fix: simple signer correctly parse profile-EKUs
[gigi.git] / util-testing / org / cacert / gigi / util / SimpleSigner.java
1 package org.cacert.gigi.util;
2
3 import java.io.File;
4 import java.io.FileInputStream;
5 import java.io.FileNotFoundException;
6 import java.io.FileOutputStream;
7 import java.io.IOException;
8 import java.io.InputStream;
9 import java.io.InputStreamReader;
10 import java.io.PrintWriter;
11 import java.io.Reader;
12 import java.math.BigInteger;
13 import java.nio.file.Paths;
14 import java.security.GeneralSecurityException;
15 import java.security.KeyFactory;
16 import java.security.NoSuchAlgorithmException;
17 import java.security.PrivateKey;
18 import java.security.PublicKey;
19 import java.security.Signature;
20 import java.security.cert.CertificateFactory;
21 import java.security.cert.X509Certificate;
22 import java.security.spec.InvalidKeySpecException;
23 import java.security.spec.PKCS8EncodedKeySpec;
24 import java.sql.SQLException;
25 import java.sql.Timestamp;
26 import java.text.ParseException;
27 import java.text.SimpleDateFormat;
28 import java.util.Base64;
29 import java.util.Calendar;
30 import java.util.Date;
31 import java.util.GregorianCalendar;
32 import java.util.HashMap;
33 import java.util.LinkedList;
34 import java.util.List;
35 import java.util.Map;
36 import java.util.Map.Entry;
37 import java.util.Properties;
38 import java.util.TimeZone;
39
40 import javax.security.auth.x500.X500Principal;
41
42 import org.cacert.gigi.crypto.SPKAC;
43 import org.cacert.gigi.database.DatabaseConnection;
44 import org.cacert.gigi.database.DatabaseConnection.Link;
45 import org.cacert.gigi.database.GigiPreparedStatement;
46 import org.cacert.gigi.database.GigiResultSet;
47 import org.cacert.gigi.dbObjects.Certificate.CSRType;
48 import org.cacert.gigi.dbObjects.Certificate.SANType;
49 import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName;
50 import org.cacert.gigi.dbObjects.CertificateProfile;
51 import org.cacert.gigi.dbObjects.Digest;
52 import org.cacert.gigi.output.DateSelector;
53
54 import sun.security.pkcs10.PKCS10;
55 import sun.security.util.DerOutputStream;
56 import sun.security.util.DerValue;
57 import sun.security.util.ObjectIdentifier;
58 import sun.security.x509.AVA;
59 import sun.security.x509.AlgorithmId;
60 import sun.security.x509.GeneralNameInterface;
61 import sun.security.x509.RDN;
62 import sun.security.x509.X500Name;
63
64 public class SimpleSigner {
65
66     private static GigiPreparedStatement warnMail;
67
68     private static GigiPreparedStatement updateMail;
69
70     private static GigiPreparedStatement readyCerts;
71
72     private static GigiPreparedStatement getSANSs;
73
74     private static GigiPreparedStatement revoke;
75
76     private static GigiPreparedStatement revokeCompleted;
77
78     private static GigiPreparedStatement finishJob;
79
80     private static GigiPreparedStatement locateCA;
81
82     private static volatile boolean running = true;
83
84     private static Thread runner;
85
86     private static SimpleDateFormat sdf = new SimpleDateFormat("yyMMddHHmmss'Z'");
87
88     static {
89         TimeZone.setDefault(TimeZone.getTimeZone("UTC"));
90         sdf.setTimeZone(TimeZone.getTimeZone("UTC"));
91     }
92
93     public static void main(String[] args) throws IOException, SQLException, InterruptedException {
94         Properties p = new Properties();
95         try (Reader reader = new InputStreamReader(new FileInputStream("config/gigi.properties"), "UTF-8")) {
96             p.load(reader);
97         }
98         DatabaseConnection.init(p);
99
100         runSigner();
101     }
102
103     public static void stopSigner() throws InterruptedException {
104         Thread capturedRunner;
105         synchronized (SimpleSigner.class) {
106             if (runner == null) {
107                 throw new IllegalStateException("already stopped");
108             }
109             capturedRunner = runner;
110             running = false;
111             SimpleSigner.class.notifyAll();
112         }
113         capturedRunner.join();
114     }
115
116     public synchronized static void runSigner() throws SQLException, IOException, InterruptedException {
117         if (runner != null) {
118             throw new IllegalStateException("already running");
119         }
120         running = true;
121
122         runner = new Thread() {
123
124             @Override
125             public void run() {
126                 try (Link l = DatabaseConnection.newLink(false)) {
127                     readyCerts = new GigiPreparedStatement("SELECT certs.id AS id, certs.csr_name, jobs.id AS jobid, csr_type, md, `executeFrom`, `executeTo`, profile FROM jobs " + //
128                             "INNER JOIN certs ON certs.id=jobs.`targetId` " + //
129                             "INNER JOIN profiles ON profiles.id=certs.profile " + //
130                             "WHERE jobs.state='open' " + //
131                             "AND task='sign'");
132
133                     getSANSs = new GigiPreparedStatement("SELECT contents, type FROM `subjectAlternativeNames` " + //
134                             "WHERE `certId`=?");
135
136                     updateMail = new GigiPreparedStatement("UPDATE certs SET crt_name=?," + " created=NOW(), serial=?, caid=? WHERE id=?");
137                     warnMail = new GigiPreparedStatement("UPDATE jobs SET warning=warning+1, state=IF(warning<3, 'open','error') WHERE id=?");
138
139                     revoke = new GigiPreparedStatement("SELECT certs.id, certs.csr_name,jobs.id FROM jobs INNER JOIN certs ON jobs.`targetId`=certs.id" + " WHERE jobs.state='open' AND task='revoke'");
140                     revokeCompleted = new GigiPreparedStatement("UPDATE certs SET revoked=NOW() WHERE id=?");
141
142                     finishJob = new GigiPreparedStatement("UPDATE jobs SET state='done' WHERE id=?");
143
144                     locateCA = new GigiPreparedStatement("SELECT id FROM cacerts WHERE keyname=?");
145
146                     work();
147                 } catch (InterruptedException e) {
148                     throw new Error(e);
149                 }
150             }
151
152         };
153         runner.start();
154     }
155
156     public static void ping() {
157         synchronized (SimpleSigner.class) {
158             SimpleSigner.class.notifyAll();
159             try {
160                 SimpleSigner.class.wait(2000);
161             } catch (InterruptedException e) {
162                 e.printStackTrace();
163             }
164         }
165     }
166
167     private synchronized static void work() {
168         try {
169             gencrl();
170         } catch (IOException e2) {
171             e2.printStackTrace();
172         } catch (InterruptedException e2) {
173             e2.printStackTrace();
174         }
175
176         while (running) {
177             try {
178                 signCertificates();
179                 revokeCertificates();
180
181                 SimpleSigner.class.notifyAll();
182                 SimpleSigner.class.wait(5000);
183             } catch (IOException e) {
184                 e.printStackTrace();
185             } catch (SQLException e) {
186                 e.printStackTrace();
187             } catch (InterruptedException e1) {
188             }
189         }
190         runner = null;
191     }
192
193     private static void revokeCertificates() throws SQLException, IOException, InterruptedException {
194         GigiResultSet rs = revoke.executeQuery();
195         boolean worked = false;
196         while (rs.next()) {
197             int id = rs.getInt(1);
198             worked = true;
199             System.out.println("Revoke faked: " + id);
200             revokeCompleted.setInt(1, id);
201             revokeCompleted.execute();
202             finishJob.setInt(1, rs.getInt(3));
203             finishJob.execute();
204         }
205         if (worked) {
206             gencrl();
207         }
208     }
209
210     private static void gencrl() throws IOException, InterruptedException {
211         if (true) {
212             return;
213         }
214         String[] call = new String[] {
215                 "openssl",
216                 "ca",//
217                 "-cert",
218                 "../unassured.crt",//
219                 "-keyfile",
220                 "../unassured.key",//
221                 "-gencrl",//
222                 "-crlhours",//
223                 "12",//
224                 "-out",
225                 "../unassured.crl",//
226                 "-config",
227                 "../selfsign.config"
228
229         };
230         Process p1 = Runtime.getRuntime().exec(call, null, new File("keys/unassured.ca"));
231         if (p1.waitFor() != 0) {
232             System.out.println("Error while generating crl.");
233         }
234     }
235
236     private static void signCertificates() throws SQLException {
237         GigiResultSet rs = readyCerts.executeQuery();
238
239         Calendar c = Calendar.getInstance();
240         c.setTimeZone(TimeZone.getTimeZone("UTC"));
241         while (rs.next()) {
242             String csrname = rs.getString("csr_name");
243             int id = rs.getInt("id");
244             System.out.println("sign: " + csrname);
245             try {
246                 String csrType = rs.getString("csr_type");
247                 CSRType ct = CSRType.valueOf(csrType);
248                 File crt = KeyStorage.locateCrt(id);
249
250                 Timestamp from = rs.getTimestamp("executeFrom");
251                 String length = rs.getString("executeTo");
252                 Date fromDate;
253                 Date toDate;
254                 if (from == null) {
255                     fromDate = new Date(System.currentTimeMillis());
256                 } else {
257                     fromDate = new Date(from.getTime());
258                 }
259                 if (length.endsWith("m") || length.endsWith("y")) {
260                     String num = length.substring(0, length.length() - 1);
261                     int inter = Integer.parseInt(num);
262                     c.setTime(fromDate);
263                     if (length.endsWith("m")) {
264                         c.add(Calendar.MONTH, inter);
265                     } else {
266                         c.add(Calendar.YEAR, inter);
267                     }
268                     toDate = c.getTime();
269                 } else {
270                     toDate = DateSelector.getDateFormat().parse(length);
271                 }
272
273                 getSANSs.setInt(1, id);
274                 GigiResultSet san = getSANSs.executeQuery();
275
276                 LinkedList<SubjectAlternateName> altnames = new LinkedList<>();
277                 while (san.next()) {
278                     altnames.add(new SubjectAlternateName(SANType.valueOf(san.getString("type").toUpperCase()), san.getString("contents")));
279                 }
280                 // TODO look them up!
281                 // cfg.println("keyUsage=critical," +
282                 // "digitalSignature, keyEncipherment, keyAgreement");
283                 // cfg.println("extendedKeyUsage=critical," + "clientAuth");
284                 // cfg.close();
285
286                 int profile = rs.getInt("profile");
287                 CertificateProfile cp = CertificateProfile.getById(profile);
288                 String s = cp.getId() + "";
289                 while (s.length() < 4) {
290                     s = "0" + s;
291                 }
292                 s += "-" + cp.getKeyName() + ".cfg";
293                 Properties caP = new Properties();
294                 try (FileInputStream inStream = new FileInputStream("signer/profiles/" + s)) {
295                     caP.load(inStream);
296                 }
297
298                 HashMap<String, String> subj = new HashMap<>();
299                 try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT name, value FROM `certAvas` WHERE `certId`=?")) {
300                     ps.setInt(1, rs.getInt("id"));
301                     GigiResultSet rs2 = ps.executeQuery();
302                     while (rs2.next()) {
303                         String name = rs2.getString("name");
304                         if (name.equals("EMAIL")) {
305                             name = "emailAddress";
306                         }
307                         subj.put(name, rs2.getString("value"));
308                     }
309                 }
310                 if (subj.size() == 0) {
311                     subj.put("CN", "<empty>");
312                     System.out.println("WARNING: DN was empty");
313                 }
314                 System.out.println(subj);
315
316                 PublicKey pk;
317                 byte[] data = IOUtils.readURL(new FileInputStream(csrname));
318                 if (ct == CSRType.SPKAC) {
319                     String dt = new String(data, "UTF-8");
320                     if (dt.startsWith("SPKAC=")) {
321                         dt = dt.substring(6);
322                         data = dt.getBytes("UTF-8");
323                         System.out.println(dt);
324                     }
325                     SPKAC sp = new SPKAC(Base64.getDecoder().decode(data));
326                     pk = sp.getPubkey();
327                 } else {
328                     PKCS10 p10 = new PKCS10(PEM.decode("(NEW )?CERTIFICATE REQUEST", new String(data, "UTF-8")));
329                     pk = p10.getSubjectPublicKeyInfo();
330                 }
331                 Calendar cal = GregorianCalendar.getInstance();
332                 String ca = caP.getProperty("ca") + "_" + cal.get(Calendar.YEAR) + (cal.get(Calendar.MONTH) >= 6 ? "_2" : "_1");
333                 File parent = new File("signer/ca");
334                 File[] caFiles = parent.listFiles();
335                 if (null == caFiles) {
336                     caFiles = new File[0];
337                 }
338                 if ( !new File(parent, ca).exists()) {
339                     System.out.println("CA " + ca + " not found. Searching for anything other remotely fitting.");
340                     for (File f : caFiles) {
341                         if (f.getName().startsWith(caP.getProperty("ca"))) {
342                             ca = f.getName();
343                             break;
344                         }
345                     }
346                 }
347                 File caKey = new File(parent, ca + "/ca.key");
348                 PrivateKey i = loadOpensslKey(caKey);
349
350                 X509Certificate root = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new FileInputStream("signer/ca/" + ca + "/ca.crt"));
351                 byte[] cert = generateCert(pk, i, subj, root.getSubjectX500Principal(), altnames, fromDate, toDate, Digest.valueOf(rs.getString("md").toUpperCase()), caP.getProperty("eku"));
352                 PrintWriter out = new PrintWriter(crt);
353                 out.println("-----BEGIN CERTIFICATE-----");
354                 out.println(Base64.getMimeEncoder().encodeToString(cert));
355                 out.println("-----END CERTIFICATE-----");
356                 out.close();
357
358                 try (InputStream is = new FileInputStream(crt)) {
359                     locateCA.setString(1, ca);
360                     GigiResultSet caRs = locateCA.executeQuery();
361                     if ( !caRs.next()) {
362                         throw new Error("ca " + ca + " was not found");
363                     }
364
365                     CertificateFactory cf = CertificateFactory.getInstance("X.509");
366                     X509Certificate crtp = (X509Certificate) cf.generateCertificate(is);
367                     BigInteger serial = crtp.getSerialNumber();
368                     updateMail.setString(1, crt.getPath());
369                     updateMail.setString(2, serial.toString(16));
370                     updateMail.setInt(3, caRs.getInt("id"));
371                     updateMail.setInt(4, id);
372                     updateMail.execute();
373
374                     finishJob.setInt(1, rs.getInt("jobid"));
375                     finishJob.execute();
376                     System.out.println("signed: " + id);
377                     continue;
378                 }
379
380             } catch (GeneralSecurityException e) {
381                 e.printStackTrace();
382             } catch (IOException e) {
383                 e.printStackTrace();
384             } catch (ParseException e) {
385                 e.printStackTrace();
386             }
387             System.out.println("Error with: " + id);
388             warnMail.setInt(1, rs.getInt("jobid"));
389             warnMail.execute();
390
391         }
392         rs.close();
393     }
394
395     private static PrivateKey loadOpensslKey(File f) throws FileNotFoundException, IOException, InvalidKeySpecException, NoSuchAlgorithmException {
396         byte[] p8b = PEM.decode("RSA PRIVATE KEY", new String(IOUtils.readURL(new FileInputStream(f))));
397         DerOutputStream dos = new DerOutputStream();
398         dos.putInteger(0);
399         new AlgorithmId(new ObjectIdentifier(new int[] {
400                 1, 2, 840, 113549, 1, 1, 1
401         })).encode(dos);
402         dos.putOctetString(p8b);
403         byte[] ctx = dos.toByteArray();
404         dos.reset();
405         dos.write(DerValue.tag_Sequence, ctx);
406         PKCS8EncodedKeySpec p8 = new PKCS8EncodedKeySpec(dos.toByteArray());
407         PrivateKey i = KeyFactory.getInstance("RSA").generatePrivate(p8);
408         return i;
409     }
410
411     public static synchronized byte[] generateCert(PublicKey pk, PrivateKey prk, Map<String, String> subj, X500Principal issuer, List<SubjectAlternateName> altnames, Date fromDate, Date toDate, Digest digest, String eku) throws IOException, GeneralSecurityException {
412         File f = Paths.get("signer", "serial").toFile();
413         if ( !f.exists()) {
414             try (FileOutputStream fos = new FileOutputStream(f)) {
415                 fos.write("1".getBytes("UTF-8"));
416             }
417         }
418         try (FileInputStream fr = new FileInputStream(f)) {
419             byte[] serial = IOUtils.readURL(fr);
420             BigInteger ser = new BigInteger(new String(serial).trim());
421             ser = ser.add(BigInteger.ONE);
422
423             PrintWriter pw = new PrintWriter(f);
424             pw.println(ser);
425             pw.close();
426             if (digest != Digest.SHA256 && digest != Digest.SHA512) {
427                 System.err.println("assuming sha256 either way ;-): " + digest);
428                 digest = Digest.SHA256;
429             }
430             ObjectIdentifier sha512withrsa = new ObjectIdentifier(new int[] {
431                     1, 2, 840, 113549, 1, 1, digest == Digest.SHA256 ? 11 : 13
432             });
433             AlgorithmId aid = new AlgorithmId(sha512withrsa);
434             Signature s = Signature.getInstance(digest == Digest.SHA256 ? "SHA256withRSA" : "SHA512withRSA");
435
436             DerOutputStream cert = new DerOutputStream();
437             DerOutputStream content = new DerOutputStream();
438             {
439                 DerOutputStream version = new DerOutputStream();
440                 version.putInteger(2); // v3
441                 content.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), version);
442             }
443             content.putInteger(ser); // Serial
444             aid.encode(content);
445
446             {
447                 content.write(issuer.getEncoded());
448             }
449             {
450                 DerOutputStream notAround = new DerOutputStream();
451                 notAround.putUTCTime(fromDate);
452                 notAround.putUTCTime(toDate);
453                 content.write(DerValue.tag_Sequence, notAround);
454             }
455             {
456
457                 X500Name xn = genX500Name(subj);
458                 content.write(xn.getEncoded());
459             }
460             {
461                 content.write(pk.getEncoded());
462             }
463             {
464                 DerOutputStream extensions = new DerOutputStream();
465                 {
466                     addExtension(extensions, new ObjectIdentifier(new int[] {
467                             2, 5, 29, 17
468                     }), generateSAN(altnames));
469                     addExtension(extensions, new ObjectIdentifier(new int[] {
470                             2, 5, 29, 15
471                     }), generateKU());
472                     addExtension(extensions, new ObjectIdentifier(new int[] {
473                             2, 5, 29, 37
474                     }), generateEKU(eku));
475                 }
476                 DerOutputStream extensionsSeq = new DerOutputStream();
477                 extensionsSeq.write(DerValue.tag_Sequence, extensions);
478                 content.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 3), extensionsSeq);
479             }
480
481             DerOutputStream contentSeq = new DerOutputStream();
482
483             contentSeq.write(DerValue.tag_Sequence, content.toByteArray());
484
485             s.initSign(prk);
486             s.update(contentSeq.toByteArray());
487
488             aid.encode(contentSeq);
489             contentSeq.putBitString(s.sign());
490             cert.write(DerValue.tag_Sequence, contentSeq);
491
492             // X509Certificate c = (X509Certificate)
493             // CertificateFactory.getInstance("X509").generateCertificate(new
494             // ByteArrayInputStream(cert.toByteArray()));
495             // c.verify(pk); only for self-signeds
496
497             byte[] res = cert.toByteArray();
498             cert.close();
499             return res;
500         }
501
502     }
503
504     private static byte[] generateKU() throws IOException {
505         try (DerOutputStream dos = new DerOutputStream()) {
506             dos.putBitString(new byte[] {
507                     (byte) 0b10101000
508             });
509             return dos.toByteArray();
510         }
511     }
512
513     private static byte[] generateEKU(String eku) throws IOException {
514
515         try (DerOutputStream dos = new DerOutputStream()) {
516             for (String name : eku.split(",")) {
517                 name = name.trim();
518                 ObjectIdentifier oid;
519                 switch (name) {
520                 case "serverAuth":
521                     oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.1");
522                     break;
523                 case "clientAuth":
524                     oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.2");
525                     break;
526                 case "codeSigning":
527                     oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.3");
528                     break;
529                 case "emailProtection":
530                     oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.4");
531                     break;
532                 case "OCSPSigning":
533                     oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.9");
534                     break;
535
536                 default:
537                     throw new Error(name);
538                 }
539                 dos.putOID(oid);
540             }
541             byte[] data = dos.toByteArray();
542             dos.reset();
543             dos.write(DerValue.tag_Sequence, data);
544             return dos.toByteArray();
545         }
546     }
547
548     public static X500Name genX500Name(Map<String, String> subj) throws IOException {
549         LinkedList<RDN> rdns = new LinkedList<>();
550         for (Entry<String, String> i : subj.entrySet()) {
551             RDN rdn = genRDN(i);
552             rdns.add(rdn);
553         }
554         return new X500Name(rdns.toArray(new RDN[rdns.size()]));
555     }
556
557     private static RDN genRDN(Entry<String, String> i) throws IOException {
558         DerOutputStream dos = new DerOutputStream();
559         dos.putUTF8String(i.getValue());
560         int[] oid;
561         String key = i.getKey();
562         switch (key) {
563         case "CN":
564             oid = new int[] {
565                     2, 5, 4, 3
566             };
567             break;
568         case "EMAIL":
569         case "emailAddress":
570             oid = new int[] {
571                     1, 2, 840, 113549, 1, 9, 1
572             };
573             break;
574         case "O":
575             oid = new int[] {
576                     2, 5, 4, 10
577             };
578             break;
579         case "OU":
580             oid = new int[] {
581                     2, 5, 4, 11
582             };
583             break;
584         case "ST":
585             oid = new int[] {
586                     2, 5, 4, 8
587             };
588             break;
589         case "L":
590             oid = new int[] {
591                     2, 5, 4, 7
592             };
593             break;
594         case "C":
595             oid = new int[] {
596                     2, 5, 4, 6
597             };
598             break;
599         default:
600             dos.close();
601             throw new Error("unknown RDN-type: " + key);
602         }
603         RDN rdn = new RDN(new AVA(new ObjectIdentifier(oid), new DerValue(dos.toByteArray())));
604         dos.close();
605         return rdn;
606     }
607
608     private static void addExtension(DerOutputStream extensions, ObjectIdentifier oid, byte[] extContent) throws IOException {
609         DerOutputStream SANs = new DerOutputStream();
610         SANs.putOID(oid);
611         SANs.putOctetString(extContent);
612
613         extensions.write(DerValue.tag_Sequence, SANs);
614     }
615
616     private static byte[] generateSAN(List<SubjectAlternateName> altnames) throws IOException {
617         DerOutputStream SANContent = new DerOutputStream();
618         for (SubjectAlternateName san : altnames) {
619             byte type = 0;
620             if (san.getType() == SANType.DNS) {
621                 type = (byte) GeneralNameInterface.NAME_DNS;
622             } else if (san.getType() == SANType.EMAIL) {
623                 type = (byte) GeneralNameInterface.NAME_RFC822;
624             } else {
625                 SANContent.close();
626                 throw new Error("" + san.getType());
627             }
628             SANContent.write(DerValue.createTag(DerValue.TAG_CONTEXT, false, type), san.getName().getBytes("UTF-8"));
629         }
630         DerOutputStream SANSeqContent = new DerOutputStream();
631         SANSeqContent.write(DerValue.tag_Sequence, SANContent);
632         byte[] byteArray = SANSeqContent.toByteArray();
633         SANContent.close();
634         SANSeqContent.close();
635         return byteArray;
636     }
637 }