1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] 56 */ 57 /* ==================================================================== 58 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 59 * 60 * Redistribution and use in source and binary forms, with or without 61 * modification, are permitted provided that the following conditions 62 * are met: 63 * 64 * 1. Redistributions of source code must retain the above copyright 65 * notice, this list of conditions and the following disclaimer. 66 * 67 * 2. Redistributions in binary form must reproduce the above copyright 68 * notice, this list of conditions and the following disclaimer in 69 * the documentation and/or other materials provided with the 70 * distribution. 71 * 72 * 3. All advertising materials mentioning features or use of this 73 * software must display the following acknowledgment: 74 * "This product includes software developed by the OpenSSL Project 75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 76 * 77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 78 * endorse or promote products derived from this software without 79 * prior written permission. For written permission, please contact 80 * openssl-core (at) openssl.org. 81 * 82 * 5. Products derived from this software may not be called "OpenSSL" 83 * nor may "OpenSSL" appear in their names without prior written 84 * permission of the OpenSSL Project. 85 * 86 * 6. Redistributions of any form whatsoever must retain the following 87 * acknowledgment: 88 * "This product includes software developed by the OpenSSL Project 89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 90 * 91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 102 * OF THE POSSIBILITY OF SUCH DAMAGE. 103 * ==================================================================== 104 * 105 * This product includes cryptographic software written by Eric Young 106 * (eay (at) cryptsoft.com). This product includes software written by Tim 107 * Hudson (tjh (at) cryptsoft.com). 108 * 109 */ 110 /* ==================================================================== 111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 112 * ECC cipher suite support in OpenSSL originally developed by 113 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 114 */ 115 /* ==================================================================== 116 * Copyright 2005 Nokia. All rights reserved. 117 * 118 * The portions of the attached software ("Contribution") is developed by 119 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 120 * license. 121 * 122 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 123 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 124 * support (see RFC 4279) to OpenSSL. 125 * 126 * No patent licenses or other rights except those expressly stated in 127 * the OpenSSL open source license shall be deemed granted or received 128 * expressly, by implication, estoppel, or otherwise. 129 * 130 * No assurances are provided by Nokia that the Contribution does not 131 * infringe the patent or other intellectual property rights of any third 132 * party or that the license provides you with all the necessary rights 133 * to make use of the Contribution. 134 * 135 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 136 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 137 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 138 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 139 * OTHERWISE. */ 140 141 #include <openssl/ssl.h> 142 143 #include <assert.h> 144 145 #include <openssl/asn1.h> 146 #include <openssl/bytestring.h> 147 #include <openssl/err.h> 148 #include <openssl/pem.h> 149 #include <openssl/stack.h> 150 #include <openssl/x509.h> 151 #include <openssl/x509v3.h> 152 #include <openssl/x509_vfy.h> 153 154 #include "internal.h" 155 #include "../crypto/internal.h" 156 157 158 BSSL_NAMESPACE_BEGIN 159 160 // check_ssl_x509_method asserts that |ssl| has the X509-based method 161 // installed. Calling an X509-based method on an |ssl| with a different method 162 // will likely misbehave and possibly crash or leak memory. 163 static void check_ssl_x509_method(const SSL *ssl) { 164 assert(ssl == NULL || ssl->ctx->x509_method == &ssl_crypto_x509_method); 165 } 166 167 // check_ssl_ctx_x509_method acts like |check_ssl_x509_method|, but for an 168 // |SSL_CTX|. 169 static void check_ssl_ctx_x509_method(const SSL_CTX *ctx) { 170 assert(ctx == NULL || ctx->x509_method == &ssl_crypto_x509_method); 171 } 172 173 // x509_to_buffer returns a |CRYPTO_BUFFER| that contains the serialised 174 // contents of |x509|. 175 static UniquePtr<CRYPTO_BUFFER> x509_to_buffer(X509 *x509) { 176 uint8_t *buf = NULL; 177 int cert_len = i2d_X509(x509, &buf); 178 if (cert_len <= 0) { 179 return 0; 180 } 181 182 UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(buf, cert_len, NULL)); 183 OPENSSL_free(buf); 184 185 return buffer; 186 } 187 188 // new_leafless_chain returns a fresh stack of buffers set to {NULL}. 189 static UniquePtr<STACK_OF(CRYPTO_BUFFER)> new_leafless_chain(void) { 190 UniquePtr<STACK_OF(CRYPTO_BUFFER)> chain(sk_CRYPTO_BUFFER_new_null()); 191 if (!chain || 192 !sk_CRYPTO_BUFFER_push(chain.get(), nullptr)) { 193 return nullptr; 194 } 195 196 return chain; 197 } 198 199 // ssl_cert_set_chain sets elements 1.. of |cert->chain| to the serialised 200 // forms of elements of |chain|. It returns one on success or zero on error, in 201 // which case no change to |cert->chain| is made. It preverses the existing 202 // leaf from |cert->chain|, if any. 203 static int ssl_cert_set_chain(CERT *cert, STACK_OF(X509) *chain) { 204 UniquePtr<STACK_OF(CRYPTO_BUFFER)> new_chain; 205 206 if (cert->chain != nullptr) { 207 new_chain.reset(sk_CRYPTO_BUFFER_new_null()); 208 if (!new_chain) { 209 return 0; 210 } 211 212 // |leaf| might be NULL if it's a leafless chain. 213 CRYPTO_BUFFER *leaf = sk_CRYPTO_BUFFER_value(cert->chain.get(), 0); 214 if (!PushToStack(new_chain.get(), UpRef(leaf))) { 215 return 0; 216 } 217 } 218 219 for (X509 *x509 : chain) { 220 if (!new_chain) { 221 new_chain = new_leafless_chain(); 222 if (!new_chain) { 223 return 0; 224 } 225 } 226 227 UniquePtr<CRYPTO_BUFFER> buffer = x509_to_buffer(x509); 228 if (!buffer || 229 !PushToStack(new_chain.get(), std::move(buffer))) { 230 return 0; 231 } 232 } 233 234 cert->chain = std::move(new_chain); 235 return 1; 236 } 237 238 static void ssl_crypto_x509_cert_flush_cached_leaf(CERT *cert) { 239 X509_free(cert->x509_leaf); 240 cert->x509_leaf = NULL; 241 } 242 243 static void ssl_crypto_x509_cert_flush_cached_chain(CERT *cert) { 244 sk_X509_pop_free(cert->x509_chain, X509_free); 245 cert->x509_chain = NULL; 246 } 247 248 static int ssl_crypto_x509_check_client_CA_list( 249 STACK_OF(CRYPTO_BUFFER) *names) { 250 for (const CRYPTO_BUFFER *buffer : names) { 251 const uint8_t *inp = CRYPTO_BUFFER_data(buffer); 252 UniquePtr<X509_NAME> name( 253 d2i_X509_NAME(nullptr, &inp, CRYPTO_BUFFER_len(buffer))); 254 if (name == nullptr || 255 inp != CRYPTO_BUFFER_data(buffer) + CRYPTO_BUFFER_len(buffer)) { 256 return 0; 257 } 258 } 259 260 return 1; 261 } 262 263 static void ssl_crypto_x509_cert_clear(CERT *cert) { 264 ssl_crypto_x509_cert_flush_cached_leaf(cert); 265 ssl_crypto_x509_cert_flush_cached_chain(cert); 266 267 X509_free(cert->x509_stash); 268 cert->x509_stash = NULL; 269 } 270 271 static void ssl_crypto_x509_cert_free(CERT *cert) { 272 ssl_crypto_x509_cert_clear(cert); 273 X509_STORE_free(cert->verify_store); 274 } 275 276 static void ssl_crypto_x509_cert_dup(CERT *new_cert, const CERT *cert) { 277 if (cert->verify_store != NULL) { 278 X509_STORE_up_ref(cert->verify_store); 279 new_cert->verify_store = cert->verify_store; 280 } 281 } 282 283 static int ssl_crypto_x509_session_cache_objects(SSL_SESSION *sess) { 284 bssl::UniquePtr<STACK_OF(X509)> chain, chain_without_leaf; 285 if (sk_CRYPTO_BUFFER_num(sess->certs.get()) > 0) { 286 chain.reset(sk_X509_new_null()); 287 if (!chain) { 288 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); 289 return 0; 290 } 291 if (sess->is_server) { 292 // chain_without_leaf is only needed for server sessions. See 293 // |SSL_get_peer_cert_chain|. 294 chain_without_leaf.reset(sk_X509_new_null()); 295 if (!chain_without_leaf) { 296 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); 297 return 0; 298 } 299 } 300 } 301 302 bssl::UniquePtr<X509> leaf; 303 for (CRYPTO_BUFFER *cert : sess->certs.get()) { 304 UniquePtr<X509> x509(X509_parse_from_buffer(cert)); 305 if (!x509) { 306 OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); 307 return 0; 308 } 309 if (leaf == nullptr) { 310 leaf = UpRef(x509); 311 } else if (chain_without_leaf && 312 !PushToStack(chain_without_leaf.get(), UpRef(x509))) { 313 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); 314 return 0; 315 } 316 if (!PushToStack(chain.get(), std::move(x509))) { 317 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); 318 return 0; 319 } 320 } 321 322 sk_X509_pop_free(sess->x509_chain, X509_free); 323 sess->x509_chain = chain.release(); 324 325 sk_X509_pop_free(sess->x509_chain_without_leaf, X509_free); 326 sess->x509_chain_without_leaf = chain_without_leaf.release(); 327 328 X509_free(sess->x509_peer); 329 sess->x509_peer = leaf.release(); 330 return 1; 331 } 332 333 static int ssl_crypto_x509_session_dup(SSL_SESSION *new_session, 334 const SSL_SESSION *session) { 335 new_session->x509_peer = UpRef(session->x509_peer).release(); 336 if (session->x509_chain != nullptr) { 337 new_session->x509_chain = X509_chain_up_ref(session->x509_chain); 338 if (new_session->x509_chain == nullptr) { 339 return 0; 340 } 341 } 342 if (session->x509_chain_without_leaf != nullptr) { 343 new_session->x509_chain_without_leaf = 344 X509_chain_up_ref(session->x509_chain_without_leaf); 345 if (new_session->x509_chain_without_leaf == nullptr) { 346 return 0; 347 } 348 } 349 350 return 1; 351 } 352 353 static void ssl_crypto_x509_session_clear(SSL_SESSION *session) { 354 X509_free(session->x509_peer); 355 session->x509_peer = NULL; 356 sk_X509_pop_free(session->x509_chain, X509_free); 357 session->x509_chain = NULL; 358 sk_X509_pop_free(session->x509_chain_without_leaf, X509_free); 359 session->x509_chain_without_leaf = NULL; 360 } 361 362 static int ssl_crypto_x509_session_verify_cert_chain(SSL_SESSION *session, 363 SSL_HANDSHAKE *hs, 364 uint8_t *out_alert) { 365 *out_alert = SSL_AD_INTERNAL_ERROR; 366 STACK_OF(X509) *const cert_chain = session->x509_chain; 367 if (cert_chain == NULL || sk_X509_num(cert_chain) == 0) { 368 return 0; 369 } 370 371 SSL_CTX *ssl_ctx = hs->ssl->ctx.get(); 372 X509_STORE *verify_store = ssl_ctx->cert_store; 373 if (hs->config->cert->verify_store != NULL) { 374 verify_store = hs->config->cert->verify_store; 375 } 376 377 X509 *leaf = sk_X509_value(cert_chain, 0); 378 ScopedX509_STORE_CTX ctx; 379 if (!X509_STORE_CTX_init(ctx.get(), verify_store, leaf, cert_chain)) { 380 OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB); 381 return 0; 382 } 383 if (!X509_STORE_CTX_set_ex_data( 384 ctx.get(), SSL_get_ex_data_X509_STORE_CTX_idx(), hs->ssl)) { 385 return 0; 386 } 387 388 // We need to inherit the verify parameters. These can be determined by the 389 // context: if its a server it will verify SSL client certificates or vice 390 // versa. 391 X509_STORE_CTX_set_default(ctx.get(), 392 hs->ssl->server ? "ssl_client" : "ssl_server"); 393 394 // Anything non-default in "param" should overwrite anything in the ctx. 395 X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(ctx.get()), 396 hs->config->param); 397 398 if (hs->config->verify_callback) { 399 X509_STORE_CTX_set_verify_cb(ctx.get(), hs->config->verify_callback); 400 } 401 402 int verify_ret; 403 if (ssl_ctx->app_verify_callback != NULL) { 404 verify_ret = 405 ssl_ctx->app_verify_callback(ctx.get(), ssl_ctx->app_verify_arg); 406 } else { 407 verify_ret = X509_verify_cert(ctx.get()); 408 } 409 410 session->verify_result = ctx->error; 411 412 // If |SSL_VERIFY_NONE|, the error is non-fatal, but we keep the result. 413 if (verify_ret <= 0 && hs->config->verify_mode != SSL_VERIFY_NONE) { 414 *out_alert = SSL_alert_from_verify_result(ctx->error); 415 return 0; 416 } 417 418 ERR_clear_error(); 419 return 1; 420 } 421 422 static void ssl_crypto_x509_hs_flush_cached_ca_names(SSL_HANDSHAKE *hs) { 423 sk_X509_NAME_pop_free(hs->cached_x509_ca_names, X509_NAME_free); 424 hs->cached_x509_ca_names = NULL; 425 } 426 427 static int ssl_crypto_x509_ssl_new(SSL_HANDSHAKE *hs) { 428 hs->config->param = X509_VERIFY_PARAM_new(); 429 if (hs->config->param == NULL) { 430 return 0; 431 } 432 X509_VERIFY_PARAM_inherit(hs->config->param, hs->ssl->ctx->param); 433 return 1; 434 } 435 436 static void ssl_crypto_x509_ssl_flush_cached_client_CA(SSL_CONFIG *cfg) { 437 sk_X509_NAME_pop_free(cfg->cached_x509_client_CA, X509_NAME_free); 438 cfg->cached_x509_client_CA = NULL; 439 } 440 441 static void ssl_crypto_x509_ssl_config_free(SSL_CONFIG *cfg) { 442 sk_X509_NAME_pop_free(cfg->cached_x509_client_CA, X509_NAME_free); 443 cfg->cached_x509_client_CA = NULL; 444 X509_VERIFY_PARAM_free(cfg->param); 445 } 446 447 static int ssl_crypto_x509_ssl_auto_chain_if_needed(SSL_HANDSHAKE *hs) { 448 // Only build a chain if there are no intermediates configured and the feature 449 // isn't disabled. 450 if ((hs->ssl->mode & SSL_MODE_NO_AUTO_CHAIN) || 451 !ssl_has_certificate(hs) || hs->config->cert->chain == NULL || 452 sk_CRYPTO_BUFFER_num(hs->config->cert->chain.get()) > 1) { 453 return 1; 454 } 455 456 UniquePtr<X509> leaf(X509_parse_from_buffer( 457 sk_CRYPTO_BUFFER_value(hs->config->cert->chain.get(), 0))); 458 if (!leaf) { 459 OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB); 460 return 0; 461 } 462 463 ScopedX509_STORE_CTX ctx; 464 if (!X509_STORE_CTX_init(ctx.get(), hs->ssl->ctx->cert_store, leaf.get(), 465 NULL)) { 466 OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB); 467 return 0; 468 } 469 470 // Attempt to build a chain, ignoring the result. 471 X509_verify_cert(ctx.get()); 472 ERR_clear_error(); 473 474 // Remove the leaf from the generated chain. 475 X509_free(sk_X509_shift(ctx->chain)); 476 477 if (!ssl_cert_set_chain(hs->config->cert.get(), ctx->chain)) { 478 return 0; 479 } 480 481 ssl_crypto_x509_cert_flush_cached_chain(hs->config->cert.get()); 482 483 return 1; 484 } 485 486 static void ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(SSL_CTX *ctx) { 487 sk_X509_NAME_pop_free(ctx->cached_x509_client_CA, X509_NAME_free); 488 ctx->cached_x509_client_CA = NULL; 489 } 490 491 static int ssl_crypto_x509_ssl_ctx_new(SSL_CTX *ctx) { 492 ctx->cert_store = X509_STORE_new(); 493 ctx->param = X509_VERIFY_PARAM_new(); 494 return (ctx->cert_store != NULL && ctx->param != NULL); 495 } 496 497 static void ssl_crypto_x509_ssl_ctx_free(SSL_CTX *ctx) { 498 ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(ctx); 499 X509_VERIFY_PARAM_free(ctx->param); 500 X509_STORE_free(ctx->cert_store); 501 } 502 503 const SSL_X509_METHOD ssl_crypto_x509_method = { 504 ssl_crypto_x509_check_client_CA_list, 505 ssl_crypto_x509_cert_clear, 506 ssl_crypto_x509_cert_free, 507 ssl_crypto_x509_cert_dup, 508 ssl_crypto_x509_cert_flush_cached_chain, 509 ssl_crypto_x509_cert_flush_cached_leaf, 510 ssl_crypto_x509_session_cache_objects, 511 ssl_crypto_x509_session_dup, 512 ssl_crypto_x509_session_clear, 513 ssl_crypto_x509_session_verify_cert_chain, 514 ssl_crypto_x509_hs_flush_cached_ca_names, 515 ssl_crypto_x509_ssl_new, 516 ssl_crypto_x509_ssl_config_free, 517 ssl_crypto_x509_ssl_flush_cached_client_CA, 518 ssl_crypto_x509_ssl_auto_chain_if_needed, 519 ssl_crypto_x509_ssl_ctx_new, 520 ssl_crypto_x509_ssl_ctx_free, 521 ssl_crypto_x509_ssl_ctx_flush_cached_client_CA, 522 }; 523 524 BSSL_NAMESPACE_END 525 526 using namespace bssl; 527 528 X509 *SSL_get_peer_certificate(const SSL *ssl) { 529 check_ssl_x509_method(ssl); 530 if (ssl == NULL) { 531 return NULL; 532 } 533 SSL_SESSION *session = SSL_get_session(ssl); 534 if (session == NULL || session->x509_peer == NULL) { 535 return NULL; 536 } 537 X509_up_ref(session->x509_peer); 538 return session->x509_peer; 539 } 540 541 STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl) { 542 check_ssl_x509_method(ssl); 543 if (ssl == nullptr) { 544 return nullptr; 545 } 546 SSL_SESSION *session = SSL_get_session(ssl); 547 if (session == nullptr) { 548 return nullptr; 549 } 550 551 // OpenSSL historically didn't include the leaf certificate in the returned 552 // certificate chain, but only for servers. 553 return ssl->server ? session->x509_chain_without_leaf : session->x509_chain; 554 } 555 556 STACK_OF(X509) *SSL_get_peer_full_cert_chain(const SSL *ssl) { 557 check_ssl_x509_method(ssl); 558 SSL_SESSION *session = SSL_get_session(ssl); 559 if (session == NULL) { 560 return NULL; 561 } 562 563 return session->x509_chain; 564 } 565 566 int SSL_CTX_set_purpose(SSL_CTX *ctx, int purpose) { 567 check_ssl_ctx_x509_method(ctx); 568 return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose); 569 } 570 571 int SSL_set_purpose(SSL *ssl, int purpose) { 572 check_ssl_x509_method(ssl); 573 if (!ssl->config) { 574 return 0; 575 } 576 return X509_VERIFY_PARAM_set_purpose(ssl->config->param, purpose); 577 } 578 579 int SSL_CTX_set_trust(SSL_CTX *ctx, int trust) { 580 check_ssl_ctx_x509_method(ctx); 581 return X509_VERIFY_PARAM_set_trust(ctx->param, trust); 582 } 583 584 int SSL_set_trust(SSL *ssl, int trust) { 585 check_ssl_x509_method(ssl); 586 if (!ssl->config) { 587 return 0; 588 } 589 return X509_VERIFY_PARAM_set_trust(ssl->config->param, trust); 590 } 591 592 int SSL_CTX_set1_param(SSL_CTX *ctx, const X509_VERIFY_PARAM *param) { 593 check_ssl_ctx_x509_method(ctx); 594 return X509_VERIFY_PARAM_set1(ctx->param, param); 595 } 596 597 int SSL_set1_param(SSL *ssl, const X509_VERIFY_PARAM *param) { 598 check_ssl_x509_method(ssl); 599 if (!ssl->config) { 600 return 0; 601 } 602 return X509_VERIFY_PARAM_set1(ssl->config->param, param); 603 } 604 605 X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx) { 606 check_ssl_ctx_x509_method(ctx); 607 return ctx->param; 608 } 609 610 X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl) { 611 check_ssl_x509_method(ssl); 612 if (!ssl->config) { 613 assert(ssl->config); 614 return 0; 615 } 616 return ssl->config->param; 617 } 618 619 int SSL_get_verify_depth(const SSL *ssl) { 620 check_ssl_x509_method(ssl); 621 if (!ssl->config) { 622 assert(ssl->config); 623 return 0; 624 } 625 return X509_VERIFY_PARAM_get_depth(ssl->config->param); 626 } 627 628 int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *) { 629 check_ssl_x509_method(ssl); 630 if (!ssl->config) { 631 assert(ssl->config); 632 return 0; 633 } 634 return ssl->config->verify_callback; 635 } 636 637 int SSL_CTX_get_verify_mode(const SSL_CTX *ctx) { 638 check_ssl_ctx_x509_method(ctx); 639 return ctx->verify_mode; 640 } 641 642 int SSL_CTX_get_verify_depth(const SSL_CTX *ctx) { 643 check_ssl_ctx_x509_method(ctx); 644 return X509_VERIFY_PARAM_get_depth(ctx->param); 645 } 646 647 int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))( 648 int ok, X509_STORE_CTX *store_ctx) { 649 check_ssl_ctx_x509_method(ctx); 650 return ctx->default_verify_callback; 651 } 652 653 void SSL_set_verify(SSL *ssl, int mode, 654 int (*callback)(int ok, X509_STORE_CTX *store_ctx)) { 655 check_ssl_x509_method(ssl); 656 if (!ssl->config) { 657 return; 658 } 659 ssl->config->verify_mode = mode; 660 if (callback != NULL) { 661 ssl->config->verify_callback = callback; 662 } 663 } 664 665 void SSL_set_verify_depth(SSL *ssl, int depth) { 666 check_ssl_x509_method(ssl); 667 if (!ssl->config) { 668 return; 669 } 670 X509_VERIFY_PARAM_set_depth(ssl->config->param, depth); 671 } 672 673 void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, 674 int (*cb)(X509_STORE_CTX *store_ctx, 675 void *arg), 676 void *arg) { 677 check_ssl_ctx_x509_method(ctx); 678 ctx->app_verify_callback = cb; 679 ctx->app_verify_arg = arg; 680 } 681 682 void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, 683 int (*cb)(int, X509_STORE_CTX *)) { 684 check_ssl_ctx_x509_method(ctx); 685 ctx->verify_mode = mode; 686 ctx->default_verify_callback = cb; 687 } 688 689 void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth) { 690 check_ssl_ctx_x509_method(ctx); 691 X509_VERIFY_PARAM_set_depth(ctx->param, depth); 692 } 693 694 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) { 695 check_ssl_ctx_x509_method(ctx); 696 return X509_STORE_set_default_paths(ctx->cert_store); 697 } 698 699 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *ca_file, 700 const char *ca_dir) { 701 check_ssl_ctx_x509_method(ctx); 702 return X509_STORE_load_locations(ctx->cert_store, ca_file, ca_dir); 703 } 704 705 void SSL_set_verify_result(SSL *ssl, long result) { 706 check_ssl_x509_method(ssl); 707 if (result != X509_V_OK) { 708 abort(); 709 } 710 } 711 712 long SSL_get_verify_result(const SSL *ssl) { 713 check_ssl_x509_method(ssl); 714 SSL_SESSION *session = SSL_get_session(ssl); 715 if (session == NULL) { 716 return X509_V_ERR_INVALID_CALL; 717 } 718 return session->verify_result; 719 } 720 721 X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx) { 722 check_ssl_ctx_x509_method(ctx); 723 return ctx->cert_store; 724 } 725 726 void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store) { 727 check_ssl_ctx_x509_method(ctx); 728 X509_STORE_free(ctx->cert_store); 729 ctx->cert_store = store; 730 } 731 732 static int ssl_use_certificate(CERT *cert, X509 *x) { 733 if (x == NULL) { 734 OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); 735 return 0; 736 } 737 738 UniquePtr<CRYPTO_BUFFER> buffer = x509_to_buffer(x); 739 if (!buffer) { 740 return 0; 741 } 742 743 return ssl_set_cert(cert, std::move(buffer)); 744 } 745 746 int SSL_use_certificate(SSL *ssl, X509 *x) { 747 check_ssl_x509_method(ssl); 748 if (!ssl->config) { 749 return 0; 750 } 751 return ssl_use_certificate(ssl->config->cert.get(), x); 752 } 753 754 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) { 755 check_ssl_ctx_x509_method(ctx); 756 return ssl_use_certificate(ctx->cert.get(), x); 757 } 758 759 // ssl_cert_cache_leaf_cert sets |cert->x509_leaf|, if currently NULL, from the 760 // first element of |cert->chain|. 761 static int ssl_cert_cache_leaf_cert(CERT *cert) { 762 assert(cert->x509_method); 763 764 if (cert->x509_leaf != NULL || 765 cert->chain == NULL) { 766 return 1; 767 } 768 769 CRYPTO_BUFFER *leaf = sk_CRYPTO_BUFFER_value(cert->chain.get(), 0); 770 if (!leaf) { 771 return 1; 772 } 773 774 cert->x509_leaf = X509_parse_from_buffer(leaf); 775 return cert->x509_leaf != NULL; 776 } 777 778 static X509 *ssl_cert_get0_leaf(CERT *cert) { 779 if (cert->x509_leaf == NULL && 780 !ssl_cert_cache_leaf_cert(cert)) { 781 return NULL; 782 } 783 784 return cert->x509_leaf; 785 } 786 787 X509 *SSL_get_certificate(const SSL *ssl) { 788 check_ssl_x509_method(ssl); 789 if (!ssl->config) { 790 assert(ssl->config); 791 return 0; 792 } 793 return ssl_cert_get0_leaf(ssl->config->cert.get()); 794 } 795 796 X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx) { 797 check_ssl_ctx_x509_method(ctx); 798 MutexWriteLock lock(const_cast<CRYPTO_MUTEX*>(&ctx->lock)); 799 return ssl_cert_get0_leaf(ctx->cert.get()); 800 } 801 802 static int ssl_cert_set0_chain(CERT *cert, STACK_OF(X509) *chain) { 803 if (!ssl_cert_set_chain(cert, chain)) { 804 return 0; 805 } 806 807 sk_X509_pop_free(chain, X509_free); 808 ssl_crypto_x509_cert_flush_cached_chain(cert); 809 return 1; 810 } 811 812 static int ssl_cert_set1_chain(CERT *cert, STACK_OF(X509) *chain) { 813 if (!ssl_cert_set_chain(cert, chain)) { 814 return 0; 815 } 816 817 ssl_crypto_x509_cert_flush_cached_chain(cert); 818 return 1; 819 } 820 821 static int ssl_cert_append_cert(CERT *cert, X509 *x509) { 822 assert(cert->x509_method); 823 824 UniquePtr<CRYPTO_BUFFER> buffer = x509_to_buffer(x509); 825 if (!buffer) { 826 return 0; 827 } 828 829 if (cert->chain != NULL) { 830 return PushToStack(cert->chain.get(), std::move(buffer)); 831 } 832 833 cert->chain = new_leafless_chain(); 834 if (!cert->chain || 835 !PushToStack(cert->chain.get(), std::move(buffer))) { 836 cert->chain.reset(); 837 return 0; 838 } 839 840 return 1; 841 } 842 843 static int ssl_cert_add0_chain_cert(CERT *cert, X509 *x509) { 844 if (!ssl_cert_append_cert(cert, x509)) { 845 return 0; 846 } 847 848 X509_free(cert->x509_stash); 849 cert->x509_stash = x509; 850 ssl_crypto_x509_cert_flush_cached_chain(cert); 851 return 1; 852 } 853 854 static int ssl_cert_add1_chain_cert(CERT *cert, X509 *x509) { 855 if (!ssl_cert_append_cert(cert, x509)) { 856 return 0; 857 } 858 859 ssl_crypto_x509_cert_flush_cached_chain(cert); 860 return 1; 861 } 862 863 int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *chain) { 864 check_ssl_ctx_x509_method(ctx); 865 return ssl_cert_set0_chain(ctx->cert.get(), chain); 866 } 867 868 int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *chain) { 869 check_ssl_ctx_x509_method(ctx); 870 return ssl_cert_set1_chain(ctx->cert.get(), chain); 871 } 872 873 int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *chain) { 874 check_ssl_x509_method(ssl); 875 if (!ssl->config) { 876 return 0; 877 } 878 return ssl_cert_set0_chain(ssl->config->cert.get(), chain); 879 } 880 881 int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *chain) { 882 check_ssl_x509_method(ssl); 883 if (!ssl->config) { 884 return 0; 885 } 886 return ssl_cert_set1_chain(ssl->config->cert.get(), chain); 887 } 888 889 int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509) { 890 check_ssl_ctx_x509_method(ctx); 891 return ssl_cert_add0_chain_cert(ctx->cert.get(), x509); 892 } 893 894 int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509) { 895 check_ssl_ctx_x509_method(ctx); 896 return ssl_cert_add1_chain_cert(ctx->cert.get(), x509); 897 } 898 899 int SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509) { 900 check_ssl_ctx_x509_method(ctx); 901 return SSL_CTX_add0_chain_cert(ctx, x509); 902 } 903 904 int SSL_add0_chain_cert(SSL *ssl, X509 *x509) { 905 check_ssl_x509_method(ssl); 906 if (!ssl->config) { 907 return 0; 908 } 909 return ssl_cert_add0_chain_cert(ssl->config->cert.get(), x509); 910 } 911 912 int SSL_add1_chain_cert(SSL *ssl, X509 *x509) { 913 check_ssl_x509_method(ssl); 914 if (!ssl->config) { 915 return 0; 916 } 917 return ssl_cert_add1_chain_cert(ssl->config->cert.get(), x509); 918 } 919 920 int SSL_CTX_clear_chain_certs(SSL_CTX *ctx) { 921 check_ssl_ctx_x509_method(ctx); 922 return SSL_CTX_set0_chain(ctx, NULL); 923 } 924 925 int SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx) { 926 check_ssl_ctx_x509_method(ctx); 927 return SSL_CTX_clear_chain_certs(ctx); 928 } 929 930 int SSL_clear_chain_certs(SSL *ssl) { 931 check_ssl_x509_method(ssl); 932 return SSL_set0_chain(ssl, NULL); 933 } 934 935 // ssl_cert_cache_chain_certs fills in |cert->x509_chain| from elements 1.. of 936 // |cert->chain|. 937 static int ssl_cert_cache_chain_certs(CERT *cert) { 938 assert(cert->x509_method); 939 940 if (cert->x509_chain != nullptr || 941 cert->chain == nullptr || 942 sk_CRYPTO_BUFFER_num(cert->chain.get()) < 2) { 943 return 1; 944 } 945 946 UniquePtr<STACK_OF(X509)> chain(sk_X509_new_null()); 947 if (!chain) { 948 return 0; 949 } 950 951 for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(cert->chain.get()); i++) { 952 CRYPTO_BUFFER *buffer = sk_CRYPTO_BUFFER_value(cert->chain.get(), i); 953 UniquePtr<X509> x509(X509_parse_from_buffer(buffer)); 954 if (!x509 || 955 !PushToStack(chain.get(), std::move(x509))) { 956 return 0; 957 } 958 } 959 960 cert->x509_chain = chain.release(); 961 return 1; 962 } 963 964 int SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, STACK_OF(X509) **out_chain) { 965 check_ssl_ctx_x509_method(ctx); 966 MutexWriteLock lock(const_cast<CRYPTO_MUTEX*>(&ctx->lock)); 967 if (!ssl_cert_cache_chain_certs(ctx->cert.get())) { 968 *out_chain = NULL; 969 return 0; 970 } 971 972 *out_chain = ctx->cert->x509_chain; 973 return 1; 974 } 975 976 int SSL_CTX_get_extra_chain_certs(const SSL_CTX *ctx, 977 STACK_OF(X509) **out_chain) { 978 return SSL_CTX_get0_chain_certs(ctx, out_chain); 979 } 980 981 int SSL_get0_chain_certs(const SSL *ssl, STACK_OF(X509) **out_chain) { 982 check_ssl_x509_method(ssl); 983 if (!ssl->config) { 984 assert(ssl->config); 985 return 0; 986 } 987 if (!ssl_cert_cache_chain_certs(ssl->config->cert.get())) { 988 *out_chain = NULL; 989 return 0; 990 } 991 992 *out_chain = ssl->config->cert->x509_chain; 993 return 1; 994 } 995 996 SSL_SESSION *d2i_SSL_SESSION_bio(BIO *bio, SSL_SESSION **out) { 997 uint8_t *data; 998 size_t len; 999 if (!BIO_read_asn1(bio, &data, &len, 1024 * 1024)) { 1000 return 0; 1001 } 1002 bssl::UniquePtr<uint8_t> free_data(data); 1003 const uint8_t *ptr = data; 1004 return d2i_SSL_SESSION(out, &ptr, static_cast<long>(len)); 1005 } 1006 1007 int i2d_SSL_SESSION_bio(BIO *bio, const SSL_SESSION *session) { 1008 uint8_t *data; 1009 size_t len; 1010 if (!SSL_SESSION_to_bytes(session, &data, &len)) { 1011 return 0; 1012 } 1013 bssl::UniquePtr<uint8_t> free_data(data); 1014 return BIO_write_all(bio, data, len); 1015 } 1016 1017 IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION) 1018 1019 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const uint8_t **pp, long length) { 1020 if (length < 0) { 1021 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); 1022 return NULL; 1023 } 1024 1025 CBS cbs; 1026 CBS_init(&cbs, *pp, length); 1027 1028 UniquePtr<SSL_SESSION> ret = SSL_SESSION_parse(&cbs, &ssl_crypto_x509_method, 1029 NULL /* no buffer pool */); 1030 if (!ret) { 1031 return NULL; 1032 } 1033 1034 if (a) { 1035 SSL_SESSION_free(*a); 1036 *a = ret.get(); 1037 } 1038 *pp = CBS_data(&cbs); 1039 return ret.release(); 1040 } 1041 1042 STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *list) { 1043 return sk_X509_NAME_deep_copy(list, X509_NAME_dup, X509_NAME_free); 1044 } 1045 1046 static void set_client_CA_list(UniquePtr<STACK_OF(CRYPTO_BUFFER)> *ca_list, 1047 const STACK_OF(X509_NAME) *name_list, 1048 CRYPTO_BUFFER_POOL *pool) { 1049 UniquePtr<STACK_OF(CRYPTO_BUFFER)> buffers(sk_CRYPTO_BUFFER_new_null()); 1050 if (!buffers) { 1051 return; 1052 } 1053 1054 for (X509_NAME *name : name_list) { 1055 uint8_t *outp = NULL; 1056 int len = i2d_X509_NAME(name, &outp); 1057 if (len < 0) { 1058 return; 1059 } 1060 1061 UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(outp, len, pool)); 1062 OPENSSL_free(outp); 1063 if (!buffer || 1064 !PushToStack(buffers.get(), std::move(buffer))) { 1065 return; 1066 } 1067 } 1068 1069 *ca_list = std::move(buffers); 1070 } 1071 1072 void SSL_set_client_CA_list(SSL *ssl, STACK_OF(X509_NAME) *name_list) { 1073 check_ssl_x509_method(ssl); 1074 if (!ssl->config) { 1075 return; 1076 } 1077 ssl->ctx->x509_method->ssl_flush_cached_client_CA(ssl->config.get()); 1078 set_client_CA_list(&ssl->config->client_CA, name_list, ssl->ctx->pool); 1079 sk_X509_NAME_pop_free(name_list, X509_NAME_free); 1080 } 1081 1082 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list) { 1083 check_ssl_ctx_x509_method(ctx); 1084 ctx->x509_method->ssl_ctx_flush_cached_client_CA(ctx); 1085 set_client_CA_list(&ctx->client_CA, name_list, ctx->pool); 1086 sk_X509_NAME_pop_free(name_list, X509_NAME_free); 1087 } 1088 1089 static STACK_OF(X509_NAME) * 1090 buffer_names_to_x509(const STACK_OF(CRYPTO_BUFFER) *names, 1091 STACK_OF(X509_NAME) **cached) { 1092 if (names == NULL) { 1093 return NULL; 1094 } 1095 1096 if (*cached != NULL) { 1097 return *cached; 1098 } 1099 1100 UniquePtr<STACK_OF(X509_NAME)> new_cache(sk_X509_NAME_new_null()); 1101 if (!new_cache) { 1102 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); 1103 return NULL; 1104 } 1105 1106 for (const CRYPTO_BUFFER *buffer : names) { 1107 const uint8_t *inp = CRYPTO_BUFFER_data(buffer); 1108 UniquePtr<X509_NAME> name( 1109 d2i_X509_NAME(nullptr, &inp, CRYPTO_BUFFER_len(buffer))); 1110 if (!name || 1111 inp != CRYPTO_BUFFER_data(buffer) + CRYPTO_BUFFER_len(buffer) || 1112 !PushToStack(new_cache.get(), std::move(name))) { 1113 return NULL; 1114 } 1115 } 1116 1117 *cached = new_cache.release(); 1118 return *cached; 1119 } 1120 1121 STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *ssl) { 1122 check_ssl_x509_method(ssl); 1123 if (!ssl->config) { 1124 assert(ssl->config); 1125 return NULL; 1126 } 1127 // For historical reasons, this function is used both to query configuration 1128 // state on a server as well as handshake state on a client. However, whether 1129 // |ssl| is a client or server is not known until explicitly configured with 1130 // |SSL_set_connect_state|. If |do_handshake| is NULL, |ssl| is in an 1131 // indeterminate mode and |ssl->server| is unset. 1132 if (ssl->do_handshake != NULL && !ssl->server) { 1133 if (ssl->s3->hs != NULL) { 1134 return buffer_names_to_x509(ssl->s3->hs->ca_names.get(), 1135 &ssl->s3->hs->cached_x509_ca_names); 1136 } 1137 1138 return NULL; 1139 } 1140 1141 if (ssl->config->client_CA != NULL) { 1142 return buffer_names_to_x509( 1143 ssl->config->client_CA.get(), 1144 (STACK_OF(X509_NAME) **)&ssl->config->cached_x509_client_CA); 1145 } 1146 return SSL_CTX_get_client_CA_list(ssl->ctx.get()); 1147 } 1148 1149 STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx) { 1150 check_ssl_ctx_x509_method(ctx); 1151 // This is a logically const operation that may be called on multiple threads, 1152 // so it needs to lock around updating |cached_x509_client_CA|. 1153 MutexWriteLock lock(const_cast<CRYPTO_MUTEX *>(&ctx->lock)); 1154 return buffer_names_to_x509( 1155 ctx->client_CA.get(), 1156 const_cast<STACK_OF(X509_NAME) **>(&ctx->cached_x509_client_CA)); 1157 } 1158 1159 static int add_client_CA(UniquePtr<STACK_OF(CRYPTO_BUFFER)> *names, X509 *x509, 1160 CRYPTO_BUFFER_POOL *pool) { 1161 if (x509 == NULL) { 1162 return 0; 1163 } 1164 1165 uint8_t *outp = NULL; 1166 int len = i2d_X509_NAME(X509_get_subject_name(x509), &outp); 1167 if (len < 0) { 1168 return 0; 1169 } 1170 1171 UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(outp, len, pool)); 1172 OPENSSL_free(outp); 1173 if (!buffer) { 1174 return 0; 1175 } 1176 1177 int alloced = 0; 1178 if (*names == nullptr) { 1179 names->reset(sk_CRYPTO_BUFFER_new_null()); 1180 alloced = 1; 1181 1182 if (*names == NULL) { 1183 return 0; 1184 } 1185 } 1186 1187 if (!PushToStack(names->get(), std::move(buffer))) { 1188 if (alloced) { 1189 names->reset(); 1190 } 1191 return 0; 1192 } 1193 1194 return 1; 1195 } 1196 1197 int SSL_add_client_CA(SSL *ssl, X509 *x509) { 1198 check_ssl_x509_method(ssl); 1199 if (!ssl->config) { 1200 return 0; 1201 } 1202 if (!add_client_CA(&ssl->config->client_CA, x509, ssl->ctx->pool)) { 1203 return 0; 1204 } 1205 1206 ssl_crypto_x509_ssl_flush_cached_client_CA(ssl->config.get()); 1207 return 1; 1208 } 1209 1210 int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x509) { 1211 check_ssl_ctx_x509_method(ctx); 1212 if (!add_client_CA(&ctx->client_CA, x509, ctx->pool)) { 1213 return 0; 1214 } 1215 1216 ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(ctx); 1217 return 1; 1218 } 1219 1220 static int do_client_cert_cb(SSL *ssl, void *arg) { 1221 // Should only be called during handshake, but check to be sure. 1222 if (!ssl->config) { 1223 assert(ssl->config); 1224 return -1; 1225 } 1226 1227 if (ssl_has_certificate(ssl->s3->hs.get()) || 1228 ssl->ctx->client_cert_cb == NULL) { 1229 return 1; 1230 } 1231 1232 X509 *x509 = NULL; 1233 EVP_PKEY *pkey = NULL; 1234 int ret = ssl->ctx->client_cert_cb(ssl, &x509, &pkey); 1235 if (ret < 0) { 1236 return -1; 1237 } 1238 UniquePtr<X509> free_x509(x509); 1239 UniquePtr<EVP_PKEY> free_pkey(pkey); 1240 1241 if (ret != 0) { 1242 if (!SSL_use_certificate(ssl, x509) || 1243 !SSL_use_PrivateKey(ssl, pkey)) { 1244 return 0; 1245 } 1246 } 1247 1248 return 1; 1249 } 1250 1251 void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, 1252 X509 **out_x509, 1253 EVP_PKEY **out_pkey)) { 1254 check_ssl_ctx_x509_method(ctx); 1255 // Emulate the old client certificate callback with the new one. 1256 SSL_CTX_set_cert_cb(ctx, do_client_cert_cb, NULL); 1257 ctx->client_cert_cb = cb; 1258 } 1259 1260 static int set_cert_store(X509_STORE **store_ptr, X509_STORE *new_store, 1261 int take_ref) { 1262 X509_STORE_free(*store_ptr); 1263 *store_ptr = new_store; 1264 1265 if (new_store != NULL && take_ref) { 1266 X509_STORE_up_ref(new_store); 1267 } 1268 1269 return 1; 1270 } 1271 1272 int SSL_get_ex_data_X509_STORE_CTX_idx(void) { 1273 // The ex_data index to go from |X509_STORE_CTX| to |SSL| always uses the 1274 // reserved app_data slot. Before ex_data was introduced, app_data was used. 1275 // Avoid breaking any software which assumes |X509_STORE_CTX_get_app_data| 1276 // works. 1277 return 0; 1278 } 1279 1280 int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *store) { 1281 check_ssl_ctx_x509_method(ctx); 1282 return set_cert_store(&ctx->cert->verify_store, store, 0); 1283 } 1284 1285 int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *store) { 1286 check_ssl_ctx_x509_method(ctx); 1287 return set_cert_store(&ctx->cert->verify_store, store, 1); 1288 } 1289 1290 int SSL_set0_verify_cert_store(SSL *ssl, X509_STORE *store) { 1291 check_ssl_x509_method(ssl); 1292 if (!ssl->config) { 1293 return 0; 1294 } 1295 return set_cert_store(&ssl->config->cert->verify_store, store, 0); 1296 } 1297 1298 int SSL_set1_verify_cert_store(SSL *ssl, X509_STORE *store) { 1299 check_ssl_x509_method(ssl); 1300 if (!ssl->config) { 1301 return 0; 1302 } 1303 return set_cert_store(&ssl->config->cert->verify_store, store, 1); 1304 } 1305 1306 int SSL_alert_from_verify_result(long result) { 1307 switch (result) { 1308 case X509_V_ERR_CERT_CHAIN_TOO_LONG: 1309 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1310 case X509_V_ERR_INVALID_CA: 1311 case X509_V_ERR_PATH_LENGTH_EXCEEDED: 1312 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: 1313 case X509_V_ERR_UNABLE_TO_GET_CRL: 1314 case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: 1315 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: 1316 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: 1317 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: 1318 return SSL_AD_UNKNOWN_CA; 1319 1320 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: 1321 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: 1322 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: 1323 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: 1324 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: 1325 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: 1326 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: 1327 case X509_V_ERR_CERT_UNTRUSTED: 1328 case X509_V_ERR_CERT_REJECTED: 1329 case X509_V_ERR_HOSTNAME_MISMATCH: 1330 case X509_V_ERR_EMAIL_MISMATCH: 1331 case X509_V_ERR_IP_ADDRESS_MISMATCH: 1332 return SSL_AD_BAD_CERTIFICATE; 1333 1334 case X509_V_ERR_CERT_SIGNATURE_FAILURE: 1335 case X509_V_ERR_CRL_SIGNATURE_FAILURE: 1336 return SSL_AD_DECRYPT_ERROR; 1337 1338 case X509_V_ERR_CERT_HAS_EXPIRED: 1339 case X509_V_ERR_CERT_NOT_YET_VALID: 1340 case X509_V_ERR_CRL_HAS_EXPIRED: 1341 case X509_V_ERR_CRL_NOT_YET_VALID: 1342 return SSL_AD_CERTIFICATE_EXPIRED; 1343 1344 case X509_V_ERR_CERT_REVOKED: 1345 return SSL_AD_CERTIFICATE_REVOKED; 1346 1347 case X509_V_ERR_UNSPECIFIED: 1348 case X509_V_ERR_OUT_OF_MEM: 1349 case X509_V_ERR_INVALID_CALL: 1350 case X509_V_ERR_STORE_LOOKUP: 1351 return SSL_AD_INTERNAL_ERROR; 1352 1353 case X509_V_ERR_APPLICATION_VERIFICATION: 1354 return SSL_AD_HANDSHAKE_FAILURE; 1355 1356 case X509_V_ERR_INVALID_PURPOSE: 1357 return SSL_AD_UNSUPPORTED_CERTIFICATE; 1358 1359 default: 1360 return SSL_AD_CERTIFICATE_UNKNOWN; 1361 } 1362 } 1363