]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/ssl_rsa.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Reorganize private crypto header files
[thirdparty/openssl.git] / ssl / ssl_rsa.c
1 /*
2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "ssl_locl.h"
12 #include "internal/packet.h"
13 #include <openssl/bio.h>
14 #include <openssl/objects.h>
15 #include <openssl/evp.h>
16 #include <openssl/x509.h>
17 #include <openssl/pem.h>
18
19 static int ssl_set_cert(CERT *c, X509 *x509);
20 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
21
22 #define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
23 | SSL_EXT_CLIENT_HELLO \
24 | SSL_EXT_TLS1_2_SERVER_HELLO \
25 | SSL_EXT_IGNORE_ON_RESUMPTION)
26
27 int SSL_use_certificate(SSL *ssl, X509 *x)
28 {
29 int rv;
30 if (x == NULL) {
31 SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
32 return 0;
33 }
34 rv = ssl_security_cert(ssl, NULL, x, 0, 1);
35 if (rv != 1) {
36 SSLerr(SSL_F_SSL_USE_CERTIFICATE, rv);
37 return 0;
38 }
39
40 return ssl_set_cert(ssl->cert, x);
41 }
42
43 int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
44 {
45 int j;
46 BIO *in;
47 int ret = 0;
48 X509 *x = NULL;
49
50 in = BIO_new(BIO_s_file());
51 if (in == NULL) {
52 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
53 goto end;
54 }
55
56 if (BIO_read_filename(in, file) <= 0) {
57 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
58 goto end;
59 }
60 if (type == SSL_FILETYPE_ASN1) {
61 j = ERR_R_ASN1_LIB;
62 x = d2i_X509_bio(in, NULL);
63 } else if (type == SSL_FILETYPE_PEM) {
64 j = ERR_R_PEM_LIB;
65 x = PEM_read_bio_X509(in, NULL, ssl->default_passwd_callback,
66 ssl->default_passwd_callback_userdata);
67 } else {
68 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
69 goto end;
70 }
71
72 if (x == NULL) {
73 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
74 goto end;
75 }
76
77 ret = SSL_use_certificate(ssl, x);
78 end:
79 X509_free(x);
80 BIO_free(in);
81 return ret;
82 }
83
84 int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
85 {
86 X509 *x;
87 int ret;
88
89 x = d2i_X509(NULL, &d, (long)len);
90 if (x == NULL) {
91 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
92 return 0;
93 }
94
95 ret = SSL_use_certificate(ssl, x);
96 X509_free(x);
97 return ret;
98 }
99
100 #ifndef OPENSSL_NO_RSA
101 int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
102 {
103 EVP_PKEY *pkey;
104 int ret;
105
106 if (rsa == NULL) {
107 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
108 return 0;
109 }
110 if ((pkey = EVP_PKEY_new()) == NULL) {
111 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
112 return 0;
113 }
114
115 RSA_up_ref(rsa);
116 if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
117 RSA_free(rsa);
118 EVP_PKEY_free(pkey);
119 return 0;
120 }
121
122 ret = ssl_set_pkey(ssl->cert, pkey);
123 EVP_PKEY_free(pkey);
124 return ret;
125 }
126 #endif
127
128 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
129 {
130 size_t i;
131
132 if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
133 SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
134 return 0;
135 }
136
137 if (c->pkeys[i].x509 != NULL) {
138 EVP_PKEY *pktmp;
139 pktmp = X509_get0_pubkey(c->pkeys[i].x509);
140 if (pktmp == NULL) {
141 SSLerr(SSL_F_SSL_SET_PKEY, ERR_R_MALLOC_FAILURE);
142 return 0;
143 }
144 /*
145 * The return code from EVP_PKEY_copy_parameters is deliberately
146 * ignored. Some EVP_PKEY types cannot do this.
147 */
148 EVP_PKEY_copy_parameters(pktmp, pkey);
149 ERR_clear_error();
150
151 #ifndef OPENSSL_NO_RSA
152 /*
153 * Don't check the public/private key, this is mostly for smart
154 * cards.
155 */
156 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA
157 && RSA_flags(EVP_PKEY_get0_RSA(pkey)) & RSA_METHOD_FLAG_NO_CHECK) ;
158 else
159 #endif
160 if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
161 X509_free(c->pkeys[i].x509);
162 c->pkeys[i].x509 = NULL;
163 return 0;
164 }
165 }
166
167 EVP_PKEY_free(c->pkeys[i].privatekey);
168 EVP_PKEY_up_ref(pkey);
169 c->pkeys[i].privatekey = pkey;
170 c->key = &c->pkeys[i];
171 return 1;
172 }
173
174 #ifndef OPENSSL_NO_RSA
175 int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
176 {
177 int j, ret = 0;
178 BIO *in;
179 RSA *rsa = NULL;
180
181 in = BIO_new(BIO_s_file());
182 if (in == NULL) {
183 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
184 goto end;
185 }
186
187 if (BIO_read_filename(in, file) <= 0) {
188 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
189 goto end;
190 }
191 if (type == SSL_FILETYPE_ASN1) {
192 j = ERR_R_ASN1_LIB;
193 rsa = d2i_RSAPrivateKey_bio(in, NULL);
194 } else if (type == SSL_FILETYPE_PEM) {
195 j = ERR_R_PEM_LIB;
196 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
197 ssl->default_passwd_callback,
198 ssl->default_passwd_callback_userdata);
199 } else {
200 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
201 goto end;
202 }
203 if (rsa == NULL) {
204 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
205 goto end;
206 }
207 ret = SSL_use_RSAPrivateKey(ssl, rsa);
208 RSA_free(rsa);
209 end:
210 BIO_free(in);
211 return ret;
212 }
213
214 int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
215 {
216 int ret;
217 const unsigned char *p;
218 RSA *rsa;
219
220 p = d;
221 if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
222 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
223 return 0;
224 }
225
226 ret = SSL_use_RSAPrivateKey(ssl, rsa);
227 RSA_free(rsa);
228 return ret;
229 }
230 #endif /* !OPENSSL_NO_RSA */
231
232 int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
233 {
234 int ret;
235
236 if (pkey == NULL) {
237 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
238 return 0;
239 }
240 ret = ssl_set_pkey(ssl->cert, pkey);
241 return ret;
242 }
243
244 int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
245 {
246 int j, ret = 0;
247 BIO *in;
248 EVP_PKEY *pkey = NULL;
249
250 in = BIO_new(BIO_s_file());
251 if (in == NULL) {
252 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
253 goto end;
254 }
255
256 if (BIO_read_filename(in, file) <= 0) {
257 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
258 goto end;
259 }
260 if (type == SSL_FILETYPE_PEM) {
261 j = ERR_R_PEM_LIB;
262 pkey = PEM_read_bio_PrivateKey(in, NULL,
263 ssl->default_passwd_callback,
264 ssl->default_passwd_callback_userdata);
265 } else if (type == SSL_FILETYPE_ASN1) {
266 j = ERR_R_ASN1_LIB;
267 pkey = d2i_PrivateKey_bio(in, NULL);
268 } else {
269 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
270 goto end;
271 }
272 if (pkey == NULL) {
273 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
274 goto end;
275 }
276 ret = SSL_use_PrivateKey(ssl, pkey);
277 EVP_PKEY_free(pkey);
278 end:
279 BIO_free(in);
280 return ret;
281 }
282
283 int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d,
284 long len)
285 {
286 int ret;
287 const unsigned char *p;
288 EVP_PKEY *pkey;
289
290 p = d;
291 if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
292 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
293 return 0;
294 }
295
296 ret = SSL_use_PrivateKey(ssl, pkey);
297 EVP_PKEY_free(pkey);
298 return ret;
299 }
300
301 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
302 {
303 int rv;
304 if (x == NULL) {
305 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
306 return 0;
307 }
308 rv = ssl_security_cert(NULL, ctx, x, 0, 1);
309 if (rv != 1) {
310 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, rv);
311 return 0;
312 }
313 return ssl_set_cert(ctx->cert, x);
314 }
315
316 static int ssl_set_cert(CERT *c, X509 *x)
317 {
318 EVP_PKEY *pkey;
319 size_t i;
320
321 pkey = X509_get0_pubkey(x);
322 if (pkey == NULL) {
323 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
324 return 0;
325 }
326
327 if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
328 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
329 return 0;
330 }
331 #ifndef OPENSSL_NO_EC
332 if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) {
333 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
334 return 0;
335 }
336 #endif
337 if (c->pkeys[i].privatekey != NULL) {
338 /*
339 * The return code from EVP_PKEY_copy_parameters is deliberately
340 * ignored. Some EVP_PKEY types cannot do this.
341 */
342 EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
343 ERR_clear_error();
344
345 #ifndef OPENSSL_NO_RSA
346 /*
347 * Don't check the public/private key, this is mostly for smart
348 * cards.
349 */
350 if (EVP_PKEY_id(c->pkeys[i].privatekey) == EVP_PKEY_RSA
351 && RSA_flags(EVP_PKEY_get0_RSA(c->pkeys[i].privatekey)) &
352 RSA_METHOD_FLAG_NO_CHECK) ;
353 else
354 #endif /* OPENSSL_NO_RSA */
355 if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
356 /*
357 * don't fail for a cert/key mismatch, just free current private
358 * key (when switching to a different cert & key, first this
359 * function should be used, then ssl_set_pkey
360 */
361 EVP_PKEY_free(c->pkeys[i].privatekey);
362 c->pkeys[i].privatekey = NULL;
363 /* clear error queue */
364 ERR_clear_error();
365 }
366 }
367
368 X509_free(c->pkeys[i].x509);
369 X509_up_ref(x);
370 c->pkeys[i].x509 = x;
371 c->key = &(c->pkeys[i]);
372
373 return 1;
374 }
375
376 int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
377 {
378 int j;
379 BIO *in;
380 int ret = 0;
381 X509 *x = NULL;
382
383 in = BIO_new(BIO_s_file());
384 if (in == NULL) {
385 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
386 goto end;
387 }
388
389 if (BIO_read_filename(in, file) <= 0) {
390 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
391 goto end;
392 }
393 if (type == SSL_FILETYPE_ASN1) {
394 j = ERR_R_ASN1_LIB;
395 x = d2i_X509_bio(in, NULL);
396 } else if (type == SSL_FILETYPE_PEM) {
397 j = ERR_R_PEM_LIB;
398 x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
399 ctx->default_passwd_callback_userdata);
400 } else {
401 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
402 goto end;
403 }
404
405 if (x == NULL) {
406 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
407 goto end;
408 }
409
410 ret = SSL_CTX_use_certificate(ctx, x);
411 end:
412 X509_free(x);
413 BIO_free(in);
414 return ret;
415 }
416
417 int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
418 {
419 X509 *x;
420 int ret;
421
422 x = d2i_X509(NULL, &d, (long)len);
423 if (x == NULL) {
424 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
425 return 0;
426 }
427
428 ret = SSL_CTX_use_certificate(ctx, x);
429 X509_free(x);
430 return ret;
431 }
432
433 #ifndef OPENSSL_NO_RSA
434 int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
435 {
436 int ret;
437 EVP_PKEY *pkey;
438
439 if (rsa == NULL) {
440 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
441 return 0;
442 }
443 if ((pkey = EVP_PKEY_new()) == NULL) {
444 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
445 return 0;
446 }
447
448 RSA_up_ref(rsa);
449 if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
450 RSA_free(rsa);
451 EVP_PKEY_free(pkey);
452 return 0;
453 }
454
455 ret = ssl_set_pkey(ctx->cert, pkey);
456 EVP_PKEY_free(pkey);
457 return ret;
458 }
459
460 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
461 {
462 int j, ret = 0;
463 BIO *in;
464 RSA *rsa = NULL;
465
466 in = BIO_new(BIO_s_file());
467 if (in == NULL) {
468 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
469 goto end;
470 }
471
472 if (BIO_read_filename(in, file) <= 0) {
473 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
474 goto end;
475 }
476 if (type == SSL_FILETYPE_ASN1) {
477 j = ERR_R_ASN1_LIB;
478 rsa = d2i_RSAPrivateKey_bio(in, NULL);
479 } else if (type == SSL_FILETYPE_PEM) {
480 j = ERR_R_PEM_LIB;
481 rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
482 ctx->default_passwd_callback,
483 ctx->default_passwd_callback_userdata);
484 } else {
485 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
486 goto end;
487 }
488 if (rsa == NULL) {
489 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
490 goto end;
491 }
492 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
493 RSA_free(rsa);
494 end:
495 BIO_free(in);
496 return ret;
497 }
498
499 int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
500 long len)
501 {
502 int ret;
503 const unsigned char *p;
504 RSA *rsa;
505
506 p = d;
507 if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
508 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
509 return 0;
510 }
511
512 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
513 RSA_free(rsa);
514 return ret;
515 }
516 #endif /* !OPENSSL_NO_RSA */
517
518 int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
519 {
520 if (pkey == NULL) {
521 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
522 return 0;
523 }
524 return ssl_set_pkey(ctx->cert, pkey);
525 }
526
527 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
528 {
529 int j, ret = 0;
530 BIO *in;
531 EVP_PKEY *pkey = NULL;
532
533 in = BIO_new(BIO_s_file());
534 if (in == NULL) {
535 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
536 goto end;
537 }
538
539 if (BIO_read_filename(in, file) <= 0) {
540 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
541 goto end;
542 }
543 if (type == SSL_FILETYPE_PEM) {
544 j = ERR_R_PEM_LIB;
545 pkey = PEM_read_bio_PrivateKey(in, NULL,
546 ctx->default_passwd_callback,
547 ctx->default_passwd_callback_userdata);
548 } else if (type == SSL_FILETYPE_ASN1) {
549 j = ERR_R_ASN1_LIB;
550 pkey = d2i_PrivateKey_bio(in, NULL);
551 } else {
552 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
553 goto end;
554 }
555 if (pkey == NULL) {
556 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
557 goto end;
558 }
559 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
560 EVP_PKEY_free(pkey);
561 end:
562 BIO_free(in);
563 return ret;
564 }
565
566 int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
567 const unsigned char *d, long len)
568 {
569 int ret;
570 const unsigned char *p;
571 EVP_PKEY *pkey;
572
573 p = d;
574 if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
575 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
576 return 0;
577 }
578
579 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
580 EVP_PKEY_free(pkey);
581 return ret;
582 }
583
584 /*
585 * Read a file that contains our certificate in "PEM" format, possibly
586 * followed by a sequence of CA certificates that should be sent to the peer
587 * in the Certificate message.
588 */
589 static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file)
590 {
591 BIO *in;
592 int ret = 0;
593 X509 *x = NULL;
594 pem_password_cb *passwd_callback;
595 void *passwd_callback_userdata;
596
597 ERR_clear_error(); /* clear error stack for
598 * SSL_CTX_use_certificate() */
599
600 if (ctx != NULL) {
601 passwd_callback = ctx->default_passwd_callback;
602 passwd_callback_userdata = ctx->default_passwd_callback_userdata;
603 } else {
604 passwd_callback = ssl->default_passwd_callback;
605 passwd_callback_userdata = ssl->default_passwd_callback_userdata;
606 }
607
608 in = BIO_new(BIO_s_file());
609 if (in == NULL) {
610 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
611 goto end;
612 }
613
614 if (BIO_read_filename(in, file) <= 0) {
615 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
616 goto end;
617 }
618
619 x = PEM_read_bio_X509_AUX(in, NULL, passwd_callback,
620 passwd_callback_userdata);
621 if (x == NULL) {
622 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
623 goto end;
624 }
625
626 if (ctx)
627 ret = SSL_CTX_use_certificate(ctx, x);
628 else
629 ret = SSL_use_certificate(ssl, x);
630
631 if (ERR_peek_error() != 0)
632 ret = 0; /* Key/certificate mismatch doesn't imply
633 * ret==0 ... */
634 if (ret) {
635 /*
636 * If we could set up our certificate, now proceed to the CA
637 * certificates.
638 */
639 X509 *ca;
640 int r;
641 unsigned long err;
642
643 if (ctx)
644 r = SSL_CTX_clear_chain_certs(ctx);
645 else
646 r = SSL_clear_chain_certs(ssl);
647
648 if (r == 0) {
649 ret = 0;
650 goto end;
651 }
652
653 while ((ca = PEM_read_bio_X509(in, NULL, passwd_callback,
654 passwd_callback_userdata))
655 != NULL) {
656 if (ctx)
657 r = SSL_CTX_add0_chain_cert(ctx, ca);
658 else
659 r = SSL_add0_chain_cert(ssl, ca);
660 /*
661 * Note that we must not free ca if it was successfully added to
662 * the chain (while we must free the main certificate, since its
663 * reference count is increased by SSL_CTX_use_certificate).
664 */
665 if (!r) {
666 X509_free(ca);
667 ret = 0;
668 goto end;
669 }
670 }
671 /* When the while loop ends, it's usually just EOF. */
672 err = ERR_peek_last_error();
673 if (ERR_GET_LIB(err) == ERR_LIB_PEM
674 && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
675 ERR_clear_error();
676 else
677 ret = 0; /* some real error */
678 }
679
680 end:
681 X509_free(x);
682 BIO_free(in);
683 return ret;
684 }
685
686 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
687 {
688 return use_certificate_chain_file(ctx, NULL, file);
689 }
690
691 int SSL_use_certificate_chain_file(SSL *ssl, const char *file)
692 {
693 return use_certificate_chain_file(NULL, ssl, file);
694 }
695
696 static int serverinfo_find_extension(const unsigned char *serverinfo,
697 size_t serverinfo_length,
698 unsigned int extension_type,
699 const unsigned char **extension_data,
700 size_t *extension_length)
701 {
702 PACKET pkt, data;
703
704 *extension_data = NULL;
705 *extension_length = 0;
706 if (serverinfo == NULL || serverinfo_length == 0)
707 return -1;
708
709 if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length))
710 return -1;
711
712 for (;;) {
713 unsigned int type = 0;
714 unsigned long context = 0;
715
716 /* end of serverinfo */
717 if (PACKET_remaining(&pkt) == 0)
718 return 0; /* Extension not found */
719
720 if (!PACKET_get_net_4(&pkt, &context)
721 || !PACKET_get_net_2(&pkt, &type)
722 || !PACKET_get_length_prefixed_2(&pkt, &data))
723 return -1;
724
725 if (type == extension_type) {
726 *extension_data = PACKET_data(&data);
727 *extension_length = PACKET_remaining(&data);;
728 return 1; /* Success */
729 }
730 }
731 /* Unreachable */
732 }
733
734 static int serverinfoex_srv_parse_cb(SSL *s, unsigned int ext_type,
735 unsigned int context,
736 const unsigned char *in,
737 size_t inlen, X509 *x, size_t chainidx,
738 int *al, void *arg)
739 {
740
741 if (inlen != 0) {
742 *al = SSL_AD_DECODE_ERROR;
743 return 0;
744 }
745
746 return 1;
747 }
748
749 static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type,
750 const unsigned char *in,
751 size_t inlen, int *al, void *arg)
752 {
753 return serverinfoex_srv_parse_cb(s, ext_type, 0, in, inlen, NULL, 0, al,
754 arg);
755 }
756
757 static int serverinfoex_srv_add_cb(SSL *s, unsigned int ext_type,
758 unsigned int context,
759 const unsigned char **out,
760 size_t *outlen, X509 *x, size_t chainidx,
761 int *al, void *arg)
762 {
763 const unsigned char *serverinfo = NULL;
764 size_t serverinfo_length = 0;
765
766 /* We only support extensions for the first Certificate */
767 if ((context & SSL_EXT_TLS1_3_CERTIFICATE) != 0 && chainidx > 0)
768 return 0;
769
770 /* Is there serverinfo data for the chosen server cert? */
771 if ((ssl_get_server_cert_serverinfo(s, &serverinfo,
772 &serverinfo_length)) != 0) {
773 /* Find the relevant extension from the serverinfo */
774 int retval = serverinfo_find_extension(serverinfo, serverinfo_length,
775 ext_type, out, outlen);
776 if (retval == -1) {
777 *al = SSL_AD_INTERNAL_ERROR;
778 return -1; /* Error */
779 }
780 if (retval == 0)
781 return 0; /* No extension found, don't send extension */
782 return 1; /* Send extension */
783 }
784 return 0; /* No serverinfo data found, don't send
785 * extension */
786 }
787
788 static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type,
789 const unsigned char **out, size_t *outlen,
790 int *al, void *arg)
791 {
792 return serverinfoex_srv_add_cb(s, ext_type, 0, out, outlen, NULL, 0, al,
793 arg);
794 }
795
796 /*
797 * With a NULL context, this function just checks that the serverinfo data
798 * parses correctly. With a non-NULL context, it registers callbacks for
799 * the included extensions.
800 */
801 static int serverinfo_process_buffer(unsigned int version,
802 const unsigned char *serverinfo,
803 size_t serverinfo_length, SSL_CTX *ctx)
804 {
805 PACKET pkt;
806
807 if (serverinfo == NULL || serverinfo_length == 0)
808 return 0;
809
810 if (version != SSL_SERVERINFOV1 && version != SSL_SERVERINFOV2)
811 return 0;
812
813 if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length))
814 return 0;
815
816 while (PACKET_remaining(&pkt)) {
817 unsigned long context = 0;
818 unsigned int ext_type = 0;
819 PACKET data;
820
821 if ((version == SSL_SERVERINFOV2 && !PACKET_get_net_4(&pkt, &context))
822 || !PACKET_get_net_2(&pkt, &ext_type)
823 || !PACKET_get_length_prefixed_2(&pkt, &data))
824 return 0;
825
826 if (ctx == NULL)
827 continue;
828
829 /*
830 * The old style custom extensions API could be set separately for
831 * server/client, i.e. you could set one custom extension for a client,
832 * and *for the same extension in the same SSL_CTX* you could set a
833 * custom extension for the server as well. It seems quite weird to be
834 * setting a custom extension for both client and server in a single
835 * SSL_CTX - but theoretically possible. This isn't possible in the
836 * new API. Therefore, if we have V1 serverinfo we use the old API. We
837 * also use the old API even if we have V2 serverinfo but the context
838 * looks like an old style <= TLSv1.2 extension.
839 */
840 if (version == SSL_SERVERINFOV1 || context == SYNTHV1CONTEXT) {
841 if (!SSL_CTX_add_server_custom_ext(ctx, ext_type,
842 serverinfo_srv_add_cb,
843 NULL, NULL,
844 serverinfo_srv_parse_cb,
845 NULL))
846 return 0;
847 } else {
848 if (!SSL_CTX_add_custom_ext(ctx, ext_type, context,
849 serverinfoex_srv_add_cb,
850 NULL, NULL,
851 serverinfoex_srv_parse_cb,
852 NULL))
853 return 0;
854 }
855 }
856
857 return 1;
858 }
859
860 int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
861 const unsigned char *serverinfo,
862 size_t serverinfo_length)
863 {
864 unsigned char *new_serverinfo;
865
866 if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
867 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER);
868 return 0;
869 }
870 if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
871 NULL)) {
872 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
873 return 0;
874 }
875 if (ctx->cert->key == NULL) {
876 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_INTERNAL_ERROR);
877 return 0;
878 }
879 new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
880 serverinfo_length);
881 if (new_serverinfo == NULL) {
882 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE);
883 return 0;
884 }
885 ctx->cert->key->serverinfo = new_serverinfo;
886 memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
887 ctx->cert->key->serverinfo_length = serverinfo_length;
888
889 /*
890 * Now that the serverinfo is validated and stored, go ahead and
891 * register callbacks.
892 */
893 if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
894 ctx)) {
895 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
896 return 0;
897 }
898 return 1;
899 }
900
901 int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
902 size_t serverinfo_length)
903 {
904 return SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV1, serverinfo,
905 serverinfo_length);
906 }
907
908 int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
909 {
910 unsigned char *serverinfo = NULL;
911 unsigned char *tmp;
912 size_t serverinfo_length = 0;
913 unsigned char *extension = 0;
914 long extension_length = 0;
915 char *name = NULL;
916 char *header = NULL;
917 char namePrefix1[] = "SERVERINFO FOR ";
918 char namePrefix2[] = "SERVERINFOV2 FOR ";
919 int ret = 0;
920 BIO *bin = NULL;
921 size_t num_extensions = 0, contextoff = 0;
922
923 if (ctx == NULL || file == NULL) {
924 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER);
925 goto end;
926 }
927
928 bin = BIO_new(BIO_s_file());
929 if (bin == NULL) {
930 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB);
931 goto end;
932 }
933 if (BIO_read_filename(bin, file) <= 0) {
934 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB);
935 goto end;
936 }
937
938 for (num_extensions = 0;; num_extensions++) {
939 unsigned int version;
940
941 if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
942 == 0) {
943 /*
944 * There must be at least one extension in this file
945 */
946 if (num_extensions == 0) {
947 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
948 SSL_R_NO_PEM_EXTENSIONS);
949 goto end;
950 } else /* End of file, we're done */
951 break;
952 }
953 /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
954 if (strlen(name) < strlen(namePrefix1)) {
955 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT);
956 goto end;
957 }
958 if (strncmp(name, namePrefix1, strlen(namePrefix1)) == 0) {
959 version = SSL_SERVERINFOV1;
960 } else {
961 if (strlen(name) < strlen(namePrefix2)) {
962 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
963 SSL_R_PEM_NAME_TOO_SHORT);
964 goto end;
965 }
966 if (strncmp(name, namePrefix2, strlen(namePrefix2)) != 0) {
967 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
968 SSL_R_PEM_NAME_BAD_PREFIX);
969 goto end;
970 }
971 version = SSL_SERVERINFOV2;
972 }
973 /*
974 * Check that the decoded PEM data is plausible (valid length field)
975 */
976 if (version == SSL_SERVERINFOV1) {
977 /* 4 byte header: 2 bytes type, 2 bytes len */
978 if (extension_length < 4
979 || (extension[2] << 8) + extension[3]
980 != extension_length - 4) {
981 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
982 goto end;
983 }
984 /*
985 * File does not have a context value so we must take account of
986 * this later.
987 */
988 contextoff = 4;
989 } else {
990 /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
991 if (extension_length < 8
992 || (extension[6] << 8) + extension[7]
993 != extension_length - 8) {
994 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
995 goto end;
996 }
997 }
998 /* Append the decoded extension to the serverinfo buffer */
999 tmp = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length
1000 + contextoff);
1001 if (tmp == NULL) {
1002 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
1003 goto end;
1004 }
1005 serverinfo = tmp;
1006 if (contextoff > 0) {
1007 unsigned char *sinfo = serverinfo + serverinfo_length;
1008
1009 /* We know this only uses the last 2 bytes */
1010 sinfo[0] = 0;
1011 sinfo[1] = 0;
1012 sinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
1013 sinfo[3] = SYNTHV1CONTEXT & 0xff;
1014 }
1015 memcpy(serverinfo + serverinfo_length + contextoff,
1016 extension, extension_length);
1017 serverinfo_length += extension_length + contextoff;
1018
1019 OPENSSL_free(name);
1020 name = NULL;
1021 OPENSSL_free(header);
1022 header = NULL;
1023 OPENSSL_free(extension);
1024 extension = NULL;
1025 }
1026
1027 ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, serverinfo,
1028 serverinfo_length);
1029 end:
1030 /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
1031 OPENSSL_free(name);
1032 OPENSSL_free(header);
1033 OPENSSL_free(extension);
1034 OPENSSL_free(serverinfo);
1035 BIO_free(bin);
1036 return ret;
1037 }
1038
1039 static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
1040 STACK_OF(X509) *chain, int override)
1041 {
1042 int ret = 0;
1043 size_t i;
1044 int j;
1045 int rv;
1046 CERT *c = ssl != NULL ? ssl->cert : ctx->cert;
1047 STACK_OF(X509) *dup_chain = NULL;
1048 EVP_PKEY *pubkey = NULL;
1049
1050 /* Do all security checks before anything else */
1051 rv = ssl_security_cert(ssl, ctx, x509, 0, 1);
1052 if (rv != 1) {
1053 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv);
1054 goto out;
1055 }
1056 for (j = 0; j < sk_X509_num(chain); j++) {
1057 rv = ssl_security_cert(ssl, ctx, sk_X509_value(chain, j), 0, 0);
1058 if (rv != 1) {
1059 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv);
1060 goto out;
1061 }
1062 }
1063
1064 pubkey = X509_get_pubkey(x509); /* bumps reference */
1065 if (pubkey == NULL)
1066 goto out;
1067 if (privatekey == NULL) {
1068 privatekey = pubkey;
1069 } else {
1070 /* For RSA, which has no parameters, missing returns 0 */
1071 if (EVP_PKEY_missing_parameters(privatekey)) {
1072 if (EVP_PKEY_missing_parameters(pubkey)) {
1073 /* nobody has parameters? - error */
1074 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_MISSING_PARAMETERS);
1075 goto out;
1076 } else {
1077 /* copy to privatekey from pubkey */
1078 EVP_PKEY_copy_parameters(privatekey, pubkey);
1079 }
1080 } else if (EVP_PKEY_missing_parameters(pubkey)) {
1081 /* copy to pubkey from privatekey */
1082 EVP_PKEY_copy_parameters(pubkey, privatekey);
1083 } /* else both have parameters */
1084
1085 /* Copied from ssl_set_cert/pkey */
1086 #ifndef OPENSSL_NO_RSA
1087 if ((EVP_PKEY_id(privatekey) == EVP_PKEY_RSA) &&
1088 ((RSA_flags(EVP_PKEY_get0_RSA(privatekey)) & RSA_METHOD_FLAG_NO_CHECK)))
1089 /* no-op */ ;
1090 else
1091 #endif
1092 /* check that key <-> cert match */
1093 if (EVP_PKEY_cmp(pubkey, privatekey) != 1) {
1094 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_PRIVATE_KEY_MISMATCH);
1095 goto out;
1096 }
1097 }
1098 if (ssl_cert_lookup_by_pkey(pubkey, &i) == NULL) {
1099 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
1100 goto out;
1101 }
1102
1103 if (!override && (c->pkeys[i].x509 != NULL
1104 || c->pkeys[i].privatekey != NULL
1105 || c->pkeys[i].chain != NULL)) {
1106 /* No override, and something already there */
1107 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_NOT_REPLACING_CERTIFICATE);
1108 goto out;
1109 }
1110
1111 if (chain != NULL) {
1112 dup_chain = X509_chain_up_ref(chain);
1113 if (dup_chain == NULL) {
1114 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, ERR_R_MALLOC_FAILURE);
1115 goto out;
1116 }
1117 }
1118
1119 sk_X509_pop_free(c->pkeys[i].chain, X509_free);
1120 c->pkeys[i].chain = dup_chain;
1121
1122 X509_free(c->pkeys[i].x509);
1123 X509_up_ref(x509);
1124 c->pkeys[i].x509 = x509;
1125
1126 EVP_PKEY_free(c->pkeys[i].privatekey);
1127 EVP_PKEY_up_ref(privatekey);
1128 c->pkeys[i].privatekey = privatekey;
1129
1130 c->key = &(c->pkeys[i]);
1131
1132 ret = 1;
1133 out:
1134 EVP_PKEY_free(pubkey);
1135 return ret;
1136 }
1137
1138 int SSL_use_cert_and_key(SSL *ssl, X509 *x509, EVP_PKEY *privatekey,
1139 STACK_OF(X509) *chain, int override)
1140 {
1141 return ssl_set_cert_and_key(ssl, NULL, x509, privatekey, chain, override);
1142 }
1143
1144 int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
1145 STACK_OF(X509) *chain, int override)
1146 {
1147 return ssl_set_cert_and_key(NULL, ctx, x509, privatekey, chain, override);
1148 }
Mirror of https://github.com/openssl/openssl.git