Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / 14af74a96b578a0d213f5796f5969e0b644f760e / . / ap / lib / libssl / openssl-1.1.1o / ssl / ssl_rsa.c
blob: 2df07bea6782013d3d38d6dceab4e768f575d7cc [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]1/*
2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "ssl_local.h"
12#include "packet_local.h"
13#include <openssl/bio.h>
14#include <openssl/objects.h>
15#include <openssl/evp.h>
16#include <openssl/x509.h>
17#include <openssl/pem.h>
18
19static int ssl_set_cert(CERT *c, X509 *x509);
20static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
21
22#define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
23 | SSL_EXT_CLIENT_HELLO \
24 | SSL_EXT_TLS1_2_SERVER_HELLO \
25 | SSL_EXT_IGNORE_ON_RESUMPTION)
26
27int SSL_use_certificate(SSL *ssl, X509 *x)
28{
29 int rv;
30 if (x == NULL) {
31 SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
32 return 0;
33 }
34 rv = ssl_security_cert(ssl, NULL, x, 0, 1);
35 if (rv != 1) {
36 SSLerr(SSL_F_SSL_USE_CERTIFICATE, rv);
37 return 0;
38 }
39
40 return ssl_set_cert(ssl->cert, x);
41}
42
43int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
44{
45 int j;
46 BIO *in;
47 int ret = 0;
48 X509 *x = NULL;
49
50 in = BIO_new(BIO_s_file());
51 if (in == NULL) {
52 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
53 goto end;
54 }
55
56 if (BIO_read_filename(in, file) <= 0) {
57 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
58 goto end;
59 }
60 if (type == SSL_FILETYPE_ASN1) {
61 j = ERR_R_ASN1_LIB;
62 x = d2i_X509_bio(in, NULL);
63 } else if (type == SSL_FILETYPE_PEM) {
64 j = ERR_R_PEM_LIB;
65 x = PEM_read_bio_X509(in, NULL, ssl->default_passwd_callback,
66 ssl->default_passwd_callback_userdata);
67 } else {
68 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
69 goto end;
70 }
71
72 if (x == NULL) {
73 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
74 goto end;
75 }
76
77 ret = SSL_use_certificate(ssl, x);
78 end:
79 X509_free(x);
80 BIO_free(in);
81 return ret;
82}
83
84int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
85{
86 X509 *x;
87 int ret;
88
89 x = d2i_X509(NULL, &d, (long)len);
90 if (x == NULL) {
91 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
92 return 0;
93 }
94
95 ret = SSL_use_certificate(ssl, x);
96 X509_free(x);
97 return ret;
98}
99
100#ifndef OPENSSL_NO_RSA
101int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
102{
103 EVP_PKEY *pkey;
104 int ret;
105
106 if (rsa == NULL) {
107 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
108 return 0;
109 }
110 if ((pkey = EVP_PKEY_new()) == NULL) {
111 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
112 return 0;
113 }
114
115 RSA_up_ref(rsa);
116 if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
117 RSA_free(rsa);
118 EVP_PKEY_free(pkey);
119 return 0;
120 }
121
122 ret = ssl_set_pkey(ssl->cert, pkey);
123 EVP_PKEY_free(pkey);
124 return ret;
125}
126#endif
127
128static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
129{
130 size_t i;
131
132 if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
133 SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
134 return 0;
135 }
136
137 if (c->pkeys[i].x509 != NULL) {
138 EVP_PKEY *pktmp;
139 pktmp = X509_get0_pubkey(c->pkeys[i].x509);
140 if (pktmp == NULL) {
141 SSLerr(SSL_F_SSL_SET_PKEY, ERR_R_MALLOC_FAILURE);
142 return 0;
143 }
144 /*
145 * The return code from EVP_PKEY_copy_parameters is deliberately
146 * ignored. Some EVP_PKEY types cannot do this.
147 */
148 EVP_PKEY_copy_parameters(pktmp, pkey);
149 ERR_clear_error();
150
151 if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
152 X509_free(c->pkeys[i].x509);
153 c->pkeys[i].x509 = NULL;
154 return 0;
155 }
156 }
157
158 EVP_PKEY_free(c->pkeys[i].privatekey);
159 EVP_PKEY_up_ref(pkey);
160 c->pkeys[i].privatekey = pkey;
161 c->key = &c->pkeys[i];
162 return 1;
163}
164
165#ifndef OPENSSL_NO_RSA
166int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
167{
168 int j, ret = 0;
169 BIO *in;
170 RSA *rsa = NULL;
171
172 in = BIO_new(BIO_s_file());
173 if (in == NULL) {
174 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
175 goto end;
176 }
177
178 if (BIO_read_filename(in, file) <= 0) {
179 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
180 goto end;
181 }
182 if (type == SSL_FILETYPE_ASN1) {
183 j = ERR_R_ASN1_LIB;
184 rsa = d2i_RSAPrivateKey_bio(in, NULL);
185 } else if (type == SSL_FILETYPE_PEM) {
186 j = ERR_R_PEM_LIB;
187 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
188 ssl->default_passwd_callback,
189 ssl->default_passwd_callback_userdata);
190 } else {
191 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
192 goto end;
193 }
194 if (rsa == NULL) {
195 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
196 goto end;
197 }
198 ret = SSL_use_RSAPrivateKey(ssl, rsa);
199 RSA_free(rsa);
200 end:
201 BIO_free(in);
202 return ret;
203}
204
205int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
206{
207 int ret;
208 const unsigned char *p;
209 RSA *rsa;
210
211 p = d;
212 if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
213 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
214 return 0;
215 }
216
217 ret = SSL_use_RSAPrivateKey(ssl, rsa);
218 RSA_free(rsa);
219 return ret;
220}
221#endif /* !OPENSSL_NO_RSA */
222
223int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
224{
225 int ret;
226
227 if (pkey == NULL) {
228 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
229 return 0;
230 }
231 ret = ssl_set_pkey(ssl->cert, pkey);
232 return ret;
233}
234
235int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
236{
237 int j, ret = 0;
238 BIO *in;
239 EVP_PKEY *pkey = NULL;
240
241 in = BIO_new(BIO_s_file());
242 if (in == NULL) {
243 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
244 goto end;
245 }
246
247 if (BIO_read_filename(in, file) <= 0) {
248 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
249 goto end;
250 }
251 if (type == SSL_FILETYPE_PEM) {
252 j = ERR_R_PEM_LIB;
253 pkey = PEM_read_bio_PrivateKey(in, NULL,
254 ssl->default_passwd_callback,
255 ssl->default_passwd_callback_userdata);
256 } else if (type == SSL_FILETYPE_ASN1) {
257 j = ERR_R_ASN1_LIB;
258 pkey = d2i_PrivateKey_bio(in, NULL);
259 } else {
260 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
261 goto end;
262 }
263 if (pkey == NULL) {
264 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
265 goto end;
266 }
267 ret = SSL_use_PrivateKey(ssl, pkey);
268 EVP_PKEY_free(pkey);
269 end:
270 BIO_free(in);
271 return ret;
272}
273
274int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d,
275 long len)
276{
277 int ret;
278 const unsigned char *p;
279 EVP_PKEY *pkey;
280
281 p = d;
282 if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
283 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
284 return 0;
285 }
286
287 ret = SSL_use_PrivateKey(ssl, pkey);
288 EVP_PKEY_free(pkey);
289 return ret;
290}
291
292int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
293{
294 int rv;
295 if (x == NULL) {
296 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
297 return 0;
298 }
299 rv = ssl_security_cert(NULL, ctx, x, 0, 1);
300 if (rv != 1) {
301 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, rv);
302 return 0;
303 }
304 return ssl_set_cert(ctx->cert, x);
305}
306
307static int ssl_set_cert(CERT *c, X509 *x)
308{
309 EVP_PKEY *pkey;
310 size_t i;
311
312 pkey = X509_get0_pubkey(x);
313 if (pkey == NULL) {
314 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
315 return 0;
316 }
317
318 if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
319 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
320 return 0;
321 }
322#ifndef OPENSSL_NO_EC
323 if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) {
324 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
325 return 0;
326 }
327#endif
328 if (c->pkeys[i].privatekey != NULL) {
329 /*
330 * The return code from EVP_PKEY_copy_parameters is deliberately
331 * ignored. Some EVP_PKEY types cannot do this.
332 */
333 EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
334 ERR_clear_error();
335
336 if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
337 /*
338 * don't fail for a cert/key mismatch, just free current private
339 * key (when switching to a different cert & key, first this
340 * function should be used, then ssl_set_pkey
341 */
342 EVP_PKEY_free(c->pkeys[i].privatekey);
343 c->pkeys[i].privatekey = NULL;
344 /* clear error queue */
345 ERR_clear_error();
346 }
347 }
348
349 X509_free(c->pkeys[i].x509);
350 X509_up_ref(x);
351 c->pkeys[i].x509 = x;
352 c->key = &(c->pkeys[i]);
353
354 return 1;
355}
356
357int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
358{
359 int j;
360 BIO *in;
361 int ret = 0;
362 X509 *x = NULL;
363
364 in = BIO_new(BIO_s_file());
365 if (in == NULL) {
366 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
367 goto end;
368 }
369
370 if (BIO_read_filename(in, file) <= 0) {
371 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
372 goto end;
373 }
374 if (type == SSL_FILETYPE_ASN1) {
375 j = ERR_R_ASN1_LIB;
376 x = d2i_X509_bio(in, NULL);
377 } else if (type == SSL_FILETYPE_PEM) {
378 j = ERR_R_PEM_LIB;
379 x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
380 ctx->default_passwd_callback_userdata);
381 } else {
382 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
383 goto end;
384 }
385
386 if (x == NULL) {
387 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
388 goto end;
389 }
390
391 ret = SSL_CTX_use_certificate(ctx, x);
392 end:
393 X509_free(x);
394 BIO_free(in);
395 return ret;
396}
397
398int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
399{
400 X509 *x;
401 int ret;
402
403 x = d2i_X509(NULL, &d, (long)len);
404 if (x == NULL) {
405 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
406 return 0;
407 }
408
409 ret = SSL_CTX_use_certificate(ctx, x);
410 X509_free(x);
411 return ret;
412}
413
414#ifndef OPENSSL_NO_RSA
415int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
416{
417 int ret;
418 EVP_PKEY *pkey;
419
420 if (rsa == NULL) {
421 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
422 return 0;
423 }
424 if ((pkey = EVP_PKEY_new()) == NULL) {
425 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
426 return 0;
427 }
428
429 RSA_up_ref(rsa);
430 if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
431 RSA_free(rsa);
432 EVP_PKEY_free(pkey);
433 return 0;
434 }
435
436 ret = ssl_set_pkey(ctx->cert, pkey);
437 EVP_PKEY_free(pkey);
438 return ret;
439}
440
441int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
442{
443 int j, ret = 0;
444 BIO *in;
445 RSA *rsa = NULL;
446
447 in = BIO_new(BIO_s_file());
448 if (in == NULL) {
449 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
450 goto end;
451 }
452
453 if (BIO_read_filename(in, file) <= 0) {
454 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
455 goto end;
456 }
457 if (type == SSL_FILETYPE_ASN1) {
458 j = ERR_R_ASN1_LIB;
459 rsa = d2i_RSAPrivateKey_bio(in, NULL);
460 } else if (type == SSL_FILETYPE_PEM) {
461 j = ERR_R_PEM_LIB;
462 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
463 ctx->default_passwd_callback,
464 ctx->default_passwd_callback_userdata);
465 } else {
466 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
467 goto end;
468 }
469 if (rsa == NULL) {
470 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
471 goto end;
472 }
473 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
474 RSA_free(rsa);
475 end:
476 BIO_free(in);
477 return ret;
478}
479
480int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
481 long len)
482{
483 int ret;
484 const unsigned char *p;
485 RSA *rsa;
486
487 p = d;
488 if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
489 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
490 return 0;
491 }
492
493 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
494 RSA_free(rsa);
495 return ret;
496}
497#endif /* !OPENSSL_NO_RSA */
498
499int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
500{
501 if (pkey == NULL) {
502 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
503 return 0;
504 }
505 return ssl_set_pkey(ctx->cert, pkey);
506}
507
508int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
509{
510 int j, ret = 0;
511 BIO *in;
512 EVP_PKEY *pkey = NULL;
513
514 in = BIO_new(BIO_s_file());
515 if (in == NULL) {
516 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
517 goto end;
518 }
519
520 if (BIO_read_filename(in, file) <= 0) {
521 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
522 goto end;
523 }
524 if (type == SSL_FILETYPE_PEM) {
525 j = ERR_R_PEM_LIB;
526 pkey = PEM_read_bio_PrivateKey(in, NULL,
527 ctx->default_passwd_callback,
528 ctx->default_passwd_callback_userdata);
529 } else if (type == SSL_FILETYPE_ASN1) {
530 j = ERR_R_ASN1_LIB;
531 pkey = d2i_PrivateKey_bio(in, NULL);
532 } else {
533 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
534 goto end;
535 }
536 if (pkey == NULL) {
537 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
538 goto end;
539 }
540 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
541 EVP_PKEY_free(pkey);
542 end:
543 BIO_free(in);
544 return ret;
545}
546
547int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
548 const unsigned char *d, long len)
549{
550 int ret;
551 const unsigned char *p;
552 EVP_PKEY *pkey;
553
554 p = d;
555 if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
556 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
557 return 0;
558 }
559
560 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
561 EVP_PKEY_free(pkey);
562 return ret;
563}
564
565/*
566 * Read a file that contains our certificate in "PEM" format, possibly
567 * followed by a sequence of CA certificates that should be sent to the peer
568 * in the Certificate message.
569 */
570static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file)
571{
572 BIO *in;
573 int ret = 0;
574 X509 *x = NULL;
575 pem_password_cb *passwd_callback;
576 void *passwd_callback_userdata;
577
578 ERR_clear_error(); /* clear error stack for
579 * SSL_CTX_use_certificate() */
580
581 if (ctx != NULL) {
582 passwd_callback = ctx->default_passwd_callback;
583 passwd_callback_userdata = ctx->default_passwd_callback_userdata;
584 } else {
585 passwd_callback = ssl->default_passwd_callback;
586 passwd_callback_userdata = ssl->default_passwd_callback_userdata;
587 }
588
589 in = BIO_new(BIO_s_file());
590 if (in == NULL) {
591 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
592 goto end;
593 }
594
595 if (BIO_read_filename(in, file) <= 0) {
596 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
597 goto end;
598 }
599
600 x = PEM_read_bio_X509_AUX(in, NULL, passwd_callback,
601 passwd_callback_userdata);
602 if (x == NULL) {
603 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
604 goto end;
605 }
606
607 if (ctx)
608 ret = SSL_CTX_use_certificate(ctx, x);
609 else
610 ret = SSL_use_certificate(ssl, x);
611
612 if (ERR_peek_error() != 0)
613 ret = 0; /* Key/certificate mismatch doesn't imply
614 * ret==0 ... */
615 if (ret) {
616 /*
617 * If we could set up our certificate, now proceed to the CA
618 * certificates.
619 */
620 X509 *ca;
621 int r;
622 unsigned long err;
623
624 if (ctx)
625 r = SSL_CTX_clear_chain_certs(ctx);
626 else
627 r = SSL_clear_chain_certs(ssl);
628
629 if (r == 0) {
630 ret = 0;
631 goto end;
632 }
633
634 while ((ca = PEM_read_bio_X509(in, NULL, passwd_callback,
635 passwd_callback_userdata))
636 != NULL) {
637 if (ctx)
638 r = SSL_CTX_add0_chain_cert(ctx, ca);
639 else
640 r = SSL_add0_chain_cert(ssl, ca);
641 /*
642 * Note that we must not free ca if it was successfully added to
643 * the chain (while we must free the main certificate, since its
644 * reference count is increased by SSL_CTX_use_certificate).
645 */
646 if (!r) {
647 X509_free(ca);
648 ret = 0;
649 goto end;
650 }
651 }
652 /* When the while loop ends, it's usually just EOF. */
653 err = ERR_peek_last_error();
654 if (ERR_GET_LIB(err) == ERR_LIB_PEM
655 && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
656 ERR_clear_error();
657 else
658 ret = 0; /* some real error */
659 }
660
661 end:
662 X509_free(x);
663 BIO_free(in);
664 return ret;
665}
666
667int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
668{
669 return use_certificate_chain_file(ctx, NULL, file);
670}
671
672int SSL_use_certificate_chain_file(SSL *ssl, const char *file)
673{
674 return use_certificate_chain_file(NULL, ssl, file);
675}
676
677static int serverinfo_find_extension(const unsigned char *serverinfo,
678 size_t serverinfo_length,
679 unsigned int extension_type,
680 const unsigned char **extension_data,
681 size_t *extension_length)
682{
683 PACKET pkt, data;
684
685 *extension_data = NULL;
686 *extension_length = 0;
687 if (serverinfo == NULL || serverinfo_length == 0)
688 return -1;
689
690 if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length))
691 return -1;
692
693 for (;;) {
694 unsigned int type = 0;
695 unsigned long context = 0;
696
697 /* end of serverinfo */
698 if (PACKET_remaining(&pkt) == 0)
699 return 0; /* Extension not found */
700
701 if (!PACKET_get_net_4(&pkt, &context)
702 || !PACKET_get_net_2(&pkt, &type)
703 || !PACKET_get_length_prefixed_2(&pkt, &data))
704 return -1;
705
706 if (type == extension_type) {
707 *extension_data = PACKET_data(&data);
708 *extension_length = PACKET_remaining(&data);;
709 return 1; /* Success */
710 }
711 }
712 /* Unreachable */
713}
714
715static int serverinfoex_srv_parse_cb(SSL *s, unsigned int ext_type,
716 unsigned int context,
717 const unsigned char *in,
718 size_t inlen, X509 *x, size_t chainidx,
719 int *al, void *arg)
720{
721
722 if (inlen != 0) {
723 *al = SSL_AD_DECODE_ERROR;
724 return 0;
725 }
726
727 return 1;
728}
729
730static size_t extension_contextoff(unsigned int version)
731{
732 return version == SSL_SERVERINFOV1 ? 4 : 0;
733}
734
735static size_t extension_append_length(unsigned int version, size_t extension_length)
736{
737 return extension_length + extension_contextoff(version);
738}
739
740static void extension_append(unsigned int version,
741 const unsigned char *extension,
742 const size_t extension_length,
743 unsigned char *serverinfo)
744{
745 const size_t contextoff = extension_contextoff(version);
746
747 if (contextoff > 0) {
748 /* We know this only uses the last 2 bytes */
749 serverinfo[0] = 0;
750 serverinfo[1] = 0;
751 serverinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
752 serverinfo[3] = SYNTHV1CONTEXT & 0xff;
753 }
754
755 memcpy(serverinfo + contextoff, extension, extension_length);
756}
757
758static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type,
759 const unsigned char *in,
760 size_t inlen, int *al, void *arg)
761{
762 return serverinfoex_srv_parse_cb(s, ext_type, 0, in, inlen, NULL, 0, al,
763 arg);
764}
765
766static int serverinfoex_srv_add_cb(SSL *s, unsigned int ext_type,
767 unsigned int context,
768 const unsigned char **out,
769 size_t *outlen, X509 *x, size_t chainidx,
770 int *al, void *arg)
771{
772 const unsigned char *serverinfo = NULL;
773 size_t serverinfo_length = 0;
774
775 /* We only support extensions for the first Certificate */
776 if ((context & SSL_EXT_TLS1_3_CERTIFICATE) != 0 && chainidx > 0)
777 return 0;
778
779 /* Is there serverinfo data for the chosen server cert? */
780 if ((ssl_get_server_cert_serverinfo(s, &serverinfo,
781 &serverinfo_length)) != 0) {
782 /* Find the relevant extension from the serverinfo */
783 int retval = serverinfo_find_extension(serverinfo, serverinfo_length,
784 ext_type, out, outlen);
785 if (retval == -1) {
786 *al = SSL_AD_INTERNAL_ERROR;
787 return -1; /* Error */
788 }
789 if (retval == 0)
790 return 0; /* No extension found, don't send extension */
791 return 1; /* Send extension */
792 }
793 return 0; /* No serverinfo data found, don't send
794 * extension */
795}
796
797static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type,
798 const unsigned char **out, size_t *outlen,
799 int *al, void *arg)
800{
801 return serverinfoex_srv_add_cb(s, ext_type, 0, out, outlen, NULL, 0, al,
802 arg);
803}
804
805/*
806 * With a NULL context, this function just checks that the serverinfo data
807 * parses correctly. With a non-NULL context, it registers callbacks for
808 * the included extensions.
809 */
810static int serverinfo_process_buffer(unsigned int version,
811 const unsigned char *serverinfo,
812 size_t serverinfo_length, SSL_CTX *ctx)
813{
814 PACKET pkt;
815
816 if (serverinfo == NULL || serverinfo_length == 0)
817 return 0;
818
819 if (version != SSL_SERVERINFOV1 && version != SSL_SERVERINFOV2)
820 return 0;
821
822 if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length))
823 return 0;
824
825 while (PACKET_remaining(&pkt)) {
826 unsigned long context = 0;
827 unsigned int ext_type = 0;
828 PACKET data;
829
830 if ((version == SSL_SERVERINFOV2 && !PACKET_get_net_4(&pkt, &context))
831 || !PACKET_get_net_2(&pkt, &ext_type)
832 || !PACKET_get_length_prefixed_2(&pkt, &data))
833 return 0;
834
835 if (ctx == NULL)
836 continue;
837
838 /*
839 * The old style custom extensions API could be set separately for
840 * server/client, i.e. you could set one custom extension for a client,
841 * and *for the same extension in the same SSL_CTX* you could set a
842 * custom extension for the server as well. It seems quite weird to be
843 * setting a custom extension for both client and server in a single
844 * SSL_CTX - but theoretically possible. This isn't possible in the
845 * new API. Therefore, if we have V1 serverinfo we use the old API. We
846 * also use the old API even if we have V2 serverinfo but the context
847 * looks like an old style <= TLSv1.2 extension.
848 */
849 if (version == SSL_SERVERINFOV1 || context == SYNTHV1CONTEXT) {
850 if (!SSL_CTX_add_server_custom_ext(ctx, ext_type,
851 serverinfo_srv_add_cb,
852 NULL, NULL,
853 serverinfo_srv_parse_cb,
854 NULL))
855 return 0;
856 } else {
857 if (!SSL_CTX_add_custom_ext(ctx, ext_type, context,
858 serverinfoex_srv_add_cb,
859 NULL, NULL,
860 serverinfoex_srv_parse_cb,
861 NULL))
862 return 0;
863 }
864 }
865
866 return 1;
867}
868
869int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
870 const unsigned char *serverinfo,
871 size_t serverinfo_length)
872{
873 unsigned char *new_serverinfo = NULL;
874
875 if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
876 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER);
877 return 0;
878 }
879 if (version == SSL_SERVERINFOV1) {
880 /*
881 * Convert serverinfo version v1 to v2 and call yourself recursively
882 * over the converted serverinfo.
883 */
884 const size_t sinfo_length = extension_append_length(SSL_SERVERINFOV1,
885 serverinfo_length);
886 unsigned char *sinfo;
887 int ret;
888
889 sinfo = OPENSSL_malloc(sinfo_length);
890 if (sinfo == NULL) {
891 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE);
892 return 0;
893 }
894
895 extension_append(SSL_SERVERINFOV1, serverinfo, serverinfo_length, sinfo);
896
897 ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, sinfo,
898 sinfo_length);
899
900 OPENSSL_free(sinfo);
901 return ret;
902 }
903 if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
904 NULL)) {
905 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
906 return 0;
907 }
908 if (ctx->cert->key == NULL) {
909 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_INTERNAL_ERROR);
910 return 0;
911 }
912 new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
913 serverinfo_length);
914 if (new_serverinfo == NULL) {
915 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE);
916 return 0;
917 }
918 ctx->cert->key->serverinfo = new_serverinfo;
919 memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
920 ctx->cert->key->serverinfo_length = serverinfo_length;
921
922 /*
923 * Now that the serverinfo is validated and stored, go ahead and
924 * register callbacks.
925 */
926 if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
927 ctx)) {
928 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
929 return 0;
930 }
931 return 1;
932}
933
934int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
935 size_t serverinfo_length)
936{
937 return SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV1, serverinfo,
938 serverinfo_length);
939}
940
941int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
942{
943 unsigned char *serverinfo = NULL;
944 unsigned char *tmp;
945 size_t serverinfo_length = 0;
946 unsigned char *extension = 0;
947 long extension_length = 0;
948 char *name = NULL;
949 char *header = NULL;
950 char namePrefix1[] = "SERVERINFO FOR ";
951 char namePrefix2[] = "SERVERINFOV2 FOR ";
952 int ret = 0;
953 BIO *bin = NULL;
954 size_t num_extensions = 0;
955
956 if (ctx == NULL || file == NULL) {
957 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER);
958 goto end;
959 }
960
961 bin = BIO_new(BIO_s_file());
962 if (bin == NULL) {
963 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB);
964 goto end;
965 }
966 if (BIO_read_filename(bin, file) <= 0) {
967 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB);
968 goto end;
969 }
970
971 for (num_extensions = 0;; num_extensions++) {
972 unsigned int version;
973 size_t append_length;
974
975 if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
976 == 0) {
977 /*
978 * There must be at least one extension in this file
979 */
980 if (num_extensions == 0) {
981 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
982 SSL_R_NO_PEM_EXTENSIONS);
983 goto end;
984 } else /* End of file, we're done */
985 break;
986 }
987 /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
988 if (strlen(name) < strlen(namePrefix1)) {
989 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT);
990 goto end;
991 }
992 if (strncmp(name, namePrefix1, strlen(namePrefix1)) == 0) {
993 version = SSL_SERVERINFOV1;
994 } else {
995 if (strlen(name) < strlen(namePrefix2)) {
996 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
997 SSL_R_PEM_NAME_TOO_SHORT);
998 goto end;
999 }
1000 if (strncmp(name, namePrefix2, strlen(namePrefix2)) != 0) {
1001 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
1002 SSL_R_PEM_NAME_BAD_PREFIX);
1003 goto end;
1004 }
1005 version = SSL_SERVERINFOV2;
1006 }
1007 /*
1008 * Check that the decoded PEM data is plausible (valid length field)
1009 */
1010 if (version == SSL_SERVERINFOV1) {
1011 /* 4 byte header: 2 bytes type, 2 bytes len */
1012 if (extension_length < 4
1013 || (extension[2] << 8) + extension[3]
1014 != extension_length - 4) {
1015 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
1016 goto end;
1017 }
1018 } else {
1019 /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
1020 if (extension_length < 8
1021 || (extension[6] << 8) + extension[7]
1022 != extension_length - 8) {
1023 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
1024 goto end;
1025 }
1026 }
1027 /* Append the decoded extension to the serverinfo buffer */
1028 append_length = extension_append_length(version, extension_length);
1029 tmp = OPENSSL_realloc(serverinfo, serverinfo_length + append_length);
1030 if (tmp == NULL) {
1031 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
1032 goto end;
1033 }
1034 serverinfo = tmp;
1035 extension_append(version, extension, extension_length,
1036 serverinfo + serverinfo_length);
1037 serverinfo_length += append_length;
1038
1039 OPENSSL_free(name);
1040 name = NULL;
1041 OPENSSL_free(header);
1042 header = NULL;
1043 OPENSSL_free(extension);
1044 extension = NULL;
1045 }
1046
1047 ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, serverinfo,
1048 serverinfo_length);
1049 end:
1050 /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
1051 OPENSSL_free(name);
1052 OPENSSL_free(header);
1053 OPENSSL_free(extension);
1054 OPENSSL_free(serverinfo);
1055 BIO_free(bin);
1056 return ret;
1057}
1058
1059static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
1060 STACK_OF(X509) *chain, int override)
1061{
1062 int ret = 0;
1063 size_t i;
1064 int j;
1065 int rv;
1066 CERT *c = ssl != NULL ? ssl->cert : ctx->cert;
1067 STACK_OF(X509) *dup_chain = NULL;
1068 EVP_PKEY *pubkey = NULL;
1069
1070 /* Do all security checks before anything else */
1071 rv = ssl_security_cert(ssl, ctx, x509, 0, 1);
1072 if (rv != 1) {
1073 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv);
1074 goto out;
1075 }
1076 for (j = 0; j < sk_X509_num(chain); j++) {
1077 rv = ssl_security_cert(ssl, ctx, sk_X509_value(chain, j), 0, 0);
1078 if (rv != 1) {
1079 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv);
1080 goto out;
1081 }
1082 }
1083
1084 pubkey = X509_get_pubkey(x509); /* bumps reference */
1085 if (pubkey == NULL)
1086 goto out;
1087 if (privatekey == NULL) {
1088 privatekey = pubkey;
1089 } else {
1090 /* For RSA, which has no parameters, missing returns 0 */
1091 if (EVP_PKEY_missing_parameters(privatekey)) {
1092 if (EVP_PKEY_missing_parameters(pubkey)) {
1093 /* nobody has parameters? - error */
1094 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_MISSING_PARAMETERS);
1095 goto out;
1096 } else {
1097 /* copy to privatekey from pubkey */
1098 EVP_PKEY_copy_parameters(privatekey, pubkey);
1099 }
1100 } else if (EVP_PKEY_missing_parameters(pubkey)) {
1101 /* copy to pubkey from privatekey */
1102 EVP_PKEY_copy_parameters(pubkey, privatekey);
1103 } /* else both have parameters */
1104
1105 /* check that key <-> cert match */
1106 if (EVP_PKEY_cmp(pubkey, privatekey) != 1) {
1107 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_PRIVATE_KEY_MISMATCH);
1108 goto out;
1109 }
1110 }
1111 if (ssl_cert_lookup_by_pkey(pubkey, &i) == NULL) {
1112 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
1113 goto out;
1114 }
1115
1116 if (!override && (c->pkeys[i].x509 != NULL
1117 || c->pkeys[i].privatekey != NULL
1118 || c->pkeys[i].chain != NULL)) {
1119 /* No override, and something already there */
1120 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_NOT_REPLACING_CERTIFICATE);
1121 goto out;
1122 }
1123
1124 if (chain != NULL) {
1125 dup_chain = X509_chain_up_ref(chain);
1126 if (dup_chain == NULL) {
1127 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, ERR_R_MALLOC_FAILURE);
1128 goto out;
1129 }
1130 }
1131
1132 sk_X509_pop_free(c->pkeys[i].chain, X509_free);
1133 c->pkeys[i].chain = dup_chain;
1134
1135 X509_free(c->pkeys[i].x509);
1136 X509_up_ref(x509);
1137 c->pkeys[i].x509 = x509;
1138
1139 EVP_PKEY_free(c->pkeys[i].privatekey);
1140 EVP_PKEY_up_ref(privatekey);
1141 c->pkeys[i].privatekey = privatekey;
1142
1143 c->key = &(c->pkeys[i]);
1144
1145 ret = 1;
1146 out:
1147 EVP_PKEY_free(pubkey);
1148 return ret;
1149}
1150
1151int SSL_use_cert_and_key(SSL *ssl, X509 *x509, EVP_PKEY *privatekey,
1152 STACK_OF(X509) *chain, int override)
1153{
1154 return ssl_set_cert_and_key(ssl, NULL, x509, privatekey, chain, override);
1155}
1156
1157int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
1158 STACK_OF(X509) *chain, int override)
1159{
1160 return ssl_set_cert_and_key(NULL, ctx, x509, privatekey, chain, override);
1161}