1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] 56 */ 57 /* ==================================================================== 58 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 59 * 60 * Redistribution and use in source and binary forms, with or without 61 * modification, are permitted provided that the following conditions 62 * are met: 63 * 64 * 1. Redistributions of source code must retain the above copyright 65 * notice, this list of conditions and the following disclaimer. 66 * 67 * 2. Redistributions in binary form must reproduce the above copyright 68 * notice, this list of conditions and the following disclaimer in 69 * the documentation and/or other materials provided with the 70 * distribution. 71 * 72 * 3. All advertising materials mentioning features or use of this 73 * software must display the following acknowledgment: 74 * "This product includes software developed by the OpenSSL Project 75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 76 * 77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 78 * endorse or promote products derived from this software without 79 * prior written permission. For written permission, please contact 80 * openssl-core (at) openssl.org. 81 * 82 * 5. Products derived from this software may not be called "OpenSSL" 83 * nor may "OpenSSL" appear in their names without prior written 84 * permission of the OpenSSL Project. 85 * 86 * 6. Redistributions of any form whatsoever must retain the following 87 * acknowledgment: 88 * "This product includes software developed by the OpenSSL Project 89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 90 * 91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 102 * OF THE POSSIBILITY OF SUCH DAMAGE. 103 * ==================================================================== 104 * 105 * This product includes cryptographic software written by Eric Young 106 * (eay (at) cryptsoft.com). This product includes software written by Tim 107 * Hudson (tjh (at) cryptsoft.com). 108 * 109 */ 110 /* ==================================================================== 111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 112 * ECC cipher suite support in OpenSSL originally developed by 113 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ 114 115 #include <stdio.h> 116 117 #include <openssl/bio.h> 118 #include <openssl/bn.h> 119 #include <openssl/buf.h> 120 #include <openssl/dh.h> 121 #include <openssl/err.h> 122 #include <openssl/mem.h> 123 #include <openssl/obj.h> 124 #include <openssl/pem.h> 125 #include <openssl/x509v3.h> 126 127 #include "../crypto/dh/internal.h" 128 #include "../crypto/directory.h" 129 #include "ssl_locl.h" 130 131 int SSL_get_ex_data_X509_STORE_CTX_idx(void) 132 { 133 static volatile int ssl_x509_store_ctx_idx= -1; 134 int got_write_lock = 0; 135 136 CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); 137 138 if (ssl_x509_store_ctx_idx < 0) 139 { 140 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); 141 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 142 got_write_lock = 1; 143 144 if (ssl_x509_store_ctx_idx < 0) 145 { 146 ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index( 147 0,"SSL for verify callback",NULL,NULL,NULL); 148 } 149 } 150 151 if (got_write_lock) 152 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 153 else 154 CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); 155 156 return ssl_x509_store_ctx_idx; 157 } 158 159 void ssl_cert_set_default_md(CERT *cert) 160 { 161 /* Set digest values to defaults */ 162 cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1(); 163 cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1(); 164 cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1(); 165 } 166 167 CERT *ssl_cert_new(void) 168 { 169 CERT *ret; 170 171 ret=(CERT *)OPENSSL_malloc(sizeof(CERT)); 172 if (ret == NULL) 173 { 174 OPENSSL_PUT_ERROR(SSL, ssl_cert_new, ERR_R_MALLOC_FAILURE); 175 return(NULL); 176 } 177 memset(ret,0,sizeof(CERT)); 178 179 ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]); 180 ssl_cert_set_default_md(ret); 181 return(ret); 182 } 183 184 CERT *ssl_cert_dup(CERT *cert) 185 { 186 CERT *ret; 187 int i; 188 189 ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); 190 if (ret == NULL) 191 { 192 OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_MALLOC_FAILURE); 193 return(NULL); 194 } 195 196 memset(ret, 0, sizeof(CERT)); 197 198 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; 199 /* or ret->key = ret->pkeys + (cert->key - cert->pkeys), 200 * if you find that more readable */ 201 202 ret->valid = cert->valid; 203 ret->mask_k = cert->mask_k; 204 ret->mask_a = cert->mask_a; 205 206 if (cert->dh_tmp != NULL) 207 { 208 ret->dh_tmp = DHparams_dup(cert->dh_tmp); 209 if (ret->dh_tmp == NULL) 210 { 211 OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_DH_LIB); 212 goto err; 213 } 214 if (cert->dh_tmp->priv_key) 215 { 216 BIGNUM *b = BN_dup(cert->dh_tmp->priv_key); 217 if (!b) 218 { 219 OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_BN_LIB); 220 goto err; 221 } 222 ret->dh_tmp->priv_key = b; 223 } 224 if (cert->dh_tmp->pub_key) 225 { 226 BIGNUM *b = BN_dup(cert->dh_tmp->pub_key); 227 if (!b) 228 { 229 OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_BN_LIB); 230 goto err; 231 } 232 ret->dh_tmp->pub_key = b; 233 } 234 } 235 ret->dh_tmp_cb = cert->dh_tmp_cb; 236 237 if (cert->ecdh_tmp) 238 { 239 ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp); 240 if (ret->ecdh_tmp == NULL) 241 { 242 OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_EC_LIB); 243 goto err; 244 } 245 } 246 ret->ecdh_tmp_cb = cert->ecdh_tmp_cb; 247 ret->ecdh_tmp_auto = cert->ecdh_tmp_auto; 248 249 for (i = 0; i < SSL_PKEY_NUM; i++) 250 { 251 CERT_PKEY *cpk = cert->pkeys + i; 252 CERT_PKEY *rpk = ret->pkeys + i; 253 if (cpk->x509 != NULL) 254 { 255 rpk->x509 = X509_up_ref(cpk->x509); 256 } 257 258 if (cpk->privatekey != NULL) 259 { 260 rpk->privatekey = cpk->privatekey; 261 CRYPTO_add(&cpk->privatekey->references, 1, 262 CRYPTO_LOCK_EVP_PKEY); 263 264 switch(i) 265 { 266 /* If there was anything special to do for 267 * certain types of keys, we'd do it here. 268 * (Nothing at the moment, I think.) */ 269 270 case SSL_PKEY_RSA_ENC: 271 case SSL_PKEY_RSA_SIGN: 272 /* We have an RSA key. */ 273 break; 274 275 case SSL_PKEY_ECC: 276 /* We have an ECC key */ 277 break; 278 279 default: 280 /* Can't happen. */ 281 OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, SSL_R_LIBRARY_BUG); 282 } 283 } 284 285 if (cpk->chain) 286 { 287 rpk->chain = X509_chain_up_ref(cpk->chain); 288 if (!rpk->chain) 289 { 290 OPENSSL_PUT_ERROR(SSL, ssl_cert_dup, ERR_R_MALLOC_FAILURE); 291 goto err; 292 } 293 } 294 rpk->valid_flags = 0; 295 } 296 297 /* Set digests to defaults. NB: we don't copy existing values as they 298 * will be set during handshake. 299 */ 300 ssl_cert_set_default_md(ret); 301 /* Peer sigalgs set to NULL as we get these from handshake too */ 302 ret->peer_sigalgs = NULL; 303 ret->peer_sigalgslen = 0; 304 /* Configured sigalgs however we copy across */ 305 306 if (cert->conf_sigalgs) 307 { 308 ret->conf_sigalgs = OPENSSL_malloc(cert->conf_sigalgslen); 309 if (!ret->conf_sigalgs) 310 goto err; 311 memcpy(ret->conf_sigalgs, cert->conf_sigalgs, 312 cert->conf_sigalgslen); 313 ret->conf_sigalgslen = cert->conf_sigalgslen; 314 } 315 else 316 ret->conf_sigalgs = NULL; 317 318 if (cert->client_sigalgs) 319 { 320 ret->client_sigalgs = OPENSSL_malloc(cert->client_sigalgslen); 321 if (!ret->client_sigalgs) 322 goto err; 323 memcpy(ret->client_sigalgs, cert->client_sigalgs, 324 cert->client_sigalgslen); 325 ret->client_sigalgslen = cert->client_sigalgslen; 326 } 327 else 328 ret->client_sigalgs = NULL; 329 /* Shared sigalgs also NULL */ 330 ret->shared_sigalgs = NULL; 331 /* Copy any custom client certificate types */ 332 if (cert->client_certificate_types) 333 { 334 ret->client_certificate_types = BUF_memdup( 335 cert->client_certificate_types, 336 cert->num_client_certificate_types); 337 if (!ret->client_certificate_types) 338 goto err; 339 ret->num_client_certificate_types = cert->num_client_certificate_types; 340 } 341 342 ret->cert_flags = cert->cert_flags; 343 344 ret->cert_cb = cert->cert_cb; 345 ret->cert_cb_arg = cert->cert_cb_arg; 346 347 if (cert->verify_store) 348 { 349 CRYPTO_add(&cert->verify_store->references, 1, CRYPTO_LOCK_X509_STORE); 350 ret->verify_store = cert->verify_store; 351 } 352 353 if (cert->chain_store) 354 { 355 CRYPTO_add(&cert->chain_store->references, 1, CRYPTO_LOCK_X509_STORE); 356 ret->chain_store = cert->chain_store; 357 } 358 359 ret->ciphers_raw = NULL; 360 361 return(ret); 362 363 err: 364 if (ret->dh_tmp != NULL) 365 DH_free(ret->dh_tmp); 366 if (ret->ecdh_tmp != NULL) 367 EC_KEY_free(ret->ecdh_tmp); 368 369 ssl_cert_clear_certs(ret); 370 371 return NULL; 372 } 373 374 /* Free up and clear all certificates and chains */ 375 376 void ssl_cert_clear_certs(CERT *c) 377 { 378 int i; 379 if (c == NULL) 380 return; 381 for (i = 0; i<SSL_PKEY_NUM; i++) 382 { 383 CERT_PKEY *cpk = c->pkeys + i; 384 if (cpk->x509) 385 { 386 X509_free(cpk->x509); 387 cpk->x509 = NULL; 388 } 389 if (cpk->privatekey) 390 { 391 EVP_PKEY_free(cpk->privatekey); 392 cpk->privatekey = NULL; 393 } 394 if (cpk->chain) 395 { 396 sk_X509_pop_free(cpk->chain, X509_free); 397 cpk->chain = NULL; 398 } 399 /* Clear all flags apart from explicit sign */ 400 cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN; 401 } 402 } 403 404 void ssl_cert_free(CERT *c) 405 { 406 if(c == NULL) 407 return; 408 409 if (c->dh_tmp) DH_free(c->dh_tmp); 410 if (c->ecdh_tmp) EC_KEY_free(c->ecdh_tmp); 411 412 ssl_cert_clear_certs(c); 413 if (c->peer_sigalgs) 414 OPENSSL_free(c->peer_sigalgs); 415 if (c->conf_sigalgs) 416 OPENSSL_free(c->conf_sigalgs); 417 if (c->client_sigalgs) 418 OPENSSL_free(c->client_sigalgs); 419 if (c->shared_sigalgs) 420 OPENSSL_free(c->shared_sigalgs); 421 if (c->client_certificate_types) 422 OPENSSL_free(c->client_certificate_types); 423 if (c->verify_store) 424 X509_STORE_free(c->verify_store); 425 if (c->chain_store) 426 X509_STORE_free(c->chain_store); 427 if (c->ciphers_raw) 428 OPENSSL_free(c->ciphers_raw); 429 OPENSSL_free(c); 430 } 431 432 int ssl_cert_inst(CERT **o) 433 { 434 /* Create a CERT if there isn't already one 435 * (which cannot really happen, as it is initially created in 436 * SSL_CTX_new; but the earlier code usually allows for that one 437 * being non-existant, so we follow that behaviour, as it might 438 * turn out that there actually is a reason for it -- but I'm 439 * not sure that *all* of the existing code could cope with 440 * s->cert being NULL, otherwise we could do without the 441 * initialization in SSL_CTX_new). 442 */ 443 444 if (o == NULL) 445 { 446 OPENSSL_PUT_ERROR(SSL, ssl_cert_inst, ERR_R_PASSED_NULL_PARAMETER); 447 return(0); 448 } 449 if (*o == NULL) 450 { 451 if ((*o = ssl_cert_new()) == NULL) 452 { 453 OPENSSL_PUT_ERROR(SSL, ssl_cert_new, ERR_R_MALLOC_FAILURE); 454 return(0); 455 } 456 } 457 return(1); 458 } 459 460 int ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain) 461 { 462 CERT_PKEY *cpk = c->key; 463 if (!cpk) 464 return 0; 465 if (cpk->chain) 466 sk_X509_pop_free(cpk->chain, X509_free); 467 cpk->chain = chain; 468 return 1; 469 } 470 471 int ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain) 472 { 473 STACK_OF(X509) *dchain; 474 if (!chain) 475 return ssl_cert_set0_chain(c, NULL); 476 dchain = X509_chain_up_ref(chain); 477 if (!dchain) 478 return 0; 479 if (!ssl_cert_set0_chain(c, dchain)) 480 { 481 sk_X509_pop_free(dchain, X509_free); 482 return 0; 483 } 484 return 1; 485 } 486 487 int ssl_cert_add0_chain_cert(CERT *c, X509 *x) 488 { 489 CERT_PKEY *cpk = c->key; 490 if (!cpk) 491 return 0; 492 if (!cpk->chain) 493 cpk->chain = sk_X509_new_null(); 494 if (!cpk->chain || !sk_X509_push(cpk->chain, x)) 495 return 0; 496 return 1; 497 } 498 499 int ssl_cert_add1_chain_cert(CERT *c, X509 *x) 500 { 501 if (!ssl_cert_add0_chain_cert(c, x)) 502 return 0; 503 X509_up_ref(x); 504 return 1; 505 } 506 507 int ssl_cert_select_current(CERT *c, X509 *x) 508 { 509 int i; 510 if (x == NULL) 511 return 0; 512 for (i = 0; i < SSL_PKEY_NUM; i++) 513 { 514 if (c->pkeys[i].x509 == x) 515 { 516 c->key = &c->pkeys[i]; 517 return 1; 518 } 519 } 520 521 for (i = 0; i < SSL_PKEY_NUM; i++) 522 { 523 if (c->pkeys[i].x509 && !X509_cmp(c->pkeys[i].x509, x)) 524 { 525 c->key = &c->pkeys[i]; 526 return 1; 527 } 528 } 529 return 0; 530 } 531 532 void ssl_cert_set_cert_cb(CERT *c, int (*cb)(SSL *ssl, void *arg), void *arg) 533 { 534 c->cert_cb = cb; 535 c->cert_cb_arg = arg; 536 } 537 538 SESS_CERT *ssl_sess_cert_new(void) 539 { 540 SESS_CERT *ret; 541 542 ret = OPENSSL_malloc(sizeof *ret); 543 if (ret == NULL) 544 { 545 OPENSSL_PUT_ERROR(SSL, ssl_sess_cert_new, ERR_R_MALLOC_FAILURE); 546 return NULL; 547 } 548 549 memset(ret, 0 ,sizeof *ret); 550 ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); 551 552 return ret; 553 } 554 555 void ssl_sess_cert_free(SESS_CERT *sc) 556 { 557 int i; 558 559 if (sc == NULL) 560 return; 561 562 if (sc->cert_chain != NULL) 563 sk_X509_pop_free(sc->cert_chain, X509_free); 564 for (i = 0; i < SSL_PKEY_NUM; i++) 565 { 566 if (sc->peer_pkeys[i].x509 != NULL) 567 X509_free(sc->peer_pkeys[i].x509); 568 #if 0 /* We don't have the peer's private key. These lines are just 569 * here as a reminder that we're still using a not-quite-appropriate 570 * data structure. */ 571 if (sc->peer_pkeys[i].privatekey != NULL) 572 EVP_PKEY_free(sc->peer_pkeys[i].privatekey); 573 #endif 574 } 575 576 if (sc->peer_rsa_tmp != NULL) 577 RSA_free(sc->peer_rsa_tmp); 578 if (sc->peer_dh_tmp != NULL) 579 DH_free(sc->peer_dh_tmp); 580 if (sc->peer_ecdh_tmp != NULL) 581 EC_KEY_free(sc->peer_ecdh_tmp); 582 583 OPENSSL_free(sc); 584 } 585 586 int ssl_set_peer_cert_type(SESS_CERT *sc,int type) 587 { 588 sc->peer_cert_type = type; 589 return(1); 590 } 591 592 int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk) 593 { 594 X509 *x; 595 int i; 596 X509_STORE *verify_store; 597 X509_STORE_CTX ctx; 598 599 if (s->cert->verify_store) 600 verify_store = s->cert->verify_store; 601 else 602 verify_store = s->ctx->cert_store; 603 604 if ((sk == NULL) || (sk_X509_num(sk) == 0)) 605 return(0); 606 607 x=sk_X509_value(sk,0); 608 if(!X509_STORE_CTX_init(&ctx,verify_store,x,sk)) 609 { 610 OPENSSL_PUT_ERROR(SSL, ssl_verify_cert_chain, ERR_R_X509_LIB); 611 return(0); 612 } 613 #if 0 614 if (SSL_get_verify_depth(s) >= 0) 615 X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s)); 616 #endif 617 X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s); 618 619 /* We need to inherit the verify parameters. These can be determined by 620 * the context: if its a server it will verify SSL client certificates 621 * or vice versa. 622 */ 623 624 X509_STORE_CTX_set_default(&ctx, 625 s->server ? "ssl_client" : "ssl_server"); 626 /* Anything non-default in "param" should overwrite anything in the 627 * ctx. 628 */ 629 X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(&ctx), s->param); 630 631 if (s->verify_callback) 632 X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback); 633 634 if (s->ctx->app_verify_callback != NULL) 635 #if 1 /* new with OpenSSL 0.9.7 */ 636 i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg); 637 #else 638 i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */ 639 #endif 640 else 641 { 642 #ifndef OPENSSL_NO_X509_VERIFY 643 i=X509_verify_cert(&ctx); 644 #else 645 i=0; 646 ctx.error=X509_V_ERR_APPLICATION_VERIFICATION; 647 OPENSSL_PUT_ERROR(SSL, ssl_verify_cert_chain, SSL_R_NO_VERIFY_CALLBACK); 648 #endif 649 } 650 651 s->verify_result=ctx.error; 652 X509_STORE_CTX_cleanup(&ctx); 653 654 return(i); 655 } 656 657 static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *name_list) 658 { 659 if (*ca_list != NULL) 660 sk_X509_NAME_pop_free(*ca_list,X509_NAME_free); 661 662 *ca_list=name_list; 663 } 664 665 STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk) 666 { 667 int i; 668 STACK_OF(X509_NAME) *ret; 669 X509_NAME *name; 670 671 ret=sk_X509_NAME_new_null(); 672 for (i=0; i<sk_X509_NAME_num(sk); i++) 673 { 674 name=X509_NAME_dup(sk_X509_NAME_value(sk,i)); 675 if ((name == NULL) || !sk_X509_NAME_push(ret,name)) 676 { 677 sk_X509_NAME_pop_free(ret,X509_NAME_free); 678 return(NULL); 679 } 680 } 681 return(ret); 682 } 683 684 void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *name_list) 685 { 686 set_client_CA_list(&(s->client_CA),name_list); 687 } 688 689 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *name_list) 690 { 691 set_client_CA_list(&(ctx->client_CA),name_list); 692 } 693 694 STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx) 695 { 696 return(ctx->client_CA); 697 } 698 699 STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s) 700 { 701 if (s->type == SSL_ST_CONNECT) 702 { /* we are in the client */ 703 if (((s->version>>8) == SSL3_VERSION_MAJOR) && 704 (s->s3 != NULL)) 705 return(s->s3->tmp.ca_names); 706 else 707 return(NULL); 708 } 709 else 710 { 711 if (s->client_CA != NULL) 712 return(s->client_CA); 713 else 714 return(s->ctx->client_CA); 715 } 716 } 717 718 static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x) 719 { 720 X509_NAME *name; 721 722 if (x == NULL) return(0); 723 if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL)) 724 return(0); 725 726 if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL) 727 return(0); 728 729 if (!sk_X509_NAME_push(*sk,name)) 730 { 731 X509_NAME_free(name); 732 return(0); 733 } 734 return(1); 735 } 736 737 int SSL_add_client_CA(SSL *ssl,X509 *x) 738 { 739 return(add_client_CA(&(ssl->client_CA),x)); 740 } 741 742 int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x) 743 { 744 return(add_client_CA(&(ctx->client_CA),x)); 745 } 746 747 static int xname_cmp(const X509_NAME **a, const X509_NAME **b) 748 { 749 return(X509_NAME_cmp(*a,*b)); 750 } 751 752 #ifndef OPENSSL_NO_STDIO 753 /*! 754 * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed; 755 * it doesn't really have anything to do with clients (except that a common use 756 * for a stack of CAs is to send it to the client). Actually, it doesn't have 757 * much to do with CAs, either, since it will load any old cert. 758 * \param file the file containing one or more certs. 759 * \return a ::STACK containing the certs. 760 */ 761 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) 762 { 763 BIO *in; 764 X509 *x=NULL; 765 X509_NAME *xn=NULL; 766 STACK_OF(X509_NAME) *ret = NULL,*sk; 767 768 sk=sk_X509_NAME_new(xname_cmp); 769 770 in=BIO_new(BIO_s_file()); 771 772 if ((sk == NULL) || (in == NULL)) 773 { 774 OPENSSL_PUT_ERROR(SSL, SSL_load_client_CA_file, ERR_R_MALLOC_FAILURE); 775 goto err; 776 } 777 778 if (!BIO_read_filename(in,file)) 779 goto err; 780 781 for (;;) 782 { 783 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL) 784 break; 785 if (ret == NULL) 786 { 787 ret = sk_X509_NAME_new_null(); 788 if (ret == NULL) 789 { 790 OPENSSL_PUT_ERROR(SSL, SSL_load_client_CA_file, ERR_R_MALLOC_FAILURE); 791 goto err; 792 } 793 } 794 if ((xn=X509_get_subject_name(x)) == NULL) goto err; 795 /* check for duplicates */ 796 xn=X509_NAME_dup(xn); 797 if (xn == NULL) goto err; 798 if (sk_X509_NAME_find(sk, NULL, xn)) 799 X509_NAME_free(xn); 800 else 801 { 802 sk_X509_NAME_push(sk,xn); 803 sk_X509_NAME_push(ret,xn); 804 } 805 } 806 807 if (0) 808 { 809 err: 810 if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free); 811 ret=NULL; 812 } 813 if (sk != NULL) sk_X509_NAME_free(sk); 814 if (in != NULL) BIO_free(in); 815 if (x != NULL) X509_free(x); 816 if (ret != NULL) 817 ERR_clear_error(); 818 return(ret); 819 } 820 #endif 821 822 /*! 823 * Add a file of certs to a stack. 824 * \param stack the stack to add to. 825 * \param file the file to add from. All certs in this file that are not 826 * already in the stack will be added. 827 * \return 1 for success, 0 for failure. Note that in the case of failure some 828 * certs may have been added to \c stack. 829 */ 830 831 int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, 832 const char *file) 833 { 834 BIO *in; 835 X509 *x=NULL; 836 X509_NAME *xn=NULL; 837 int ret=1; 838 int (*oldcmp)(const X509_NAME **a, const X509_NAME **b); 839 840 oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp); 841 842 in=BIO_new(BIO_s_file()); 843 844 if (in == NULL) 845 { 846 OPENSSL_PUT_ERROR(SSL, SSL_add_file_cert_subjects_to_stack, ERR_R_MALLOC_FAILURE); 847 goto err; 848 } 849 850 if (!BIO_read_filename(in,file)) 851 goto err; 852 853 for (;;) 854 { 855 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL) 856 break; 857 if ((xn=X509_get_subject_name(x)) == NULL) goto err; 858 xn=X509_NAME_dup(xn); 859 if (xn == NULL) goto err; 860 if (sk_X509_NAME_find(stack, NULL, xn)) 861 X509_NAME_free(xn); 862 else 863 sk_X509_NAME_push(stack,xn); 864 } 865 866 ERR_clear_error(); 867 868 if (0) 869 { 870 err: 871 ret=0; 872 } 873 if(in != NULL) 874 BIO_free(in); 875 if(x != NULL) 876 X509_free(x); 877 878 (void)sk_X509_NAME_set_cmp_func(stack,oldcmp); 879 880 return ret; 881 } 882 883 /*! 884 * Add a directory of certs to a stack. 885 * \param stack the stack to append to. 886 * \param dir the directory to append from. All files in this directory will be 887 * examined as potential certs. Any that are acceptable to 888 * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be 889 * included. 890 * \return 1 for success, 0 for failure. Note that in the case of failure some 891 * certs may have been added to \c stack. 892 */ 893 894 int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, 895 const char *dir) 896 { 897 OPENSSL_DIR_CTX *d = NULL; 898 const char *filename; 899 int ret = 0; 900 901 CRYPTO_w_lock(CRYPTO_LOCK_READDIR); 902 903 /* Note that a side effect is that the CAs will be sorted by name */ 904 905 while((filename = OPENSSL_DIR_read(&d, dir))) 906 { 907 char buf[1024]; 908 int r; 909 910 if(strlen(dir)+strlen(filename)+2 > sizeof buf) 911 { 912 OPENSSL_PUT_ERROR(SSL, SSL_add_dir_cert_subjects_to_stack, SSL_R_PATH_TOO_LONG); 913 goto err; 914 } 915 916 #ifdef OPENSSL_SYS_VMS 917 r = BIO_snprintf(buf,sizeof buf,"%s%s",dir,filename); 918 #else 919 r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,filename); 920 #endif 921 if (r <= 0 || r >= (int)sizeof(buf)) 922 goto err; 923 if(!SSL_add_file_cert_subjects_to_stack(stack,buf)) 924 goto err; 925 } 926 927 if (errno) 928 { 929 OPENSSL_PUT_ERROR(SSL, SSL_add_file_cert_subjects_to_stack, ERR_R_SYS_LIB); 930 ERR_add_error_data(3, "OPENSSL_DIR_read(&ctx, '", dir, "')"); 931 goto err; 932 } 933 934 ret = 1; 935 936 err: 937 if (d) OPENSSL_DIR_end(&d); 938 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); 939 return ret; 940 } 941 942 /* Add a certificate to a BUF_MEM structure */ 943 944 static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) 945 { 946 int n; 947 unsigned char *p; 948 949 n=i2d_X509(x,NULL); 950 if (!BUF_MEM_grow_clean(buf,(int)(n+(*l)+3))) 951 { 952 OPENSSL_PUT_ERROR(SSL, ssl_add_cert_to_buf, ERR_R_BUF_LIB); 953 return 0; 954 } 955 p=(unsigned char *)&(buf->data[*l]); 956 l2n3(n,p); 957 i2d_X509(x,&p); 958 *l+=n+3; 959 960 return 1; 961 } 962 963 /* Add certificate chain to internal SSL BUF_MEM strcuture */ 964 int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l) 965 { 966 BUF_MEM *buf = s->init_buf; 967 int no_chain; 968 int i; 969 970 X509 *x; 971 STACK_OF(X509) *extra_certs; 972 X509_STORE *chain_store; 973 974 if (cpk) 975 x = cpk->x509; 976 else 977 x = NULL; 978 979 if (s->cert->chain_store) 980 chain_store = s->cert->chain_store; 981 else 982 chain_store = s->ctx->cert_store; 983 984 /* If we have a certificate specific chain use it, else use 985 * parent ctx. 986 */ 987 if (cpk && cpk->chain) 988 extra_certs = cpk->chain; 989 else 990 extra_certs = s->ctx->extra_certs; 991 992 if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || extra_certs) 993 no_chain = 1; 994 else 995 no_chain = 0; 996 997 /* TLSv1 sends a chain with nothing in it, instead of an alert */ 998 if (!BUF_MEM_grow_clean(buf,10)) 999 { 1000 OPENSSL_PUT_ERROR(SSL, ssl_add_cert_chain, ERR_R_BUF_LIB); 1001 return 0; 1002 } 1003 if (x != NULL) 1004 { 1005 if (no_chain) 1006 { 1007 if (!ssl_add_cert_to_buf(buf, l, x)) 1008 return 0; 1009 } 1010 else 1011 { 1012 X509_STORE_CTX xs_ctx; 1013 1014 if (!X509_STORE_CTX_init(&xs_ctx,chain_store,x,NULL)) 1015 { 1016 OPENSSL_PUT_ERROR(SSL, ssl_add_cert_chain, ERR_R_X509_LIB); 1017 return(0); 1018 } 1019 X509_verify_cert(&xs_ctx); 1020 /* Don't leave errors in the queue */ 1021 ERR_clear_error(); 1022 for (i=0; i < sk_X509_num(xs_ctx.chain); i++) 1023 { 1024 x = sk_X509_value(xs_ctx.chain, i); 1025 1026 if (!ssl_add_cert_to_buf(buf, l, x)) 1027 { 1028 X509_STORE_CTX_cleanup(&xs_ctx); 1029 return 0; 1030 } 1031 } 1032 X509_STORE_CTX_cleanup(&xs_ctx); 1033 } 1034 } 1035 for (i=0; i<sk_X509_num(extra_certs); i++) 1036 { 1037 x=sk_X509_value(extra_certs,i); 1038 if (!ssl_add_cert_to_buf(buf, l, x)) 1039 return 0; 1040 } 1041 1042 return 1; 1043 } 1044 1045 /* Build a certificate chain for current certificate */ 1046 int ssl_build_cert_chain(CERT *c, X509_STORE *chain_store, int flags) 1047 { 1048 CERT_PKEY *cpk = c->key; 1049 X509_STORE_CTX xs_ctx; 1050 STACK_OF(X509) *chain = NULL, *untrusted = NULL; 1051 X509 *x; 1052 int i, rv = 0; 1053 unsigned long error; 1054 1055 if (!cpk->x509) 1056 { 1057 OPENSSL_PUT_ERROR(SSL, ssl_build_cert_chain, SSL_R_NO_CERTIFICATE_SET); 1058 goto err; 1059 } 1060 /* Rearranging and check the chain: add everything to a store */ 1061 if (flags & SSL_BUILD_CHAIN_FLAG_CHECK) 1062 { 1063 chain_store = X509_STORE_new(); 1064 if (!chain_store) 1065 goto err; 1066 for (i = 0; i < sk_X509_num(cpk->chain); i++) 1067 { 1068 x = sk_X509_value(cpk->chain, i); 1069 if (!X509_STORE_add_cert(chain_store, x)) 1070 { 1071 error = ERR_peek_last_error(); 1072 if (ERR_GET_LIB(error) != ERR_LIB_X509 || 1073 ERR_GET_REASON(error) != X509_R_CERT_ALREADY_IN_HASH_TABLE) 1074 goto err; 1075 ERR_clear_error(); 1076 } 1077 } 1078 /* Add EE cert too: it might be self signed */ 1079 if (!X509_STORE_add_cert(chain_store, cpk->x509)) 1080 { 1081 error = ERR_peek_last_error(); 1082 if (ERR_GET_LIB(error) != ERR_LIB_X509 || 1083 ERR_GET_REASON(error) != X509_R_CERT_ALREADY_IN_HASH_TABLE) 1084 goto err; 1085 ERR_clear_error(); 1086 } 1087 } 1088 else 1089 { 1090 if (c->chain_store) 1091 chain_store = c->chain_store; 1092 1093 if (flags & SSL_BUILD_CHAIN_FLAG_UNTRUSTED) 1094 untrusted = cpk->chain; 1095 } 1096 1097 if (!X509_STORE_CTX_init(&xs_ctx, chain_store, cpk->x509, untrusted)) 1098 { 1099 OPENSSL_PUT_ERROR(SSL, ssl_build_cert_chain, ERR_R_X509_LIB); 1100 goto err; 1101 } 1102 1103 i = X509_verify_cert(&xs_ctx); 1104 if (i <= 0 && flags & SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR) 1105 { 1106 if (flags & SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR) 1107 ERR_clear_error(); 1108 i = 1; 1109 rv = 2; 1110 } 1111 if (i > 0) 1112 chain = X509_STORE_CTX_get1_chain(&xs_ctx); 1113 if (i <= 0) 1114 { 1115 OPENSSL_PUT_ERROR(SSL, ssl_build_cert_chain, SSL_R_CERTIFICATE_VERIFY_FAILED); 1116 i = X509_STORE_CTX_get_error(&xs_ctx); 1117 ERR_add_error_data(2, "Verify error:", 1118 X509_verify_cert_error_string(i)); 1119 1120 X509_STORE_CTX_cleanup(&xs_ctx); 1121 goto err; 1122 } 1123 X509_STORE_CTX_cleanup(&xs_ctx); 1124 if (cpk->chain) 1125 sk_X509_pop_free(cpk->chain, X509_free); 1126 /* Remove EE certificate from chain */ 1127 x = sk_X509_shift(chain); 1128 X509_free(x); 1129 if (flags & SSL_BUILD_CHAIN_FLAG_NO_ROOT) 1130 { 1131 if (sk_X509_num(chain) > 0) 1132 { 1133 /* See if last cert is self signed */ 1134 x = sk_X509_value(chain, sk_X509_num(chain) - 1); 1135 X509_check_purpose(x, -1, 0); 1136 if (x->ex_flags & EXFLAG_SS) 1137 { 1138 x = sk_X509_pop(chain); 1139 X509_free(x); 1140 } 1141 } 1142 } 1143 cpk->chain = chain; 1144 if (rv == 0) 1145 rv = 1; 1146 err: 1147 if (flags & SSL_BUILD_CHAIN_FLAG_CHECK) 1148 X509_STORE_free(chain_store); 1149 1150 return rv; 1151 } 1152 1153 int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref) 1154 { 1155 X509_STORE **pstore; 1156 if (chain) 1157 pstore = &c->chain_store; 1158 else 1159 pstore = &c->verify_store; 1160 if (*pstore) 1161 X509_STORE_free(*pstore); 1162 *pstore = store; 1163 if (ref && store) 1164 CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE); 1165 return 1; 1166 } 1167 1168
