2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "ssl_local.h"
12 #include "internal/packet.h"
13 #include <openssl/bio.h>
14 #include <openssl/objects.h>
15 #include <openssl/evp.h>
16 #include <openssl/x509.h>
17 #include <openssl/x509v3.h>
18 #include <openssl/pem.h>
20 static int ssl_set_cert(CERT
*c
, X509
*x509
);
21 static int ssl_set_pkey(CERT
*c
, EVP_PKEY
*pkey
);
23 #define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
24 | SSL_EXT_CLIENT_HELLO \
25 | SSL_EXT_TLS1_2_SERVER_HELLO \
26 | SSL_EXT_IGNORE_ON_RESUMPTION)
28 #define NAME_PREFIX1 "SERVERINFO FOR "
29 #define NAME_PREFIX2 "SERVERINFOV2 FOR "
31 int SSL_use_certificate(SSL
*ssl
, X509
*x
)
35 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
39 rv
= ssl_security_cert(ssl
, NULL
, x
, 0, 1);
41 ERR_raise(ERR_LIB_SSL
, rv
);
45 return ssl_set_cert(ssl
->cert
, x
);
48 int SSL_use_certificate_file(SSL
*ssl
, const char *file
, int type
)
53 X509
*cert
= NULL
, *x
= NULL
;
55 in
= BIO_new(BIO_s_file());
57 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
61 if (BIO_read_filename(in
, file
) <= 0) {
62 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
66 if (type
!= SSL_FILETYPE_ASN1
&& type
!= SSL_FILETYPE_PEM
) {
67 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
70 x
= X509_new_ex(ssl
->ctx
->libctx
, ssl
->ctx
->propq
);
72 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
75 if (type
== SSL_FILETYPE_ASN1
) {
77 cert
= d2i_X509_bio(in
, &x
);
78 } else if (type
== SSL_FILETYPE_PEM
) {
80 cert
= PEM_read_bio_X509(in
, &x
, ssl
->default_passwd_callback
,
81 ssl
->default_passwd_callback_userdata
);
83 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
88 ERR_raise(ERR_LIB_SSL
, j
);
92 ret
= SSL_use_certificate(ssl
, x
);
99 int SSL_use_certificate_ASN1(SSL
*ssl
, const unsigned char *d
, int len
)
104 x
= X509_new_ex(ssl
->ctx
->libctx
, ssl
->ctx
->propq
);
106 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
110 if (d2i_X509(&x
, &d
, (long)len
)== NULL
) {
112 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
116 ret
= SSL_use_certificate(ssl
, x
);
121 static int ssl_set_pkey(CERT
*c
, EVP_PKEY
*pkey
)
125 if (ssl_cert_lookup_by_pkey(pkey
, &i
) == NULL
) {
126 ERR_raise(ERR_LIB_SSL
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
130 if (c
->pkeys
[i
].x509
!= NULL
131 && !X509_check_private_key(c
->pkeys
[i
].x509
, pkey
))
134 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
135 EVP_PKEY_up_ref(pkey
);
136 c
->pkeys
[i
].privatekey
= pkey
;
137 c
->key
= &c
->pkeys
[i
];
141 int SSL_use_PrivateKey(SSL
*ssl
, EVP_PKEY
*pkey
)
146 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
149 ret
= ssl_set_pkey(ssl
->cert
, pkey
);
153 int SSL_use_PrivateKey_file(SSL
*ssl
, const char *file
, int type
)
157 EVP_PKEY
*pkey
= NULL
;
159 in
= BIO_new(BIO_s_file());
161 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
165 if (BIO_read_filename(in
, file
) <= 0) {
166 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
169 if (type
== SSL_FILETYPE_PEM
) {
171 pkey
= PEM_read_bio_PrivateKey_ex(in
, NULL
,
172 ssl
->default_passwd_callback
,
173 ssl
->default_passwd_callback_userdata
,
176 } else if (type
== SSL_FILETYPE_ASN1
) {
178 pkey
= d2i_PrivateKey_ex_bio(in
, NULL
, ssl
->ctx
->libctx
,
181 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
185 ERR_raise(ERR_LIB_SSL
, j
);
188 ret
= SSL_use_PrivateKey(ssl
, pkey
);
195 int SSL_use_PrivateKey_ASN1(int type
, SSL
*ssl
, const unsigned char *d
,
199 const unsigned char *p
;
203 if ((pkey
= d2i_PrivateKey_ex(type
, NULL
, &p
, (long)len
, ssl
->ctx
->libctx
,
204 ssl
->ctx
->propq
)) == NULL
) {
205 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
209 ret
= SSL_use_PrivateKey(ssl
, pkey
);
214 int SSL_CTX_use_certificate(SSL_CTX
*ctx
, X509
*x
)
218 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
222 rv
= ssl_security_cert(NULL
, ctx
, x
, 0, 1);
224 ERR_raise(ERR_LIB_SSL
, rv
);
227 return ssl_set_cert(ctx
->cert
, x
);
230 static int ssl_set_cert(CERT
*c
, X509
*x
)
235 pkey
= X509_get0_pubkey(x
);
237 ERR_raise(ERR_LIB_SSL
, SSL_R_X509_LIB
);
241 if (ssl_cert_lookup_by_pkey(pkey
, &i
) == NULL
) {
242 ERR_raise(ERR_LIB_SSL
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
246 if (i
== SSL_PKEY_ECC
&& !EVP_PKEY_can_sign(pkey
)) {
247 ERR_raise(ERR_LIB_SSL
, SSL_R_ECC_CERT_NOT_FOR_SIGNING
);
251 if (c
->pkeys
[i
].privatekey
!= NULL
) {
253 * The return code from EVP_PKEY_copy_parameters is deliberately
254 * ignored. Some EVP_PKEY types cannot do this.
256 EVP_PKEY_copy_parameters(pkey
, c
->pkeys
[i
].privatekey
);
259 if (!X509_check_private_key(x
, c
->pkeys
[i
].privatekey
)) {
261 * don't fail for a cert/key mismatch, just free current private
262 * key (when switching to a different cert & key, first this
263 * function should be used, then ssl_set_pkey
265 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
266 c
->pkeys
[i
].privatekey
= NULL
;
267 /* clear error queue */
272 X509_free(c
->pkeys
[i
].x509
);
274 c
->pkeys
[i
].x509
= x
;
275 c
->key
= &(c
->pkeys
[i
]);
280 int SSL_CTX_use_certificate_file(SSL_CTX
*ctx
, const char *file
, int type
)
282 int j
= SSL_R_BAD_VALUE
;
285 X509
*x
= NULL
, *cert
= NULL
;
287 in
= BIO_new(BIO_s_file());
289 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
293 if (BIO_read_filename(in
, file
) <= 0) {
294 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
297 if (type
!= SSL_FILETYPE_ASN1
&& type
!= SSL_FILETYPE_PEM
) {
298 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
301 x
= X509_new_ex(ctx
->libctx
, ctx
->propq
);
303 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
306 if (type
== SSL_FILETYPE_ASN1
) {
308 cert
= d2i_X509_bio(in
, &x
);
309 } else if (type
== SSL_FILETYPE_PEM
) {
311 cert
= PEM_read_bio_X509(in
, &x
, ctx
->default_passwd_callback
,
312 ctx
->default_passwd_callback_userdata
);
315 ERR_raise(ERR_LIB_SSL
, j
);
319 ret
= SSL_CTX_use_certificate(ctx
, x
);
326 int SSL_CTX_use_certificate_ASN1(SSL_CTX
*ctx
, int len
, const unsigned char *d
)
331 x
= X509_new_ex(ctx
->libctx
, ctx
->propq
);
333 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
337 if (d2i_X509(&x
, &d
, (long)len
) == NULL
) {
339 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
343 ret
= SSL_CTX_use_certificate(ctx
, x
);
348 int SSL_CTX_use_PrivateKey(SSL_CTX
*ctx
, EVP_PKEY
*pkey
)
351 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
354 return ssl_set_pkey(ctx
->cert
, pkey
);
357 int SSL_CTX_use_PrivateKey_file(SSL_CTX
*ctx
, const char *file
, int type
)
361 EVP_PKEY
*pkey
= NULL
;
363 in
= BIO_new(BIO_s_file());
365 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
369 if (BIO_read_filename(in
, file
) <= 0) {
370 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
373 if (type
== SSL_FILETYPE_PEM
) {
375 pkey
= PEM_read_bio_PrivateKey_ex(in
, NULL
,
376 ctx
->default_passwd_callback
,
377 ctx
->default_passwd_callback_userdata
,
378 ctx
->libctx
, ctx
->propq
);
379 } else if (type
== SSL_FILETYPE_ASN1
) {
381 pkey
= d2i_PrivateKey_ex_bio(in
, NULL
, ctx
->libctx
, ctx
->propq
);
383 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
387 ERR_raise(ERR_LIB_SSL
, j
);
390 ret
= SSL_CTX_use_PrivateKey(ctx
, pkey
);
397 int SSL_CTX_use_PrivateKey_ASN1(int type
, SSL_CTX
*ctx
,
398 const unsigned char *d
, long len
)
401 const unsigned char *p
;
405 if ((pkey
= d2i_PrivateKey_ex(type
, NULL
, &p
, (long)len
, ctx
->libctx
,
406 ctx
->propq
)) == NULL
) {
407 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
411 ret
= SSL_CTX_use_PrivateKey(ctx
, pkey
);
417 * Read a file that contains our certificate in "PEM" format, possibly
418 * followed by a sequence of CA certificates that should be sent to the peer
419 * in the Certificate message.
421 static int use_certificate_chain_file(SSL_CTX
*ctx
, SSL
*ssl
, const char *file
)
426 pem_password_cb
*passwd_callback
;
427 void *passwd_callback_userdata
;
428 SSL_CTX
*real_ctx
= (ssl
== NULL
) ? ctx
: ssl
->ctx
;
430 if (ctx
== NULL
&& ssl
== NULL
)
433 ERR_clear_error(); /* clear error stack for
434 * SSL_CTX_use_certificate() */
437 passwd_callback
= ctx
->default_passwd_callback
;
438 passwd_callback_userdata
= ctx
->default_passwd_callback_userdata
;
440 passwd_callback
= ssl
->default_passwd_callback
;
441 passwd_callback_userdata
= ssl
->default_passwd_callback_userdata
;
444 in
= BIO_new(BIO_s_file());
446 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
450 if (BIO_read_filename(in
, file
) <= 0) {
451 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
455 x
= X509_new_ex(real_ctx
->libctx
, real_ctx
->propq
);
457 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
460 if (PEM_read_bio_X509_AUX(in
, &x
, passwd_callback
,
461 passwd_callback_userdata
) == NULL
) {
462 ERR_raise(ERR_LIB_SSL
, ERR_R_PEM_LIB
);
467 ret
= SSL_CTX_use_certificate(ctx
, x
);
469 ret
= SSL_use_certificate(ssl
, x
);
471 if (ERR_peek_error() != 0)
472 ret
= 0; /* Key/certificate mismatch doesn't imply
476 * If we could set up our certificate, now proceed to the CA
484 r
= SSL_CTX_clear_chain_certs(ctx
);
486 r
= SSL_clear_chain_certs(ssl
);
494 ca
= X509_new_ex(real_ctx
->libctx
, real_ctx
->propq
);
496 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
499 if (PEM_read_bio_X509(in
, &ca
, passwd_callback
,
500 passwd_callback_userdata
) != NULL
) {
502 r
= SSL_CTX_add0_chain_cert(ctx
, ca
);
504 r
= SSL_add0_chain_cert(ssl
, ca
);
506 * Note that we must not free ca if it was successfully added to
507 * the chain (while we must free the main certificate, since its
508 * reference count is increased by SSL_CTX_use_certificate).
520 /* When the while loop ends, it's usually just EOF. */
521 err
= ERR_peek_last_error();
522 if (ERR_GET_LIB(err
) == ERR_LIB_PEM
523 && ERR_GET_REASON(err
) == PEM_R_NO_START_LINE
)
526 ret
= 0; /* some real error */
535 int SSL_CTX_use_certificate_chain_file(SSL_CTX
*ctx
, const char *file
)
537 return use_certificate_chain_file(ctx
, NULL
, file
);
540 int SSL_use_certificate_chain_file(SSL
*ssl
, const char *file
)
542 return use_certificate_chain_file(NULL
, ssl
, file
);
545 static int serverinfo_find_extension(const unsigned char *serverinfo
,
546 size_t serverinfo_length
,
547 unsigned int extension_type
,
548 const unsigned char **extension_data
,
549 size_t *extension_length
)
553 *extension_data
= NULL
;
554 *extension_length
= 0;
555 if (serverinfo
== NULL
|| serverinfo_length
== 0)
558 if (!PACKET_buf_init(&pkt
, serverinfo
, serverinfo_length
))
562 unsigned int type
= 0;
563 unsigned long context
= 0;
565 /* end of serverinfo */
566 if (PACKET_remaining(&pkt
) == 0)
567 return 0; /* Extension not found */
569 if (!PACKET_get_net_4(&pkt
, &context
)
570 || !PACKET_get_net_2(&pkt
, &type
)
571 || !PACKET_get_length_prefixed_2(&pkt
, &data
))
574 if (type
== extension_type
) {
575 *extension_data
= PACKET_data(&data
);
576 *extension_length
= PACKET_remaining(&data
);
577 return 1; /* Success */
583 static int serverinfoex_srv_parse_cb(SSL
*s
, unsigned int ext_type
,
584 unsigned int context
,
585 const unsigned char *in
,
586 size_t inlen
, X509
*x
, size_t chainidx
,
591 *al
= SSL_AD_DECODE_ERROR
;
598 static int serverinfo_srv_parse_cb(SSL
*s
, unsigned int ext_type
,
599 const unsigned char *in
,
600 size_t inlen
, int *al
, void *arg
)
602 return serverinfoex_srv_parse_cb(s
, ext_type
, 0, in
, inlen
, NULL
, 0, al
,
606 static int serverinfoex_srv_add_cb(SSL
*s
, unsigned int ext_type
,
607 unsigned int context
,
608 const unsigned char **out
,
609 size_t *outlen
, X509
*x
, size_t chainidx
,
612 const unsigned char *serverinfo
= NULL
;
613 size_t serverinfo_length
= 0;
615 /* We only support extensions for the first Certificate */
616 if ((context
& SSL_EXT_TLS1_3_CERTIFICATE
) != 0 && chainidx
> 0)
619 /* Is there serverinfo data for the chosen server cert? */
620 if ((ssl_get_server_cert_serverinfo(s
, &serverinfo
,
621 &serverinfo_length
)) != 0) {
622 /* Find the relevant extension from the serverinfo */
623 int retval
= serverinfo_find_extension(serverinfo
, serverinfo_length
,
624 ext_type
, out
, outlen
);
626 *al
= SSL_AD_INTERNAL_ERROR
;
627 return -1; /* Error */
630 return 0; /* No extension found, don't send extension */
631 return 1; /* Send extension */
633 return 0; /* No serverinfo data found, don't send
637 static int serverinfo_srv_add_cb(SSL
*s
, unsigned int ext_type
,
638 const unsigned char **out
, size_t *outlen
,
641 return serverinfoex_srv_add_cb(s
, ext_type
, 0, out
, outlen
, NULL
, 0, al
,
646 * With a NULL context, this function just checks that the serverinfo data
647 * parses correctly. With a non-NULL context, it registers callbacks for
648 * the included extensions.
650 static int serverinfo_process_buffer(unsigned int version
,
651 const unsigned char *serverinfo
,
652 size_t serverinfo_length
, SSL_CTX
*ctx
)
656 if (serverinfo
== NULL
|| serverinfo_length
== 0)
659 if (version
!= SSL_SERVERINFOV1
&& version
!= SSL_SERVERINFOV2
)
662 if (!PACKET_buf_init(&pkt
, serverinfo
, serverinfo_length
))
665 while (PACKET_remaining(&pkt
)) {
666 unsigned long context
= 0;
667 unsigned int ext_type
= 0;
670 if ((version
== SSL_SERVERINFOV2
&& !PACKET_get_net_4(&pkt
, &context
))
671 || !PACKET_get_net_2(&pkt
, &ext_type
)
672 || !PACKET_get_length_prefixed_2(&pkt
, &data
))
679 * The old style custom extensions API could be set separately for
680 * server/client, i.e. you could set one custom extension for a client,
681 * and *for the same extension in the same SSL_CTX* you could set a
682 * custom extension for the server as well. It seems quite weird to be
683 * setting a custom extension for both client and server in a single
684 * SSL_CTX - but theoretically possible. This isn't possible in the
685 * new API. Therefore, if we have V1 serverinfo we use the old API. We
686 * also use the old API even if we have V2 serverinfo but the context
687 * looks like an old style <= TLSv1.2 extension.
689 if (version
== SSL_SERVERINFOV1
|| context
== SYNTHV1CONTEXT
) {
690 if (!SSL_CTX_add_server_custom_ext(ctx
, ext_type
,
691 serverinfo_srv_add_cb
,
693 serverinfo_srv_parse_cb
,
697 if (!SSL_CTX_add_custom_ext(ctx
, ext_type
, context
,
698 serverinfoex_srv_add_cb
,
700 serverinfoex_srv_parse_cb
,
709 int SSL_CTX_use_serverinfo_ex(SSL_CTX
*ctx
, unsigned int version
,
710 const unsigned char *serverinfo
,
711 size_t serverinfo_length
)
713 unsigned char *new_serverinfo
;
715 if (ctx
== NULL
|| serverinfo
== NULL
|| serverinfo_length
== 0) {
716 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
719 if (!serverinfo_process_buffer(version
, serverinfo
, serverinfo_length
,
721 ERR_raise(ERR_LIB_SSL
, SSL_R_INVALID_SERVERINFO_DATA
);
724 if (ctx
->cert
->key
== NULL
) {
725 ERR_raise(ERR_LIB_SSL
, ERR_R_INTERNAL_ERROR
);
728 new_serverinfo
= OPENSSL_realloc(ctx
->cert
->key
->serverinfo
,
730 if (new_serverinfo
== NULL
) {
731 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
734 ctx
->cert
->key
->serverinfo
= new_serverinfo
;
735 memcpy(ctx
->cert
->key
->serverinfo
, serverinfo
, serverinfo_length
);
736 ctx
->cert
->key
->serverinfo_length
= serverinfo_length
;
739 * Now that the serverinfo is validated and stored, go ahead and
740 * register callbacks.
742 if (!serverinfo_process_buffer(version
, serverinfo
, serverinfo_length
,
744 ERR_raise(ERR_LIB_SSL
, SSL_R_INVALID_SERVERINFO_DATA
);
750 int SSL_CTX_use_serverinfo(SSL_CTX
*ctx
, const unsigned char *serverinfo
,
751 size_t serverinfo_length
)
753 return SSL_CTX_use_serverinfo_ex(ctx
, SSL_SERVERINFOV1
, serverinfo
,
757 int SSL_CTX_use_serverinfo_file(SSL_CTX
*ctx
, const char *file
)
759 unsigned char *serverinfo
= NULL
;
761 size_t serverinfo_length
= 0;
762 unsigned char *extension
= 0;
763 long extension_length
= 0;
766 unsigned int name_len
;
769 size_t num_extensions
= 0, contextoff
= 0;
771 if (ctx
== NULL
|| file
== NULL
) {
772 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
776 bin
= BIO_new(BIO_s_file());
778 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
781 if (BIO_read_filename(bin
, file
) <= 0) {
782 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
786 for (num_extensions
= 0;; num_extensions
++) {
787 unsigned int version
;
789 if (PEM_read_bio(bin
, &name
, &header
, &extension
, &extension_length
)
792 * There must be at least one extension in this file
794 if (num_extensions
== 0) {
795 ERR_raise(ERR_LIB_SSL
, SSL_R_NO_PEM_EXTENSIONS
);
797 } else /* End of file, we're done */
800 /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
801 name_len
= strlen(name
);
802 if (name_len
< sizeof(NAME_PREFIX1
) - 1) {
803 ERR_raise(ERR_LIB_SSL
, SSL_R_PEM_NAME_TOO_SHORT
);
806 if (HAS_PREFIX(name
, NAME_PREFIX1
)) {
807 version
= SSL_SERVERINFOV1
;
809 if (name_len
< sizeof(NAME_PREFIX2
) - 1) {
810 ERR_raise(ERR_LIB_SSL
, SSL_R_PEM_NAME_TOO_SHORT
);
813 if (!HAS_PREFIX(name
, NAME_PREFIX2
)) {
814 ERR_raise(ERR_LIB_SSL
, SSL_R_PEM_NAME_BAD_PREFIX
);
817 version
= SSL_SERVERINFOV2
;
820 * Check that the decoded PEM data is plausible (valid length field)
822 if (version
== SSL_SERVERINFOV1
) {
823 /* 4 byte header: 2 bytes type, 2 bytes len */
824 if (extension_length
< 4
825 || (extension
[2] << 8) + extension
[3]
826 != extension_length
- 4) {
827 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_DATA
);
831 * File does not have a context value so we must take account of
836 /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
837 if (extension_length
< 8
838 || (extension
[6] << 8) + extension
[7]
839 != extension_length
- 8) {
840 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_DATA
);
844 /* Append the decoded extension to the serverinfo buffer */
845 tmp
= OPENSSL_realloc(serverinfo
, serverinfo_length
+ extension_length
848 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
852 if (contextoff
> 0) {
853 unsigned char *sinfo
= serverinfo
+ serverinfo_length
;
855 /* We know this only uses the last 2 bytes */
858 sinfo
[2] = (SYNTHV1CONTEXT
>> 8) & 0xff;
859 sinfo
[3] = SYNTHV1CONTEXT
& 0xff;
861 memcpy(serverinfo
+ serverinfo_length
+ contextoff
,
862 extension
, extension_length
);
863 serverinfo_length
+= extension_length
+ contextoff
;
867 OPENSSL_free(header
);
869 OPENSSL_free(extension
);
873 ret
= SSL_CTX_use_serverinfo_ex(ctx
, SSL_SERVERINFOV2
, serverinfo
,
876 /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
878 OPENSSL_free(header
);
879 OPENSSL_free(extension
);
880 OPENSSL_free(serverinfo
);
885 static int ssl_set_cert_and_key(SSL
*ssl
, SSL_CTX
*ctx
, X509
*x509
, EVP_PKEY
*privatekey
,
886 STACK_OF(X509
) *chain
, int override
)
892 CERT
*c
= ssl
!= NULL
? ssl
->cert
: ctx
->cert
;
893 STACK_OF(X509
) *dup_chain
= NULL
;
894 EVP_PKEY
*pubkey
= NULL
;
896 /* Do all security checks before anything else */
897 rv
= ssl_security_cert(ssl
, ctx
, x509
, 0, 1);
899 ERR_raise(ERR_LIB_SSL
, rv
);
902 for (j
= 0; j
< sk_X509_num(chain
); j
++) {
903 rv
= ssl_security_cert(ssl
, ctx
, sk_X509_value(chain
, j
), 0, 0);
905 ERR_raise(ERR_LIB_SSL
, rv
);
910 pubkey
= X509_get_pubkey(x509
); /* bumps reference */
913 if (privatekey
== NULL
) {
916 /* For RSA, which has no parameters, missing returns 0 */
917 if (EVP_PKEY_missing_parameters(privatekey
)) {
918 if (EVP_PKEY_missing_parameters(pubkey
)) {
919 /* nobody has parameters? - error */
920 ERR_raise(ERR_LIB_SSL
, SSL_R_MISSING_PARAMETERS
);
923 /* copy to privatekey from pubkey */
924 EVP_PKEY_copy_parameters(privatekey
, pubkey
);
926 } else if (EVP_PKEY_missing_parameters(pubkey
)) {
927 /* copy to pubkey from privatekey */
928 EVP_PKEY_copy_parameters(pubkey
, privatekey
);
929 } /* else both have parameters */
931 /* check that key <-> cert match */
932 if (EVP_PKEY_eq(pubkey
, privatekey
) != 1) {
933 ERR_raise(ERR_LIB_SSL
, SSL_R_PRIVATE_KEY_MISMATCH
);
937 if (ssl_cert_lookup_by_pkey(pubkey
, &i
) == NULL
) {
938 ERR_raise(ERR_LIB_SSL
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
942 if (!override
&& (c
->pkeys
[i
].x509
!= NULL
943 || c
->pkeys
[i
].privatekey
!= NULL
944 || c
->pkeys
[i
].chain
!= NULL
)) {
945 /* No override, and something already there */
946 ERR_raise(ERR_LIB_SSL
, SSL_R_NOT_REPLACING_CERTIFICATE
);
951 dup_chain
= X509_chain_up_ref(chain
);
952 if (dup_chain
== NULL
) {
953 ERR_raise(ERR_LIB_SSL
, ERR_R_MALLOC_FAILURE
);
958 OSSL_STACK_OF_X509_free(c
->pkeys
[i
].chain
);
959 c
->pkeys
[i
].chain
= dup_chain
;
961 X509_free(c
->pkeys
[i
].x509
);
963 c
->pkeys
[i
].x509
= x509
;
965 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
966 EVP_PKEY_up_ref(privatekey
);
967 c
->pkeys
[i
].privatekey
= privatekey
;
969 c
->key
= &(c
->pkeys
[i
]);
973 EVP_PKEY_free(pubkey
);
977 int SSL_use_cert_and_key(SSL
*ssl
, X509
*x509
, EVP_PKEY
*privatekey
,
978 STACK_OF(X509
) *chain
, int override
)
980 return ssl_set_cert_and_key(ssl
, NULL
, x509
, privatekey
, chain
, override
);
983 int SSL_CTX_use_cert_and_key(SSL_CTX
*ctx
, X509
*x509
, EVP_PKEY
*privatekey
,
984 STACK_OF(X509
) *chain
, int override
)
986 return ssl_set_cert_and_key(NULL
, ctx
, x509
, privatekey
, chain
, override
);