1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] 56 */ 57 /* ==================================================================== 58 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 59 * 60 * Redistribution and use in source and binary forms, with or without 61 * modification, are permitted provided that the following conditions 62 * are met: 63 * 64 * 1. Redistributions of source code must retain the above copyright 65 * notice, this list of conditions and the following disclaimer. 66 * 67 * 2. Redistributions in binary form must reproduce the above copyright 68 * notice, this list of conditions and the following disclaimer in 69 * the documentation and/or other materials provided with the 70 * distribution. 71 * 72 * 3. All advertising materials mentioning features or use of this 73 * software must display the following acknowledgment: 74 * "This product includes software developed by the OpenSSL Project 75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 76 * 77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 78 * endorse or promote products derived from this software without 79 * prior written permission. For written permission, please contact 80 * openssl-core (at) openssl.org. 81 * 82 * 5. Products derived from this software may not be called "OpenSSL" 83 * nor may "OpenSSL" appear in their names without prior written 84 * permission of the OpenSSL Project. 85 * 86 * 6. Redistributions of any form whatsoever must retain the following 87 * acknowledgment: 88 * "This product includes software developed by the OpenSSL Project 89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 90 * 91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 102 * OF THE POSSIBILITY OF SUCH DAMAGE. 103 * ==================================================================== 104 * 105 * This product includes cryptographic software written by Eric Young 106 * (eay (at) cryptsoft.com). This product includes software written by Tim 107 * Hudson (tjh (at) cryptsoft.com). 108 * 109 */ 110 /* ==================================================================== 111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 112 * ECC cipher suite support in OpenSSL originally developed by 113 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 114 */ 115 /* ==================================================================== 116 * Copyright 2005 Nokia. All rights reserved. 117 * 118 * The portions of the attached software ("Contribution") is developed by 119 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 120 * license. 121 * 122 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 123 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 124 * support (see RFC 4279) to OpenSSL. 125 * 126 * No patent licenses or other rights except those expressly stated in 127 * the OpenSSL open source license shall be deemed granted or received 128 * expressly, by implication, estoppel, or otherwise. 129 * 130 * No assurances are provided by Nokia that the Contribution does not 131 * infringe the patent or other intellectual property rights of any third 132 * party or that the license provides you with all the necessary rights 133 * to make use of the Contribution. 134 * 135 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 136 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 137 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 138 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 139 * OTHERWISE. */ 140 141 #include <openssl/ssl.h> 142 143 #include <assert.h> 144 145 #include <openssl/asn1.h> 146 #include <openssl/bytestring.h> 147 #include <openssl/err.h> 148 #include <openssl/pem.h> 149 #include <openssl/stack.h> 150 #include <openssl/x509.h> 151 #include <openssl/x509v3.h> 152 #include <openssl/x509_vfy.h> 153 154 #include "internal.h" 155 #include "../crypto/internal.h" 156 157 158 namespace bssl { 159 160 // check_ssl_x509_method asserts that |ssl| has the X509-based method 161 // installed. Calling an X509-based method on an |ssl| with a different method 162 // will likely misbehave and possibly crash or leak memory. 163 static void check_ssl_x509_method(const SSL *ssl) { 164 assert(ssl == NULL || ssl->ctx->x509_method == &ssl_crypto_x509_method); 165 } 166 167 // check_ssl_ctx_x509_method acts like |check_ssl_x509_method|, but for an 168 // |SSL_CTX|. 169 static void check_ssl_ctx_x509_method(const SSL_CTX *ctx) { 170 assert(ctx == NULL || ctx->x509_method == &ssl_crypto_x509_method); 171 } 172 173 // x509_to_buffer returns a |CRYPTO_BUFFER| that contains the serialised 174 // contents of |x509|. 175 static UniquePtr<CRYPTO_BUFFER> x509_to_buffer(X509 *x509) { 176 uint8_t *buf = NULL; 177 int cert_len = i2d_X509(x509, &buf); 178 if (cert_len <= 0) { 179 return 0; 180 } 181 182 UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(buf, cert_len, NULL)); 183 OPENSSL_free(buf); 184 185 return buffer; 186 } 187 188 // new_leafless_chain returns a fresh stack of buffers set to {NULL}. 189 static STACK_OF(CRYPTO_BUFFER) *new_leafless_chain(void) { 190 STACK_OF(CRYPTO_BUFFER) *chain = sk_CRYPTO_BUFFER_new_null(); 191 if (chain == NULL) { 192 return NULL; 193 } 194 195 if (!sk_CRYPTO_BUFFER_push(chain, NULL)) { 196 sk_CRYPTO_BUFFER_free(chain); 197 return NULL; 198 } 199 200 return chain; 201 } 202 203 // ssl_cert_set_chain sets elements 1.. of |cert->chain| to the serialised 204 // forms of elements of |chain|. It returns one on success or zero on error, in 205 // which case no change to |cert->chain| is made. It preverses the existing 206 // leaf from |cert->chain|, if any. 207 static int ssl_cert_set_chain(CERT *cert, STACK_OF(X509) *chain) { 208 UniquePtr<STACK_OF(CRYPTO_BUFFER)> new_chain; 209 210 if (cert->chain != NULL) { 211 new_chain.reset(sk_CRYPTO_BUFFER_new_null()); 212 if (!new_chain) { 213 return 0; 214 } 215 216 CRYPTO_BUFFER *leaf = sk_CRYPTO_BUFFER_value(cert->chain, 0); 217 if (!sk_CRYPTO_BUFFER_push(new_chain.get(), leaf)) { 218 return 0; 219 } 220 // |leaf| might be NULL if it's a leafless chain. 221 if (leaf != NULL) { 222 CRYPTO_BUFFER_up_ref(leaf); 223 } 224 } 225 226 for (X509 *x509 : chain) { 227 if (!new_chain) { 228 new_chain.reset(new_leafless_chain()); 229 if (!new_chain) { 230 return 0; 231 } 232 } 233 234 UniquePtr<CRYPTO_BUFFER> buffer = x509_to_buffer(x509); 235 if (!buffer || 236 !PushToStack(new_chain.get(), std::move(buffer))) { 237 return 0; 238 } 239 } 240 241 sk_CRYPTO_BUFFER_pop_free(cert->chain, CRYPTO_BUFFER_free); 242 cert->chain = new_chain.release(); 243 244 return 1; 245 } 246 247 static void ssl_crypto_x509_cert_flush_cached_leaf(CERT *cert) { 248 X509_free(cert->x509_leaf); 249 cert->x509_leaf = NULL; 250 } 251 252 static void ssl_crypto_x509_cert_flush_cached_chain(CERT *cert) { 253 sk_X509_pop_free(cert->x509_chain, X509_free); 254 cert->x509_chain = NULL; 255 } 256 257 static int ssl_crypto_x509_check_client_CA_list( 258 STACK_OF(CRYPTO_BUFFER) *names) { 259 for (const CRYPTO_BUFFER *buffer : names) { 260 const uint8_t *inp = CRYPTO_BUFFER_data(buffer); 261 X509_NAME *name = d2i_X509_NAME(NULL, &inp, CRYPTO_BUFFER_len(buffer)); 262 const int ok = name != NULL && inp == CRYPTO_BUFFER_data(buffer) + 263 CRYPTO_BUFFER_len(buffer); 264 X509_NAME_free(name); 265 if (!ok) { 266 return 0; 267 } 268 } 269 270 return 1; 271 } 272 273 static void ssl_crypto_x509_cert_clear(CERT *cert) { 274 ssl_crypto_x509_cert_flush_cached_leaf(cert); 275 ssl_crypto_x509_cert_flush_cached_chain(cert); 276 277 X509_free(cert->x509_stash); 278 cert->x509_stash = NULL; 279 } 280 281 static void ssl_crypto_x509_cert_free(CERT *cert) { 282 ssl_crypto_x509_cert_clear(cert); 283 X509_STORE_free(cert->verify_store); 284 } 285 286 static void ssl_crypto_x509_cert_dup(CERT *new_cert, const CERT *cert) { 287 if (cert->verify_store != NULL) { 288 X509_STORE_up_ref(cert->verify_store); 289 new_cert->verify_store = cert->verify_store; 290 } 291 } 292 293 static int ssl_crypto_x509_session_cache_objects(SSL_SESSION *sess) { 294 bssl::UniquePtr<STACK_OF(X509)> chain; 295 if (sk_CRYPTO_BUFFER_num(sess->certs) > 0) { 296 chain.reset(sk_X509_new_null()); 297 if (!chain) { 298 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); 299 return 0; 300 } 301 } 302 303 X509 *leaf = nullptr; 304 for (CRYPTO_BUFFER *cert : sess->certs) { 305 UniquePtr<X509> x509(X509_parse_from_buffer(cert)); 306 if (!x509) { 307 OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); 308 return 0; 309 } 310 if (leaf == nullptr) { 311 leaf = x509.get(); 312 } 313 if (!PushToStack(chain.get(), std::move(x509))) { 314 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); 315 return 0; 316 } 317 } 318 319 sk_X509_pop_free(sess->x509_chain, X509_free); 320 sess->x509_chain = chain.release(); 321 sk_X509_pop_free(sess->x509_chain_without_leaf, X509_free); 322 sess->x509_chain_without_leaf = NULL; 323 324 X509_free(sess->x509_peer); 325 if (leaf != NULL) { 326 X509_up_ref(leaf); 327 } 328 sess->x509_peer = leaf; 329 return 1; 330 } 331 332 static int ssl_crypto_x509_session_dup(SSL_SESSION *new_session, 333 const SSL_SESSION *session) { 334 if (session->x509_peer != NULL) { 335 X509_up_ref(session->x509_peer); 336 new_session->x509_peer = session->x509_peer; 337 } 338 if (session->x509_chain != NULL) { 339 new_session->x509_chain = X509_chain_up_ref(session->x509_chain); 340 if (new_session->x509_chain == NULL) { 341 return 0; 342 } 343 } 344 345 return 1; 346 } 347 348 static void ssl_crypto_x509_session_clear(SSL_SESSION *session) { 349 X509_free(session->x509_peer); 350 session->x509_peer = NULL; 351 sk_X509_pop_free(session->x509_chain, X509_free); 352 session->x509_chain = NULL; 353 sk_X509_pop_free(session->x509_chain_without_leaf, X509_free); 354 session->x509_chain_without_leaf = NULL; 355 } 356 357 static int ssl_crypto_x509_session_verify_cert_chain(SSL_SESSION *session, 358 SSL *ssl, 359 uint8_t *out_alert) { 360 *out_alert = SSL_AD_INTERNAL_ERROR; 361 STACK_OF(X509) *const cert_chain = session->x509_chain; 362 if (cert_chain == NULL || sk_X509_num(cert_chain) == 0) { 363 return 0; 364 } 365 366 X509_STORE *verify_store = ssl->ctx->cert_store; 367 if (ssl->cert->verify_store != NULL) { 368 verify_store = ssl->cert->verify_store; 369 } 370 371 X509 *leaf = sk_X509_value(cert_chain, 0); 372 ScopedX509_STORE_CTX ctx; 373 if (!X509_STORE_CTX_init(ctx.get(), verify_store, leaf, cert_chain)) { 374 OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB); 375 return 0; 376 } 377 if (!X509_STORE_CTX_set_ex_data(ctx.get(), 378 SSL_get_ex_data_X509_STORE_CTX_idx(), ssl)) { 379 return 0; 380 } 381 382 // We need to inherit the verify parameters. These can be determined by the 383 // context: if its a server it will verify SSL client certificates or vice 384 // versa. 385 X509_STORE_CTX_set_default(ctx.get(), 386 ssl->server ? "ssl_client" : "ssl_server"); 387 388 // Anything non-default in "param" should overwrite anything in the ctx. 389 X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(ctx.get()), ssl->param); 390 391 if (ssl->verify_callback) { 392 X509_STORE_CTX_set_verify_cb(ctx.get(), ssl->verify_callback); 393 } 394 395 int verify_ret; 396 if (ssl->ctx->app_verify_callback != NULL) { 397 verify_ret = 398 ssl->ctx->app_verify_callback(ctx.get(), ssl->ctx->app_verify_arg); 399 } else { 400 verify_ret = X509_verify_cert(ctx.get()); 401 } 402 403 session->verify_result = ctx->error; 404 405 // If |SSL_VERIFY_NONE|, the error is non-fatal, but we keep the result. 406 if (verify_ret <= 0 && ssl->verify_mode != SSL_VERIFY_NONE) { 407 *out_alert = SSL_alert_from_verify_result(ctx->error); 408 return 0; 409 } 410 411 ERR_clear_error(); 412 return 1; 413 } 414 415 static void ssl_crypto_x509_hs_flush_cached_ca_names(SSL_HANDSHAKE *hs) { 416 sk_X509_NAME_pop_free(hs->cached_x509_ca_names, X509_NAME_free); 417 hs->cached_x509_ca_names = NULL; 418 } 419 420 static int ssl_crypto_x509_ssl_new(SSL *ssl) { 421 ssl->param = X509_VERIFY_PARAM_new(); 422 if (ssl->param == NULL) { 423 return 0; 424 } 425 X509_VERIFY_PARAM_inherit(ssl->param, ssl->ctx->param); 426 return 1; 427 } 428 429 static void ssl_crypto_x509_ssl_flush_cached_client_CA(SSL *ssl) { 430 sk_X509_NAME_pop_free(ssl->cached_x509_client_CA, X509_NAME_free); 431 ssl->cached_x509_client_CA = NULL; 432 } 433 434 static void ssl_crypto_x509_ssl_free(SSL *ssl) { 435 ssl_crypto_x509_ssl_flush_cached_client_CA(ssl); 436 X509_VERIFY_PARAM_free(ssl->param); 437 } 438 439 static int ssl_crypto_x509_ssl_auto_chain_if_needed(SSL *ssl) { 440 // Only build a chain if there are no intermediates configured and the feature 441 // isn't disabled. 442 if ((ssl->mode & SSL_MODE_NO_AUTO_CHAIN) || 443 !ssl_has_certificate(ssl) || 444 ssl->cert->chain == NULL || 445 sk_CRYPTO_BUFFER_num(ssl->cert->chain) > 1) { 446 return 1; 447 } 448 449 UniquePtr<X509> leaf( 450 X509_parse_from_buffer(sk_CRYPTO_BUFFER_value(ssl->cert->chain, 0))); 451 if (!leaf) { 452 OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB); 453 return 0; 454 } 455 456 ScopedX509_STORE_CTX ctx; 457 if (!X509_STORE_CTX_init(ctx.get(), ssl->ctx->cert_store, leaf.get(), NULL)) { 458 OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB); 459 return 0; 460 } 461 462 // Attempt to build a chain, ignoring the result. 463 X509_verify_cert(ctx.get()); 464 ERR_clear_error(); 465 466 // Remove the leaf from the generated chain. 467 X509_free(sk_X509_shift(ctx->chain)); 468 469 if (!ssl_cert_set_chain(ssl->cert, ctx->chain)) { 470 return 0; 471 } 472 473 ssl_crypto_x509_cert_flush_cached_chain(ssl->cert); 474 475 return 1; 476 } 477 478 static void ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(SSL_CTX *ctx) { 479 sk_X509_NAME_pop_free(ctx->cached_x509_client_CA, X509_NAME_free); 480 ctx->cached_x509_client_CA = NULL; 481 } 482 483 static int ssl_crypto_x509_ssl_ctx_new(SSL_CTX *ctx) { 484 ctx->cert_store = X509_STORE_new(); 485 ctx->param = X509_VERIFY_PARAM_new(); 486 return (ctx->cert_store != NULL && ctx->param != NULL); 487 } 488 489 static void ssl_crypto_x509_ssl_ctx_free(SSL_CTX *ctx) { 490 ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(ctx); 491 X509_VERIFY_PARAM_free(ctx->param); 492 X509_STORE_free(ctx->cert_store); 493 } 494 495 const SSL_X509_METHOD ssl_crypto_x509_method = { 496 ssl_crypto_x509_check_client_CA_list, 497 ssl_crypto_x509_cert_clear, 498 ssl_crypto_x509_cert_free, 499 ssl_crypto_x509_cert_dup, 500 ssl_crypto_x509_cert_flush_cached_chain, 501 ssl_crypto_x509_cert_flush_cached_leaf, 502 ssl_crypto_x509_session_cache_objects, 503 ssl_crypto_x509_session_dup, 504 ssl_crypto_x509_session_clear, 505 ssl_crypto_x509_session_verify_cert_chain, 506 ssl_crypto_x509_hs_flush_cached_ca_names, 507 ssl_crypto_x509_ssl_new, 508 ssl_crypto_x509_ssl_free, 509 ssl_crypto_x509_ssl_flush_cached_client_CA, 510 ssl_crypto_x509_ssl_auto_chain_if_needed, 511 ssl_crypto_x509_ssl_ctx_new, 512 ssl_crypto_x509_ssl_ctx_free, 513 ssl_crypto_x509_ssl_ctx_flush_cached_client_CA, 514 }; 515 516 } // namespace bssl 517 518 using namespace bssl; 519 520 X509 *SSL_get_peer_certificate(const SSL *ssl) { 521 check_ssl_x509_method(ssl); 522 if (ssl == NULL) { 523 return NULL; 524 } 525 SSL_SESSION *session = SSL_get_session(ssl); 526 if (session == NULL || session->x509_peer == NULL) { 527 return NULL; 528 } 529 X509_up_ref(session->x509_peer); 530 return session->x509_peer; 531 } 532 533 STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl) { 534 check_ssl_x509_method(ssl); 535 if (ssl == NULL) { 536 return NULL; 537 } 538 SSL_SESSION *session = SSL_get_session(ssl); 539 if (session == NULL || 540 session->x509_chain == NULL) { 541 return NULL; 542 } 543 544 if (!ssl->server) { 545 return session->x509_chain; 546 } 547 548 // OpenSSL historically didn't include the leaf certificate in the returned 549 // certificate chain, but only for servers. 550 if (session->x509_chain_without_leaf == NULL) { 551 session->x509_chain_without_leaf = sk_X509_new_null(); 552 if (session->x509_chain_without_leaf == NULL) { 553 return NULL; 554 } 555 556 for (size_t i = 1; i < sk_X509_num(session->x509_chain); i++) { 557 X509 *cert = sk_X509_value(session->x509_chain, i); 558 if (!sk_X509_push(session->x509_chain_without_leaf, cert)) { 559 sk_X509_pop_free(session->x509_chain_without_leaf, X509_free); 560 session->x509_chain_without_leaf = NULL; 561 return NULL; 562 } 563 X509_up_ref(cert); 564 } 565 } 566 567 return session->x509_chain_without_leaf; 568 } 569 570 STACK_OF(X509) *SSL_get_peer_full_cert_chain(const SSL *ssl) { 571 check_ssl_x509_method(ssl); 572 SSL_SESSION *session = SSL_get_session(ssl); 573 if (session == NULL) { 574 return NULL; 575 } 576 577 return session->x509_chain; 578 } 579 580 int SSL_CTX_set_purpose(SSL_CTX *ctx, int purpose) { 581 check_ssl_ctx_x509_method(ctx); 582 return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose); 583 } 584 585 int SSL_set_purpose(SSL *ssl, int purpose) { 586 check_ssl_x509_method(ssl); 587 return X509_VERIFY_PARAM_set_purpose(ssl->param, purpose); 588 } 589 590 int SSL_CTX_set_trust(SSL_CTX *ctx, int trust) { 591 check_ssl_ctx_x509_method(ctx); 592 return X509_VERIFY_PARAM_set_trust(ctx->param, trust); 593 } 594 595 int SSL_set_trust(SSL *ssl, int trust) { 596 check_ssl_x509_method(ssl); 597 return X509_VERIFY_PARAM_set_trust(ssl->param, trust); 598 } 599 600 int SSL_CTX_set1_param(SSL_CTX *ctx, const X509_VERIFY_PARAM *param) { 601 check_ssl_ctx_x509_method(ctx); 602 return X509_VERIFY_PARAM_set1(ctx->param, param); 603 } 604 605 int SSL_set1_param(SSL *ssl, const X509_VERIFY_PARAM *param) { 606 check_ssl_x509_method(ssl); 607 return X509_VERIFY_PARAM_set1(ssl->param, param); 608 } 609 610 X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx) { 611 check_ssl_ctx_x509_method(ctx); 612 return ctx->param; 613 } 614 615 X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl) { 616 check_ssl_x509_method(ssl); 617 return ssl->param; 618 } 619 620 int SSL_get_verify_depth(const SSL *ssl) { 621 check_ssl_x509_method(ssl); 622 return X509_VERIFY_PARAM_get_depth(ssl->param); 623 } 624 625 int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *) { 626 check_ssl_x509_method(ssl); 627 return ssl->verify_callback; 628 } 629 630 int SSL_CTX_get_verify_mode(const SSL_CTX *ctx) { 631 check_ssl_ctx_x509_method(ctx); 632 return ctx->verify_mode; 633 } 634 635 int SSL_CTX_get_verify_depth(const SSL_CTX *ctx) { 636 check_ssl_ctx_x509_method(ctx); 637 return X509_VERIFY_PARAM_get_depth(ctx->param); 638 } 639 640 int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))( 641 int ok, X509_STORE_CTX *store_ctx) { 642 check_ssl_ctx_x509_method(ctx); 643 return ctx->default_verify_callback; 644 } 645 646 void SSL_set_verify(SSL *ssl, int mode, 647 int (*callback)(int ok, X509_STORE_CTX *store_ctx)) { 648 check_ssl_x509_method(ssl); 649 ssl->verify_mode = mode; 650 if (callback != NULL) { 651 ssl->verify_callback = callback; 652 } 653 } 654 655 void SSL_set_verify_depth(SSL *ssl, int depth) { 656 check_ssl_x509_method(ssl); 657 X509_VERIFY_PARAM_set_depth(ssl->param, depth); 658 } 659 660 void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, 661 int (*cb)(X509_STORE_CTX *store_ctx, 662 void *arg), 663 void *arg) { 664 check_ssl_ctx_x509_method(ctx); 665 ctx->app_verify_callback = cb; 666 ctx->app_verify_arg = arg; 667 } 668 669 void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, 670 int (*cb)(int, X509_STORE_CTX *)) { 671 check_ssl_ctx_x509_method(ctx); 672 ctx->verify_mode = mode; 673 ctx->default_verify_callback = cb; 674 } 675 676 void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth) { 677 check_ssl_ctx_x509_method(ctx); 678 X509_VERIFY_PARAM_set_depth(ctx->param, depth); 679 } 680 681 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) { 682 check_ssl_ctx_x509_method(ctx); 683 return X509_STORE_set_default_paths(ctx->cert_store); 684 } 685 686 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *ca_file, 687 const char *ca_dir) { 688 check_ssl_ctx_x509_method(ctx); 689 return X509_STORE_load_locations(ctx->cert_store, ca_file, ca_dir); 690 } 691 692 void SSL_set_verify_result(SSL *ssl, long result) { 693 check_ssl_x509_method(ssl); 694 if (result != X509_V_OK) { 695 abort(); 696 } 697 } 698 699 long SSL_get_verify_result(const SSL *ssl) { 700 check_ssl_x509_method(ssl); 701 SSL_SESSION *session = SSL_get_session(ssl); 702 if (session == NULL) { 703 return X509_V_ERR_INVALID_CALL; 704 } 705 return session->verify_result; 706 } 707 708 X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx) { 709 check_ssl_ctx_x509_method(ctx); 710 return ctx->cert_store; 711 } 712 713 void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store) { 714 check_ssl_ctx_x509_method(ctx); 715 X509_STORE_free(ctx->cert_store); 716 ctx->cert_store = store; 717 } 718 719 static int ssl_use_certificate(CERT *cert, X509 *x) { 720 if (x == NULL) { 721 OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); 722 return 0; 723 } 724 725 UniquePtr<CRYPTO_BUFFER> buffer = x509_to_buffer(x); 726 if (!buffer) { 727 return 0; 728 } 729 730 return ssl_set_cert(cert, std::move(buffer)); 731 } 732 733 int SSL_use_certificate(SSL *ssl, X509 *x) { 734 check_ssl_x509_method(ssl); 735 return ssl_use_certificate(ssl->cert, x); 736 } 737 738 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) { 739 check_ssl_ctx_x509_method(ctx); 740 return ssl_use_certificate(ctx->cert, x); 741 } 742 743 // ssl_cert_cache_leaf_cert sets |cert->x509_leaf|, if currently NULL, from the 744 // first element of |cert->chain|. 745 static int ssl_cert_cache_leaf_cert(CERT *cert) { 746 assert(cert->x509_method); 747 748 if (cert->x509_leaf != NULL || 749 cert->chain == NULL) { 750 return 1; 751 } 752 753 CRYPTO_BUFFER *leaf = sk_CRYPTO_BUFFER_value(cert->chain, 0); 754 if (!leaf) { 755 return 1; 756 } 757 758 cert->x509_leaf = X509_parse_from_buffer(leaf); 759 return cert->x509_leaf != NULL; 760 } 761 762 static X509 *ssl_cert_get0_leaf(CERT *cert) { 763 if (cert->x509_leaf == NULL && 764 !ssl_cert_cache_leaf_cert(cert)) { 765 return NULL; 766 } 767 768 return cert->x509_leaf; 769 } 770 771 X509 *SSL_get_certificate(const SSL *ssl) { 772 check_ssl_x509_method(ssl); 773 return ssl_cert_get0_leaf(ssl->cert); 774 } 775 776 X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx) { 777 check_ssl_ctx_x509_method(ctx); 778 MutexWriteLock lock(const_cast<CRYPTO_MUTEX*>(&ctx->lock)); 779 return ssl_cert_get0_leaf(ctx->cert); 780 } 781 782 static int ssl_cert_set0_chain(CERT *cert, STACK_OF(X509) *chain) { 783 if (!ssl_cert_set_chain(cert, chain)) { 784 return 0; 785 } 786 787 sk_X509_pop_free(chain, X509_free); 788 ssl_crypto_x509_cert_flush_cached_chain(cert); 789 return 1; 790 } 791 792 static int ssl_cert_set1_chain(CERT *cert, STACK_OF(X509) *chain) { 793 if (!ssl_cert_set_chain(cert, chain)) { 794 return 0; 795 } 796 797 ssl_crypto_x509_cert_flush_cached_chain(cert); 798 return 1; 799 } 800 801 static int ssl_cert_append_cert(CERT *cert, X509 *x509) { 802 assert(cert->x509_method); 803 804 UniquePtr<CRYPTO_BUFFER> buffer = x509_to_buffer(x509); 805 if (!buffer) { 806 return 0; 807 } 808 809 if (cert->chain != NULL) { 810 return PushToStack(cert->chain, std::move(buffer)); 811 } 812 813 cert->chain = new_leafless_chain(); 814 if (cert->chain == NULL || 815 !PushToStack(cert->chain, std::move(buffer))) { 816 sk_CRYPTO_BUFFER_free(cert->chain); 817 cert->chain = NULL; 818 return 0; 819 } 820 821 return 1; 822 } 823 824 static int ssl_cert_add0_chain_cert(CERT *cert, X509 *x509) { 825 if (!ssl_cert_append_cert(cert, x509)) { 826 return 0; 827 } 828 829 X509_free(cert->x509_stash); 830 cert->x509_stash = x509; 831 ssl_crypto_x509_cert_flush_cached_chain(cert); 832 return 1; 833 } 834 835 static int ssl_cert_add1_chain_cert(CERT *cert, X509 *x509) { 836 if (!ssl_cert_append_cert(cert, x509)) { 837 return 0; 838 } 839 840 ssl_crypto_x509_cert_flush_cached_chain(cert); 841 return 1; 842 } 843 844 int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *chain) { 845 check_ssl_ctx_x509_method(ctx); 846 return ssl_cert_set0_chain(ctx->cert, chain); 847 } 848 849 int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *chain) { 850 check_ssl_ctx_x509_method(ctx); 851 return ssl_cert_set1_chain(ctx->cert, chain); 852 } 853 854 int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *chain) { 855 check_ssl_x509_method(ssl); 856 return ssl_cert_set0_chain(ssl->cert, chain); 857 } 858 859 int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *chain) { 860 check_ssl_x509_method(ssl); 861 return ssl_cert_set1_chain(ssl->cert, chain); 862 } 863 864 int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509) { 865 check_ssl_ctx_x509_method(ctx); 866 return ssl_cert_add0_chain_cert(ctx->cert, x509); 867 } 868 869 int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509) { 870 check_ssl_ctx_x509_method(ctx); 871 return ssl_cert_add1_chain_cert(ctx->cert, x509); 872 } 873 874 int SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509) { 875 check_ssl_ctx_x509_method(ctx); 876 return SSL_CTX_add0_chain_cert(ctx, x509); 877 } 878 879 int SSL_add0_chain_cert(SSL *ssl, X509 *x509) { 880 check_ssl_x509_method(ssl); 881 return ssl_cert_add0_chain_cert(ssl->cert, x509); 882 } 883 884 int SSL_add1_chain_cert(SSL *ssl, X509 *x509) { 885 check_ssl_x509_method(ssl); 886 return ssl_cert_add1_chain_cert(ssl->cert, x509); 887 } 888 889 int SSL_CTX_clear_chain_certs(SSL_CTX *ctx) { 890 check_ssl_ctx_x509_method(ctx); 891 return SSL_CTX_set0_chain(ctx, NULL); 892 } 893 894 int SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx) { 895 check_ssl_ctx_x509_method(ctx); 896 return SSL_CTX_clear_chain_certs(ctx); 897 } 898 899 int SSL_clear_chain_certs(SSL *ssl) { 900 check_ssl_x509_method(ssl); 901 return SSL_set0_chain(ssl, NULL); 902 } 903 904 // ssl_cert_cache_chain_certs fills in |cert->x509_chain| from elements 1.. of 905 // |cert->chain|. 906 static int ssl_cert_cache_chain_certs(CERT *cert) { 907 assert(cert->x509_method); 908 909 if (cert->x509_chain != NULL || 910 cert->chain == NULL || 911 sk_CRYPTO_BUFFER_num(cert->chain) < 2) { 912 return 1; 913 } 914 915 UniquePtr<STACK_OF(X509)> chain(sk_X509_new_null()); 916 if (!chain) { 917 return 0; 918 } 919 920 for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(cert->chain); i++) { 921 CRYPTO_BUFFER *buffer = sk_CRYPTO_BUFFER_value(cert->chain, i); 922 UniquePtr<X509> x509(X509_parse_from_buffer(buffer)); 923 if (!x509 || 924 !PushToStack(chain.get(), std::move(x509))) { 925 return 0; 926 } 927 } 928 929 cert->x509_chain = chain.release(); 930 return 1; 931 } 932 933 int SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, STACK_OF(X509) **out_chain) { 934 check_ssl_ctx_x509_method(ctx); 935 MutexWriteLock lock(const_cast<CRYPTO_MUTEX*>(&ctx->lock)); 936 if (!ssl_cert_cache_chain_certs(ctx->cert)) { 937 *out_chain = NULL; 938 return 0; 939 } 940 941 *out_chain = ctx->cert->x509_chain; 942 return 1; 943 } 944 945 int SSL_CTX_get_extra_chain_certs(const SSL_CTX *ctx, 946 STACK_OF(X509) **out_chain) { 947 return SSL_CTX_get0_chain_certs(ctx, out_chain); 948 } 949 950 int SSL_get0_chain_certs(const SSL *ssl, STACK_OF(X509) **out_chain) { 951 check_ssl_x509_method(ssl); 952 if (!ssl_cert_cache_chain_certs(ssl->cert)) { 953 *out_chain = NULL; 954 return 0; 955 } 956 957 *out_chain = ssl->cert->x509_chain; 958 return 1; 959 } 960 961 static SSL_SESSION *ssl_session_new_with_crypto_x509(void) { 962 return ssl_session_new(&ssl_crypto_x509_method).release(); 963 } 964 965 SSL_SESSION *d2i_SSL_SESSION_bio(BIO *bio, SSL_SESSION **out) { 966 return ASN1_d2i_bio_of(SSL_SESSION, ssl_session_new_with_crypto_x509, 967 d2i_SSL_SESSION, bio, out); 968 } 969 970 int i2d_SSL_SESSION_bio(BIO *bio, const SSL_SESSION *session) { 971 return ASN1_i2d_bio_of(SSL_SESSION, i2d_SSL_SESSION, bio, session); 972 } 973 974 IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION) 975 976 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const uint8_t **pp, long length) { 977 if (length < 0) { 978 OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); 979 return NULL; 980 } 981 982 CBS cbs; 983 CBS_init(&cbs, *pp, length); 984 985 UniquePtr<SSL_SESSION> ret = SSL_SESSION_parse(&cbs, &ssl_crypto_x509_method, 986 NULL /* no buffer pool */); 987 if (!ret) { 988 return NULL; 989 } 990 991 if (a) { 992 SSL_SESSION_free(*a); 993 *a = ret.get(); 994 } 995 *pp = CBS_data(&cbs); 996 return ret.release(); 997 } 998 999 STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *list) { 1000 return sk_X509_NAME_deep_copy(list, X509_NAME_dup, X509_NAME_free); 1001 } 1002 1003 static void set_client_CA_list(STACK_OF(CRYPTO_BUFFER) **ca_list, 1004 const STACK_OF(X509_NAME) *name_list, 1005 CRYPTO_BUFFER_POOL *pool) { 1006 UniquePtr<STACK_OF(CRYPTO_BUFFER)> buffers(sk_CRYPTO_BUFFER_new_null()); 1007 if (!buffers) { 1008 return; 1009 } 1010 1011 for (X509_NAME *name : name_list) { 1012 uint8_t *outp = NULL; 1013 int len = i2d_X509_NAME(name, &outp); 1014 if (len < 0) { 1015 return; 1016 } 1017 1018 UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(outp, len, pool)); 1019 OPENSSL_free(outp); 1020 if (!buffer || 1021 !PushToStack(buffers.get(), std::move(buffer))) { 1022 return; 1023 } 1024 } 1025 1026 sk_CRYPTO_BUFFER_pop_free(*ca_list, CRYPTO_BUFFER_free); 1027 *ca_list = buffers.release(); 1028 } 1029 1030 void SSL_set_client_CA_list(SSL *ssl, STACK_OF(X509_NAME) *name_list) { 1031 check_ssl_x509_method(ssl); 1032 ssl->ctx->x509_method->ssl_flush_cached_client_CA(ssl); 1033 set_client_CA_list(&ssl->client_CA, name_list, ssl->ctx->pool); 1034 sk_X509_NAME_pop_free(name_list, X509_NAME_free); 1035 } 1036 1037 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list) { 1038 check_ssl_ctx_x509_method(ctx); 1039 ctx->x509_method->ssl_ctx_flush_cached_client_CA(ctx); 1040 set_client_CA_list(&ctx->client_CA, name_list, ctx->pool); 1041 sk_X509_NAME_pop_free(name_list, X509_NAME_free); 1042 } 1043 1044 static STACK_OF(X509_NAME) * 1045 buffer_names_to_x509(const STACK_OF(CRYPTO_BUFFER) *names, 1046 STACK_OF(X509_NAME) **cached) { 1047 if (names == NULL) { 1048 return NULL; 1049 } 1050 1051 if (*cached != NULL) { 1052 return *cached; 1053 } 1054 1055 UniquePtr<STACK_OF(X509_NAME)> new_cache(sk_X509_NAME_new_null()); 1056 if (!new_cache) { 1057 OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); 1058 return NULL; 1059 } 1060 1061 for (const CRYPTO_BUFFER *buffer : names) { 1062 const uint8_t *inp = CRYPTO_BUFFER_data(buffer); 1063 UniquePtr<X509_NAME> name( 1064 d2i_X509_NAME(nullptr, &inp, CRYPTO_BUFFER_len(buffer))); 1065 if (!name || 1066 inp != CRYPTO_BUFFER_data(buffer) + CRYPTO_BUFFER_len(buffer) || 1067 !PushToStack(new_cache.get(), std::move(name))) { 1068 return NULL; 1069 } 1070 } 1071 1072 *cached = new_cache.release(); 1073 return *cached; 1074 } 1075 1076 STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *ssl) { 1077 check_ssl_x509_method(ssl); 1078 // For historical reasons, this function is used both to query configuration 1079 // state on a server as well as handshake state on a client. However, whether 1080 // |ssl| is a client or server is not known until explicitly configured with 1081 // |SSL_set_connect_state|. If |do_handshake| is NULL, |ssl| is in an 1082 // indeterminate mode and |ssl->server| is unset. 1083 if (ssl->do_handshake != NULL && !ssl->server) { 1084 if (ssl->s3->hs != NULL) { 1085 return buffer_names_to_x509(ssl->s3->hs->ca_names.get(), 1086 &ssl->s3->hs->cached_x509_ca_names); 1087 } 1088 1089 return NULL; 1090 } 1091 1092 if (ssl->client_CA != NULL) { 1093 return buffer_names_to_x509( 1094 ssl->client_CA, (STACK_OF(X509_NAME) **)&ssl->cached_x509_client_CA); 1095 } 1096 return SSL_CTX_get_client_CA_list(ssl->ctx); 1097 } 1098 1099 STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx) { 1100 check_ssl_ctx_x509_method(ctx); 1101 // This is a logically const operation that may be called on multiple threads, 1102 // so it needs to lock around updating |cached_x509_client_CA|. 1103 MutexWriteLock lock(const_cast<CRYPTO_MUTEX *>(&ctx->lock)); 1104 return buffer_names_to_x509( 1105 ctx->client_CA, 1106 const_cast<STACK_OF(X509_NAME) **>(&ctx->cached_x509_client_CA)); 1107 } 1108 1109 static int add_client_CA(STACK_OF(CRYPTO_BUFFER) **names, X509 *x509, 1110 CRYPTO_BUFFER_POOL *pool) { 1111 if (x509 == NULL) { 1112 return 0; 1113 } 1114 1115 uint8_t *outp = NULL; 1116 int len = i2d_X509_NAME(X509_get_subject_name(x509), &outp); 1117 if (len < 0) { 1118 return 0; 1119 } 1120 1121 UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(outp, len, pool)); 1122 OPENSSL_free(outp); 1123 if (!buffer) { 1124 return 0; 1125 } 1126 1127 int alloced = 0; 1128 if (*names == NULL) { 1129 *names = sk_CRYPTO_BUFFER_new_null(); 1130 alloced = 1; 1131 1132 if (*names == NULL) { 1133 return 0; 1134 } 1135 } 1136 1137 if (!PushToStack(*names, std::move(buffer))) { 1138 if (alloced) { 1139 sk_CRYPTO_BUFFER_pop_free(*names, CRYPTO_BUFFER_free); 1140 *names = NULL; 1141 } 1142 return 0; 1143 } 1144 1145 return 1; 1146 } 1147 1148 int SSL_add_client_CA(SSL *ssl, X509 *x509) { 1149 check_ssl_x509_method(ssl); 1150 if (!add_client_CA(&ssl->client_CA, x509, ssl->ctx->pool)) { 1151 return 0; 1152 } 1153 1154 ssl_crypto_x509_ssl_flush_cached_client_CA(ssl); 1155 return 1; 1156 } 1157 1158 int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x509) { 1159 check_ssl_ctx_x509_method(ctx); 1160 if (!add_client_CA(&ctx->client_CA, x509, ctx->pool)) { 1161 return 0; 1162 } 1163 1164 ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(ctx); 1165 return 1; 1166 } 1167 1168 static int do_client_cert_cb(SSL *ssl, void *arg) { 1169 if (ssl_has_certificate(ssl) || ssl->ctx->client_cert_cb == NULL) { 1170 return 1; 1171 } 1172 1173 X509 *x509 = NULL; 1174 EVP_PKEY *pkey = NULL; 1175 int ret = ssl->ctx->client_cert_cb(ssl, &x509, &pkey); 1176 if (ret < 0) { 1177 return -1; 1178 } 1179 UniquePtr<X509> free_x509(x509); 1180 UniquePtr<EVP_PKEY> free_pkey(pkey); 1181 1182 if (ret != 0) { 1183 if (!SSL_use_certificate(ssl, x509) || 1184 !SSL_use_PrivateKey(ssl, pkey)) { 1185 return 0; 1186 } 1187 } 1188 1189 return 1; 1190 } 1191 1192 void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, 1193 X509 **out_x509, 1194 EVP_PKEY **out_pkey)) { 1195 check_ssl_ctx_x509_method(ctx); 1196 // Emulate the old client certificate callback with the new one. 1197 SSL_CTX_set_cert_cb(ctx, do_client_cert_cb, NULL); 1198 ctx->client_cert_cb = cb; 1199 } 1200 1201 static int set_cert_store(X509_STORE **store_ptr, X509_STORE *new_store, 1202 int take_ref) { 1203 X509_STORE_free(*store_ptr); 1204 *store_ptr = new_store; 1205 1206 if (new_store != NULL && take_ref) { 1207 X509_STORE_up_ref(new_store); 1208 } 1209 1210 return 1; 1211 } 1212 1213 int SSL_get_ex_data_X509_STORE_CTX_idx(void) { 1214 // The ex_data index to go from |X509_STORE_CTX| to |SSL| always uses the 1215 // reserved app_data slot. Before ex_data was introduced, app_data was used. 1216 // Avoid breaking any software which assumes |X509_STORE_CTX_get_app_data| 1217 // works. 1218 return 0; 1219 } 1220 1221 int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *store) { 1222 check_ssl_ctx_x509_method(ctx); 1223 return set_cert_store(&ctx->cert->verify_store, store, 0); 1224 } 1225 1226 int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *store) { 1227 check_ssl_ctx_x509_method(ctx); 1228 return set_cert_store(&ctx->cert->verify_store, store, 1); 1229 } 1230 1231 int SSL_set0_verify_cert_store(SSL *ssl, X509_STORE *store) { 1232 check_ssl_x509_method(ssl); 1233 return set_cert_store(&ssl->cert->verify_store, store, 0); 1234 } 1235 1236 int SSL_set1_verify_cert_store(SSL *ssl, X509_STORE *store) { 1237 check_ssl_x509_method(ssl); 1238 return set_cert_store(&ssl->cert->verify_store, store, 1); 1239 } 1240 1241 int SSL_alert_from_verify_result(long result) { 1242 switch (result) { 1243 case X509_V_ERR_CERT_CHAIN_TOO_LONG: 1244 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1245 case X509_V_ERR_INVALID_CA: 1246 case X509_V_ERR_PATH_LENGTH_EXCEEDED: 1247 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: 1248 case X509_V_ERR_UNABLE_TO_GET_CRL: 1249 case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: 1250 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: 1251 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: 1252 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: 1253 return SSL_AD_UNKNOWN_CA; 1254 1255 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: 1256 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: 1257 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: 1258 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: 1259 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: 1260 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: 1261 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: 1262 case X509_V_ERR_CERT_UNTRUSTED: 1263 case X509_V_ERR_CERT_REJECTED: 1264 case X509_V_ERR_HOSTNAME_MISMATCH: 1265 case X509_V_ERR_EMAIL_MISMATCH: 1266 case X509_V_ERR_IP_ADDRESS_MISMATCH: 1267 return SSL_AD_BAD_CERTIFICATE; 1268 1269 case X509_V_ERR_CERT_SIGNATURE_FAILURE: 1270 case X509_V_ERR_CRL_SIGNATURE_FAILURE: 1271 return SSL_AD_DECRYPT_ERROR; 1272 1273 case X509_V_ERR_CERT_HAS_EXPIRED: 1274 case X509_V_ERR_CERT_NOT_YET_VALID: 1275 case X509_V_ERR_CRL_HAS_EXPIRED: 1276 case X509_V_ERR_CRL_NOT_YET_VALID: 1277 return SSL_AD_CERTIFICATE_EXPIRED; 1278 1279 case X509_V_ERR_CERT_REVOKED: 1280 return SSL_AD_CERTIFICATE_REVOKED; 1281 1282 case X509_V_ERR_UNSPECIFIED: 1283 case X509_V_ERR_OUT_OF_MEM: 1284 case X509_V_ERR_INVALID_CALL: 1285 case X509_V_ERR_STORE_LOOKUP: 1286 return SSL_AD_INTERNAL_ERROR; 1287 1288 case X509_V_ERR_APPLICATION_VERIFICATION: 1289 return SSL_AD_HANDSHAKE_FAILURE; 1290 1291 case X509_V_ERR_INVALID_PURPOSE: 1292 return SSL_AD_UNSUPPORTED_CERTIFICATE; 1293 1294 default: 1295 return SSL_AD_CERTIFICATE_UNKNOWN; 1296 } 1297 } 1298