]>
Commit | Line | Data |
---|---|---|
58964a49 | 1 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
2 | * All rights reserved. |
3 | * | |
4 | * This package is an SSL implementation written | |
5 | * by Eric Young (eay@cryptsoft.com). | |
6 | * The implementation was written so as to conform with Netscapes SSL. | |
0f113f3e | 7 | * |
d02b48c6 RE |
8 | * This library is free for commercial and non-commercial use as long as |
9 | * the following conditions are aheared to. The following conditions | |
10 | * apply to all code found in this distribution, be it the RC4, RSA, | |
11 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
12 | * included with this distribution is covered by the same copyright terms | |
13 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
0f113f3e | 14 | * |
d02b48c6 RE |
15 | * Copyright remains Eric Young's, and as such any Copyright notices in |
16 | * the code are not to be removed. | |
17 | * If this package is used in a product, Eric Young should be given attribution | |
18 | * as the author of the parts of the library used. | |
19 | * This can be in the form of a textual message at program startup or | |
20 | * in documentation (online or textual) provided with the package. | |
0f113f3e | 21 | * |
d02b48c6 RE |
22 | * Redistribution and use in source and binary forms, with or without |
23 | * modification, are permitted provided that the following conditions | |
24 | * are met: | |
25 | * 1. Redistributions of source code must retain the copyright | |
26 | * notice, this list of conditions and the following disclaimer. | |
27 | * 2. Redistributions in binary form must reproduce the above copyright | |
28 | * notice, this list of conditions and the following disclaimer in the | |
29 | * documentation and/or other materials provided with the distribution. | |
30 | * 3. All advertising materials mentioning features or use of this software | |
31 | * must display the following acknowledgement: | |
32 | * "This product includes cryptographic software written by | |
33 | * Eric Young (eay@cryptsoft.com)" | |
34 | * The word 'cryptographic' can be left out if the rouines from the library | |
35 | * being used are not cryptographic related :-). | |
0f113f3e | 36 | * 4. If you include any Windows specific code (or a derivative thereof) from |
d02b48c6 RE |
37 | * the apps directory (application code) you must include an acknowledgement: |
38 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
0f113f3e | 39 | * |
d02b48c6 RE |
40 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
41 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
43 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
44 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
45 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
46 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
48 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
49 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
50 | * SUCH DAMAGE. | |
0f113f3e | 51 | * |
d02b48c6 RE |
52 | * The licence and distribution terms for any publically available version or |
53 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
54 | * copied and put under another distribution licence | |
55 | * [including the GNU Public Licence.] | |
56 | */ | |
a661b653 | 57 | /* ==================================================================== |
241520e6 | 58 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. |
a661b653 BM |
59 | * |
60 | * Redistribution and use in source and binary forms, with or without | |
61 | * modification, are permitted provided that the following conditions | |
62 | * are met: | |
63 | * | |
64 | * 1. Redistributions of source code must retain the above copyright | |
0f113f3e | 65 | * notice, this list of conditions and the following disclaimer. |
a661b653 BM |
66 | * |
67 | * 2. Redistributions in binary form must reproduce the above copyright | |
68 | * notice, this list of conditions and the following disclaimer in | |
69 | * the documentation and/or other materials provided with the | |
70 | * distribution. | |
71 | * | |
72 | * 3. All advertising materials mentioning features or use of this | |
73 | * software must display the following acknowledgment: | |
74 | * "This product includes software developed by the OpenSSL Project | |
75 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | |
76 | * | |
77 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
78 | * endorse or promote products derived from this software without | |
79 | * prior written permission. For written permission, please contact | |
80 | * openssl-core@openssl.org. | |
81 | * | |
82 | * 5. Products derived from this software may not be called "OpenSSL" | |
83 | * nor may "OpenSSL" appear in their names without prior written | |
84 | * permission of the OpenSSL Project. | |
85 | * | |
86 | * 6. Redistributions of any form whatsoever must retain the following | |
87 | * acknowledgment: | |
88 | * "This product includes software developed by the OpenSSL Project | |
89 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | |
90 | * | |
91 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
92 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
93 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
94 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
95 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
96 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
97 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
98 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
99 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
100 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
101 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
102 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
103 | * ==================================================================== | |
104 | * | |
105 | * This product includes cryptographic software written by Eric Young | |
106 | * (eay@cryptsoft.com). This product includes software written by Tim | |
107 | * Hudson (tjh@cryptsoft.com). | |
108 | * | |
109 | */ | |
d02b48c6 | 110 | |
7e1b7485 | 111 | /* callback functions used by s_client, s_server, and s_time */ |
d02b48c6 RE |
112 | #include <stdio.h> |
113 | #include <stdlib.h> | |
8f744cce | 114 | #include <string.h> /* for memcpy() and strcmp() */ |
d02b48c6 | 115 | #define USE_SOCKETS |
d02b48c6 | 116 | #include "apps.h" |
d02b48c6 | 117 | #undef USE_SOCKETS |
ec577822 | 118 | #include <openssl/err.h> |
07a9d1a2 | 119 | #include <openssl/rand.h> |
ec577822 BM |
120 | #include <openssl/x509.h> |
121 | #include <openssl/ssl.h> | |
e03c5b59 DSH |
122 | #include <openssl/bn.h> |
123 | #ifndef OPENSSL_NO_DH | |
0f113f3e | 124 | # include <openssl/dh.h> |
e03c5b59 | 125 | #endif |
d02b48c6 RE |
126 | #include "s_apps.h" |
127 | ||
0f113f3e | 128 | #define COOKIE_SECRET_LENGTH 16 |
07a9d1a2 | 129 | |
0f113f3e MC |
130 | int verify_depth = 0; |
131 | int verify_quiet = 0; | |
132 | int verify_error = X509_V_OK; | |
133 | int verify_return_error = 0; | |
df2ee0e2 BL |
134 | static unsigned char cookie_secret[COOKIE_SECRET_LENGTH]; |
135 | static int cookie_initialized = 0; | |
d02b48c6 | 136 | |
3e8e688f RS |
137 | static const char *lookup(int val, const STRINT_PAIR* list, const char* def) |
138 | { | |
139 | for ( ; list->name; ++list) | |
140 | if (list->retval == val) | |
141 | return list->name; | |
142 | return def; | |
143 | } | |
144 | ||
6d23cf97 | 145 | int verify_callback(int ok, X509_STORE_CTX *ctx) |
0f113f3e MC |
146 | { |
147 | X509 *err_cert; | |
148 | int err, depth; | |
149 | ||
150 | err_cert = X509_STORE_CTX_get_current_cert(ctx); | |
151 | err = X509_STORE_CTX_get_error(ctx); | |
152 | depth = X509_STORE_CTX_get_error_depth(ctx); | |
153 | ||
154 | if (!verify_quiet || !ok) { | |
155 | BIO_printf(bio_err, "depth=%d ", depth); | |
156 | if (err_cert) { | |
157 | X509_NAME_print_ex(bio_err, | |
158 | X509_get_subject_name(err_cert), | |
159 | 0, XN_FLAG_ONELINE); | |
160 | BIO_puts(bio_err, "\n"); | |
161 | } else | |
162 | BIO_puts(bio_err, "<no cert>\n"); | |
163 | } | |
164 | if (!ok) { | |
165 | BIO_printf(bio_err, "verify error:num=%d:%s\n", err, | |
166 | X509_verify_cert_error_string(err)); | |
167 | if (verify_depth >= depth) { | |
168 | if (!verify_return_error) | |
169 | ok = 1; | |
170 | verify_error = X509_V_OK; | |
171 | } else { | |
172 | ok = 0; | |
173 | verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG; | |
174 | } | |
175 | } | |
176 | switch (err) { | |
177 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: | |
178 | BIO_puts(bio_err, "issuer= "); | |
179 | X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert), | |
180 | 0, XN_FLAG_ONELINE); | |
181 | BIO_puts(bio_err, "\n"); | |
182 | break; | |
183 | case X509_V_ERR_CERT_NOT_YET_VALID: | |
184 | case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: | |
185 | BIO_printf(bio_err, "notBefore="); | |
186 | ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert)); | |
187 | BIO_printf(bio_err, "\n"); | |
188 | break; | |
189 | case X509_V_ERR_CERT_HAS_EXPIRED: | |
190 | case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: | |
191 | BIO_printf(bio_err, "notAfter="); | |
192 | ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert)); | |
193 | BIO_printf(bio_err, "\n"); | |
194 | break; | |
195 | case X509_V_ERR_NO_EXPLICIT_POLICY: | |
196 | if (!verify_quiet) | |
ecf3a1fb | 197 | policies_print(ctx); |
0f113f3e MC |
198 | break; |
199 | } | |
200 | if (err == X509_V_OK && ok == 2 && !verify_quiet) | |
ecf3a1fb | 201 | policies_print(ctx); |
0f113f3e MC |
202 | if (ok && !verify_quiet) |
203 | BIO_printf(bio_err, "verify return:%d\n", ok); | |
204 | return (ok); | |
205 | } | |
d02b48c6 | 206 | |
6b691a5c | 207 | int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) |
0f113f3e MC |
208 | { |
209 | if (cert_file != NULL) { | |
0f113f3e MC |
210 | if (SSL_CTX_use_certificate_file(ctx, cert_file, |
211 | SSL_FILETYPE_PEM) <= 0) { | |
212 | BIO_printf(bio_err, "unable to get certificate from '%s'\n", | |
213 | cert_file); | |
214 | ERR_print_errors(bio_err); | |
215 | return (0); | |
216 | } | |
217 | if (key_file == NULL) | |
218 | key_file = cert_file; | |
219 | if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0) { | |
220 | BIO_printf(bio_err, "unable to get private key from '%s'\n", | |
221 | key_file); | |
222 | ERR_print_errors(bio_err); | |
223 | return (0); | |
224 | } | |
225 | ||
0f113f3e MC |
226 | /* |
227 | * If we are using DSA, we can copy the parameters from the private | |
228 | * key | |
229 | */ | |
230 | ||
231 | /* | |
232 | * Now we know that a key and cert have been set against the SSL | |
233 | * context | |
234 | */ | |
235 | if (!SSL_CTX_check_private_key(ctx)) { | |
236 | BIO_printf(bio_err, | |
237 | "Private key does not match the certificate public key\n"); | |
238 | return (0); | |
239 | } | |
240 | } | |
241 | return (1); | |
242 | } | |
d02b48c6 | 243 | |
fc6fc7ff | 244 | int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, |
0f113f3e MC |
245 | STACK_OF(X509) *chain, int build_chain) |
246 | { | |
247 | int chflags = chain ? SSL_BUILD_CHAIN_FLAG_CHECK : 0; | |
248 | if (cert == NULL) | |
249 | return 1; | |
250 | if (SSL_CTX_use_certificate(ctx, cert) <= 0) { | |
251 | BIO_printf(bio_err, "error setting certificate\n"); | |
252 | ERR_print_errors(bio_err); | |
253 | return 0; | |
254 | } | |
255 | ||
256 | if (SSL_CTX_use_PrivateKey(ctx, key) <= 0) { | |
257 | BIO_printf(bio_err, "error setting private key\n"); | |
258 | ERR_print_errors(bio_err); | |
259 | return 0; | |
260 | } | |
261 | ||
262 | /* | |
263 | * Now we know that a key and cert have been set against the SSL context | |
264 | */ | |
265 | if (!SSL_CTX_check_private_key(ctx)) { | |
266 | BIO_printf(bio_err, | |
267 | "Private key does not match the certificate public key\n"); | |
268 | return 0; | |
269 | } | |
270 | if (chain && !SSL_CTX_set1_chain(ctx, chain)) { | |
271 | BIO_printf(bio_err, "error setting certificate chain\n"); | |
272 | ERR_print_errors(bio_err); | |
273 | return 0; | |
274 | } | |
275 | if (build_chain && !SSL_CTX_build_cert_chain(ctx, chflags)) { | |
276 | BIO_printf(bio_err, "error building certificate chain\n"); | |
277 | ERR_print_errors(bio_err); | |
278 | return 0; | |
279 | } | |
280 | return 1; | |
281 | } | |
826a42a0 | 282 | |
3e8e688f RS |
283 | static STRINT_PAIR cert_type_list[] = { |
284 | {"RSA sign", TLS_CT_RSA_SIGN}, | |
285 | {"DSA sign", TLS_CT_DSS_SIGN}, | |
286 | {"RSA fixed DH", TLS_CT_RSA_FIXED_DH}, | |
287 | {"DSS fixed DH", TLS_CT_DSS_FIXED_DH}, | |
288 | {"ECDSA sign", TLS_CT_ECDSA_SIGN}, | |
289 | {"RSA fixed ECDH", TLS_CT_RSA_FIXED_ECDH}, | |
290 | {"ECDSA fixed ECDH", TLS_CT_ECDSA_FIXED_ECDH}, | |
3e8e688f RS |
291 | {"GOST01 Sign", TLS_CT_GOST01_SIGN}, |
292 | {NULL} | |
293 | }; | |
294 | ||
9f27b1ee | 295 | static void ssl_print_client_cert_types(BIO *bio, SSL *s) |
0f113f3e MC |
296 | { |
297 | const unsigned char *p; | |
298 | int i; | |
299 | int cert_type_num = SSL_get0_certificate_types(s, &p); | |
300 | if (!cert_type_num) | |
301 | return; | |
302 | BIO_puts(bio, "Client Certificate Types: "); | |
303 | for (i = 0; i < cert_type_num; i++) { | |
304 | unsigned char cert_type = p[i]; | |
3e8e688f | 305 | const char *cname = lookup((int)cert_type, cert_type_list, NULL); |
0f113f3e MC |
306 | |
307 | if (i) | |
308 | BIO_puts(bio, ", "); | |
0f113f3e MC |
309 | if (cname) |
310 | BIO_puts(bio, cname); | |
311 | else | |
312 | BIO_printf(bio, "UNKNOWN (%d),", cert_type); | |
313 | } | |
314 | BIO_puts(bio, "\n"); | |
315 | } | |
9f27b1ee DSH |
316 | |
317 | static int do_print_sigalgs(BIO *out, SSL *s, int shared) | |
0f113f3e MC |
318 | { |
319 | int i, nsig, client; | |
320 | client = SSL_is_server(s) ? 0 : 1; | |
321 | if (shared) | |
322 | nsig = SSL_get_shared_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL); | |
323 | else | |
324 | nsig = SSL_get_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL); | |
325 | if (nsig == 0) | |
326 | return 1; | |
327 | ||
328 | if (shared) | |
329 | BIO_puts(out, "Shared "); | |
330 | ||
331 | if (client) | |
332 | BIO_puts(out, "Requested "); | |
333 | BIO_puts(out, "Signature Algorithms: "); | |
334 | for (i = 0; i < nsig; i++) { | |
335 | int hash_nid, sign_nid; | |
336 | unsigned char rhash, rsign; | |
337 | const char *sstr = NULL; | |
338 | if (shared) | |
339 | SSL_get_shared_sigalgs(s, i, &sign_nid, &hash_nid, NULL, | |
340 | &rsign, &rhash); | |
341 | else | |
342 | SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL, &rsign, &rhash); | |
343 | if (i) | |
344 | BIO_puts(out, ":"); | |
345 | if (sign_nid == EVP_PKEY_RSA) | |
346 | sstr = "RSA"; | |
347 | else if (sign_nid == EVP_PKEY_DSA) | |
348 | sstr = "DSA"; | |
349 | else if (sign_nid == EVP_PKEY_EC) | |
350 | sstr = "ECDSA"; | |
351 | if (sstr) | |
352 | BIO_printf(out, "%s+", sstr); | |
353 | else | |
354 | BIO_printf(out, "0x%02X+", (int)rsign); | |
355 | if (hash_nid != NID_undef) | |
356 | BIO_printf(out, "%s", OBJ_nid2sn(hash_nid)); | |
357 | else | |
358 | BIO_printf(out, "0x%02X", (int)rhash); | |
359 | } | |
360 | BIO_puts(out, "\n"); | |
361 | return 1; | |
362 | } | |
e7f8ff43 | 363 | |
9f27b1ee | 364 | int ssl_print_sigalgs(BIO *out, SSL *s) |
0f113f3e MC |
365 | { |
366 | int mdnid; | |
367 | if (!SSL_is_server(s)) | |
368 | ssl_print_client_cert_types(out, s); | |
369 | do_print_sigalgs(out, s, 0); | |
370 | do_print_sigalgs(out, s, 1); | |
371 | if (SSL_get_peer_signature_nid(s, &mdnid)) | |
372 | BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid)); | |
373 | return 1; | |
374 | } | |
375 | ||
14536c8c | 376 | #ifndef OPENSSL_NO_EC |
20b431e3 | 377 | int ssl_print_point_formats(BIO *out, SSL *s) |
0f113f3e MC |
378 | { |
379 | int i, nformats; | |
380 | const char *pformats; | |
381 | nformats = SSL_get0_ec_point_formats(s, &pformats); | |
382 | if (nformats <= 0) | |
383 | return 1; | |
384 | BIO_puts(out, "Supported Elliptic Curve Point Formats: "); | |
385 | for (i = 0; i < nformats; i++, pformats++) { | |
386 | if (i) | |
387 | BIO_puts(out, ":"); | |
388 | switch (*pformats) { | |
389 | case TLSEXT_ECPOINTFORMAT_uncompressed: | |
390 | BIO_puts(out, "uncompressed"); | |
391 | break; | |
392 | ||
393 | case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime: | |
394 | BIO_puts(out, "ansiX962_compressed_prime"); | |
395 | break; | |
396 | ||
397 | case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2: | |
398 | BIO_puts(out, "ansiX962_compressed_char2"); | |
399 | break; | |
400 | ||
401 | default: | |
402 | BIO_printf(out, "unknown(%d)", (int)*pformats); | |
403 | break; | |
404 | ||
405 | } | |
406 | } | |
407 | if (nformats <= 0) | |
408 | BIO_puts(out, "NONE"); | |
409 | BIO_puts(out, "\n"); | |
410 | return 1; | |
411 | } | |
20b431e3 | 412 | |
2a7cbe77 | 413 | int ssl_print_curves(BIO *out, SSL *s, int noshared) |
0f113f3e MC |
414 | { |
415 | int i, ncurves, *curves, nid; | |
416 | const char *cname; | |
7e1b7485 | 417 | |
0f113f3e MC |
418 | ncurves = SSL_get1_curves(s, NULL); |
419 | if (ncurves <= 0) | |
420 | return 1; | |
68dc6824 | 421 | curves = app_malloc(ncurves * sizeof(int), "curves to print"); |
0f113f3e MC |
422 | SSL_get1_curves(s, curves); |
423 | ||
424 | BIO_puts(out, "Supported Elliptic Curves: "); | |
425 | for (i = 0; i < ncurves; i++) { | |
426 | if (i) | |
427 | BIO_puts(out, ":"); | |
428 | nid = curves[i]; | |
429 | /* If unrecognised print out hex version */ | |
430 | if (nid & TLSEXT_nid_unknown) | |
431 | BIO_printf(out, "0x%04X", nid & 0xFFFF); | |
432 | else { | |
433 | /* Use NIST name for curve if it exists */ | |
434 | cname = EC_curve_nid2nist(nid); | |
435 | if (!cname) | |
436 | cname = OBJ_nid2sn(nid); | |
437 | BIO_printf(out, "%s", cname); | |
438 | } | |
439 | } | |
440 | if (ncurves == 0) | |
441 | BIO_puts(out, "NONE"); | |
442 | OPENSSL_free(curves); | |
443 | if (noshared) { | |
444 | BIO_puts(out, "\n"); | |
445 | return 1; | |
446 | } | |
447 | BIO_puts(out, "\nShared Elliptic curves: "); | |
448 | ncurves = SSL_get_shared_curve(s, -1); | |
449 | for (i = 0; i < ncurves; i++) { | |
450 | if (i) | |
451 | BIO_puts(out, ":"); | |
452 | nid = SSL_get_shared_curve(s, i); | |
453 | cname = EC_curve_nid2nist(nid); | |
454 | if (!cname) | |
455 | cname = OBJ_nid2sn(nid); | |
456 | BIO_printf(out, "%s", cname); | |
457 | } | |
458 | if (ncurves == 0) | |
459 | BIO_puts(out, "NONE"); | |
460 | BIO_puts(out, "\n"); | |
461 | return 1; | |
462 | } | |
14536c8c | 463 | #endif |
33a8de69 | 464 | int ssl_print_tmp_key(BIO *out, SSL *s) |
0f113f3e MC |
465 | { |
466 | EVP_PKEY *key; | |
467 | if (!SSL_get_server_tmp_key(s, &key)) | |
468 | return 1; | |
469 | BIO_puts(out, "Server Temp Key: "); | |
470 | switch (EVP_PKEY_id(key)) { | |
471 | case EVP_PKEY_RSA: | |
472 | BIO_printf(out, "RSA, %d bits\n", EVP_PKEY_bits(key)); | |
473 | break; | |
474 | ||
475 | case EVP_PKEY_DH: | |
476 | BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key)); | |
477 | break; | |
10bf4fc2 | 478 | #ifndef OPENSSL_NO_EC |
0f113f3e MC |
479 | case EVP_PKEY_EC: |
480 | { | |
481 | EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key); | |
482 | int nid; | |
483 | const char *cname; | |
484 | nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); | |
485 | EC_KEY_free(ec); | |
486 | cname = EC_curve_nid2nist(nid); | |
487 | if (!cname) | |
488 | cname = OBJ_nid2sn(nid); | |
489 | BIO_printf(out, "ECDH, %s, %d bits\n", cname, EVP_PKEY_bits(key)); | |
490 | } | |
14536c8c | 491 | #endif |
0f113f3e MC |
492 | } |
493 | EVP_PKEY_free(key); | |
494 | return 1; | |
495 | } | |
e7f8ff43 | 496 | |
6d23cf97 | 497 | long bio_dump_callback(BIO *bio, int cmd, const char *argp, |
0f113f3e MC |
498 | int argi, long argl, long ret) |
499 | { | |
500 | BIO *out; | |
501 | ||
502 | out = (BIO *)BIO_get_callback_arg(bio); | |
503 | if (out == NULL) | |
504 | return (ret); | |
505 | ||
506 | if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) { | |
507 | BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n", | |
508 | (void *)bio, argp, (unsigned long)argi, ret, ret); | |
509 | BIO_dump(out, argp, (int)ret); | |
510 | return (ret); | |
511 | } else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) { | |
512 | BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n", | |
513 | (void *)bio, argp, (unsigned long)argi, ret, ret); | |
514 | BIO_dump(out, argp, (int)ret); | |
515 | } | |
516 | return (ret); | |
517 | } | |
d02b48c6 | 518 | |
6d23cf97 | 519 | void apps_ssl_info_callback(const SSL *s, int where, int ret) |
0f113f3e MC |
520 | { |
521 | const char *str; | |
522 | int w; | |
523 | ||
524 | w = where & ~SSL_ST_MASK; | |
525 | ||
526 | if (w & SSL_ST_CONNECT) | |
527 | str = "SSL_connect"; | |
528 | else if (w & SSL_ST_ACCEPT) | |
529 | str = "SSL_accept"; | |
530 | else | |
531 | str = "undefined"; | |
532 | ||
533 | if (where & SSL_CB_LOOP) { | |
534 | BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s)); | |
535 | } else if (where & SSL_CB_ALERT) { | |
536 | str = (where & SSL_CB_READ) ? "read" : "write"; | |
537 | BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", | |
538 | str, | |
539 | SSL_alert_type_string_long(ret), | |
540 | SSL_alert_desc_string_long(ret)); | |
541 | } else if (where & SSL_CB_EXIT) { | |
542 | if (ret == 0) | |
543 | BIO_printf(bio_err, "%s:failed in %s\n", | |
544 | str, SSL_state_string_long(s)); | |
545 | else if (ret < 0) { | |
546 | BIO_printf(bio_err, "%s:error in %s\n", | |
547 | str, SSL_state_string_long(s)); | |
548 | } | |
549 | } | |
550 | } | |
d02b48c6 | 551 | |
3e8e688f RS |
552 | static STRINT_PAIR ssl_versions[] = { |
553 | {"SSL 3.0", SSL3_VERSION}, | |
554 | {"TLS 1.0", TLS1_VERSION}, | |
555 | {"TLS 1.1", TLS1_1_VERSION}, | |
556 | {"TLS 1.2", TLS1_2_VERSION}, | |
557 | {"DTLS 1.0", DTLS1_VERSION}, | |
558 | {"DTLS 1.0 (bad)", DTLS1_BAD_VER}, | |
559 | {NULL} | |
560 | }; | |
561 | static STRINT_PAIR alert_types[] = { | |
562 | {" close_notify", 0}, | |
563 | {" unexpected_message", 10}, | |
564 | {" bad_record_mac", 20}, | |
565 | {" decryption_failed", 21}, | |
566 | {" record_overflow", 22}, | |
567 | {" decompression_failure", 30}, | |
568 | {" handshake_failure", 40}, | |
569 | {" bad_certificate", 42}, | |
570 | {" unsupported_certificate", 43}, | |
571 | {" certificate_revoked", 44}, | |
572 | {" certificate_expired", 45}, | |
573 | {" certificate_unknown", 46}, | |
574 | {" illegal_parameter", 47}, | |
575 | {" unknown_ca", 48}, | |
576 | {" access_denied", 49}, | |
577 | {" decode_error", 50}, | |
578 | {" decrypt_error", 51}, | |
579 | {" export_restriction", 60}, | |
580 | {" protocol_version", 70}, | |
581 | {" insufficient_security", 71}, | |
582 | {" internal_error", 80}, | |
583 | {" user_canceled", 90}, | |
584 | {" no_renegotiation", 100}, | |
585 | {" unsupported_extension", 110}, | |
586 | {" certificate_unobtainable", 111}, | |
587 | {" unrecognized_name", 112}, | |
588 | {" bad_certificate_status_response", 113}, | |
589 | {" bad_certificate_hash_value", 114}, | |
590 | {" unknown_psk_identity", 115}, | |
591 | {NULL} | |
592 | }; | |
593 | ||
594 | static STRINT_PAIR handshakes[] = { | |
595 | {", HelloRequest", 0}, | |
596 | {", ClientHello", 1}, | |
597 | {", ServerHello", 2}, | |
598 | {", HelloVerifyRequest", 3}, | |
599 | {", Certificate", 11}, | |
600 | {", ServerKeyExchange", 12}, | |
601 | {", CertificateRequest", 13}, | |
602 | {", ServerHelloDone", 14}, | |
603 | {", CertificateVerify", 15}, | |
604 | {", ClientKeyExchange", 16}, | |
605 | {", Finished", 20}, | |
606 | {NULL} | |
607 | }; | |
0f113f3e MC |
608 | |
609 | void msg_cb(int write_p, int version, int content_type, const void *buf, | |
610 | size_t len, SSL *ssl, void *arg) | |
611 | { | |
612 | BIO *bio = arg; | |
3e8e688f RS |
613 | const char *str_write_p = write_p ? ">>>" : "<<<"; |
614 | const char *str_version = lookup(version, ssl_versions, "???"); | |
615 | const char *str_content_type = "", *str_details1 = "", *str_details2 = ""; | |
616 | const unsigned char* bp = buf; | |
0f113f3e MC |
617 | |
618 | if (version == SSL3_VERSION || | |
619 | version == TLS1_VERSION || | |
620 | version == TLS1_1_VERSION || | |
621 | version == TLS1_2_VERSION || | |
622 | version == DTLS1_VERSION || version == DTLS1_BAD_VER) { | |
623 | switch (content_type) { | |
624 | case 20: | |
625 | str_content_type = "ChangeCipherSpec"; | |
626 | break; | |
627 | case 21: | |
628 | str_content_type = "Alert"; | |
0f113f3e | 629 | str_details1 = ", ???"; |
0f113f3e | 630 | if (len == 2) { |
3e8e688f | 631 | switch (bp[0]) { |
0f113f3e MC |
632 | case 1: |
633 | str_details1 = ", warning"; | |
634 | break; | |
635 | case 2: | |
636 | str_details1 = ", fatal"; | |
637 | break; | |
638 | } | |
3e8e688f | 639 | str_details2 = lookup((int)bp[1], alert_types, " ???"); |
0f113f3e | 640 | } |
3e8e688f RS |
641 | break; |
642 | case 22: | |
643 | str_content_type = "Handshake"; | |
0f113f3e | 644 | str_details1 = "???"; |
3e8e688f RS |
645 | if (len > 0) |
646 | str_details1 = lookup((int)bp[0], handshakes, "???"); | |
647 | break; | |
4817504d | 648 | #ifndef OPENSSL_NO_HEARTBEATS |
3e8e688f | 649 | case 24: |
0f113f3e MC |
650 | str_details1 = ", Heartbeat"; |
651 | ||
652 | if (len > 0) { | |
3e8e688f | 653 | switch (bp[0]) { |
0f113f3e MC |
654 | case 1: |
655 | str_details1 = ", HeartbeatRequest"; | |
656 | break; | |
657 | case 2: | |
658 | str_details1 = ", HeartbeatResponse"; | |
659 | break; | |
660 | } | |
661 | } | |
3e8e688f | 662 | break; |
4817504d | 663 | #endif |
3e8e688f | 664 | } |
0f113f3e | 665 | } |
a661b653 | 666 | |
0f113f3e MC |
667 | BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, |
668 | str_content_type, (unsigned long)len, str_details1, | |
669 | str_details2); | |
a661b653 | 670 | |
0f113f3e MC |
671 | if (len > 0) { |
672 | size_t num, i; | |
673 | ||
674 | BIO_printf(bio, " "); | |
675 | num = len; | |
0f113f3e MC |
676 | for (i = 0; i < num; i++) { |
677 | if (i % 16 == 0 && i > 0) | |
678 | BIO_printf(bio, "\n "); | |
679 | BIO_printf(bio, " %02x", ((const unsigned char *)buf)[i]); | |
680 | } | |
681 | if (i < len) | |
682 | BIO_printf(bio, " ..."); | |
683 | BIO_printf(bio, "\n"); | |
684 | } | |
685 | (void)BIO_flush(bio); | |
686 | } | |
6434abbf | 687 | |
3e8e688f RS |
688 | static STRINT_PAIR tlsext_types[] = { |
689 | {"server name", TLSEXT_TYPE_server_name}, | |
690 | {"max fragment length", TLSEXT_TYPE_max_fragment_length}, | |
691 | {"client certificate URL", TLSEXT_TYPE_client_certificate_url}, | |
692 | {"trusted CA keys", TLSEXT_TYPE_trusted_ca_keys}, | |
693 | {"truncated HMAC", TLSEXT_TYPE_truncated_hmac}, | |
694 | {"status request", TLSEXT_TYPE_status_request}, | |
695 | {"user mapping", TLSEXT_TYPE_user_mapping}, | |
696 | {"client authz", TLSEXT_TYPE_client_authz}, | |
697 | {"server authz", TLSEXT_TYPE_server_authz}, | |
698 | {"cert type", TLSEXT_TYPE_cert_type}, | |
699 | {"elliptic curves", TLSEXT_TYPE_elliptic_curves}, | |
700 | {"EC point formats", TLSEXT_TYPE_ec_point_formats}, | |
701 | {"SRP", TLSEXT_TYPE_srp}, | |
702 | {"signature algorithms", TLSEXT_TYPE_signature_algorithms}, | |
703 | {"use SRTP", TLSEXT_TYPE_use_srtp}, | |
704 | {"heartbeat", TLSEXT_TYPE_heartbeat}, | |
705 | {"session ticket", TLSEXT_TYPE_session_ticket}, | |
706 | {"renegotiation info", TLSEXT_TYPE_renegotiate}, | |
707 | {"TLS padding", TLSEXT_TYPE_padding}, | |
15a40af2 | 708 | #ifdef TLSEXT_TYPE_next_proto_neg |
3e8e688f | 709 | {"next protocol", TLSEXT_TYPE_next_proto_neg}, |
15a40af2 | 710 | #endif |
5e3ff62c | 711 | #ifdef TLSEXT_TYPE_encrypt_then_mac |
3e8e688f | 712 | {"encrypt-then-mac", TLSEXT_TYPE_encrypt_then_mac}, |
5e3ff62c | 713 | #endif |
b48357d9 AG |
714 | #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation |
715 | {"application layer protocol negotiation", | |
716 | TLSEXT_TYPE_application_layer_protocol_negotiation}, | |
fecd04e9 AG |
717 | #endif |
718 | #ifdef TLSEXT_TYPE_extended_master_secret | |
719 | {"extended master secret", TLSEXT_TYPE_extended_master_secret}, | |
b48357d9 | 720 | #endif |
3e8e688f RS |
721 | {NULL} |
722 | }; | |
0f113f3e | 723 | |
3e8e688f RS |
724 | void tlsext_cb(SSL *s, int client_server, int type, |
725 | unsigned char *data, int len, void *arg) | |
726 | { | |
727 | BIO *bio = arg; | |
728 | const char *extname = lookup(type, tlsext_types, "unknown"); | |
0f113f3e MC |
729 | |
730 | BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n", | |
731 | client_server ? "server" : "client", extname, type, len); | |
732 | BIO_dump(bio, (char *)data, len); | |
733 | (void)BIO_flush(bio); | |
734 | } | |
735 | ||
736 | int generate_cookie_callback(SSL *ssl, unsigned char *cookie, | |
737 | unsigned int *cookie_len) | |
738 | { | |
739 | unsigned char *buffer, result[EVP_MAX_MD_SIZE]; | |
740 | unsigned int length, resultlength; | |
741 | union { | |
742 | struct sockaddr sa; | |
743 | struct sockaddr_in s4; | |
cba9ffc3 | 744 | #if OPENSSL_USE_IPV6 |
0f113f3e | 745 | struct sockaddr_in6 s6; |
636b6b45 | 746 | #endif |
0f113f3e MC |
747 | } peer; |
748 | ||
749 | /* Initialize a random secret */ | |
750 | if (!cookie_initialized) { | |
266483d2 | 751 | if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) { |
0f113f3e MC |
752 | BIO_printf(bio_err, "error setting random cookie secret\n"); |
753 | return 0; | |
754 | } | |
755 | cookie_initialized = 1; | |
756 | } | |
757 | ||
758 | /* Read peer information */ | |
759 | (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer); | |
760 | ||
761 | /* Create buffer with peer's address and port */ | |
762 | length = 0; | |
763 | switch (peer.sa.sa_family) { | |
764 | case AF_INET: | |
765 | length += sizeof(struct in_addr); | |
766 | length += sizeof(peer.s4.sin_port); | |
767 | break; | |
cba9ffc3 | 768 | #if OPENSSL_USE_IPV6 |
0f113f3e MC |
769 | case AF_INET6: |
770 | length += sizeof(struct in6_addr); | |
771 | length += sizeof(peer.s6.sin6_port); | |
772 | break; | |
cba9ffc3 | 773 | #endif |
0f113f3e MC |
774 | default: |
775 | OPENSSL_assert(0); | |
776 | break; | |
777 | } | |
68dc6824 | 778 | buffer = app_malloc(length, "cookie generate buffer"); |
0f113f3e MC |
779 | |
780 | switch (peer.sa.sa_family) { | |
781 | case AF_INET: | |
782 | memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port)); | |
783 | memcpy(buffer + sizeof(peer.s4.sin_port), | |
784 | &peer.s4.sin_addr, sizeof(struct in_addr)); | |
785 | break; | |
cba9ffc3 | 786 | #if OPENSSL_USE_IPV6 |
0f113f3e MC |
787 | case AF_INET6: |
788 | memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port)); | |
789 | memcpy(buffer + sizeof(peer.s6.sin6_port), | |
790 | &peer.s6.sin6_addr, sizeof(struct in6_addr)); | |
791 | break; | |
cba9ffc3 | 792 | #endif |
0f113f3e MC |
793 | default: |
794 | OPENSSL_assert(0); | |
795 | break; | |
796 | } | |
797 | ||
798 | /* Calculate HMAC of buffer using the secret */ | |
799 | HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, | |
800 | buffer, length, result, &resultlength); | |
801 | OPENSSL_free(buffer); | |
802 | ||
803 | memcpy(cookie, result, resultlength); | |
804 | *cookie_len = resultlength; | |
805 | ||
806 | return 1; | |
807 | } | |
808 | ||
31011544 | 809 | int verify_cookie_callback(SSL *ssl, const unsigned char *cookie, |
0f113f3e MC |
810 | unsigned int cookie_len) |
811 | { | |
812 | unsigned char *buffer, result[EVP_MAX_MD_SIZE]; | |
813 | unsigned int length, resultlength; | |
814 | union { | |
815 | struct sockaddr sa; | |
816 | struct sockaddr_in s4; | |
cba9ffc3 | 817 | #if OPENSSL_USE_IPV6 |
0f113f3e | 818 | struct sockaddr_in6 s6; |
636b6b45 | 819 | #endif |
0f113f3e MC |
820 | } peer; |
821 | ||
822 | /* If secret isn't initialized yet, the cookie can't be valid */ | |
823 | if (!cookie_initialized) | |
824 | return 0; | |
825 | ||
826 | /* Read peer information */ | |
827 | (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer); | |
828 | ||
829 | /* Create buffer with peer's address and port */ | |
830 | length = 0; | |
831 | switch (peer.sa.sa_family) { | |
832 | case AF_INET: | |
833 | length += sizeof(struct in_addr); | |
834 | length += sizeof(peer.s4.sin_port); | |
835 | break; | |
cba9ffc3 | 836 | #if OPENSSL_USE_IPV6 |
0f113f3e MC |
837 | case AF_INET6: |
838 | length += sizeof(struct in6_addr); | |
839 | length += sizeof(peer.s6.sin6_port); | |
840 | break; | |
cba9ffc3 | 841 | #endif |
0f113f3e MC |
842 | default: |
843 | OPENSSL_assert(0); | |
844 | break; | |
845 | } | |
68dc6824 | 846 | buffer = app_malloc(length, "cookie verify buffer"); |
0f113f3e MC |
847 | |
848 | switch (peer.sa.sa_family) { | |
849 | case AF_INET: | |
850 | memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port)); | |
851 | memcpy(buffer + sizeof(peer.s4.sin_port), | |
852 | &peer.s4.sin_addr, sizeof(struct in_addr)); | |
853 | break; | |
cba9ffc3 | 854 | #if OPENSSL_USE_IPV6 |
0f113f3e MC |
855 | case AF_INET6: |
856 | memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port)); | |
857 | memcpy(buffer + sizeof(peer.s6.sin6_port), | |
858 | &peer.s6.sin6_addr, sizeof(struct in6_addr)); | |
859 | break; | |
cba9ffc3 | 860 | #endif |
0f113f3e MC |
861 | default: |
862 | OPENSSL_assert(0); | |
863 | break; | |
864 | } | |
865 | ||
866 | /* Calculate HMAC of buffer using the secret */ | |
867 | HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, | |
868 | buffer, length, result, &resultlength); | |
869 | OPENSSL_free(buffer); | |
870 | ||
871 | if (cookie_len == resultlength | |
872 | && memcmp(result, cookie, resultlength) == 0) | |
873 | return 1; | |
874 | ||
875 | return 0; | |
876 | } | |
877 | ||
878 | /* | |
879 | * Example of extended certificate handling. Where the standard support of | |
880 | * one certificate per algorithm is not sufficient an application can decide | |
881 | * which certificate(s) to use at runtime based on whatever criteria it deems | |
882 | * appropriate. | |
18d71588 DSH |
883 | */ |
884 | ||
885 | /* Linked list of certificates, keys and chains */ | |
0f113f3e MC |
886 | struct ssl_excert_st { |
887 | int certform; | |
888 | const char *certfile; | |
889 | int keyform; | |
890 | const char *keyfile; | |
891 | const char *chainfile; | |
892 | X509 *cert; | |
893 | EVP_PKEY *key; | |
894 | STACK_OF(X509) *chain; | |
895 | int build_chain; | |
896 | struct ssl_excert_st *next, *prev; | |
897 | }; | |
898 | ||
3e8e688f RS |
899 | static STRINT_PAIR chain_flags[] = { |
900 | {"Overall Validity", CERT_PKEY_VALID}, | |
901 | {"Sign with EE key", CERT_PKEY_SIGN}, | |
902 | {"EE signature", CERT_PKEY_EE_SIGNATURE}, | |
903 | {"CA signature", CERT_PKEY_CA_SIGNATURE}, | |
904 | {"EE key parameters", CERT_PKEY_EE_PARAM}, | |
905 | {"CA key parameters", CERT_PKEY_CA_PARAM}, | |
906 | {"Explicity sign with EE key", CERT_PKEY_EXPLICIT_SIGN}, | |
907 | {"Issuer Name", CERT_PKEY_ISSUER_NAME}, | |
908 | {"Certificate Type", CERT_PKEY_CERT_TYPE}, | |
909 | {NULL} | |
0f113f3e | 910 | }; |
6dbb6219 | 911 | |
ecf3a1fb | 912 | static void print_chain_flags(SSL *s, int flags) |
0f113f3e | 913 | { |
3e8e688f | 914 | STRINT_PAIR *pp; |
ecf3a1fb | 915 | |
3e8e688f RS |
916 | for (pp = chain_flags; pp->name; ++pp) |
917 | BIO_printf(bio_err, "\t%s: %s\n", | |
918 | pp->name, | |
919 | (flags & pp->retval) ? "OK" : "NOT OK"); | |
ecf3a1fb | 920 | BIO_printf(bio_err, "\tSuite B: "); |
0f113f3e | 921 | if (SSL_set_cert_flags(s, 0) & SSL_CERT_FLAG_SUITEB_128_LOS) |
ecf3a1fb | 922 | BIO_puts(bio_err, flags & CERT_PKEY_SUITEB ? "OK\n" : "NOT OK\n"); |
0f113f3e | 923 | else |
ecf3a1fb | 924 | BIO_printf(bio_err, "not tested\n"); |
0f113f3e MC |
925 | } |
926 | ||
927 | /* | |
928 | * Very basic selection callback: just use any certificate chain reported as | |
929 | * valid. More sophisticated could prioritise according to local policy. | |
18d71588 DSH |
930 | */ |
931 | static int set_cert_cb(SSL *ssl, void *arg) | |
0f113f3e MC |
932 | { |
933 | int i, rv; | |
934 | SSL_EXCERT *exc = arg; | |
3323314f | 935 | #ifdef CERT_CB_TEST_RETRY |
0f113f3e MC |
936 | static int retry_cnt; |
937 | if (retry_cnt < 5) { | |
938 | retry_cnt++; | |
7768e116 RS |
939 | BIO_printf(bio_err, |
940 | "Certificate callback retry test: count %d\n", | |
941 | retry_cnt); | |
0f113f3e MC |
942 | return -1; |
943 | } | |
3323314f | 944 | #endif |
0f113f3e MC |
945 | SSL_certs_clear(ssl); |
946 | ||
947 | if (!exc) | |
948 | return 1; | |
949 | ||
950 | /* | |
951 | * Go to end of list and traverse backwards since we prepend newer | |
952 | * entries this retains the original order. | |
953 | */ | |
954 | while (exc->next) | |
955 | exc = exc->next; | |
956 | ||
957 | i = 0; | |
958 | ||
959 | while (exc) { | |
960 | i++; | |
961 | rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain); | |
962 | BIO_printf(bio_err, "Checking cert chain %d:\nSubject: ", i); | |
963 | X509_NAME_print_ex(bio_err, X509_get_subject_name(exc->cert), 0, | |
964 | XN_FLAG_ONELINE); | |
965 | BIO_puts(bio_err, "\n"); | |
ecf3a1fb | 966 | print_chain_flags(ssl, rv); |
0f113f3e | 967 | if (rv & CERT_PKEY_VALID) { |
61986d32 | 968 | if (!SSL_use_certificate(ssl, exc->cert) |
7e1b7485 | 969 | || !SSL_use_PrivateKey(ssl, exc->key)) { |
ac59d705 MC |
970 | return 0; |
971 | } | |
0f113f3e MC |
972 | /* |
973 | * NB: we wouldn't normally do this as it is not efficient | |
974 | * building chains on each connection better to cache the chain | |
975 | * in advance. | |
976 | */ | |
977 | if (exc->build_chain) { | |
978 | if (!SSL_build_cert_chain(ssl, 0)) | |
979 | return 0; | |
980 | } else if (exc->chain) | |
981 | SSL_set1_chain(ssl, exc->chain); | |
982 | } | |
983 | exc = exc->prev; | |
984 | } | |
985 | return 1; | |
986 | } | |
18d71588 DSH |
987 | |
988 | void ssl_ctx_set_excert(SSL_CTX *ctx, SSL_EXCERT *exc) | |
0f113f3e MC |
989 | { |
990 | SSL_CTX_set_cert_cb(ctx, set_cert_cb, exc); | |
991 | } | |
18d71588 DSH |
992 | |
993 | static int ssl_excert_prepend(SSL_EXCERT **pexc) | |
0f113f3e | 994 | { |
b4faea50 | 995 | SSL_EXCERT *exc = app_malloc(sizeof(*exc), "prepend cert"); |
68dc6824 | 996 | |
64b25758 | 997 | memset(exc, 0, sizeof(*exc)); |
0f113f3e MC |
998 | |
999 | exc->next = *pexc; | |
1000 | *pexc = exc; | |
1001 | ||
1002 | if (exc->next) { | |
1003 | exc->certform = exc->next->certform; | |
1004 | exc->keyform = exc->next->keyform; | |
1005 | exc->next->prev = exc; | |
1006 | } else { | |
1007 | exc->certform = FORMAT_PEM; | |
1008 | exc->keyform = FORMAT_PEM; | |
1009 | } | |
1010 | return 1; | |
1011 | ||
1012 | } | |
18d71588 DSH |
1013 | |
1014 | void ssl_excert_free(SSL_EXCERT *exc) | |
0f113f3e MC |
1015 | { |
1016 | SSL_EXCERT *curr; | |
25aaa98a RS |
1017 | |
1018 | if (!exc) | |
1019 | return; | |
0f113f3e | 1020 | while (exc) { |
222561fe | 1021 | X509_free(exc->cert); |
c5ba2d99 | 1022 | EVP_PKEY_free(exc->key); |
222561fe | 1023 | sk_X509_pop_free(exc->chain, X509_free); |
0f113f3e MC |
1024 | curr = exc; |
1025 | exc = exc->next; | |
1026 | OPENSSL_free(curr); | |
1027 | } | |
1028 | } | |
18d71588 | 1029 | |
7e1b7485 | 1030 | int load_excert(SSL_EXCERT **pexc) |
0f113f3e MC |
1031 | { |
1032 | SSL_EXCERT *exc = *pexc; | |
1033 | if (!exc) | |
1034 | return 1; | |
1035 | /* If nothing in list, free and set to NULL */ | |
1036 | if (!exc->certfile && !exc->next) { | |
1037 | ssl_excert_free(exc); | |
1038 | *pexc = NULL; | |
1039 | return 1; | |
1040 | } | |
1041 | for (; exc; exc = exc->next) { | |
1042 | if (!exc->certfile) { | |
7e1b7485 | 1043 | BIO_printf(bio_err, "Missing filename\n"); |
0f113f3e MC |
1044 | return 0; |
1045 | } | |
7e1b7485 | 1046 | exc->cert = load_cert(exc->certfile, exc->certform, |
0f113f3e MC |
1047 | NULL, NULL, "Server Certificate"); |
1048 | if (!exc->cert) | |
1049 | return 0; | |
1050 | if (exc->keyfile) { | |
7e1b7485 | 1051 | exc->key = load_key(exc->keyfile, exc->keyform, |
0f113f3e MC |
1052 | 0, NULL, NULL, "Server Key"); |
1053 | } else { | |
7e1b7485 | 1054 | exc->key = load_key(exc->certfile, exc->certform, |
0f113f3e MC |
1055 | 0, NULL, NULL, "Server Key"); |
1056 | } | |
1057 | if (!exc->key) | |
1058 | return 0; | |
1059 | if (exc->chainfile) { | |
7e1b7485 | 1060 | exc->chain = load_certs(exc->chainfile, FORMAT_PEM, |
0f113f3e MC |
1061 | NULL, NULL, "Server Chain"); |
1062 | if (!exc->chain) | |
1063 | return 0; | |
1064 | } | |
1065 | } | |
1066 | return 1; | |
1067 | } | |
18d71588 | 1068 | |
7e1b7485 RS |
1069 | enum range { OPT_X_ENUM }; |
1070 | ||
1071 | int args_excert(int opt, SSL_EXCERT **pexc) | |
0f113f3e | 1072 | { |
0f113f3e | 1073 | SSL_EXCERT *exc = *pexc; |
7e1b7485 RS |
1074 | |
1075 | assert(opt > OPT_X__FIRST); | |
1076 | assert(opt < OPT_X__LAST); | |
1077 | ||
1078 | if (exc == NULL) { | |
1079 | if (!ssl_excert_prepend(&exc)) { | |
1080 | BIO_printf(bio_err, " %s: Error initialising xcert\n", | |
1081 | opt_getprog()); | |
0f113f3e MC |
1082 | goto err; |
1083 | } | |
7e1b7485 | 1084 | *pexc = exc; |
0f113f3e | 1085 | } |
7e1b7485 RS |
1086 | |
1087 | switch ((enum range)opt) { | |
1088 | case OPT_X__FIRST: | |
1089 | case OPT_X__LAST: | |
1090 | return 0; | |
1091 | case OPT_X_CERT: | |
0f113f3e | 1092 | if (exc->certfile && !ssl_excert_prepend(&exc)) { |
7e1b7485 | 1093 | BIO_printf(bio_err, "%s: Error adding xcert\n", opt_getprog()); |
0f113f3e MC |
1094 | goto err; |
1095 | } | |
7e1b7485 RS |
1096 | exc->certfile = opt_arg(); |
1097 | break; | |
1098 | case OPT_X_KEY: | |
0f113f3e | 1099 | if (exc->keyfile) { |
7e1b7485 | 1100 | BIO_printf(bio_err, "%s: Key already specified\n", opt_getprog()); |
0f113f3e MC |
1101 | goto err; |
1102 | } | |
7e1b7485 RS |
1103 | exc->keyfile = opt_arg(); |
1104 | break; | |
1105 | case OPT_X_CHAIN: | |
1106 | if (exc->chainfile) { | |
1107 | BIO_printf(bio_err, "%s: Chain already specified\n", | |
1108 | opt_getprog()); | |
0f113f3e MC |
1109 | goto err; |
1110 | } | |
7e1b7485 RS |
1111 | exc->chainfile = opt_arg(); |
1112 | break; | |
1113 | case OPT_X_CHAIN_BUILD: | |
1114 | exc->build_chain = 1; | |
1115 | break; | |
1116 | case OPT_X_CERTFORM: | |
1117 | if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &exc->certform)) | |
1118 | return 0; | |
1119 | break; | |
1120 | case OPT_X_KEYFORM: | |
1121 | if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &exc->keyform)) | |
1122 | return 0; | |
1123 | break; | |
1124 | } | |
0f113f3e MC |
1125 | return 1; |
1126 | ||
1127 | err: | |
7e1b7485 | 1128 | ERR_print_errors(bio_err); |
25aaa98a | 1129 | ssl_excert_free(exc); |
0f113f3e | 1130 | *pexc = NULL; |
7e1b7485 | 1131 | return 0; |
0f113f3e | 1132 | } |
18d71588 | 1133 | |
ecf3a1fb | 1134 | static void print_raw_cipherlist(SSL *s) |
0f113f3e MC |
1135 | { |
1136 | const unsigned char *rlist; | |
1137 | static const unsigned char scsv_id[] = { 0, 0, 0xFF }; | |
1138 | size_t i, rlistlen, num; | |
1139 | if (!SSL_is_server(s)) | |
1140 | return; | |
1141 | num = SSL_get0_raw_cipherlist(s, NULL); | |
1142 | rlistlen = SSL_get0_raw_cipherlist(s, &rlist); | |
ecf3a1fb | 1143 | BIO_puts(bio_err, "Client cipher list: "); |
0f113f3e MC |
1144 | for (i = 0; i < rlistlen; i += num, rlist += num) { |
1145 | const SSL_CIPHER *c = SSL_CIPHER_find(s, rlist); | |
1146 | if (i) | |
ecf3a1fb | 1147 | BIO_puts(bio_err, ":"); |
0f113f3e | 1148 | if (c) |
ecf3a1fb | 1149 | BIO_puts(bio_err, SSL_CIPHER_get_name(c)); |
0f113f3e | 1150 | else if (!memcmp(rlist, scsv_id - num + 3, num)) |
ecf3a1fb | 1151 | BIO_puts(bio_err, "SCSV"); |
0f113f3e MC |
1152 | else { |
1153 | size_t j; | |
ecf3a1fb | 1154 | BIO_puts(bio_err, "0x"); |
0f113f3e | 1155 | for (j = 0; j < num; j++) |
ecf3a1fb | 1156 | BIO_printf(bio_err, "%02X", rlist[j]); |
0f113f3e MC |
1157 | } |
1158 | } | |
ecf3a1fb | 1159 | BIO_puts(bio_err, "\n"); |
0f113f3e | 1160 | } |
2a7cbe77 | 1161 | |
ecf3a1fb | 1162 | void print_ssl_summary(SSL *s) |
0f113f3e MC |
1163 | { |
1164 | const SSL_CIPHER *c; | |
1165 | X509 *peer; | |
ecf3a1fb RS |
1166 | /* const char *pnam = SSL_is_server(s) ? "client" : "server"; */ |
1167 | ||
1168 | BIO_printf(bio_err, "Protocol version: %s\n", SSL_get_version(s)); | |
1169 | print_raw_cipherlist(s); | |
0f113f3e | 1170 | c = SSL_get_current_cipher(s); |
ecf3a1fb RS |
1171 | BIO_printf(bio_err, "Ciphersuite: %s\n", SSL_CIPHER_get_name(c)); |
1172 | do_print_sigalgs(bio_err, s, 0); | |
0f113f3e MC |
1173 | peer = SSL_get_peer_certificate(s); |
1174 | if (peer) { | |
1175 | int nid; | |
ecf3a1fb RS |
1176 | BIO_puts(bio_err, "Peer certificate: "); |
1177 | X509_NAME_print_ex(bio_err, X509_get_subject_name(peer), | |
0f113f3e | 1178 | 0, XN_FLAG_ONELINE); |
ecf3a1fb | 1179 | BIO_puts(bio_err, "\n"); |
0f113f3e | 1180 | if (SSL_get_peer_signature_nid(s, &nid)) |
ecf3a1fb | 1181 | BIO_printf(bio_err, "Hash used: %s\n", OBJ_nid2sn(nid)); |
0f113f3e | 1182 | } else |
ecf3a1fb | 1183 | BIO_puts(bio_err, "No peer certificate\n"); |
222561fe | 1184 | X509_free(peer); |
14536c8c | 1185 | #ifndef OPENSSL_NO_EC |
ecf3a1fb | 1186 | ssl_print_point_formats(bio_err, s); |
0f113f3e | 1187 | if (SSL_is_server(s)) |
ecf3a1fb | 1188 | ssl_print_curves(bio_err, s, 1); |
0f113f3e | 1189 | else |
ecf3a1fb | 1190 | ssl_print_tmp_key(bio_err, s); |
14536c8c | 1191 | #else |
0f113f3e | 1192 | if (!SSL_is_server(s)) |
ecf3a1fb | 1193 | ssl_print_tmp_key(bio_err, s); |
14536c8c | 1194 | #endif |
0f113f3e | 1195 | } |
2a7cbe77 | 1196 | |
7e1b7485 RS |
1197 | int config_ctx(SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, |
1198 | SSL_CTX *ctx, int no_ecdhe, int no_jpake) | |
0f113f3e MC |
1199 | { |
1200 | int i; | |
7e1b7485 | 1201 | |
0f113f3e MC |
1202 | SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); |
1203 | for (i = 0; i < sk_OPENSSL_STRING_num(str); i += 2) { | |
7e1b7485 RS |
1204 | const char *flag = sk_OPENSSL_STRING_value(str, i); |
1205 | const char *arg = sk_OPENSSL_STRING_value(str, i + 1); | |
1206 | /* If no_ecdhe or named curve already specified don't need a default. */ | |
86885c28 | 1207 | if (!no_ecdhe && strcmp(flag, "-named_curve") == 0) |
0f113f3e | 1208 | no_ecdhe = 1; |
b252cf0d | 1209 | #ifndef OPENSSL_NO_JPAKE |
86885c28 | 1210 | if (!no_jpake && (strcmp(flag, "-cipher") == 0)) { |
7e1b7485 | 1211 | BIO_puts(bio_err, "JPAKE sets cipher to PSK\n"); |
0f113f3e MC |
1212 | return 0; |
1213 | } | |
b252cf0d | 1214 | #endif |
7e1b7485 RS |
1215 | if (SSL_CONF_cmd(cctx, flag, arg) <= 0) { |
1216 | if (arg) | |
1217 | BIO_printf(bio_err, "Error with command: \"%s %s\"\n", | |
1218 | flag, arg); | |
1219 | else | |
1220 | BIO_printf(bio_err, "Error with command: \"%s\"\n", flag); | |
1221 | ERR_print_errors(bio_err); | |
0f113f3e MC |
1222 | return 0; |
1223 | } | |
1224 | } | |
1225 | /* | |
1226 | * This is a special case to keep existing s_server functionality: if we | |
1227 | * don't have any curve specified *and* we haven't disabled ECDHE then | |
1228 | * use P-256. | |
1229 | */ | |
1230 | if (!no_ecdhe) { | |
1231 | if (SSL_CONF_cmd(cctx, "-named_curve", "P-256") <= 0) { | |
7e1b7485 RS |
1232 | BIO_puts(bio_err, "Error setting EC curve\n"); |
1233 | ERR_print_errors(bio_err); | |
0f113f3e MC |
1234 | return 0; |
1235 | } | |
1236 | } | |
b252cf0d | 1237 | #ifndef OPENSSL_NO_JPAKE |
0f113f3e MC |
1238 | if (!no_jpake) { |
1239 | if (SSL_CONF_cmd(cctx, "-cipher", "PSK") <= 0) { | |
7e1b7485 RS |
1240 | BIO_puts(bio_err, "Error setting cipher to PSK\n"); |
1241 | ERR_print_errors(bio_err); | |
0f113f3e MC |
1242 | return 0; |
1243 | } | |
1244 | } | |
b252cf0d | 1245 | #endif |
0f113f3e | 1246 | if (!SSL_CONF_CTX_finish(cctx)) { |
7e1b7485 RS |
1247 | BIO_puts(bio_err, "Error finishing context\n"); |
1248 | ERR_print_errors(bio_err); | |
0f113f3e MC |
1249 | return 0; |
1250 | } | |
1251 | return 1; | |
1252 | } | |
a5afc0a8 | 1253 | |
fdb78f3d | 1254 | static int add_crls_store(X509_STORE *st, STACK_OF(X509_CRL) *crls) |
0f113f3e MC |
1255 | { |
1256 | X509_CRL *crl; | |
1257 | int i; | |
1258 | for (i = 0; i < sk_X509_CRL_num(crls); i++) { | |
1259 | crl = sk_X509_CRL_value(crls, i); | |
1260 | X509_STORE_add_crl(st, crl); | |
1261 | } | |
1262 | return 1; | |
1263 | } | |
fdb78f3d | 1264 | |
0090a686 | 1265 | int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls, int crl_download) |
0f113f3e MC |
1266 | { |
1267 | X509_STORE *st; | |
1268 | st = SSL_CTX_get_cert_store(ctx); | |
1269 | add_crls_store(st, crls); | |
1270 | if (crl_download) | |
1271 | store_setup_crl_download(st); | |
1272 | return 1; | |
1273 | } | |
fdb78f3d | 1274 | |
a5afc0a8 | 1275 | int ssl_load_stores(SSL_CTX *ctx, |
0f113f3e MC |
1276 | const char *vfyCApath, const char *vfyCAfile, |
1277 | const char *chCApath, const char *chCAfile, | |
1278 | STACK_OF(X509_CRL) *crls, int crl_download) | |
1279 | { | |
1280 | X509_STORE *vfy = NULL, *ch = NULL; | |
1281 | int rv = 0; | |
96487cdd | 1282 | if (vfyCApath != NULL || vfyCAfile != NULL) { |
0f113f3e | 1283 | vfy = X509_STORE_new(); |
96487cdd MC |
1284 | if (vfy == NULL) |
1285 | goto err; | |
0f113f3e MC |
1286 | if (!X509_STORE_load_locations(vfy, vfyCAfile, vfyCApath)) |
1287 | goto err; | |
1288 | add_crls_store(vfy, crls); | |
1289 | SSL_CTX_set1_verify_cert_store(ctx, vfy); | |
1290 | if (crl_download) | |
1291 | store_setup_crl_download(vfy); | |
1292 | } | |
96487cdd | 1293 | if (chCApath != NULL || chCAfile != NULL) { |
0f113f3e | 1294 | ch = X509_STORE_new(); |
96487cdd MC |
1295 | if (ch == NULL) |
1296 | goto err; | |
0f113f3e MC |
1297 | if (!X509_STORE_load_locations(ch, chCAfile, chCApath)) |
1298 | goto err; | |
1299 | SSL_CTX_set1_chain_cert_store(ctx, ch); | |
1300 | } | |
1301 | rv = 1; | |
1302 | err: | |
222561fe RS |
1303 | X509_STORE_free(vfy); |
1304 | X509_STORE_free(ch); | |
0f113f3e MC |
1305 | return rv; |
1306 | } | |
e03c5b59 DSH |
1307 | |
1308 | /* Verbose print out of security callback */ | |
1309 | ||
0f113f3e MC |
1310 | typedef struct { |
1311 | BIO *out; | |
1312 | int verbose; | |
1313 | int (*old_cb) (SSL *s, SSL_CTX *ctx, int op, int bits, int nid, | |
1314 | void *other, void *ex); | |
1315 | } security_debug_ex; | |
e03c5b59 | 1316 | |
3e8e688f RS |
1317 | static STRINT_PAIR callback_types[] = { |
1318 | {"Supported Ciphersuite", SSL_SECOP_CIPHER_SUPPORTED}, | |
1319 | {"Shared Ciphersuite", SSL_SECOP_CIPHER_SHARED}, | |
1320 | {"Check Ciphersuite", SSL_SECOP_CIPHER_CHECK}, | |
1321 | #ifndef OPENSSL_NO_DH | |
1322 | {"Temp DH key bits", SSL_SECOP_TMP_DH}, | |
1323 | #endif | |
1324 | {"Supported Curve", SSL_SECOP_CURVE_SUPPORTED}, | |
1325 | {"Shared Curve", SSL_SECOP_CURVE_SHARED}, | |
1326 | {"Check Curve", SSL_SECOP_CURVE_CHECK}, | |
1327 | {"Supported Signature Algorithm digest", SSL_SECOP_SIGALG_SUPPORTED}, | |
1328 | {"Shared Signature Algorithm digest", SSL_SECOP_SIGALG_SHARED}, | |
1329 | {"Check Signature Algorithm digest", SSL_SECOP_SIGALG_CHECK}, | |
1330 | {"Signature Algorithm mask", SSL_SECOP_SIGALG_MASK}, | |
1331 | {"Certificate chain EE key", SSL_SECOP_EE_KEY}, | |
1332 | {"Certificate chain CA key", SSL_SECOP_CA_KEY}, | |
1333 | {"Peer Chain EE key", SSL_SECOP_PEER_EE_KEY}, | |
1334 | {"Peer Chain CA key", SSL_SECOP_PEER_CA_KEY}, | |
1335 | {"Certificate chain CA digest", SSL_SECOP_CA_MD}, | |
1336 | {"Peer chain CA digest", SSL_SECOP_PEER_CA_MD}, | |
1337 | {"SSL compression", SSL_SECOP_COMPRESSION}, | |
1338 | {"Session ticket", SSL_SECOP_TICKET}, | |
1339 | {NULL} | |
1340 | }; | |
1341 | ||
e03c5b59 | 1342 | static int security_callback_debug(SSL *s, SSL_CTX *ctx, |
0f113f3e MC |
1343 | int op, int bits, int nid, |
1344 | void *other, void *ex) | |
1345 | { | |
1346 | security_debug_ex *sdb = ex; | |
1347 | int rv, show_bits = 1, cert_md = 0; | |
1348 | const char *nm; | |
1349 | rv = sdb->old_cb(s, ctx, op, bits, nid, other, ex); | |
1350 | if (rv == 1 && sdb->verbose < 2) | |
1351 | return 1; | |
1352 | BIO_puts(sdb->out, "Security callback: "); | |
1353 | ||
3e8e688f | 1354 | nm = lookup(op, callback_types, NULL); |
0f113f3e | 1355 | switch (op) { |
0f113f3e | 1356 | case SSL_SECOP_TICKET: |
0f113f3e | 1357 | case SSL_SECOP_COMPRESSION: |
0f113f3e MC |
1358 | show_bits = 0; |
1359 | nm = NULL; | |
1360 | break; | |
0f113f3e | 1361 | case SSL_SECOP_VERSION: |
3e8e688f | 1362 | BIO_printf(sdb->out, "Version=%s", lookup(nid, ssl_versions, "???")); |
0f113f3e MC |
1363 | show_bits = 0; |
1364 | nm = NULL; | |
1365 | break; | |
0f113f3e | 1366 | case SSL_SECOP_CA_MD: |
0f113f3e MC |
1367 | case SSL_SECOP_PEER_CA_MD: |
1368 | cert_md = 1; | |
0f113f3e | 1369 | break; |
0f113f3e MC |
1370 | } |
1371 | if (nm) | |
1372 | BIO_printf(sdb->out, "%s=", nm); | |
1373 | ||
1374 | switch (op & SSL_SECOP_OTHER_TYPE) { | |
1375 | ||
1376 | case SSL_SECOP_OTHER_CIPHER: | |
1377 | BIO_puts(sdb->out, SSL_CIPHER_get_name(other)); | |
1378 | break; | |
e03c5b59 | 1379 | |
fd86c2b1 | 1380 | #ifndef OPENSSL_NO_EC |
0f113f3e MC |
1381 | case SSL_SECOP_OTHER_CURVE: |
1382 | { | |
1383 | const char *cname; | |
1384 | cname = EC_curve_nid2nist(nid); | |
1385 | if (cname == NULL) | |
1386 | cname = OBJ_nid2sn(nid); | |
1387 | BIO_puts(sdb->out, cname); | |
1388 | } | |
1389 | break; | |
fd86c2b1 | 1390 | #endif |
37f3a3b3 | 1391 | #ifndef OPENSSL_NO_DH |
0f113f3e MC |
1392 | case SSL_SECOP_OTHER_DH: |
1393 | { | |
1394 | DH *dh = other; | |
1395 | BIO_printf(sdb->out, "%d", BN_num_bits(dh->p)); | |
1396 | break; | |
1397 | } | |
37f3a3b3 | 1398 | #endif |
0f113f3e MC |
1399 | case SSL_SECOP_OTHER_CERT: |
1400 | { | |
1401 | if (cert_md) { | |
1402 | int sig_nid = X509_get_signature_nid(other); | |
1403 | BIO_puts(sdb->out, OBJ_nid2sn(sig_nid)); | |
1404 | } else { | |
1405 | EVP_PKEY *pkey = X509_get_pubkey(other); | |
1406 | const char *algname = ""; | |
1407 | EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, | |
1408 | &algname, EVP_PKEY_get0_asn1(pkey)); | |
1409 | BIO_printf(sdb->out, "%s, bits=%d", | |
1410 | algname, EVP_PKEY_bits(pkey)); | |
1411 | EVP_PKEY_free(pkey); | |
1412 | } | |
1413 | break; | |
1414 | } | |
1415 | case SSL_SECOP_OTHER_SIGALG: | |
1416 | { | |
1417 | const unsigned char *salg = other; | |
1418 | const char *sname = NULL; | |
1419 | switch (salg[1]) { | |
1420 | case TLSEXT_signature_anonymous: | |
1421 | sname = "anonymous"; | |
1422 | break; | |
1423 | case TLSEXT_signature_rsa: | |
1424 | sname = "RSA"; | |
1425 | break; | |
1426 | case TLSEXT_signature_dsa: | |
1427 | sname = "DSA"; | |
1428 | break; | |
1429 | case TLSEXT_signature_ecdsa: | |
1430 | sname = "ECDSA"; | |
1431 | break; | |
1432 | } | |
1433 | ||
1434 | BIO_puts(sdb->out, OBJ_nid2sn(nid)); | |
1435 | if (sname) | |
1436 | BIO_printf(sdb->out, ", algorithm=%s", sname); | |
1437 | else | |
1438 | BIO_printf(sdb->out, ", algid=%d", salg[1]); | |
1439 | break; | |
1440 | } | |
1441 | ||
1442 | } | |
1443 | ||
1444 | if (show_bits) | |
1445 | BIO_printf(sdb->out, ", security bits=%d", bits); | |
1446 | BIO_printf(sdb->out, ": %s\n", rv ? "yes" : "no"); | |
1447 | return rv; | |
1448 | } | |
e03c5b59 | 1449 | |
ecf3a1fb | 1450 | void ssl_ctx_security_debug(SSL_CTX *ctx, int verbose) |
0f113f3e MC |
1451 | { |
1452 | static security_debug_ex sdb; | |
ecf3a1fb RS |
1453 | |
1454 | sdb.out = bio_err; | |
0f113f3e MC |
1455 | sdb.verbose = verbose; |
1456 | sdb.old_cb = SSL_CTX_get_security_callback(ctx); | |
1457 | SSL_CTX_set_security_callback(ctx, security_callback_debug); | |
1458 | SSL_CTX_set0_security_ex_data(ctx, &sdb); | |
1459 | } |