tem_openssl 0.3.2

data/CHANGELOG

@@ -0,0 +1,11 @@
+v0.3.2. Updated to the API of tem_ruby 0.7.1 (Tem#pubek instead of an ugly hack).
+
+v0.3.1. Updated to the API of tem_ruby 0.7.0.
+
+v0.3. Implemented rsautl -sign and -verify to meet the openssl specs.
+
+v0.2.1. Implemented public key exporting to PEM files. Requires public keys instead of the full key when possible. The TEM should not be needed when only public keys are required. 
+
+v0.2. Implemented signing.
+
+v0.1. Initial release.

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License
+
+Copyright (c) 2007 Massachusetts Institute of Technology
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/Manifest

@@ -0,0 +1,10 @@
+bin/openssl_tem
+Manifest
+LICENSE
+test/test_executor.rb
+lib/ossl/key.rb
+lib/ossl/executor.rb
+lib/ossl/tem_tools.rb
+lib/tem_openssl.rb
+README
+CHANGELOG

data/README

@@ -0,0 +1,35 @@
+This is a tool for the TEM-based OpenSSL engine.
+
+Running coverage tests:
+gem install rcov
+rcov -Ilib test/*.rb
+
+Implemented commands (the format is supposed to be compatible with the "openssl" tool):
+
+openssl_tem reset
+Resets the TEM to a working state. The TEM applet is reinitialized, and the TEM is emitted.
+All key material and state on TEM is lost.
+
+openssl_tem rsagen 2048 -out key.temkey
+Generates a RSA key pair on the TEM (the size is ignored), outputs the TEM-bound key pair to
+"key.temkey".
+
+openssl_tem rsa -in key.temkey -out key.pem -pubout
+Extracts the public key from a TEM-bound key pair, outputs it in PEM format to "key.pem"
+
+openssl_tem rsautl -encrypt -in plain.txt -inkey key.pem -out crypted.txt -pkcs
+Encrypts the data in "plain.txt" using the PEM public key (or public key in a TEM-bound key pair)
+in "key.pem". PKCS#1 padding is always used.
+
+openssl_tem rsautl -decrypt -in crypted.txt -inkey key.temkey -out plain2.txt -pkcs
+Decrypts the data in "crypted.txt" using TEM-bound key pair in "key.temkey".
+PKCS#1 padding is always used.
+
+openssl_tem rsautl -xsign -in plain.txt -inkey key.temkey -out signature.txt -pkcs
+Signs the data in "plain.txt" using the TEM-bound key pair in "key.temkey".
+PKCS#1 padding over a SHA-1 message digest of the data is always used.
+
+openssl_tem rsautl -xverify -in signature.txt -inkey key.pem -indata plain.txt -out verif.txt -pkcs
+Verifies that "signature.txt" was produced by signing the data in "plain.txt" using the
+TEM-bound key with the PEM public key in "key.pem". PKCS#1 padding over a SHA-1 of the data is
+always used. The output is "true" or "false".

data/bin/openssl_tem

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+require 'tem_openssl'
+
+Tem::OpenSSL::Executor.run(ARGV)

data/lib/ossl/executor.rb

@@ -0,0 +1,118 @@
+require 'pp'
+
+class Tem::OpenSSL::Executor
+  def initialize(args, test_options)
+    @args = args
+    # unknown args get thrown here
+    @arg_bag = {}
+    # read key from here
+    @in_key = nil 
+    # read (original) data from here
+    @in_data = nil
+    # read input from here
+    @in = $stdin
+    # dump output here
+    @out = $stdout
+    # run the procs here to clean up
+    @cleanup_procs = []
+    
+    # hash of flags to help unit tests
+    @test_options = test_options
+    
+    connect_to_tem
+    parse_args
+  end
+    
+  def run    
+    case @args[0]
+    when 'reset'
+      @tem.kill
+      @tem.activate
+      @tem.emit
+    when 'rsa'
+      if @arg_bag[:pubout]
+        @key = Tem::OpenSSL::Key.load_from_tkfile @in
+        @out.write @key.pub_key.ssl_key.to_s
+      end
+    when 'rsagen'
+      @key = Tem::OpenSSL::Key.new_tem_key @tem
+      @out.write @key.to_tkfile
+    when 'rsautl'
+      @key = Tem::OpenSSL::Key.load_from_tkfile @in_key
+      data = @in.read
+      case
+    when @arg_bag[:decrypt]
+        # decrypting with private key
+        result = @key.privk_decrypt data, @tem
+      when @arg_bag[:encrypt]
+        # encrypting with public key
+        result = @key.pub_key.encrypt data
+      when @arg_bag[:sign]
+        # fake-signing (encrypting with private key)
+        result = @key.privk_encrypt data, @tem
+      when @arg_bag[:verify]
+        # fake-verifying (decrypting with public key)
+        result = @key.pub_key.decrypt data
+      when @arg_bag[:xsign]
+        result = @key.privk_sign data, @tem
+      when @arg_bag[:xverify]
+        orig_data = @in_data.read
+        result = @key.pub_key.verify orig_data, data
+      else
+        # ?!
+      end
+      @out.write result
+    end    
+  end
+  
+  def parse_args
+    0.upto(@args.length - 1) do |i|
+      # the tokens that don't start with - are processed OOB
+      next unless @args[i][0] == ?-
+      case @args[i]
+      when '-in'
+        @in = File.open(@args[i + 1], 'rb')
+        @cleanup_procs << Proc.new { @in.close }
+      when '-inkey'
+        @in_key = File.open(@args[i + 1], 'r')
+        @cleanup_procs << Proc.new { @in_key.close }
+      when '-indata'
+        @in_data = File.open(@args[i + 1], 'r')
+        @cleanup_procs << Proc.new { @in_data.close }
+      when '-out'
+        @out = File.open(@args[i + 1], 'wb')
+        @cleanup_procs << Proc.new { @out.close }
+      else
+        @arg_bag[@args[i][1..-1].to_sym] = true
+      end
+    end
+  end
+  
+  def cleanup
+    @cleanup_procs.each { |p| p.call }
+  end
+  
+  def connect_to_tem
+    @terminal = Tem::SCard::JCOPRemoteTerminal.new
+    if !@terminal.connect or @test_options[:no_tem]
+      @terminal.disconnect
+      @terminal = Tem::SCard::PCSCTerminal.new
+      if !@terminal.connect or @test_options[:no_tem]
+        @terminal.disconnect
+        @terminal = nil
+      end
+    end
+    unless @terminal.nil?
+      @javacard = Tem::SCard::JavaCard.new(@terminal)
+      @tem = Tem::Session.new(@javacard)
+    
+      @cleanup_procs << Proc.new { @tem.disconnect; @terminal.disconnect }
+    end
+  end
+  
+  def self.run(args, test_options = {})
+    ex = self.new args, test_options
+    ex.run
+    ex.cleanup
+  end
+end

data/lib/ossl/key.rb

@@ -0,0 +1,55 @@
+require 'pp'
+
+class Tem::OpenSSL::Key
+  include Tem::OpenSSL::TemTools
+  
+  attr_reader :pub_key
+  
+  def initialize(pub_key, priv_decrypt_sec, priv_encrypt_sec, priv_sign_sec)
+    @pub_key = pub_key
+    @priv_decrypt_sec = priv_decrypt_sec
+    @priv_encrypt_sec = priv_encrypt_sec
+    @priv_sign_sec = priv_sign_sec
+  end
+  
+  def to_tkfile
+    @pub_key.ssl_key.to_s + [@priv_decrypt_sec.to_array, @priv_encrypt_sec.to_array, @priv_sign_sec.to_array].to_yaml
+  end
+  
+  def privk_decrypt(data, tem)
+    Tem::OpenSSL::TemTools.crypt_with_sec(data, @priv_decrypt_sec, tem)
+  end
+
+  def privk_encrypt(data, tem)
+    Tem::OpenSSL::TemTools.crypt_with_sec(data, @priv_encrypt_sec, tem)
+  end
+  
+  def privk_sign(data, tem)
+    Tem::OpenSSL::TemTools.sign_with_sec(data, @priv_sign_sec, tem)    
+  end
+  
+  def self.new_tem_key(tem)
+    keys = Tem::OpenSSL::TemTools.generate_key_on_tem(tem)
+    priv_decrypt_sec = Tem::OpenSSL::TemTools.crypting_sec(keys[:privk], tem, :decrypt)
+    priv_encrypt_sec = Tem::OpenSSL::TemTools.crypting_sec(keys[:privk], tem, :encrypt)
+    priv_sign_sec = Tem::OpenSSL::TemTools.signing_sec(keys[:privk], tem)
+    return self.new(keys[:pubk], priv_decrypt_sec, priv_encrypt_sec, priv_sign_sec)
+  end
+  
+  def self.load_from_tkfile(f)
+    ossl_pub_key = OpenSSL::PKey::RSA.new(f)
+    pub_key = Tem::CryptoAbi::new_key_from_ssl(ossl_pub_key, true)
+    begin
+      ds_ary, es_ary, ss_ary = *YAML.load(f)
+      priv_decrypt_sec = Tem::SecPack.new_from_array(ds_ary)
+      priv_encrypt_sec = Tem::SecPack.new_from_array(es_ary)      
+      priv_sign_sec = Tem::SecPack.new_from_array(ss_ary)
+    rescue
+      priv_decrypt_sec = nil
+      priv_encrypt_sec = nil
+      priv_sign_sec = nil
+    end
+    return self.new(pub_key, priv_decrypt_sec, priv_encrypt_sec, priv_sign_sec)
+  end
+  
+end

data/lib/ossl/tem_tools.rb

@@ -0,0 +1,124 @@
+module Tem::OpenSSL::TemTools
+  # generate an RSA key pair on the TEM
+  # slower than OpenSSL-based generation, but uses a hardware RNG
+  def self.generate_key_on_tem(tem)
+    kdata = tem.tk_gen_key(:asymmetric)
+    pubk = tem.tk_read_key(kdata[:pubk_id], kdata[:authz])
+    tem.tk_delete_key(kdata[:pubk_id], kdata[:authz])
+    privk = tem.tk_read_key(kdata[:privk_id], kdata[:authz])
+    tem.tk_delete_key(kdata[:privk_id], kdata[:authz])
+    
+    return {:privk => privk, :pubk => pubk}
+  end
+  
+  # generates a SECpack that encrypts/decrypts a user-supplied blob
+  # the SECpack is tied down to a TEM
+  def self.crypting_sec(key, tem, mode = :decrypt)
+    crypt_sec = tem.assemble do |s|
+      # load the key in the TEM
+      s.ldwc :const => :key_data
+      s.rdk
+      # allocate the output buffer
+      s.ldwc :const => 512
+      s.outnew
+      # decrypt the given data
+      s.ldw :from => :input_length
+      s.ldwc :const => :input_data
+      s.ldwc :const => -1
+      s.send({:encrypt => :kevb, :decrypt => :kdvb}[mode])
+      s.halt
+      
+      # key material
+      s.label :key_data
+      s.immed :ubyte, key.to_tem_key
+      
+      # user-supplied argument: the length of the blob to be encrypted/decrypted
+      s.label :input_length
+      s.immed :ushort, 256
+      
+      # user-supplied argument: the blob to be encrypted/decrypted
+      s.label :input_data
+      s.filler :ubyte, 512
+      
+      # the TEM stack
+      s.label :sec_stack
+      s.stack
+      s.extra 8
+    end
+    crypt_sec.seal(tem.pubek, :key_data, :input_length)
+    return crypt_sec
+  end
+  
+  # generates a SECpack that decrypts a user-supplied blob
+  # the SECpack is tied down to a TEM
+  def self.signing_sec(key, tem)
+    sign_sec = tem.assemble do |s|
+      # load the key in the TEM
+      s.ldwc :const => :key_data
+      s.rdk
+      # allocate the output buffer
+      s.ldwc :const => key.ssl_key.n.num_bytes + 1
+      s.outnew
+      # sign the given data
+      s.ldw :from => :input_length
+      s.ldwc :const => :input_data
+      s.ldwc :const => -1
+      s.ksvb
+      s.halt
+      
+      # key material
+      s.label :key_data
+      s.immed :ubyte, key.to_tem_key
+      
+      # user-supplied argument: the length of the blob to be signed
+      s.label :input_length
+      s.immed :ushort, 256
+      
+      # user-supplied argument: the blob to be signed
+      s.label :input_data
+      s.filler :ubyte, 512
+      
+      # the TEM stack
+      s.label :sec_stack
+      s.stack
+      s.extra 8
+    end
+    sign_sec.seal(tem.pubek, :key_data, :input_length)
+    return sign_sec
+  end
+  
+  
+  # encrypts/decrypts using a SECpack generated via a previous call to crypting_sec
+  def self.crypt_with_sec(encrypted_data, dec_sec, tem)
+    # convert the data string to an array of numbers
+    ed = encrypted_data.unpack('C*')
+    
+    # patch the data and its length into the SEC 
+    elen = tem.to_tem_ushort(ed.length)
+    dec_sec.body[dec_sec.label_address(:input_length), elen.length] = elen
+    dec_sec.body[dec_sec.label_address(:input_data), ed.length] = ed
+    
+    # run the sec and convert its output to a string
+    dd = tem.execute dec_sec
+    decrypted_data = dd.pack('C*')
+    
+    return decrypted_data
+  end
+  
+  # signs using a SECpack generated via a previous call to signing_sec
+  def self.sign_with_sec(data, sign_sec, tem)
+    # convert the data string to an array of numbers
+    d = data.unpack('C*')
+    
+    # patch the data and its length into the SEC 
+    len = tem.to_tem_ushort(d.length)
+    sign_sec.body[sign_sec.label_address(:input_length), len.length] = len
+    sign_sec.body[sign_sec.label_address(:input_data), d.length] = d
+    
+    # run the sec and convert its output to a string
+    s = tem.execute sign_sec
+    signature = s.pack('C*')
+    
+    return signature
+  end  
+end

data/lib/tem_openssl.rb

@@ -0,0 +1,9 @@
+require 'tem_ruby'
+
+module Tem::OpenSSL  
+end
+
+require 'ossl/tem_tools.rb'
+require 'ossl/key.rb'
+require 'ossl/executor.rb'
+

data/tem_openssl.gemspec

@@ -0,0 +1,55 @@
+
+# Gem::Specification for Tem_openssl-0.3.2
+# Originally generated by Echoe
+
+Gem::Specification.new do |s|
+  s.name = %q{tem_openssl}
+  s.version = "0.3.2"
+
+  s.specification_version = 2 if s.respond_to? :specification_version=
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Victor Costan"]
+  s.date = %q{2008-06-11}
+  s.default_executable = %q{openssl_tem}
+  s.description = %q{TEM (Trusted Execution Module) engine for OpenSSL.}
+  s.email = %q{victor@costan.us}
+  s.executables = ["openssl_tem"]
+  s.extra_rdoc_files = ["bin/openssl_tem", "LICENSE", "lib/ossl/key.rb", "lib/ossl/executor.rb", "lib/ossl/tem_tools.rb", "lib/tem_openssl.rb", "README", "CHANGELOG"]
+  s.files = ["bin/openssl_tem", "Manifest", "LICENSE", "test/test_executor.rb", "lib/ossl/key.rb", "lib/ossl/executor.rb", "lib/ossl/tem_tools.rb", "lib/tem_openssl.rb", "README", "CHANGELOG", "tem_openssl.gemspec"]
+  s.has_rdoc = true
+  s.homepage = %q{http://tem.rubyforge.org}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Tem_openssl", "--main", "README"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{tem}
+  s.rubygems_version = %q{1.1.1}
+  s.summary = %q{TEM (Trusted Execution Module) engine for OpenSSL.}
+  s.test_files = ["test/test_executor.rb"]
+
+  s.add_dependency(%q<tem_ruby>, [">= 0.9.0"])
+end
+
+
+# # Original Rakefile source (requires the Echoe gem):
+# 
+# require 'rubygems'
+# gem 'echoe'
+# require 'echoe'
+# 
+# Echoe.new('tem_openssl') do |p|
+#   p.project = 'tem' # rubyforge project
+#   
+#   p.author = 'Victor Costan'
+#   p.email = 'victor@costan.us'
+#   p.summary = 'TEM (Trusted Execution Module) engine for OpenSSL.'
+#   p.url = 'http://tem.rubyforge.org'
+#   p.dependencies = ['tem_ruby >=0.9.0']
+#   
+#   p.need_tar_gz = false
+#   p.rdoc_pattern = /^(lib|bin|tasks|ext)|^BUILD|^README|^CHANGELOG|^TODO|^LICENSE|^COPYING$/  
+# end
+# 
+# if $0 == __FILE__
+#   Rake.application = Rake::Application.new
+#   Rake.application.run
+# end

data/test/test_executor.rb

@@ -0,0 +1,54 @@
+require 'tem_openssl'
+require 'test/unit'
+
+class ExecutorTest < Test::Unit::TestCase
+  def setup
+    Tem::OpenSSL::Executor.run ['reset']
+
+    # generate key and extract public key
+    Tem::OpenSSL::Executor.run ['rsagen', '2048', '-out', 'test_key.tkey']    
+    Tem::OpenSSL::Executor.run ['rsa', '-in', 'test_key.tkey', '-out', 'test_key.pem', '-pubout'], :no_tem => true    
+  end
+  
+  def teardown
+    ['test_key.tkey', 'test_key.pem'].each { |fname| File.delete fname }
+  end
+
+  def test_encryption    
+    # test encryption and decryption (using the PEM file for the public key)
+    plain_text = 'Simple encryption test.\n'
+    File.open('test_plain.txt', 'wb') { |f| f.write plain_text }
+    Tem::OpenSSL::Executor.run ['rsautl', '-encrypt', '-inkey', 'test_key.pem', '-in', 'test_plain.txt', '-pkcs', '-out', 'test_enc.txt'], :no_tem => true
+    Tem::OpenSSL::Executor.run ['rsautl', '-decrypt', '-inkey', 'test_key.tkey', '-in', 'test_enc.txt', '-pkcs', '-out', 'test_plain2.txt']
+    assert_equal plain_text, File.open('test_plain2.txt', 'rb') { |f| f.read }, 'data corruption in encryption/decryption'    
+    ['test_plain.txt', 'test_plain2.txt', 'test_enc.txt'].each { |fname| File.delete fname }
+    
+    # test encryption and decryption (using the TEM-bound file for the public key)
+    plain_text = 'Simple encryption test.\n'
+    File.open('test_plain.txt', 'wb') { |f| f.write plain_text }
+    Tem::OpenSSL::Executor.run ['rsautl', '-encrypt', '-inkey', 'test_key.tkey', '-in', 'test_plain.txt', '-pkcs', '-out', 'test_enc.txt']
+    Tem::OpenSSL::Executor.run ['rsautl', '-decrypt', '-inkey', 'test_key.tkey', '-in', 'test_enc.txt', '-pkcs', '-out', 'test_plain2.txt']
+    assert_equal plain_text, File.open('test_plain2.txt', 'rb') { |f| f.read }, 'data corruption in encryption/decryption'    
+    ['test_plain.txt', 'test_plain2.txt', 'test_enc.txt'].each { |fname| File.delete fname }     
+  end
+  
+  def test_fake_signing
+    # test fake (openssl-compatible) signing
+    plain_text = 'Simple fake-signing test.\n'
+    File.open('test_plain.txt', 'wb') { |f| f.write plain_text }
+    Tem::OpenSSL::Executor.run ['rsautl', '-sign', '-inkey', 'test_key.tkey', '-in', 'test_plain.txt', '-pkcs', '-out', 'test_fsign.txt']
+    Tem::OpenSSL::Executor.run ['rsautl', '-verify', '-inkey', 'test_key.pem', '-in', 'test_fsign.txt', '-pkcs', '-out', 'test_fverify.txt']
+    assert_equal plain_text, File.open('test_fverify.txt', 'rb') { |f| f.read }, 'data corruption in fake-sign/verification'    
+    ['test_plain.txt', 'test_fsign.txt', 'test_fverify.txt'].each { |fname| File.delete fname }     
+  end
+  
+  def test_xsigning
+    # test proper signing (using the PEM file for the public key)
+    plain_text = 'Simple signing test.\n'
+    File.open('test_plain.txt', 'wb') { |f| f.write plain_text }
+    Tem::OpenSSL::Executor.run ['rsautl', '-xsign', '-inkey', 'test_key.tkey', '-in', 'test_plain.txt', '-pkcs', '-out', 'test_sign.txt']
+    Tem::OpenSSL::Executor.run ['rsautl', '-xverify', '-inkey', 'test_key.pem', '-in', 'test_sign.txt', '-indata', 'test_plain.txt', '-pkcs', '-out', 'test_verify.txt'], :no_tem => true
+    assert_equal "true", File.open('test_verify.txt', 'rb') { |f| f.read }, 'data corruption in sign/verification'
+    ['test_plain.txt', 'test_sign.txt', 'test_verify.txt'].each { |fname| File.delete fname }     
+  end
+end

metadata

@@ -0,0 +1,83 @@
+--- !ruby/object:Gem::Specification 
+name: tem_openssl
+version: !ruby/object:Gem::Version 
+  version: 0.3.2
+platform: ruby
+authors: 
+- Victor Costan
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-06-11 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: tem_ruby
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.9.0
+    version: 
+description: TEM (Trusted Execution Module) engine for OpenSSL.
+email: victor@costan.us
+executables: 
+- openssl_tem
+extensions: []
+
+extra_rdoc_files: 
+- bin/openssl_tem
+- LICENSE
+- lib/ossl/key.rb
+- lib/ossl/executor.rb
+- lib/ossl/tem_tools.rb
+- lib/tem_openssl.rb
+- README
+- CHANGELOG
+files: 
+- bin/openssl_tem
+- Manifest
+- LICENSE
+- test/test_executor.rb
+- lib/ossl/key.rb
+- lib/ossl/executor.rb
+- lib/ossl/tem_tools.rb
+- lib/tem_openssl.rb
+- README
+- CHANGELOG
+- tem_openssl.gemspec
+has_rdoc: true
+homepage: http://tem.rubyforge.org
+post_install_message: 
+rdoc_options: 
+- --line-numbers
+- --inline-source
+- --title
+- Tem_openssl
+- --main
+- README
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: tem
+rubygems_version: 1.1.1
+signing_key: 
+specification_version: 2
+summary: TEM (Trusted Execution Module) engine for OpenSSL.
+test_files: 
+- test/test_executor.rb