_GetPosition(s);
938 return cert_write_rsa_signature(s, sigData, end - start + sizeof(UINT32));
939}
940
941static BOOL cert_write_server_certificate_v2(wStream* s, const rdpCertificate* certificate)
942{
943 WINPR_ASSERT(certificate);
944
945 const rdpX509CertChain* chain = &certificate->x509_cert_chain;
946 const size_t padding = 8ull + 4ull * chain->count;
947
948 if (!Stream_EnsureRemainingCapacity(s, sizeof(UINT32)))
949 return FALSE;
950
951 Stream_Write_UINT32(s, chain->count);
952 for (UINT32 x = 0; x < chain->count; x++)
953 {
954 const rdpCertBlob* cert = &chain->array[x];
955 if (!cert_blob_write(cert, s))
956 return FALSE;
957 }
958
959 if (!Stream_EnsureRemainingCapacity(s, padding))
960 return FALSE;
961 Stream_Zero(s, padding);
962 return TRUE;
963}
964
965SSIZE_T freerdp_certificate_write_server_cert(const rdpCertificate* certificate, UINT32 dwVersion,
966 wStream* s)
967{
968 if (!certificate)
969 return -1;
970
971 const size_t start = Stream_GetPosition(s);
972 if (!Stream_EnsureRemainingCapacity(s, 4))
973 return -1;
974 Stream_Write_UINT32(s, dwVersion);
975
976 switch (dwVersion & CERT_CHAIN_VERSION_MASK)
977 {
978 case CERT_CHAIN_VERSION_1:
979 if (!cert_write_server_certificate_v1(s, certificate))
980 return -1;
981 break;
982 case CERT_CHAIN_VERSION_2:
983 if (!cert_write_server_certificate_v2(s, certificate))
984 return -1;
985 break;
986 default:
987 WLog_ERR(TAG, "invalid certificate chain version:%" PRIu32 "",
988 dwVersion & CERT_CHAIN_VERSION_MASK);
989 return -1;
990 }
991
992 const size_t end = Stream_GetPosition(s);
993 if (start > end)
994 return -1;
995
996 const size_t diff = end - start;
997 WINPR_ASSERT(diff <= SSIZE_MAX);
998 return (SSIZE_T)diff;
999}
1000
1008static BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* cert, wStream* s)
1009{
1010 UINT32 numCertBlobs = 0;
1011 DEBUG_CERTIFICATE("Server X.509 Certificate Chain");
1012
1013 WINPR_ASSERT(cert);
1014 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
1015 return FALSE;
1016
1017 Stream_Read_UINT32(s, numCertBlobs); /* numCertBlobs */
1018 certificate_free_x509_certificate_chain(&cert->x509_cert_chain);
1019 cert->x509_cert_chain = certificate_new_x509_certificate_chain(numCertBlobs);
1020
1021 for (UINT32 i = 0; i < cert->x509_cert_chain.count; i++)
1022 {
1023 rdpCertBlob* blob = &cert->x509_cert_chain.array[i];
1024 if (!cert_blob_read(blob, s))
1025 return FALSE;
1026
1027 if (numCertBlobs - i == 1)
1028 {
1029 DEBUG_CERTIFICATE("Terminal Server Certificate");
1030
1031 BOOL res = certificate_read_x509_certificate(blob, &cert->cert_info);
1032
1033 if (res)
1034 {
1035 if (!update_x509_from_info(cert))
1036 res = FALSE;
1037 }
1038
1039 if (!res)
1040 {
1041 WLog_ERR(TAG, "Failed to read x509 certificate");
1042 return FALSE;
1043 }
1044
1045 DEBUG_CERTIFICATE("modulus length:%" PRIu32 "", cert->cert_info.ModulusLength);
1046 }
1047 }
1048
1049 return update_x509_from_info(cert);
1050}
1051
1059BOOL freerdp_certificate_read_server_cert(rdpCertificate* certificate, const BYTE* server_cert,
1060 size_t length)
1061{
1062 BOOL ret = FALSE;
1063 wStream* s = NULL;
1064 wStream sbuffer;
1065 UINT32 dwVersion = 0;
1066
1067 WINPR_ASSERT(certificate);
1068 if (length < 4) /* NULL certificate is not an error see #1795 */
1069 {
1070 WLog_DBG(TAG, "Received empty certificate, ignoring...");
1071 return TRUE;
1072 }
1073
1074 WINPR_ASSERT(server_cert);
1075 s = Stream_StaticConstInit(&sbuffer, server_cert, length);
1076
1077 if (!s)
1078 {
1079 WLog_ERR(TAG, "Stream_New failed!");
1080 return FALSE;
1081 }
1082
1083 Stream_Read_UINT32(s, dwVersion); /* dwVersion (4 bytes) */
1084
1085 switch (dwVersion & CERT_CHAIN_VERSION_MASK)
1086 {
1087 case CERT_CHAIN_VERSION_1:
1088 ret = certificate_read_server_proprietary_certificate(certificate, s);
1089 break;
1090
1091 case CERT_CHAIN_VERSION_2:
1092 ret = certificate_read_server_x509_certificate_chain(certificate, s);
1093 break;
1094
1095 default:
1096 WLog_ERR(TAG, "invalid certificate chain version:%" PRIu32 "",
1097 dwVersion & CERT_CHAIN_VERSION_MASK);
1098 ret = FALSE;
1099 break;
1100 }
1101
1102 return ret;
1103}
1104
1105static BOOL cert_blob_copy(rdpCertBlob* dst, const rdpCertBlob* src)
1106{
1107 WINPR_ASSERT(dst);
1108 WINPR_ASSERT(src);
1109
1110 cert_blob_free(dst);
1111 if (src->length > 0)
1112 {
1113 dst->data = malloc(src->length);
1114 if (!dst->data)
1115 return FALSE;
1116 dst->length = src->length;
1117 memcpy(dst->data, src->data, src->length);
1118 }
1119
1120 return TRUE;
1121}
1122
1123static BOOL cert_x509_chain_copy(rdpX509CertChain* cert, const rdpX509CertChain* src)
1124{
1125 WINPR_ASSERT(cert);
1126
1127 certificate_free_x509_certificate_chain(cert);
1128 if (!src)
1129 return TRUE;
1130
1131 if (src->count > 0)
1132 {
1133 cert->array = calloc(src->count, sizeof(rdpCertBlob));
1134 if (!cert->array)
1135 {
1136 return FALSE;
1137 }
1138 cert->count = src->count;
1139
1140 for (UINT32 x = 0; x < cert->count; x++)
1141 {
1142 const rdpCertBlob* srcblob = &src->array[x];
1143 rdpCertBlob* dstblob = &cert->array[x];
1144
1145 if (!cert_blob_copy(dstblob, srcblob))
1146 {
1147 certificate_free_x509_certificate_chain(cert);
1148 return FALSE;
1149 }
1150 }
1151 }
1152
1153 return TRUE;
1154}
1155
1156BOOL cert_clone_int(rdpCertificate* dst, const rdpCertificate* src)
1157{
1158 WINPR_ASSERT(dst);
1159 WINPR_ASSERT(src);
1160
1161 if (!cert_info_clone(&dst->cert_info, &src->cert_info))
1162 return FALSE;
1163
1164 if (src->x509)
1165 {
1166 dst->x509 = X509_dup(src->x509);
1167 if (!dst->x509)
1168 {
1169 /* Workaround for SSL deprecation issues:
1170 * some security modes use weak RSA ciphers where X509_dup fails.
1171 * In that case recreate the X509 from the raw RSA data
1172 */
1173 if (!update_x509_from_info(dst))
1174 {
1175 WLog_ERR(TAG, "X509_dup failed, SSL configuration bug?");
1176 return FALSE;
1177 }
1178 }
1179 }
1180
1181 return cert_x509_chain_copy(&dst->x509_cert_chain, &src->x509_cert_chain);
1182}
1183
1184rdpCertificate* freerdp_certificate_clone(const rdpCertificate* certificate)
1185{
1186 if (!certificate)
1187 return NULL;
1188
1189 rdpCertificate* _certificate = freerdp_certificate_new();
1190
1191 if (!_certificate)
1192 return NULL;
1193
1194 if (!cert_clone_int(_certificate, certificate))
1195 goto out_fail;
1196
1197 return _certificate;
1198out_fail:
1199
1200 freerdp_certificate_free(_certificate);
1201 return NULL;
1202}
1203
1209rdpCertificate* freerdp_certificate_new(void)
1210{
1211 return (rdpCertificate*)calloc(1, sizeof(rdpCertificate));
1212}
1213
1214void certificate_free_int(rdpCertificate* cert)
1215{
1216 WINPR_ASSERT(cert);
1217
1218 if (cert->x509)
1219 X509_free(cert->x509);
1220 if (cert->chain)
1221 sk_X509_pop_free(cert->chain, X509_free);
1222
1223 certificate_free_x509_certificate_chain(&cert->x509_cert_chain);
1224 cert_info_free(&cert->cert_info);
1225}
1226
1232void freerdp_certificate_free(rdpCertificate* cert)
1233{
1234 if (!cert)
1235 return;
1236
1237 certificate_free_int(cert);
1238 free(cert);
1239}
1240
1241static BOOL freerdp_rsa_from_x509(rdpCertificate* cert)
1242{
1243 BOOL rc = FALSE;
1244
1245 WINPR_ASSERT(cert);
1246
1247 if (!freerdp_certificate_is_rsa(cert))
1248 return TRUE;
1249
1250#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
1251 RSA* rsa = NULL;
1252 const BIGNUM* rsa_n = NULL;
1253 const BIGNUM* rsa_e = NULL;
1254#else
1255 BIGNUM* rsa_n = NULL;
1256 BIGNUM* rsa_e = NULL;
1257#endif
1258 EVP_PKEY* pubkey = X509_get0_pubkey(cert->x509);
1259 if (!pubkey)
1260 goto fail;
1261
1262#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
1263 rsa = EVP_PKEY_get1_RSA(pubkey);
1264
1265 /* If this is not a RSA key return success */
1266 rc = TRUE;
1267 if (!rsa)
1268 goto fail;
1269
1270 /* Now we return failure again if something is wrong. */
1271 rc = FALSE;
1272
1273 RSA_get0_key(rsa, &rsa_n, &rsa_e, NULL);
1274#else
1275 if (!EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_RSA_E, &rsa_e))
1276 goto fail;
1277 if (!EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_RSA_N, &rsa_n))
1278 goto fail;
1279#endif
1280 if (!rsa_n || !rsa_e)
1281 goto fail;
1282 if (!cert_info_create(&cert->cert_info, rsa_n, rsa_e))
1283 goto fail;
1284 rc = TRUE;
1285fail:
1286#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
1287 RSA_free(rsa);
1288#else
1289 BN_free(rsa_n);
1290 BN_free(rsa_e);
1291#endif
1292 return rc;
1293}
1294
1295rdpCertificate* freerdp_certificate_new_from_der(const BYTE* data, size_t length)
1296{
1297 rdpCertificate* cert = freerdp_certificate_new();
1298
1299 if (!cert || !data || (length == 0) || (length > INT_MAX))
1300 goto fail;
1301 const BYTE* ptr = data;
1302 cert->x509 = d2i_X509(NULL, &ptr, (int)length);
1303 if (!cert->x509)
1304 goto fail;
1305 if (!freerdp_rsa_from_x509(cert))
1306 goto fail;
1307 return cert;
1308fail:
1309 freerdp_certificate_free(cert);
1310 return NULL;
1311}
1312
1313rdpCertificate* freerdp_certificate_new_from_x509(const X509* xcert, const STACK_OF(X509) * chain)
1314{
1315 WINPR_ASSERT(xcert);
1316
1317 rdpCertificate* cert = freerdp_certificate_new();
1318 if (!cert)
1319 return NULL;
1320
1321 X509* wcert = WINPR_CAST_CONST_PTR_AWAY(xcert, X509*);
1322 cert->x509 = X509_dup(wcert);
1323 if (!cert->x509)
1324 goto fail;
1325
1326 if (!freerdp_rsa_from_x509(cert))
1327 goto fail;
1328
1329 if (chain)
1330 cert->chain = sk_X509_deep_copy(chain, X509_const_dup, X509_free);
1331
1332 return cert;
1333fail:
1334 freerdp_certificate_free(cert);
1335 return NULL;
1336}
1337
1338static rdpCertificate* freerdp_certificate_new_from(const char* file, BOOL isFile)
1339{
1340 X509* x509 = x509_utils_from_pem(file, strlen(file), isFile);
1341 if (!x509)
1342 return NULL;
1343 rdpCertificate* cert = freerdp_certificate_new_from_x509(x509, NULL);
1344 X509_free(x509);
1345 return cert;
1346}
1347
1348rdpCertificate* freerdp_certificate_new_from_file(const char* file)
1349{
1350 return freerdp_certificate_new_from(file, TRUE);
1351}
1352
1353rdpCertificate* freerdp_certificate_new_from_pem(const char* pem)
1354{
1355 return freerdp_certificate_new_from(pem, FALSE);
1356}
1357
1358const rdpCertInfo* freerdp_certificate_get_info(const rdpCertificate* cert)
1359{
1360 WINPR_ASSERT(cert);
1361 if (!freerdp_certificate_is_rsa(cert))
1362 return NULL;
1363 return &cert->cert_info;
1364}
1365
1366char* freerdp_certificate_get_fingerprint(const rdpCertificate* cert)
1367{
1368 return freerdp_certificate_get_fingerprint_by_hash(cert, "sha256");
1369}
1370
1371char* freerdp_certificate_get_fingerprint_by_hash(const rdpCertificate* cert, const char* hash)
1372{
1373 return freerdp_certificate_get_fingerprint_by_hash_ex(cert, hash, TRUE);
1374}
1375
1376char* freerdp_certificate_get_fingerprint_by_hash_ex(const rdpCertificate* cert, const char* hash,
1377 BOOL separator)
1378{
1379 size_t fp_len = 0;
1380 size_t pos = 0;
1381 size_t size = 0;
1382 BYTE* fp = NULL;
1383 char* fp_buffer = NULL;
1384 if (!cert || !cert->x509)
1385 {
1386 WLog_ERR(TAG, "Invalid certificate [%p, %p]", cert, cert ? cert->x509 : NULL);
1387 return NULL;
1388 }
1389 if (!hash)
1390 {
1391 WLog_ERR(TAG, "Invalid certificate hash %p", hash);
1392 return NULL;
1393 }
1394 fp = x509_utils_get_hash(cert->x509, hash, &fp_len);
1395 if (!fp)
1396 return NULL;
1397
1398 if (fp_len < 1)
1399 goto fail;
1400
1401 size = fp_len * 3 + 1;
1402 fp_buffer = calloc(size, sizeof(char));
1403 if (!fp_buffer)
1404 goto fail;
1405
1406 pos = 0;
1407
1408 size_t i = 0;
1409 for (; i < (fp_len - 1); i++)
1410 {
1411 int rc = 0;
1412 char* p = &fp_buffer[pos];
1413 if (separator)
1414 rc = sprintf_s(p, size - pos, "%02" PRIx8 ":", fp[i]);
1415 else
1416 rc = sprintf_s(p, size - pos, "%02" PRIx8, fp[i]);
1417 if (rc <= 0)
1418 goto fail;
1419 pos += (size_t)rc;
1420 }
1421
1422 (void)sprintf_s(&fp_buffer[pos], size - pos, "%02" PRIx8 "", fp[i]);
1423
1424 free(fp);
1425
1426 return fp_buffer;
1427fail:
1428 free(fp);
1429 free(fp_buffer);
1430 return NULL;
1431}
1432
1433static BOOL bio_read_pem(BIO* bio, char** ppem, size_t* plength)
1434{
1435 BOOL rc = FALSE;
1436
1437 WINPR_ASSERT(bio);
1438 WINPR_ASSERT(ppem);
1439
1440 const size_t blocksize = 2048;
1441 size_t offset = 0;
1442 size_t length = blocksize;
1443 char* pem = NULL;
1444
1445 *ppem = NULL;
1446 if (plength)
1447 *plength = 0;
1448
1449 while (offset < length)
1450 {
1451 char* tmp = realloc(pem, length + 1);
1452 if (!tmp)
1453 goto fail;
1454 pem = tmp;
1455
1456 ERR_clear_error();
1457
1458 const int status = BIO_read(bio, &pem[offset], (int)(length - offset));
1459 if (status < 0)
1460 {
1461 WLog_ERR(TAG, "failed to read certificate");
1462 goto fail;
1463 }
1464
1465 if (status == 0)
1466 break;
1467
1468 offset += (size_t)status;
1469 if (length - offset > 0)
1470 break;
1471 length += blocksize;
1472 }
1473
1474 if (pem)
1475 {
1476 if (offset >= length)
1477 goto fail;
1478 pem[offset] = '\0';
1479 }
1480 *ppem = pem;
1481 if (plength)
1482 *plength = offset;
1483 rc = TRUE;
1484fail:
1485 if (!rc)
1486 free(pem);
1487
1488 return rc;
1489}
1490
1491char* freerdp_certificate_get_pem(const rdpCertificate* cert, size_t* pLength)
1492{
1493 return freerdp_certificate_get_pem_ex(cert, pLength, TRUE);
1494}
1495
1496char* freerdp_certificate_get_pem_ex(const rdpCertificate* cert, size_t* pLength,
1497 BOOL withCertChain)
1498{
1499 WINPR_ASSERT(cert);
1500
1501 if (!cert->x509)
1502 return NULL;
1503
1508 BIO* bio = BIO_new(BIO_s_mem());
1509
1510 if (!bio)
1511 {
1512 WLog_ERR(TAG, "BIO_new() failure");
1513 return NULL;
1514 }
1515
1516 char* pem = NULL;
1517
1518 const int status = PEM_write_bio_X509(bio, cert->x509);
1519 if (status < 0)
1520 {
1521 WLog_ERR(TAG, "PEM_write_bio_X509 failure: %d", status);
1522 goto fail;
1523 }
1524
1525 if (cert->chain && withCertChain)
1526 {
1527 const int count = sk_X509_num(cert->chain);
1528 for (int x = 0; x < count; x++)
1529 {
1530 X509* c = sk_X509_value(cert->chain, x);
1531 const int rc = PEM_write_bio_X509(bio, c);
1532 if (rc < 0)
1533 {
1534 WLog_ERR(TAG, "PEM_write_bio_X509 failure: %d", rc);
1535 goto fail;
1536 }
1537 }
1538 }
1539
1540 (void)bio_read_pem(bio, &pem, pLength);
1541
1542fail:
1543 BIO_free_all(bio);
1544 return pem;
1545}
1546
1547char* freerdp_certificate_get_subject(const rdpCertificate* cert)
1548{
1549 WINPR_ASSERT(cert);
1550 return x509_utils_get_subject(cert->x509);
1551}
1552
1553char* freerdp_certificate_get_issuer(const rdpCertificate* cert)
1554{
1555 WINPR_ASSERT(cert);
1556 return x509_utils_get_issuer(cert->x509);
1557}
1558
1559char* freerdp_certificate_get_upn(const rdpCertificate* cert)
1560{
1561 WINPR_ASSERT(cert);
1562 return x509_utils_get_upn(cert->x509);
1563}
1564
1565char* freerdp_certificate_get_email(const rdpCertificate* cert)
1566{
1567 WINPR_ASSERT(cert);
1568 return x509_utils_get_email(cert->x509);
1569}
1570
1571char* freerdp_certificate_get_validity(const rdpCertificate* cert, BOOL startDate)
1572{
1573 WINPR_ASSERT(cert);
1574 return x509_utils_get_date(cert->x509, startDate);
1575}
1576
1577BOOL freerdp_certificate_check_eku(const rdpCertificate* cert, int nid)
1578{
1579 WINPR_ASSERT(cert);
1580 return x509_utils_check_eku(cert->x509, nid);
1581}
1582
1583BOOL freerdp_certificate_get_public_key(const rdpCertificate* cert, BYTE** PublicKey,
1584 DWORD* PublicKeyLength)
1585{
1586 BYTE* ptr = NULL;
1587 BYTE* optr = NULL;
1588 int length = 0;
1589 BOOL status = FALSE;
1590 EVP_PKEY* pkey = NULL;
1591
1592 WINPR_ASSERT(cert);
1593
1594 pkey = X509_get0_pubkey(cert->x509);
1595
1596 if (!pkey)
1597 {
1598 WLog_ERR(TAG, "X509_get_pubkey() failed");
1599 goto exit;
1600 }
1601
1602 length = i2d_PublicKey(pkey, NULL);
1603
1604 if (length < 1)
1605 {
1606 WLog_ERR(TAG, "i2d_PublicKey() failed");
1607 goto exit;
1608 }
1609
1610 *PublicKey = optr = ptr = (BYTE*)calloc(WINPR_ASSERTING_INT_CAST(size_t, length), sizeof(BYTE));
1611
1612 if (!ptr)
1613 goto exit;
1614
1615 const int length2 = i2d_PublicKey(pkey, &ptr);
1616 if (length != length2)
1617 goto exit;
1618 *PublicKeyLength = (DWORD)length2;
1619 status = TRUE;
1620exit:
1621
1622 if (!status)
1623 free(optr);
1624
1625 return status;
1626}
1627
1628BOOL freerdp_certificate_verify(const rdpCertificate* cert, const char* certificate_store_path)
1629{
1630 WINPR_ASSERT(cert);
1631 return x509_utils_verify(cert->x509, cert->chain, certificate_store_path);
1632}
1633
1634char** freerdp_certificate_get_dns_names(const rdpCertificate* cert, size_t* pcount,
1635 size_t** pplengths)
1636{
1637 WINPR_ASSERT(cert);
1638 return x509_utils_get_dns_names(cert->x509, pcount, pplengths);
1639}
1640
1641char* freerdp_certificate_get_common_name(const rdpCertificate* cert, size_t* plength)
1642{
1643 WINPR_ASSERT(cert);
1644 return x509_utils_get_common_name(cert->x509, plength);
1645}
1646
1647WINPR_MD_TYPE freerdp_certificate_get_signature_alg(const rdpCertificate* cert)
1648{
1649 WINPR_ASSERT(cert);
1650 return x509_utils_get_signature_alg(cert->x509);
1651}
1652
1653void freerdp_certificate_free_dns_names(size_t count, size_t* lengths, char** names)
1654{
1655 x509_utils_dns_names_free(count, lengths, names);
1656}
1657
1658char* freerdp_certificate_get_hash(const rdpCertificate* cert, const char* hash, size_t* plength)
1659{
1660 WINPR_ASSERT(cert);
1661 return (char*)x509_utils_get_hash(cert->x509, hash, plength);
1662}
1663
1664X509* freerdp_certificate_get_x509(rdpCertificate* cert)
1665{
1666 WINPR_ASSERT(cert);
1667 return cert->x509;
1668}
1669
1670BOOL freerdp_certificate_publickey_encrypt(const rdpCertificate* cert, const BYTE* input,
1671 size_t cbInput, BYTE** poutput, size_t* pcbOutput)
1672{
1673 WINPR_ASSERT(cert);
1674 WINPR_ASSERT(input);
1675 WINPR_ASSERT(poutput);
1676 WINPR_ASSERT(pcbOutput);
1677
1678 BOOL ret = FALSE;
1679 BYTE* output = NULL;
1680 EVP_PKEY* pkey = X509_get0_pubkey(cert->x509);
1681 if (!pkey)
1682 return FALSE;
1683
1684 EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(pkey, NULL);
1685 if (!ctx)
1686 return FALSE;
1687
1688 size_t outputSize = WINPR_ASSERTING_INT_CAST(size_t, EVP_PKEY_size(pkey));
1689 output = malloc(outputSize);
1690 if (output == NULL)
1691 goto out;
1692 *pcbOutput = outputSize;
1693
1694 if (EVP_PKEY_encrypt_init(ctx) != 1 ||
1695 EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) != 1 ||
1696 EVP_PKEY_encrypt(ctx, output, pcbOutput, input, cbInput) != 1)
1697 {
1698 WLog_ERR(TAG, "error when setting up public key");
1699 goto out;
1700 }
1701
1702 *poutput = output;
1703 output = NULL;
1704 ret = TRUE;
1705out:
1706 EVP_PKEY_CTX_free(ctx);
1707 free(output);
1708 return ret;
1709}
1710
1711#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
1712static RSA* freerdp_certificate_get_RSA(const rdpCertificate* cert)
1713{
1714 WINPR_ASSERT(cert);
1715
1716 if (!freerdp_certificate_is_rsa(cert))
1717 return NULL;
1718
1719 EVP_PKEY* pubkey = X509_get0_pubkey(cert->x509);
1720 if (!pubkey)
1721 return NULL;
1722
1723 return EVP_PKEY_get1_RSA(pubkey);
1724}
1725#endif
1726
1727BYTE* freerdp_certificate_get_der(const rdpCertificate* cert, size_t* pLength)
1728{
1729 WINPR_ASSERT(cert);
1730
1731 if (pLength)
1732 *pLength = 0;
1733
1734 const int rc = i2d_X509(cert->x509, NULL);
1735 if (rc <= 0)
1736 return NULL;
1737
1738 BYTE* ptr = calloc(WINPR_ASSERTING_INT_CAST(size_t, rc) + 1, sizeof(BYTE));
1739 if (!ptr)
1740 return NULL;
1741 BYTE* i2d_ptr = ptr;
1742
1743 const int rc2 = i2d_X509(cert->x509, &i2d_ptr);
1744 if (rc2 <= 0)
1745 {
1746 free(ptr);
1747 return NULL;
1748 }
1749
1750 if (pLength)
1751 *pLength = (size_t)rc2;
1752 return ptr;
1753}
1754
1755BOOL freerdp_certificate_is_rsa(const rdpCertificate* cert)
1756{
1757 WINPR_ASSERT(cert);
1758 return is_rsa_key(cert->x509);
1759}
1760
1761BOOL freerdp_certificate_is_rdp_security_compatible(const rdpCertificate* cert)
1762{
1763 const rdpCertInfo* info = freerdp_certificate_get_info(cert);
1764 if (!freerdp_certificate_is_rsa(cert) || !info || (info->ModulusLength != 2048 / 8))
1765 {
1766 WLog_INFO(TAG, "certificate is not RSA 2048, RDP security not supported.");
1767 return FALSE;
1768 }
1769 return TRUE;
1770}
1771
1772char* freerdp_certificate_get_param(const rdpCertificate* cert, enum FREERDP_CERT_PARAM what,
1773 size_t* psize)
1774{
1775 WINPR_ASSERT(cert);
1776 WINPR_ASSERT(psize);
1777
1778 *psize = 0;
1779
1780#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
1781 const BIGNUM* bn = NULL;
1782 RSA* rsa = freerdp_certificate_get_RSA(cert);
1783 switch (what)
1784 {
1785 case FREERDP_CERT_RSA_E:
1786 RSA_get0_key(rsa, NULL, &bn, NULL);
1787 break;
1788 case FREERDP_CERT_RSA_N:
1789 RSA_get0_key(rsa, &bn, NULL, NULL);
1790 break;
1791 default:
1792 RSA_free(rsa);
1793 return NULL;
1794 }
1795 RSA_free(rsa);
1796#else
1797 EVP_PKEY* pkey = X509_get0_pubkey(cert->x509);
1798 if (!pkey)
1799 return NULL;
1800
1801 BIGNUM* bn = NULL;
1802 switch (what)
1803 {
1804 case FREERDP_CERT_RSA_E:
1805 if (!EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &bn))
1806 return NULL;
1807 break;
1808 case FREERDP_CERT_RSA_N:
1809 if (!EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &bn))
1810 return NULL;
1811 break;
1812 default:
1813 return NULL;
1814 }
1815#endif
1816
1817 const size_t bnsize = WINPR_ASSERTING_INT_CAST(size_t, BN_num_bytes(bn));
1818 char* rc = calloc(bnsize + 1, sizeof(char));
1819 if (!rc)
1820 goto fail;
1821 BN_bn2bin(bn, (BYTE*)rc);
1822 *psize = bnsize;
1823
1824fail:
1825#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR < 3)
1826 BN_free(bn);
1827#endif
1828 return rc;
1829}