xref: /netbsd-src/external/ibm-public/postfix/dist/src/tls/tls_rsa.c (revision cef8759bd76c1b621f8eab8faa6f208faabc2e15) 
1 /*	$NetBSD: tls_rsa.c,v 1.3 2020/03/18 19:05:21 christos Exp $	*/
2 
3 /*++
4 /* NAME
5 /*	tls_rsa
6 /* SUMMARY
7 /*	RSA support
8 /* SYNOPSIS
9 /*	#define TLS_INTERNAL
10 /*	#include <tls.h>
11 /*
12 /*	RSA	*tls_tmp_rsa_cb(ssl, export, keylength)
13 /*	SSL	*ssl; /* unused */
14 /*	int	export;
15 /*	int	keylength;
16 /* DESCRIPTION
17 /*	tls_tmp_rsa_cb() is a call-back routine for the
18 /*	SSL_CTX_set_tmp_rsa_callback() function.
19 /*
20 /*	This implementation will generate only 512-bit ephemeral
21 /*	RSA keys for export ciphersuites. It will log a warning in
22 /*	all other usage contexts.
23 /* LICENSE
24 /* .ad
25 /* .fi
26 /*	This software is free. You can do with it whatever you want.
27 /*	The original author kindly requests that you acknowledge
28 /*	the use of his software.
29 /* AUTHOR(S)
30 /*	Originally written by:
31 /*	Lutz Jaenicke
32 /*	BTU Cottbus
33 /*	Allgemeine Elektrotechnik
34 /*	Universitaetsplatz 3-4
35 /*	D-03044 Cottbus, Germany
36 /*
37 /*	Updated by:
38 /*	Wietse Venema
39 /*	IBM T.J. Watson Research
40 /*	P.O. Box 704
41 /*	Yorktown Heights, NY 10598, USA
42 /*
43 /*	Viktor Dukhovni.
44 /*--*/
45 
46 /* System library. */
47 
48 #include <sys_defs.h>
49 #include <msg.h>
50 
51 #ifdef USE_TLS
52 
53 /* TLS library. */
54 
55 #define TLS_INTERNAL
56 #include <tls.h>
57 #include <openssl/rsa.h>
58 
59  /*
60   * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
61   */
62 #if OPENSSL_VERSION_NUMBER < 0x10100000L
63 
64 /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
65 
66 RSA    *tls_tmp_rsa_cb(SSL *unused_ssl, int export, int keylength)
67 {
68     static RSA *rsa_tmp;
69 
70     /*
71      * We generate ephemeral RSA keys only for export ciphersuites.  In all
72      * other contexts use of ephemeral RSA keys violates the SSL/TLS
73      * protocol, and only takes place when applications ask for trouble and
74      * set the SSL_OP_EPHEMERAL_RSA option.  Postfix should never do that.
75      */
76     if (!export || keylength != 512) {
77 	msg_warn("%sexport %d-bit ephemeral RSA key requested",
78 		 export ? "" : "non-", keylength);
79 	return 0;
80     }
81     if (rsa_tmp == 0) {
82 	BIGNUM *e = BN_new();
83 
84 	if (e != 0 && BN_set_word(e, RSA_F4) && (rsa_tmp = RSA_new()) != 0)
85 	    if (!RSA_generate_key_ex(rsa_tmp, keylength, e, 0)) {
86 		RSA_free(rsa_tmp);
87 		rsa_tmp = 0;
88 	    }
89 	if (e)
90 	    BN_free(e);
91     }
92     return (rsa_tmp);
93 }
94 
95 #endif					/* OPENSSL_VERSION_NUMBER */
96 
97 #ifdef TEST
98 
99 #include <msg_vstream.h>
100 
101 int     main(int unused_argc, char *const argv[])
102 {
103     int     ok = 0;
104 
105     /*
106      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
107      */
108 #if OPENSSL_VERSION_NUMBER < 0x10100000L
109     RSA    *rsa;
110 
111     msg_vstream_init(argv[0], VSTREAM_ERR);
112 
113     /* Export at 512-bits should work */
114     rsa = tls_tmp_rsa_cb(0, 1, 512);
115     ok = rsa != 0 && RSA_size(rsa) == 512 / 8;
116     ok = ok && PEM_write_RSAPrivateKey(stdout, rsa, 0, 0, 0, 0, 0);
117     tls_print_errors();
118 
119     /* Non-export or unexpected bit length should fail */
120     ok = ok && tls_tmp_rsa_cb(0, 0, 512) == 0;
121     ok = ok && tls_tmp_rsa_cb(0, 1, 1024) == 0;
122 #endif
123 
124     return ok ? 0 : 1;
125 }
126 
127 #endif
128 
129 #endif
130