Blame - src/ssl/ssl_cert.cc - platform/external/boringssl

blob: 54df38f7a66d07a0c3ff56a242e5ee72f9b4a99f [file] [log] [blame]

Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	1	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
				2	* All rights reserved.
				3	*
				4	* This package is an SSL implementation written
				5	* by Eric Young (eay@cryptsoft.com).
				6	* The implementation was written so as to conform with Netscapes SSL.
				7	*
				8	* This library is free for commercial and non-commercial use as long as
				9	* the following conditions are aheared to. The following conditions
				10	* apply to all code found in this distribution, be it the RC4, RSA,
				11	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
				12	* included with this distribution is covered by the same copyright terms
				13	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
				14	*
				15	* Copyright remains Eric Young's, and as such any Copyright notices in
				16	* the code are not to be removed.
				17	* If this package is used in a product, Eric Young should be given attribution
				18	* as the author of the parts of the library used.
				19	* This can be in the form of a textual message at program startup or
				20	* in documentation (online or textual) provided with the package.
				21	*
				22	* Redistribution and use in source and binary forms, with or without
				23	* modification, are permitted provided that the following conditions
				24	* are met:
				25	* 1. Redistributions of source code must retain the copyright
				26	* notice, this list of conditions and the following disclaimer.
				27	* 2. Redistributions in binary form must reproduce the above copyright
				28	* notice, this list of conditions and the following disclaimer in the
				29	* documentation and/or other materials provided with the distribution.
				30	* 3. All advertising materials mentioning features or use of this software
				31	* must display the following acknowledgement:
				32	* "This product includes cryptographic software written by
				33	* Eric Young (eay@cryptsoft.com)"
				34	* The word 'cryptographic' can be left out if the rouines from the library
				35	* being used are not cryptographic related :-).
				36	* 4. If you include any Windows specific code (or a derivative thereof) from
				37	* the apps directory (application code) you must include an acknowledgement:
				38	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
				39	*
				40	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
				41	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
				42	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
				43	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
				44	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
				45	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
				46	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
				47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
				48	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
				49	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
				50	* SUCH DAMAGE.
				51	*
				52	* The licence and distribution terms for any publically available version or
				53	* derivative of this code cannot be changed. i.e. this code cannot simply be
				54	* copied and put under another distribution licence
				55	* [including the GNU Public Licence.]
				56	*/
				57	/* ====================================================================
				58	* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
				59	*
				60	* Redistribution and use in source and binary forms, with or without
				61	* modification, are permitted provided that the following conditions
				62	* are met:
				63	*
				64	* 1. Redistributions of source code must retain the above copyright
				65	* notice, this list of conditions and the following disclaimer.
				66	*
				67	* 2. Redistributions in binary form must reproduce the above copyright
				68	* notice, this list of conditions and the following disclaimer in
				69	* the documentation and/or other materials provided with the
				70	* distribution.
				71	*
				72	* 3. All advertising materials mentioning features or use of this
				73	* software must display the following acknowledgment:
				74	* "This product includes software developed by the OpenSSL Project
				75	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
				76	*
				77	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
				78	* endorse or promote products derived from this software without
				79	* prior written permission. For written permission, please contact
				80	* openssl-core@openssl.org.
				81	*
				82	* 5. Products derived from this software may not be called "OpenSSL"
				83	* nor may "OpenSSL" appear in their names without prior written
				84	* permission of the OpenSSL Project.
				85	*
				86	* 6. Redistributions of any form whatsoever must retain the following
				87	* acknowledgment:
				88	* "This product includes software developed by the OpenSSL Project
				89	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
				90	*
				91	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
				92	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
				93	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
				94	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
				95	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
				96	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
				97	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
				98	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
				99	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
				100	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
				101	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
				102	* OF THE POSSIBILITY OF SUCH DAMAGE.
				103	* ====================================================================
				104	*
				105	* This product includes cryptographic software written by Eric Young
				106	* (eay@cryptsoft.com). This product includes software written by Tim
				107	* Hudson (tjh@cryptsoft.com).
				108	*
				109	*/
				110	/* ====================================================================
				111	* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
				112	* ECC cipher suite support in OpenSSL originally developed by
				113	* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */
				114
Kenny Root	b849459	2015-09-25 02:29:14 +0000	[diff] [blame]	115	#include <openssl/ssl.h>
				116
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	117	#include <assert.h>
Steven Valdez	909b19f	2016-11-21 15:35:44 -0500	[diff] [blame]	118	#include <limits.h>
Adam Langley	e9ada86	2015-05-11 17:20:37 -0700	[diff] [blame]	119	#include <string.h>
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	120
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	121	#include <utility>
				122
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	123	#include <openssl/bn.h>
				124	#include <openssl/buf.h>
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	125	#include <openssl/bytestring.h>
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	126	#include <openssl/ec_key.h>
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	127	#include <openssl/err.h>
				128	#include <openssl/mem.h>
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	129	#include <openssl/sha.h>
Adam Langley	56d2503	2015-06-23 16:20:13 -0700	[diff] [blame]	130	#include <openssl/x509.h>
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	131
Adam Langley	f4e4272	2015-06-04 17:45:09 -0700	[diff] [blame]	132	#include "../crypto/internal.h"
Adam Langley	e9ada86	2015-05-11 17:20:37 -0700	[diff] [blame]	133	#include "internal.h"
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	134
				135
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	136	BSSL_NAMESPACE_BEGIN
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	137
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	138	CERT::CERT(const SSL_X509_METHOD *x509_method_arg)
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	139	: x509_method(x509_method_arg) {}
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	140
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	141	CERT::~CERT() {
				142	ssl_cert_clear_certs(this);
				143	x509_method->cert_free(this);
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	144	}
				145
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	146	static CRYPTO_BUFFER buffer_up_ref(CRYPTO_BUFFER buffer) {
				147	CRYPTO_BUFFER_up_ref(buffer);
				148	return buffer;
				149	}
				150
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	151	UniquePtr<CERT> ssl_cert_dup(CERT *cert) {
				152	UniquePtr<CERT> ret = MakeUnique<CERT>(cert->x509_method);
				153	if (!ret) {
				154	return nullptr;
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	155	}
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	156
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	157	if (cert->chain) {
				158	ret->chain.reset(sk_CRYPTO_BUFFER_deep_copy(
				159	cert->chain.get(), buffer_up_ref, CRYPTO_BUFFER_free));
				160	if (!ret->chain) {
				161	return nullptr;
				162	}
				163	}
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	164
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	165	ret->privatekey = UpRef(cert->privatekey);
David Benjamin	4969cc9	2016-04-22 15:02:23 -0400	[diff] [blame]	166	ret->key_method = cert->key_method;
				167
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	168	if (!ret->sigalgs.CopyFrom(cert->sigalgs)) {
				169	return nullptr;
David Benjamin	f0c4a6c	2016-08-11 13:26:41 -0400	[diff] [blame]	170	}
David Benjamin	f0c4a6c	2016-08-11 13:26:41 -0400	[diff] [blame]	171
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	172	ret->cert_cb = cert->cert_cb;
				173	ret->cert_cb_arg = cert->cert_cb_arg;
				174
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	175	ret->x509_method->cert_dup(ret.get(), cert);
David Benjamin	4969cc9	2016-04-22 15:02:23 -0400	[diff] [blame]	176
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	177	ret->signed_cert_timestamp_list = UpRef(cert->signed_cert_timestamp_list);
				178	ret->ocsp_response = UpRef(cert->ocsp_response);
Robert Sloan	a94fe05	2017-02-21 08:49:28 -0800	[diff] [blame]	179
				180	ret->sid_ctx_length = cert->sid_ctx_length;
				181	OPENSSL_memcpy(ret->sid_ctx, cert->sid_ctx, sizeof(ret->sid_ctx));
				182
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	183	if (cert->dc) {
				184	ret->dc = cert->dc->Dup();
				185	if (!ret->dc) {
				186	return nullptr;
				187	}
				188	}
				189
				190	ret->dc_privatekey = UpRef(cert->dc_privatekey);
				191	ret->dc_key_method = cert->dc_key_method;
				192
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	193	return ret;
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	194	}
				195
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	196	// Free up and clear all certificates and chains
Kenny Root	b849459	2015-09-25 02:29:14 +0000	[diff] [blame]	197	void ssl_cert_clear_certs(CERT *cert) {
				198	if (cert == NULL) {
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	199	return;
				200	}
				201
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	202	cert->x509_method->cert_clear(cert);
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	203
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	204	cert->chain.reset();
				205	cert->privatekey.reset();
				206	cert->key_method = nullptr;
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	207
				208	cert->dc.reset();
				209	cert->dc_privatekey.reset();
				210	cert->dc_key_method = nullptr;
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	211	}
				212
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	213	static void ssl_cert_set_cert_cb(CERT cert, int (cb)(SSL ssl, void arg),
David Benjamin	1b24967	2016-12-06 18:25:50 -0500	[diff] [blame]	214	void *arg) {
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	215	cert->cert_cb = cb;
				216	cert->cert_cb_arg = arg;
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	217	}
				218
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	219	enum leaf_cert_and_privkey_result_t {
				220	leaf_cert_and_privkey_error,
				221	leaf_cert_and_privkey_ok,
				222	leaf_cert_and_privkey_mismatch,
				223	};
				224
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	225	// check_leaf_cert_and_privkey checks whether the certificate in \|leaf_buffer\|
				226	// and the private key in \|privkey\| are suitable and coherent. It returns
				227	// \|leaf_cert_and_privkey_error\| and pushes to the error queue if a problem is
				228	// found. If the certificate and private key are valid, but incoherent, it
				229	// returns \|leaf_cert_and_privkey_mismatch\|. Otherwise it returns
				230	// \|leaf_cert_and_privkey_ok\|.
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	231	static enum leaf_cert_and_privkey_result_t check_leaf_cert_and_privkey(
				232	CRYPTO_BUFFER leaf_buffer, EVP_PKEY privkey) {
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	233	CBS cert_cbs;
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	234	CRYPTO_BUFFER_init_CBS(leaf_buffer, &cert_cbs);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	235	UniquePtr<EVP_PKEY> pubkey = ssl_cert_parse_pubkey(&cert_cbs);
				236	if (!pubkey) {
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	237	OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	238	return leaf_cert_and_privkey_error;
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	239	}
				240
				241	if (!ssl_is_key_type_supported(pubkey->type)) {
				242	OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	243	return leaf_cert_and_privkey_error;
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	244	}
				245
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	246	// An ECC certificate may be usable for ECDH or ECDSA. We only support ECDSA
				247	// certificates, so sanity-check the key usage extension.
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	248	if (pubkey->type == EVP_PKEY_EC &&
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	249	!ssl_cert_check_key_usage(&cert_cbs, key_usage_digital_signature)) {
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	250	OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	251	return leaf_cert_and_privkey_error;
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	252	}
				253
				254	if (privkey != NULL &&
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	255	// Sanity-check that the private key and the certificate match.
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	256	!ssl_compare_public_and_private_key(pubkey.get(), privkey)) {
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	257	ERR_clear_error();
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	258	return leaf_cert_and_privkey_mismatch;
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	259	}
				260
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	261	return leaf_cert_and_privkey_ok;
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	262	}
				263
				264	static int cert_set_chain_and_key(
				265	CERT cert, CRYPTO_BUFFER const *certs, size_t num_certs,
				266	EVP_PKEY privkey, const SSL_PRIVATE_KEY_METHOD privkey_method) {
				267	if (num_certs == 0 \|\|
				268	(privkey == NULL && privkey_method == NULL)) {
				269	OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	270	return 0;
				271	}
				272
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	273	if (privkey != NULL && privkey_method != NULL) {
				274	OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_HAVE_BOTH_PRIVKEY_AND_METHOD);
				275	return 0;
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	276	}
				277
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	278	switch (check_leaf_cert_and_privkey(certs[0], privkey)) {
				279	case leaf_cert_and_privkey_error:
				280	return 0;
				281	case leaf_cert_and_privkey_mismatch:
				282	OPENSSL_PUT_ERROR(SSL, SSL_R_CERTIFICATE_AND_PRIVATE_KEY_MISMATCH);
				283	return 0;
				284	case leaf_cert_and_privkey_ok:
				285	break;
				286	}
				287
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	288	UniquePtr<STACK_OF(CRYPTO_BUFFER)> certs_sk(sk_CRYPTO_BUFFER_new_null());
				289	if (!certs_sk) {
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	290	return 0;
				291	}
				292
				293	for (size_t i = 0; i < num_certs; i++) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	294	if (!PushToStack(certs_sk.get(), UpRef(certs[i]))) {
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	295	return 0;
				296	}
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	297	}
				298
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	299	cert->privatekey = UpRef(privkey);
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	300	cert->key_method = privkey_method;
				301
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	302	cert->chain = std::move(certs_sk);
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	303	return 1;
				304	}
				305
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	306	bool ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer) {
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	307	switch (check_leaf_cert_and_privkey(buffer.get(), cert->privatekey.get())) {
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	308	case leaf_cert_and_privkey_error:
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	309	return false;
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	310	case leaf_cert_and_privkey_mismatch:
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	311	// don't fail for a cert/key mismatch, just free current private key
				312	// (when switching to a different cert & key, first this function should
				313	// be used, then \|ssl_set_pkey\|.
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	314	cert->privatekey.reset();
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	315	break;
				316	case leaf_cert_and_privkey_ok:
				317	break;
				318	}
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	319
				320	cert->x509_method->cert_flush_cached_leaf(cert);
				321
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	322	if (cert->chain != nullptr) {
				323	CRYPTO_BUFFER_free(sk_CRYPTO_BUFFER_value(cert->chain.get(), 0));
				324	sk_CRYPTO_BUFFER_set(cert->chain.get(), 0, buffer.release());
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	325	return true;
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	326	}
				327
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	328	cert->chain.reset(sk_CRYPTO_BUFFER_new_null());
				329	if (cert->chain == nullptr) {
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	330	return false;
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	331	}
				332
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	333	if (!PushToStack(cert->chain.get(), std::move(buffer))) {
				334	cert->chain.reset();
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	335	return false;
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	336	}
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	337
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	338	return true;
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	339	}
				340
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	341	bool ssl_has_certificate(const SSL_HANDSHAKE *hs) {
				342	return hs->config->cert->chain != nullptr &&
				343	sk_CRYPTO_BUFFER_value(hs->config->cert->chain.get(), 0) != nullptr &&
				344	ssl_has_private_key(hs);
Steven Valdez	909b19f	2016-11-21 15:35:44 -0500	[diff] [blame]	345	}
				346
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	347	bool ssl_parse_cert_chain(uint8_t *out_alert,
				348	UniquePtr<STACK_OF(CRYPTO_BUFFER)> *out_chain,
				349	UniquePtr<EVP_PKEY> *out_pubkey,
				350	uint8_t out_leaf_sha256, CBS cbs,
				351	CRYPTO_BUFFER_POOL *pool) {
				352	out_chain->reset();
				353	out_pubkey->reset();
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	354
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	355	CBS certificate_list;
				356	if (!CBS_get_u24_length_prefixed(cbs, &certificate_list)) {
				357	*out_alert = SSL_AD_DECODE_ERROR;
				358	OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	359	return false;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	360	}
				361
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	362	if (CBS_len(&certificate_list) == 0) {
				363	return true;
				364	}
				365
				366	UniquePtr<STACK_OF(CRYPTO_BUFFER)> chain(sk_CRYPTO_BUFFER_new_null());
				367	if (!chain) {
				368	*out_alert = SSL_AD_INTERNAL_ERROR;
				369	OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
				370	return false;
				371	}
				372
				373	UniquePtr<EVP_PKEY> pubkey;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	374	while (CBS_len(&certificate_list) > 0) {
				375	CBS certificate;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	376	if (!CBS_get_u24_length_prefixed(&certificate_list, &certificate) \|\|
				377	CBS_len(&certificate) == 0) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	378	*out_alert = SSL_AD_DECODE_ERROR;
				379	OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_LENGTH_MISMATCH);
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	380	return false;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	381	}
				382
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	383	if (sk_CRYPTO_BUFFER_num(chain.get()) == 0) {
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	384	pubkey = ssl_cert_parse_pubkey(&certificate);
				385	if (!pubkey) {
Robert Sloan	5d62578	2017-02-13 09:55:39 -0800	[diff] [blame]	386	*out_alert = SSL_AD_DECODE_ERROR;
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	387	return false;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	388	}
				389
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	390	// Retain the hash of the leaf certificate if requested.
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	391	if (out_leaf_sha256 != NULL) {
				392	SHA256(CBS_data(&certificate), CBS_len(&certificate), out_leaf_sha256);
				393	}
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	394	}
				395
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	396	UniquePtr<CRYPTO_BUFFER> buf(
				397	CRYPTO_BUFFER_new_from_CBS(&certificate, pool));
				398	if (!buf \|\|
				399	!PushToStack(chain.get(), std::move(buf))) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	400	*out_alert = SSL_AD_INTERNAL_ERROR;
				401	OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	402	return false;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	403	}
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	404	}
				405
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	406	*out_chain = std::move(chain);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	407	*out_pubkey = std::move(pubkey);
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	408	return true;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	409	}
				410
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	411	bool ssl_add_cert_chain(SSL_HANDSHAKE hs, CBB cbb) {
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	412	if (!ssl_has_certificate(hs)) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	413	return CBB_add_u24(cbb, 0);
				414	}
				415
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	416	CBB certs;
				417	if (!CBB_add_u24_length_prefixed(cbb, &certs)) {
Robert Sloan	a12bf46	2017-07-17 07:08:26 -0700	[diff] [blame]	418	OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	419	return false;
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	420	}
				421
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	422	STACK_OF(CRYPTO_BUFFER) *chain = hs->config->cert->chain.get();
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	423	for (size_t i = 0; i < sk_CRYPTO_BUFFER_num(chain); i++) {
				424	CRYPTO_BUFFER *buffer = sk_CRYPTO_BUFFER_value(chain, i);
				425	CBB child;
				426	if (!CBB_add_u24_length_prefixed(&certs, &child) \|\|
				427	!CBB_add_bytes(&child, CRYPTO_BUFFER_data(buffer),
				428	CRYPTO_BUFFER_len(buffer)) \|\|
				429	!CBB_flush(&certs)) {
Robert Sloan	a12bf46	2017-07-17 07:08:26 -0700	[diff] [blame]	430	OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	431	return false;
Adam Langley	d9e397b	2015-01-22 14:27:53 -0800	[diff] [blame]	432	}
				433	}
				434
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	435	return CBB_flush(cbb);
				436	}
				437
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	438	// ssl_cert_skip_to_spki parses a DER-encoded, X.509 certificate from \|in\| and
				439	// positions \|*out_tbs_cert\| to cover the TBSCertificate, starting at the
				440	// subjectPublicKeyInfo.
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	441	static bool ssl_cert_skip_to_spki(const CBS in, CBS out_tbs_cert) {
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	442	/* From RFC 5280, section 4.1
				443	* Certificate ::= SEQUENCE {
				444	* tbsCertificate TBSCertificate,
				445	* signatureAlgorithm AlgorithmIdentifier,
				446	* signatureValue BIT STRING }
				447
				448	* TBSCertificate ::= SEQUENCE {
				449	* version [0] EXPLICIT Version DEFAULT v1,
				450	* serialNumber CertificateSerialNumber,
				451	* signature AlgorithmIdentifier,
				452	* issuer Name,
				453	* validity Validity,
				454	* subject Name,
				455	* subjectPublicKeyInfo SubjectPublicKeyInfo,
				456	* ... } */
				457	CBS buf = *in;
				458
				459	CBS toplevel;
				460	if (!CBS_get_asn1(&buf, &toplevel, CBS_ASN1_SEQUENCE) \|\|
				461	CBS_len(&buf) != 0 \|\|
				462	!CBS_get_asn1(&toplevel, out_tbs_cert, CBS_ASN1_SEQUENCE) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	463	// version
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	464	!CBS_get_optional_asn1(
				465	out_tbs_cert, NULL, NULL,
				466	CBS_ASN1_CONSTRUCTED \| CBS_ASN1_CONTEXT_SPECIFIC \| 0) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	467	// serialNumber
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	468	!CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_INTEGER) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	469	// signature algorithm
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	470	!CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	471	// issuer
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	472	!CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	473	// validity
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	474	!CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	475	// subject
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	476	!CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE)) {
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	477	return false;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	478	}
				479
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	480	return true;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	481	}
				482
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	483	UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in) {
David Benjamin	f31229b	2017-01-25 14:08:15 -0500	[diff] [blame]	484	CBS buf = *in, tbs_cert;
				485	if (!ssl_cert_skip_to_spki(&buf, &tbs_cert)) {
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	486	OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	487	return nullptr;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	488	}
				489
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	490	return UniquePtr<EVP_PKEY>(EVP_parse_public_key(&tbs_cert));
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	491	}
				492
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	493	bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
				494	const EVP_PKEY *privkey) {
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	495	if (EVP_PKEY_is_opaque(privkey)) {
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	496	// We cannot check an opaque private key and have to trust that it
				497	// matches.
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	498	return true;
Robert Sloan	1c9db53	2017-03-13 08:03:59 -0700	[diff] [blame]	499	}
				500
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	501	switch (EVP_PKEY_cmp(pubkey, privkey)) {
				502	case 1:
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	503	return true;
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	504	case 0:
				505	OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	506	return false;
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	507	case -1:
				508	OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	509	return false;
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	510	case -2:
				511	OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	512	return false;
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	513	}
				514
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	515	assert(0);
				516	return false;
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	517	}
				518
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	519	bool ssl_cert_check_private_key(const CERT cert, const EVP_PKEY privkey) {
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	520	if (privkey == nullptr) {
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	521	OPENSSL_PUT_ERROR(SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	522	return false;
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	523	}
				524
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	525	if (cert->chain == nullptr \|\|
				526	sk_CRYPTO_BUFFER_value(cert->chain.get(), 0) == nullptr) {
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	527	OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	528	return false;
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	529	}
				530
				531	CBS cert_cbs;
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	532	CRYPTO_BUFFER_init_CBS(sk_CRYPTO_BUFFER_value(cert->chain.get(), 0),
				533	&cert_cbs);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	534	UniquePtr<EVP_PKEY> pubkey = ssl_cert_parse_pubkey(&cert_cbs);
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	535	if (!pubkey) {
				536	OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	537	return false;
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	538	}
				539
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	540	return ssl_compare_public_and_private_key(pubkey.get(), privkey);
Robert Sloan	4d1ac50	2017-02-06 08:36:14 -0800	[diff] [blame]	541	}
				542
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	543	bool ssl_cert_check_key_usage(const CBS *in, enum ssl_key_usage_t bit) {
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	544	CBS buf = *in;
				545
				546	CBS tbs_cert, outer_extensions;
				547	int has_extensions;
				548	if (!ssl_cert_skip_to_spki(&buf, &tbs_cert) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	549	// subjectPublicKeyInfo
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	550	!CBS_get_asn1(&tbs_cert, NULL, CBS_ASN1_SEQUENCE) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	551	// issuerUniqueID
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	552	!CBS_get_optional_asn1(
				553	&tbs_cert, NULL, NULL,
				554	CBS_ASN1_CONSTRUCTED \| CBS_ASN1_CONTEXT_SPECIFIC \| 1) \|\|
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	555	// subjectUniqueID
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	556	!CBS_get_optional_asn1(
				557	&tbs_cert, NULL, NULL,
				558	CBS_ASN1_CONSTRUCTED \| CBS_ASN1_CONTEXT_SPECIFIC \| 2) \|\|
				559	!CBS_get_optional_asn1(
				560	&tbs_cert, &outer_extensions, &has_extensions,
				561	CBS_ASN1_CONSTRUCTED \| CBS_ASN1_CONTEXT_SPECIFIC \| 3)) {
Robert Sloan	921ef2c	2017-10-17 09:02:20 -0700	[diff] [blame]	562	OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	563	return false;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	564	}
				565
				566	if (!has_extensions) {
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	567	return true;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	568	}
				569
				570	CBS extensions;
				571	if (!CBS_get_asn1(&outer_extensions, &extensions, CBS_ASN1_SEQUENCE)) {
Robert Sloan	921ef2c	2017-10-17 09:02:20 -0700	[diff] [blame]	572	OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	573	return false;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	574	}
				575
				576	while (CBS_len(&extensions) > 0) {
				577	CBS extension, oid, contents;
				578	if (!CBS_get_asn1(&extensions, &extension, CBS_ASN1_SEQUENCE) \|\|
				579	!CBS_get_asn1(&extension, &oid, CBS_ASN1_OBJECT) \|\|
				580	(CBS_peek_asn1_tag(&extension, CBS_ASN1_BOOLEAN) &&
				581	!CBS_get_asn1(&extension, NULL, CBS_ASN1_BOOLEAN)) \|\|
				582	!CBS_get_asn1(&extension, &contents, CBS_ASN1_OCTETSTRING) \|\|
				583	CBS_len(&extension) != 0) {
Robert Sloan	921ef2c	2017-10-17 09:02:20 -0700	[diff] [blame]	584	OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	585	return false;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	586	}
				587
				588	static const uint8_t kKeyUsageOID[3] = {0x55, 0x1d, 0x0f};
				589	if (CBS_len(&oid) != sizeof(kKeyUsageOID) \|\|
Robert Sloan	69939df	2017-01-09 10:53:07 -0800	[diff] [blame]	590	OPENSSL_memcmp(CBS_data(&oid), kKeyUsageOID, sizeof(kKeyUsageOID)) !=
				591	0) {
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	592	continue;
				593	}
				594
				595	CBS bit_string;
				596	if (!CBS_get_asn1(&contents, &bit_string, CBS_ASN1_BITSTRING) \|\|
				597	CBS_len(&contents) != 0) {
Robert Sloan	921ef2c	2017-10-17 09:02:20 -0700	[diff] [blame]	598	OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	599	return false;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	600	}
				601
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	602	// This is the KeyUsage extension. See
				603	// https://tools.ietf.org/html/rfc5280#section-4.2.1.3
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	604	if (!CBS_is_valid_asn1_bitstring(&bit_string)) {
Robert Sloan	921ef2c	2017-10-17 09:02:20 -0700	[diff] [blame]	605	OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	606	return false;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	607	}
				608
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	609	if (!CBS_asn1_bitstring_has_bit(&bit_string, bit)) {
				610	OPENSSL_PUT_ERROR(SSL, SSL_R_KEY_USAGE_BIT_INCORRECT);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	611	return false;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	612	}
				613
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	614	return true;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	615	}
				616
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	617	// No KeyUsage extension found.
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	618	return true;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	619	}
				620
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	621	UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
				622	uint8_t *out_alert,
				623	CBS *cbs) {
Robert Sloan	7d422bc	2017-03-06 10:04:29 -0800	[diff] [blame]	624	CRYPTO_BUFFER_POOL *const pool = ssl->ctx->pool;
				625
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	626	UniquePtr<STACK_OF(CRYPTO_BUFFER)> ret(sk_CRYPTO_BUFFER_new_null());
				627	if (!ret) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	628	*out_alert = SSL_AD_INTERNAL_ERROR;
				629	OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	630	return nullptr;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	631	}
				632
				633	CBS child;
				634	if (!CBS_get_u16_length_prefixed(cbs, &child)) {
				635	*out_alert = SSL_AD_DECODE_ERROR;
				636	OPENSSL_PUT_ERROR(SSL, SSL_R_LENGTH_MISMATCH);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	637	return nullptr;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	638	}
				639
				640	while (CBS_len(&child) > 0) {
				641	CBS distinguished_name;
				642	if (!CBS_get_u16_length_prefixed(&child, &distinguished_name)) {
				643	*out_alert = SSL_AD_DECODE_ERROR;
				644	OPENSSL_PUT_ERROR(SSL, SSL_R_CA_DN_TOO_LONG);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	645	return nullptr;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	646	}
				647
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	648	UniquePtr<CRYPTO_BUFFER> buffer(
				649	CRYPTO_BUFFER_new_from_CBS(&distinguished_name, pool));
				650	if (!buffer \|\|
				651	!PushToStack(ret.get(), std::move(buffer))) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	652	*out_alert = SSL_AD_INTERNAL_ERROR;
				653	OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	654	return nullptr;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	655	}
Robert Sloan	7d422bc	2017-03-06 10:04:29 -0800	[diff] [blame]	656	}
				657
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	658	if (!ssl->ctx->x509_method->check_client_CA_list(ret.get())) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	659	*out_alert = SSL_AD_DECODE_ERROR;
Robert Sloan	7d422bc	2017-03-06 10:04:29 -0800	[diff] [blame]	660	OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	661	return nullptr;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	662	}
				663
				664	return ret;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	665	}
				666
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	667	bool ssl_has_client_CAs(const SSL_CONFIG *cfg) {
				668	const STACK_OF(CRYPTO_BUFFER) *names = cfg->client_CA.get();
				669	if (names == nullptr) {
				670	names = cfg->ssl->ctx->client_CA.get();
Robert Sloan	b1b54b8	2017-11-06 13:50:02 -0800	[diff] [blame]	671	}
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	672	if (names == nullptr) {
Robert Sloan	b1b54b8	2017-11-06 13:50:02 -0800	[diff] [blame]	673	return false;
				674	}
				675	return sk_CRYPTO_BUFFER_num(names) > 0;
				676	}
				677
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	678	bool ssl_add_client_CA_list(SSL_HANDSHAKE hs, CBB cbb) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	679	CBB child, name_cbb;
				680	if (!CBB_add_u16_length_prefixed(cbb, &child)) {
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	681	return false;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	682	}
				683
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	684	const STACK_OF(CRYPTO_BUFFER) *names = hs->config->client_CA.get();
Robert Sloan	7d422bc	2017-03-06 10:04:29 -0800	[diff] [blame]	685	if (names == NULL) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	686	names = hs->ssl->ctx->client_CA.get();
Robert Sloan	7d422bc	2017-03-06 10:04:29 -0800	[diff] [blame]	687	}
				688	if (names == NULL) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	689	return CBB_flush(cbb);
				690	}
				691
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	692	for (const CRYPTO_BUFFER *name : names) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	693	if (!CBB_add_u16_length_prefixed(&child, &name_cbb) \|\|
Robert Sloan	7d422bc	2017-03-06 10:04:29 -0800	[diff] [blame]	694	!CBB_add_bytes(&name_cbb, CRYPTO_BUFFER_data(name),
				695	CRYPTO_BUFFER_len(name))) {
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	696	return false;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	697	}
				698	}
				699
				700	return CBB_flush(cbb);
				701	}
				702
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	703	bool ssl_check_leaf_certificate(SSL_HANDSHAKE hs, EVP_PKEY pkey,
				704	const CRYPTO_BUFFER *leaf) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	705	assert(ssl_protocol_version(hs->ssl) < TLS1_3_VERSION);
David Benjamin	95add82	2016-10-19 01:09:12 -0400	[diff] [blame]	706
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	707	// Check the certificate's type matches the cipher.
Robert Sloan	572a4e2	2017-04-17 10:52:19 -0700	[diff] [blame]	708	if (!(hs->new_cipher->algorithm_auth & ssl_cipher_auth_mask_for_key(pkey))) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	709	OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CERTIFICATE_TYPE);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	710	return false;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	711	}
				712
Robert Sloan	572a4e2	2017-04-17 10:52:19 -0700	[diff] [blame]	713	if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	714	// Check the key's group and point format are acceptable.
Robert Sloan	572a4e2	2017-04-17 10:52:19 -0700	[diff] [blame]	715	EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(pkey);
David Benjamin	95add82	2016-10-19 01:09:12 -0400	[diff] [blame]	716	uint16_t group_id;
				717	if (!ssl_nid_to_group_id(
				718	&group_id, EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key))) \|\|
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	719	!tls1_check_group_id(hs, group_id) \|\|
David Benjamin	95add82	2016-10-19 01:09:12 -0400	[diff] [blame]	720	EC_KEY_get_conv_form(ec_key) != POINT_CONVERSION_UNCOMPRESSED) {
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	721	OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_ECC_CERT);
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	722	return false;
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	723	}
				724	}
				725
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	726	return true;
Steven Valdez	e7531f0	2016-12-14 13:29:57 -0500	[diff] [blame]	727	}
David Benjamin	c895d6b	2016-08-11 13:26:41 -0400	[diff] [blame]	728
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	729	bool ssl_on_certificate_selected(SSL_HANDSHAKE *hs) {
Robert Sloan	572a4e2	2017-04-17 10:52:19 -0700	[diff] [blame]	730	SSL *const ssl = hs->ssl;
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	731	if (!ssl_has_certificate(hs)) {
Robert Sloan	a27a6a4	2017-09-05 08:39:28 -0700	[diff] [blame]	732	// Nothing to do.
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	733	return true;
Robert Sloan	572a4e2	2017-04-17 10:52:19 -0700	[diff] [blame]	734	}
				735
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	736	if (!ssl->ctx->x509_method->ssl_auto_chain_if_needed(hs)) {
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	737	return false;
Robert Sloan	572a4e2	2017-04-17 10:52:19 -0700	[diff] [blame]	738	}
				739
				740	CBS leaf;
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	741	CRYPTO_BUFFER_init_CBS(
				742	sk_CRYPTO_BUFFER_value(hs->config->cert->chain.get(), 0), &leaf);
Robert Sloan	572a4e2	2017-04-17 10:52:19 -0700	[diff] [blame]	743
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	744	if (ssl_signing_with_dc(hs)) {
				745	hs->local_pubkey = UpRef(hs->config->cert->dc->pkey);
				746	} else {
				747	hs->local_pubkey = ssl_cert_parse_pubkey(&leaf);
				748	}
Robert Sloan	572a4e2	2017-04-17 10:52:19 -0700	[diff] [blame]	749	return hs->local_pubkey != NULL;
				750	}
				751
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	752
				753	// Delegated credentials.
				754
				755	DC::DC() = default;
				756	DC::~DC() = default;
				757
				758	UniquePtr<DC> DC::Dup() {
				759	bssl::UniquePtr<DC> ret = MakeUnique<DC>();
				760	if (!ret) {
				761	return nullptr;
				762	}
				763
				764	ret->raw = UpRef(raw);
				765	ret->expected_cert_verify_algorithm = expected_cert_verify_algorithm;
				766	ret->pkey = UpRef(pkey);
				767	return ret;
				768	}
				769
				770	// static
				771	UniquePtr<DC> DC::Parse(CRYPTO_BUFFER in, uint8_t out_alert) {
				772	UniquePtr<DC> dc = MakeUnique<DC>();
				773	if (!dc) {
				774	*out_alert = SSL_AD_INTERNAL_ERROR;
				775	return nullptr;
				776	}
				777
				778	dc->raw = UpRef(in);
				779
				780	CBS pubkey, deleg, sig;
				781	uint32_t valid_time;
				782	uint16_t algorithm;
				783	CRYPTO_BUFFER_init_CBS(dc->raw.get(), &deleg);
				784	if (!CBS_get_u32(&deleg, &valid_time) \|\|
				785	!CBS_get_u16(&deleg, &dc->expected_cert_verify_algorithm) \|\|
				786	!CBS_get_u24_length_prefixed(&deleg, &pubkey) \|\|
				787	!CBS_get_u16(&deleg, &algorithm) \|\|
				788	!CBS_get_u16_length_prefixed(&deleg, &sig) \|\|
				789	CBS_len(&deleg) != 0) {
				790	OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
				791	*out_alert = SSL_AD_DECODE_ERROR;
				792	return nullptr;
				793	}
				794
				795	dc->pkey.reset(EVP_parse_public_key(&pubkey));
				796	if (dc->pkey == nullptr) {
				797	OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
				798	*out_alert = SSL_AD_DECODE_ERROR;
				799	return nullptr;
				800	}
				801
				802	return dc;
				803	}
				804
				805	// ssl_can_serve_dc returns true if the host has configured a DC that it can
				806	// serve in the handshake. Specifically, it checks that a DC has been
Robert Sloan	8967815	2019-03-12 14:24:00 -0700	[diff] [blame]	807	// configured and that the DC signature algorithm is supported by the peer.
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	808	static bool ssl_can_serve_dc(const SSL_HANDSHAKE *hs) {
				809	// Check that a DC has been configured.
				810	const CERT *cert = hs->config->cert.get();
				811	if (cert->dc == nullptr \|\|
				812	cert->dc->raw == nullptr \|\|
				813	(cert->dc_privatekey == nullptr && cert->dc_key_method == nullptr)) {
				814	return false;
				815	}
				816
				817	// Check that 1.3 or higher has been negotiated.
				818	const DC *dc = cert->dc.get();
				819	assert(hs->ssl->s3->have_version);
				820	if (ssl_protocol_version(hs->ssl) < TLS1_3_VERSION) {
				821	return false;
				822	}
				823
				824	// Check that the DC signature algorithm is supported by the peer.
				825	Span<const uint16_t> peer_sigalgs = tls1_get_peer_verify_algorithms(hs);
				826	bool sigalg_found = false;
				827	for (uint16_t peer_sigalg : peer_sigalgs) {
				828	if (dc->expected_cert_verify_algorithm == peer_sigalg) {
				829	sigalg_found = true;
				830	break;
				831	}
				832	}
				833
				834	return sigalg_found;
				835	}
				836
				837	bool ssl_signing_with_dc(const SSL_HANDSHAKE *hs) {
				838	// As of draft-ietf-tls-subcert-03, only the server may use delegated
				839	// credentials to authenticate itself.
				840	return hs->ssl->server &&
				841	hs->delegated_credential_requested &&
				842	ssl_can_serve_dc(hs);
				843	}
				844
				845	static int cert_set_dc(CERT cert, CRYPTO_BUFFER const raw, EVP_PKEY *privkey,
				846	const SSL_PRIVATE_KEY_METHOD *key_method) {
				847	if (privkey == nullptr && key_method == nullptr) {
				848	OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);
				849	return 0;
				850	}
				851
				852	if (privkey != nullptr && key_method != nullptr) {
				853	OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_HAVE_BOTH_PRIVKEY_AND_METHOD);
				854	return 0;
				855	}
				856
				857	uint8_t alert;
				858	UniquePtr<DC> dc = DC::Parse(raw, &alert);
				859	if (dc == nullptr) {
				860	OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_DELEGATED_CREDENTIAL);
				861	return 0;
				862	}
				863
				864	if (privkey) {
				865	// Check that the public and private keys match.
				866	if (!ssl_compare_public_and_private_key(dc->pkey.get(), privkey)) {
				867	OPENSSL_PUT_ERROR(SSL, SSL_R_CERTIFICATE_AND_PRIVATE_KEY_MISMATCH);
				868	return 0;
				869	}
				870	}
				871
				872	cert->dc = std::move(dc);
				873	cert->dc_privatekey = UpRef(privkey);
				874	cert->dc_key_method = key_method;
				875
				876	return 1;
				877	}
				878
Robert Sloan	726e9d1	2018-09-11 11:45:04 -0700	[diff] [blame]	879	BSSL_NAMESPACE_END
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	880
				881	using namespace bssl;
				882
				883	int SSL_set_chain_and_key(SSL ssl, CRYPTO_BUFFER const *certs,
				884	size_t num_certs, EVP_PKEY *privkey,
				885	const SSL_PRIVATE_KEY_METHOD *privkey_method) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	886	if (!ssl->config) {
				887	return 0;
				888	}
				889	return cert_set_chain_and_key(ssl->config->cert.get(), certs, num_certs,
				890	privkey, privkey_method);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	891	}
				892
				893	int SSL_CTX_set_chain_and_key(SSL_CTX ctx, CRYPTO_BUFFER const *certs,
				894	size_t num_certs, EVP_PKEY *privkey,
				895	const SSL_PRIVATE_KEY_METHOD *privkey_method) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	896	return cert_set_chain_and_key(ctx->cert.get(), certs, num_certs, privkey,
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	897	privkey_method);
				898	}
				899
				900	int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, size_t der_len,
				901	const uint8_t *der) {
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	902	UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(der, der_len, NULL));
				903	if (!buffer) {
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	904	return 0;
				905	}
				906
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	907	return ssl_set_cert(ctx->cert.get(), std::move(buffer));
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	908	}
				909
				910	int SSL_use_certificate_ASN1(SSL ssl, const uint8_t der, size_t der_len) {
Robert Sloan	fe7cd21	2017-08-07 09:03:39 -0700	[diff] [blame]	911	UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(der, der_len, NULL));
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	912	if (!buffer \|\| !ssl->config) {
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	913	return 0;
				914	}
				915
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	916	return ssl_set_cert(ssl->config->cert.get(), std::move(buffer));
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	917	}
				918
				919	void SSL_CTX_set_cert_cb(SSL_CTX ctx, int (cb)(SSL ssl, void arg),
				920	void *arg) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	921	ssl_cert_set_cert_cb(ctx->cert.get(), cb, arg);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	922	}
				923
				924	void SSL_set_cert_cb(SSL ssl, int (cb)(SSL ssl, void arg), void *arg) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	925	if (!ssl->config) {
				926	return;
				927	}
				928	ssl_cert_set_cert_cb(ssl->config->cert.get(), cb, arg);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	929	}
				930
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	931	const STACK_OF(CRYPTO_BUFFER) SSL_get0_peer_certificates(const SSL ssl) {
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	932	SSL_SESSION *session = SSL_get_session(ssl);
				933	if (session == NULL) {
				934	return NULL;
				935	}
				936
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	937	return session->certs.get();
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	938	}
				939
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	940	const STACK_OF(CRYPTO_BUFFER) SSL_get0_server_requested_CAs(const SSL ssl) {
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	941	if (ssl->s3->hs == NULL) {
				942	return NULL;
				943	}
				944	return ssl->s3->hs->ca_names.get();
				945	}
				946
Robert Sloan	a94fe05	2017-02-21 08:49:28 -0800	[diff] [blame]	947	static int set_signed_cert_timestamp_list(CERT cert, const uint8_t list,
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	948	size_t list_len) {
Robert Sloan	a94fe05	2017-02-21 08:49:28 -0800	[diff] [blame]	949	CBS sct_list;
				950	CBS_init(&sct_list, list, list_len);
				951	if (!ssl_is_sct_list_valid(&sct_list)) {
				952	OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SCT_LIST);
				953	return 0;
				954	}
				955
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	956	cert->signed_cert_timestamp_list.reset(
				957	CRYPTO_BUFFER_new(CBS_data(&sct_list), CBS_len(&sct_list), nullptr));
				958	return cert->signed_cert_timestamp_list != nullptr;
Robert Sloan	a94fe05	2017-02-21 08:49:28 -0800	[diff] [blame]	959	}
				960
				961	int SSL_CTX_set_signed_cert_timestamp_list(SSL_CTX ctx, const uint8_t list,
				962	size_t list_len) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	963	return set_signed_cert_timestamp_list(ctx->cert.get(), list, list_len);
Robert Sloan	a94fe05	2017-02-21 08:49:28 -0800	[diff] [blame]	964	}
				965
				966	int SSL_set_signed_cert_timestamp_list(SSL ssl, const uint8_t list,
				967	size_t list_len) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	968	if (!ssl->config) {
				969	return 0;
				970	}
				971	return set_signed_cert_timestamp_list(ssl->config->cert.get(), list,
				972	list_len);
Robert Sloan	a94fe05	2017-02-21 08:49:28 -0800	[diff] [blame]	973	}
				974
				975	int SSL_CTX_set_ocsp_response(SSL_CTX ctx, const uint8_t response,
				976	size_t response_len) {
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	977	ctx->cert->ocsp_response.reset(
				978	CRYPTO_BUFFER_new(response, response_len, nullptr));
				979	return ctx->cert->ocsp_response != nullptr;
Robert Sloan	a94fe05	2017-02-21 08:49:28 -0800	[diff] [blame]	980	}
				981
				982	int SSL_set_ocsp_response(SSL ssl, const uint8_t response,
				983	size_t response_len) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	984	if (!ssl->config) {
				985	return 0;
				986	}
				987	ssl->config->cert->ocsp_response.reset(
Robert Sloan	5cbb5c8	2018-04-24 11:35:46 -0700	[diff] [blame]	988	CRYPTO_BUFFER_new(response, response_len, nullptr));
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	989	return ssl->config->cert->ocsp_response != nullptr;
Robert Sloan	a94fe05	2017-02-21 08:49:28 -0800	[diff] [blame]	990	}
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	991
				992	void SSL_CTX_set0_client_CAs(SSL_CTX ctx, STACK_OF(CRYPTO_BUFFER) name_list) {
				993	ctx->x509_method->ssl_ctx_flush_cached_client_CA(ctx);
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	994	ctx->client_CA.reset(name_list);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	995	}
				996
				997	void SSL_set0_client_CAs(SSL ssl, STACK_OF(CRYPTO_BUFFER) name_list) {
Adam Vartanian	bfcf3a7	2018-08-10 14:55:24 +0100	[diff] [blame]	998	if (!ssl->config) {
				999	return;
				1000	}
				1001	ssl->ctx->x509_method->ssl_flush_cached_client_CA(ssl->config.get());
				1002	ssl->config->client_CA.reset(name_list);
Robert Sloan	b6d070c	2017-07-24 08:40:01 -0700	[diff] [blame]	1003	}
Robert Sloan	4c22c5f	2019-03-01 15:53:37 -0800	[diff] [blame]	1004
				1005	int SSL_set1_delegated_credential(SSL ssl, CRYPTO_BUFFER dc, EVP_PKEY *pkey,
				1006	const SSL_PRIVATE_KEY_METHOD *key_method) {
				1007	if (!ssl->config) {
				1008	return 0;
				1009	}
				1010
				1011	return cert_set_dc(ssl->config->cert.get(), dc, pkey, key_method);
				1012	}