func (node *nodeImpl) loadEnrollmentCertificate() error { node.log.Debug("Loading enrollment certificate...") cert, der, err := node.ks.loadCertX509AndDer(node.conf.getEnrollmentCertFilename()) if err != nil { node.log.Error("Failed parsing enrollment certificate [%s].", err.Error()) return err } node.enrollCert = cert // TODO: move this to retrieve pk := node.enrollCert.PublicKey.(*ecdsa.PublicKey) err = utils.VerifySignCapability(node.enrollPrivKey, pk) if err != nil { node.log.Error("Failed checking enrollment certificate against enrollment key [%s].", err.Error()) return err } // Set node ID node.id = utils.Hash(der) node.log.Debug("Setting id to [%s].", utils.EncodeBase64(node.id)) // Set eCertHash node.enrollCertHash = utils.Hash(der) node.log.Debug("Setting enrollCertHash to [%s].", utils.EncodeBase64(node.enrollCertHash)) return nil }
func (node *nodeImpl) loadEnrollmentCertificate() error { node.log.Debug("Loading enrollment certificate at [%s]...", node.conf.getEnrollmentCertPath()) pemEnrollCert, err := ioutil.ReadFile(node.conf.getEnrollmentCertPath()) if err != nil { node.log.Error("Failed loading enrollment certificate [%s].", err.Error()) return err } enrollCert, rawEnrollCert, err := utils.PEMtoCertificateAndDER(pemEnrollCert) if err != nil { node.log.Error("Failed parsing enrollment certificate [%s].", err.Error()) return err } node.enrollCert = enrollCert pk := node.enrollCert.PublicKey.(*ecdsa.PublicKey) err = utils.VerifySignCapability(node.enrollPrivKey, pk) if err != nil { node.log.Error("Failed checking enrollment certificate against enrollment key [%s].", err.Error()) return err } // Set node ID node.id = utils.Hash(rawEnrollCert) node.log.Debug("Setting id to [%s].", utils.EncodeBase64(node.id)) return nil }
func (node *nodeImpl) getTLSCertificateFromTLSCA(id, affiliation string) (interface{}, []byte, error) { node.log.Info("getTLSCertificate...") priv, err := utils.NewECDSAKey() if err != nil { node.log.Error("Failed generating key: %s", err) return nil, nil, err } uuid, err := util.GenerateUUID() if err != nil { node.log.Error("Failed generating uuid: %s", err) return nil, nil, err } // Prepare the request pubraw, _ := x509.MarshalPKIXPublicKey(&priv.PublicKey) now := time.Now() timestamp := google_protobuf.Timestamp{int64(now.Second()), int32(now.Nanosecond())} req := &obcca.TLSCertCreateReq{ ×tamp, &obcca.Identity{Id: id + "-" + uuid}, &obcca.Password{Pw: ""}, &obcca.PublicKey{ Type: obcca.CryptoType_ECDSA, Key: pubraw, }, nil} rawreq, _ := proto.Marshal(req) r, s, err := ecdsa.Sign(rand.Reader, priv, utils.Hash(rawreq)) if err != nil { panic(err) } R, _ := r.MarshalText() S, _ := s.MarshalText() req.Sig = &obcca.Signature{obcca.CryptoType_ECDSA, R, S} pbCert, err := node.callTLSCACreateCertificate(context.Background(), req) if err != nil { node.log.Error("Failed requesting tls certificate: %s", err) return nil, nil, err } node.log.Info("Verifing tls certificate...") tlsCert, err := utils.DERToX509Certificate(pbCert.Cert) certPK := tlsCert.PublicKey.(*ecdsa.PublicKey) utils.VerifySignCapability(priv, certPK) node.log.Info("Verifing tls certificate...done!") return priv, pbCert.Cert, nil }
func (client *clientImpl) getTCertsFromTCA(num int) ([][]byte, error) { client.node.log.Debug("Get [%d] certificates from the TCA...", num) // Contact the TCA TCertOwnerKDFKey, certDERs, err := client.callTCACreateCertificateSet(num) if err != nil { client.node.log.Debug("Failed contacting TCA [%s].", err.Error()) return nil, err } // client.node.log.Debug("TCertOwnerKDFKey [%s].", utils.EncodeBase64(TCertOwnerKDFKey)) // Store TCertOwnerKDFKey and checks that every time it is always the same key if client.tCertOwnerKDFKey != nil { // Check that the keys are the same equal := bytes.Equal(client.tCertOwnerKDFKey, TCertOwnerKDFKey) if !equal { return nil, errors.New("Failed reciving kdf key from TCA. The keys are different.") } } else { client.tCertOwnerKDFKey = TCertOwnerKDFKey // TODO: handle this situation more carefully if err := client.storeTCertOwnerKDFKey(); err != nil { client.node.log.Error("Failed storing TCertOwnerKDFKey [%s].", err.Error()) return nil, err } } // Validate the Certificates obtained TCertOwnerEncryptKey := utils.HMACTruncated(TCertOwnerKDFKey, []byte{1}, utils.AESKeyLength) ExpansionKey := utils.HMAC(TCertOwnerKDFKey, []byte{2}) resCert := make([][]byte, num) j := 0 for i := 0; i < num; i++ { client.node.log.Debug("Validating certificate [%d], [%s]", i, utils.EncodeBase64(certDERs[i])) // DER to x509 x509Cert, err := utils.DERToX509Certificate(certDERs[i]) if err != nil { client.node.log.Debug("Failed parsing certificate: [%s].", err) continue } // Handle Critical Extenstion TCertEncTCertIndex tCertIndexCT, err := utils.GetCriticalExtension(x509Cert, utils.TCertEncTCertIndex) if err != nil { client.node.log.Error("Failed getting extension TCERT_ENC_TCERTINDEX [%s].", err.Error()) continue } // Verify certificate against root if _, err := utils.CheckCertAgainRoot(x509Cert, client.node.tcaCertPool); err != nil { client.node.log.Warning("Warning verifing certificate [%s].", err.Error()) continue } // Verify public key // 384-bit ExpansionValue = HMAC(Expansion_Key, TCertIndex) // Let TCertIndex = Timestamp, RandValue, 1,2,… // Timestamp assigned, RandValue assigned and counter reinitialized to 1 per batch // Decrypt ct to TCertIndex (TODO: || EnrollPub_Key || EnrollID ?) pt, err := utils.CBCPKCS7Decrypt(TCertOwnerEncryptKey, tCertIndexCT) if err != nil { client.node.log.Error("Failed decrypting extension TCERT_ENC_TCERTINDEX [%s].", err.Error()) continue } // Compute ExpansionValue based on TCertIndex TCertIndex := pt // TCertIndex := []byte(strconv.Itoa(i)) client.node.log.Debug("TCertIndex: [%s].", utils.EncodeBase64(TCertIndex)) mac := hmac.New(utils.NewHash, ExpansionKey) mac.Write(TCertIndex) ExpansionValue := mac.Sum(nil) // Derive tpk and tsk accordingly to ExapansionValue from enrollment pk,sk // Computable by TCA / Auditor: TCertPub_Key = EnrollPub_Key + ExpansionValue G // using elliptic curve point addition per NIST FIPS PUB 186-4- specified P-384 // Compute temporary secret key tempSK := &ecdsa.PrivateKey{ PublicKey: ecdsa.PublicKey{ Curve: client.node.enrollPrivKey.Curve, X: new(big.Int), Y: new(big.Int), }, D: new(big.Int), } var k = new(big.Int).SetBytes(ExpansionValue) var one = new(big.Int).SetInt64(1) n := new(big.Int).Sub(client.node.enrollPrivKey.Params().N, one) k.Mod(k, n) k.Add(k, one) tempSK.D.Add(client.node.enrollPrivKey.D, k) tempSK.D.Mod(tempSK.D, client.node.enrollPrivKey.PublicKey.Params().N) // Compute temporary public key tempX, tempY := client.node.enrollPrivKey.PublicKey.ScalarBaseMult(k.Bytes()) tempSK.PublicKey.X, tempSK.PublicKey.Y = tempSK.PublicKey.Add( client.node.enrollPrivKey.PublicKey.X, client.node.enrollPrivKey.PublicKey.Y, tempX, tempY, ) // Verify temporary public key is a valid point on the reference curve isOn := tempSK.Curve.IsOnCurve(tempSK.PublicKey.X, tempSK.PublicKey.Y) if !isOn { client.node.log.Error("Failed temporary public key IsOnCurve check.") continue } // Check that the derived public key is the same as the one in the certificate certPK := x509Cert.PublicKey.(*ecdsa.PublicKey) cmp := certPK.X.Cmp(tempSK.PublicKey.X) if cmp != 0 { client.node.log.Error("Derived public key is different on X") continue } cmp = certPK.Y.Cmp(tempSK.PublicKey.Y) if cmp != 0 { client.node.log.Error("Derived public key is different on Y") continue } // Verify the signing capability of tempSK err = utils.VerifySignCapability(tempSK, x509Cert.PublicKey) if err != nil { client.node.log.Error("Failed verifing signing capability [%s].", err.Error()) continue } // Marshall certificate and secret key to be stored in the database resCert[j] = certDERs[i] if err != nil { client.node.log.Error("Failed marshalling private key [%s].", err.Error()) continue } if err := utils.CheckCertPKAgainstSK(x509Cert, interface{}(tempSK)); err != nil { client.node.log.Error("Failed checking TCA cert PK against private key [%s].", err.Error()) continue } client.node.log.Debug("Sub index [%d]", j) j++ client.node.log.Debug("Certificate [%d] validated.", i) } if j == 0 { client.node.log.Error("No valid TCert was sent") return nil, errors.New("No valid TCert was sent.") } return resCert[:j], nil }
func (client *clientImpl) getTCertFromDER(der []byte) (tCert tCert, err error) { if client.tCertOwnerKDFKey == nil { return nil, fmt.Errorf("KDF key not initialized yet") } TCertOwnerEncryptKey := utils.HMACTruncated(client.tCertOwnerKDFKey, []byte{1}, utils.AESKeyLength) ExpansionKey := utils.HMAC(client.tCertOwnerKDFKey, []byte{2}) // DER to x509 x509Cert, err := utils.DERToX509Certificate(der) if err != nil { client.debug("Failed parsing certificate [% x]: [%s].", der, err) return } // Handle Critical Extenstion TCertEncTCertIndex tCertIndexCT, err := utils.GetCriticalExtension(x509Cert, utils.TCertEncTCertIndex) if err != nil { client.error("Failed getting extension TCERT_ENC_TCERTINDEX [%s].", err.Error()) return } // Verify certificate against root if _, err = utils.CheckCertAgainRoot(x509Cert, client.tcaCertPool); err != nil { client.warning("Warning verifing certificate [%s].", err.Error()) return } // Verify public key // 384-bit ExpansionValue = HMAC(Expansion_Key, TCertIndex) // Let TCertIndex = Timestamp, RandValue, 1,2,… // Timestamp assigned, RandValue assigned and counter reinitialized to 1 per batch // Decrypt ct to TCertIndex (TODO: || EnrollPub_Key || EnrollID ?) pt, err := utils.CBCPKCS7Decrypt(TCertOwnerEncryptKey, tCertIndexCT) if err != nil { client.error("Failed decrypting extension TCERT_ENC_TCERTINDEX [%s].", err.Error()) return } // Compute ExpansionValue based on TCertIndex TCertIndex := pt // TCertIndex := []byte(strconv.Itoa(i)) client.debug("TCertIndex: [% x].", TCertIndex) mac := hmac.New(utils.NewHash, ExpansionKey) mac.Write(TCertIndex) ExpansionValue := mac.Sum(nil) // Derive tpk and tsk accordingly to ExapansionValue from enrollment pk,sk // Computable by TCA / Auditor: TCertPub_Key = EnrollPub_Key + ExpansionValue G // using elliptic curve point addition per NIST FIPS PUB 186-4- specified P-384 // Compute temporary secret key tempSK := &ecdsa.PrivateKey{ PublicKey: ecdsa.PublicKey{ Curve: client.enrollPrivKey.Curve, X: new(big.Int), Y: new(big.Int), }, D: new(big.Int), } var k = new(big.Int).SetBytes(ExpansionValue) var one = new(big.Int).SetInt64(1) n := new(big.Int).Sub(client.enrollPrivKey.Params().N, one) k.Mod(k, n) k.Add(k, one) tempSK.D.Add(client.enrollPrivKey.D, k) tempSK.D.Mod(tempSK.D, client.enrollPrivKey.PublicKey.Params().N) // Compute temporary public key tempX, tempY := client.enrollPrivKey.PublicKey.ScalarBaseMult(k.Bytes()) tempSK.PublicKey.X, tempSK.PublicKey.Y = tempSK.PublicKey.Add( client.enrollPrivKey.PublicKey.X, client.enrollPrivKey.PublicKey.Y, tempX, tempY, ) // Verify temporary public key is a valid point on the reference curve isOn := tempSK.Curve.IsOnCurve(tempSK.PublicKey.X, tempSK.PublicKey.Y) if !isOn { client.error("Failed temporary public key IsOnCurve check.") return nil, fmt.Errorf("Failed temporary public key IsOnCurve check.") } // Check that the derived public key is the same as the one in the certificate certPK := x509Cert.PublicKey.(*ecdsa.PublicKey) if certPK.X.Cmp(tempSK.PublicKey.X) != 0 { client.error("Derived public key is different on X") return nil, fmt.Errorf("Derived public key is different on X") } if certPK.Y.Cmp(tempSK.PublicKey.Y) != 0 { client.error("Derived public key is different on Y") return nil, fmt.Errorf("Derived public key is different on Y") } // Verify the signing capability of tempSK err = utils.VerifySignCapability(tempSK, x509Cert.PublicKey) if err != nil { client.error("Failed verifing signing capability [%s].", err.Error()) return } // Marshall certificate and secret key to be stored in the database if err != nil { client.error("Failed marshalling private key [%s].", err.Error()) return } if err = utils.CheckCertPKAgainstSK(x509Cert, interface{}(tempSK)); err != nil { client.error("Failed checking TCA cert PK against private key [%s].", err.Error()) return } tCert = &tCertImpl{client, x509Cert, tempSK} return }