Only accept PKCS#8 keys

Author: kazk

Cargo.toml

@@ -34,6 +34,9 @@ openssl-probe = "0.1"
 [target.'cfg(not(any(target_os = "windows", target_os = "macos", target_os = "ios")))'.build_dependencies]
 openssl-src = { version = "300.0.3", optional = true }
 
+[dependencies]
+pem-rfc7468 = { version = "0.2.4", features = ["std"] }
+
 [dev-dependencies]
 pem = "1.0"
 rsa = { version = "0.5.0", features = ["alloc", "pem", "std"] }

src/imp/openssl.rs

@@ -1,5 +1,6 @@
 extern crate openssl;
 extern crate openssl_probe;
+extern crate pem_rfc7468;
 
 use self::openssl::error::ErrorStack;
 use self::openssl::hash::MessageDigest;
@@ -117,6 +118,8 @@ pub enum Error {
     Normal(ErrorStack),
     Ssl(ssl::Error, X509VerifyResult),
     EmptyChain,
+    DecodePemLabel(pem_rfc7468::Error),
+    NotPkcs8,
 }
 
 impl error::Error for Error {
@@ -125,6 +128,8 @@ impl error::Error for Error {
             Error::Normal(ref e) => error::Error::source(e),
             Error::Ssl(ref e, _) => error::Error::source(e),
             Error::EmptyChain => None,
+            Error::DecodePemLabel(ref e) => error::Error::source(e),
+            Error::NotPkcs8 => None,
         }
     }
 }
@@ -139,6 +144,8 @@ impl fmt::Display for Error {
                 fmt,
                 "at least one certificate must be provided to create an identity"
             ),
+            Error::DecodePemLabel(ref e) => fmt::Display::fmt(e, fmt),
+            Error::NotPkcs8 => write!(fmt, "expected PKCS#8 PEM"),
         }
     }
 }
@@ -171,6 +178,11 @@ impl Identity {
     }
 
     pub fn from_pkcs8(buf: &[u8], key: &[u8]) -> Result<Identity, Error> {
+        let label = pem_rfc7468::decode_label(key).map_err(Error::DecodePemLabel)?;
+        if label != "PRIVATE KEY" {
+            return Err(Error::NotPkcs8);
+        }
+
         let pkey = PKey::private_key_from_pem(key)?;
         let mut cert_chain = X509::stack_from_pem(buf)?.into_iter();
         let cert = cert_chain.next().ok_or(Error::EmptyChain)?;

src/imp/schannel.rs

@@ -1,3 +1,4 @@
+extern crate pem_rfc7468;
 extern crate schannel;
 
 use self::schannel::cert_context::{CertContext, HashAlgorithm, KeySpec};
@@ -96,6 +97,12 @@ impl Identity {
     }
 
     pub fn from_pkcs8(pem: &[u8], key: &[u8]) -> Result<Identity, Error> {
+        let label = pem_rfc7468::decode_label(key)
+            .map_err(|err| io::Error::new(io::ErrorKind::InvalidInput, err))?;
+        if label != "PRIVATE KEY" {
+            return Err(io::Error::new(io::ErrorKind::InvalidInput, "not a PKCS#8 key").into());
+        }
+
         let mut store = Memory::new()?.into_store();
         let mut cert_iter = pem::PemBlock::new(pem).into_iter();
         let leaf = cert_iter.next().ok_or_else(|| {

src/imp/security_framework.rs

@@ -1,4 +1,5 @@
 extern crate libc;
+extern crate pem_rfc7468;
 extern crate security_framework;
 extern crate security_framework_sys;
 extern crate tempfile;
@@ -85,6 +86,12 @@ pub struct Identity {
 
 impl Identity {
     pub fn from_pkcs8(pem: &[u8], key: &[u8]) -> Result<Identity, Error> {
+        let label =
+            pem_rfc7468::decode_label(key).map_err(|_| Error(base::Error::from(errSecParam)))?;
+        if label != "PRIVATE KEY" {
+            return Err(Error(base::Error::from(errSecParam)));
+        }
+
         let dir = TempDir::new().map_err(|_| Error(base::Error::from(errSecIO)))?;
         let keychain = keychain::CreateOptions::new()
             .password("password")

src/test.rs

@@ -356,6 +356,16 @@ fn import_same_identity_multiple_times() {
     let _ = p!(Identity::from_pkcs8(&cert, &key));
 }
 
+#[test]
+fn from_pkcs8_rejects_rsa_key() {
+    let keys = test_cert_gen::keys();
+    let cert = keys.server.cert_and_key.cert.to_pem().into_bytes();
+    let rsa_key = key_to_pem(keys.server.cert_and_key.key.get_der());
+    assert!(Identity::from_pkcs8(&cert, rsa_key.as_bytes()).is_err());
+    let pkcs8_key = rsa_to_pkcs8(&rsa_key);
+    assert!(Identity::from_pkcs8(&cert, pkcs8_key.as_bytes()).is_ok());
+}
+
 #[test]
 fn shutdown() {
     let keys = test_cert_gen::keys();