pwnedkeys-tools 0.1.0

data/lib/pwnedkeys/request.rb

@@ -0,0 +1,159 @@
+require "base64"
+require "json"
+require "net/http"
+require "openssl"
+
+require "openssl/pkey/rsa"
+require "openssl/pkey/ec"
+
+module Pwnedkeys
+  class Request
+    class Error < StandardError; end
+    class VerificationError < Error; end
+
+    def initialize(spki)
+      @spki = if spki.is_a?(OpenSSL::X509::SPKI)
+        spki
+      elsif spki.is_a?(String)
+        begin
+          OpenSSL::X509::SPKI.new(spki)
+        rescue OpenSSL::ASN1::ASN1Error, OpenSSL::X509::SPKIError
+          raise Error,
+                "Invalid SPKI ASN.1 string"
+        end
+      else
+        raise Error,
+              "Invalid argument type passed to Pwnedkeys::Request.new (need OpenSSL::X509::SPKI or string, got #{spki.class})"
+      end
+
+      # Verify key type is OK
+      key_params
+    end
+
+    def pwned?
+      retry_count = 10
+
+      loop do
+        uri = URI(ENV["PWNEDKEYS_API_URL"] || "https://v1.pwnedkeys.com")
+        uri.path += "/#{@spki.spki_fingerprint.hexdigest}"
+
+        res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == "https") do |http|
+          req = Net::HTTP::Get.new(uri.path)
+          req["User-Agent"] = "pwnedkeys-tools/0.0.0"
+          http.request(req)
+        end
+
+        if res.code == "200"
+          verify!(res.body)
+          return true
+        elsif res.code == "404"
+          return false
+        elsif (500..599) === res.code.to_i && retry_count > 0
+          # Server-side error, let's try a few more times
+          sleep 1
+          retry_count -= 1
+        else
+          raise Error,
+                "Unable to determine pwnage, error status code returned from #{uri}: #{res.code}"
+        end
+      end
+    end
+
+    private
+
+    def verify!(res)
+      json = JSON.parse(res)
+      header = JSON.parse(unb64(json["protected"]))
+
+      key = @spki.to_key
+
+      verify_data = "#{json["protected"]}.#{json["payload"]}"
+
+      unless key.verify(hash_func.new, format_sig(unb64(json["signature"])), verify_data)
+        raise VerificationError,
+              "Response signature cannot be validated by provided key"
+      end
+
+      unless header["alg"] == key_alg
+        raise VerificationError,
+              "Incorrect alg parameter.  Got #{header["alg"]}, expected #{key_alg} for #{key.class} key"
+      end
+
+      unless header["kid"] == @spki.spki_fingerprint.hexdigest
+        raise VerificationError,
+              "Key ID in response doesn't match.  Got #{header["kid"]}, expected #{@spki.spki_fingerprint.hexdigest}"
+      end
+
+      unless unb64(json["payload"]) =~ /key is pwned/
+        raise VerificationError,
+              "Response payload does not include magic string 'key is pwned', got #{unb64(json["payload"])}"
+      end
+
+      # The gauntlet has been run and you have been found... worthy
+    end
+
+    def unb64(s)
+      Base64.urlsafe_decode64(s)
+    end
+
+    def key_alg
+      key_params[:key_alg]
+    end
+
+    def hash_func
+      key_params[:hash_func]
+    end
+
+    def format_sig(sig)
+      key_params[:format_sig].call(sig)
+    end
+
+    def ec_sig(jose_sig)
+      # *Real* EC signatures are a two-element ASN.1 sequence containing
+      # the R and S values.  RFC7518, in its infinite wisdom, has decided that
+      # that is not good enough, and instead it wants the signatures in raw
+      # concatenated R/S as octet strings.  Because of *course* it does.
+      OpenSSL::ASN1::Sequence.new(split_in_two_equal_halves(jose_sig).map do |i|
+        OpenSSL::ASN1::Integer.new(i.unpack("C*").inject(0) { |v, i| v * 256 + i })
+      end).to_der
+    end
+
+    def split_in_two_equal_halves(s)
+      [s[0..(s.length / 2 - 1)], s[(s.length / 2)..(s.length - 1)]]
+    end
+
+    def key_params
+      case @spki.to_key
+      when OpenSSL::PKey::RSA then {
+        key_alg: "RS256",
+        hash_func: OpenSSL::Digest::SHA256,
+        format_sig: ->(sig) { sig },
+      }
+      when OpenSSL::PKey::EC
+        case @spki.to_key.public_key.group.curve_name
+        when "prime256v1" then {
+          key_alg: "ES256",
+          hash_func: OpenSSL::Digest::SHA256,
+          format_sig: ->(sig) { ec_sig(sig) },
+        }
+        when "secp384r1"  then {
+          key_alg: "ES384",
+          hash_func: OpenSSL::Digest::SHA384,
+          format_sig: ->(sig) { ec_sig(sig) },
+        }
+        when "secp521r1"  then {
+          key_alg: "ES512",
+          hash_func: OpenSSL::Digest::SHA512,
+          # The components of P-521 keys are 521 bits each, which is padded
+          # out to be 528 bits -- 66 octets.
+          format_sig: ->(sig) { ec_sig(sig) },
+        }
+        else
+          raise Error, "EC key containing unsupported curve #{@spki.to_key.group.curve_name}"
+        end
+      else
+        raise Error, "Unsupported key type #{@key.class}"
+      end
+    end
+  end
+end

data/lib/pwnedkeys/response.rb

@@ -0,0 +1,107 @@
+require "base64"
+require "json"
+require "openssl"
+
+require "openssl/pkey/rsa"
+require "openssl/pkey/ec"
+
+module Pwnedkeys
+  class Response
+    class Error < StandardError; end
+
+    def initialize(key)
+      @key = if key.kind_of?(OpenSSL::PKey::PKey)
+        key
+      elsif key.is_a?(String)
+        begin
+          OpenSSL::PKey.read(key)
+        rescue OpenSSL::PKey::PKeyError
+          raise Error,
+                "Unable to parse provided key data"
+        end
+      else
+        raise Error,
+              "Invalid argument type passed to Pwnedkeys::Response.new (need OpenSSL::PKey::PKey or string, got #{key.class})"
+      end
+    end
+
+    def to_json(*spki_format)
+      header = {
+        alg: key_alg,
+        kid: @key.to_spki(*spki_format).spki_fingerprint.hexdigest,
+      }
+
+      obj = {
+        payload:   b64("This key is pwned!  See https://pwnedkeys.com for more info."),
+        protected: b64(header.to_json),
+      }
+
+      obj[:signature] = b64(sign(obj))
+      obj.to_json
+    end
+
+    private
+
+    def b64(s)
+      Base64.urlsafe_encode64(s).sub(/=*\z/, '')
+    end
+
+    def key_alg
+      key_params[:key_alg]
+    end
+
+    def hash_func
+      key_params[:hash_func]
+    end
+
+    def format_sig(sig)
+      key_params[:format_sig].call(sig)
+    end
+
+    def jose_sig(ec_sig, len)
+      # EC signatures are a two-element ASN.1 sequence containing
+      # the R and S values.  RFC7518, in its infinite wisdom, has decided that
+      # that is not good enough, and instead it wants the signatures in raw
+      # concatenated R/S as octet strings.  Because of *course* it does.
+      OpenSSL::ASN1.decode(ec_sig).value.map { |n| [sprintf("%0#{len * 2}x", n.value)].pack("H*") }.join
+    end
+
+    def key_params
+      case @key
+      when OpenSSL::PKey::RSA then {
+        key_alg: "RS256",
+        hash_func: OpenSSL::Digest::SHA256,
+        format_sig: ->(sig) { sig },
+      }
+      when OpenSSL::PKey::EC
+        case @key.public_key.group.curve_name
+        when "prime256v1" then {
+          key_alg: "ES256",
+          hash_func: OpenSSL::Digest::SHA256,
+          format_sig: ->(sig) { jose_sig(sig, 32) },
+        }
+        when "secp384r1"  then {
+          key_alg: "ES384",
+          hash_func: OpenSSL::Digest::SHA384,
+          format_sig: ->(sig) { jose_sig(sig, 48) },
+        }
+        when "secp521r1"  then {
+          key_alg: "ES512",
+          hash_func: OpenSSL::Digest::SHA512,
+          # The components of P-521 keys are 521 bits each, which is padded
+          # out to be 528 bits -- 66 octets.
+          format_sig: ->(sig) { jose_sig(sig, 66) },
+        }
+        else
+          raise Error, "EC key containing unsupported curve #{@key.public_key.group.curve_name}"
+        end
+      else
+        raise Error, "Unsupported key type #{@key.class}"
+      end
+    end
+
+    def sign(obj)
+      format_sig(@key.sign(hash_func.new, obj[:protected] + "." + obj[:payload]))
+    end
+  end
+end

data/pwnedkeys-tools.gemspec

@@ -0,0 +1,46 @@
+begin
+  require 'git-version-bump'
+rescue LoadError
+  nil
+end
+
+Gem::Specification.new do |s|
+  s.name = "pwnedkeys-tools"
+
+  s.version = GVB.version rescue "0.0.0.1.NOGVB"
+  s.date    = GVB.date    rescue Time.now.strftime("%Y-%m-%d")
+
+  s.platform = Gem::Platform::RUBY
+
+  s.summary  = "A set of command-line tools useful for working with the pwnedkeys.com service"
+  s.description = <<~EOF
+    The scripts in this package are designed to be used in conjunction with the
+    pwnedkeys.com compromised keys database.  They include:
+    
+    * `pwnedkeys-prove-pwned`, which generates a signed attestation of
+      compromise suitable for being served by the pwnedkeys.com V1 API.
+
+    * `pwnedkeys-query`, which takes a public or private key, CSR, or X.509
+      certificate and looks it up in the pwnedkeys.com database.
+  EOF
+
+  s.authors  = ["Matt Palmer"]
+  s.email    = ["matt@hezmatt.org"]
+  s.homepage = "https://github.com/pwnedkeys/pwnedkeys-tools"
+
+  s.files = `git ls-files -z`.split("\0").reject { |f| f =~ /^(\.|G|spec|Rakefile)/ }
+  s.executables = ["pwnedkeys-prove-pwned", "pwnedkeys-query"]
+
+  s.required_ruby_version = ">= 2.5.0"
+
+  s.add_development_dependency 'bundler'
+  s.add_development_dependency 'github-release'
+  s.add_development_dependency 'git-version-bump'
+  s.add_development_dependency 'guard-rspec'
+  s.add_development_dependency 'rack-test'
+  s.add_development_dependency 'rake', "~> 12.0"
+  s.add_development_dependency 'redcarpet'
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'simplecov'
+  s.add_development_dependency 'yard'
+end

metadata

@@ -0,0 +1,211 @@
+--- !ruby/object:Gem::Specification
+name: pwnedkeys-tools
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Matt Palmer
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-12-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: github-release
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: git-version-bump
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+- !ruby/object:Gem::Dependency
+  name: redcarpet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |
+  The scripts in this package are designed to be used in conjunction with the
+  pwnedkeys.com compromised keys database.  They include:
+
+  * `pwnedkeys-prove-pwned`, which generates a signed attestation of
+    compromise suitable for being served by the pwnedkeys.com V1 API.
+
+  * `pwnedkeys-query`, which takes a public or private key, CSR, or X.509
+    certificate and looks it up in the pwnedkeys.com database.
+email:
+- matt@hezmatt.org
+executables:
+- pwnedkeys-prove-pwned
+- pwnedkeys-query
+extensions: []
+extra_rdoc_files: []
+files:
+- CODE_OF_CONDUCT.md
+- CONTRIBUTING.md
+- Dockerfile
+- LICENCE
+- README.md
+- bin/pwnedkeys-prove-pwned
+- bin/pwnedkeys-query
+- docker-wrappers/pwnedkeys-prove-pwned
+- docker-wrappers/pwnedkeys-query
+- lib/openssl/pkey.rb
+- lib/openssl/pkey/ec.rb
+- lib/openssl/pkey/rsa.rb
+- lib/openssl/x509/certificate.rb
+- lib/openssl/x509/request.rb
+- lib/openssl/x509/spki.rb
+- lib/pwnedkeys/request.rb
+- lib/pwnedkeys/response.rb
+- pwnedkeys-tools.gemspec
+homepage: https://github.com/pwnedkeys/pwnedkeys-tools
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: A set of command-line tools useful for working with the pwnedkeys.com service
+test_files: []