forked from TrueCloudLab/certificates
Apparently the existing library works out of the box, after all. We'll have to see how it works out continuing forward.
367 lines
11 KiB
367 lines
11 KiB
package scep
import (
database ""
microx509util ""
microscep ""
// Interface is the SCEP authority interface.
type Interface interface {
// GetDirectory(ctx context.Context) (*Directory, error)
// NewNonce() (string, error)
// UseNonce(string) error
// DeactivateAccount(ctx context.Context, accID string) (*Account, error)
// GetAccount(ctx context.Context, accID string) (*Account, error)
// GetAccountByKey(ctx context.Context, key *jose.JSONWebKey) (*Account, error)
// NewAccount(ctx context.Context, ao AccountOptions) (*Account, error)
// UpdateAccount(context.Context, string, []string) (*Account, error)
// GetAuthz(ctx context.Context, accID string, authzID string) (*Authz, error)
// ValidateChallenge(ctx context.Context, accID string, chID string, key *jose.JSONWebKey) (*Challenge, error)
// FinalizeOrder(ctx context.Context, accID string, orderID string, csr *x509.CertificateRequest) (*Order, error)
// GetOrder(ctx context.Context, accID string, orderID string) (*Order, error)
// GetOrdersByAccount(ctx context.Context, accID string) ([]string, error)
// NewOrder(ctx context.Context, oo OrderOptions) (*Order, error)
// GetCertificate(string, string) ([]byte, error)
LoadProvisionerByID(string) (provisioner.Interface, error)
// GetLink(ctx context.Context, linkType Link, absoluteLink bool, inputs ...string) string
// GetLinkExplicit(linkType Link, provName string, absoluteLink bool, baseURL *url.URL, inputs ...string) string
GetCACertificates() ([]*x509.Certificate, error)
//GetSigningKey() (*rsa.PrivateKey, error)
DecryptPKIEnvelope(*PKIMessage) error
SignCSR(msg *PKIMessage, template *x509.Certificate) (*PKIMessage, error)
// Authority is the layer that handles all SCEP interactions.
type Authority struct {
backdate provisioner.Duration
db nosql.DB
prefix string
dns string
// dir *directory
intermediateCertificate *x509.Certificate
service Service
signAuth SignAuthority
// AuthorityOptions required to create a new SCEP Authority.
type AuthorityOptions struct {
IntermediateCertificatePath string
Service Service
// Backdate
Backdate provisioner.Duration
// DB is the database used by nosql.
DB nosql.DB
// DNS the host used to generate accurate SCEP links. By default the authority
// will use the Host from the request, so this value will only be used if
// request.Host is empty.
DNS string
// Prefix is a URL path prefix under which the SCEP api is served. This
// prefix is required to generate accurate SCEP links.
Prefix string
// SignAuthority is the interface for a signing authority
type SignAuthority interface {
Sign(cr *x509.CertificateRequest, opts provisioner.SignOptions, signOpts ...provisioner.SignOption) ([]*x509.Certificate, error)
LoadProvisionerByID(string) (provisioner.Interface, error)
// New returns a new Authority that implements the SCEP interface.
func New(signAuth SignAuthority, ops AuthorityOptions) (*Authority, error) {
if _, ok := ops.DB.(*database.SimpleDB); !ok {
// TODO: see ACME implementation
// TODO: the below is a bit similar as what happens in the core Authority class, which
// creates the full x509 service. However, those aren't accessible directly, which is
// why I reimplemented this (for now). There might be an alternative that I haven't
// found yet.
certificateChain, err := pemutil.ReadCertificateBundle(ops.IntermediateCertificatePath)
if err != nil {
return nil, err
return &Authority{
backdate: ops.Backdate,
db: ops.DB,
prefix: ops.Prefix,
dns: ops.DNS,
intermediateCertificate: certificateChain[0],
service: ops.Service,
signAuth: signAuth,
}, nil
// LoadProvisionerByID calls out to the SignAuthority interface to load a
// provisioner by ID.
func (a *Authority) LoadProvisionerByID(id string) (provisioner.Interface, error) {
return a.signAuth.LoadProvisionerByID(id)
// GetCACertificates returns the certificate (chain) for the CA
func (a *Authority) GetCACertificates() ([]*x509.Certificate, error) {
// TODO: this should return: the "SCEP Server (RA)" certificate, the issuing CA up to and excl. the root
// Some clients do need the root certificate however; also see:
// This means we might need to think about if we should use the current intermediate CA
// certificate as the "SCEP Server (RA)" certificate. It might be better to have a distinct
// RA certificate, with a corresponding rsa.PrivateKey, just for SCEP usage, which is signed by
// the intermediate CA. Will need to look how we can provide this nicely within step-ca.
// This might also mean that we might want to use a distinct instance of KMS for doing the key operations,
// so that we can use RSA just for SCEP.
// Using an RA does not seem to exist in, but is mentioned in
// Will continue using the CA directly for now.
if a.intermediateCertificate == nil {
return nil, errors.New("no intermediate certificate available in SCEP authority")
return []*x509.Certificate{a.intermediateCertificate}, nil
// DecryptPKIEnvelope decrypts an enveloped message
func (a *Authority) DecryptPKIEnvelope(msg *PKIMessage) error {
data := msg.Raw
p7, err := pkcs7.Parse(data)
if err != nil {
return err
var tID microscep.TransactionID
if err := p7.UnmarshalSignedAttribute(oidSCEPtransactionID, &tID); err != nil {
return err
var msgType microscep.MessageType
if err := p7.UnmarshalSignedAttribute(oidSCEPmessageType, &msgType); err != nil {
return err
msg.p7 = p7
p7c, err := pkcs7.Parse(p7.Content)
if err != nil {
return err
envelope, err := p7c.Decrypt(a.intermediateCertificate, a.service.Decrypter)
if err != nil {
return err
msg.pkiEnvelope = envelope
switch msg.MessageType {
case microscep.CertRep:
certs, err := microscep.CACerts(msg.pkiEnvelope)
if err != nil {
return err
msg.CertRepMessage.Certificate = certs[0] // TODO: check correctness of this
return nil
case microscep.PKCSReq, microscep.UpdateReq, microscep.RenewalReq:
csr, err := x509.ParseCertificateRequest(msg.pkiEnvelope)
if err != nil {
return fmt.Errorf("parse CSR from pkiEnvelope")
// check for challengePassword
cp, err := microx509util.ParseChallengePassword(msg.pkiEnvelope)
if err != nil {
return fmt.Errorf("scep: parse challenge password in pkiEnvelope")
msg.CSRReqMessage = µscep.CSRReqMessage{
RawDecrypted: msg.pkiEnvelope,
CSR: csr,
ChallengePassword: cp,
//msg.Certificate = p7.Certificates[0] // TODO: check if this is necessary to add (again)
return nil
case microscep.GetCRL, microscep.GetCert, microscep.CertPoll:
return fmt.Errorf("not implemented") //errNotImplemented
return nil
// SignCSR creates an x509.Certificate based on a template and Cert Authority credentials
// returns a new PKIMessage with CertRep data
//func (msg *PKIMessage) SignCSR(crtAuth *x509.Certificate, keyAuth *rsa.PrivateKey, template *x509.Certificate) (*PKIMessage, error) {
func (a *Authority) SignCSR(msg *PKIMessage, template *x509.Certificate) (*PKIMessage, error) {
// check if CSRReqMessage has already been decrypted
if msg.CSRReqMessage.CSR == nil {
if err := a.DecryptPKIEnvelope(msg); err != nil {
return nil, err
csr := msg.CSRReqMessage.CSR
// Template data
data := x509util.NewTemplateData()
//data.Set(x509util.SANsKey, sans)
// templateOptions, err := provisioner.TemplateOptions(p.GetOptions(), data)
// if err != nil {
// return nil, ServerInternalErr(errors.Wrapf(err, "error creating template options from ACME provisioner"))
// }
// signOps = append(signOps, templateOptions)
// // Create and store a new certificate.
// certChain, err := auth.Sign(csr, provisioner.SignOptions{
// NotBefore: provisioner.NewTimeDuration(o.NotBefore),
// NotAfter: provisioner.NewTimeDuration(o.NotAfter),
// }, signOps...)
// if err != nil {
// return nil, ServerInternalErr(errors.Wrapf(err, "error generating certificate for order %s", o.ID))
// }
// TODO: proper options
signOps := provisioner.SignOptions{}
signOps2 := []provisioner.SignOption{}
certs, err := a.signAuth.Sign(csr, signOps, signOps2...)
if err != nil {
return nil, err
cert := certs[0]
// fmt.Println("CERT")
// fmt.Println(cert)
// fmt.Println(fmt.Sprintf("%T", cert))
// fmt.Println(cert.Issuer)
// fmt.Println(cert.Subject)
serial := big.NewInt(int64(rand.Int63())) // TODO: serial logic?
cert.SerialNumber = serial
// create a degenerate cert structure
deg, err := DegenerateCertificates([]*x509.Certificate{cert})
if err != nil {
return nil, err
e7, err := pkcs7.Encrypt(deg, msg.p7.Certificates)
if err != nil {
return nil, err
// PKIMessageAttributes to be signed
config := pkcs7.SignerInfoConfig{
ExtraSignedAttributes: []pkcs7.Attribute{
Type: oidSCEPtransactionID,
Value: msg.TransactionID,
Type: oidSCEPpkiStatus,
Value: microscep.SUCCESS,
Type: oidSCEPmessageType,
Value: microscep.CertRep,
Type: oidSCEPrecipientNonce,
Value: msg.SenderNonce,
signedData, err := pkcs7.NewSignedData(e7)
if err != nil {
return nil, err
// add the certificate into the signed data type
// this cert must be added before the signedData because the recipient will expect it
// as the first certificate in the array
authCert := a.intermediateCertificate
// sign the attributes
if err := signedData.AddSigner(authCert, a.service.Signer, config); err != nil {
return nil, err
certRepBytes, err := signedData.Finish()
if err != nil {
return nil, err
cr := &CertRepMessage{
PKIStatus: microscep.SUCCESS,
RecipientNonce: microscep.RecipientNonce(msg.SenderNonce),
Certificate: cert,
degenerate: deg,
// create a CertRep message from the original
crepMsg := &PKIMessage{
Raw: certRepBytes,
TransactionID: msg.TransactionID,
MessageType: microscep.CertRep,
CertRepMessage: cr,
return crepMsg, nil
// DegenerateCertificates creates degenerate certificates pkcs#7 type
func DegenerateCertificates(certs []*x509.Certificate) ([]byte, error) {
var buf bytes.Buffer
for _, cert := range certs {
degenerate, err := pkcs7.DegenerateCertificate(buf.Bytes())
if err != nil {
return nil, err
return degenerate, nil
// Interface guards
var (
_ Interface = (*Authority)(nil)