xref: /netbsd-src/external/ibm-public/postfix/dist/src/tls/tls_rsa.c (revision c38e7cc395b1472a774ff828e46123de44c628e9) 
1 /*	$NetBSD: tls_rsa.c,v 1.2 2017/02/14 01:16:48 christos Exp $	*/
2 
3 /*++
4 /* NAME
5 /*	tls_rsa
6 /* SUMMARY
7 /*	RSA support
8 /* SYNOPSIS
9 /*	#define TLS_INTERNAL
10 /*	#include <tls.h>
11 /*
12 /*	RSA	*tls_tmp_rsa_cb(ssl, export, keylength)
13 /*	SSL	*ssl; /* unused */
14 /*	int	export;
15 /*	int	keylength;
16 /* DESCRIPTION
17 /*	tls_tmp_rsa_cb() is a call-back routine for the
18 /*	SSL_CTX_set_tmp_rsa_callback() function.
19 /*
20 /*	This implementation will generate only 512-bit ephemeral
21 /*	RSA keys for export ciphersuites. It will log a warning in
22 /*	all other usage contexts.
23 /* LICENSE
24 /* .ad
25 /* .fi
26 /*	This software is free. You can do with it whatever you want.
27 /*	The original author kindly requests that you acknowledge
28 /*	the use of his software.
29 /* AUTHOR(S)
30 /*	Originally written by:
31 /*	Lutz Jaenicke
32 /*	BTU Cottbus
33 /*	Allgemeine Elektrotechnik
34 /*	Universitaetsplatz 3-4
35 /*	D-03044 Cottbus, Germany
36 /*
37 /*	Updated by:
38 /*	Wietse Venema
39 /*	IBM T.J. Watson Research
40 /*	P.O. Box 704
41 /*	Yorktown Heights, NY 10598, USA
42 /*
43 /*	Viktor Dukhovni.
44 /*--*/
45 
46 /* System library. */
47 
48 #include <sys_defs.h>
49 #include <msg.h>
50 
51 #ifdef USE_TLS
52 
53 /* TLS library. */
54 
55 #define TLS_INTERNAL
56 #include <tls.h>
57 #include <openssl/rsa.h>
58 
59  /*
60   * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
61   */
62 #if OPENSSL_VERSION_NUMBER < 0x10100000L
63 
64 /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
65 
66 RSA    *tls_tmp_rsa_cb(SSL *unused_ssl, int export, int keylength)
67 {
68     static RSA *rsa_tmp;
69 
70     /*
71      * We generate ephemeral RSA keys only for export ciphersuites.  In all
72      * other contexts use of ephemeral RSA keys violates the SSL/TLS
73      * protocol, and only takes place when applications ask for trouble and
74      * set the SSL_OP_EPHEMERAL_RSA option.  Postfix should never do that.
75      */
76     if (!export || keylength != 512) {
77 	msg_warn("%sexport %d-bit ephemeral RSA key requested",
78 		 export ? "" : "non-", keylength);
79 	return 0;
80     }
81 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
82     if (rsa_tmp == 0) {
83 	BIGNUM *e = BN_new();
84 
85 	if (e != 0 && BN_set_word(e, RSA_F4) && (rsa_tmp = RSA_new()) != 0)
86 	    if (!RSA_generate_key_ex(rsa_tmp, keylength, e, 0)) {
87 		RSA_free(rsa_tmp);
88 		rsa_tmp = 0;
89 	    }
90 	if (e)
91 	    BN_free(e);
92     }
93 #else
94     if (rsa_tmp == 0)
95 	rsa_tmp = RSA_generate_key(keylength, RSA_F4, NULL, NULL);
96 #endif
97 
98     return (rsa_tmp);
99 }
100 
101 #endif					/* OPENSSL_VERSION_NUMBER */
102 
103 #ifdef TEST
104 
105 #include <msg_vstream.h>
106 
107 int     main(int unused_argc, char *const argv[])
108 {
109     int     ok = 0;
110 
111     /*
112      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
113      */
114 #if OPENSSL_VERSION_NUMBER < 0x10100000L
115     RSA    *rsa;
116 
117     msg_vstream_init(argv[0], VSTREAM_ERR);
118 
119     /* Export at 512-bits should work */
120     rsa = tls_tmp_rsa_cb(0, 1, 512);
121     ok = rsa != 0 && RSA_size(rsa) == 512 / 8;
122     ok = ok && PEM_write_RSAPrivateKey(stdout, rsa, 0, 0, 0, 0, 0);
123     tls_print_errors();
124 
125     /* Non-export or unexpected bit length should fail */
126     ok = ok && tls_tmp_rsa_cb(0, 0, 512) == 0;
127     ok = ok && tls_tmp_rsa_cb(0, 1, 1024) == 0;
128 #endif
129 
130     return ok ? 0 : 1;
131 }
132 
133 #endif
134 
135 #endif
136