2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "ssl_local.h"
12 #include "internal/packet.h"
13 #include <openssl/bio.h>
14 #include <openssl/objects.h>
15 #include <openssl/evp.h>
16 #include <openssl/x509.h>
17 #include <openssl/x509v3.h>
18 #include <openssl/pem.h>
20 static int ssl_set_cert(CERT
*c
, X509
*x509
, SSL_CTX
*ctx
);
21 static int ssl_set_pkey(CERT
*c
, EVP_PKEY
*pkey
, SSL_CTX
*ctx
);
23 #define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
24 | SSL_EXT_CLIENT_HELLO \
25 | SSL_EXT_TLS1_2_SERVER_HELLO \
26 | SSL_EXT_IGNORE_ON_RESUMPTION)
28 #define NAME_PREFIX1 "SERVERINFO FOR "
29 #define NAME_PREFIX2 "SERVERINFOV2 FOR "
31 int SSL_use_certificate(SSL
*ssl
, X509
*x
)
34 SSL_CONNECTION
*sc
= SSL_CONNECTION_FROM_SSL(ssl
);
40 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
44 rv
= ssl_security_cert(sc
, NULL
, x
, 0, 1);
46 ERR_raise(ERR_LIB_SSL
, rv
);
50 return ssl_set_cert(sc
->cert
, x
, SSL_CONNECTION_GET_CTX(sc
));
53 int SSL_use_certificate_file(SSL
*ssl
, const char *file
, int type
)
58 X509
*cert
= NULL
, *x
= NULL
;
60 in
= BIO_new(BIO_s_file());
62 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
66 if (BIO_read_filename(in
, file
) <= 0) {
67 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
71 if (type
!= SSL_FILETYPE_ASN1
&& type
!= SSL_FILETYPE_PEM
) {
72 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
75 x
= X509_new_ex(ssl
->ctx
->libctx
, ssl
->ctx
->propq
);
77 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
80 if (type
== SSL_FILETYPE_ASN1
) {
82 cert
= d2i_X509_bio(in
, &x
);
83 } else if (type
== SSL_FILETYPE_PEM
) {
84 SSL_CONNECTION
*sc
= SSL_CONNECTION_FROM_SSL(ssl
);
90 cert
= PEM_read_bio_X509(in
, &x
, sc
->default_passwd_callback
,
91 sc
->default_passwd_callback_userdata
);
93 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
98 ERR_raise(ERR_LIB_SSL
, j
);
102 ret
= SSL_use_certificate(ssl
, x
);
109 int SSL_use_certificate_ASN1(SSL
*ssl
, const unsigned char *d
, int len
)
114 x
= X509_new_ex(ssl
->ctx
->libctx
, ssl
->ctx
->propq
);
116 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
120 if (d2i_X509(&x
, &d
, (long)len
)== NULL
) {
122 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
126 ret
= SSL_use_certificate(ssl
, x
);
131 static int ssl_set_pkey(CERT
*c
, EVP_PKEY
*pkey
, SSL_CTX
*ctx
)
135 if (ssl_cert_lookup_by_pkey(pkey
, &i
, ctx
) == NULL
) {
136 ERR_raise(ERR_LIB_SSL
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
140 if (c
->pkeys
[i
].x509
!= NULL
141 && !X509_check_private_key(c
->pkeys
[i
].x509
, pkey
))
144 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
145 EVP_PKEY_up_ref(pkey
);
146 c
->pkeys
[i
].privatekey
= pkey
;
147 c
->key
= &c
->pkeys
[i
];
151 int SSL_use_PrivateKey(SSL
*ssl
, EVP_PKEY
*pkey
)
154 SSL_CONNECTION
*sc
= SSL_CONNECTION_FROM_SSL(ssl
);
160 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
163 ret
= ssl_set_pkey(sc
->cert
, pkey
, SSL_CONNECTION_GET_CTX(sc
));
167 int SSL_use_PrivateKey_file(SSL
*ssl
, const char *file
, int type
)
171 EVP_PKEY
*pkey
= NULL
;
173 in
= BIO_new(BIO_s_file());
175 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
179 if (BIO_read_filename(in
, file
) <= 0) {
180 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
183 if (type
== SSL_FILETYPE_PEM
) {
184 SSL_CONNECTION
*sc
= SSL_CONNECTION_FROM_SSL(ssl
);
190 pkey
= PEM_read_bio_PrivateKey_ex(in
, NULL
,
191 sc
->default_passwd_callback
,
192 sc
->default_passwd_callback_userdata
,
195 } else if (type
== SSL_FILETYPE_ASN1
) {
197 pkey
= d2i_PrivateKey_ex_bio(in
, NULL
, ssl
->ctx
->libctx
,
200 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
204 ERR_raise(ERR_LIB_SSL
, j
);
207 ret
= SSL_use_PrivateKey(ssl
, pkey
);
214 int SSL_use_PrivateKey_ASN1(int type
, SSL
*ssl
, const unsigned char *d
,
218 const unsigned char *p
;
222 if ((pkey
= d2i_PrivateKey_ex(type
, NULL
, &p
, (long)len
, ssl
->ctx
->libctx
,
223 ssl
->ctx
->propq
)) == NULL
) {
224 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
228 ret
= SSL_use_PrivateKey(ssl
, pkey
);
233 int SSL_CTX_use_certificate(SSL_CTX
*ctx
, X509
*x
)
237 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
241 rv
= ssl_security_cert(NULL
, ctx
, x
, 0, 1);
243 ERR_raise(ERR_LIB_SSL
, rv
);
246 return ssl_set_cert(ctx
->cert
, x
, ctx
);
249 static int ssl_set_cert(CERT
*c
, X509
*x
, SSL_CTX
*ctx
)
254 pkey
= X509_get0_pubkey(x
);
256 ERR_raise(ERR_LIB_SSL
, SSL_R_X509_LIB
);
260 if (ssl_cert_lookup_by_pkey(pkey
, &i
, ctx
) == NULL
) {
261 ERR_raise(ERR_LIB_SSL
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
265 if (i
== SSL_PKEY_ECC
&& !EVP_PKEY_can_sign(pkey
)) {
266 ERR_raise(ERR_LIB_SSL
, SSL_R_ECC_CERT_NOT_FOR_SIGNING
);
270 if (c
->pkeys
[i
].privatekey
!= NULL
) {
272 * The return code from EVP_PKEY_copy_parameters is deliberately
273 * ignored. Some EVP_PKEY types cannot do this.
274 * coverity[check_return]
276 EVP_PKEY_copy_parameters(pkey
, c
->pkeys
[i
].privatekey
);
279 if (!X509_check_private_key(x
, c
->pkeys
[i
].privatekey
)) {
281 * don't fail for a cert/key mismatch, just free current private
282 * key (when switching to a different cert & key, first this
283 * function should be used, then ssl_set_pkey
285 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
286 c
->pkeys
[i
].privatekey
= NULL
;
287 /* clear error queue */
292 X509_free(c
->pkeys
[i
].x509
);
294 c
->pkeys
[i
].x509
= x
;
295 c
->key
= &(c
->pkeys
[i
]);
300 int SSL_CTX_use_certificate_file(SSL_CTX
*ctx
, const char *file
, int type
)
302 int j
= SSL_R_BAD_VALUE
;
305 X509
*x
= NULL
, *cert
= NULL
;
307 in
= BIO_new(BIO_s_file());
309 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
313 if (BIO_read_filename(in
, file
) <= 0) {
314 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
317 if (type
!= SSL_FILETYPE_ASN1
&& type
!= SSL_FILETYPE_PEM
) {
318 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
321 x
= X509_new_ex(ctx
->libctx
, ctx
->propq
);
323 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
326 if (type
== SSL_FILETYPE_ASN1
) {
328 cert
= d2i_X509_bio(in
, &x
);
329 } else if (type
== SSL_FILETYPE_PEM
) {
331 cert
= PEM_read_bio_X509(in
, &x
, ctx
->default_passwd_callback
,
332 ctx
->default_passwd_callback_userdata
);
335 ERR_raise(ERR_LIB_SSL
, j
);
339 ret
= SSL_CTX_use_certificate(ctx
, x
);
346 int SSL_CTX_use_certificate_ASN1(SSL_CTX
*ctx
, int len
, const unsigned char *d
)
351 x
= X509_new_ex(ctx
->libctx
, ctx
->propq
);
353 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
357 if (d2i_X509(&x
, &d
, (long)len
) == NULL
) {
359 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
363 ret
= SSL_CTX_use_certificate(ctx
, x
);
368 int SSL_CTX_use_PrivateKey(SSL_CTX
*ctx
, EVP_PKEY
*pkey
)
371 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
374 return ssl_set_pkey(ctx
->cert
, pkey
, ctx
);
377 int SSL_CTX_use_PrivateKey_file(SSL_CTX
*ctx
, const char *file
, int type
)
381 EVP_PKEY
*pkey
= NULL
;
383 in
= BIO_new(BIO_s_file());
385 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
389 if (BIO_read_filename(in
, file
) <= 0) {
390 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
393 if (type
== SSL_FILETYPE_PEM
) {
395 pkey
= PEM_read_bio_PrivateKey_ex(in
, NULL
,
396 ctx
->default_passwd_callback
,
397 ctx
->default_passwd_callback_userdata
,
398 ctx
->libctx
, ctx
->propq
);
399 } else if (type
== SSL_FILETYPE_ASN1
) {
401 pkey
= d2i_PrivateKey_ex_bio(in
, NULL
, ctx
->libctx
, ctx
->propq
);
403 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_SSL_FILETYPE
);
407 ERR_raise(ERR_LIB_SSL
, j
);
410 ret
= SSL_CTX_use_PrivateKey(ctx
, pkey
);
417 int SSL_CTX_use_PrivateKey_ASN1(int type
, SSL_CTX
*ctx
,
418 const unsigned char *d
, long len
)
421 const unsigned char *p
;
425 if ((pkey
= d2i_PrivateKey_ex(type
, NULL
, &p
, (long)len
, ctx
->libctx
,
426 ctx
->propq
)) == NULL
) {
427 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
431 ret
= SSL_CTX_use_PrivateKey(ctx
, pkey
);
437 * Read a file that contains our certificate in "PEM" format, possibly
438 * followed by a sequence of CA certificates that should be sent to the peer
439 * in the Certificate message.
441 static int use_certificate_chain_file(SSL_CTX
*ctx
, SSL
*ssl
, const char *file
)
446 pem_password_cb
*passwd_callback
;
447 void *passwd_callback_userdata
;
448 SSL_CTX
*real_ctx
= (ssl
== NULL
) ? ctx
: ssl
->ctx
;
450 if (ctx
== NULL
&& ssl
== NULL
)
453 ERR_clear_error(); /* clear error stack for
454 * SSL_CTX_use_certificate() */
457 passwd_callback
= ctx
->default_passwd_callback
;
458 passwd_callback_userdata
= ctx
->default_passwd_callback_userdata
;
460 SSL_CONNECTION
*sc
= SSL_CONNECTION_FROM_SSL(ssl
);
465 passwd_callback
= sc
->default_passwd_callback
;
466 passwd_callback_userdata
= sc
->default_passwd_callback_userdata
;
469 in
= BIO_new(BIO_s_file());
471 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
475 if (BIO_read_filename(in
, file
) <= 0) {
476 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
480 x
= X509_new_ex(real_ctx
->libctx
, real_ctx
->propq
);
482 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
485 if (PEM_read_bio_X509_AUX(in
, &x
, passwd_callback
,
486 passwd_callback_userdata
) == NULL
) {
487 ERR_raise(ERR_LIB_SSL
, ERR_R_PEM_LIB
);
492 ret
= SSL_CTX_use_certificate(ctx
, x
);
494 ret
= SSL_use_certificate(ssl
, x
);
496 if (ERR_peek_error() != 0)
497 ret
= 0; /* Key/certificate mismatch doesn't imply
501 * If we could set up our certificate, now proceed to the CA
509 r
= SSL_CTX_clear_chain_certs(ctx
);
511 r
= SSL_clear_chain_certs(ssl
);
519 ca
= X509_new_ex(real_ctx
->libctx
, real_ctx
->propq
);
521 ERR_raise(ERR_LIB_SSL
, ERR_R_ASN1_LIB
);
524 if (PEM_read_bio_X509(in
, &ca
, passwd_callback
,
525 passwd_callback_userdata
) != NULL
) {
527 r
= SSL_CTX_add0_chain_cert(ctx
, ca
);
529 r
= SSL_add0_chain_cert(ssl
, ca
);
531 * Note that we must not free ca if it was successfully added to
532 * the chain (while we must free the main certificate, since its
533 * reference count is increased by SSL_CTX_use_certificate).
545 /* When the while loop ends, it's usually just EOF. */
546 err
= ERR_peek_last_error();
547 if (ERR_GET_LIB(err
) == ERR_LIB_PEM
548 && ERR_GET_REASON(err
) == PEM_R_NO_START_LINE
)
551 ret
= 0; /* some real error */
560 int SSL_CTX_use_certificate_chain_file(SSL_CTX
*ctx
, const char *file
)
562 return use_certificate_chain_file(ctx
, NULL
, file
);
565 int SSL_use_certificate_chain_file(SSL
*ssl
, const char *file
)
567 return use_certificate_chain_file(NULL
, ssl
, file
);
570 static int serverinfo_find_extension(const unsigned char *serverinfo
,
571 size_t serverinfo_length
,
572 unsigned int extension_type
,
573 const unsigned char **extension_data
,
574 size_t *extension_length
)
578 *extension_data
= NULL
;
579 *extension_length
= 0;
580 if (serverinfo
== NULL
|| serverinfo_length
== 0)
583 if (!PACKET_buf_init(&pkt
, serverinfo
, serverinfo_length
))
587 unsigned int type
= 0;
588 unsigned long context
= 0;
590 /* end of serverinfo */
591 if (PACKET_remaining(&pkt
) == 0)
592 return 0; /* Extension not found */
594 if (!PACKET_get_net_4(&pkt
, &context
)
595 || !PACKET_get_net_2(&pkt
, &type
)
596 || !PACKET_get_length_prefixed_2(&pkt
, &data
))
599 if (type
== extension_type
) {
600 *extension_data
= PACKET_data(&data
);
601 *extension_length
= PACKET_remaining(&data
);
602 return 1; /* Success */
608 static int serverinfoex_srv_parse_cb(SSL
*s
, unsigned int ext_type
,
609 unsigned int context
,
610 const unsigned char *in
,
611 size_t inlen
, X509
*x
, size_t chainidx
,
616 *al
= SSL_AD_DECODE_ERROR
;
623 static int serverinfo_srv_parse_cb(SSL
*s
, unsigned int ext_type
,
624 const unsigned char *in
,
625 size_t inlen
, int *al
, void *arg
)
627 return serverinfoex_srv_parse_cb(s
, ext_type
, 0, in
, inlen
, NULL
, 0, al
,
631 static int serverinfoex_srv_add_cb(SSL
*s
, unsigned int ext_type
,
632 unsigned int context
,
633 const unsigned char **out
,
634 size_t *outlen
, X509
*x
, size_t chainidx
,
637 const unsigned char *serverinfo
= NULL
;
638 size_t serverinfo_length
= 0;
639 SSL_CONNECTION
*sc
= SSL_CONNECTION_FROM_SSL(s
);
642 *al
= SSL_AD_INTERNAL_ERROR
;
646 /* We only support extensions for the first Certificate */
647 if ((context
& SSL_EXT_TLS1_3_CERTIFICATE
) != 0 && chainidx
> 0)
650 /* Is there serverinfo data for the chosen server cert? */
651 if ((ssl_get_server_cert_serverinfo(sc
, &serverinfo
,
652 &serverinfo_length
)) != 0) {
653 /* Find the relevant extension from the serverinfo */
654 int retval
= serverinfo_find_extension(serverinfo
, serverinfo_length
,
655 ext_type
, out
, outlen
);
657 *al
= SSL_AD_INTERNAL_ERROR
;
658 return -1; /* Error */
661 return 0; /* No extension found, don't send extension */
662 return 1; /* Send extension */
664 return 0; /* No serverinfo data found, don't send
668 static int serverinfo_srv_add_cb(SSL
*s
, unsigned int ext_type
,
669 const unsigned char **out
, size_t *outlen
,
672 return serverinfoex_srv_add_cb(s
, ext_type
, 0, out
, outlen
, NULL
, 0, al
,
677 * With a NULL context, this function just checks that the serverinfo data
678 * parses correctly. With a non-NULL context, it registers callbacks for
679 * the included extensions.
681 static int serverinfo_process_buffer(unsigned int version
,
682 const unsigned char *serverinfo
,
683 size_t serverinfo_length
, SSL_CTX
*ctx
)
687 if (serverinfo
== NULL
|| serverinfo_length
== 0)
690 if (version
!= SSL_SERVERINFOV1
&& version
!= SSL_SERVERINFOV2
)
693 if (!PACKET_buf_init(&pkt
, serverinfo
, serverinfo_length
))
696 while (PACKET_remaining(&pkt
)) {
697 unsigned long context
= 0;
698 unsigned int ext_type
= 0;
701 if ((version
== SSL_SERVERINFOV2
&& !PACKET_get_net_4(&pkt
, &context
))
702 || !PACKET_get_net_2(&pkt
, &ext_type
)
703 || !PACKET_get_length_prefixed_2(&pkt
, &data
))
710 * The old style custom extensions API could be set separately for
711 * server/client, i.e. you could set one custom extension for a client,
712 * and *for the same extension in the same SSL_CTX* you could set a
713 * custom extension for the server as well. It seems quite weird to be
714 * setting a custom extension for both client and server in a single
715 * SSL_CTX - but theoretically possible. This isn't possible in the
716 * new API. Therefore, if we have V1 serverinfo we use the old API. We
717 * also use the old API even if we have V2 serverinfo but the context
718 * looks like an old style <= TLSv1.2 extension.
720 if (version
== SSL_SERVERINFOV1
|| context
== SYNTHV1CONTEXT
) {
721 if (!SSL_CTX_add_server_custom_ext(ctx
, ext_type
,
722 serverinfo_srv_add_cb
,
724 serverinfo_srv_parse_cb
,
728 if (!SSL_CTX_add_custom_ext(ctx
, ext_type
, context
,
729 serverinfoex_srv_add_cb
,
731 serverinfoex_srv_parse_cb
,
740 static size_t extension_contextoff(unsigned int version
)
742 return version
== SSL_SERVERINFOV1
? 4 : 0;
745 static size_t extension_append_length(unsigned int version
, size_t extension_length
)
747 return extension_length
+ extension_contextoff(version
);
750 static void extension_append(unsigned int version
,
751 const unsigned char *extension
,
752 const size_t extension_length
,
753 unsigned char *serverinfo
)
755 const size_t contextoff
= extension_contextoff(version
);
757 if (contextoff
> 0) {
758 /* We know this only uses the last 2 bytes */
761 serverinfo
[2] = (SYNTHV1CONTEXT
>> 8) & 0xff;
762 serverinfo
[3] = SYNTHV1CONTEXT
& 0xff;
765 memcpy(serverinfo
+ contextoff
, extension
, extension_length
);
768 int SSL_CTX_use_serverinfo_ex(SSL_CTX
*ctx
, unsigned int version
,
769 const unsigned char *serverinfo
,
770 size_t serverinfo_length
)
772 unsigned char *new_serverinfo
= NULL
;
774 if (ctx
== NULL
|| serverinfo
== NULL
|| serverinfo_length
== 0) {
775 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
778 if (version
== SSL_SERVERINFOV1
) {
780 * Convert serverinfo version v1 to v2 and call yourself recursively
781 * over the converted serverinfo.
783 const size_t sinfo_length
= extension_append_length(SSL_SERVERINFOV1
,
785 unsigned char *sinfo
;
788 sinfo
= OPENSSL_malloc(sinfo_length
);
792 extension_append(SSL_SERVERINFOV1
, serverinfo
, serverinfo_length
, sinfo
);
794 ret
= SSL_CTX_use_serverinfo_ex(ctx
, SSL_SERVERINFOV2
, sinfo
,
800 if (!serverinfo_process_buffer(version
, serverinfo
, serverinfo_length
,
802 ERR_raise(ERR_LIB_SSL
, SSL_R_INVALID_SERVERINFO_DATA
);
805 if (ctx
->cert
->key
== NULL
) {
806 ERR_raise(ERR_LIB_SSL
, ERR_R_INTERNAL_ERROR
);
809 new_serverinfo
= OPENSSL_realloc(ctx
->cert
->key
->serverinfo
,
811 if (new_serverinfo
== NULL
)
813 ctx
->cert
->key
->serverinfo
= new_serverinfo
;
814 memcpy(ctx
->cert
->key
->serverinfo
, serverinfo
, serverinfo_length
);
815 ctx
->cert
->key
->serverinfo_length
= serverinfo_length
;
818 * Now that the serverinfo is validated and stored, go ahead and
819 * register callbacks.
821 if (!serverinfo_process_buffer(version
, serverinfo
, serverinfo_length
,
823 ERR_raise(ERR_LIB_SSL
, SSL_R_INVALID_SERVERINFO_DATA
);
829 int SSL_CTX_use_serverinfo(SSL_CTX
*ctx
, const unsigned char *serverinfo
,
830 size_t serverinfo_length
)
832 return SSL_CTX_use_serverinfo_ex(ctx
, SSL_SERVERINFOV1
, serverinfo
,
836 int SSL_CTX_use_serverinfo_file(SSL_CTX
*ctx
, const char *file
)
838 unsigned char *serverinfo
= NULL
;
840 size_t serverinfo_length
= 0;
841 unsigned char *extension
= 0;
842 long extension_length
= 0;
845 unsigned int name_len
;
848 size_t num_extensions
= 0;
850 if (ctx
== NULL
|| file
== NULL
) {
851 ERR_raise(ERR_LIB_SSL
, ERR_R_PASSED_NULL_PARAMETER
);
855 bin
= BIO_new(BIO_s_file());
857 ERR_raise(ERR_LIB_SSL
, ERR_R_BUF_LIB
);
860 if (BIO_read_filename(bin
, file
) <= 0) {
861 ERR_raise(ERR_LIB_SSL
, ERR_R_SYS_LIB
);
865 for (num_extensions
= 0;; num_extensions
++) {
866 unsigned int version
;
867 size_t append_length
;
869 if (PEM_read_bio(bin
, &name
, &header
, &extension
, &extension_length
)
872 * There must be at least one extension in this file
874 if (num_extensions
== 0) {
875 ERR_raise(ERR_LIB_SSL
, SSL_R_NO_PEM_EXTENSIONS
);
877 } else /* End of file, we're done */
880 /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
881 name_len
= strlen(name
);
882 if (name_len
< sizeof(NAME_PREFIX1
) - 1) {
883 ERR_raise(ERR_LIB_SSL
, SSL_R_PEM_NAME_TOO_SHORT
);
886 if (HAS_PREFIX(name
, NAME_PREFIX1
)) {
887 version
= SSL_SERVERINFOV1
;
889 if (name_len
< sizeof(NAME_PREFIX2
) - 1) {
890 ERR_raise(ERR_LIB_SSL
, SSL_R_PEM_NAME_TOO_SHORT
);
893 if (!HAS_PREFIX(name
, NAME_PREFIX2
)) {
894 ERR_raise(ERR_LIB_SSL
, SSL_R_PEM_NAME_BAD_PREFIX
);
897 version
= SSL_SERVERINFOV2
;
900 * Check that the decoded PEM data is plausible (valid length field)
902 if (version
== SSL_SERVERINFOV1
) {
903 /* 4 byte header: 2 bytes type, 2 bytes len */
904 if (extension_length
< 4
905 || (extension
[2] << 8) + extension
[3]
906 != extension_length
- 4) {
907 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_DATA
);
911 /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
912 if (extension_length
< 8
913 || (extension
[6] << 8) + extension
[7]
914 != extension_length
- 8) {
915 ERR_raise(ERR_LIB_SSL
, SSL_R_BAD_DATA
);
919 /* Append the decoded extension to the serverinfo buffer */
920 append_length
= extension_append_length(version
, extension_length
);
921 tmp
= OPENSSL_realloc(serverinfo
, serverinfo_length
+ append_length
);
925 extension_append(version
, extension
, extension_length
,
926 serverinfo
+ serverinfo_length
);
927 serverinfo_length
+= append_length
;
931 OPENSSL_free(header
);
933 OPENSSL_free(extension
);
937 ret
= SSL_CTX_use_serverinfo_ex(ctx
, SSL_SERVERINFOV2
, serverinfo
,
940 /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
942 OPENSSL_free(header
);
943 OPENSSL_free(extension
);
944 OPENSSL_free(serverinfo
);
949 static int ssl_set_cert_and_key(SSL
*ssl
, SSL_CTX
*ctx
, X509
*x509
, EVP_PKEY
*privatekey
,
950 STACK_OF(X509
) *chain
, int override
)
957 STACK_OF(X509
) *dup_chain
= NULL
;
958 EVP_PKEY
*pubkey
= NULL
;
959 SSL_CONNECTION
*sc
= NULL
;
962 (sc
= SSL_CONNECTION_FROM_SSL(ssl
)) == NULL
)
965 c
= sc
!= NULL
? sc
->cert
: ctx
->cert
;
966 /* Do all security checks before anything else */
967 rv
= ssl_security_cert(sc
, ctx
, x509
, 0, 1);
969 ERR_raise(ERR_LIB_SSL
, rv
);
972 for (j
= 0; j
< sk_X509_num(chain
); j
++) {
973 rv
= ssl_security_cert(sc
, ctx
, sk_X509_value(chain
, j
), 0, 0);
975 ERR_raise(ERR_LIB_SSL
, rv
);
980 pubkey
= X509_get_pubkey(x509
); /* bumps reference */
983 if (privatekey
== NULL
) {
986 /* For RSA, which has no parameters, missing returns 0 */
987 if (EVP_PKEY_missing_parameters(privatekey
)) {
988 if (EVP_PKEY_missing_parameters(pubkey
)) {
989 /* nobody has parameters? - error */
990 ERR_raise(ERR_LIB_SSL
, SSL_R_MISSING_PARAMETERS
);
993 /* copy to privatekey from pubkey */
994 if (!EVP_PKEY_copy_parameters(privatekey
, pubkey
)) {
995 ERR_raise(ERR_LIB_SSL
, SSL_R_COPY_PARAMETERS_FAILED
);
999 } else if (EVP_PKEY_missing_parameters(pubkey
)) {
1000 /* copy to pubkey from privatekey */
1001 if (!EVP_PKEY_copy_parameters(pubkey
, privatekey
)) {
1002 ERR_raise(ERR_LIB_SSL
, SSL_R_COPY_PARAMETERS_FAILED
);
1005 } /* else both have parameters */
1007 /* check that key <-> cert match */
1008 if (EVP_PKEY_eq(pubkey
, privatekey
) != 1) {
1009 ERR_raise(ERR_LIB_SSL
, SSL_R_PRIVATE_KEY_MISMATCH
);
1013 if (ssl_cert_lookup_by_pkey(pubkey
, &i
, ctx
) == NULL
) {
1014 ERR_raise(ERR_LIB_SSL
, SSL_R_UNKNOWN_CERTIFICATE_TYPE
);
1018 if (!override
&& (c
->pkeys
[i
].x509
!= NULL
1019 || c
->pkeys
[i
].privatekey
!= NULL
1020 || c
->pkeys
[i
].chain
!= NULL
)) {
1021 /* No override, and something already there */
1022 ERR_raise(ERR_LIB_SSL
, SSL_R_NOT_REPLACING_CERTIFICATE
);
1026 if (chain
!= NULL
) {
1027 dup_chain
= X509_chain_up_ref(chain
);
1028 if (dup_chain
== NULL
) {
1029 ERR_raise(ERR_LIB_SSL
, ERR_R_X509_LIB
);
1034 OSSL_STACK_OF_X509_free(c
->pkeys
[i
].chain
);
1035 c
->pkeys
[i
].chain
= dup_chain
;
1037 X509_free(c
->pkeys
[i
].x509
);
1039 c
->pkeys
[i
].x509
= x509
;
1041 EVP_PKEY_free(c
->pkeys
[i
].privatekey
);
1042 EVP_PKEY_up_ref(privatekey
);
1043 c
->pkeys
[i
].privatekey
= privatekey
;
1045 c
->key
= &(c
->pkeys
[i
]);
1049 EVP_PKEY_free(pubkey
);
1053 int SSL_use_cert_and_key(SSL
*ssl
, X509
*x509
, EVP_PKEY
*privatekey
,
1054 STACK_OF(X509
) *chain
, int override
)
1056 return ssl_set_cert_and_key(ssl
, NULL
, x509
, privatekey
, chain
, override
);
1059 int SSL_CTX_use_cert_and_key(SSL_CTX
*ctx
, X509
*x509
, EVP_PKEY
*privatekey
,
1060 STACK_OF(X509
) *chain
, int override
)
1062 return ssl_set_cert_and_key(NULL
, ctx
, x509
, privatekey
, chain
, override
);