VirtualBox

source: vbox/trunk/src/libs/openssl-1.1.1l/ssl/ssl_rsa.c@ 95000

Last change on this file since 95000 was 91772, checked in by vboxsync, 3 years ago

openssl-1.1.1l: Applied and adjusted our OpenSSL changes to 1.1.1l. bugref:10126
File size: 33.1 KB
Line 
1/*
2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "ssl_local.h"
12#include "packet_local.h"
13#include <openssl/bio.h>
14#include <openssl/objects.h>
15#include <openssl/evp.h>
16#include <openssl/x509.h>
17#include <openssl/pem.h>
18
19static int ssl_set_cert(CERT *c, X509 *x509);
20static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
21
22#define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
23 | SSL_EXT_CLIENT_HELLO \
24 | SSL_EXT_TLS1_2_SERVER_HELLO \
25 | SSL_EXT_IGNORE_ON_RESUMPTION)
26
27int SSL_use_certificate(SSL *ssl, X509 *x)
28{
29 int rv;
30 if (x == NULL) {
31 SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
32 return 0;
33 }
34 rv = ssl_security_cert(ssl, NULL, x, 0, 1);
35 if (rv != 1) {
36 SSLerr(SSL_F_SSL_USE_CERTIFICATE, rv);
37 return 0;
38 }
39
40 return ssl_set_cert(ssl->cert, x);
41}
42
43int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
44{
45 int j;
46 BIO *in;
47 int ret = 0;
48 X509 *x = NULL;
49
50 in = BIO_new(BIO_s_file());
51 if (in == NULL) {
52 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
53 goto end;
54 }
55
56 if (BIO_read_filename(in, file) <= 0) {
57 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
58 goto end;
59 }
60 if (type == SSL_FILETYPE_ASN1) {
61 j = ERR_R_ASN1_LIB;
62 x = d2i_X509_bio(in, NULL);
63 } else if (type == SSL_FILETYPE_PEM) {
64 j = ERR_R_PEM_LIB;
65 x = PEM_read_bio_X509(in, NULL, ssl->default_passwd_callback,
66 ssl->default_passwd_callback_userdata);
67 } else {
68 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
69 goto end;
70 }
71
72 if (x == NULL) {
73 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
74 goto end;
75 }
76
77 ret = SSL_use_certificate(ssl, x);
78 end:
79 X509_free(x);
80 BIO_free(in);
81 return ret;
82}
83
84int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
85{
86 X509 *x;
87 int ret;
88
89 x = d2i_X509(NULL, &d, (long)len);
90 if (x == NULL) {
91 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
92 return 0;
93 }
94
95 ret = SSL_use_certificate(ssl, x);
96 X509_free(x);
97 return ret;
98}
99
100#ifndef OPENSSL_NO_RSA
101int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
102{
103 EVP_PKEY *pkey;
104 int ret;
105
106 if (rsa == NULL) {
107 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
108 return 0;
109 }
110 if ((pkey = EVP_PKEY_new()) == NULL) {
111 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
112 return 0;
113 }
114
115 RSA_up_ref(rsa);
116 if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
117 RSA_free(rsa);
118 EVP_PKEY_free(pkey);
119 return 0;
120 }
121
122 ret = ssl_set_pkey(ssl->cert, pkey);
123 EVP_PKEY_free(pkey);
124 return ret;
125}
126#endif
127
128static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
129{
130 size_t i;
131
132 if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
133 SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
134 return 0;
135 }
136
137 if (c->pkeys[i].x509 != NULL) {
138 EVP_PKEY *pktmp;
139 pktmp = X509_get0_pubkey(c->pkeys[i].x509);
140 if (pktmp == NULL) {
141 SSLerr(SSL_F_SSL_SET_PKEY, ERR_R_MALLOC_FAILURE);
142 return 0;
143 }
144 /*
145 * The return code from EVP_PKEY_copy_parameters is deliberately
146 * ignored. Some EVP_PKEY types cannot do this.
147 */
148 EVP_PKEY_copy_parameters(pktmp, pkey);
149 ERR_clear_error();
150
151 if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
152 X509_free(c->pkeys[i].x509);
153 c->pkeys[i].x509 = NULL;
154 return 0;
155 }
156 }
157
158 EVP_PKEY_free(c->pkeys[i].privatekey);
159 EVP_PKEY_up_ref(pkey);
160 c->pkeys[i].privatekey = pkey;
161 c->key = &c->pkeys[i];
162 return 1;
163}
164
165#ifndef OPENSSL_NO_RSA
166int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
167{
168 int j, ret = 0;
169 BIO *in;
170 RSA *rsa = NULL;
171
172 in = BIO_new(BIO_s_file());
173 if (in == NULL) {
174 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
175 goto end;
176 }
177
178 if (BIO_read_filename(in, file) <= 0) {
179 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
180 goto end;
181 }
182 if (type == SSL_FILETYPE_ASN1) {
183 j = ERR_R_ASN1_LIB;
184 rsa = d2i_RSAPrivateKey_bio(in, NULL);
185 } else if (type == SSL_FILETYPE_PEM) {
186 j = ERR_R_PEM_LIB;
187 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
188 ssl->default_passwd_callback,
189 ssl->default_passwd_callback_userdata);
190 } else {
191 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
192 goto end;
193 }
194 if (rsa == NULL) {
195 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
196 goto end;
197 }
198 ret = SSL_use_RSAPrivateKey(ssl, rsa);
199 RSA_free(rsa);
200 end:
201 BIO_free(in);
202 return ret;
203}
204
205int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
206{
207 int ret;
208 const unsigned char *p;
209 RSA *rsa;
210
211 p = d;
212 if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
213 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
214 return 0;
215 }
216
217 ret = SSL_use_RSAPrivateKey(ssl, rsa);
218 RSA_free(rsa);
219 return ret;
220}
221#endif /* !OPENSSL_NO_RSA */
222
223int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
224{
225 int ret;
226
227 if (pkey == NULL) {
228 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
229 return 0;
230 }
231 ret = ssl_set_pkey(ssl->cert, pkey);
232 return ret;
233}
234
235int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
236{
237 int j, ret = 0;
238 BIO *in;
239 EVP_PKEY *pkey = NULL;
240
241 in = BIO_new(BIO_s_file());
242 if (in == NULL) {
243 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
244 goto end;
245 }
246
247 if (BIO_read_filename(in, file) <= 0) {
248 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
249 goto end;
250 }
251 if (type == SSL_FILETYPE_PEM) {
252 j = ERR_R_PEM_LIB;
253 pkey = PEM_read_bio_PrivateKey(in, NULL,
254 ssl->default_passwd_callback,
255 ssl->default_passwd_callback_userdata);
256 } else if (type == SSL_FILETYPE_ASN1) {
257 j = ERR_R_ASN1_LIB;
258 pkey = d2i_PrivateKey_bio(in, NULL);
259 } else {
260 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
261 goto end;
262 }
263 if (pkey == NULL) {
264 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
265 goto end;
266 }
267 ret = SSL_use_PrivateKey(ssl, pkey);
268 EVP_PKEY_free(pkey);
269 end:
270 BIO_free(in);
271 return ret;
272}
273
274int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d,
275 long len)
276{
277 int ret;
278 const unsigned char *p;
279 EVP_PKEY *pkey;
280
281 p = d;
282 if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
283 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
284 return 0;
285 }
286
287 ret = SSL_use_PrivateKey(ssl, pkey);
288 EVP_PKEY_free(pkey);
289 return ret;
290}
291
292int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
293{
294 int rv;
295 if (x == NULL) {
296 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
297 return 0;
298 }
299 rv = ssl_security_cert(NULL, ctx, x, 0, 1);
300 if (rv != 1) {
301 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, rv);
302 return 0;
303 }
304 return ssl_set_cert(ctx->cert, x);
305}
306
307static int ssl_set_cert(CERT *c, X509 *x)
308{
309 EVP_PKEY *pkey;
310 size_t i;
311
312 pkey = X509_get0_pubkey(x);
313 if (pkey == NULL) {
314 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
315 return 0;
316 }
317
318 if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
319 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
320 return 0;
321 }
322#ifndef OPENSSL_NO_EC
323 if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) {
324 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
325 return 0;
326 }
327#endif
328 if (c->pkeys[i].privatekey != NULL) {
329 /*
330 * The return code from EVP_PKEY_copy_parameters is deliberately
331 * ignored. Some EVP_PKEY types cannot do this.
332 */
333 EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
334 ERR_clear_error();
335
336 if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
337 /*
338 * don't fail for a cert/key mismatch, just free current private
339 * key (when switching to a different cert & key, first this
340 * function should be used, then ssl_set_pkey
341 */
342 EVP_PKEY_free(c->pkeys[i].privatekey);
343 c->pkeys[i].privatekey = NULL;
344 /* clear error queue */
345 ERR_clear_error();
346 }
347 }
348
349 X509_free(c->pkeys[i].x509);
350 X509_up_ref(x);
351 c->pkeys[i].x509 = x;
352 c->key = &(c->pkeys[i]);
353
354 return 1;
355}
356
357int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
358{
359 int j;
360 BIO *in;
361 int ret = 0;
362 X509 *x = NULL;
363
364 in = BIO_new(BIO_s_file());
365 if (in == NULL) {
366 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
367 goto end;
368 }
369
370 if (BIO_read_filename(in, file) <= 0) {
371 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
372 goto end;
373 }
374 if (type == SSL_FILETYPE_ASN1) {
375 j = ERR_R_ASN1_LIB;
376 x = d2i_X509_bio(in, NULL);
377 } else if (type == SSL_FILETYPE_PEM) {
378 j = ERR_R_PEM_LIB;
379 x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
380 ctx->default_passwd_callback_userdata);
381 } else {
382 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
383 goto end;
384 }
385
386 if (x == NULL) {
387 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
388 goto end;
389 }
390
391 ret = SSL_CTX_use_certificate(ctx, x);
392 end:
393 X509_free(x);
394 BIO_free(in);
395 return ret;
396}
397
398int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
399{
400 X509 *x;
401 int ret;
402
403 x = d2i_X509(NULL, &d, (long)len);
404 if (x == NULL) {
405 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
406 return 0;
407 }
408
409 ret = SSL_CTX_use_certificate(ctx, x);
410 X509_free(x);
411 return ret;
412}
413
414#ifndef OPENSSL_NO_RSA
415int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
416{
417 int ret;
418 EVP_PKEY *pkey;
419
420 if (rsa == NULL) {
421 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
422 return 0;
423 }
424 if ((pkey = EVP_PKEY_new()) == NULL) {
425 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
426 return 0;
427 }
428
429 RSA_up_ref(rsa);
430 if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
431 RSA_free(rsa);
432 EVP_PKEY_free(pkey);
433 return 0;
434 }
435
436 ret = ssl_set_pkey(ctx->cert, pkey);
437 EVP_PKEY_free(pkey);
438 return ret;
439}
440
441int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
442{
443 int j, ret = 0;
444 BIO *in;
445 RSA *rsa = NULL;
446
447 in = BIO_new(BIO_s_file());
448 if (in == NULL) {
449 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
450 goto end;
451 }
452
453 if (BIO_read_filename(in, file) <= 0) {
454 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
455 goto end;
456 }
457 if (type == SSL_FILETYPE_ASN1) {
458 j = ERR_R_ASN1_LIB;
459 rsa = d2i_RSAPrivateKey_bio(in, NULL);
460 } else if (type == SSL_FILETYPE_PEM) {
461 j = ERR_R_PEM_LIB;
462 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
463 ctx->default_passwd_callback,
464 ctx->default_passwd_callback_userdata);
465 } else {
466 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
467 goto end;
468 }
469 if (rsa == NULL) {
470 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
471 goto end;
472 }
473 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
474 RSA_free(rsa);
475 end:
476 BIO_free(in);
477 return ret;
478}
479
480int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
481 long len)
482{
483 int ret;
484 const unsigned char *p;
485 RSA *rsa;
486
487 p = d;
488 if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
489 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
490 return 0;
491 }
492
493 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
494 RSA_free(rsa);
495 return ret;
496}
497#endif /* !OPENSSL_NO_RSA */
498
499int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
500{
501 if (pkey == NULL) {
502 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
503 return 0;
504 }
505 return ssl_set_pkey(ctx->cert, pkey);
506}
507
508int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
509{
510 int j, ret = 0;
511 BIO *in;
512 EVP_PKEY *pkey = NULL;
513
514 in = BIO_new(BIO_s_file());
515 if (in == NULL) {
516 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
517 goto end;
518 }
519
520 if (BIO_read_filename(in, file) <= 0) {
521 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
522 goto end;
523 }
524 if (type == SSL_FILETYPE_PEM) {
525 j = ERR_R_PEM_LIB;
526 pkey = PEM_read_bio_PrivateKey(in, NULL,
527 ctx->default_passwd_callback,
528 ctx->default_passwd_callback_userdata);
529 } else if (type == SSL_FILETYPE_ASN1) {
530 j = ERR_R_ASN1_LIB;
531 pkey = d2i_PrivateKey_bio(in, NULL);
532 } else {
533 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
534 goto end;
535 }
536 if (pkey == NULL) {
537 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
538 goto end;
539 }
540 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
541 EVP_PKEY_free(pkey);
542 end:
543 BIO_free(in);
544 return ret;
545}
546
547int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
548 const unsigned char *d, long len)
549{
550 int ret;
551 const unsigned char *p;
552 EVP_PKEY *pkey;
553
554 p = d;
555 if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
556 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
557 return 0;
558 }
559
560 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
561 EVP_PKEY_free(pkey);
562 return ret;
563}
564
565/*
566 * Read a file that contains our certificate in "PEM" format, possibly
567 * followed by a sequence of CA certificates that should be sent to the peer
568 * in the Certificate message.
569 */
570static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file)
571{
572 BIO *in;
573 int ret = 0;
574 X509 *x = NULL;
575 pem_password_cb *passwd_callback;
576 void *passwd_callback_userdata;
577
578 ERR_clear_error(); /* clear error stack for
579 * SSL_CTX_use_certificate() */
580
581 if (ctx != NULL) {
582 passwd_callback = ctx->default_passwd_callback;
583 passwd_callback_userdata = ctx->default_passwd_callback_userdata;
584 } else {
585 passwd_callback = ssl->default_passwd_callback;
586 passwd_callback_userdata = ssl->default_passwd_callback_userdata;
587 }
588
589 in = BIO_new(BIO_s_file());
590 if (in == NULL) {
591 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
592 goto end;
593 }
594
595 if (BIO_read_filename(in, file) <= 0) {
596 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
597 goto end;
598 }
599
600 x = PEM_read_bio_X509_AUX(in, NULL, passwd_callback,
601 passwd_callback_userdata);
602 if (x == NULL) {
603 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
604 goto end;
605 }
606
607 if (ctx)
608 ret = SSL_CTX_use_certificate(ctx, x);
609 else
610 ret = SSL_use_certificate(ssl, x);
611
612 if (ERR_peek_error() != 0)
613 ret = 0; /* Key/certificate mismatch doesn't imply
614 * ret==0 ... */
615 if (ret) {
616 /*
617 * If we could set up our certificate, now proceed to the CA
618 * certificates.
619 */
620 X509 *ca;
621 int r;
622 unsigned long err;
623
624 if (ctx)
625 r = SSL_CTX_clear_chain_certs(ctx);
626 else
627 r = SSL_clear_chain_certs(ssl);
628
629 if (r == 0) {
630 ret = 0;
631 goto end;
632 }
633
634 while ((ca = PEM_read_bio_X509(in, NULL, passwd_callback,
635 passwd_callback_userdata))
636 != NULL) {
637 if (ctx)
638 r = SSL_CTX_add0_chain_cert(ctx, ca);
639 else
640 r = SSL_add0_chain_cert(ssl, ca);
641 /*
642 * Note that we must not free ca if it was successfully added to
643 * the chain (while we must free the main certificate, since its
644 * reference count is increased by SSL_CTX_use_certificate).
645 */
646 if (!r) {
647 X509_free(ca);
648 ret = 0;
649 goto end;
650 }
651 }
652 /* When the while loop ends, it's usually just EOF. */
653 err = ERR_peek_last_error();
654 if (ERR_GET_LIB(err) == ERR_LIB_PEM
655 && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
656 ERR_clear_error();
657 else
658 ret = 0; /* some real error */
659 }
660
661 end:
662 X509_free(x);
663 BIO_free(in);
664 return ret;
665}
666
667int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
668{
669 return use_certificate_chain_file(ctx, NULL, file);
670}
671
672int SSL_use_certificate_chain_file(SSL *ssl, const char *file)
673{
674 return use_certificate_chain_file(NULL, ssl, file);
675}
676
677static int serverinfo_find_extension(const unsigned char *serverinfo,
678 size_t serverinfo_length,
679 unsigned int extension_type,
680 const unsigned char **extension_data,
681 size_t *extension_length)
682{
683 PACKET pkt, data;
684
685 *extension_data = NULL;
686 *extension_length = 0;
687 if (serverinfo == NULL || serverinfo_length == 0)
688 return -1;
689
690 if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length))
691 return -1;
692
693 for (;;) {
694 unsigned int type = 0;
695 unsigned long context = 0;
696
697 /* end of serverinfo */
698 if (PACKET_remaining(&pkt) == 0)
699 return 0; /* Extension not found */
700
701 if (!PACKET_get_net_4(&pkt, &context)
702 || !PACKET_get_net_2(&pkt, &type)
703 || !PACKET_get_length_prefixed_2(&pkt, &data))
704 return -1;
705
706 if (type == extension_type) {
707 *extension_data = PACKET_data(&data);
708 *extension_length = PACKET_remaining(&data);;
709 return 1; /* Success */
710 }
711 }
712 /* Unreachable */
713}
714
715static int serverinfoex_srv_parse_cb(SSL *s, unsigned int ext_type,
716 unsigned int context,
717 const unsigned char *in,
718 size_t inlen, X509 *x, size_t chainidx,
719 int *al, void *arg)
720{
721
722 if (inlen != 0) {
723 *al = SSL_AD_DECODE_ERROR;
724 return 0;
725 }
726
727 return 1;
728}
729
730static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type,
731 const unsigned char *in,
732 size_t inlen, int *al, void *arg)
733{
734 return serverinfoex_srv_parse_cb(s, ext_type, 0, in, inlen, NULL, 0, al,
735 arg);
736}
737
738static int serverinfoex_srv_add_cb(SSL *s, unsigned int ext_type,
739 unsigned int context,
740 const unsigned char **out,
741 size_t *outlen, X509 *x, size_t chainidx,
742 int *al, void *arg)
743{
744 const unsigned char *serverinfo = NULL;
745 size_t serverinfo_length = 0;
746
747 /* We only support extensions for the first Certificate */
748 if ((context & SSL_EXT_TLS1_3_CERTIFICATE) != 0 && chainidx > 0)
749 return 0;
750
751 /* Is there serverinfo data for the chosen server cert? */
752 if ((ssl_get_server_cert_serverinfo(s, &serverinfo,
753 &serverinfo_length)) != 0) {
754 /* Find the relevant extension from the serverinfo */
755 int retval = serverinfo_find_extension(serverinfo, serverinfo_length,
756 ext_type, out, outlen);
757 if (retval == -1) {
758 *al = SSL_AD_INTERNAL_ERROR;
759 return -1; /* Error */
760 }
761 if (retval == 0)
762 return 0; /* No extension found, don't send extension */
763 return 1; /* Send extension */
764 }
765 return 0; /* No serverinfo data found, don't send
766 * extension */
767}
768
769static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type,
770 const unsigned char **out, size_t *outlen,
771 int *al, void *arg)
772{
773 return serverinfoex_srv_add_cb(s, ext_type, 0, out, outlen, NULL, 0, al,
774 arg);
775}
776
777/*
778 * With a NULL context, this function just checks that the serverinfo data
779 * parses correctly. With a non-NULL context, it registers callbacks for
780 * the included extensions.
781 */
782static int serverinfo_process_buffer(unsigned int version,
783 const unsigned char *serverinfo,
784 size_t serverinfo_length, SSL_CTX *ctx)
785{
786 PACKET pkt;
787
788 if (serverinfo == NULL || serverinfo_length == 0)
789 return 0;
790
791 if (version != SSL_SERVERINFOV1 && version != SSL_SERVERINFOV2)
792 return 0;
793
794 if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length))
795 return 0;
796
797 while (PACKET_remaining(&pkt)) {
798 unsigned long context = 0;
799 unsigned int ext_type = 0;
800 PACKET data;
801
802 if ((version == SSL_SERVERINFOV2 && !PACKET_get_net_4(&pkt, &context))
803 || !PACKET_get_net_2(&pkt, &ext_type)
804 || !PACKET_get_length_prefixed_2(&pkt, &data))
805 return 0;
806
807 if (ctx == NULL)
808 continue;
809
810 /*
811 * The old style custom extensions API could be set separately for
812 * server/client, i.e. you could set one custom extension for a client,
813 * and *for the same extension in the same SSL_CTX* you could set a
814 * custom extension for the server as well. It seems quite weird to be
815 * setting a custom extension for both client and server in a single
816 * SSL_CTX - but theoretically possible. This isn't possible in the
817 * new API. Therefore, if we have V1 serverinfo we use the old API. We
818 * also use the old API even if we have V2 serverinfo but the context
819 * looks like an old style <= TLSv1.2 extension.
820 */
821 if (version == SSL_SERVERINFOV1 || context == SYNTHV1CONTEXT) {
822 if (!SSL_CTX_add_server_custom_ext(ctx, ext_type,
823 serverinfo_srv_add_cb,
824 NULL, NULL,
825 serverinfo_srv_parse_cb,
826 NULL))
827 return 0;
828 } else {
829 if (!SSL_CTX_add_custom_ext(ctx, ext_type, context,
830 serverinfoex_srv_add_cb,
831 NULL, NULL,
832 serverinfoex_srv_parse_cb,
833 NULL))
834 return 0;
835 }
836 }
837
838 return 1;
839}
840
841int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
842 const unsigned char *serverinfo,
843 size_t serverinfo_length)
844{
845 unsigned char *new_serverinfo;
846
847 if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
848 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER);
849 return 0;
850 }
851 if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
852 NULL)) {
853 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
854 return 0;
855 }
856 if (ctx->cert->key == NULL) {
857 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_INTERNAL_ERROR);
858 return 0;
859 }
860 new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
861 serverinfo_length);
862 if (new_serverinfo == NULL) {
863 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE);
864 return 0;
865 }
866 ctx->cert->key->serverinfo = new_serverinfo;
867 memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
868 ctx->cert->key->serverinfo_length = serverinfo_length;
869
870 /*
871 * Now that the serverinfo is validated and stored, go ahead and
872 * register callbacks.
873 */
874 if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
875 ctx)) {
876 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
877 return 0;
878 }
879 return 1;
880}
881
882int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
883 size_t serverinfo_length)
884{
885 return SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV1, serverinfo,
886 serverinfo_length);
887}
888
889int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
890{
891 unsigned char *serverinfo = NULL;
892 unsigned char *tmp;
893 size_t serverinfo_length = 0;
894 unsigned char *extension = 0;
895 long extension_length = 0;
896 char *name = NULL;
897 char *header = NULL;
898 char namePrefix1[] = "SERVERINFO FOR ";
899 char namePrefix2[] = "SERVERINFOV2 FOR ";
900 int ret = 0;
901 BIO *bin = NULL;
902 size_t num_extensions = 0, contextoff = 0;
903
904 if (ctx == NULL || file == NULL) {
905 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER);
906 goto end;
907 }
908
909 bin = BIO_new(BIO_s_file());
910 if (bin == NULL) {
911 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB);
912 goto end;
913 }
914 if (BIO_read_filename(bin, file) <= 0) {
915 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB);
916 goto end;
917 }
918
919 for (num_extensions = 0;; num_extensions++) {
920 unsigned int version;
921
922 if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
923 == 0) {
924 /*
925 * There must be at least one extension in this file
926 */
927 if (num_extensions == 0) {
928 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
929 SSL_R_NO_PEM_EXTENSIONS);
930 goto end;
931 } else /* End of file, we're done */
932 break;
933 }
934 /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
935 if (strlen(name) < strlen(namePrefix1)) {
936 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT);
937 goto end;
938 }
939 if (strncmp(name, namePrefix1, strlen(namePrefix1)) == 0) {
940 version = SSL_SERVERINFOV1;
941 } else {
942 if (strlen(name) < strlen(namePrefix2)) {
943 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
944 SSL_R_PEM_NAME_TOO_SHORT);
945 goto end;
946 }
947 if (strncmp(name, namePrefix2, strlen(namePrefix2)) != 0) {
948 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
949 SSL_R_PEM_NAME_BAD_PREFIX);
950 goto end;
951 }
952 version = SSL_SERVERINFOV2;
953 }
954 /*
955 * Check that the decoded PEM data is plausible (valid length field)
956 */
957 if (version == SSL_SERVERINFOV1) {
958 /* 4 byte header: 2 bytes type, 2 bytes len */
959 if (extension_length < 4
960 || (extension[2] << 8) + extension[3]
961 != extension_length - 4) {
962 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
963 goto end;
964 }
965 /*
966 * File does not have a context value so we must take account of
967 * this later.
968 */
969 contextoff = 4;
970 } else {
971 /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
972 if (extension_length < 8
973 || (extension[6] << 8) + extension[7]
974 != extension_length - 8) {
975 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
976 goto end;
977 }
978 }
979 /* Append the decoded extension to the serverinfo buffer */
980 tmp = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length
981 + contextoff);
982 if (tmp == NULL) {
983 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
984 goto end;
985 }
986 serverinfo = tmp;
987 if (contextoff > 0) {
988 unsigned char *sinfo = serverinfo + serverinfo_length;
989
990 /* We know this only uses the last 2 bytes */
991 sinfo[0] = 0;
992 sinfo[1] = 0;
993 sinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
994 sinfo[3] = SYNTHV1CONTEXT & 0xff;
995 }
996 memcpy(serverinfo + serverinfo_length + contextoff,
997 extension, extension_length);
998 serverinfo_length += extension_length + contextoff;
999
1000 OPENSSL_free(name);
1001 name = NULL;
1002 OPENSSL_free(header);
1003 header = NULL;
1004 OPENSSL_free(extension);
1005 extension = NULL;
1006 }
1007
1008 ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, serverinfo,
1009 serverinfo_length);
1010 end:
1011 /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
1012 OPENSSL_free(name);
1013 OPENSSL_free(header);
1014 OPENSSL_free(extension);
1015 OPENSSL_free(serverinfo);
1016 BIO_free(bin);
1017 return ret;
1018}
1019
1020static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
1021 STACK_OF(X509) *chain, int override)
1022{
1023 int ret = 0;
1024 size_t i;
1025 int j;
1026 int rv;
1027 CERT *c = ssl != NULL ? ssl->cert : ctx->cert;
1028 STACK_OF(X509) *dup_chain = NULL;
1029 EVP_PKEY *pubkey = NULL;
1030
1031 /* Do all security checks before anything else */
1032 rv = ssl_security_cert(ssl, ctx, x509, 0, 1);
1033 if (rv != 1) {
1034 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv);
1035 goto out;
1036 }
1037 for (j = 0; j < sk_X509_num(chain); j++) {
1038 rv = ssl_security_cert(ssl, ctx, sk_X509_value(chain, j), 0, 0);
1039 if (rv != 1) {
1040 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv);
1041 goto out;
1042 }
1043 }
1044
1045 pubkey = X509_get_pubkey(x509); /* bumps reference */
1046 if (pubkey == NULL)
1047 goto out;
1048 if (privatekey == NULL) {
1049 privatekey = pubkey;
1050 } else {
1051 /* For RSA, which has no parameters, missing returns 0 */
1052 if (EVP_PKEY_missing_parameters(privatekey)) {
1053 if (EVP_PKEY_missing_parameters(pubkey)) {
1054 /* nobody has parameters? - error */
1055 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_MISSING_PARAMETERS);
1056 goto out;
1057 } else {
1058 /* copy to privatekey from pubkey */
1059 EVP_PKEY_copy_parameters(privatekey, pubkey);
1060 }
1061 } else if (EVP_PKEY_missing_parameters(pubkey)) {
1062 /* copy to pubkey from privatekey */
1063 EVP_PKEY_copy_parameters(pubkey, privatekey);
1064 } /* else both have parameters */
1065
1066 /* check that key <-> cert match */
1067 if (EVP_PKEY_cmp(pubkey, privatekey) != 1) {
1068 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_PRIVATE_KEY_MISMATCH);
1069 goto out;
1070 }
1071 }
1072 if (ssl_cert_lookup_by_pkey(pubkey, &i) == NULL) {
1073 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
1074 goto out;
1075 }
1076
1077 if (!override && (c->pkeys[i].x509 != NULL
1078 || c->pkeys[i].privatekey != NULL
1079 || c->pkeys[i].chain != NULL)) {
1080 /* No override, and something already there */
1081 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_NOT_REPLACING_CERTIFICATE);
1082 goto out;
1083 }
1084
1085 if (chain != NULL) {
1086 dup_chain = X509_chain_up_ref(chain);
1087 if (dup_chain == NULL) {
1088 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, ERR_R_MALLOC_FAILURE);
1089 goto out;
1090 }
1091 }
1092
1093 sk_X509_pop_free(c->pkeys[i].chain, X509_free);
1094 c->pkeys[i].chain = dup_chain;
1095
1096 X509_free(c->pkeys[i].x509);
1097 X509_up_ref(x509);
1098 c->pkeys[i].x509 = x509;
1099
1100 EVP_PKEY_free(c->pkeys[i].privatekey);
1101 EVP_PKEY_up_ref(privatekey);
1102 c->pkeys[i].privatekey = privatekey;
1103
1104 c->key = &(c->pkeys[i]);
1105
1106 ret = 1;
1107 out:
1108 EVP_PKEY_free(pubkey);
1109 return ret;
1110}
1111
1112int SSL_use_cert_and_key(SSL *ssl, X509 *x509, EVP_PKEY *privatekey,
1113 STACK_OF(X509) *chain, int override)
1114{
1115 return ssl_set_cert_and_key(ssl, NULL, x509, privatekey, chain, override);
1116}
1117
1118int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
1119 STACK_OF(X509) *chain, int override)
1120{
1121 return ssl_set_cert_and_key(NULL, ctx, x509, privatekey, chain, override);
1122}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette