From c42c0f0cb388b052d964ecea57d8ba79ba004045 Mon Sep 17 00:00:00 2001
From: Felix Fontein <felix@fontein.de>
Date: Tue, 16 Jan 2018 20:49:34 +0100
Subject: [PATCH] letsencrypt: Add support for Elliptic Curve account keys
 (#34852)

---
 .../modules/web_infrastructure/letsencrypt.py | 122 ++++++++++++++----
 1 file changed, 100 insertions(+), 22 deletions(-)

diff --git a/lib/ansible/modules/web_infrastructure/letsencrypt.py b/lib/ansible/modules/web_infrastructure/letsencrypt.py
index 761657c129a..a988ed9e0d8 100644
--- a/lib/ansible/modules/web_infrastructure/letsencrypt.py
+++ b/lib/ansible/modules/web_infrastructure/letsencrypt.py
@@ -43,14 +43,16 @@ requirements:
 options:
   account_key_src:
     description:
-      - "Path to a file containing the Let's Encrypt account RSA key."
-      - "Can be created with C(openssl rsa ...)."
+      - "Path to a file containing the Let's Encrypt account RSA or Elliptic Curve
+         key."
+      - "RSA keys can be created with C(openssl rsa ...). Elliptic curve keys can
+         be created with C(openssl ecparam -genkey ...)."
       - "Mutually exclusive with C(account_key_content)."
       - "Required if C(account_key_content) is not used."
     aliases: [ account_key ]
   account_key_content:
     description:
-      - "Content of the Let's Encrypt account RSA key."
+      - "Content of the Let's Encrypt account RSA or Elliptic Curve key."
       - "Mutually exclusive with C(account_key_src)."
       - "Required if C(account_key_src) is not used."
     version_added: "2.5"
@@ -374,14 +376,12 @@ class ACMEAccount(object):
                 module.fail_json(msg="failed to create temporary content file: %s" % to_native(err), exception=traceback.format_exc())
             f.close()
 
-        pub_hex, pub_exp = self._parse_account_key(self.key)
+        error, self.key_data = self._parse_account_key(self.key)
+        if error:
+            module.fail_json(msg="error while parsing account key: %s" % error)
         self.jws_header = {
-            "alg": "RS256",
-            "jwk": {
-                "e": nopad_b64(binascii.unhexlify(pub_exp.encode("utf-8"))),
-                "kty": "RSA",
-                "n": nopad_b64(binascii.unhexlify(re.sub(r"(\s|:)", "", pub_hex).encode("utf-8"))),
-            },
+            "alg": self.key_data['alg'],
+            "jwk": self.key_data['jwk'],
         }
         self.init_account()
 
@@ -396,20 +396,82 @@ class ACMEAccount(object):
 
     def _parse_account_key(self, key):
         '''
-        Parses an RSA key file in PEM format and returns the modulus
-        and public exponent of the key
+        Parses an RSA or Elliptic Curve key file in PEM format and returns a pair
+        (error, key_data).
         '''
-        openssl_keydump_cmd = [self._openssl_bin, "rsa", "-in", key, "-noout", "-text"]
-        _, out, _ = self.module.run_command(openssl_keydump_cmd, check_rc=True)
+        account_key_type = None
+        with open(key, "rt") as f:
+            for line in f:
+                m = re.match(r"^\s*-{5,}BEGIN\s+(EC|RSA)\s+PRIVATE\s+KEY-{5,}\s*$", line)
+                if m is not None:
+                    account_key_type = m.group(1).lower()
+                    break
+        if account_key_type not in ("rsa", "ec"):
+            return 'unknown key type "%s" % account_key_type', {}
 
-        pub_hex, pub_exp = re.search(
-            r"modulus:\n\s+00:([a-f0-9\:\s]+?)\npublicExponent: ([0-9]+)",
-            to_text(out, errors='surrogate_or_strict'), re.MULTILINE | re.DOTALL).groups()
-        pub_exp = "{0:x}".format(int(pub_exp))
-        if len(pub_exp) % 2:
-            pub_exp = "0{0}".format(pub_exp)
+        openssl_keydump_cmd = [self._openssl_bin, account_key_type, "-in", key, "-noout", "-text"]
+        _, out, _ = self.module.run_command(openssl_keydump_cmd, check_rc=True)
 
-        return pub_hex, pub_exp
+        if account_key_type == 'rsa':
+            pub_hex, pub_exp = re.search(
+                r"modulus:\n\s+00:([a-f0-9\:\s]+?)\npublicExponent: ([0-9]+)",
+                to_text(out, errors='surrogate_or_strict'), re.MULTILINE | re.DOTALL).groups()
+            pub_exp = "{0:x}".format(int(pub_exp))
+            if len(pub_exp) % 2:
+                pub_exp = "0{0}".format(pub_exp)
+
+            return None, {
+                'type': 'rsa',
+                'alg': 'RS256',
+                'jwk': {
+                    "kty": "RSA",
+                    "e": nopad_b64(binascii.unhexlify(pub_exp.encode("utf-8"))),
+                    "n": nopad_b64(binascii.unhexlify(re.sub(r"(\s|:)", "", pub_hex).encode("utf-8"))),
+                },
+                'hash': 'sha256',
+            }
+        elif account_key_type == 'ec':
+            pub_data = re.search(
+                r"pub:\s*\n\s+04:([a-f0-9\:\s]+?)\nASN1 OID: (\S+)\nNIST CURVE: (\S+)",
+                to_text(out, errors='surrogate_or_strict'), re.MULTILINE | re.DOTALL)
+            if pub_data is None:
+                return 'cannot parse elliptic curve key', {}
+            pub_hex = binascii.unhexlify(re.sub(r"(\s|:)", "", pub_data.group(1)).encode("utf-8"))
+            curve = pub_data.group(3).lower()
+            if curve == 'p-256':
+                bits = 256
+                alg = 'ES256'
+                hash = 'sha256'
+                point_size = 32
+            elif curve == 'p-384':
+                bits = 384
+                alg = 'ES384'
+                hash = 'sha384'
+                point_size = 48
+            elif curve == 'p-521':
+                # Not yet supported on Let's Encrypt side, see
+                # https://github.com/letsencrypt/boulder/issues/2217
+                bits = 521
+                alg = 'ES512'
+                hash = 'sha512'
+                point_size = 66
+            else:
+                return 'unknown elliptic curve: %s' % curve, {}
+            bytes = (bits + 7) // 8
+            if len(pub_hex) != 2 * bytes:
+                return 'bad elliptic curve point (%s)' % curve, {}
+            return None, {
+                'type': 'ec',
+                'alg': alg,
+                'jwk': {
+                    "kty": "EC",
+                    "crv": curve.upper(),
+                    "x": nopad_b64(pub_hex[:bytes]),
+                    "y": nopad_b64(pub_hex[bytes:]),
+                },
+                'hash': hash,
+                'point_size': point_size,
+            }
 
     def send_signed_request(self, url, payload):
         '''
@@ -426,10 +488,26 @@ class ACMEAccount(object):
         except Exception as e:
             self.module.fail_json(msg="Failed to encode payload / headers as JSON: {0}".format(e))
 
-        openssl_sign_cmd = [self._openssl_bin, "dgst", "-sha256", "-sign", self.key]
+        openssl_sign_cmd = [self._openssl_bin, "dgst", "-{0}".format(self.key_data['hash']), "-sign", self.key]
         sign_payload = "{0}.{1}".format(protected64, payload64).encode('utf8')
         _, out, _ = self.module.run_command(openssl_sign_cmd, data=sign_payload, check_rc=True, binary_data=True)
 
+        if self.key_data['type'] == 'ec':
+            _, der_out, _ = self.module.run_command(
+                [self._openssl_bin, "asn1parse", "-inform", "DER"],
+                data=out, binary_data=True)
+            expected_len = 2 * self.key_data['point_size']
+            sig = re.findall(
+                r"prim:\s+INTEGER\s+:([0-9A-F]{1,%s})\n" % expected_len,
+                to_text(der_out, errors='surrogate_or_strict'))
+            if len(sig) != 2:
+                self.module.fail_json(
+                    msg="failed to generate Elliptic Curve signature; cannot parse DER output: {0}".format(
+                        to_text(der_out, errors='surrogate_or_strict')))
+            sig[0] = (expected_len - len(sig[0])) * '0' + sig[0]
+            sig[1] = (expected_len - len(sig[1])) * '0' + sig[1]
+            out = binascii.unhexlify(sig[0]) + binascii.unhexlify(sig[1])
+
         data = self.module.jsonify({
             "header": self.jws_header,
             "protected": protected64,