package tlsutil import ( "bytes" "crypto" "crypto/ecdsa" "crypto/rsa" "crypto/rand" "crypto/sha256" "crypto/x509" "crypto/x509/pkix" "encoding/pem" "fmt" "math/big" "net" "time" "github.com/hashicorp/consul/agent/connect" ) // GenerateSerialNumber returns random bigint generated with crypto/rand func GenerateSerialNumber() (*big.Int, error) { l := new(big.Int).Lsh(big.NewInt(1), 128) s, err := rand.Int(rand.Reader, l) if err != nil { return nil, err } return s, nil } // GeneratePrivateKey generates a new ecdsa private key func GeneratePrivateKey() (crypto.Signer, string, error) { return connect.GeneratePrivateKey() } // GenerateCA generates a new CA for agent TLS (not to be confused with Connect TLS) func GenerateCA(signer crypto.Signer, sn *big.Int, days int, constraints []string) (string, error) { id, err := keyID(signer.Public()) if err != nil { return "", err } name := fmt.Sprintf("Consul Agent CA %d", sn) // Create the CA cert template := x509.Certificate{ SerialNumber: sn, Subject: pkix.Name{ Country: []string{"US"}, PostalCode: []string{"94105"}, Province: []string{"CA"}, Locality: []string{"San Francisco"}, StreetAddress: []string{"101 Second Street"}, Organization: []string{"HashiCorp Inc."}, CommonName: name, }, BasicConstraintsValid: true, KeyUsage: x509.KeyUsageCertSign | x509.KeyUsageCRLSign | x509.KeyUsageDigitalSignature, IsCA: true, NotAfter: time.Now().AddDate(0, 0, days), NotBefore: time.Now(), AuthorityKeyId: id, SubjectKeyId: id, } if len(constraints) > 0 { template.PermittedDNSDomainsCritical = true template.PermittedDNSDomains = constraints } bs, err := x509.CreateCertificate( rand.Reader, &template, &template, signer.Public(), signer) if err != nil { return "", fmt.Errorf("error generating CA certificate: %s", err) } var buf bytes.Buffer err = pem.Encode(&buf, &pem.Block{Type: "CERTIFICATE", Bytes: bs}) if err != nil { return "", fmt.Errorf("error encoding private key: %s", err) } return buf.String(), nil } // GenerateCert generates a new certificate for agent TLS (not to be confused with Connect TLS) func GenerateCert(signer crypto.Signer, ca string, sn *big.Int, name string, days int, DNSNames []string, IPAddresses []net.IP, extKeyUsage []x509.ExtKeyUsage) (string, string, error) { parent, err := parseCert(ca) if err != nil { return "", "", err } signee, pk, err := GeneratePrivateKey() if err != nil { return "", "", err } id, err := keyID(signee.Public()) if err != nil { return "", "", err } template := x509.Certificate{ SerialNumber: sn, Subject: pkix.Name{CommonName: name}, BasicConstraintsValid: true, KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment, ExtKeyUsage: extKeyUsage, IsCA: false, NotAfter: time.Now().AddDate(0, 0, days), NotBefore: time.Now(), SubjectKeyId: id, DNSNames: DNSNames, IPAddresses: IPAddresses, } bs, err := x509.CreateCertificate(rand.Reader, &template, parent, signee.Public(), signer) if err != nil { return "", "", err } var buf bytes.Buffer err = pem.Encode(&buf, &pem.Block{Type: "CERTIFICATE", Bytes: bs}) if err != nil { return "", "", fmt.Errorf("error encoding private key: %s", err) } return buf.String(), pk, nil } // KeyId returns a x509 KeyId from the given signing key. func keyID(raw interface{}) ([]byte, error) { switch raw.(type) { case *ecdsa.PublicKey: case *rsa.PublicKey: default: return nil, fmt.Errorf("invalid key type: %T", raw) } // This is not standard; RFC allows any unique identifier as long as they // match in subject/authority chains but suggests specific hashing of DER // bytes of public key including DER tags. bs, err := x509.MarshalPKIXPublicKey(raw) if err != nil { return nil, err } // String formatted kID := sha256.Sum256(bs) return kID[:], nil } func parseCert(pemValue string) (*x509.Certificate, error) { // The _ result below is not an error but the remaining PEM bytes. block, _ := pem.Decode([]byte(pemValue)) if block == nil { return nil, fmt.Errorf("no PEM-encoded data found") } if block.Type != "CERTIFICATE" { return nil, fmt.Errorf("first PEM-block should be CERTIFICATE type") } return x509.ParseCertificate(block.Bytes) } // ParseSigner parses a crypto.Signer from a PEM-encoded key. The private key // is expected to be the first block in the PEM value. func ParseSigner(pemValue string) (crypto.Signer, error) { // The _ result below is not an error but the remaining PEM bytes. block, _ := pem.Decode([]byte(pemValue)) if block == nil { return nil, fmt.Errorf("no PEM-encoded data found") } switch block.Type { case "EC PRIVATE KEY": return x509.ParseECPrivateKey(block.Bytes) case "RSA PRIVATE KEY": return x509.ParsePKCS1PrivateKey(block.Bytes) default: return nil, fmt.Errorf("unknown PEM block type for signing key: %s", block.Type) } } func Verify(caString, certString, dns string) error { roots := x509.NewCertPool() ok := roots.AppendCertsFromPEM([]byte(caString)) if !ok { return fmt.Errorf("failed to parse root certificate") } cert, err := parseCert(certString) if err != nil { return fmt.Errorf("failed to parse certificate") } opts := x509.VerifyOptions{ DNSName: fmt.Sprint(dns), Roots: roots, } _, err = cert.Verify(opts) return err }