1 /* 2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "ssl_local.h" 12 #include "packet_local.h" 13 #include <openssl/bio.h> 14 #include <openssl/objects.h> 15 #include <openssl/evp.h> 16 #include <openssl/x509.h> 17 #include <openssl/pem.h> 18 19 static int ssl_set_cert(CERT *c, X509 *x509); 20 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); 21 22 #define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \ 23 | SSL_EXT_CLIENT_HELLO \ 24 | SSL_EXT_TLS1_2_SERVER_HELLO \ 25 | SSL_EXT_IGNORE_ON_RESUMPTION) 26 27 int SSL_use_certificate(SSL *ssl, X509 *x) 28 { 29 int rv; 30 if (x == NULL) { 31 SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER); 32 return 0; 33 } 34 rv = ssl_security_cert(ssl, NULL, x, 0, 1); 35 if (rv != 1) { 36 SSLerr(SSL_F_SSL_USE_CERTIFICATE, rv); 37 return 0; 38 } 39 40 return ssl_set_cert(ssl->cert, x); 41 } 42 43 int SSL_use_certificate_file(SSL *ssl, const char *file, int type) 44 { 45 int j; 46 BIO *in; 47 int ret = 0; 48 X509 *x = NULL; 49 50 in = BIO_new(BIO_s_file()); 51 if (in == NULL) { 52 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB); 53 goto end; 54 } 55 56 if (BIO_read_filename(in, file) <= 0) { 57 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB); 58 goto end; 59 } 60 if (type == SSL_FILETYPE_ASN1) { 61 j = ERR_R_ASN1_LIB; 62 x = d2i_X509_bio(in, NULL); 63 } else if (type == SSL_FILETYPE_PEM) { 64 j = ERR_R_PEM_LIB; 65 x = PEM_read_bio_X509(in, NULL, ssl->default_passwd_callback, 66 ssl->default_passwd_callback_userdata); 67 } else { 68 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); 69 goto end; 70 } 71 72 if (x == NULL) { 73 SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j); 74 goto end; 75 } 76 77 ret = SSL_use_certificate(ssl, x); 78 end: 79 X509_free(x); 80 BIO_free(in); 81 return ret; 82 } 83 84 int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) 85 { 86 X509 *x; 87 int ret; 88 89 x = d2i_X509(NULL, &d, (long)len); 90 if (x == NULL) { 91 SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB); 92 return 0; 93 } 94 95 ret = SSL_use_certificate(ssl, x); 96 X509_free(x); 97 return ret; 98 } 99 100 #ifndef OPENSSL_NO_RSA 101 int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) 102 { 103 EVP_PKEY *pkey; 104 int ret; 105 106 if (rsa == NULL) { 107 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); 108 return 0; 109 } 110 if ((pkey = EVP_PKEY_new()) == NULL) { 111 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB); 112 return 0; 113 } 114 115 RSA_up_ref(rsa); 116 if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) { 117 RSA_free(rsa); 118 EVP_PKEY_free(pkey); 119 return 0; 120 } 121 122 ret = ssl_set_pkey(ssl->cert, pkey); 123 EVP_PKEY_free(pkey); 124 return ret; 125 } 126 #endif 127 128 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) 129 { 130 size_t i; 131 132 if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) { 133 SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE); 134 return 0; 135 } 136 137 if (c->pkeys[i].x509 != NULL) { 138 EVP_PKEY *pktmp; 139 pktmp = X509_get0_pubkey(c->pkeys[i].x509); 140 if (pktmp == NULL) { 141 SSLerr(SSL_F_SSL_SET_PKEY, ERR_R_MALLOC_FAILURE); 142 return 0; 143 } 144 /* 145 * The return code from EVP_PKEY_copy_parameters is deliberately 146 * ignored. Some EVP_PKEY types cannot do this. 147 */ 148 EVP_PKEY_copy_parameters(pktmp, pkey); 149 ERR_clear_error(); 150 151 #ifndef OPENSSL_NO_RSA 152 /* 153 * Don't check the public/private key, this is mostly for smart 154 * cards. 155 */ 156 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA 157 && RSA_flags(EVP_PKEY_get0_RSA(pkey)) & RSA_METHOD_FLAG_NO_CHECK) ; 158 else 159 #endif 160 if (!X509_check_private_key(c->pkeys[i].x509, pkey)) { 161 X509_free(c->pkeys[i].x509); 162 c->pkeys[i].x509 = NULL; 163 return 0; 164 } 165 } 166 167 EVP_PKEY_free(c->pkeys[i].privatekey); 168 EVP_PKEY_up_ref(pkey); 169 c->pkeys[i].privatekey = pkey; 170 c->key = &c->pkeys[i]; 171 return 1; 172 } 173 174 #ifndef OPENSSL_NO_RSA 175 int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) 176 { 177 int j, ret = 0; 178 BIO *in; 179 RSA *rsa = NULL; 180 181 in = BIO_new(BIO_s_file()); 182 if (in == NULL) { 183 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB); 184 goto end; 185 } 186 187 if (BIO_read_filename(in, file) <= 0) { 188 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB); 189 goto end; 190 } 191 if (type == SSL_FILETYPE_ASN1) { 192 j = ERR_R_ASN1_LIB; 193 rsa = d2i_RSAPrivateKey_bio(in, NULL); 194 } else if (type == SSL_FILETYPE_PEM) { 195 j = ERR_R_PEM_LIB; 196 rsa = PEM_read_bio_RSAPrivateKey(in, NULL, 197 ssl->default_passwd_callback, 198 ssl->default_passwd_callback_userdata); 199 } else { 200 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); 201 goto end; 202 } 203 if (rsa == NULL) { 204 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j); 205 goto end; 206 } 207 ret = SSL_use_RSAPrivateKey(ssl, rsa); 208 RSA_free(rsa); 209 end: 210 BIO_free(in); 211 return ret; 212 } 213 214 int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len) 215 { 216 int ret; 217 const unsigned char *p; 218 RSA *rsa; 219 220 p = d; 221 if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) { 222 SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB); 223 return 0; 224 } 225 226 ret = SSL_use_RSAPrivateKey(ssl, rsa); 227 RSA_free(rsa); 228 return ret; 229 } 230 #endif /* !OPENSSL_NO_RSA */ 231 232 int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) 233 { 234 int ret; 235 236 if (pkey == NULL) { 237 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); 238 return 0; 239 } 240 ret = ssl_set_pkey(ssl->cert, pkey); 241 return ret; 242 } 243 244 int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) 245 { 246 int j, ret = 0; 247 BIO *in; 248 EVP_PKEY *pkey = NULL; 249 250 in = BIO_new(BIO_s_file()); 251 if (in == NULL) { 252 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB); 253 goto end; 254 } 255 256 if (BIO_read_filename(in, file) <= 0) { 257 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB); 258 goto end; 259 } 260 if (type == SSL_FILETYPE_PEM) { 261 j = ERR_R_PEM_LIB; 262 pkey = PEM_read_bio_PrivateKey(in, NULL, 263 ssl->default_passwd_callback, 264 ssl->default_passwd_callback_userdata); 265 } else if (type == SSL_FILETYPE_ASN1) { 266 j = ERR_R_ASN1_LIB; 267 pkey = d2i_PrivateKey_bio(in, NULL); 268 } else { 269 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); 270 goto end; 271 } 272 if (pkey == NULL) { 273 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j); 274 goto end; 275 } 276 ret = SSL_use_PrivateKey(ssl, pkey); 277 EVP_PKEY_free(pkey); 278 end: 279 BIO_free(in); 280 return ret; 281 } 282 283 int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, 284 long len) 285 { 286 int ret; 287 const unsigned char *p; 288 EVP_PKEY *pkey; 289 290 p = d; 291 if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) { 292 SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB); 293 return 0; 294 } 295 296 ret = SSL_use_PrivateKey(ssl, pkey); 297 EVP_PKEY_free(pkey); 298 return ret; 299 } 300 301 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) 302 { 303 int rv; 304 if (x == NULL) { 305 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER); 306 return 0; 307 } 308 rv = ssl_security_cert(NULL, ctx, x, 0, 1); 309 if (rv != 1) { 310 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, rv); 311 return 0; 312 } 313 return ssl_set_cert(ctx->cert, x); 314 } 315 316 static int ssl_set_cert(CERT *c, X509 *x) 317 { 318 EVP_PKEY *pkey; 319 size_t i; 320 321 pkey = X509_get0_pubkey(x); 322 if (pkey == NULL) { 323 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB); 324 return 0; 325 } 326 327 if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) { 328 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE); 329 return 0; 330 } 331 #ifndef OPENSSL_NO_EC 332 if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) { 333 SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING); 334 return 0; 335 } 336 #endif 337 if (c->pkeys[i].privatekey != NULL) { 338 /* 339 * The return code from EVP_PKEY_copy_parameters is deliberately 340 * ignored. Some EVP_PKEY types cannot do this. 341 */ 342 EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey); 343 ERR_clear_error(); 344 345 #ifndef OPENSSL_NO_RSA 346 /* 347 * Don't check the public/private key, this is mostly for smart 348 * cards. 349 */ 350 if (EVP_PKEY_id(c->pkeys[i].privatekey) == EVP_PKEY_RSA 351 && RSA_flags(EVP_PKEY_get0_RSA(c->pkeys[i].privatekey)) & 352 RSA_METHOD_FLAG_NO_CHECK) ; 353 else 354 #endif /* OPENSSL_NO_RSA */ 355 if (!X509_check_private_key(x, c->pkeys[i].privatekey)) { 356 /* 357 * don't fail for a cert/key mismatch, just free current private 358 * key (when switching to a different cert & key, first this 359 * function should be used, then ssl_set_pkey 360 */ 361 EVP_PKEY_free(c->pkeys[i].privatekey); 362 c->pkeys[i].privatekey = NULL; 363 /* clear error queue */ 364 ERR_clear_error(); 365 } 366 } 367 368 X509_free(c->pkeys[i].x509); 369 X509_up_ref(x); 370 c->pkeys[i].x509 = x; 371 c->key = &(c->pkeys[i]); 372 373 return 1; 374 } 375 376 int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) 377 { 378 int j; 379 BIO *in; 380 int ret = 0; 381 X509 *x = NULL; 382 383 in = BIO_new(BIO_s_file()); 384 if (in == NULL) { 385 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB); 386 goto end; 387 } 388 389 if (BIO_read_filename(in, file) <= 0) { 390 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB); 391 goto end; 392 } 393 if (type == SSL_FILETYPE_ASN1) { 394 j = ERR_R_ASN1_LIB; 395 x = d2i_X509_bio(in, NULL); 396 } else if (type == SSL_FILETYPE_PEM) { 397 j = ERR_R_PEM_LIB; 398 x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, 399 ctx->default_passwd_callback_userdata); 400 } else { 401 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); 402 goto end; 403 } 404 405 if (x == NULL) { 406 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j); 407 goto end; 408 } 409 410 ret = SSL_CTX_use_certificate(ctx, x); 411 end: 412 X509_free(x); 413 BIO_free(in); 414 return ret; 415 } 416 417 int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) 418 { 419 X509 *x; 420 int ret; 421 422 x = d2i_X509(NULL, &d, (long)len); 423 if (x == NULL) { 424 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB); 425 return 0; 426 } 427 428 ret = SSL_CTX_use_certificate(ctx, x); 429 X509_free(x); 430 return ret; 431 } 432 433 #ifndef OPENSSL_NO_RSA 434 int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) 435 { 436 int ret; 437 EVP_PKEY *pkey; 438 439 if (rsa == NULL) { 440 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); 441 return 0; 442 } 443 if ((pkey = EVP_PKEY_new()) == NULL) { 444 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB); 445 return 0; 446 } 447 448 RSA_up_ref(rsa); 449 if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) { 450 RSA_free(rsa); 451 EVP_PKEY_free(pkey); 452 return 0; 453 } 454 455 ret = ssl_set_pkey(ctx->cert, pkey); 456 EVP_PKEY_free(pkey); 457 return ret; 458 } 459 460 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) 461 { 462 int j, ret = 0; 463 BIO *in; 464 RSA *rsa = NULL; 465 466 in = BIO_new(BIO_s_file()); 467 if (in == NULL) { 468 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB); 469 goto end; 470 } 471 472 if (BIO_read_filename(in, file) <= 0) { 473 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB); 474 goto end; 475 } 476 if (type == SSL_FILETYPE_ASN1) { 477 j = ERR_R_ASN1_LIB; 478 rsa = d2i_RSAPrivateKey_bio(in, NULL); 479 } else if (type == SSL_FILETYPE_PEM) { 480 j = ERR_R_PEM_LIB; 481 rsa = PEM_read_bio_RSAPrivateKey(in, NULL, 482 ctx->default_passwd_callback, 483 ctx->default_passwd_callback_userdata); 484 } else { 485 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); 486 goto end; 487 } 488 if (rsa == NULL) { 489 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j); 490 goto end; 491 } 492 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa); 493 RSA_free(rsa); 494 end: 495 BIO_free(in); 496 return ret; 497 } 498 499 int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, 500 long len) 501 { 502 int ret; 503 const unsigned char *p; 504 RSA *rsa; 505 506 p = d; 507 if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) { 508 SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB); 509 return 0; 510 } 511 512 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa); 513 RSA_free(rsa); 514 return ret; 515 } 516 #endif /* !OPENSSL_NO_RSA */ 517 518 int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) 519 { 520 if (pkey == NULL) { 521 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); 522 return 0; 523 } 524 return ssl_set_pkey(ctx->cert, pkey); 525 } 526 527 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) 528 { 529 int j, ret = 0; 530 BIO *in; 531 EVP_PKEY *pkey = NULL; 532 533 in = BIO_new(BIO_s_file()); 534 if (in == NULL) { 535 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB); 536 goto end; 537 } 538 539 if (BIO_read_filename(in, file) <= 0) { 540 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB); 541 goto end; 542 } 543 if (type == SSL_FILETYPE_PEM) { 544 j = ERR_R_PEM_LIB; 545 pkey = PEM_read_bio_PrivateKey(in, NULL, 546 ctx->default_passwd_callback, 547 ctx->default_passwd_callback_userdata); 548 } else if (type == SSL_FILETYPE_ASN1) { 549 j = ERR_R_ASN1_LIB; 550 pkey = d2i_PrivateKey_bio(in, NULL); 551 } else { 552 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); 553 goto end; 554 } 555 if (pkey == NULL) { 556 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j); 557 goto end; 558 } 559 ret = SSL_CTX_use_PrivateKey(ctx, pkey); 560 EVP_PKEY_free(pkey); 561 end: 562 BIO_free(in); 563 return ret; 564 } 565 566 int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, 567 const unsigned char *d, long len) 568 { 569 int ret; 570 const unsigned char *p; 571 EVP_PKEY *pkey; 572 573 p = d; 574 if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) { 575 SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB); 576 return 0; 577 } 578 579 ret = SSL_CTX_use_PrivateKey(ctx, pkey); 580 EVP_PKEY_free(pkey); 581 return ret; 582 } 583 584 /* 585 * Read a file that contains our certificate in "PEM" format, possibly 586 * followed by a sequence of CA certificates that should be sent to the peer 587 * in the Certificate message. 588 */ 589 static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) 590 { 591 BIO *in; 592 int ret = 0; 593 X509 *x = NULL; 594 pem_password_cb *passwd_callback; 595 void *passwd_callback_userdata; 596 597 ERR_clear_error(); /* clear error stack for 598 * SSL_CTX_use_certificate() */ 599 600 if (ctx != NULL) { 601 passwd_callback = ctx->default_passwd_callback; 602 passwd_callback_userdata = ctx->default_passwd_callback_userdata; 603 } else { 604 passwd_callback = ssl->default_passwd_callback; 605 passwd_callback_userdata = ssl->default_passwd_callback_userdata; 606 } 607 608 in = BIO_new(BIO_s_file()); 609 if (in == NULL) { 610 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB); 611 goto end; 612 } 613 614 if (BIO_read_filename(in, file) <= 0) { 615 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB); 616 goto end; 617 } 618 619 x = PEM_read_bio_X509_AUX(in, NULL, passwd_callback, 620 passwd_callback_userdata); 621 if (x == NULL) { 622 SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB); 623 goto end; 624 } 625 626 if (ctx) 627 ret = SSL_CTX_use_certificate(ctx, x); 628 else 629 ret = SSL_use_certificate(ssl, x); 630 631 if (ERR_peek_error() != 0) 632 ret = 0; /* Key/certificate mismatch doesn't imply 633 * ret==0 ... */ 634 if (ret) { 635 /* 636 * If we could set up our certificate, now proceed to the CA 637 * certificates. 638 */ 639 X509 *ca; 640 int r; 641 unsigned long err; 642 643 if (ctx) 644 r = SSL_CTX_clear_chain_certs(ctx); 645 else 646 r = SSL_clear_chain_certs(ssl); 647 648 if (r == 0) { 649 ret = 0; 650 goto end; 651 } 652 653 while ((ca = PEM_read_bio_X509(in, NULL, passwd_callback, 654 passwd_callback_userdata)) 655 != NULL) { 656 if (ctx) 657 r = SSL_CTX_add0_chain_cert(ctx, ca); 658 else 659 r = SSL_add0_chain_cert(ssl, ca); 660 /* 661 * Note that we must not free ca if it was successfully added to 662 * the chain (while we must free the main certificate, since its 663 * reference count is increased by SSL_CTX_use_certificate). 664 */ 665 if (!r) { 666 X509_free(ca); 667 ret = 0; 668 goto end; 669 } 670 } 671 /* When the while loop ends, it's usually just EOF. */ 672 err = ERR_peek_last_error(); 673 if (ERR_GET_LIB(err) == ERR_LIB_PEM 674 && ERR_GET_REASON(err) == PEM_R_NO_START_LINE) 675 ERR_clear_error(); 676 else 677 ret = 0; /* some real error */ 678 } 679 680 end: 681 X509_free(x); 682 BIO_free(in); 683 return ret; 684 } 685 686 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) 687 { 688 return use_certificate_chain_file(ctx, NULL, file); 689 } 690 691 int SSL_use_certificate_chain_file(SSL *ssl, const char *file) 692 { 693 return use_certificate_chain_file(NULL, ssl, file); 694 } 695 696 static int serverinfo_find_extension(const unsigned char *serverinfo, 697 size_t serverinfo_length, 698 unsigned int extension_type, 699 const unsigned char **extension_data, 700 size_t *extension_length) 701 { 702 PACKET pkt, data; 703 704 *extension_data = NULL; 705 *extension_length = 0; 706 if (serverinfo == NULL || serverinfo_length == 0) 707 return -1; 708 709 if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length)) 710 return -1; 711 712 for (;;) { 713 unsigned int type = 0; 714 unsigned long context = 0; 715 716 /* end of serverinfo */ 717 if (PACKET_remaining(&pkt) == 0) 718 return 0; /* Extension not found */ 719 720 if (!PACKET_get_net_4(&pkt, &context) 721 || !PACKET_get_net_2(&pkt, &type) 722 || !PACKET_get_length_prefixed_2(&pkt, &data)) 723 return -1; 724 725 if (type == extension_type) { 726 *extension_data = PACKET_data(&data); 727 *extension_length = PACKET_remaining(&data);; 728 return 1; /* Success */ 729 } 730 } 731 /* Unreachable */ 732 } 733 734 static int serverinfoex_srv_parse_cb(SSL *s, unsigned int ext_type, 735 unsigned int context, 736 const unsigned char *in, 737 size_t inlen, X509 *x, size_t chainidx, 738 int *al, void *arg) 739 { 740 741 if (inlen != 0) { 742 *al = SSL_AD_DECODE_ERROR; 743 return 0; 744 } 745 746 return 1; 747 } 748 749 static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type, 750 const unsigned char *in, 751 size_t inlen, int *al, void *arg) 752 { 753 return serverinfoex_srv_parse_cb(s, ext_type, 0, in, inlen, NULL, 0, al, 754 arg); 755 } 756 757 static int serverinfoex_srv_add_cb(SSL *s, unsigned int ext_type, 758 unsigned int context, 759 const unsigned char **out, 760 size_t *outlen, X509 *x, size_t chainidx, 761 int *al, void *arg) 762 { 763 const unsigned char *serverinfo = NULL; 764 size_t serverinfo_length = 0; 765 766 /* We only support extensions for the first Certificate */ 767 if ((context & SSL_EXT_TLS1_3_CERTIFICATE) != 0 && chainidx > 0) 768 return 0; 769 770 /* Is there serverinfo data for the chosen server cert? */ 771 if ((ssl_get_server_cert_serverinfo(s, &serverinfo, 772 &serverinfo_length)) != 0) { 773 /* Find the relevant extension from the serverinfo */ 774 int retval = serverinfo_find_extension(serverinfo, serverinfo_length, 775 ext_type, out, outlen); 776 if (retval == -1) { 777 *al = SSL_AD_INTERNAL_ERROR; 778 return -1; /* Error */ 779 } 780 if (retval == 0) 781 return 0; /* No extension found, don't send extension */ 782 return 1; /* Send extension */ 783 } 784 return 0; /* No serverinfo data found, don't send 785 * extension */ 786 } 787 788 static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type, 789 const unsigned char **out, size_t *outlen, 790 int *al, void *arg) 791 { 792 return serverinfoex_srv_add_cb(s, ext_type, 0, out, outlen, NULL, 0, al, 793 arg); 794 } 795 796 /* 797 * With a NULL context, this function just checks that the serverinfo data 798 * parses correctly. With a non-NULL context, it registers callbacks for 799 * the included extensions. 800 */ 801 static int serverinfo_process_buffer(unsigned int version, 802 const unsigned char *serverinfo, 803 size_t serverinfo_length, SSL_CTX *ctx) 804 { 805 PACKET pkt; 806 807 if (serverinfo == NULL || serverinfo_length == 0) 808 return 0; 809 810 if (version != SSL_SERVERINFOV1 && version != SSL_SERVERINFOV2) 811 return 0; 812 813 if (!PACKET_buf_init(&pkt, serverinfo, serverinfo_length)) 814 return 0; 815 816 while (PACKET_remaining(&pkt)) { 817 unsigned long context = 0; 818 unsigned int ext_type = 0; 819 PACKET data; 820 821 if ((version == SSL_SERVERINFOV2 && !PACKET_get_net_4(&pkt, &context)) 822 || !PACKET_get_net_2(&pkt, &ext_type) 823 || !PACKET_get_length_prefixed_2(&pkt, &data)) 824 return 0; 825 826 if (ctx == NULL) 827 continue; 828 829 /* 830 * The old style custom extensions API could be set separately for 831 * server/client, i.e. you could set one custom extension for a client, 832 * and *for the same extension in the same SSL_CTX* you could set a 833 * custom extension for the server as well. It seems quite weird to be 834 * setting a custom extension for both client and server in a single 835 * SSL_CTX - but theoretically possible. This isn't possible in the 836 * new API. Therefore, if we have V1 serverinfo we use the old API. We 837 * also use the old API even if we have V2 serverinfo but the context 838 * looks like an old style <= TLSv1.2 extension. 839 */ 840 if (version == SSL_SERVERINFOV1 || context == SYNTHV1CONTEXT) { 841 if (!SSL_CTX_add_server_custom_ext(ctx, ext_type, 842 serverinfo_srv_add_cb, 843 NULL, NULL, 844 serverinfo_srv_parse_cb, 845 NULL)) 846 return 0; 847 } else { 848 if (!SSL_CTX_add_custom_ext(ctx, ext_type, context, 849 serverinfoex_srv_add_cb, 850 NULL, NULL, 851 serverinfoex_srv_parse_cb, 852 NULL)) 853 return 0; 854 } 855 } 856 857 return 1; 858 } 859 860 int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version, 861 const unsigned char *serverinfo, 862 size_t serverinfo_length) 863 { 864 unsigned char *new_serverinfo; 865 866 if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) { 867 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER); 868 return 0; 869 } 870 if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length, 871 NULL)) { 872 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA); 873 return 0; 874 } 875 if (ctx->cert->key == NULL) { 876 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_INTERNAL_ERROR); 877 return 0; 878 } 879 new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo, 880 serverinfo_length); 881 if (new_serverinfo == NULL) { 882 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE); 883 return 0; 884 } 885 ctx->cert->key->serverinfo = new_serverinfo; 886 memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length); 887 ctx->cert->key->serverinfo_length = serverinfo_length; 888 889 /* 890 * Now that the serverinfo is validated and stored, go ahead and 891 * register callbacks. 892 */ 893 if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length, 894 ctx)) { 895 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA); 896 return 0; 897 } 898 return 1; 899 } 900 901 int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, 902 size_t serverinfo_length) 903 { 904 return SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV1, serverinfo, 905 serverinfo_length); 906 } 907 908 int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) 909 { 910 unsigned char *serverinfo = NULL; 911 unsigned char *tmp; 912 size_t serverinfo_length = 0; 913 unsigned char *extension = 0; 914 long extension_length = 0; 915 char *name = NULL; 916 char *header = NULL; 917 char namePrefix1[] = "SERVERINFO FOR "; 918 char namePrefix2[] = "SERVERINFOV2 FOR "; 919 int ret = 0; 920 BIO *bin = NULL; 921 size_t num_extensions = 0, contextoff = 0; 922 923 if (ctx == NULL || file == NULL) { 924 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER); 925 goto end; 926 } 927 928 bin = BIO_new(BIO_s_file()); 929 if (bin == NULL) { 930 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB); 931 goto end; 932 } 933 if (BIO_read_filename(bin, file) <= 0) { 934 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB); 935 goto end; 936 } 937 938 for (num_extensions = 0;; num_extensions++) { 939 unsigned int version; 940 941 if (PEM_read_bio(bin, &name, &header, &extension, &extension_length) 942 == 0) { 943 /* 944 * There must be at least one extension in this file 945 */ 946 if (num_extensions == 0) { 947 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, 948 SSL_R_NO_PEM_EXTENSIONS); 949 goto end; 950 } else /* End of file, we're done */ 951 break; 952 } 953 /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */ 954 if (strlen(name) < strlen(namePrefix1)) { 955 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT); 956 goto end; 957 } 958 if (strncmp(name, namePrefix1, strlen(namePrefix1)) == 0) { 959 version = SSL_SERVERINFOV1; 960 } else { 961 if (strlen(name) < strlen(namePrefix2)) { 962 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, 963 SSL_R_PEM_NAME_TOO_SHORT); 964 goto end; 965 } 966 if (strncmp(name, namePrefix2, strlen(namePrefix2)) != 0) { 967 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, 968 SSL_R_PEM_NAME_BAD_PREFIX); 969 goto end; 970 } 971 version = SSL_SERVERINFOV2; 972 } 973 /* 974 * Check that the decoded PEM data is plausible (valid length field) 975 */ 976 if (version == SSL_SERVERINFOV1) { 977 /* 4 byte header: 2 bytes type, 2 bytes len */ 978 if (extension_length < 4 979 || (extension[2] << 8) + extension[3] 980 != extension_length - 4) { 981 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA); 982 goto end; 983 } 984 /* 985 * File does not have a context value so we must take account of 986 * this later. 987 */ 988 contextoff = 4; 989 } else { 990 /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */ 991 if (extension_length < 8 992 || (extension[6] << 8) + extension[7] 993 != extension_length - 8) { 994 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA); 995 goto end; 996 } 997 } 998 /* Append the decoded extension to the serverinfo buffer */ 999 tmp = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length 1000 + contextoff); 1001 if (tmp == NULL) { 1002 SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE); 1003 goto end; 1004 } 1005 serverinfo = tmp; 1006 if (contextoff > 0) { 1007 unsigned char *sinfo = serverinfo + serverinfo_length; 1008 1009 /* We know this only uses the last 2 bytes */ 1010 sinfo[0] = 0; 1011 sinfo[1] = 0; 1012 sinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff; 1013 sinfo[3] = SYNTHV1CONTEXT & 0xff; 1014 } 1015 memcpy(serverinfo + serverinfo_length + contextoff, 1016 extension, extension_length); 1017 serverinfo_length += extension_length + contextoff; 1018 1019 OPENSSL_free(name); 1020 name = NULL; 1021 OPENSSL_free(header); 1022 header = NULL; 1023 OPENSSL_free(extension); 1024 extension = NULL; 1025 } 1026 1027 ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, serverinfo, 1028 serverinfo_length); 1029 end: 1030 /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */ 1031 OPENSSL_free(name); 1032 OPENSSL_free(header); 1033 OPENSSL_free(extension); 1034 OPENSSL_free(serverinfo); 1035 BIO_free(bin); 1036 return ret; 1037 } 1038 1039 static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey, 1040 STACK_OF(X509) *chain, int override) 1041 { 1042 int ret = 0; 1043 size_t i; 1044 int j; 1045 int rv; 1046 CERT *c = ssl != NULL ? ssl->cert : ctx->cert; 1047 STACK_OF(X509) *dup_chain = NULL; 1048 EVP_PKEY *pubkey = NULL; 1049 1050 /* Do all security checks before anything else */ 1051 rv = ssl_security_cert(ssl, ctx, x509, 0, 1); 1052 if (rv != 1) { 1053 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv); 1054 goto out; 1055 } 1056 for (j = 0; j < sk_X509_num(chain); j++) { 1057 rv = ssl_security_cert(ssl, ctx, sk_X509_value(chain, j), 0, 0); 1058 if (rv != 1) { 1059 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv); 1060 goto out; 1061 } 1062 } 1063 1064 pubkey = X509_get_pubkey(x509); /* bumps reference */ 1065 if (pubkey == NULL) 1066 goto out; 1067 if (privatekey == NULL) { 1068 privatekey = pubkey; 1069 } else { 1070 /* For RSA, which has no parameters, missing returns 0 */ 1071 if (EVP_PKEY_missing_parameters(privatekey)) { 1072 if (EVP_PKEY_missing_parameters(pubkey)) { 1073 /* nobody has parameters? - error */ 1074 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_MISSING_PARAMETERS); 1075 goto out; 1076 } else { 1077 /* copy to privatekey from pubkey */ 1078 EVP_PKEY_copy_parameters(privatekey, pubkey); 1079 } 1080 } else if (EVP_PKEY_missing_parameters(pubkey)) { 1081 /* copy to pubkey from privatekey */ 1082 EVP_PKEY_copy_parameters(pubkey, privatekey); 1083 } /* else both have parameters */ 1084 1085 /* Copied from ssl_set_cert/pkey */ 1086 #ifndef OPENSSL_NO_RSA 1087 if ((EVP_PKEY_id(privatekey) == EVP_PKEY_RSA) && 1088 ((RSA_flags(EVP_PKEY_get0_RSA(privatekey)) & RSA_METHOD_FLAG_NO_CHECK))) 1089 /* no-op */ ; 1090 else 1091 #endif 1092 /* check that key <-> cert match */ 1093 if (EVP_PKEY_cmp(pubkey, privatekey) != 1) { 1094 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_PRIVATE_KEY_MISMATCH); 1095 goto out; 1096 } 1097 } 1098 if (ssl_cert_lookup_by_pkey(pubkey, &i) == NULL) { 1099 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE); 1100 goto out; 1101 } 1102 1103 if (!override && (c->pkeys[i].x509 != NULL 1104 || c->pkeys[i].privatekey != NULL 1105 || c->pkeys[i].chain != NULL)) { 1106 /* No override, and something already there */ 1107 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_NOT_REPLACING_CERTIFICATE); 1108 goto out; 1109 } 1110 1111 if (chain != NULL) { 1112 dup_chain = X509_chain_up_ref(chain); 1113 if (dup_chain == NULL) { 1114 SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, ERR_R_MALLOC_FAILURE); 1115 goto out; 1116 } 1117 } 1118 1119 sk_X509_pop_free(c->pkeys[i].chain, X509_free); 1120 c->pkeys[i].chain = dup_chain; 1121 1122 X509_free(c->pkeys[i].x509); 1123 X509_up_ref(x509); 1124 c->pkeys[i].x509 = x509; 1125 1126 EVP_PKEY_free(c->pkeys[i].privatekey); 1127 EVP_PKEY_up_ref(privatekey); 1128 c->pkeys[i].privatekey = privatekey; 1129 1130 c->key = &(c->pkeys[i]); 1131 1132 ret = 1; 1133 out: 1134 EVP_PKEY_free(pubkey); 1135 return ret; 1136 } 1137 1138 int SSL_use_cert_and_key(SSL *ssl, X509 *x509, EVP_PKEY *privatekey, 1139 STACK_OF(X509) *chain, int override) 1140 { 1141 return ssl_set_cert_and_key(ssl, NULL, x509, privatekey, chain, override); 1142 } 1143 1144 int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey, 1145 STACK_OF(X509) *chain, int override) 1146 { 1147 return ssl_set_cert_and_key(NULL, ctx, x509, privatekey, chain, override); 1148 } 1149