Gitiles
Code Review Sign In
realtimeroboticsgroup.org / RealtimeRoboticsGroup / test / 35a2f4972223ed6ec630f82bbaf4ef35a21a3eb4 / . / src / tls / openssl / tls.c
blob: bc855b138d4929cc6fb490bf0ee20258796a7e90 [file] [log] [blame]
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]1/**
2 * @file openssl/tls.c TLS backend using OpenSSL
3 *
4 * Copyright (C) 2010 Creytiv.com
5 */
6#include <string.h>
7#include <openssl/ssl.h>
8#include <openssl/err.h>
9#include <openssl/rsa.h>
10#include <openssl/bn.h>
11#include <openssl/evp.h>
12#include <openssl/x509.h>
Austin Schuh35a2f492021-04-07 21:41:56 -0700[diff] [blame^]13#include <openssl/dh.h>
14#include <openssl/ec.h>
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]15#include <re_types.h>
16#include <re_fmt.h>
17#include <re_mem.h>
18#include <re_mbuf.h>
19#include <re_main.h>
20#include <re_sa.h>
21#include <re_net.h>
22#include <re_srtp.h>
23#include <re_sys.h>
24#include <re_tcp.h>
25#include <re_tls.h>
26#include "tls.h"
27
28
29/* also defined by wincrypt.h */
30#ifdef WIN32
31#undef X509_NAME
32#endif
33
34
35#define DEBUG_MODULE "tls"
36#define DEBUG_LEVEL 5
37#include <re_dbg.h>
38
39
40/* NOTE: shadow struct defined in tls_*.c */
41struct tls_conn {
42 SSL *ssl;
43};
44
45
46static void destructor(void *data)
47{
48 struct tls *tls = data;
49
50 if (tls->ctx)
51 SSL_CTX_free(tls->ctx);
52
53 if (tls->cert)
54 X509_free(tls->cert);
55
56 mem_deref(tls->pass);
57}
58
59
60/*The password code is not thread safe*/
61static int password_cb(char *buf, int size, int rwflag, void *userdata)
62{
63 struct tls *tls = userdata;
64
65 (void)rwflag;
66
67 DEBUG_NOTICE("password callback\n");
68
69 if (size < (int)strlen(tls->pass)+1)
70 return 0;
71
72 strncpy(buf, tls->pass, size);
73
74 return (int)strlen(tls->pass);
75}
76
77
78static int keytype2int(enum tls_keytype type)
79{
80 switch (type) {
81 case TLS_KEYTYPE_EC:
82 return EVP_PKEY_EC;
83 case TLS_KEYTYPE_RSA:
84 return EVP_PKEY_RSA;
85 default:
86 return EVP_PKEY_NONE;
87 }
88}
89
90
91/**
92 * Allocate a new TLS context
93 *
94 * @param tlsp Pointer to allocated TLS context
95 * @param method TLS method
96 * @param keyfile Optional private key file
97 * @param pwd Optional password
98 *
99 * @return 0 if success, otherwise errorcode
100 */
101int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
102 const char *pwd)
103{
104 struct tls *tls;
105 int r, err;
106
107 if (!tlsp)
108 return EINVAL;
109
110 tls = mem_zalloc(sizeof(*tls), destructor);
111 if (!tls)
112 return ENOMEM;
113
114 switch (method) {
115
116 case TLS_METHOD_SSLV23:
117 tls->ctx = SSL_CTX_new(SSLv23_method());
118 break;
119
120#ifdef USE_OPENSSL_DTLS
121 case TLS_METHOD_DTLSV1:
122#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
123 !defined(LIBRESSL_VERSION_NUMBER)
124
125 tls->ctx = SSL_CTX_new(DTLS_method());
126#else
127 tls->ctx = SSL_CTX_new(DTLSv1_method());
128#endif
129 break;
130
131#ifdef SSL_OP_NO_DTLSv1_2
132 /* DTLS v1.2 is available in OpenSSL 1.0.2 and later */
133
134 case TLS_METHOD_DTLS:
135 tls->ctx = SSL_CTX_new(DTLS_method());
136 break;
137
138 case TLS_METHOD_DTLSV1_2:
139#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
140 !defined(LIBRESSL_VERSION_NUMBER)
141
142 tls->ctx = SSL_CTX_new(DTLS_method());
143#else
144 tls->ctx = SSL_CTX_new(DTLSv1_2_method());
145#endif
146 break;
147#endif
148
149#endif
150
151 default:
152 DEBUG_WARNING("tls method %d not supported\n", method);
153 err = ENOSYS;
154 goto out;
155 }
156
157 if (!tls->ctx) {
158 ERR_clear_error();
159 err = ENOMEM;
160 goto out;
161 }
162
163#if (OPENSSL_VERSION_NUMBER < 0x00905100L)
164 SSL_CTX_set_verify_depth(tls->ctx, 1);
165#endif
166
167 /* Load our keys and certificates */
168 if (keyfile) {
169 if (pwd) {
170 err = str_dup(&tls->pass, pwd);
171 if (err)
172 goto out;
173
174 SSL_CTX_set_default_passwd_cb(tls->ctx, password_cb);
175 SSL_CTX_set_default_passwd_cb_userdata(tls->ctx, tls);
176 }
177
178 r = SSL_CTX_use_certificate_chain_file(tls->ctx, keyfile);
179 if (r <= 0) {
180 DEBUG_WARNING("Can't read certificate file: %s (%d)\n",
181 keyfile, r);
182 ERR_clear_error();
183 err = EINVAL;
184 goto out;
185 }
186
187 r = SSL_CTX_use_PrivateKey_file(tls->ctx, keyfile,
188 SSL_FILETYPE_PEM);
189 if (r <= 0) {
190 DEBUG_WARNING("Can't read key file: %s (%d)\n",
191 keyfile, r);
192 ERR_clear_error();
193 err = EINVAL;
194 goto out;
195 }
196 }
197
198 err = 0;
199 out:
200 if (err)
201 mem_deref(tls);
202 else
203 *tlsp = tls;
204
205 return err;
206}
207
208
209/**
210 * Set default locations for trusted CA certificates
211 *
212 * @param tls TLS Context
213 * @param cafile PEM file with CA certificates
214 *
215 * @return 0 if success, otherwise errorcode
216 */
217int tls_add_ca(struct tls *tls, const char *cafile)
218{
219 if (!tls || !cafile)
220 return EINVAL;
221
222 /* Load the CAs we trust */
223 if (!(SSL_CTX_load_verify_locations(tls->ctx, cafile, NULL))) {
224 DEBUG_WARNING("Can't read CA file: %s\n", cafile);
225 ERR_clear_error();
226 return EINVAL;
227 }
228
229 return 0;
230}
231
232
233/**
234 * Generate and set selfsigned certificate on TLS context
235 *
236 * @param tls TLS Context
237 * @param cn Common Name
238 *
239 * @return 0 if success, otherwise errorcode
240 */
241int tls_set_selfsigned(struct tls *tls, const char *cn)
242{
243 X509_NAME *subj = NULL;
244 EVP_PKEY *key = NULL;
245 X509 *cert = NULL;
246 BIGNUM *bn = NULL;
247 RSA *rsa = NULL;
248 int r, err = ENOMEM;
249
250 if (!tls || !cn)
251 return EINVAL;
252
253 rsa = RSA_new();
254 if (!rsa)
255 goto out;
256
257 bn = BN_new();
258 if (!bn)
259 goto out;
260
261 BN_set_word(bn, RSA_F4);
262 if (!RSA_generate_key_ex(rsa, 1024, bn, NULL))
263 goto out;
264
265 key = EVP_PKEY_new();
266 if (!key)
267 goto out;
268
269 if (!EVP_PKEY_set1_RSA(key, rsa))
270 goto out;
271
272 cert = X509_new();
273 if (!cert)
274 goto out;
275
276 if (!X509_set_version(cert, 2))
277 goto out;
278
279 if (!ASN1_INTEGER_set(X509_get_serialNumber(cert), rand_u32()))
280 goto out;
281
282 subj = X509_NAME_new();
283 if (!subj)
284 goto out;
285
286 if (!X509_NAME_add_entry_by_txt(subj, "CN", MBSTRING_ASC,
287 (unsigned char *)cn,
288 (int)strlen(cn), -1, 0))
289 goto out;
290
291 if (!X509_set_issuer_name(cert, subj) ||
292 !X509_set_subject_name(cert, subj))
293 goto out;
294
295 if (!X509_gmtime_adj(X509_get_notBefore(cert), -3600*24*365) ||
296 !X509_gmtime_adj(X509_get_notAfter(cert), 3600*24*365*10))
297 goto out;
298
299 if (!X509_set_pubkey(cert, key))
300 goto out;
301
302 if (!X509_sign(cert, key, EVP_sha1()))
303 goto out;
304
305 r = SSL_CTX_use_certificate(tls->ctx, cert);
306 if (r != 1)
307 goto out;
308
309 r = SSL_CTX_use_PrivateKey(tls->ctx, key);
310 if (r != 1)
311 goto out;
312
313 if (tls->cert)
314 X509_free(tls->cert);
315
316 tls->cert = cert;
317 cert = NULL;
318
319 err = 0;
320
321 out:
322 if (subj)
323 X509_NAME_free(subj);
324
325 if (cert)
326 X509_free(cert);
327
328 if (key)
329 EVP_PKEY_free(key);
330
331 if (rsa)
332 RSA_free(rsa);
333
334 if (bn)
335 BN_free(bn);
336
337 if (err)
338 ERR_clear_error();
339
340 return err;
341}
342
343
344/**
345 * Set the certificate and private key on a TLS context
346 *
347 * @param tls TLS Context
348 * @param cert Certificate in PEM format
349 * @param len_cert Length of certificate PEM string
350 * @param key Private key in PEM format, will be read from cert if NULL
351 * @param len_key Length of private key PEM string
352 *
353 * @return 0 if success, otherwise errorcode
354 */
355int tls_set_certificate_pem(struct tls *tls, const char *cert, size_t len_cert,
356 const char *key, size_t len_key)
357{
358 BIO *bio = NULL, *kbio = NULL;
359 X509 *x509 = NULL;
360 EVP_PKEY *pkey = NULL;
361 int r, err = ENOMEM;
362
363 if (!tls || !cert || !len_cert || (key && !len_key))
364 return EINVAL;
365
366 if (!key) {
367 key = cert;
368 len_key = len_cert;
369 }
370
371 bio = BIO_new_mem_buf((char *)cert, (int)len_cert);
372 kbio = BIO_new_mem_buf((char *)key, (int)len_key);
373 if (!bio || !kbio)
374 goto out;
375
376 x509 = PEM_read_bio_X509(bio, NULL, 0, NULL);
377 pkey = PEM_read_bio_PrivateKey(kbio, NULL, 0, NULL);
378 if (!x509 || !pkey)
379 goto out;
380
381 r = SSL_CTX_use_certificate(tls->ctx, x509);
382 if (r != 1)
383 goto out;
384
385 r = SSL_CTX_use_PrivateKey(tls->ctx, pkey);
386 if (r != 1) {
387 DEBUG_WARNING("set_certificate_pem: use_PrivateKey failed\n");
388 goto out;
389 }
390
391 if (tls->cert)
392 X509_free(tls->cert);
393
394 tls->cert = x509;
395 x509 = NULL;
396
397 err = 0;
398
399 out:
400 if (x509)
401 X509_free(x509);
402 if (pkey)
403 EVP_PKEY_free(pkey);
404 if (bio)
405 BIO_free(bio);
406 if (kbio)
407 BIO_free(kbio);
408 if (err)
409 ERR_clear_error();
410
411 return err;
412}
413
414
415/**
416 * Set the certificate and private key on a TLS context
417 *
418 * @param tls TLS Context
419 * @param keytype Private key type
420 * @param cert Certificate in DER format
421 * @param len_cert Length of certificate DER bytes
422 * @param key Private key in DER format, will be read from cert if NULL
423 * @param len_key Length of private key DER bytes
424 *
425 * @return 0 if success, otherwise errorcode
426 */
427int tls_set_certificate_der(struct tls *tls, enum tls_keytype keytype,
428 const uint8_t *cert, size_t len_cert,
429 const uint8_t *key, size_t len_key)
430{
431 const uint8_t *buf_cert;
432 X509 *x509 = NULL;
433 EVP_PKEY *pkey = NULL;
434 int r, type, err = ENOMEM;
435
436 if (!tls || !cert || !len_cert || (key && !len_key))
437 return EINVAL;
438
439 type = keytype2int(keytype);
440 if (type == EVP_PKEY_NONE)
441 return EINVAL;
442
443 buf_cert = cert;
444
445 x509 = d2i_X509(NULL, &buf_cert, len_cert);
446 if (!x509)
447 goto out;
448
449 if (!key) {
450 key = buf_cert;
451 len_key = len_cert - (buf_cert - cert);
452 }
453
454 pkey = d2i_PrivateKey(type, NULL, &key, len_key);
455 if (!pkey)
456 goto out;
457
458 r = SSL_CTX_use_certificate(tls->ctx, x509);
459 if (r != 1)
460 goto out;
461
462 r = SSL_CTX_use_PrivateKey(tls->ctx, pkey);
463 if (r != 1) {
464 DEBUG_WARNING("set_certificate_der: use_PrivateKey failed\n");
465 goto out;
466 }
467
468 if (tls->cert)
469 X509_free(tls->cert);
470
471 tls->cert = x509;
472 x509 = NULL;
473
474 err = 0;
475
476 out:
477 if (x509)
478 X509_free(x509);
479 if (pkey)
480 EVP_PKEY_free(pkey);
481 if (err)
482 ERR_clear_error();
483
484 return err;
485}
486
487
488/**
489 * Set the certificate and private key on a TLS context
490 *
491 * @param tls TLS Context
492 * @param pem Certificate and private key in PEM format
493 * @param len Length of PEM string
494 *
495 * @return 0 if success, otherwise errorcode
496 */
497int tls_set_certificate(struct tls *tls, const char *pem, size_t len)
498{
499 return tls_set_certificate_pem(tls, pem, len, NULL, 0);
500}
501
502
503static int verify_handler(int ok, X509_STORE_CTX *ctx)
504{
505 (void)ok;
506 (void)ctx;
507
508 return 1; /* We trust the certificate from peer */
509}
510
511
512/**
513 * Set TLS server context to request certificate from client
514 *
515 * @param tls TLS Context
516 */
517void tls_set_verify_client(struct tls *tls)
518{
519 if (!tls)
520 return;
521
522 SSL_CTX_set_verify_depth(tls->ctx, 0);
523 SSL_CTX_set_verify(tls->ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
524 verify_handler);
525}
526
527
528/**
529 * Set SRTP suites on TLS context
530 *
531 * @param tls TLS Context
532 * @param suites Secure-RTP Profiles
533 *
534 * @return 0 if success, otherwise errorcode
535 */
536int tls_set_srtp(struct tls *tls, const char *suites)
537{
538#ifdef USE_OPENSSL_SRTP
539 if (!tls || !suites)
540 return EINVAL;
541
542 if (0 != SSL_CTX_set_tlsext_use_srtp(tls->ctx, suites)) {
543 ERR_clear_error();
544 return ENOSYS;
545 }
546
547 return 0;
548#else
549 (void)tls;
550 (void)suites;
551
552 return ENOSYS;
553#endif
554}
555
556
557static int cert_fingerprint(X509 *cert, enum tls_fingerprint type,
558 uint8_t *md, size_t size)
559{
560 unsigned int len = (unsigned int)size;
561 int n;
562
563 switch (type) {
564
565 case TLS_FINGERPRINT_SHA1:
566 if (size < 20)
567 return EOVERFLOW;
568
569 n = X509_digest(cert, EVP_sha1(), md, &len);
570 break;
571
572 case TLS_FINGERPRINT_SHA256:
573 if (size < 32)
574 return EOVERFLOW;
575
576 n = X509_digest(cert, EVP_sha256(), md, &len);
577 break;
578
579 default:
580 return ENOSYS;
581 }
582
583 if (n != 1) {
584 ERR_clear_error();
585 return ENOENT;
586 }
587
588 return 0;
589}
590
591
592/**
593 * Get fingerprint of local certificate
594 *
595 * @param tls TLS Context
596 * @param type Digest type
597 * @param md Buffer for fingerprint digest
598 * @param size Buffer size
599 *
600 * @return 0 if success, otherwise errorcode
601 */
602int tls_fingerprint(const struct tls *tls, enum tls_fingerprint type,
603 uint8_t *md, size_t size)
604{
605 if (!tls || !tls->cert || !md)
606 return EINVAL;
607
608 return cert_fingerprint(tls->cert, type, md, size);
609}
610
611
612/**
613 * Get fingerprint of peer certificate of a TLS connection
614 *
615 * @param tc TLS Connection
616 * @param type Digest type
617 * @param md Buffer for fingerprint digest
618 * @param size Buffer size
619 *
620 * @return 0 if success, otherwise errorcode
621 */
622int tls_peer_fingerprint(const struct tls_conn *tc, enum tls_fingerprint type,
623 uint8_t *md, size_t size)
624{
625 X509 *cert;
626 int err;
627
628 if (!tc || !md)
629 return EINVAL;
630
631 cert = SSL_get_peer_certificate(tc->ssl);
632 if (!cert)
633 return ENOENT;
634
635 err = cert_fingerprint(cert, type, md, size);
636
637 X509_free(cert);
638
639 return err;
640}
641
642
643/**
644 * Get common name of peer certificate of a TLS connection
645 *
646 * @param tc TLS Connection
647 * @param cn Returned common name
648 * @param size Size of common name
649 *
650 * @return 0 if success, otherwise errorcode
651 */
652int tls_peer_common_name(const struct tls_conn *tc, char *cn, size_t size)
653{
654 X509 *cert;
655 int n;
656
657 if (!tc || !cn || !size)
658 return EINVAL;
659
660 cert = SSL_get_peer_certificate(tc->ssl);
661 if (!cert)
662 return ENOENT;
663
664 n = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
665 NID_commonName, cn, (int)size);
666
667 X509_free(cert);
668
669 if (n < 0) {
670 ERR_clear_error();
671 return ENOENT;
672 }
673
674 return 0;
675}
676
677
678/**
679 * Verify peer certificate of a TLS connection
680 *
681 * @param tc TLS Connection
682 *
683 * @return 0 if verified, otherwise errorcode
684 */
685int tls_peer_verify(const struct tls_conn *tc)
686{
687 if (!tc)
688 return EINVAL;
689
690 if (SSL_get_verify_result(tc->ssl) != X509_V_OK)
691 return EAUTH;
692
693 return 0;
694}
695
696
697/**
698 * Get SRTP suite and keying material of a TLS connection
699 *
700 * @param tc TLS Connection
701 * @param suite Returned SRTP suite
702 * @param cli_key Client key
703 * @param cli_key_size Client key size
704 * @param srv_key Server key
705 * @param srv_key_size Server key size
706 *
707 * @return 0 if success, otherwise errorcode
708 */
709int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite,
710 uint8_t *cli_key, size_t cli_key_size,
711 uint8_t *srv_key, size_t srv_key_size)
712{
713#ifdef USE_OPENSSL_SRTP
714 static const char *label = "EXTRACTOR-dtls_srtp";
715 size_t key_size, salt_size, size;
716 SRTP_PROTECTION_PROFILE *sel;
717 uint8_t keymat[256], *p;
718
719 if (!tc || !suite || !cli_key || !srv_key)
720 return EINVAL;
721
722 sel = SSL_get_selected_srtp_profile(tc->ssl);
723 if (!sel)
724 return ENOENT;
725
726 switch (sel->id) {
727
728 case SRTP_AES128_CM_SHA1_80:
729 *suite = SRTP_AES_CM_128_HMAC_SHA1_80;
730 key_size = 16;
731 salt_size = 14;
732 break;
733
734 case SRTP_AES128_CM_SHA1_32:
735 *suite = SRTP_AES_CM_128_HMAC_SHA1_32;
736 key_size = 16;
737 salt_size = 14;
738 break;
739
740#ifdef SRTP_AEAD_AES_128_GCM
741 case SRTP_AEAD_AES_128_GCM:
742 *suite = SRTP_AES_128_GCM;
743 key_size = 16;
744 salt_size = 12;
745 break;
746#endif
747
748#ifdef SRTP_AEAD_AES_256_GCM
749 case SRTP_AEAD_AES_256_GCM:
750 *suite = SRTP_AES_256_GCM;
751 key_size = 32;
752 salt_size = 12;
753 break;
754#endif
755
756 default:
757 return ENOSYS;
758 }
759
760 size = key_size + salt_size;
761
762 if (cli_key_size < size || srv_key_size < size)
763 return EOVERFLOW;
764
765 if (sizeof(keymat) < 2*size)
766 return EOVERFLOW;
767
768 if (1 != SSL_export_keying_material(tc->ssl, keymat, 2*size, label,
769 strlen(label), NULL, 0, 0)) {
770 ERR_clear_error();
771 return ENOENT;
772 }
773
774 p = keymat;
775
776 memcpy(cli_key, p, key_size); p += key_size;
777 memcpy(srv_key, p, key_size); p += key_size;
778 memcpy(cli_key + key_size, p, salt_size); p += salt_size;
779 memcpy(srv_key + key_size, p, salt_size);
780
781 return 0;
782#else
783 (void)tc;
784 (void)suite;
785 (void)cli_key;
786 (void)cli_key_size;
787 (void)srv_key;
788 (void)srv_key_size;
789
790 return ENOSYS;
791#endif
792}
793
794
795/**
796 * Get cipher name of a TLS connection
797 *
798 * @param tc TLS Connection
799 *
800 * @return name of cipher actually used.
801 */
802const char *tls_cipher_name(const struct tls_conn *tc)
803{
804 if (!tc)
805 return NULL;
806
807 return SSL_get_cipher_name(tc->ssl);
808}
809
810
811/**
812 * Set the ciphers to use for this TLS context
813 *
814 * @param tls TLS Context
815 * @param cipherv Vector of cipher names, in order of priority
816 * @param count Number of cipher names in the vector
817 *
818 * @return 0 if success, otherwise errorcode
819 */
820int tls_set_ciphers(struct tls *tls, const char *cipherv[], size_t count)
821{
822 struct mbuf *mb;
823 int r, err;
824 size_t i;
825
826 if (!tls || !cipherv || !count)
827 return EINVAL;
828
829 mb = mbuf_alloc(32 * count);
830 if (!mb)
831 return ENOMEM;
832
833 for (i=0; i<count; i++) {
834
835 err = mbuf_printf(mb, "%s%s", i>0 ? ":" : "", cipherv[i]);
836 if (err)
837 goto out;
838 }
839
840 err = mbuf_write_u8(mb, '\0');
841 if (err)
842 goto out;
843
844 r = SSL_CTX_set_cipher_list(tls->ctx, (char *)mb->buf);
845 if (r <= 0) {
846 ERR_clear_error();
847 err = EPROTO;
848 goto out;
849 }
850
851 out:
852 mem_deref(mb);
853
854 return err;
855}
856
857
Austin Schuh35a2f492021-04-07 21:41:56 -0700[diff] [blame^]858static int set_dh_params(struct tls *tls, DH *dh)
859{
860 int codes;
861 long r;
862#if OPENSSL_VERSION_NUMBER < 0x1000200fL
863 EC_KEY *ec_key;
864#endif
865
866 if (!DH_check(dh, &codes))
867 return ENOMEM;
868 if (codes) {
869#if defined(DH_CHECK_P_NOT_PRIME)
870 if (codes & DH_CHECK_P_NOT_PRIME)
871 DEBUG_WARNING("set_dh_params: p is not prime\n");
872#endif
873#if defined(DH_CHECK_P_NOT_SAFE_PRIME)
874 if (codes & DH_CHECK_P_NOT_SAFE_PRIME)
875 DEBUG_WARNING("set_dh_params: p is not safe prime\n");
876#endif
877#if defined(DH_UNABLE_TO_CHECK_GENERATOR)
878 if (codes & DH_UNABLE_TO_CHECK_GENERATOR)
879 DEBUG_WARNING("set_dh_params: generator g "
880 "cannot be checked\n");
881#endif
882#if defined(DH_NOT_SUITABLE_GENERATOR)
883 if (codes & DH_NOT_SUITABLE_GENERATOR)
884 DEBUG_WARNING("set_dh_params: generator g "
885 "is not suitable\n");
886#endif
887#if defined(DH_CHECK_Q_NOT_PRIME)
888 if (codes & DH_CHECK_Q_NOT_PRIME)
889 DEBUG_WARNING("set_dh_params: q is not prime\n");
890#endif
891#if defined(DH_CHECK_INVALID_Q_VALUE)
892 if (codes & DH_CHECK_INVALID_Q_VALUE)
893 DEBUG_WARNING("set_dh_params: q is invalid\n");
894#endif
895#if defined(DH_CHECK_INVALID_J_VALUE)
896 if (codes & DH_CHECK_INVALID_J_VALUE)
897 DEBUG_WARNING("set_dh_params: j is invalid\n");
898#endif
899 return EINVAL;
900 }
901
902 if (!SSL_CTX_set_tmp_dh(tls->ctx, dh)) {
903 DEBUG_WARNING("set_dh_params: set_tmp_dh failed\n");
904 return ENOMEM;
905 }
906
907#if OPENSSL_VERSION_NUMBER >= 0x1000200fL
908 r = SSL_CTX_set_ecdh_auto(tls->ctx, (long) 1);
909 if (!r) {
910 DEBUG_WARNING("set_dh_params: set_ecdh_auto failed\n");
911 return ENOMEM;
912 }
913#else
914 ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
915 if (!ec_key)
916 return ENOMEM;
917 r = SSL_CTX_set_tmp_ecdh(tls->ctx, ec_key);
918 EC_KEY_free(ec_key);
919 if (!r) {
920 DEBUG_WARNING("set_dh_params: set_tmp_ecdh failed\n");
921 return ENOMEM;
922 }
923#endif
924
925 return 0;
926}
927
928
929/**
930 * Set Diffie-Hellman parameters on a TLS context
931 *
932 * @param tls TLS Context
933 * @param pem Diffie-Hellman parameters in PEM format
934 * @param len Length of PEM string
935 *
936 * @return 0 if success, otherwise errorcode
937 */
938int tls_set_dh_params_pem(struct tls *tls, const char *pem, size_t len)
939{
940 BIO *bio = NULL;
941 DH *dh = NULL;
942 int err = ENOMEM;
943
944 if (!tls || !pem || !len)
945 return EINVAL;
946
947 bio = BIO_new_mem_buf((char *)pem, (int)len);
948 if (!bio)
949 goto out;
950
951 dh = PEM_read_bio_DHparams(bio, NULL, 0, NULL);
952 if (!dh)
953 goto out;
954
955 err = set_dh_params(tls, dh);
956 if (err)
957 goto out;
958
959 err = 0;
960
961 out:
962 if (dh)
963 DH_free(dh);
964 if (bio)
965 BIO_free(bio);
966 if (err)
967 ERR_clear_error();
968
969 return err;
970}
971
972
973/**
974 * Set Diffie-Hellman parameters on a TLS context
975 *
976 * @param tls TLS Context
977 * @param der Diffie-Hellman parameters in DER format
978 * @param len Length of DER bytes
979 *
980 * @return 0 if success, otherwise errorcode
981 */
982int tls_set_dh_params_der(struct tls *tls, const uint8_t *der, size_t len)
983{
984 DH *dh = NULL;
985 int err = ENOMEM;
986
987 if (!tls || !der || !len)
988 return EINVAL;
989
990 dh = d2i_DHparams(NULL, &der, len);
991 if (!dh)
992 goto out;
993
994 err = set_dh_params(tls, dh);
995 if (err)
996 goto out;
997
998 err = 0;
999
1000 out:
1001 if (dh)
1002 DH_free(dh);
1003 if (err)
1004 ERR_clear_error();
1005
1006 return err;
1007}
1008
1009
James Kuszmaul82f6c042021-01-17 11:30:16 -0800[diff] [blame]1010/**
1011 * Set the server name on a TLS Connection, using TLS SNI extension.
1012 *
1013 * @param tc TLS Connection
1014 * @param servername Server name
1015 *
1016 * @return 0 if success, otherwise errorcode
1017 */
1018int tls_set_servername(struct tls_conn *tc, const char *servername)
1019{
1020 if (!tc || !servername)
1021 return EINVAL;
1022
1023 if (1 != SSL_set_tlsext_host_name(tc->ssl, servername)) {
1024 DEBUG_WARNING("tls: SSL_set_tlsext_host_name error\n");
1025 ERR_clear_error();
1026 return EPROTO;
1027 }
1028
1029 return 0;
1030}
1031
1032
1033static int print_error(const char *str, size_t len, void *unused)
1034{
1035 (void)unused;
1036 DEBUG_WARNING("%b", str, len);
1037
1038 return 1;
1039}
1040
1041
1042void tls_flush_error(void)
1043{
1044 ERR_print_errors_cb(print_error, NULL);
1045}
1046
1047
1048/**
1049 * Get the backend-specific (OpenSSL) context
1050 *
1051 * @param tls Generic TLS Context
1052 *
1053 * @return OpenSSL context
1054 */
1055struct ssl_ctx_st *tls_openssl_context(const struct tls *tls)
1056{
1057 return tls ? tls->ctx : NULL;
1058}