2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "ssl_local.h"
12 #include "internal/packet.h"
13 #include <openssl/bio.h>
14 #include <openssl/objects.h>
15 #include <openssl/evp.h>
16 #include <openssl/x509.h>
17 #include <openssl/x509v3.h>
18 #include <openssl/pem.h>
20 static int ssl_set_cert(CERT
*c
, X509
*x509
);
21 static int ssl_set_pkey(CERT
*c
, EVP_PKEY
*pkey
);
23 #define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
24 | SSL_EXT_CLIENT_HELLO \
25 | SSL_EXT_TLS1_2_SERVER_HELLO \
26 | SSL_EXT_IGNORE_ON_RESUMPTION)
28 int SSL_use_certificate(SSL
*ssl
, X509
*x
)
32 SSLerr(SSL_F_SSL_USE_CERTIFICATE
, ERR_R_PASSED_NULL_PARAMETER
);
35 if (!X509v3_cache_extensions(x
, ssl
->ctx
->libctx
, ssl
->ctx
->propq
)) {
36 SSLerr(0, ERR_LIB_X509
);
39 rv
= ssl_security_cert(ssl
, NULL
, x
, 0, 1);
41 SSLerr(SSL_F_SSL_USE_CERTIFICATE
, rv
);
45 return ssl_set_cert(ssl
->cert
, x
);
48 int SSL_use_certificate_file(SSL
*ssl
, const char *file
, int type
)
55 in
= BIO_new(BIO_s_file());
57 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE
, ERR_R_BUF_LIB
);
61 if (BIO_read_filename(in
, file
) <= 0) {
62 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE
, ERR_R_SYS_LIB
);
65 if (type
== SSL_FILETYPE_ASN1
) {
67 x
= d2i_X509_bio(in
, NULL
);
68 } else if (type
== SSL_FILETYPE_PEM
) {
70 x
= PEM_read_bio_X509(in
, NULL
, ssl
->default_passwd_callback
,
71 ssl
->default_passwd_callback_userdata
);
73 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE
, SSL_R_BAD_SSL_FILETYPE
);
78 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE
, j
);
82 ret
= SSL_use_certificate(ssl
, x
);
89 int SSL_use_certificate_ASN1(SSL
*ssl
, const unsigned char *d
, int len
)
94 x
= d2i_X509(NULL
, &d
, (long)len
);
96 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1
, ERR_R_ASN1_LIB
);
100 ret
= SSL_use_certificate(ssl
, x
);
105 #ifndef OPENSSL_NO_RSA
106 int SSL_use_RSAPrivateKey(SSL
*ssl
, RSA
*rsa
)
112 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY
, ERR_R_PASSED_NULL_PARAMETER
);
115 if ((pkey
= EVP_PKEY_new()) == NULL
) {
116 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY
, ERR_R_EVP_LIB
);
121 if (EVP_PKEY_assign_RSA(pkey
, rsa
) <= 0) {
127 ret
= ssl_set_pkey(ssl
->cert
, pkey
);
133 static int ssl_set_pkey(CERT
*c
, EVP_PKEY
*pkey
)
137 if (ssl_cert_lookup_by_pkey(pkey
, &i
) == NULL
) {
138 SSLerr(SSL_F_SSL_SET_PKEY
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
142 if (c
->pkeys
[i
].x509
!= NULL
) {
144 pktmp
= X509_get0_pubkey(c
->pkeys
[i
].x509
);
146 SSLerr(SSL_F_SSL_SET_PKEY
, ERR_R_MALLOC_FAILURE
);
150 * The return code from EVP_PKEY_copy_parameters is deliberately
151 * ignored. Some EVP_PKEY types cannot do this.
153 EVP_PKEY_copy_parameters(pktmp
, pkey
);
156 #ifndef OPENSSL_NO_RSA
158 * Don't check the public/private key, this is mostly for smart
161 if (EVP_PKEY_id(pkey
) == EVP_PKEY_RSA
162 && RSA_flags(EVP_PKEY_get0_RSA(pkey
)) & RSA_METHOD_FLAG_NO_CHECK
) ;
165 if (!X509_check_private_key(c
->pkeys
[i
].x509
, pkey
)) {
166 X509_free(c
->pkeys
[i
].x509
);
167 c
->pkeys
[i
].x509
= NULL
;
172 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
173 EVP_PKEY_up_ref(pkey
);
174 c
->pkeys
[i
].privatekey
= pkey
;
175 c
->key
= &c
->pkeys
[i
];
179 #ifndef OPENSSL_NO_RSA
180 int SSL_use_RSAPrivateKey_file(SSL
*ssl
, const char *file
, int type
)
186 in
= BIO_new(BIO_s_file());
188 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE
, ERR_R_BUF_LIB
);
192 if (BIO_read_filename(in
, file
) <= 0) {
193 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE
, ERR_R_SYS_LIB
);
196 if (type
== SSL_FILETYPE_ASN1
) {
198 rsa
= d2i_RSAPrivateKey_bio(in
, NULL
);
199 } else if (type
== SSL_FILETYPE_PEM
) {
201 rsa
= PEM_read_bio_RSAPrivateKey(in
, NULL
,
202 ssl
->default_passwd_callback
,
203 ssl
->default_passwd_callback_userdata
);
205 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE
, SSL_R_BAD_SSL_FILETYPE
);
209 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE
, j
);
212 ret
= SSL_use_RSAPrivateKey(ssl
, rsa
);
219 int SSL_use_RSAPrivateKey_ASN1(SSL
*ssl
, const unsigned char *d
, long len
)
222 const unsigned char *p
;
226 if ((rsa
= d2i_RSAPrivateKey(NULL
, &p
, (long)len
)) == NULL
) {
227 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1
, ERR_R_ASN1_LIB
);
231 ret
= SSL_use_RSAPrivateKey(ssl
, rsa
);
235 #endif /* !OPENSSL_NO_RSA */
237 int SSL_use_PrivateKey(SSL
*ssl
, EVP_PKEY
*pkey
)
242 SSLerr(SSL_F_SSL_USE_PRIVATEKEY
, ERR_R_PASSED_NULL_PARAMETER
);
245 ret
= ssl_set_pkey(ssl
->cert
, pkey
);
249 int SSL_use_PrivateKey_file(SSL
*ssl
, const char *file
, int type
)
253 EVP_PKEY
*pkey
= NULL
;
255 in
= BIO_new(BIO_s_file());
257 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE
, ERR_R_BUF_LIB
);
261 if (BIO_read_filename(in
, file
) <= 0) {
262 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE
, ERR_R_SYS_LIB
);
265 if (type
== SSL_FILETYPE_PEM
) {
267 pkey
= PEM_read_bio_PrivateKey(in
, NULL
,
268 ssl
->default_passwd_callback
,
269 ssl
->default_passwd_callback_userdata
);
270 } else if (type
== SSL_FILETYPE_ASN1
) {
272 pkey
= d2i_PrivateKey_bio(in
, NULL
);
274 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE
, SSL_R_BAD_SSL_FILETYPE
);
278 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE
, j
);
281 ret
= SSL_use_PrivateKey(ssl
, pkey
);
288 int SSL_use_PrivateKey_ASN1(int type
, SSL
*ssl
, const unsigned char *d
,
292 const unsigned char *p
;
296 if ((pkey
= d2i_PrivateKey(type
, NULL
, &p
, (long)len
)) == NULL
) {
297 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1
, ERR_R_ASN1_LIB
);
301 ret
= SSL_use_PrivateKey(ssl
, pkey
);
306 int SSL_CTX_use_certificate(SSL_CTX
*ctx
, X509
*x
)
310 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE
, ERR_R_PASSED_NULL_PARAMETER
);
313 if (!X509v3_cache_extensions(x
, ctx
->libctx
, ctx
->propq
)) {
314 SSLerr(0, ERR_LIB_X509
);
317 rv
= ssl_security_cert(NULL
, ctx
, x
, 0, 1);
319 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE
, rv
);
322 return ssl_set_cert(ctx
->cert
, x
);
325 static int ssl_set_cert(CERT
*c
, X509
*x
)
330 pkey
= X509_get0_pubkey(x
);
332 SSLerr(SSL_F_SSL_SET_CERT
, SSL_R_X509_LIB
);
336 if (ssl_cert_lookup_by_pkey(pkey
, &i
) == NULL
) {
337 SSLerr(SSL_F_SSL_SET_CERT
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
340 #ifndef OPENSSL_NO_EC
341 if (i
== SSL_PKEY_ECC
&& !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey
))) {
342 SSLerr(SSL_F_SSL_SET_CERT
, SSL_R_ECC_CERT_NOT_FOR_SIGNING
);
346 if (c
->pkeys
[i
].privatekey
!= NULL
) {
348 * The return code from EVP_PKEY_copy_parameters is deliberately
349 * ignored. Some EVP_PKEY types cannot do this.
351 EVP_PKEY_copy_parameters(pkey
, c
->pkeys
[i
].privatekey
);
354 #ifndef OPENSSL_NO_RSA
356 * Don't check the public/private key, this is mostly for smart
359 if (EVP_PKEY_id(c
->pkeys
[i
].privatekey
) == EVP_PKEY_RSA
360 && RSA_flags(EVP_PKEY_get0_RSA(c
->pkeys
[i
].privatekey
)) &
361 RSA_METHOD_FLAG_NO_CHECK
) ;
363 #endif /* OPENSSL_NO_RSA */
364 if (!X509_check_private_key(x
, c
->pkeys
[i
].privatekey
)) {
366 * don't fail for a cert/key mismatch, just free current private
367 * key (when switching to a different cert & key, first this
368 * function should be used, then ssl_set_pkey
370 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
371 c
->pkeys
[i
].privatekey
= NULL
;
372 /* clear error queue */
377 X509_free(c
->pkeys
[i
].x509
);
379 c
->pkeys
[i
].x509
= x
;
380 c
->key
= &(c
->pkeys
[i
]);
385 int SSL_CTX_use_certificate_file(SSL_CTX
*ctx
, const char *file
, int type
)
392 in
= BIO_new(BIO_s_file());
394 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE
, ERR_R_BUF_LIB
);
398 if (BIO_read_filename(in
, file
) <= 0) {
399 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE
, ERR_R_SYS_LIB
);
402 if (type
== SSL_FILETYPE_ASN1
) {
404 x
= d2i_X509_bio(in
, NULL
);
405 } else if (type
== SSL_FILETYPE_PEM
) {
407 x
= PEM_read_bio_X509(in
, NULL
, ctx
->default_passwd_callback
,
408 ctx
->default_passwd_callback_userdata
);
410 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE
, SSL_R_BAD_SSL_FILETYPE
);
415 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE
, j
);
419 ret
= SSL_CTX_use_certificate(ctx
, x
);
426 int SSL_CTX_use_certificate_ASN1(SSL_CTX
*ctx
, int len
, const unsigned char *d
)
431 x
= d2i_X509(NULL
, &d
, (long)len
);
433 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1
, ERR_R_ASN1_LIB
);
437 ret
= SSL_CTX_use_certificate(ctx
, x
);
442 #ifndef OPENSSL_NO_RSA
443 int SSL_CTX_use_RSAPrivateKey(SSL_CTX
*ctx
, RSA
*rsa
)
449 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY
, ERR_R_PASSED_NULL_PARAMETER
);
452 if ((pkey
= EVP_PKEY_new()) == NULL
) {
453 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY
, ERR_R_EVP_LIB
);
458 if (EVP_PKEY_assign_RSA(pkey
, rsa
) <= 0) {
464 ret
= ssl_set_pkey(ctx
->cert
, pkey
);
469 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX
*ctx
, const char *file
, int type
)
475 in
= BIO_new(BIO_s_file());
477 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE
, ERR_R_BUF_LIB
);
481 if (BIO_read_filename(in
, file
) <= 0) {
482 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE
, ERR_R_SYS_LIB
);
485 if (type
== SSL_FILETYPE_ASN1
) {
487 rsa
= d2i_RSAPrivateKey_bio(in
, NULL
);
488 } else if (type
== SSL_FILETYPE_PEM
) {
490 rsa
= PEM_read_bio_RSAPrivateKey(in
, NULL
,
491 ctx
->default_passwd_callback
,
492 ctx
->default_passwd_callback_userdata
);
494 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE
, SSL_R_BAD_SSL_FILETYPE
);
498 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE
, j
);
501 ret
= SSL_CTX_use_RSAPrivateKey(ctx
, rsa
);
508 int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX
*ctx
, const unsigned char *d
,
512 const unsigned char *p
;
516 if ((rsa
= d2i_RSAPrivateKey(NULL
, &p
, (long)len
)) == NULL
) {
517 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1
, ERR_R_ASN1_LIB
);
521 ret
= SSL_CTX_use_RSAPrivateKey(ctx
, rsa
);
525 #endif /* !OPENSSL_NO_RSA */
527 int SSL_CTX_use_PrivateKey(SSL_CTX
*ctx
, EVP_PKEY
*pkey
)
530 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY
, ERR_R_PASSED_NULL_PARAMETER
);
533 return ssl_set_pkey(ctx
->cert
, pkey
);
536 int SSL_CTX_use_PrivateKey_file(SSL_CTX
*ctx
, const char *file
, int type
)
540 EVP_PKEY
*pkey
= NULL
;
542 in
= BIO_new(BIO_s_file());
544 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE
, ERR_R_BUF_LIB
);
548 if (BIO_read_filename(in
, file
) <= 0) {
549 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE
, ERR_R_SYS_LIB
);
552 if (type
== SSL_FILETYPE_PEM
) {
554 pkey
= PEM_read_bio_PrivateKey(in
, NULL
,
555 ctx
->default_passwd_callback
,
556 ctx
->default_passwd_callback_userdata
);
557 } else if (type
== SSL_FILETYPE_ASN1
) {
559 pkey
= d2i_PrivateKey_bio(in
, NULL
);
561 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE
, SSL_R_BAD_SSL_FILETYPE
);
565 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE
, j
);
568 ret
= SSL_CTX_use_PrivateKey(ctx
, pkey
);
575 int SSL_CTX_use_PrivateKey_ASN1(int type
, SSL_CTX
*ctx
,
576 const unsigned char *d
, long len
)
579 const unsigned char *p
;
583 if ((pkey
= d2i_PrivateKey(type
, NULL
, &p
, (long)len
)) == NULL
) {
584 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1
, ERR_R_ASN1_LIB
);
588 ret
= SSL_CTX_use_PrivateKey(ctx
, pkey
);
594 * Read a file that contains our certificate in "PEM" format, possibly
595 * followed by a sequence of CA certificates that should be sent to the peer
596 * in the Certificate message.
598 static int use_certificate_chain_file(SSL_CTX
*ctx
, SSL
*ssl
, const char *file
)
603 pem_password_cb
*passwd_callback
;
604 void *passwd_callback_userdata
;
606 ERR_clear_error(); /* clear error stack for
607 * SSL_CTX_use_certificate() */
610 passwd_callback
= ctx
->default_passwd_callback
;
611 passwd_callback_userdata
= ctx
->default_passwd_callback_userdata
;
613 passwd_callback
= ssl
->default_passwd_callback
;
614 passwd_callback_userdata
= ssl
->default_passwd_callback_userdata
;
617 in
= BIO_new(BIO_s_file());
619 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE
, ERR_R_BUF_LIB
);
623 if (BIO_read_filename(in
, file
) <= 0) {
624 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE
, ERR_R_SYS_LIB
);
628 x
= PEM_read_bio_X509_AUX(in
, NULL
, passwd_callback
,
629 passwd_callback_userdata
);
631 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE
, ERR_R_PEM_LIB
);
636 ret
= SSL_CTX_use_certificate(ctx
, x
);
638 ret
= SSL_use_certificate(ssl
, x
);
640 if (ERR_peek_error() != 0)
641 ret
= 0; /* Key/certificate mismatch doesn't imply
645 * If we could set up our certificate, now proceed to the CA
653 r
= SSL_CTX_clear_chain_certs(ctx
);
655 r
= SSL_clear_chain_certs(ssl
);
662 while ((ca
= PEM_read_bio_X509(in
, NULL
, passwd_callback
,
663 passwd_callback_userdata
))
666 r
= SSL_CTX_add0_chain_cert(ctx
, ca
);
668 r
= SSL_add0_chain_cert(ssl
, ca
);
670 * Note that we must not free ca if it was successfully added to
671 * the chain (while we must free the main certificate, since its
672 * reference count is increased by SSL_CTX_use_certificate).
680 /* When the while loop ends, it's usually just EOF. */
681 err
= ERR_peek_last_error();
682 if (ERR_GET_LIB(err
) == ERR_LIB_PEM
683 && ERR_GET_REASON(err
) == PEM_R_NO_START_LINE
)
686 ret
= 0; /* some real error */
695 int SSL_CTX_use_certificate_chain_file(SSL_CTX
*ctx
, const char *file
)
697 return use_certificate_chain_file(ctx
, NULL
, file
);
700 int SSL_use_certificate_chain_file(SSL
*ssl
, const char *file
)
702 return use_certificate_chain_file(NULL
, ssl
, file
);
705 static int serverinfo_find_extension(const unsigned char *serverinfo
,
706 size_t serverinfo_length
,
707 unsigned int extension_type
,
708 const unsigned char **extension_data
,
709 size_t *extension_length
)
713 *extension_data
= NULL
;
714 *extension_length
= 0;
715 if (serverinfo
== NULL
|| serverinfo_length
== 0)
718 if (!PACKET_buf_init(&pkt
, serverinfo
, serverinfo_length
))
722 unsigned int type
= 0;
723 unsigned long context
= 0;
725 /* end of serverinfo */
726 if (PACKET_remaining(&pkt
) == 0)
727 return 0; /* Extension not found */
729 if (!PACKET_get_net_4(&pkt
, &context
)
730 || !PACKET_get_net_2(&pkt
, &type
)
731 || !PACKET_get_length_prefixed_2(&pkt
, &data
))
734 if (type
== extension_type
) {
735 *extension_data
= PACKET_data(&data
);
736 *extension_length
= PACKET_remaining(&data
);;
737 return 1; /* Success */
743 static int serverinfoex_srv_parse_cb(SSL
*s
, unsigned int ext_type
,
744 unsigned int context
,
745 const unsigned char *in
,
746 size_t inlen
, X509
*x
, size_t chainidx
,
751 *al
= SSL_AD_DECODE_ERROR
;
758 static int serverinfo_srv_parse_cb(SSL
*s
, unsigned int ext_type
,
759 const unsigned char *in
,
760 size_t inlen
, int *al
, void *arg
)
762 return serverinfoex_srv_parse_cb(s
, ext_type
, 0, in
, inlen
, NULL
, 0, al
,
766 static int serverinfoex_srv_add_cb(SSL
*s
, unsigned int ext_type
,
767 unsigned int context
,
768 const unsigned char **out
,
769 size_t *outlen
, X509
*x
, size_t chainidx
,
772 const unsigned char *serverinfo
= NULL
;
773 size_t serverinfo_length
= 0;
775 /* We only support extensions for the first Certificate */
776 if ((context
& SSL_EXT_TLS1_3_CERTIFICATE
) != 0 && chainidx
> 0)
779 /* Is there serverinfo data for the chosen server cert? */
780 if ((ssl_get_server_cert_serverinfo(s
, &serverinfo
,
781 &serverinfo_length
)) != 0) {
782 /* Find the relevant extension from the serverinfo */
783 int retval
= serverinfo_find_extension(serverinfo
, serverinfo_length
,
784 ext_type
, out
, outlen
);
786 *al
= SSL_AD_INTERNAL_ERROR
;
787 return -1; /* Error */
790 return 0; /* No extension found, don't send extension */
791 return 1; /* Send extension */
793 return 0; /* No serverinfo data found, don't send
797 static int serverinfo_srv_add_cb(SSL
*s
, unsigned int ext_type
,
798 const unsigned char **out
, size_t *outlen
,
801 return serverinfoex_srv_add_cb(s
, ext_type
, 0, out
, outlen
, NULL
, 0, al
,
806 * With a NULL context, this function just checks that the serverinfo data
807 * parses correctly. With a non-NULL context, it registers callbacks for
808 * the included extensions.
810 static int serverinfo_process_buffer(unsigned int version
,
811 const unsigned char *serverinfo
,
812 size_t serverinfo_length
, SSL_CTX
*ctx
)
816 if (serverinfo
== NULL
|| serverinfo_length
== 0)
819 if (version
!= SSL_SERVERINFOV1
&& version
!= SSL_SERVERINFOV2
)
822 if (!PACKET_buf_init(&pkt
, serverinfo
, serverinfo_length
))
825 while (PACKET_remaining(&pkt
)) {
826 unsigned long context
= 0;
827 unsigned int ext_type
= 0;
830 if ((version
== SSL_SERVERINFOV2
&& !PACKET_get_net_4(&pkt
, &context
))
831 || !PACKET_get_net_2(&pkt
, &ext_type
)
832 || !PACKET_get_length_prefixed_2(&pkt
, &data
))
839 * The old style custom extensions API could be set separately for
840 * server/client, i.e. you could set one custom extension for a client,
841 * and *for the same extension in the same SSL_CTX* you could set a
842 * custom extension for the server as well. It seems quite weird to be
843 * setting a custom extension for both client and server in a single
844 * SSL_CTX - but theoretically possible. This isn't possible in the
845 * new API. Therefore, if we have V1 serverinfo we use the old API. We
846 * also use the old API even if we have V2 serverinfo but the context
847 * looks like an old style <= TLSv1.2 extension.
849 if (version
== SSL_SERVERINFOV1
|| context
== SYNTHV1CONTEXT
) {
850 if (!SSL_CTX_add_server_custom_ext(ctx
, ext_type
,
851 serverinfo_srv_add_cb
,
853 serverinfo_srv_parse_cb
,
857 if (!SSL_CTX_add_custom_ext(ctx
, ext_type
, context
,
858 serverinfoex_srv_add_cb
,
860 serverinfoex_srv_parse_cb
,
869 int SSL_CTX_use_serverinfo_ex(SSL_CTX
*ctx
, unsigned int version
,
870 const unsigned char *serverinfo
,
871 size_t serverinfo_length
)
873 unsigned char *new_serverinfo
;
875 if (ctx
== NULL
|| serverinfo
== NULL
|| serverinfo_length
== 0) {
876 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX
, ERR_R_PASSED_NULL_PARAMETER
);
879 if (!serverinfo_process_buffer(version
, serverinfo
, serverinfo_length
,
881 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX
, SSL_R_INVALID_SERVERINFO_DATA
);
884 if (ctx
->cert
->key
== NULL
) {
885 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX
, ERR_R_INTERNAL_ERROR
);
888 new_serverinfo
= OPENSSL_realloc(ctx
->cert
->key
->serverinfo
,
890 if (new_serverinfo
== NULL
) {
891 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX
, ERR_R_MALLOC_FAILURE
);
894 ctx
->cert
->key
->serverinfo
= new_serverinfo
;
895 memcpy(ctx
->cert
->key
->serverinfo
, serverinfo
, serverinfo_length
);
896 ctx
->cert
->key
->serverinfo_length
= serverinfo_length
;
899 * Now that the serverinfo is validated and stored, go ahead and
900 * register callbacks.
902 if (!serverinfo_process_buffer(version
, serverinfo
, serverinfo_length
,
904 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX
, SSL_R_INVALID_SERVERINFO_DATA
);
910 int SSL_CTX_use_serverinfo(SSL_CTX
*ctx
, const unsigned char *serverinfo
,
911 size_t serverinfo_length
)
913 return SSL_CTX_use_serverinfo_ex(ctx
, SSL_SERVERINFOV1
, serverinfo
,
917 int SSL_CTX_use_serverinfo_file(SSL_CTX
*ctx
, const char *file
)
919 unsigned char *serverinfo
= NULL
;
921 size_t serverinfo_length
= 0;
922 unsigned char *extension
= 0;
923 long extension_length
= 0;
926 static const char namePrefix1
[] = "SERVERINFO FOR ";
927 static const char namePrefix2
[] = "SERVERINFOV2 FOR ";
928 unsigned int name_len
;
931 size_t num_extensions
= 0, contextoff
= 0;
933 if (ctx
== NULL
|| file
== NULL
) {
934 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
, ERR_R_PASSED_NULL_PARAMETER
);
938 bin
= BIO_new(BIO_s_file());
940 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
, ERR_R_BUF_LIB
);
943 if (BIO_read_filename(bin
, file
) <= 0) {
944 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
, ERR_R_SYS_LIB
);
948 for (num_extensions
= 0;; num_extensions
++) {
949 unsigned int version
;
951 if (PEM_read_bio(bin
, &name
, &header
, &extension
, &extension_length
)
954 * There must be at least one extension in this file
956 if (num_extensions
== 0) {
957 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
,
958 SSL_R_NO_PEM_EXTENSIONS
);
960 } else /* End of file, we're done */
963 /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
964 name_len
= strlen(name
);
965 if (name_len
< sizeof(namePrefix1
) - 1) {
966 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
, SSL_R_PEM_NAME_TOO_SHORT
);
969 if (strncmp(name
, namePrefix1
, sizeof(namePrefix1
) - 1) == 0) {
970 version
= SSL_SERVERINFOV1
;
972 if (name_len
< sizeof(namePrefix2
) - 1) {
973 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
,
974 SSL_R_PEM_NAME_TOO_SHORT
);
977 if (strncmp(name
, namePrefix2
, sizeof(namePrefix2
) - 1) != 0) {
978 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
,
979 SSL_R_PEM_NAME_BAD_PREFIX
);
982 version
= SSL_SERVERINFOV2
;
985 * Check that the decoded PEM data is plausible (valid length field)
987 if (version
== SSL_SERVERINFOV1
) {
988 /* 4 byte header: 2 bytes type, 2 bytes len */
989 if (extension_length
< 4
990 || (extension
[2] << 8) + extension
[3]
991 != extension_length
- 4) {
992 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
, SSL_R_BAD_DATA
);
996 * File does not have a context value so we must take account of
1001 /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
1002 if (extension_length
< 8
1003 || (extension
[6] << 8) + extension
[7]
1004 != extension_length
- 8) {
1005 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
, SSL_R_BAD_DATA
);
1009 /* Append the decoded extension to the serverinfo buffer */
1010 tmp
= OPENSSL_realloc(serverinfo
, serverinfo_length
+ extension_length
1013 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE
, ERR_R_MALLOC_FAILURE
);
1017 if (contextoff
> 0) {
1018 unsigned char *sinfo
= serverinfo
+ serverinfo_length
;
1020 /* We know this only uses the last 2 bytes */
1023 sinfo
[2] = (SYNTHV1CONTEXT
>> 8) & 0xff;
1024 sinfo
[3] = SYNTHV1CONTEXT
& 0xff;
1026 memcpy(serverinfo
+ serverinfo_length
+ contextoff
,
1027 extension
, extension_length
);
1028 serverinfo_length
+= extension_length
+ contextoff
;
1032 OPENSSL_free(header
);
1034 OPENSSL_free(extension
);
1038 ret
= SSL_CTX_use_serverinfo_ex(ctx
, SSL_SERVERINFOV2
, serverinfo
,
1041 /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
1043 OPENSSL_free(header
);
1044 OPENSSL_free(extension
);
1045 OPENSSL_free(serverinfo
);
1050 static int ssl_set_cert_and_key(SSL
*ssl
, SSL_CTX
*ctx
, X509
*x509
, EVP_PKEY
*privatekey
,
1051 STACK_OF(X509
) *chain
, int override
)
1057 CERT
*c
= ssl
!= NULL
? ssl
->cert
: ctx
->cert
;
1058 STACK_OF(X509
) *dup_chain
= NULL
;
1059 EVP_PKEY
*pubkey
= NULL
;
1061 /* Do all security checks before anything else */
1062 rv
= ssl_security_cert(ssl
, ctx
, x509
, 0, 1);
1064 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY
, rv
);
1067 for (j
= 0; j
< sk_X509_num(chain
); j
++) {
1068 rv
= ssl_security_cert(ssl
, ctx
, sk_X509_value(chain
, j
), 0, 0);
1070 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY
, rv
);
1075 pubkey
= X509_get_pubkey(x509
); /* bumps reference */
1078 if (privatekey
== NULL
) {
1079 privatekey
= pubkey
;
1081 /* For RSA, which has no parameters, missing returns 0 */
1082 if (EVP_PKEY_missing_parameters(privatekey
)) {
1083 if (EVP_PKEY_missing_parameters(pubkey
)) {
1084 /* nobody has parameters? - error */
1085 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY
, SSL_R_MISSING_PARAMETERS
);
1088 /* copy to privatekey from pubkey */
1089 EVP_PKEY_copy_parameters(privatekey
, pubkey
);
1091 } else if (EVP_PKEY_missing_parameters(pubkey
)) {
1092 /* copy to pubkey from privatekey */
1093 EVP_PKEY_copy_parameters(pubkey
, privatekey
);
1094 } /* else both have parameters */
1096 /* Copied from ssl_set_cert/pkey */
1097 #ifndef OPENSSL_NO_RSA
1098 if ((EVP_PKEY_id(privatekey
) == EVP_PKEY_RSA
) &&
1099 ((RSA_flags(EVP_PKEY_get0_RSA(privatekey
)) & RSA_METHOD_FLAG_NO_CHECK
)))
1103 /* check that key <-> cert match */
1104 if (EVP_PKEY_cmp(pubkey
, privatekey
) != 1) {
1105 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY
, SSL_R_PRIVATE_KEY_MISMATCH
);
1109 if (ssl_cert_lookup_by_pkey(pubkey
, &i
) == NULL
) {
1110 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
1114 if (!override
&& (c
->pkeys
[i
].x509
!= NULL
1115 || c
->pkeys
[i
].privatekey
!= NULL
1116 || c
->pkeys
[i
].chain
!= NULL
)) {
1117 /* No override, and something already there */
1118 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY
, SSL_R_NOT_REPLACING_CERTIFICATE
);
1122 if (chain
!= NULL
) {
1123 dup_chain
= X509_chain_up_ref(chain
);
1124 if (dup_chain
== NULL
) {
1125 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY
, ERR_R_MALLOC_FAILURE
);
1130 sk_X509_pop_free(c
->pkeys
[i
].chain
, X509_free
);
1131 c
->pkeys
[i
].chain
= dup_chain
;
1133 X509_free(c
->pkeys
[i
].x509
);
1135 c
->pkeys
[i
].x509
= x509
;
1137 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
1138 EVP_PKEY_up_ref(privatekey
);
1139 c
->pkeys
[i
].privatekey
= privatekey
;
1141 c
->key
= &(c
->pkeys
[i
]);
1145 EVP_PKEY_free(pubkey
);
1149 int SSL_use_cert_and_key(SSL
*ssl
, X509
*x509
, EVP_PKEY
*privatekey
,
1150 STACK_OF(X509
) *chain
, int override
)
1152 return ssl_set_cert_and_key(ssl
, NULL
, x509
, privatekey
, chain
, override
);
1155 int SSL_CTX_use_cert_and_key(SSL_CTX
*ctx
, X509
*x509
, EVP_PKEY
*privatekey
,
1156 STACK_OF(X509
) *chain
, int override
)
1158 return ssl_set_cert_and_key(NULL
, ctx
, x509
, privatekey
, chain
, override
);