1*4724848cSchristos /*
2*4724848cSchristos * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3c9496f6bSchristos *
4*4724848cSchristos * Licensed under the OpenSSL license (the "License"). You may not use
5*4724848cSchristos * this file except in compliance with the License. You can obtain a copy
6*4724848cSchristos * in the file LICENSE in the source distribution or at
7*4724848cSchristos * https://www.openssl.org/source/license.html
8c9496f6bSchristos */
9c9496f6bSchristos
10c9496f6bSchristos #include <stdio.h>
11*4724848cSchristos #include "ssl_local.h"
12*4724848cSchristos #include "packet_local.h"
13c9496f6bSchristos #include <openssl/bio.h>
14c9496f6bSchristos #include <openssl/objects.h>
15c9496f6bSchristos #include <openssl/evp.h>
16c9496f6bSchristos #include <openssl/x509.h>
17c9496f6bSchristos #include <openssl/pem.h>
18c9496f6bSchristos
19c9496f6bSchristos static int ssl_set_cert(CERT *c, X509 *x509);
20c9496f6bSchristos static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
21*4724848cSchristos
22*4724848cSchristos #define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
23*4724848cSchristos | SSL_EXT_CLIENT_HELLO \
24*4724848cSchristos | SSL_EXT_TLS1_2_SERVER_HELLO \
25*4724848cSchristos | SSL_EXT_IGNORE_ON_RESUMPTION)
26*4724848cSchristos
SSL_use_certificate(SSL * ssl,X509 * x)27c9496f6bSchristos int SSL_use_certificate(SSL *ssl, X509 *x)
28c9496f6bSchristos {
29*4724848cSchristos int rv;
30c9496f6bSchristos if (x == NULL) {
31c9496f6bSchristos SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
32*4724848cSchristos return 0;
33c9496f6bSchristos }
34*4724848cSchristos rv = ssl_security_cert(ssl, NULL, x, 0, 1);
35*4724848cSchristos if (rv != 1) {
36*4724848cSchristos SSLerr(SSL_F_SSL_USE_CERTIFICATE, rv);
37*4724848cSchristos return 0;
38c9496f6bSchristos }
39c9496f6bSchristos
40*4724848cSchristos return ssl_set_cert(ssl->cert, x);
41*4724848cSchristos }
42*4724848cSchristos
SSL_use_certificate_file(SSL * ssl,const char * file,int type)43c9496f6bSchristos int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
44c9496f6bSchristos {
45c9496f6bSchristos int j;
46c9496f6bSchristos BIO *in;
47c9496f6bSchristos int ret = 0;
48c9496f6bSchristos X509 *x = NULL;
49c9496f6bSchristos
50*4724848cSchristos in = BIO_new(BIO_s_file());
51c9496f6bSchristos if (in == NULL) {
52c9496f6bSchristos SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
53c9496f6bSchristos goto end;
54c9496f6bSchristos }
55c9496f6bSchristos
56c9496f6bSchristos if (BIO_read_filename(in, file) <= 0) {
57c9496f6bSchristos SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
58c9496f6bSchristos goto end;
59c9496f6bSchristos }
60c9496f6bSchristos if (type == SSL_FILETYPE_ASN1) {
61c9496f6bSchristos j = ERR_R_ASN1_LIB;
62c9496f6bSchristos x = d2i_X509_bio(in, NULL);
63c9496f6bSchristos } else if (type == SSL_FILETYPE_PEM) {
64c9496f6bSchristos j = ERR_R_PEM_LIB;
65*4724848cSchristos x = PEM_read_bio_X509(in, NULL, ssl->default_passwd_callback,
66*4724848cSchristos ssl->default_passwd_callback_userdata);
67c9496f6bSchristos } else {
68c9496f6bSchristos SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
69c9496f6bSchristos goto end;
70c9496f6bSchristos }
71c9496f6bSchristos
72c9496f6bSchristos if (x == NULL) {
73c9496f6bSchristos SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
74c9496f6bSchristos goto end;
75c9496f6bSchristos }
76c9496f6bSchristos
77c9496f6bSchristos ret = SSL_use_certificate(ssl, x);
78c9496f6bSchristos end:
79c9496f6bSchristos X509_free(x);
80c9496f6bSchristos BIO_free(in);
81*4724848cSchristos return ret;
82c9496f6bSchristos }
83c9496f6bSchristos
SSL_use_certificate_ASN1(SSL * ssl,const unsigned char * d,int len)84c9496f6bSchristos int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
85c9496f6bSchristos {
86c9496f6bSchristos X509 *x;
87c9496f6bSchristos int ret;
88c9496f6bSchristos
89c9496f6bSchristos x = d2i_X509(NULL, &d, (long)len);
90c9496f6bSchristos if (x == NULL) {
91c9496f6bSchristos SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
92*4724848cSchristos return 0;
93c9496f6bSchristos }
94c9496f6bSchristos
95c9496f6bSchristos ret = SSL_use_certificate(ssl, x);
96c9496f6bSchristos X509_free(x);
97*4724848cSchristos return ret;
98c9496f6bSchristos }
99c9496f6bSchristos
100c9496f6bSchristos #ifndef OPENSSL_NO_RSA
SSL_use_RSAPrivateKey(SSL * ssl,RSA * rsa)101c9496f6bSchristos int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
102c9496f6bSchristos {
103c9496f6bSchristos EVP_PKEY *pkey;
104c9496f6bSchristos int ret;
105c9496f6bSchristos
106c9496f6bSchristos if (rsa == NULL) {
107c9496f6bSchristos SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
108*4724848cSchristos return 0;
109c9496f6bSchristos }
110c9496f6bSchristos if ((pkey = EVP_PKEY_new()) == NULL) {
111c9496f6bSchristos SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
112*4724848cSchristos return 0;
113c9496f6bSchristos }
114c9496f6bSchristos
115c9496f6bSchristos RSA_up_ref(rsa);
116c9496f6bSchristos if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
117c9496f6bSchristos RSA_free(rsa);
118*4724848cSchristos EVP_PKEY_free(pkey);
119c9496f6bSchristos return 0;
120c9496f6bSchristos }
121c9496f6bSchristos
122c9496f6bSchristos ret = ssl_set_pkey(ssl->cert, pkey);
123c9496f6bSchristos EVP_PKEY_free(pkey);
124*4724848cSchristos return ret;
125c9496f6bSchristos }
126c9496f6bSchristos #endif
127c9496f6bSchristos
ssl_set_pkey(CERT * c,EVP_PKEY * pkey)128c9496f6bSchristos static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
129c9496f6bSchristos {
130*4724848cSchristos size_t i;
131*4724848cSchristos
132*4724848cSchristos if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
133c9496f6bSchristos SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
134*4724848cSchristos return 0;
135c9496f6bSchristos }
136c9496f6bSchristos
137c9496f6bSchristos if (c->pkeys[i].x509 != NULL) {
138c9496f6bSchristos EVP_PKEY *pktmp;
139*4724848cSchristos pktmp = X509_get0_pubkey(c->pkeys[i].x509);
140c9496f6bSchristos if (pktmp == NULL) {
141c9496f6bSchristos SSLerr(SSL_F_SSL_SET_PKEY, ERR_R_MALLOC_FAILURE);
142c9496f6bSchristos return 0;
143c9496f6bSchristos }
144c9496f6bSchristos /*
145c9496f6bSchristos * The return code from EVP_PKEY_copy_parameters is deliberately
146c9496f6bSchristos * ignored. Some EVP_PKEY types cannot do this.
147c9496f6bSchristos */
148c9496f6bSchristos EVP_PKEY_copy_parameters(pktmp, pkey);
149c9496f6bSchristos ERR_clear_error();
150c9496f6bSchristos
151c9496f6bSchristos if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
152c9496f6bSchristos X509_free(c->pkeys[i].x509);
153c9496f6bSchristos c->pkeys[i].x509 = NULL;
154c9496f6bSchristos return 0;
155c9496f6bSchristos }
156c9496f6bSchristos }
157c9496f6bSchristos
158c9496f6bSchristos EVP_PKEY_free(c->pkeys[i].privatekey);
159*4724848cSchristos EVP_PKEY_up_ref(pkey);
160c9496f6bSchristos c->pkeys[i].privatekey = pkey;
161*4724848cSchristos c->key = &c->pkeys[i];
162*4724848cSchristos return 1;
163c9496f6bSchristos }
164c9496f6bSchristos
165c9496f6bSchristos #ifndef OPENSSL_NO_RSA
SSL_use_RSAPrivateKey_file(SSL * ssl,const char * file,int type)166c9496f6bSchristos int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
167c9496f6bSchristos {
168c9496f6bSchristos int j, ret = 0;
169c9496f6bSchristos BIO *in;
170c9496f6bSchristos RSA *rsa = NULL;
171c9496f6bSchristos
172*4724848cSchristos in = BIO_new(BIO_s_file());
173c9496f6bSchristos if (in == NULL) {
174c9496f6bSchristos SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
175c9496f6bSchristos goto end;
176c9496f6bSchristos }
177c9496f6bSchristos
178c9496f6bSchristos if (BIO_read_filename(in, file) <= 0) {
179c9496f6bSchristos SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
180c9496f6bSchristos goto end;
181c9496f6bSchristos }
182c9496f6bSchristos if (type == SSL_FILETYPE_ASN1) {
183c9496f6bSchristos j = ERR_R_ASN1_LIB;
184c9496f6bSchristos rsa = d2i_RSAPrivateKey_bio(in, NULL);
185c9496f6bSchristos } else if (type == SSL_FILETYPE_PEM) {
186c9496f6bSchristos j = ERR_R_PEM_LIB;
187c9496f6bSchristos rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
188*4724848cSchristos ssl->default_passwd_callback,
189*4724848cSchristos ssl->default_passwd_callback_userdata);
190c9496f6bSchristos } else {
191c9496f6bSchristos SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
192c9496f6bSchristos goto end;
193c9496f6bSchristos }
194c9496f6bSchristos if (rsa == NULL) {
195c9496f6bSchristos SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
196c9496f6bSchristos goto end;
197c9496f6bSchristos }
198c9496f6bSchristos ret = SSL_use_RSAPrivateKey(ssl, rsa);
199c9496f6bSchristos RSA_free(rsa);
200c9496f6bSchristos end:
201c9496f6bSchristos BIO_free(in);
202*4724848cSchristos return ret;
203c9496f6bSchristos }
204c9496f6bSchristos
SSL_use_RSAPrivateKey_ASN1(SSL * ssl,const unsigned char * d,long len)205*4724848cSchristos int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
206c9496f6bSchristos {
207c9496f6bSchristos int ret;
208c9496f6bSchristos const unsigned char *p;
209c9496f6bSchristos RSA *rsa;
210c9496f6bSchristos
211c9496f6bSchristos p = d;
212c9496f6bSchristos if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
213c9496f6bSchristos SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
214*4724848cSchristos return 0;
215c9496f6bSchristos }
216c9496f6bSchristos
217c9496f6bSchristos ret = SSL_use_RSAPrivateKey(ssl, rsa);
218c9496f6bSchristos RSA_free(rsa);
219*4724848cSchristos return ret;
220c9496f6bSchristos }
221c9496f6bSchristos #endif /* !OPENSSL_NO_RSA */
222c9496f6bSchristos
SSL_use_PrivateKey(SSL * ssl,EVP_PKEY * pkey)223c9496f6bSchristos int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
224c9496f6bSchristos {
225c9496f6bSchristos int ret;
226c9496f6bSchristos
227c9496f6bSchristos if (pkey == NULL) {
228c9496f6bSchristos SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
229*4724848cSchristos return 0;
230c9496f6bSchristos }
231c9496f6bSchristos ret = ssl_set_pkey(ssl->cert, pkey);
232*4724848cSchristos return ret;
233c9496f6bSchristos }
234c9496f6bSchristos
SSL_use_PrivateKey_file(SSL * ssl,const char * file,int type)235c9496f6bSchristos int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
236c9496f6bSchristos {
237c9496f6bSchristos int j, ret = 0;
238c9496f6bSchristos BIO *in;
239c9496f6bSchristos EVP_PKEY *pkey = NULL;
240c9496f6bSchristos
241*4724848cSchristos in = BIO_new(BIO_s_file());
242c9496f6bSchristos if (in == NULL) {
243c9496f6bSchristos SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
244c9496f6bSchristos goto end;
245c9496f6bSchristos }
246c9496f6bSchristos
247c9496f6bSchristos if (BIO_read_filename(in, file) <= 0) {
248c9496f6bSchristos SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
249c9496f6bSchristos goto end;
250c9496f6bSchristos }
251c9496f6bSchristos if (type == SSL_FILETYPE_PEM) {
252c9496f6bSchristos j = ERR_R_PEM_LIB;
253c9496f6bSchristos pkey = PEM_read_bio_PrivateKey(in, NULL,
254*4724848cSchristos ssl->default_passwd_callback,
255*4724848cSchristos ssl->default_passwd_callback_userdata);
256c9496f6bSchristos } else if (type == SSL_FILETYPE_ASN1) {
257c9496f6bSchristos j = ERR_R_ASN1_LIB;
258c9496f6bSchristos pkey = d2i_PrivateKey_bio(in, NULL);
259c9496f6bSchristos } else {
260c9496f6bSchristos SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
261c9496f6bSchristos goto end;
262c9496f6bSchristos }
263c9496f6bSchristos if (pkey == NULL) {
264c9496f6bSchristos SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
265c9496f6bSchristos goto end;
266c9496f6bSchristos }
267c9496f6bSchristos ret = SSL_use_PrivateKey(ssl, pkey);
268c9496f6bSchristos EVP_PKEY_free(pkey);
269c9496f6bSchristos end:
270c9496f6bSchristos BIO_free(in);
271*4724848cSchristos return ret;
272c9496f6bSchristos }
273c9496f6bSchristos
SSL_use_PrivateKey_ASN1(int type,SSL * ssl,const unsigned char * d,long len)274c9496f6bSchristos int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d,
275c9496f6bSchristos long len)
276c9496f6bSchristos {
277c9496f6bSchristos int ret;
278c9496f6bSchristos const unsigned char *p;
279c9496f6bSchristos EVP_PKEY *pkey;
280c9496f6bSchristos
281c9496f6bSchristos p = d;
282c9496f6bSchristos if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
283c9496f6bSchristos SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
284*4724848cSchristos return 0;
285c9496f6bSchristos }
286c9496f6bSchristos
287c9496f6bSchristos ret = SSL_use_PrivateKey(ssl, pkey);
288c9496f6bSchristos EVP_PKEY_free(pkey);
289*4724848cSchristos return ret;
290c9496f6bSchristos }
291c9496f6bSchristos
SSL_CTX_use_certificate(SSL_CTX * ctx,X509 * x)292c9496f6bSchristos int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
293c9496f6bSchristos {
294*4724848cSchristos int rv;
295c9496f6bSchristos if (x == NULL) {
296c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
297*4724848cSchristos return 0;
298c9496f6bSchristos }
299*4724848cSchristos rv = ssl_security_cert(NULL, ctx, x, 0, 1);
300*4724848cSchristos if (rv != 1) {
301*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, rv);
302*4724848cSchristos return 0;
303c9496f6bSchristos }
304*4724848cSchristos return ssl_set_cert(ctx->cert, x);
305c9496f6bSchristos }
306c9496f6bSchristos
ssl_set_cert(CERT * c,X509 * x)307c9496f6bSchristos static int ssl_set_cert(CERT *c, X509 *x)
308c9496f6bSchristos {
309c9496f6bSchristos EVP_PKEY *pkey;
310*4724848cSchristos size_t i;
311c9496f6bSchristos
312*4724848cSchristos pkey = X509_get0_pubkey(x);
313c9496f6bSchristos if (pkey == NULL) {
314c9496f6bSchristos SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
315*4724848cSchristos return 0;
316c9496f6bSchristos }
317c9496f6bSchristos
318*4724848cSchristos if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
319c9496f6bSchristos SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
320*4724848cSchristos return 0;
321c9496f6bSchristos }
322*4724848cSchristos #ifndef OPENSSL_NO_EC
323*4724848cSchristos if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) {
324*4724848cSchristos SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
325*4724848cSchristos return 0;
326*4724848cSchristos }
327*4724848cSchristos #endif
328c9496f6bSchristos if (c->pkeys[i].privatekey != NULL) {
329c9496f6bSchristos /*
330c9496f6bSchristos * The return code from EVP_PKEY_copy_parameters is deliberately
331c9496f6bSchristos * ignored. Some EVP_PKEY types cannot do this.
332c9496f6bSchristos */
333c9496f6bSchristos EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
334c9496f6bSchristos ERR_clear_error();
335c9496f6bSchristos
336c9496f6bSchristos if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
337c9496f6bSchristos /*
338c9496f6bSchristos * don't fail for a cert/key mismatch, just free current private
339c9496f6bSchristos * key (when switching to a different cert & key, first this
340c9496f6bSchristos * function should be used, then ssl_set_pkey
341c9496f6bSchristos */
342c9496f6bSchristos EVP_PKEY_free(c->pkeys[i].privatekey);
343c9496f6bSchristos c->pkeys[i].privatekey = NULL;
344c9496f6bSchristos /* clear error queue */
345c9496f6bSchristos ERR_clear_error();
346c9496f6bSchristos }
347c9496f6bSchristos }
348c9496f6bSchristos
349c9496f6bSchristos X509_free(c->pkeys[i].x509);
350*4724848cSchristos X509_up_ref(x);
351c9496f6bSchristos c->pkeys[i].x509 = x;
352c9496f6bSchristos c->key = &(c->pkeys[i]);
353c9496f6bSchristos
354*4724848cSchristos return 1;
355c9496f6bSchristos }
356c9496f6bSchristos
SSL_CTX_use_certificate_file(SSL_CTX * ctx,const char * file,int type)357c9496f6bSchristos int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
358c9496f6bSchristos {
359c9496f6bSchristos int j;
360c9496f6bSchristos BIO *in;
361c9496f6bSchristos int ret = 0;
362c9496f6bSchristos X509 *x = NULL;
363c9496f6bSchristos
364*4724848cSchristos in = BIO_new(BIO_s_file());
365c9496f6bSchristos if (in == NULL) {
366c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
367c9496f6bSchristos goto end;
368c9496f6bSchristos }
369c9496f6bSchristos
370c9496f6bSchristos if (BIO_read_filename(in, file) <= 0) {
371c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
372c9496f6bSchristos goto end;
373c9496f6bSchristos }
374c9496f6bSchristos if (type == SSL_FILETYPE_ASN1) {
375c9496f6bSchristos j = ERR_R_ASN1_LIB;
376c9496f6bSchristos x = d2i_X509_bio(in, NULL);
377c9496f6bSchristos } else if (type == SSL_FILETYPE_PEM) {
378c9496f6bSchristos j = ERR_R_PEM_LIB;
379c9496f6bSchristos x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
380c9496f6bSchristos ctx->default_passwd_callback_userdata);
381c9496f6bSchristos } else {
382c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
383c9496f6bSchristos goto end;
384c9496f6bSchristos }
385c9496f6bSchristos
386c9496f6bSchristos if (x == NULL) {
387c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
388c9496f6bSchristos goto end;
389c9496f6bSchristos }
390c9496f6bSchristos
391c9496f6bSchristos ret = SSL_CTX_use_certificate(ctx, x);
392c9496f6bSchristos end:
393c9496f6bSchristos X509_free(x);
394c9496f6bSchristos BIO_free(in);
395*4724848cSchristos return ret;
396c9496f6bSchristos }
397c9496f6bSchristos
SSL_CTX_use_certificate_ASN1(SSL_CTX * ctx,int len,const unsigned char * d)398*4724848cSchristos int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
399c9496f6bSchristos {
400c9496f6bSchristos X509 *x;
401c9496f6bSchristos int ret;
402c9496f6bSchristos
403c9496f6bSchristos x = d2i_X509(NULL, &d, (long)len);
404c9496f6bSchristos if (x == NULL) {
405c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
406*4724848cSchristos return 0;
407c9496f6bSchristos }
408c9496f6bSchristos
409c9496f6bSchristos ret = SSL_CTX_use_certificate(ctx, x);
410c9496f6bSchristos X509_free(x);
411*4724848cSchristos return ret;
412c9496f6bSchristos }
413c9496f6bSchristos
414c9496f6bSchristos #ifndef OPENSSL_NO_RSA
SSL_CTX_use_RSAPrivateKey(SSL_CTX * ctx,RSA * rsa)415c9496f6bSchristos int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
416c9496f6bSchristos {
417c9496f6bSchristos int ret;
418c9496f6bSchristos EVP_PKEY *pkey;
419c9496f6bSchristos
420c9496f6bSchristos if (rsa == NULL) {
421c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
422*4724848cSchristos return 0;
423c9496f6bSchristos }
424c9496f6bSchristos if ((pkey = EVP_PKEY_new()) == NULL) {
425c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
426*4724848cSchristos return 0;
427c9496f6bSchristos }
428c9496f6bSchristos
429c9496f6bSchristos RSA_up_ref(rsa);
430c9496f6bSchristos if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
431c9496f6bSchristos RSA_free(rsa);
432*4724848cSchristos EVP_PKEY_free(pkey);
433c9496f6bSchristos return 0;
434c9496f6bSchristos }
435c9496f6bSchristos
436c9496f6bSchristos ret = ssl_set_pkey(ctx->cert, pkey);
437c9496f6bSchristos EVP_PKEY_free(pkey);
438*4724848cSchristos return ret;
439c9496f6bSchristos }
440c9496f6bSchristos
SSL_CTX_use_RSAPrivateKey_file(SSL_CTX * ctx,const char * file,int type)441c9496f6bSchristos int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
442c9496f6bSchristos {
443c9496f6bSchristos int j, ret = 0;
444c9496f6bSchristos BIO *in;
445c9496f6bSchristos RSA *rsa = NULL;
446c9496f6bSchristos
447*4724848cSchristos in = BIO_new(BIO_s_file());
448c9496f6bSchristos if (in == NULL) {
449c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
450c9496f6bSchristos goto end;
451c9496f6bSchristos }
452c9496f6bSchristos
453c9496f6bSchristos if (BIO_read_filename(in, file) <= 0) {
454c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
455c9496f6bSchristos goto end;
456c9496f6bSchristos }
457c9496f6bSchristos if (type == SSL_FILETYPE_ASN1) {
458c9496f6bSchristos j = ERR_R_ASN1_LIB;
459c9496f6bSchristos rsa = d2i_RSAPrivateKey_bio(in, NULL);
460c9496f6bSchristos } else if (type == SSL_FILETYPE_PEM) {
461c9496f6bSchristos j = ERR_R_PEM_LIB;
462c9496f6bSchristos rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
463c9496f6bSchristos ctx->default_passwd_callback,
464c9496f6bSchristos ctx->default_passwd_callback_userdata);
465c9496f6bSchristos } else {
466c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
467c9496f6bSchristos goto end;
468c9496f6bSchristos }
469c9496f6bSchristos if (rsa == NULL) {
470c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
471c9496f6bSchristos goto end;
472c9496f6bSchristos }
473c9496f6bSchristos ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
474c9496f6bSchristos RSA_free(rsa);
475c9496f6bSchristos end:
476c9496f6bSchristos BIO_free(in);
477*4724848cSchristos return ret;
478c9496f6bSchristos }
479c9496f6bSchristos
SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX * ctx,const unsigned char * d,long len)480c9496f6bSchristos int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
481c9496f6bSchristos long len)
482c9496f6bSchristos {
483c9496f6bSchristos int ret;
484c9496f6bSchristos const unsigned char *p;
485c9496f6bSchristos RSA *rsa;
486c9496f6bSchristos
487c9496f6bSchristos p = d;
488c9496f6bSchristos if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
489c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
490*4724848cSchristos return 0;
491c9496f6bSchristos }
492c9496f6bSchristos
493c9496f6bSchristos ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
494c9496f6bSchristos RSA_free(rsa);
495*4724848cSchristos return ret;
496c9496f6bSchristos }
497c9496f6bSchristos #endif /* !OPENSSL_NO_RSA */
498c9496f6bSchristos
SSL_CTX_use_PrivateKey(SSL_CTX * ctx,EVP_PKEY * pkey)499c9496f6bSchristos int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
500c9496f6bSchristos {
501c9496f6bSchristos if (pkey == NULL) {
502c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
503*4724848cSchristos return 0;
504c9496f6bSchristos }
505*4724848cSchristos return ssl_set_pkey(ctx->cert, pkey);
506c9496f6bSchristos }
507c9496f6bSchristos
SSL_CTX_use_PrivateKey_file(SSL_CTX * ctx,const char * file,int type)508c9496f6bSchristos int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
509c9496f6bSchristos {
510c9496f6bSchristos int j, ret = 0;
511c9496f6bSchristos BIO *in;
512c9496f6bSchristos EVP_PKEY *pkey = NULL;
513c9496f6bSchristos
514*4724848cSchristos in = BIO_new(BIO_s_file());
515c9496f6bSchristos if (in == NULL) {
516c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
517c9496f6bSchristos goto end;
518c9496f6bSchristos }
519c9496f6bSchristos
520c9496f6bSchristos if (BIO_read_filename(in, file) <= 0) {
521c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
522c9496f6bSchristos goto end;
523c9496f6bSchristos }
524c9496f6bSchristos if (type == SSL_FILETYPE_PEM) {
525c9496f6bSchristos j = ERR_R_PEM_LIB;
526c9496f6bSchristos pkey = PEM_read_bio_PrivateKey(in, NULL,
527c9496f6bSchristos ctx->default_passwd_callback,
528c9496f6bSchristos ctx->default_passwd_callback_userdata);
529c9496f6bSchristos } else if (type == SSL_FILETYPE_ASN1) {
530c9496f6bSchristos j = ERR_R_ASN1_LIB;
531c9496f6bSchristos pkey = d2i_PrivateKey_bio(in, NULL);
532c9496f6bSchristos } else {
533c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
534c9496f6bSchristos goto end;
535c9496f6bSchristos }
536c9496f6bSchristos if (pkey == NULL) {
537c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
538c9496f6bSchristos goto end;
539c9496f6bSchristos }
540c9496f6bSchristos ret = SSL_CTX_use_PrivateKey(ctx, pkey);
541c9496f6bSchristos EVP_PKEY_free(pkey);
542c9496f6bSchristos end:
543c9496f6bSchristos BIO_free(in);
544*4724848cSchristos return ret;
545c9496f6bSchristos }
546c9496f6bSchristos
SSL_CTX_use_PrivateKey_ASN1(int type,SSL_CTX * ctx,const unsigned char * d,long len)547c9496f6bSchristos int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
548c9496f6bSchristos const unsigned char *d, long len)
549c9496f6bSchristos {
550c9496f6bSchristos int ret;
551c9496f6bSchristos const unsigned char *p;
552c9496f6bSchristos EVP_PKEY *pkey;
553c9496f6bSchristos
554c9496f6bSchristos p = d;
555c9496f6bSchristos if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
556c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
557*4724848cSchristos return 0;
558c9496f6bSchristos }
559c9496f6bSchristos
560c9496f6bSchristos ret = SSL_CTX_use_PrivateKey(ctx, pkey);
561c9496f6bSchristos EVP_PKEY_free(pkey);
562*4724848cSchristos return ret;
563c9496f6bSchristos }
564c9496f6bSchristos
565c9496f6bSchristos /*
566c9496f6bSchristos * Read a file that contains our certificate in "PEM" format, possibly
567c9496f6bSchristos * followed by a sequence of CA certificates that should be sent to the peer
568c9496f6bSchristos * in the Certificate message.
569c9496f6bSchristos */
use_certificate_chain_file(SSL_CTX * ctx,SSL * ssl,const char * file)570*4724848cSchristos static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file)
571c9496f6bSchristos {
572c9496f6bSchristos BIO *in;
573c9496f6bSchristos int ret = 0;
574c9496f6bSchristos X509 *x = NULL;
575*4724848cSchristos pem_password_cb *passwd_callback;
576*4724848cSchristos void *passwd_callback_userdata;
577c9496f6bSchristos
578c9496f6bSchristos ERR_clear_error(); /* clear error stack for
579c9496f6bSchristos * SSL_CTX_use_certificate() */
580c9496f6bSchristos
581*4724848cSchristos if (ctx != NULL) {
582*4724848cSchristos passwd_callback = ctx->default_passwd_callback;
583*4724848cSchristos passwd_callback_userdata = ctx->default_passwd_callback_userdata;
584*4724848cSchristos } else {
585*4724848cSchristos passwd_callback = ssl->default_passwd_callback;
586*4724848cSchristos passwd_callback_userdata = ssl->default_passwd_callback_userdata;
587*4724848cSchristos }
588*4724848cSchristos
589*4724848cSchristos in = BIO_new(BIO_s_file());
590c9496f6bSchristos if (in == NULL) {
591*4724848cSchristos SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
592c9496f6bSchristos goto end;
593c9496f6bSchristos }
594c9496f6bSchristos
595c9496f6bSchristos if (BIO_read_filename(in, file) <= 0) {
596*4724848cSchristos SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
597c9496f6bSchristos goto end;
598c9496f6bSchristos }
599c9496f6bSchristos
600*4724848cSchristos x = PEM_read_bio_X509_AUX(in, NULL, passwd_callback,
601*4724848cSchristos passwd_callback_userdata);
602c9496f6bSchristos if (x == NULL) {
603*4724848cSchristos SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
604c9496f6bSchristos goto end;
605c9496f6bSchristos }
606c9496f6bSchristos
607*4724848cSchristos if (ctx)
608c9496f6bSchristos ret = SSL_CTX_use_certificate(ctx, x);
609*4724848cSchristos else
610*4724848cSchristos ret = SSL_use_certificate(ssl, x);
611c9496f6bSchristos
612c9496f6bSchristos if (ERR_peek_error() != 0)
613c9496f6bSchristos ret = 0; /* Key/certificate mismatch doesn't imply
614c9496f6bSchristos * ret==0 ... */
615c9496f6bSchristos if (ret) {
616c9496f6bSchristos /*
617c9496f6bSchristos * If we could set up our certificate, now proceed to the CA
618c9496f6bSchristos * certificates.
619c9496f6bSchristos */
620c9496f6bSchristos X509 *ca;
621c9496f6bSchristos int r;
622c9496f6bSchristos unsigned long err;
623c9496f6bSchristos
624*4724848cSchristos if (ctx)
625*4724848cSchristos r = SSL_CTX_clear_chain_certs(ctx);
626*4724848cSchristos else
627*4724848cSchristos r = SSL_clear_chain_certs(ssl);
628c9496f6bSchristos
629*4724848cSchristos if (r == 0) {
630*4724848cSchristos ret = 0;
631*4724848cSchristos goto end;
632*4724848cSchristos }
633*4724848cSchristos
634*4724848cSchristos while ((ca = PEM_read_bio_X509(in, NULL, passwd_callback,
635*4724848cSchristos passwd_callback_userdata))
636c9496f6bSchristos != NULL) {
637*4724848cSchristos if (ctx)
638c9496f6bSchristos r = SSL_CTX_add0_chain_cert(ctx, ca);
639*4724848cSchristos else
640*4724848cSchristos r = SSL_add0_chain_cert(ssl, ca);
641*4724848cSchristos /*
642*4724848cSchristos * Note that we must not free ca if it was successfully added to
643*4724848cSchristos * the chain (while we must free the main certificate, since its
644*4724848cSchristos * reference count is increased by SSL_CTX_use_certificate).
645*4724848cSchristos */
646c9496f6bSchristos if (!r) {
647c9496f6bSchristos X509_free(ca);
648c9496f6bSchristos ret = 0;
649c9496f6bSchristos goto end;
650c9496f6bSchristos }
651c9496f6bSchristos }
652c9496f6bSchristos /* When the while loop ends, it's usually just EOF. */
653c9496f6bSchristos err = ERR_peek_last_error();
654c9496f6bSchristos if (ERR_GET_LIB(err) == ERR_LIB_PEM
655c9496f6bSchristos && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
656c9496f6bSchristos ERR_clear_error();
657c9496f6bSchristos else
658c9496f6bSchristos ret = 0; /* some real error */
659c9496f6bSchristos }
660c9496f6bSchristos
661c9496f6bSchristos end:
662c9496f6bSchristos X509_free(x);
663c9496f6bSchristos BIO_free(in);
664*4724848cSchristos return ret;
665c9496f6bSchristos }
666c9496f6bSchristos
SSL_CTX_use_certificate_chain_file(SSL_CTX * ctx,const char * file)667*4724848cSchristos int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
668*4724848cSchristos {
669*4724848cSchristos return use_certificate_chain_file(ctx, NULL, file);
670*4724848cSchristos }
671*4724848cSchristos
SSL_use_certificate_chain_file(SSL * ssl,const char * file)672*4724848cSchristos int SSL_use_certificate_chain_file(SSL *ssl, const char *file)
673*4724848cSchristos {
674*4724848cSchristos return use_certificate_chain_file(NULL, ssl, file);
675*4724848cSchristos }
676*4724848cSchristos
serverinfo_find_extension(const unsigned char * serverinfo,size_t serverinfo_length,unsigned int extension_type,const unsigned char ** extension_data,size_t * extension_length)677c9496f6bSchristos static int serverinfo_find_extension(const unsigned char *serverinfo,
678c9496f6bSchristos size_t serverinfo_length,
679c9496f6bSchristos unsigned int extension_type,
680c9496f6bSchristos const unsigned char **extension_data,
681c9496f6bSchristos size_t *extension_length)
682c9496f6bSchristos {
683*4724848cSchristos PACKET pkt, data;
684*4724848cSchristos
685c9496f6bSchristos *extension_data = NULL;
686c9496f6bSchristos *extension_length = 0;
687c9496f6bSchristos if (serverinfo == NULL || serverinfo_length == 0)
688c9496f6bSchristos return -1;
689*4724848cSchristos
690*4724848cSchristos if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length))
691*4724848cSchristos return -1;
692*4724848cSchristos
693c9496f6bSchristos for (;;) {
694c9496f6bSchristos unsigned int type = 0;
695*4724848cSchristos unsigned long context = 0;
696c9496f6bSchristos
697c9496f6bSchristos /* end of serverinfo */
698*4724848cSchristos if (PACKET_remaining(&pkt) == 0)
699c9496f6bSchristos return 0; /* Extension not found */
700c9496f6bSchristos
701*4724848cSchristos if (!PACKET_get_net_4(&pkt, &context)
702*4724848cSchristos || !PACKET_get_net_2(&pkt, &type)
703*4724848cSchristos || !PACKET_get_length_prefixed_2(&pkt, &data))
704*4724848cSchristos return -1;
705c9496f6bSchristos
706c9496f6bSchristos if (type == extension_type) {
707*4724848cSchristos *extension_data = PACKET_data(&data);
708*4724848cSchristos *extension_length = PACKET_remaining(&data);;
709c9496f6bSchristos return 1; /* Success */
710c9496f6bSchristos }
711c9496f6bSchristos }
712*4724848cSchristos /* Unreachable */
713c9496f6bSchristos }
714c9496f6bSchristos
serverinfoex_srv_parse_cb(SSL * s,unsigned int ext_type,unsigned int context,const unsigned char * in,size_t inlen,X509 * x,size_t chainidx,int * al,void * arg)715*4724848cSchristos static int serverinfoex_srv_parse_cb(SSL *s, unsigned int ext_type,
716*4724848cSchristos unsigned int context,
717c9496f6bSchristos const unsigned char *in,
718*4724848cSchristos size_t inlen, X509 *x, size_t chainidx,
719*4724848cSchristos int *al, void *arg)
720c9496f6bSchristos {
721c9496f6bSchristos
722c9496f6bSchristos if (inlen != 0) {
723c9496f6bSchristos *al = SSL_AD_DECODE_ERROR;
724c9496f6bSchristos return 0;
725c9496f6bSchristos }
726c9496f6bSchristos
727c9496f6bSchristos return 1;
728c9496f6bSchristos }
729c9496f6bSchristos
extension_contextoff(unsigned int version)730*4724848cSchristos static size_t extension_contextoff(unsigned int version)
731*4724848cSchristos {
732*4724848cSchristos return version == SSL_SERVERINFOV1 ? 4 : 0;
733*4724848cSchristos }
734*4724848cSchristos
extension_append_length(unsigned int version,size_t extension_length)735*4724848cSchristos static size_t extension_append_length(unsigned int version, size_t extension_length)
736*4724848cSchristos {
737*4724848cSchristos return extension_length + extension_contextoff(version);
738*4724848cSchristos }
739*4724848cSchristos
extension_append(unsigned int version,const unsigned char * extension,const size_t extension_length,unsigned char * serverinfo)740*4724848cSchristos static void extension_append(unsigned int version,
741*4724848cSchristos const unsigned char *extension,
742*4724848cSchristos const size_t extension_length,
743*4724848cSchristos unsigned char *serverinfo)
744*4724848cSchristos {
745*4724848cSchristos const size_t contextoff = extension_contextoff(version);
746*4724848cSchristos
747*4724848cSchristos if (contextoff > 0) {
748*4724848cSchristos /* We know this only uses the last 2 bytes */
749*4724848cSchristos serverinfo[0] = 0;
750*4724848cSchristos serverinfo[1] = 0;
751*4724848cSchristos serverinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
752*4724848cSchristos serverinfo[3] = SYNTHV1CONTEXT & 0xff;
753*4724848cSchristos }
754*4724848cSchristos
755*4724848cSchristos memcpy(serverinfo + contextoff, extension, extension_length);
756*4724848cSchristos }
757*4724848cSchristos
serverinfo_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)758*4724848cSchristos static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type,
759*4724848cSchristos const unsigned char *in,
760*4724848cSchristos size_t inlen, int *al, void *arg)
761*4724848cSchristos {
762*4724848cSchristos return serverinfoex_srv_parse_cb(s, ext_type, 0, in, inlen, NULL, 0, al,
763*4724848cSchristos arg);
764*4724848cSchristos }
765*4724848cSchristos
serverinfoex_srv_add_cb(SSL * s,unsigned int ext_type,unsigned int context,const unsigned char ** out,size_t * outlen,X509 * x,size_t chainidx,int * al,void * arg)766*4724848cSchristos static int serverinfoex_srv_add_cb(SSL *s, unsigned int ext_type,
767*4724848cSchristos unsigned int context,
768*4724848cSchristos const unsigned char **out,
769*4724848cSchristos size_t *outlen, X509 *x, size_t chainidx,
770c9496f6bSchristos int *al, void *arg)
771c9496f6bSchristos {
772c9496f6bSchristos const unsigned char *serverinfo = NULL;
773c9496f6bSchristos size_t serverinfo_length = 0;
774c9496f6bSchristos
775*4724848cSchristos /* We only support extensions for the first Certificate */
776*4724848cSchristos if ((context & SSL_EXT_TLS1_3_CERTIFICATE) != 0 && chainidx > 0)
777*4724848cSchristos return 0;
778*4724848cSchristos
779c9496f6bSchristos /* Is there serverinfo data for the chosen server cert? */
780c9496f6bSchristos if ((ssl_get_server_cert_serverinfo(s, &serverinfo,
781c9496f6bSchristos &serverinfo_length)) != 0) {
782c9496f6bSchristos /* Find the relevant extension from the serverinfo */
783c9496f6bSchristos int retval = serverinfo_find_extension(serverinfo, serverinfo_length,
784c9496f6bSchristos ext_type, out, outlen);
785c9496f6bSchristos if (retval == -1) {
786*4724848cSchristos *al = SSL_AD_INTERNAL_ERROR;
787c9496f6bSchristos return -1; /* Error */
788c9496f6bSchristos }
789c9496f6bSchristos if (retval == 0)
790c9496f6bSchristos return 0; /* No extension found, don't send extension */
791c9496f6bSchristos return 1; /* Send extension */
792c9496f6bSchristos }
793c9496f6bSchristos return 0; /* No serverinfo data found, don't send
794c9496f6bSchristos * extension */
795c9496f6bSchristos }
796c9496f6bSchristos
serverinfo_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)797*4724848cSchristos static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type,
798*4724848cSchristos const unsigned char **out, size_t *outlen,
799*4724848cSchristos int *al, void *arg)
800*4724848cSchristos {
801*4724848cSchristos return serverinfoex_srv_add_cb(s, ext_type, 0, out, outlen, NULL, 0, al,
802*4724848cSchristos arg);
803*4724848cSchristos }
804*4724848cSchristos
805c9496f6bSchristos /*
806c9496f6bSchristos * With a NULL context, this function just checks that the serverinfo data
807c9496f6bSchristos * parses correctly. With a non-NULL context, it registers callbacks for
808c9496f6bSchristos * the included extensions.
809c9496f6bSchristos */
serverinfo_process_buffer(unsigned int version,const unsigned char * serverinfo,size_t serverinfo_length,SSL_CTX * ctx)810*4724848cSchristos static int serverinfo_process_buffer(unsigned int version,
811*4724848cSchristos const unsigned char *serverinfo,
812c9496f6bSchristos size_t serverinfo_length, SSL_CTX *ctx)
813c9496f6bSchristos {
814*4724848cSchristos PACKET pkt;
815*4724848cSchristos
816c9496f6bSchristos if (serverinfo == NULL || serverinfo_length == 0)
817c9496f6bSchristos return 0;
818c9496f6bSchristos
819*4724848cSchristos if (version != SSL_SERVERINFOV1 && version != SSL_SERVERINFOV2)
820c9496f6bSchristos return 0;
821c9496f6bSchristos
822*4724848cSchristos if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length))
823*4724848cSchristos return 0;
824c9496f6bSchristos
825*4724848cSchristos while (PACKET_remaining(&pkt)) {
826*4724848cSchristos unsigned long context = 0;
827*4724848cSchristos unsigned int ext_type = 0;
828*4724848cSchristos PACKET data;
829c9496f6bSchristos
830*4724848cSchristos if ((version == SSL_SERVERINFOV2 && !PACKET_get_net_4(&pkt, &context))
831*4724848cSchristos || !PACKET_get_net_2(&pkt, &ext_type)
832*4724848cSchristos || !PACKET_get_length_prefixed_2(&pkt, &data))
833*4724848cSchristos return 0;
834*4724848cSchristos
835*4724848cSchristos if (ctx == NULL)
836*4724848cSchristos continue;
837*4724848cSchristos
838*4724848cSchristos /*
839*4724848cSchristos * The old style custom extensions API could be set separately for
840*4724848cSchristos * server/client, i.e. you could set one custom extension for a client,
841*4724848cSchristos * and *for the same extension in the same SSL_CTX* you could set a
842*4724848cSchristos * custom extension for the server as well. It seems quite weird to be
843*4724848cSchristos * setting a custom extension for both client and server in a single
844*4724848cSchristos * SSL_CTX - but theoretically possible. This isn't possible in the
845*4724848cSchristos * new API. Therefore, if we have V1 serverinfo we use the old API. We
846*4724848cSchristos * also use the old API even if we have V2 serverinfo but the context
847*4724848cSchristos * looks like an old style <= TLSv1.2 extension.
848*4724848cSchristos */
849*4724848cSchristos if (version == SSL_SERVERINFOV1 || context == SYNTHV1CONTEXT) {
850*4724848cSchristos if (!SSL_CTX_add_server_custom_ext(ctx, ext_type,
851c9496f6bSchristos serverinfo_srv_add_cb,
852c9496f6bSchristos NULL, NULL,
853c9496f6bSchristos serverinfo_srv_parse_cb,
854c9496f6bSchristos NULL))
855c9496f6bSchristos return 0;
856*4724848cSchristos } else {
857*4724848cSchristos if (!SSL_CTX_add_custom_ext(ctx, ext_type, context,
858*4724848cSchristos serverinfoex_srv_add_cb,
859*4724848cSchristos NULL, NULL,
860*4724848cSchristos serverinfoex_srv_parse_cb,
861*4724848cSchristos NULL))
862c9496f6bSchristos return 0;
863c9496f6bSchristos }
864c9496f6bSchristos }
865c9496f6bSchristos
866*4724848cSchristos return 1;
867*4724848cSchristos }
868*4724848cSchristos
SSL_CTX_use_serverinfo_ex(SSL_CTX * ctx,unsigned int version,const unsigned char * serverinfo,size_t serverinfo_length)869*4724848cSchristos int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
870*4724848cSchristos const unsigned char *serverinfo,
871c9496f6bSchristos size_t serverinfo_length)
872c9496f6bSchristos {
873*4724848cSchristos unsigned char *new_serverinfo = NULL;
874c9496f6bSchristos
875c9496f6bSchristos if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
876*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER);
877c9496f6bSchristos return 0;
878c9496f6bSchristos }
879*4724848cSchristos if (version == SSL_SERVERINFOV1) {
880*4724848cSchristos /*
881*4724848cSchristos * Convert serverinfo version v1 to v2 and call yourself recursively
882*4724848cSchristos * over the converted serverinfo.
883*4724848cSchristos */
884*4724848cSchristos const size_t sinfo_length = extension_append_length(SSL_SERVERINFOV1,
885*4724848cSchristos serverinfo_length);
886*4724848cSchristos unsigned char *sinfo;
887*4724848cSchristos int ret;
888*4724848cSchristos
889*4724848cSchristos sinfo = OPENSSL_malloc(sinfo_length);
890*4724848cSchristos if (sinfo == NULL) {
891*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE);
892c9496f6bSchristos return 0;
893c9496f6bSchristos }
894*4724848cSchristos
895*4724848cSchristos extension_append(SSL_SERVERINFOV1, serverinfo, serverinfo_length, sinfo);
896*4724848cSchristos
897*4724848cSchristos ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, sinfo,
898*4724848cSchristos sinfo_length);
899*4724848cSchristos
900*4724848cSchristos OPENSSL_free(sinfo);
901*4724848cSchristos return ret;
902*4724848cSchristos }
903*4724848cSchristos if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
904*4724848cSchristos NULL)) {
905*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
906c9496f6bSchristos return 0;
907c9496f6bSchristos }
908c9496f6bSchristos if (ctx->cert->key == NULL) {
909*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_INTERNAL_ERROR);
910c9496f6bSchristos return 0;
911c9496f6bSchristos }
912c9496f6bSchristos new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
913c9496f6bSchristos serverinfo_length);
914c9496f6bSchristos if (new_serverinfo == NULL) {
915*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE);
916c9496f6bSchristos return 0;
917c9496f6bSchristos }
918c9496f6bSchristos ctx->cert->key->serverinfo = new_serverinfo;
919c9496f6bSchristos memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
920c9496f6bSchristos ctx->cert->key->serverinfo_length = serverinfo_length;
921c9496f6bSchristos
922c9496f6bSchristos /*
923c9496f6bSchristos * Now that the serverinfo is validated and stored, go ahead and
924c9496f6bSchristos * register callbacks.
925c9496f6bSchristos */
926*4724848cSchristos if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
927*4724848cSchristos ctx)) {
928*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
929c9496f6bSchristos return 0;
930c9496f6bSchristos }
931c9496f6bSchristos return 1;
932c9496f6bSchristos }
933c9496f6bSchristos
SSL_CTX_use_serverinfo(SSL_CTX * ctx,const unsigned char * serverinfo,size_t serverinfo_length)934*4724848cSchristos int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
935*4724848cSchristos size_t serverinfo_length)
936*4724848cSchristos {
937*4724848cSchristos return SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV1, serverinfo,
938*4724848cSchristos serverinfo_length);
939*4724848cSchristos }
940*4724848cSchristos
SSL_CTX_use_serverinfo_file(SSL_CTX * ctx,const char * file)941c9496f6bSchristos int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
942c9496f6bSchristos {
943c9496f6bSchristos unsigned char *serverinfo = NULL;
944*4724848cSchristos unsigned char *tmp;
945c9496f6bSchristos size_t serverinfo_length = 0;
946c9496f6bSchristos unsigned char *extension = 0;
947c9496f6bSchristos long extension_length = 0;
948c9496f6bSchristos char *name = NULL;
949c9496f6bSchristos char *header = NULL;
950*4724848cSchristos char namePrefix1[] = "SERVERINFO FOR ";
951*4724848cSchristos char namePrefix2[] = "SERVERINFOV2 FOR ";
952c9496f6bSchristos int ret = 0;
953c9496f6bSchristos BIO *bin = NULL;
954c9496f6bSchristos size_t num_extensions = 0;
955c9496f6bSchristos
956c9496f6bSchristos if (ctx == NULL || file == NULL) {
957*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER);
958c9496f6bSchristos goto end;
959c9496f6bSchristos }
960c9496f6bSchristos
961*4724848cSchristos bin = BIO_new(BIO_s_file());
962c9496f6bSchristos if (bin == NULL) {
963c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB);
964c9496f6bSchristos goto end;
965c9496f6bSchristos }
966c9496f6bSchristos if (BIO_read_filename(bin, file) <= 0) {
967c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB);
968c9496f6bSchristos goto end;
969c9496f6bSchristos }
970c9496f6bSchristos
971c9496f6bSchristos for (num_extensions = 0;; num_extensions++) {
972*4724848cSchristos unsigned int version;
973*4724848cSchristos size_t append_length;
974*4724848cSchristos
975c9496f6bSchristos if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
976c9496f6bSchristos == 0) {
977c9496f6bSchristos /*
978c9496f6bSchristos * There must be at least one extension in this file
979c9496f6bSchristos */
980c9496f6bSchristos if (num_extensions == 0) {
981c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
982c9496f6bSchristos SSL_R_NO_PEM_EXTENSIONS);
983c9496f6bSchristos goto end;
984c9496f6bSchristos } else /* End of file, we're done */
985c9496f6bSchristos break;
986c9496f6bSchristos }
987c9496f6bSchristos /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
988*4724848cSchristos if (strlen(name) < strlen(namePrefix1)) {
989*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT);
990*4724848cSchristos goto end;
991*4724848cSchristos }
992*4724848cSchristos if (strncmp(name, namePrefix1, strlen(namePrefix1)) == 0) {
993*4724848cSchristos version = SSL_SERVERINFOV1;
994*4724848cSchristos } else {
995*4724848cSchristos if (strlen(name) < strlen(namePrefix2)) {
996c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
997c9496f6bSchristos SSL_R_PEM_NAME_TOO_SHORT);
998c9496f6bSchristos goto end;
999c9496f6bSchristos }
1000*4724848cSchristos if (strncmp(name, namePrefix2, strlen(namePrefix2)) != 0) {
1001c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
1002c9496f6bSchristos SSL_R_PEM_NAME_BAD_PREFIX);
1003c9496f6bSchristos goto end;
1004c9496f6bSchristos }
1005*4724848cSchristos version = SSL_SERVERINFOV2;
1006*4724848cSchristos }
1007c9496f6bSchristos /*
1008c9496f6bSchristos * Check that the decoded PEM data is plausible (valid length field)
1009c9496f6bSchristos */
1010*4724848cSchristos if (version == SSL_SERVERINFOV1) {
1011*4724848cSchristos /* 4 byte header: 2 bytes type, 2 bytes len */
1012c9496f6bSchristos if (extension_length < 4
1013*4724848cSchristos || (extension[2] << 8) + extension[3]
1014*4724848cSchristos != extension_length - 4) {
1015c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
1016c9496f6bSchristos goto end;
1017c9496f6bSchristos }
1018*4724848cSchristos } else {
1019*4724848cSchristos /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
1020*4724848cSchristos if (extension_length < 8
1021*4724848cSchristos || (extension[6] << 8) + extension[7]
1022*4724848cSchristos != extension_length - 8) {
1023*4724848cSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
1024*4724848cSchristos goto end;
1025*4724848cSchristos }
1026*4724848cSchristos }
1027c9496f6bSchristos /* Append the decoded extension to the serverinfo buffer */
1028*4724848cSchristos append_length = extension_append_length(version, extension_length);
1029*4724848cSchristos tmp = OPENSSL_realloc(serverinfo, serverinfo_length + append_length);
1030*4724848cSchristos if (tmp == NULL) {
1031c9496f6bSchristos SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
1032c9496f6bSchristos goto end;
1033c9496f6bSchristos }
1034*4724848cSchristos serverinfo = tmp;
1035*4724848cSchristos extension_append(version, extension, extension_length,
1036*4724848cSchristos serverinfo + serverinfo_length);
1037*4724848cSchristos serverinfo_length += append_length;
1038c9496f6bSchristos
1039c9496f6bSchristos OPENSSL_free(name);
1040c9496f6bSchristos name = NULL;
1041c9496f6bSchristos OPENSSL_free(header);
1042c9496f6bSchristos header = NULL;
1043c9496f6bSchristos OPENSSL_free(extension);
1044c9496f6bSchristos extension = NULL;
1045c9496f6bSchristos }
1046c9496f6bSchristos
1047*4724848cSchristos ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, serverinfo,
1048*4724848cSchristos serverinfo_length);
1049c9496f6bSchristos end:
1050c9496f6bSchristos /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
1051c9496f6bSchristos OPENSSL_free(name);
1052c9496f6bSchristos OPENSSL_free(header);
1053c9496f6bSchristos OPENSSL_free(extension);
1054c9496f6bSchristos OPENSSL_free(serverinfo);
1055c9496f6bSchristos BIO_free(bin);
1056c9496f6bSchristos return ret;
1057c9496f6bSchristos }
1058*4724848cSchristos
ssl_set_cert_and_key(SSL * ssl,SSL_CTX * ctx,X509 * x509,EVP_PKEY * privatekey,STACK_OF (X509)* chain,int override)1059*4724848cSchristos static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
1060*4724848cSchristos STACK_OF(X509) *chain, int override)
1061*4724848cSchristos {
1062*4724848cSchristos int ret = 0;
1063*4724848cSchristos size_t i;
1064*4724848cSchristos int j;
1065*4724848cSchristos int rv;
1066*4724848cSchristos CERT *c = ssl != NULL ? ssl->cert : ctx->cert;
1067*4724848cSchristos STACK_OF(X509) *dup_chain = NULL;
1068*4724848cSchristos EVP_PKEY *pubkey = NULL;
1069*4724848cSchristos
1070*4724848cSchristos /* Do all security checks before anything else */
1071*4724848cSchristos rv = ssl_security_cert(ssl, ctx, x509, 0, 1);
1072*4724848cSchristos if (rv != 1) {
1073*4724848cSchristos SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv);
1074*4724848cSchristos goto out;
1075*4724848cSchristos }
1076*4724848cSchristos for (j = 0; j < sk_X509_num(chain); j++) {
1077*4724848cSchristos rv = ssl_security_cert(ssl, ctx, sk_X509_value(chain, j), 0, 0);
1078*4724848cSchristos if (rv != 1) {
1079*4724848cSchristos SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv);
1080*4724848cSchristos goto out;
1081*4724848cSchristos }
1082*4724848cSchristos }
1083*4724848cSchristos
1084*4724848cSchristos pubkey = X509_get_pubkey(x509); /* bumps reference */
1085*4724848cSchristos if (pubkey == NULL)
1086*4724848cSchristos goto out;
1087*4724848cSchristos if (privatekey == NULL) {
1088*4724848cSchristos privatekey = pubkey;
1089*4724848cSchristos } else {
1090*4724848cSchristos /* For RSA, which has no parameters, missing returns 0 */
1091*4724848cSchristos if (EVP_PKEY_missing_parameters(privatekey)) {
1092*4724848cSchristos if (EVP_PKEY_missing_parameters(pubkey)) {
1093*4724848cSchristos /* nobody has parameters? - error */
1094*4724848cSchristos SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_MISSING_PARAMETERS);
1095*4724848cSchristos goto out;
1096*4724848cSchristos } else {
1097*4724848cSchristos /* copy to privatekey from pubkey */
1098*4724848cSchristos EVP_PKEY_copy_parameters(privatekey, pubkey);
1099*4724848cSchristos }
1100*4724848cSchristos } else if (EVP_PKEY_missing_parameters(pubkey)) {
1101*4724848cSchristos /* copy to pubkey from privatekey */
1102*4724848cSchristos EVP_PKEY_copy_parameters(pubkey, privatekey);
1103*4724848cSchristos } /* else both have parameters */
1104*4724848cSchristos
1105*4724848cSchristos /* check that key <-> cert match */
1106*4724848cSchristos if (EVP_PKEY_cmp(pubkey, privatekey) != 1) {
1107*4724848cSchristos SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_PRIVATE_KEY_MISMATCH);
1108*4724848cSchristos goto out;
1109*4724848cSchristos }
1110*4724848cSchristos }
1111*4724848cSchristos if (ssl_cert_lookup_by_pkey(pubkey, &i) == NULL) {
1112*4724848cSchristos SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
1113*4724848cSchristos goto out;
1114*4724848cSchristos }
1115*4724848cSchristos
1116*4724848cSchristos if (!override && (c->pkeys[i].x509 != NULL
1117*4724848cSchristos || c->pkeys[i].privatekey != NULL
1118*4724848cSchristos || c->pkeys[i].chain != NULL)) {
1119*4724848cSchristos /* No override, and something already there */
1120*4724848cSchristos SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_NOT_REPLACING_CERTIFICATE);
1121*4724848cSchristos goto out;
1122*4724848cSchristos }
1123*4724848cSchristos
1124*4724848cSchristos if (chain != NULL) {
1125*4724848cSchristos dup_chain = X509_chain_up_ref(chain);
1126*4724848cSchristos if (dup_chain == NULL) {
1127*4724848cSchristos SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, ERR_R_MALLOC_FAILURE);
1128*4724848cSchristos goto out;
1129*4724848cSchristos }
1130*4724848cSchristos }
1131*4724848cSchristos
1132*4724848cSchristos sk_X509_pop_free(c->pkeys[i].chain, X509_free);
1133*4724848cSchristos c->pkeys[i].chain = dup_chain;
1134*4724848cSchristos
1135*4724848cSchristos X509_free(c->pkeys[i].x509);
1136*4724848cSchristos X509_up_ref(x509);
1137*4724848cSchristos c->pkeys[i].x509 = x509;
1138*4724848cSchristos
1139*4724848cSchristos EVP_PKEY_free(c->pkeys[i].privatekey);
1140*4724848cSchristos EVP_PKEY_up_ref(privatekey);
1141*4724848cSchristos c->pkeys[i].privatekey = privatekey;
1142*4724848cSchristos
1143*4724848cSchristos c->key = &(c->pkeys[i]);
1144*4724848cSchristos
1145*4724848cSchristos ret = 1;
1146*4724848cSchristos out:
1147*4724848cSchristos EVP_PKEY_free(pubkey);
1148*4724848cSchristos return ret;
1149*4724848cSchristos }
1150*4724848cSchristos
SSL_use_cert_and_key(SSL * ssl,X509 * x509,EVP_PKEY * privatekey,STACK_OF (X509)* chain,int override)1151*4724848cSchristos int SSL_use_cert_and_key(SSL *ssl, X509 *x509, EVP_PKEY *privatekey,
1152*4724848cSchristos STACK_OF(X509) *chain, int override)
1153*4724848cSchristos {
1154*4724848cSchristos return ssl_set_cert_and_key(ssl, NULL, x509, privatekey, chain, override);
1155*4724848cSchristos }
1156*4724848cSchristos
SSL_CTX_use_cert_and_key(SSL_CTX * ctx,X509 * x509,EVP_PKEY * privatekey,STACK_OF (X509)* chain,int override)1157*4724848cSchristos int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
1158*4724848cSchristos STACK_OF(X509) *chain, int override)
1159*4724848cSchristos {
1160*4724848cSchristos return ssl_set_cert_and_key(NULL, ctx, x509, privatekey, chain, override);
1161*4724848cSchristos }
1162