X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_rsa.c;h=172e15f92087410e02692b7befd941c6a655aab3;hp=f0a058e4bc5c2f6d74b744839051f7439479c262;hb=4cffafe96786558f66e1900ac462f9ccba921132;hpb=f233a9d181b5cd150322e2e10348a4c1d96fc1f3 diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index f0a058e4bc..172e15f920 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -18,12 +18,18 @@ static int ssl_set_cert(CERT *c, X509 *x509); static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); + +#define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \ + | SSL_EXT_CLIENT_HELLO \ + | SSL_EXT_TLS1_2_SERVER_HELLO \ + | SSL_EXT_IGNORE_ON_RESUMPTION) + int SSL_use_certificate(SSL *ssl, X509 *x) { int rv; if (x == NULL) { SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER); - return (0); + return 0; } rv = ssl_security_cert(ssl, NULL, x, 0, 1); if (rv != 1) { @@ -31,7 +37,7 @@ int SSL_use_certificate(SSL *ssl, X509 *x) return 0; } - return (ssl_set_cert(ssl->cert, x)); + return ssl_set_cert(ssl->cert, x); } int SSL_use_certificate_file(SSL *ssl, const char *file, int type) @@ -72,7 +78,7 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) end: X509_free(x); BIO_free(in); - return (ret); + return ret; } int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) @@ -83,12 +89,12 @@ int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) x = d2i_X509(NULL, &d, (long)len); if (x == NULL) { SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB); - return (0); + return 0; } ret = SSL_use_certificate(ssl, x); X509_free(x); - return (ret); + return ret; } #ifndef OPENSSL_NO_RSA @@ -99,11 +105,11 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) if (rsa == NULL) { SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); - return (0); + return 0; } if ((pkey = EVP_PKEY_new()) == NULL) { SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB); - return (0); + return 0; } RSA_up_ref(rsa); @@ -115,17 +121,17 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) ret = ssl_set_pkey(ssl->cert, pkey); EVP_PKEY_free(pkey); - return (ret); + return ret; } #endif static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) { - int i; - i = ssl_cert_type(NULL, pkey); - if (i < 0) { + size_t i; + + if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) { SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE); - return (0); + return 0; } if (c->pkeys[i].x509 != NULL) { @@ -161,8 +167,8 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) EVP_PKEY_free(c->pkeys[i].privatekey); EVP_PKEY_up_ref(pkey); c->pkeys[i].privatekey = pkey; - c->key = &(c->pkeys[i]); - return (1); + c->key = &c->pkeys[i]; + return 1; } #ifndef OPENSSL_NO_RSA @@ -202,7 +208,7 @@ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) RSA_free(rsa); end: BIO_free(in); - return (ret); + return ret; } int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len) @@ -214,12 +220,12 @@ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len) p = d; if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) { SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB); - return (0); + return 0; } ret = SSL_use_RSAPrivateKey(ssl, rsa); RSA_free(rsa); - return (ret); + return ret; } #endif /* !OPENSSL_NO_RSA */ @@ -229,10 +235,10 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) if (pkey == NULL) { SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); - return (0); + return 0; } ret = ssl_set_pkey(ssl->cert, pkey); - return (ret); + return ret; } int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) @@ -271,7 +277,7 @@ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) EVP_PKEY_free(pkey); end: BIO_free(in); - return (ret); + return ret; } int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, @@ -284,12 +290,12 @@ int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, p = d; if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) { SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB); - return (0); + return 0; } ret = SSL_use_PrivateKey(ssl, pkey); EVP_PKEY_free(pkey); - return (ret); + return ret; } int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) @@ -297,29 +303,28 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) int rv; if (x == NULL) { SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER); - return (0); + return 0; } rv = ssl_security_cert(NULL, ctx, x, 0, 1); if (rv != 1) { SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, rv); return 0; } - return (ssl_set_cert(ctx->cert, x)); + return ssl_set_cert(ctx->cert, x); } static int ssl_set_cert(CERT *c, X509 *x) { EVP_PKEY *pkey; - int i; + size_t i; pkey = X509_get0_pubkey(x); if (pkey == NULL) { SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB); - return (0); + return 0; } - i = ssl_cert_type(x, pkey); - if (i < 0) { + if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) { SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE); return 0; } @@ -406,7 +411,7 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) end: X509_free(x); BIO_free(in); - return (ret); + return ret; } int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) @@ -417,12 +422,12 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) x = d2i_X509(NULL, &d, (long)len); if (x == NULL) { SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB); - return (0); + return 0; } ret = SSL_CTX_use_certificate(ctx, x); X509_free(x); - return (ret); + return ret; } #ifndef OPENSSL_NO_RSA @@ -433,11 +438,11 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) if (rsa == NULL) { SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); - return (0); + return 0; } if ((pkey = EVP_PKEY_new()) == NULL) { SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB); - return (0); + return 0; } RSA_up_ref(rsa); @@ -449,7 +454,7 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) ret = ssl_set_pkey(ctx->cert, pkey); EVP_PKEY_free(pkey); - return (ret); + return ret; } int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) @@ -488,7 +493,7 @@ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) RSA_free(rsa); end: BIO_free(in); - return (ret); + return ret; } int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, @@ -501,12 +506,12 @@ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, p = d; if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) { SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB); - return (0); + return 0; } ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa); RSA_free(rsa); - return (ret); + return ret; } #endif /* !OPENSSL_NO_RSA */ @@ -514,9 +519,9 @@ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) { if (pkey == NULL) { SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); - return (0); + return 0; } - return (ssl_set_pkey(ctx->cert, pkey)); + return ssl_set_pkey(ctx->cert, pkey); } int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) @@ -555,7 +560,7 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) EVP_PKEY_free(pkey); end: BIO_free(in); - return (ret); + return ret; } int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, @@ -568,12 +573,12 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, p = d; if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) { SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB); - return (0); + return 0; } ret = SSL_CTX_use_PrivateKey(ctx, pkey); EVP_PKEY_free(pkey); - return (ret); + return ret; } /* @@ -675,7 +680,7 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) end: X509_free(x); BIO_free(in); - return (ret); + return ret; } int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) @@ -769,7 +774,7 @@ static int serverinfoex_srv_add_cb(SSL *s, unsigned int ext_type, int retval = serverinfo_find_extension(serverinfo, serverinfo_length, ext_type, out, outlen); if (retval == -1) { - *al = SSL_AD_DECODE_ERROR; + *al = SSL_AD_INTERNAL_ERROR; return -1; /* Error */ } if (retval == 0) @@ -813,7 +818,7 @@ static int serverinfo_process_buffer(unsigned int version, unsigned int ext_type = 0; PACKET data; - if (!PACKET_get_net_4(&pkt, &context) + if ((version == SSL_SERVERINFOV2 && !PACKET_get_net_4(&pkt, &context)) || !PACKET_get_net_2(&pkt, &ext_type) || !PACKET_get_length_prefixed_2(&pkt, &data)) return 0; @@ -821,7 +826,18 @@ static int serverinfo_process_buffer(unsigned int version, if (ctx == NULL) continue; - if (version == SSL_SERVERINFOV1) { + /* + * The old style custom extensions API could be set separately for + * server/client, i.e. you could set one custom extension for a client, + * and *for the same extension in the same SSL_CTX* you could set a + * custom extension for the server as well. It seems quite weird to be + * setting a custom extension for both client and server in a single + * SSL_CTX - but theoretically possible. This isn't possible in the + * new API. Therefore, if we have V1 serverinfo we use the old API. We + * also use the old API even if we have V2 serverinfo but the context + * looks like an old style <= TLSv1.2 extension. + */ + if (version == SSL_SERVERINFOV1 || context == SYNTHV1CONTEXT) { if (!SSL_CTX_add_server_custom_ext(ctx, ext_type, serverinfo_srv_add_cb, NULL, NULL, @@ -903,7 +919,6 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) int ret = 0; BIO *bin = NULL; size_t num_extensions = 0, contextoff = 0; - unsigned int version; if (ctx == NULL || file == NULL) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER); @@ -921,6 +936,8 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) } for (num_extensions = 0;; num_extensions++) { + unsigned int version; + if (PEM_read_bio(bin, &name, &header, &extension, &extension_length) == 0) { /* @@ -987,15 +1004,13 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) } serverinfo = tmp; if (contextoff > 0) { - unsigned int synthcontext = SSL_EXT_CLIENT_HELLO - | SSL_EXT_TLS1_2_SERVER_HELLO; unsigned char *sinfo = serverinfo + serverinfo_length; /* We know this only uses the last 2 bytes */ sinfo[0] = 0; sinfo[1] = 0; - sinfo[2] = (synthcontext >> 8) & 0xff; - sinfo[3] = synthcontext & 0xff; + sinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff; + sinfo[3] = SYNTHV1CONTEXT & 0xff; } memcpy(serverinfo + serverinfo_length + contextoff, extension, extension_length); @@ -1009,7 +1024,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) extension = NULL; } - ret = SSL_CTX_use_serverinfo_ex(ctx, version, serverinfo, + ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, serverinfo, serverinfo_length); end: /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */ @@ -1020,3 +1035,114 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) BIO_free(bin); return ret; } + +static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey, + STACK_OF(X509) *chain, int override) +{ + int ret = 0; + size_t i; + int j; + int rv; + CERT *c = ssl != NULL ? ssl->cert : ctx->cert; + STACK_OF(X509) *dup_chain = NULL; + EVP_PKEY *pubkey = NULL; + + /* Do all security checks before anything else */ + rv = ssl_security_cert(ssl, ctx, x509, 0, 1); + if (rv != 1) { + SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv); + goto out; + } + for (j = 0; j < sk_X509_num(chain); j++) { + rv = ssl_security_cert(ssl, ctx, sk_X509_value(chain, j), 0, 0); + if (rv != 1) { + SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, rv); + goto out; + } + } + + pubkey = X509_get_pubkey(x509); /* bumps reference */ + if (pubkey == NULL) + goto out; + if (privatekey == NULL) { + privatekey = pubkey; + } else { + /* For RSA, which has no parameters, missing returns 0 */ + if (EVP_PKEY_missing_parameters(privatekey)) { + if (EVP_PKEY_missing_parameters(pubkey)) { + /* nobody has parameters? - error */ + SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_MISSING_PARAMETERS); + goto out; + } else { + /* copy to privatekey from pubkey */ + EVP_PKEY_copy_parameters(privatekey, pubkey); + } + } else if (EVP_PKEY_missing_parameters(pubkey)) { + /* copy to pubkey from privatekey */ + EVP_PKEY_copy_parameters(pubkey, privatekey); + } /* else both have parameters */ + + /* Copied from ssl_set_cert/pkey */ +#ifndef OPENSSL_NO_RSA + if ((EVP_PKEY_id(privatekey) == EVP_PKEY_RSA) && + ((RSA_flags(EVP_PKEY_get0_RSA(privatekey)) & RSA_METHOD_FLAG_NO_CHECK))) + /* no-op */ ; + else +#endif + /* check that key <-> cert match */ + if (EVP_PKEY_cmp(pubkey, privatekey) != 1) { + SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_PRIVATE_KEY_MISMATCH); + goto out; + } + } + if (ssl_cert_lookup_by_pkey(pubkey, &i) == NULL) { + SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE); + goto out; + } + + if (!override && (c->pkeys[i].x509 != NULL + || c->pkeys[i].privatekey != NULL + || c->pkeys[i].chain != NULL)) { + /* No override, and something already there */ + SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_NOT_REPLACING_CERTIFICATE); + goto out; + } + + if (chain != NULL) { + dup_chain = X509_chain_up_ref(chain); + if (dup_chain == NULL) { + SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, ERR_R_MALLOC_FAILURE); + goto out; + } + } + + sk_X509_pop_free(c->pkeys[i].chain, X509_free); + c->pkeys[i].chain = dup_chain; + + X509_free(c->pkeys[i].x509); + X509_up_ref(x509); + c->pkeys[i].x509 = x509; + + EVP_PKEY_free(c->pkeys[i].privatekey); + EVP_PKEY_up_ref(privatekey); + c->pkeys[i].privatekey = privatekey; + + c->key = &(c->pkeys[i]); + + ret = 1; + out: + EVP_PKEY_free(pubkey); + return ret; +} + +int SSL_use_cert_and_key(SSL *ssl, X509 *x509, EVP_PKEY *privatekey, + STACK_OF(X509) *chain, int override) +{ + return ssl_set_cert_and_key(ssl, NULL, x509, privatekey, chain, override); +} + +int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey, + STACK_OF(X509) *chain, int override) +{ + return ssl_set_cert_and_key(NULL, ctx, x509, privatekey, chain, override); +}