1 /* $OpenBSD: ssltest.c,v 1.33 2021/11/21 21:40:45 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly 144 on Linux and GNU platforms. */ 145 #include <sys/types.h> 146 #include <sys/socket.h> 147 148 #include <netinet/in.h> 149 150 #include <assert.h> 151 #include <errno.h> 152 #include <limits.h> 153 #include <netdb.h> 154 #include <stdio.h> 155 #include <stdlib.h> 156 #include <string.h> 157 #include <time.h> 158 #include <unistd.h> 159 160 #include <ctype.h> 161 162 #include <openssl/opensslconf.h> 163 #include <openssl/bio.h> 164 #include <openssl/crypto.h> 165 #include <openssl/evp.h> 166 #include <openssl/x509.h> 167 #include <openssl/x509v3.h> 168 #include <openssl/ssl.h> 169 #ifndef OPENSSL_NO_ENGINE 170 #include <openssl/engine.h> 171 #endif 172 #include <openssl/err.h> 173 #include <openssl/rand.h> 174 #include <openssl/rsa.h> 175 #include <openssl/dsa.h> 176 #include <openssl/dh.h> 177 #include <openssl/bn.h> 178 179 #include "ssl_locl.h" 180 181 #define TEST_SERVER_CERT "../apps/server.pem" 182 #define TEST_CLIENT_CERT "../apps/client.pem" 183 184 static int verify_callback(int ok, X509_STORE_CTX *ctx); 185 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 186 #define APP_CALLBACK_STRING "Test Callback Argument" 187 struct app_verify_arg { 188 char *string; 189 int app_verify; 190 int allow_proxy_certs; 191 char *proxy_auth; 192 char *proxy_cond; 193 }; 194 195 static DH *get_dh1024(void); 196 static DH *get_dh1024dsa(void); 197 198 static BIO *bio_err = NULL; 199 static BIO *bio_stdout = NULL; 200 201 static const char *alpn_client; 202 static const char *alpn_server; 203 static const char *alpn_expected; 204 static unsigned char *alpn_selected; 205 206 /* 207 * next_protos_parse parses a comma separated list of strings into a string 208 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 209 * outlen: (output) set to the length of the resulting buffer on success. 210 * err: (maybe NULL) on failure, an error message line is written to this BIO. 211 * in: a NUL terminated string like "abc,def,ghi" 212 * 213 * returns: a malloced buffer or NULL on failure. 214 */ 215 static unsigned char * 216 next_protos_parse(unsigned short *outlen, const char *in) 217 { 218 size_t i, len, start = 0; 219 unsigned char *out; 220 221 len = strlen(in); 222 if (len >= 65535) 223 return (NULL); 224 225 if ((out = malloc(strlen(in) + 1)) == NULL) 226 return (NULL); 227 228 for (i = 0; i <= len; ++i) { 229 if (i == len || in[i] == ',') { 230 if (i - start > 255) { 231 free(out); 232 return (NULL); 233 } 234 out[start] = i - start; 235 start = i + 1; 236 } else 237 out[i+1] = in[i]; 238 } 239 *outlen = len + 1; 240 return (out); 241 } 242 243 static int 244 cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, 245 const unsigned char *in, unsigned int inlen, void *arg) 246 { 247 unsigned char *protos; 248 unsigned short protos_len; 249 250 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) { 251 fprintf(stderr, 252 "failed to parser ALPN server protocol string: %s\n", 253 alpn_server); 254 abort(); 255 } 256 257 if (SSL_select_next_proto((unsigned char **)out, outlen, protos, 258 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) { 259 free(protos); 260 return (SSL_TLSEXT_ERR_NOACK); 261 } 262 263 /* 264 * Make a copy of the selected protocol which will be freed in 265 * verify_alpn. 266 */ 267 if ((alpn_selected = malloc(*outlen)) == NULL) { 268 fprintf(stderr, "malloc failed\n"); 269 abort(); 270 } 271 memcpy(alpn_selected, *out, *outlen); 272 *out = alpn_selected; 273 free(protos); 274 275 return (SSL_TLSEXT_ERR_OK); 276 } 277 278 static int 279 verify_alpn(SSL *client, SSL *server) 280 { 281 const unsigned char *client_proto, *server_proto; 282 unsigned int client_proto_len = 0, server_proto_len = 0; 283 284 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 285 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 286 287 free(alpn_selected); 288 alpn_selected = NULL; 289 290 if (client_proto_len != server_proto_len || 291 memcmp(client_proto, server_proto, client_proto_len) != 0) { 292 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 293 goto err; 294 } 295 296 if (client_proto_len > 0 && alpn_expected == NULL) { 297 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 298 goto err; 299 } 300 301 if (alpn_expected != NULL && 302 (client_proto_len != strlen(alpn_expected) || 303 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 304 BIO_printf(bio_stdout, "ALPN selected protocols not equal to " 305 "expected protocol: %s\n", alpn_expected); 306 goto err; 307 } 308 309 return (0); 310 311 err: 312 BIO_printf(bio_stdout, "ALPN results: client: '"); 313 BIO_write(bio_stdout, client_proto, client_proto_len); 314 BIO_printf(bio_stdout, "', server: '"); 315 BIO_write(bio_stdout, server_proto, server_proto_len); 316 BIO_printf(bio_stdout, "'\n"); 317 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", 318 alpn_client, alpn_server); 319 320 return (-1); 321 } 322 323 static char *cipher = NULL; 324 static int verbose = 0; 325 static int debug = 0; 326 327 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 328 clock_t *c_time); 329 int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 330 331 static void 332 sv_usage(void) 333 { 334 fprintf(stderr, "usage: ssltest [args ...]\n"); 335 fprintf(stderr, "\n"); 336 fprintf(stderr, " -server_auth - check server certificate\n"); 337 fprintf(stderr, " -client_auth - do client authentication\n"); 338 fprintf(stderr, " -proxy - allow proxy certificates\n"); 339 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 340 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n"); 341 fprintf(stderr, " -v - more output\n"); 342 fprintf(stderr, " -d - debug output\n"); 343 fprintf(stderr, " -reuse - use session-id reuse\n"); 344 fprintf(stderr, " -num <val> - number of connections to perform\n"); 345 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n"); 346 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 347 fprintf(stderr, " -no_dhe - disable DHE\n"); 348 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 349 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 350 fprintf(stderr, " -tls1 - use TLSv1\n"); 351 fprintf(stderr, " -tls1_2 - use TLSv1.2\n"); 352 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 353 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 354 fprintf(stderr, " -cert arg - Server certificate file\n"); 355 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); 356 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 357 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); 358 fprintf(stderr, " -cipher arg - The cipher list\n"); 359 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 360 fprintf(stderr, " -f - Test even cases that can't work\n"); 361 fprintf(stderr, " -time - measure processor time used by client and server\n"); 362 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 363 " Use \"openssl ecparam -list_curves\" for all names\n" \ 364 " (default is sect163r2).\n"); 365 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 366 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 367 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 368 } 369 370 static void 371 print_details(SSL *c_ssl, const char *prefix) 372 { 373 const SSL_CIPHER *ciph; 374 X509 *cert = NULL; 375 EVP_PKEY *pkey; 376 377 ciph = SSL_get_current_cipher(c_ssl); 378 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 379 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), 380 SSL_CIPHER_get_name(ciph)); 381 382 if ((cert = SSL_get_peer_certificate(c_ssl)) == NULL) 383 goto out; 384 if ((pkey = X509_get0_pubkey(cert)) == NULL) 385 goto out; 386 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { 387 RSA *rsa; 388 389 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) 390 goto out; 391 392 BIO_printf(bio_stdout, ", %d bit RSA", RSA_bits(rsa)); 393 } else if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) { 394 DSA *dsa; 395 const BIGNUM *p; 396 397 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL) 398 goto out; 399 400 DSA_get0_pqg(dsa, &p, NULL, NULL); 401 402 BIO_printf(bio_stdout, ", %d bit DSA", BN_num_bits(p)); 403 } 404 405 out: 406 /* 407 * The SSL API does not allow us to look at temporary RSA/DH keys, 408 * otherwise we should print their lengths too 409 */ 410 BIO_printf(bio_stdout, "\n"); 411 412 X509_free(cert); 413 } 414 415 int 416 main(int argc, char *argv[]) 417 { 418 char *CApath = NULL, *CAfile = NULL; 419 int badop = 0; 420 int bio_pair = 0; 421 int force = 0; 422 int tls1 = 0, tls1_2 = 0, dtls1 = 0, ret = 1; 423 int client_auth = 0; 424 int server_auth = 0, i; 425 struct app_verify_arg app_verify_arg = 426 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 427 char *server_cert = TEST_SERVER_CERT; 428 char *server_key = NULL; 429 char *client_cert = TEST_CLIENT_CERT; 430 char *client_key = NULL; 431 char *named_curve = NULL; 432 SSL_CTX *s_ctx = NULL; 433 SSL_CTX *c_ctx = NULL; 434 const SSL_METHOD *meth = NULL; 435 SSL *c_ssl, *s_ssl; 436 int number = 1, reuse = 0; 437 long bytes = 256L; 438 DH *dh; 439 int dhe1024dsa = 0; 440 EC_KEY *ecdh = NULL; 441 int no_dhe = 0; 442 int no_ecdhe = 0; 443 int print_time = 0; 444 clock_t s_time = 0, c_time = 0; 445 446 verbose = 0; 447 debug = 0; 448 cipher = 0; 449 450 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); 451 452 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); 453 454 argc--; 455 argv++; 456 457 while (argc >= 1) { 458 if (!strcmp(*argv, "-F")) { 459 fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n"); 460 exit(0); 461 } else if (strcmp(*argv, "-server_auth") == 0) 462 server_auth = 1; 463 else if (strcmp(*argv, "-client_auth") == 0) 464 client_auth = 1; 465 else if (strcmp(*argv, "-proxy_auth") == 0) { 466 if (--argc < 1) 467 goto bad; 468 app_verify_arg.proxy_auth= *(++argv); 469 } else if (strcmp(*argv, "-proxy_cond") == 0) { 470 if (--argc < 1) 471 goto bad; 472 app_verify_arg.proxy_cond= *(++argv); 473 } else if (strcmp(*argv, "-v") == 0) 474 verbose = 1; 475 else if (strcmp(*argv, "-d") == 0) 476 debug = 1; 477 else if (strcmp(*argv, "-reuse") == 0) 478 reuse = 1; 479 else if (strcmp(*argv, "-dhe1024dsa") == 0) { 480 dhe1024dsa = 1; 481 } else if (strcmp(*argv, "-no_dhe") == 0) 482 no_dhe = 1; 483 else if (strcmp(*argv, "-no_ecdhe") == 0) 484 no_ecdhe = 1; 485 else if (strcmp(*argv, "-dtls1") == 0) 486 dtls1 = 1; 487 else if (strcmp(*argv, "-tls1") == 0) 488 tls1 = 1; 489 else if (strcmp(*argv, "-tls1_2") == 0) 490 tls1_2 = 1; 491 else if (strncmp(*argv, "-num", 4) == 0) { 492 if (--argc < 1) 493 goto bad; 494 number = atoi(*(++argv)); 495 if (number == 0) 496 number = 1; 497 } else if (strcmp(*argv, "-bytes") == 0) { 498 if (--argc < 1) 499 goto bad; 500 bytes = atol(*(++argv)); 501 if (bytes == 0L) 502 bytes = 1L; 503 i = strlen(argv[0]); 504 if (argv[0][i - 1] == 'k') 505 bytes*=1024L; 506 if (argv[0][i - 1] == 'm') 507 bytes*=1024L*1024L; 508 } else if (strcmp(*argv, "-cert") == 0) { 509 if (--argc < 1) 510 goto bad; 511 server_cert= *(++argv); 512 } else if (strcmp(*argv, "-s_cert") == 0) { 513 if (--argc < 1) 514 goto bad; 515 server_cert= *(++argv); 516 } else if (strcmp(*argv, "-key") == 0) { 517 if (--argc < 1) 518 goto bad; 519 server_key= *(++argv); 520 } else if (strcmp(*argv, "-s_key") == 0) { 521 if (--argc < 1) 522 goto bad; 523 server_key= *(++argv); 524 } else if (strcmp(*argv, "-c_cert") == 0) { 525 if (--argc < 1) 526 goto bad; 527 client_cert= *(++argv); 528 } else if (strcmp(*argv, "-c_key") == 0) { 529 if (--argc < 1) 530 goto bad; 531 client_key= *(++argv); 532 } else if (strcmp(*argv, "-cipher") == 0) { 533 if (--argc < 1) 534 goto bad; 535 cipher= *(++argv); 536 } else if (strcmp(*argv, "-CApath") == 0) { 537 if (--argc < 1) 538 goto bad; 539 CApath= *(++argv); 540 } else if (strcmp(*argv, "-CAfile") == 0) { 541 if (--argc < 1) 542 goto bad; 543 CAfile= *(++argv); 544 } else if (strcmp(*argv, "-bio_pair") == 0) { 545 bio_pair = 1; 546 } else if (strcmp(*argv, "-f") == 0) { 547 force = 1; 548 } else if (strcmp(*argv, "-time") == 0) { 549 print_time = 1; 550 } else if (strcmp(*argv, "-named_curve") == 0) { 551 if (--argc < 1) 552 goto bad; 553 named_curve = *(++argv); 554 } else if (strcmp(*argv, "-app_verify") == 0) { 555 app_verify_arg.app_verify = 1; 556 } else if (strcmp(*argv, "-proxy") == 0) { 557 app_verify_arg.allow_proxy_certs = 1; 558 } else if (strcmp(*argv, "-alpn_client") == 0) { 559 if (--argc < 1) 560 goto bad; 561 alpn_client = *(++argv); 562 } else if (strcmp(*argv, "-alpn_server") == 0) { 563 if (--argc < 1) 564 goto bad; 565 alpn_server = *(++argv); 566 } else if (strcmp(*argv, "-alpn_expected") == 0) { 567 if (--argc < 1) 568 goto bad; 569 alpn_expected = *(++argv); 570 } else { 571 fprintf(stderr, "unknown option %s\n", *argv); 572 badop = 1; 573 break; 574 } 575 argc--; 576 argv++; 577 } 578 if (badop) { 579 bad: 580 sv_usage(); 581 goto end; 582 } 583 584 if (!dtls1 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) { 585 fprintf(stderr, 586 "This case cannot work. Use -f to perform " 587 "the test anyway (and\n-d to see what happens), " 588 "or add one of -dtls1, -tls1, -tls1_2, -reuse\n" 589 "to avoid protocol mismatch.\n"); 590 exit(1); 591 } 592 593 if (print_time) { 594 if (!bio_pair) { 595 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 596 bio_pair = 1; 597 } 598 if (number < 50 && !force) 599 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 600 } 601 602 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 603 604 SSL_library_init(); 605 SSL_load_error_strings(); 606 607 if (dtls1) 608 meth = DTLSv1_method(); 609 else if (tls1) 610 meth = TLSv1_method(); 611 else if (tls1_2) 612 meth = TLSv1_2_method(); 613 else 614 meth = TLS_method(); 615 616 c_ctx = SSL_CTX_new(meth); 617 s_ctx = SSL_CTX_new(meth); 618 if ((c_ctx == NULL) || (s_ctx == NULL)) { 619 ERR_print_errors(bio_err); 620 goto end; 621 } 622 623 if (cipher != NULL) { 624 SSL_CTX_set_cipher_list(c_ctx, cipher); 625 SSL_CTX_set_cipher_list(s_ctx, cipher); 626 } 627 628 if (!no_dhe) { 629 if (dhe1024dsa) { 630 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ 631 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 632 dh = get_dh1024dsa(); 633 } else 634 dh = get_dh1024(); 635 SSL_CTX_set_tmp_dh(s_ctx, dh); 636 DH_free(dh); 637 } 638 639 if (!no_ecdhe) { 640 int nid; 641 642 if (named_curve != NULL) { 643 nid = OBJ_sn2nid(named_curve); 644 if (nid == 0) { 645 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 646 goto end; 647 } 648 } else 649 nid = NID_X9_62_prime256v1; 650 651 ecdh = EC_KEY_new_by_curve_name(nid); 652 if (ecdh == NULL) { 653 BIO_printf(bio_err, "unable to create curve\n"); 654 goto end; 655 } 656 657 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 658 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 659 EC_KEY_free(ecdh); 660 } 661 662 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, 663 SSL_FILETYPE_PEM)) { 664 ERR_print_errors(bio_err); 665 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 666 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { 667 ERR_print_errors(bio_err); 668 goto end; 669 } 670 671 if (client_auth) { 672 SSL_CTX_use_certificate_file(c_ctx, client_cert, 673 SSL_FILETYPE_PEM); 674 SSL_CTX_use_PrivateKey_file(c_ctx, 675 (client_key ? client_key : client_cert), 676 SSL_FILETYPE_PEM); 677 } 678 679 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 680 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 681 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 682 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 683 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 684 ERR_print_errors(bio_err); 685 /* goto end; */ 686 } 687 688 if (client_auth) { 689 BIO_printf(bio_err, "client authentication\n"); 690 SSL_CTX_set_verify(s_ctx, 691 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 692 verify_callback); 693 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 694 &app_verify_arg); 695 } 696 if (server_auth) { 697 BIO_printf(bio_err, "server authentication\n"); 698 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, 699 verify_callback); 700 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 701 &app_verify_arg); 702 } 703 704 { 705 int session_id_context = 0; 706 SSL_CTX_set_session_id_context(s_ctx, 707 (void *)&session_id_context, sizeof(session_id_context)); 708 } 709 710 if (alpn_server != NULL) 711 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL); 712 713 if (alpn_client != NULL) { 714 unsigned short alpn_len; 715 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 716 717 if (alpn == NULL) { 718 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 719 goto end; 720 } 721 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); 722 free(alpn); 723 } 724 725 c_ssl = SSL_new(c_ctx); 726 s_ssl = SSL_new(s_ctx); 727 728 for (i = 0; i < number; i++) { 729 if (!reuse) 730 SSL_set_session(c_ssl, NULL); 731 if (bio_pair) 732 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, 733 &c_time); 734 else 735 ret = doit(s_ssl, c_ssl, bytes); 736 } 737 738 if (!verbose) { 739 print_details(c_ssl, ""); 740 } 741 if ((number > 1) || (bytes > 1L)) 742 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", 743 number, bytes); 744 if (print_time) { 745 #ifdef CLOCKS_PER_SEC 746 /* "To determine the time in seconds, the value returned 747 * by the clock function should be divided by the value 748 * of the macro CLOCKS_PER_SEC." 749 * -- ISO/IEC 9899 */ 750 BIO_printf(bio_stdout, 751 "Approximate total server time: %6.2f s\n" 752 "Approximate total client time: %6.2f s\n", 753 (double)s_time/CLOCKS_PER_SEC, 754 (double)c_time/CLOCKS_PER_SEC); 755 #else 756 /* "`CLOCKS_PER_SEC' undeclared (first use this function)" 757 * -- cc on NeXTstep/OpenStep */ 758 BIO_printf(bio_stdout, 759 "Approximate total server time: %6.2f units\n" 760 "Approximate total client time: %6.2f units\n", 761 (double)s_time, 762 (double)c_time); 763 #endif 764 } 765 766 SSL_free(s_ssl); 767 SSL_free(c_ssl); 768 769 end: 770 SSL_CTX_free(s_ctx); 771 SSL_CTX_free(c_ctx); 772 BIO_free(bio_stdout); 773 774 #ifndef OPENSSL_NO_ENGINE 775 ENGINE_cleanup(); 776 #endif 777 CRYPTO_cleanup_all_ex_data(); 778 ERR_free_strings(); 779 ERR_remove_thread_state(NULL); 780 EVP_cleanup(); 781 CRYPTO_mem_leaks(bio_err); 782 BIO_free(bio_err); 783 784 exit(ret); 785 return ret; 786 } 787 788 int 789 doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, 790 clock_t *c_time) 791 { 792 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 793 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 794 BIO *server = NULL, *server_io = NULL; 795 BIO *client = NULL, *client_io = NULL; 796 int ret = 1; 797 798 size_t bufsiz = 256; /* small buffer for testing */ 799 800 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 801 goto err; 802 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 803 goto err; 804 805 s_ssl_bio = BIO_new(BIO_f_ssl()); 806 if (!s_ssl_bio) 807 goto err; 808 809 c_ssl_bio = BIO_new(BIO_f_ssl()); 810 if (!c_ssl_bio) 811 goto err; 812 813 SSL_set_connect_state(c_ssl); 814 SSL_set_bio(c_ssl, client, client); 815 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 816 817 SSL_set_accept_state(s_ssl); 818 SSL_set_bio(s_ssl, server, server); 819 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 820 821 do { 822 /* c_ssl_bio: SSL filter BIO 823 * 824 * client: pseudo-I/O for SSL library 825 * 826 * client_io: client's SSL communication; usually to be 827 * relayed over some I/O facility, but in this 828 * test program, we're the server, too: 829 * 830 * server_io: server's SSL communication 831 * 832 * server: pseudo-I/O for SSL library 833 * 834 * s_ssl_bio: SSL filter BIO 835 * 836 * The client and the server each employ a "BIO pair": 837 * client + client_io, server + server_io. 838 * BIO pairs are symmetric. A BIO pair behaves similar 839 * to a non-blocking socketpair (but both endpoints must 840 * be handled by the same thread). 841 * [Here we could connect client and server to the ends 842 * of a single BIO pair, but then this code would be less 843 * suitable as an example for BIO pairs in general.] 844 * 845 * Useful functions for querying the state of BIO pair endpoints: 846 * 847 * BIO_ctrl_pending(bio) number of bytes we can read now 848 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 849 * other side's read attempt 850 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 851 * 852 * ..._read_request is never more than ..._write_guarantee; 853 * it depends on the application which one you should use. 854 */ 855 856 /* We have non-blocking behaviour throughout this test program, but 857 * can be sure that there is *some* progress in each iteration; so 858 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE 859 * -- we just try everything in each iteration 860 */ 861 862 { 863 /* CLIENT */ 864 865 char cbuf[1024*8]; 866 int i, r; 867 clock_t c_clock = clock(); 868 869 memset(cbuf, 0, sizeof(cbuf)); 870 871 if (debug) 872 if (SSL_in_init(c_ssl)) 873 printf("client waiting in SSL_connect - %s\n", 874 SSL_state_string_long(c_ssl)); 875 876 if (cw_num > 0) { 877 /* Write to server. */ 878 879 if (cw_num > (long)sizeof cbuf) 880 i = sizeof cbuf; 881 else 882 i = (int)cw_num; 883 r = BIO_write(c_ssl_bio, cbuf, i); 884 if (r < 0) { 885 if (!BIO_should_retry(c_ssl_bio)) { 886 fprintf(stderr, "ERROR in CLIENT\n"); 887 goto err; 888 } 889 /* BIO_should_retry(...) can just be ignored here. 890 * The library expects us to call BIO_write with 891 * the same arguments again, and that's what we will 892 * do in the next iteration. */ 893 } else if (r == 0) { 894 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 895 goto err; 896 } else { 897 if (debug) 898 printf("client wrote %d\n", r); 899 cw_num -= r; 900 901 } 902 } 903 904 if (cr_num > 0) { 905 /* Read from server. */ 906 907 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 908 if (r < 0) { 909 if (!BIO_should_retry(c_ssl_bio)) { 910 fprintf(stderr, "ERROR in CLIENT\n"); 911 goto err; 912 } 913 /* Again, "BIO_should_retry" can be ignored. */ 914 } else if (r == 0) { 915 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 916 goto err; 917 } else { 918 if (debug) 919 printf("client read %d\n", r); 920 cr_num -= r; 921 } 922 } 923 924 /* c_time and s_time increments will typically be very small 925 * (depending on machine speed and clock tick intervals), 926 * but sampling over a large number of connections should 927 * result in fairly accurate figures. We cannot guarantee 928 * a lot, however -- if each connection lasts for exactly 929 * one clock tick, it will be counted only for the client 930 * or only for the server or even not at all. 931 */ 932 *c_time += (clock() - c_clock); 933 } 934 935 { 936 /* SERVER */ 937 938 char sbuf[1024*8]; 939 int i, r; 940 clock_t s_clock = clock(); 941 942 memset(sbuf, 0, sizeof(sbuf)); 943 944 if (debug) 945 if (SSL_in_init(s_ssl)) 946 printf("server waiting in SSL_accept - %s\n", 947 SSL_state_string_long(s_ssl)); 948 949 if (sw_num > 0) { 950 /* Write to client. */ 951 952 if (sw_num > (long)sizeof sbuf) 953 i = sizeof sbuf; 954 else 955 i = (int)sw_num; 956 r = BIO_write(s_ssl_bio, sbuf, i); 957 if (r < 0) { 958 if (!BIO_should_retry(s_ssl_bio)) { 959 fprintf(stderr, "ERROR in SERVER\n"); 960 goto err; 961 } 962 /* Ignore "BIO_should_retry". */ 963 } else if (r == 0) { 964 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 965 goto err; 966 } else { 967 if (debug) 968 printf("server wrote %d\n", r); 969 sw_num -= r; 970 971 } 972 } 973 974 if (sr_num > 0) { 975 /* Read from client. */ 976 977 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 978 if (r < 0) { 979 if (!BIO_should_retry(s_ssl_bio)) { 980 fprintf(stderr, "ERROR in SERVER\n"); 981 goto err; 982 } 983 /* blah, blah */ 984 } else if (r == 0) { 985 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 986 goto err; 987 } else { 988 if (debug) 989 printf("server read %d\n", r); 990 sr_num -= r; 991 } 992 } 993 994 *s_time += (clock() - s_clock); 995 } 996 997 { 998 /* "I/O" BETWEEN CLIENT AND SERVER. */ 999 1000 size_t r1, r2; 1001 BIO *io1 = server_io, *io2 = client_io; 1002 /* we use the non-copying interface for io1 1003 * and the standard BIO_write/BIO_read interface for io2 1004 */ 1005 1006 static int prev_progress = 1; 1007 int progress = 0; 1008 1009 /* io1 to io2 */ 1010 do { 1011 size_t num; 1012 int r; 1013 1014 r1 = BIO_ctrl_pending(io1); 1015 r2 = BIO_ctrl_get_write_guarantee(io2); 1016 1017 num = r1; 1018 if (r2 < num) 1019 num = r2; 1020 if (num) { 1021 char *dataptr; 1022 1023 if (INT_MAX < num) /* yeah, right */ 1024 num = INT_MAX; 1025 1026 r = BIO_nread(io1, &dataptr, (int)num); 1027 assert(r > 0); 1028 assert(r <= (int)num); 1029 /* possibly r < num (non-contiguous data) */ 1030 num = r; 1031 r = BIO_write(io2, dataptr, (int)num); 1032 if (r != (int)num) /* can't happen */ 1033 { 1034 fprintf(stderr, "ERROR: BIO_write could not write " 1035 "BIO_ctrl_get_write_guarantee() bytes"); 1036 goto err; 1037 } 1038 progress = 1; 1039 1040 if (debug) 1041 printf((io1 == client_io) ? 1042 "C->S relaying: %d bytes\n" : 1043 "S->C relaying: %d bytes\n", 1044 (int)num); 1045 } 1046 } while (r1 && r2); 1047 1048 /* io2 to io1 */ 1049 { 1050 size_t num; 1051 int r; 1052 1053 r1 = BIO_ctrl_pending(io2); 1054 r2 = BIO_ctrl_get_read_request(io1); 1055 /* here we could use ..._get_write_guarantee instead of 1056 * ..._get_read_request, but by using the latter 1057 * we test restartability of the SSL implementation 1058 * more thoroughly */ 1059 num = r1; 1060 if (r2 < num) 1061 num = r2; 1062 if (num) { 1063 char *dataptr; 1064 1065 if (INT_MAX < num) 1066 num = INT_MAX; 1067 1068 if (num > 1) 1069 --num; /* test restartability even more thoroughly */ 1070 1071 r = BIO_nwrite0(io1, &dataptr); 1072 assert(r > 0); 1073 if (r < (int)num) 1074 num = r; 1075 r = BIO_read(io2, dataptr, (int)num); 1076 if (r != (int)num) /* can't happen */ 1077 { 1078 fprintf(stderr, "ERROR: BIO_read could not read " 1079 "BIO_ctrl_pending() bytes"); 1080 goto err; 1081 } 1082 progress = 1; 1083 r = BIO_nwrite(io1, &dataptr, (int)num); 1084 if (r != (int)num) /* can't happen */ 1085 { 1086 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1087 "BIO_nwrite0() bytes"); 1088 goto err; 1089 } 1090 1091 if (debug) 1092 printf((io2 == client_io) ? 1093 "C->S relaying: %d bytes\n" : 1094 "S->C relaying: %d bytes\n", 1095 (int)num); 1096 } 1097 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ 1098 1099 if (!progress && !prev_progress) { 1100 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1101 fprintf(stderr, "ERROR: got stuck\n"); 1102 goto err; 1103 } 1104 } 1105 prev_progress = progress; 1106 } 1107 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1108 1109 if (verbose) 1110 print_details(c_ssl, "DONE via BIO pair: "); 1111 1112 if (verify_alpn(c_ssl, s_ssl) < 0) { 1113 ret = 1; 1114 goto err; 1115 } 1116 1117 ret = 0; 1118 1119 err: 1120 ERR_print_errors(bio_err); 1121 1122 BIO_free(server); 1123 BIO_free(server_io); 1124 BIO_free(client); 1125 BIO_free(client_io); 1126 BIO_free(s_ssl_bio); 1127 BIO_free(c_ssl_bio); 1128 1129 return ret; 1130 } 1131 1132 1133 #define W_READ 1 1134 #define W_WRITE 2 1135 #define C_DONE 1 1136 #define S_DONE 2 1137 1138 int 1139 doit(SSL *s_ssl, SSL *c_ssl, long count) 1140 { 1141 char cbuf[1024*8], sbuf[1024*8]; 1142 long cw_num = count, cr_num = count; 1143 long sw_num = count, sr_num = count; 1144 int ret = 1; 1145 BIO *c_to_s = NULL; 1146 BIO *s_to_c = NULL; 1147 BIO *c_bio = NULL; 1148 BIO *s_bio = NULL; 1149 int c_r, c_w, s_r, s_w; 1150 int i, j; 1151 int done = 0; 1152 int c_write, s_write; 1153 int do_server = 0, do_client = 0; 1154 1155 memset(cbuf, 0, sizeof(cbuf)); 1156 memset(sbuf, 0, sizeof(sbuf)); 1157 1158 c_to_s = BIO_new(BIO_s_mem()); 1159 s_to_c = BIO_new(BIO_s_mem()); 1160 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1161 ERR_print_errors(bio_err); 1162 goto err; 1163 } 1164 1165 c_bio = BIO_new(BIO_f_ssl()); 1166 s_bio = BIO_new(BIO_f_ssl()); 1167 if ((c_bio == NULL) || (s_bio == NULL)) { 1168 ERR_print_errors(bio_err); 1169 goto err; 1170 } 1171 1172 SSL_set_connect_state(c_ssl); 1173 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1174 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1175 1176 SSL_set_accept_state(s_ssl); 1177 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1178 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1179 1180 c_r = 0; 1181 s_r = 1; 1182 c_w = 1; 1183 s_w = 0; 1184 c_write = 1, s_write = 0; 1185 1186 /* We can always do writes */ 1187 for (;;) { 1188 do_server = 0; 1189 do_client = 0; 1190 1191 i = (int)BIO_pending(s_bio); 1192 if ((i && s_r) || s_w) 1193 do_server = 1; 1194 1195 i = (int)BIO_pending(c_bio); 1196 if ((i && c_r) || c_w) 1197 do_client = 1; 1198 1199 if (do_server && debug) { 1200 if (SSL_in_init(s_ssl)) 1201 printf("server waiting in SSL_accept - %s\n", 1202 SSL_state_string_long(s_ssl)); 1203 } 1204 1205 if (do_client && debug) { 1206 if (SSL_in_init(c_ssl)) 1207 printf("client waiting in SSL_connect - %s\n", 1208 SSL_state_string_long(c_ssl)); 1209 } 1210 1211 if (!do_client && !do_server) { 1212 fprintf(stdout, "ERROR in STARTUP\n"); 1213 ERR_print_errors(bio_err); 1214 goto err; 1215 } 1216 1217 if (do_client && !(done & C_DONE)) { 1218 if (c_write) { 1219 j = (cw_num > (long)sizeof(cbuf)) ? 1220 (int)sizeof(cbuf) : (int)cw_num; 1221 i = BIO_write(c_bio, cbuf, j); 1222 if (i < 0) { 1223 c_r = 0; 1224 c_w = 0; 1225 if (BIO_should_retry(c_bio)) { 1226 if (BIO_should_read(c_bio)) 1227 c_r = 1; 1228 if (BIO_should_write(c_bio)) 1229 c_w = 1; 1230 } else { 1231 fprintf(stderr, "ERROR in CLIENT\n"); 1232 ERR_print_errors(bio_err); 1233 goto err; 1234 } 1235 } else if (i == 0) { 1236 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1237 goto err; 1238 } else { 1239 if (debug) 1240 printf("client wrote %d\n", i); 1241 /* ok */ 1242 s_r = 1; 1243 c_write = 0; 1244 cw_num -= i; 1245 } 1246 } else { 1247 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1248 if (i < 0) { 1249 c_r = 0; 1250 c_w = 0; 1251 if (BIO_should_retry(c_bio)) { 1252 if (BIO_should_read(c_bio)) 1253 c_r = 1; 1254 if (BIO_should_write(c_bio)) 1255 c_w = 1; 1256 } else { 1257 fprintf(stderr, "ERROR in CLIENT\n"); 1258 ERR_print_errors(bio_err); 1259 goto err; 1260 } 1261 } else if (i == 0) { 1262 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1263 goto err; 1264 } else { 1265 if (debug) 1266 printf("client read %d\n", i); 1267 cr_num -= i; 1268 if (sw_num > 0) { 1269 s_write = 1; 1270 s_w = 1; 1271 } 1272 if (cr_num <= 0) { 1273 s_write = 1; 1274 s_w = 1; 1275 done = S_DONE|C_DONE; 1276 } 1277 } 1278 } 1279 } 1280 1281 if (do_server && !(done & S_DONE)) { 1282 if (!s_write) { 1283 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1284 if (i < 0) { 1285 s_r = 0; 1286 s_w = 0; 1287 if (BIO_should_retry(s_bio)) { 1288 if (BIO_should_read(s_bio)) 1289 s_r = 1; 1290 if (BIO_should_write(s_bio)) 1291 s_w = 1; 1292 } else { 1293 fprintf(stderr, "ERROR in SERVER\n"); 1294 ERR_print_errors(bio_err); 1295 goto err; 1296 } 1297 } else if (i == 0) { 1298 ERR_print_errors(bio_err); 1299 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); 1300 goto err; 1301 } else { 1302 if (debug) 1303 printf("server read %d\n", i); 1304 sr_num -= i; 1305 if (cw_num > 0) { 1306 c_write = 1; 1307 c_w = 1; 1308 } 1309 if (sr_num <= 0) { 1310 s_write = 1; 1311 s_w = 1; 1312 c_write = 0; 1313 } 1314 } 1315 } else { 1316 j = (sw_num > (long)sizeof(sbuf)) ? 1317 (int)sizeof(sbuf) : (int)sw_num; 1318 i = BIO_write(s_bio, sbuf, j); 1319 if (i < 0) { 1320 s_r = 0; 1321 s_w = 0; 1322 if (BIO_should_retry(s_bio)) { 1323 if (BIO_should_read(s_bio)) 1324 s_r = 1; 1325 if (BIO_should_write(s_bio)) 1326 s_w = 1; 1327 } else { 1328 fprintf(stderr, "ERROR in SERVER\n"); 1329 ERR_print_errors(bio_err); 1330 goto err; 1331 } 1332 } else if (i == 0) { 1333 ERR_print_errors(bio_err); 1334 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); 1335 goto err; 1336 } else { 1337 if (debug) 1338 printf("server wrote %d\n", i); 1339 sw_num -= i; 1340 s_write = 0; 1341 c_r = 1; 1342 if (sw_num <= 0) 1343 done |= S_DONE; 1344 } 1345 } 1346 } 1347 1348 if ((done & S_DONE) && (done & C_DONE)) 1349 break; 1350 } 1351 1352 if (verbose) 1353 print_details(c_ssl, "DONE: "); 1354 1355 if (verify_alpn(c_ssl, s_ssl) < 0) { 1356 ret = 1; 1357 goto err; 1358 } 1359 1360 ret = 0; 1361 err: 1362 /* We have to set the BIO's to NULL otherwise they will be 1363 * free()ed twice. Once when th s_ssl is SSL_free()ed and 1364 * again when c_ssl is SSL_free()ed. 1365 * This is a hack required because s_ssl and c_ssl are sharing the same 1366 * BIO structure and SSL_set_bio() and SSL_free() automatically 1367 * BIO_free non NULL entries. 1368 * You should not normally do this or be required to do this */ 1369 if (s_ssl != NULL) { 1370 s_ssl->rbio = NULL; 1371 s_ssl->wbio = NULL; 1372 } 1373 if (c_ssl != NULL) { 1374 c_ssl->rbio = NULL; 1375 c_ssl->wbio = NULL; 1376 } 1377 1378 BIO_free(c_to_s); 1379 BIO_free(s_to_c); 1380 BIO_free_all(c_bio); 1381 BIO_free_all(s_bio); 1382 1383 return (ret); 1384 } 1385 1386 static int 1387 get_proxy_auth_ex_data_idx(void) 1388 { 1389 static volatile int idx = -1; 1390 if (idx < 0) { 1391 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1392 if (idx < 0) { 1393 idx = X509_STORE_CTX_get_ex_new_index(0, 1394 "SSLtest for verify callback", NULL, NULL, NULL); 1395 } 1396 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1397 } 1398 return idx; 1399 } 1400 1401 static int 1402 verify_callback(int ok, X509_STORE_CTX *ctx) 1403 { 1404 X509 *xs; 1405 char *s, buf[256]; 1406 int error, error_depth; 1407 1408 xs = X509_STORE_CTX_get_current_cert(ctx); 1409 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, sizeof buf); 1410 error = X509_STORE_CTX_get_error(ctx); 1411 error_depth = X509_STORE_CTX_get_error_depth(ctx); 1412 if (s != NULL) { 1413 if (ok) 1414 fprintf(stderr, "depth=%d %s\n", error_depth, buf); 1415 else { 1416 fprintf(stderr, "depth=%d error=%d %s\n", error_depth, 1417 error, buf); 1418 } 1419 } 1420 1421 if (ok == 0) { 1422 fprintf(stderr, "Error string: %s\n", 1423 X509_verify_cert_error_string(error)); 1424 switch (error) { 1425 case X509_V_ERR_CERT_NOT_YET_VALID: 1426 case X509_V_ERR_CERT_HAS_EXPIRED: 1427 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1428 fprintf(stderr, " ... ignored.\n"); 1429 ok = 1; 1430 } 1431 } 1432 1433 if (ok == 1) { 1434 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) { 1435 unsigned int *letters = 1436 X509_STORE_CTX_get_ex_data(ctx, 1437 get_proxy_auth_ex_data_idx()); 1438 1439 if (letters) { 1440 int found_any = 0; 1441 int i; 1442 PROXY_CERT_INFO_EXTENSION *pci = 1443 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1444 NULL, NULL); 1445 1446 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1447 case NID_Independent: 1448 /* Completely meaningless in this 1449 program, as there's no way to 1450 grant explicit rights to a 1451 specific PrC. Basically, using 1452 id-ppl-Independent is the perfect 1453 way to grant no rights at all. */ 1454 fprintf(stderr, " Independent proxy certificate"); 1455 for (i = 0; i < 26; i++) 1456 letters[i] = 0; 1457 break; 1458 case NID_id_ppl_inheritAll: 1459 /* This is basically a NOP, we 1460 simply let the current rights 1461 stand as they are. */ 1462 fprintf(stderr, " Proxy certificate inherits all"); 1463 break; 1464 default: 1465 s = (char *) 1466 pci->proxyPolicy->policy->data; 1467 i = pci->proxyPolicy->policy->length; 1468 1469 /* The algorithm works as follows: 1470 it is assumed that previous 1471 iterations or the initial granted 1472 rights has already set some elements 1473 of `letters'. What we need to do is 1474 to clear those that weren't granted 1475 by the current PrC as well. The 1476 easiest way to do this is to add 1 1477 to all the elements whose letters 1478 are given with the current policy. 1479 That way, all elements that are set 1480 by the current policy and were 1481 already set by earlier policies and 1482 through the original grant of rights 1483 will get the value 2 or higher. 1484 The last thing to do is to sweep 1485 through `letters' and keep the 1486 elements having the value 2 as set, 1487 and clear all the others. */ 1488 1489 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); 1490 while (i-- > 0) { 1491 int c = *s++; 1492 if (isascii(c) && isalpha(c)) { 1493 if (islower(c)) 1494 c = toupper(c); 1495 letters[c - 'A']++; 1496 } 1497 } 1498 for (i = 0; i < 26; i++) 1499 if (letters[i] < 2) 1500 letters[i] = 0; 1501 else 1502 letters[i] = 1; 1503 } 1504 1505 found_any = 0; 1506 fprintf(stderr, ", resulting proxy rights = "); 1507 for (i = 0; i < 26; i++) 1508 if (letters[i]) { 1509 fprintf(stderr, "%c", i + 'A'); 1510 found_any = 1; 1511 } 1512 if (!found_any) 1513 fprintf(stderr, "none"); 1514 fprintf(stderr, "\n"); 1515 1516 PROXY_CERT_INFO_EXTENSION_free(pci); 1517 } 1518 } 1519 } 1520 1521 return (ok); 1522 } 1523 1524 static void 1525 process_proxy_debug(int indent, const char *format, ...) 1526 { 1527 static const char indentation[] = 1528 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1529 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ 1530 char my_format[256]; 1531 va_list args; 1532 1533 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", 1534 indent, indent, indentation, format); 1535 1536 va_start(args, format); 1537 vfprintf(stderr, my_format, args); 1538 va_end(args); 1539 } 1540 /* Priority levels: 1541 0 [!]var, () 1542 1 & ^ 1543 2 | 1544 */ 1545 static int process_proxy_cond_adders(unsigned int letters[26], 1546 const char *cond, const char **cond_end, int *pos, int indent); 1547 1548 static int 1549 process_proxy_cond_val(unsigned int letters[26], const char *cond, 1550 const char **cond_end, int *pos, int indent) 1551 { 1552 int c; 1553 int ok = 1; 1554 int negate = 0; 1555 1556 while (isspace((int)*cond)) { 1557 cond++; 1558 (*pos)++; 1559 } 1560 c = *cond; 1561 1562 if (debug) 1563 process_proxy_debug(indent, 1564 "Start process_proxy_cond_val at position %d: %s\n", 1565 *pos, cond); 1566 1567 while (c == '!') { 1568 negate = !negate; 1569 cond++; 1570 (*pos)++; 1571 while (isspace((int)*cond)) { 1572 cond++; 1573 (*pos)++; 1574 } 1575 c = *cond; 1576 } 1577 1578 if (c == '(') { 1579 cond++; 1580 (*pos)++; 1581 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1582 indent + 1); 1583 cond = *cond_end; 1584 if (ok < 0) 1585 goto end; 1586 while (isspace((int)*cond)) { 1587 cond++; 1588 (*pos)++; 1589 } 1590 c = *cond; 1591 if (c != ')') { 1592 fprintf(stderr, 1593 "Weird condition character in position %d: " 1594 "%c\n", *pos, c); 1595 ok = -1; 1596 goto end; 1597 } 1598 cond++; 1599 (*pos)++; 1600 } else if (isascii(c) && isalpha(c)) { 1601 if (islower(c)) 1602 c = toupper(c); 1603 ok = letters[c - 'A']; 1604 cond++; 1605 (*pos)++; 1606 } else { 1607 fprintf(stderr, 1608 "Weird condition character in position %d: " 1609 "%c\n", *pos, c); 1610 ok = -1; 1611 goto end; 1612 } 1613 end: 1614 *cond_end = cond; 1615 if (ok >= 0 && negate) 1616 ok = !ok; 1617 1618 if (debug) 1619 process_proxy_debug(indent, 1620 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1621 *pos, cond, ok); 1622 1623 return ok; 1624 } 1625 1626 static int 1627 process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, 1628 const char **cond_end, int *pos, int indent) 1629 { 1630 int ok; 1631 char c; 1632 1633 if (debug) 1634 process_proxy_debug(indent, 1635 "Start process_proxy_cond_multipliers at position %d: %s\n", 1636 *pos, cond); 1637 1638 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 1639 cond = *cond_end; 1640 if (ok < 0) 1641 goto end; 1642 1643 while (ok >= 0) { 1644 while (isspace((int)*cond)) { 1645 cond++; 1646 (*pos)++; 1647 } 1648 c = *cond; 1649 1650 switch (c) { 1651 case '&': 1652 case '^': 1653 { 1654 int save_ok = ok; 1655 1656 cond++; 1657 (*pos)++; 1658 ok = process_proxy_cond_val(letters, 1659 cond, cond_end, pos, indent + 1); 1660 cond = *cond_end; 1661 if (ok < 0) 1662 break; 1663 1664 switch (c) { 1665 case '&': 1666 ok &= save_ok; 1667 break; 1668 case '^': 1669 ok ^= save_ok; 1670 break; 1671 default: 1672 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1673 " STOPPING\n"); 1674 exit(1); 1675 } 1676 } 1677 break; 1678 default: 1679 goto end; 1680 } 1681 } 1682 end: 1683 if (debug) 1684 process_proxy_debug(indent, 1685 "End process_proxy_cond_multipliers at position %d: %s, " 1686 "returning %d\n", 1687 *pos, cond, ok); 1688 1689 *cond_end = cond; 1690 return ok; 1691 } 1692 1693 static int 1694 process_proxy_cond_adders(unsigned int letters[26], const char *cond, 1695 const char **cond_end, int *pos, int indent) 1696 { 1697 int ok; 1698 char c; 1699 1700 if (debug) 1701 process_proxy_debug(indent, 1702 "Start process_proxy_cond_adders at position %d: %s\n", 1703 *pos, cond); 1704 1705 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 1706 indent + 1); 1707 cond = *cond_end; 1708 if (ok < 0) 1709 goto end; 1710 1711 while (ok >= 0) { 1712 while (isspace((int)*cond)) { 1713 cond++; 1714 (*pos)++; 1715 } 1716 c = *cond; 1717 1718 switch (c) { 1719 case '|': 1720 { 1721 int save_ok = ok; 1722 1723 cond++; 1724 (*pos)++; 1725 ok = process_proxy_cond_multipliers(letters, 1726 cond, cond_end, pos, indent + 1); 1727 cond = *cond_end; 1728 if (ok < 0) 1729 break; 1730 1731 switch (c) { 1732 case '|': 1733 ok |= save_ok; 1734 break; 1735 default: 1736 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1737 " STOPPING\n"); 1738 exit(1); 1739 } 1740 } 1741 break; 1742 default: 1743 goto end; 1744 } 1745 } 1746 end: 1747 if (debug) 1748 process_proxy_debug(indent, 1749 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 1750 *pos, cond, ok); 1751 1752 *cond_end = cond; 1753 return ok; 1754 } 1755 1756 static int 1757 process_proxy_cond(unsigned int letters[26], const char *cond, 1758 const char **cond_end) 1759 { 1760 int pos = 1; 1761 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 1762 } 1763 1764 static int 1765 app_verify_callback(X509_STORE_CTX *ctx, void *arg) 1766 { 1767 int ok = 1; 1768 struct app_verify_arg *cb_arg = arg; 1769 unsigned int letters[26]; /* only used with proxy_auth */ 1770 1771 if (cb_arg->app_verify) { 1772 X509 *xs; 1773 char *s = NULL, buf[256]; 1774 1775 xs = X509_STORE_CTX_get0_cert(ctx); 1776 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1777 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1778 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 1779 (void *)ctx, (void *)xs); 1780 if (xs) 1781 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, 256); 1782 if (s != NULL) { 1783 fprintf(stderr, "cert depth=%d %s\n", 1784 X509_STORE_CTX_get_error_depth(ctx), buf); 1785 } 1786 return (1); 1787 } 1788 if (cb_arg->proxy_auth) { 1789 int found_any = 0, i; 1790 char *sp; 1791 1792 for (i = 0; i < 26; i++) 1793 letters[i] = 0; 1794 for (sp = cb_arg->proxy_auth; *sp; sp++) { 1795 int c = *sp; 1796 if (isascii(c) && isalpha(c)) { 1797 if (islower(c)) 1798 c = toupper(c); 1799 letters[c - 'A'] = 1; 1800 } 1801 } 1802 1803 fprintf(stderr, " Initial proxy rights = "); 1804 for (i = 0; i < 26; i++) 1805 if (letters[i]) { 1806 fprintf(stderr, "%c", i + 'A'); 1807 found_any = 1; 1808 } 1809 if (!found_any) 1810 fprintf(stderr, "none"); 1811 fprintf(stderr, "\n"); 1812 1813 X509_STORE_CTX_set_ex_data(ctx, 1814 get_proxy_auth_ex_data_idx(), letters); 1815 } 1816 if (cb_arg->allow_proxy_certs) { 1817 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 1818 } 1819 1820 ok = X509_verify_cert(ctx); 1821 1822 if (cb_arg->proxy_auth) { 1823 if (ok > 0) { 1824 const char *cond_end = NULL; 1825 1826 ok = process_proxy_cond(letters, 1827 cb_arg->proxy_cond, &cond_end); 1828 1829 if (ok < 0) 1830 exit(3); 1831 if (*cond_end) { 1832 fprintf(stderr, "Stopped processing condition before it's end.\n"); 1833 ok = 0; 1834 } 1835 if (!ok) 1836 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", 1837 cb_arg->proxy_cond); 1838 else 1839 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", 1840 cb_arg->proxy_cond); 1841 } 1842 } 1843 return (ok); 1844 } 1845 1846 /* These DH parameters have been generated as follows: 1847 * $ openssl dhparam -C -noout 1024 1848 * $ openssl dhparam -C -noout -dsaparam 1024 1849 * (The second function has been renamed to avoid name conflicts.) 1850 */ 1851 static DH * 1852 get_dh1024() 1853 { 1854 static unsigned char dh1024_p[] = { 1855 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, 1856 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, 1857 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, 1858 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, 1859 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, 1860 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, 1861 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, 1862 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, 1863 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, 1864 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, 1865 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 1866 }; 1867 static unsigned char dh1024_g[] = { 1868 0x02, 1869 }; 1870 DH *dh; 1871 BIGNUM *dh_p = NULL, *dh_g = NULL; 1872 1873 if ((dh = DH_new()) == NULL) 1874 return NULL; 1875 1876 dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 1877 dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 1878 if (dh_p == NULL || dh_g == NULL) 1879 goto err; 1880 1881 if (!DH_set0_pqg(dh, dh_p, NULL, dh_g)) 1882 goto err; 1883 1884 return dh; 1885 1886 err: 1887 BN_free(dh_p); 1888 BN_free(dh_g); 1889 DH_free(dh); 1890 return NULL; 1891 } 1892 1893 static DH * 1894 get_dh1024dsa() 1895 { 1896 static unsigned char dh1024_p[] = { 1897 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, 1898 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, 1899 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, 1900 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, 1901 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, 1902 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, 1903 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, 1904 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, 1905 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, 1906 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, 1907 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 1908 }; 1909 static unsigned char dh1024_g[] = { 1910 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, 1911 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, 1912 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, 1913 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, 1914 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, 1915 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, 1916 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, 1917 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, 1918 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, 1919 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, 1920 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 1921 }; 1922 DH *dh; 1923 BIGNUM *dh_p = NULL, *dh_g = NULL; 1924 1925 if ((dh = DH_new()) == NULL) 1926 return NULL; 1927 1928 dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 1929 dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 1930 if (dh_p == NULL || dh_g == NULL) 1931 goto err; 1932 1933 if (!DH_set0_pqg(dh, dh_p, NULL, dh_g)) 1934 goto err; 1935 1936 DH_set_length(dh, 160); 1937 1938 return dh; 1939 1940 err: 1941 BN_free(dh_p); 1942 BN_free(dh_g); 1943 DH_free(dh); 1944 return NULL; 1945 } 1946