Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

s_cb.c@ 331

Last change on this file since 331 was 331, checked in by coas-nagasima, 6 years ago
prototoolに関連するプロジェクトをnewlibからmuslを使うよう変更・更新 ntshellをnewlibの下位の実装から、muslのsyscallの実装に変更・更新以下のOSSをアップデート・mruby-1.3.0 ・musl-1.1.18 ・onigmo-6.1.3 ・tcc-0.9.27 以下のOSSを追加・openssl-1.1.0e ・curl-7.57.0 ・zlib-1.2.11 以下のmrbgemsを追加・iij/mruby-digest ・iij/mruby-env ・iij/mruby-errno ・iij/mruby-iijson ・iij/mruby-ipaddr ・iij/mruby-mock ・iij/mruby-require ・iij/mruby-tls-openssl
Property svn:eol-style set to `native` Property svn:mime-type set to `text/x-csrc`
File size: 39.2 KB

Line
1	/*
2	* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the OpenSSL license (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	/* callback functions used by s_client, s_server, and s_time */
11	#include <stdio.h>
12	#include <stdlib.h>
13	#include <string.h> /* for memcpy() and strcmp() */
14	#define USE_SOCKETS
15	#include "apps.h"
16	#undef USE_SOCKETS
17	#include <openssl/err.h>
18	#include <openssl/rand.h>
19	#include <openssl/x509.h>
20	#include <openssl/ssl.h>
21	#include <openssl/bn.h>
22	#ifndef OPENSSL_NO_DH
23	# include <openssl/dh.h>
24	#endif
25	#include "s_apps.h"
26
27	#define COOKIE_SECRET_LENGTH 16
28
29	VERIFY_CB_ARGS verify_args = { 0, 0, X509_V_OK, 0 };
30
31	#ifndef OPENSSL_NO_SOCK
32	static unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
33	static int cookie_initialized = 0;
34	#endif
35
36	static const char lookup(int val, const STRINT_PAIR list, const char* def)
37	{
38	for ( ; list->name; ++list)
39	if (list->retval == val)
40	return list->name;
41	return def;
42	}
43
44	int verify_callback(int ok, X509_STORE_CTX *ctx)
45	{
46	X509 *err_cert;
47	int err, depth;
48
49	err_cert = X509_STORE_CTX_get_current_cert(ctx);
50	err = X509_STORE_CTX_get_error(ctx);
51	depth = X509_STORE_CTX_get_error_depth(ctx);
52
53	if (!verify_args.quiet \|\| !ok) {
54	BIO_printf(bio_err, "depth=%d ", depth);
55	if (err_cert) {
56	X509_NAME_print_ex(bio_err,
57	X509_get_subject_name(err_cert),
58	0, XN_FLAG_ONELINE);
59	BIO_puts(bio_err, "\n");
60	} else
61	BIO_puts(bio_err, "<no cert>\n");
62	}
63	if (!ok) {
64	BIO_printf(bio_err, "verify error:num=%d:%s\n", err,
65	X509_verify_cert_error_string(err));
66	if (verify_args.depth >= depth) {
67	if (!verify_args.return_error)
68	ok = 1;
69	verify_args.error = err;
70	} else {
71	ok = 0;
72	verify_args.error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
73	}
74	}
75	switch (err) {
76	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
77	BIO_puts(bio_err, "issuer= ");
78	X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
79	0, XN_FLAG_ONELINE);
80	BIO_puts(bio_err, "\n");
81	break;
82	case X509_V_ERR_CERT_NOT_YET_VALID:
83	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
84	BIO_printf(bio_err, "notBefore=");
85	ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert));
86	BIO_printf(bio_err, "\n");
87	break;
88	case X509_V_ERR_CERT_HAS_EXPIRED:
89	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
90	BIO_printf(bio_err, "notAfter=");
91	ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert));
92	BIO_printf(bio_err, "\n");
93	break;
94	case X509_V_ERR_NO_EXPLICIT_POLICY:
95	if (!verify_args.quiet)
96	policies_print(ctx);
97	break;
98	}
99	if (err == X509_V_OK && ok == 2 && !verify_args.quiet)
100	policies_print(ctx);
101	if (ok && !verify_args.quiet)
102	BIO_printf(bio_err, "verify return:%d\n", ok);
103	return (ok);
104	}
105
106	int set_cert_stuff(SSL_CTX ctx, char cert_file, char *key_file)
107	{
108	if (cert_file != NULL) {
109	if (SSL_CTX_use_certificate_file(ctx, cert_file,
110	SSL_FILETYPE_PEM) <= 0) {
111	BIO_printf(bio_err, "unable to get certificate from '%s'\n",
112	cert_file);
113	ERR_print_errors(bio_err);
114	return (0);
115	}
116	if (key_file == NULL)
117	key_file = cert_file;
118	if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0) {
119	BIO_printf(bio_err, "unable to get private key from '%s'\n",
120	key_file);
121	ERR_print_errors(bio_err);
122	return (0);
123	}
124
125	/*
126	* If we are using DSA, we can copy the parameters from the private
127	* key
128	*/
129
130	/*
131	* Now we know that a key and cert have been set against the SSL
132	* context
133	*/
134	if (!SSL_CTX_check_private_key(ctx)) {
135	BIO_printf(bio_err,
136	"Private key does not match the certificate public key\n");
137	return (0);
138	}
139	}
140	return (1);
141	}
142
143	int set_cert_key_stuff(SSL_CTX ctx, X509 cert, EVP_PKEY *key,
144	STACK_OF(X509) *chain, int build_chain)
145	{
146	int chflags = chain ? SSL_BUILD_CHAIN_FLAG_CHECK : 0;
147	if (cert == NULL)
148	return 1;
149	if (SSL_CTX_use_certificate(ctx, cert) <= 0) {
150	BIO_printf(bio_err, "error setting certificate\n");
151	ERR_print_errors(bio_err);
152	return 0;
153	}
154
155	if (SSL_CTX_use_PrivateKey(ctx, key) <= 0) {
156	BIO_printf(bio_err, "error setting private key\n");
157	ERR_print_errors(bio_err);
158	return 0;
159	}
160
161	/*
162	* Now we know that a key and cert have been set against the SSL context
163	*/
164	if (!SSL_CTX_check_private_key(ctx)) {
165	BIO_printf(bio_err,
166	"Private key does not match the certificate public key\n");
167	return 0;
168	}
169	if (chain && !SSL_CTX_set1_chain(ctx, chain)) {
170	BIO_printf(bio_err, "error setting certificate chain\n");
171	ERR_print_errors(bio_err);
172	return 0;
173	}
174	if (build_chain && !SSL_CTX_build_cert_chain(ctx, chflags)) {
175	BIO_printf(bio_err, "error building certificate chain\n");
176	ERR_print_errors(bio_err);
177	return 0;
178	}
179	return 1;
180	}
181
182	static STRINT_PAIR cert_type_list[] = {
183	{"RSA sign", TLS_CT_RSA_SIGN},
184	{"DSA sign", TLS_CT_DSS_SIGN},
185	{"RSA fixed DH", TLS_CT_RSA_FIXED_DH},
186	{"DSS fixed DH", TLS_CT_DSS_FIXED_DH},
187	{"ECDSA sign", TLS_CT_ECDSA_SIGN},
188	{"RSA fixed ECDH", TLS_CT_RSA_FIXED_ECDH},
189	{"ECDSA fixed ECDH", TLS_CT_ECDSA_FIXED_ECDH},
190	{"GOST01 Sign", TLS_CT_GOST01_SIGN},
191	{NULL}
192	};
193
194	static void ssl_print_client_cert_types(BIO bio, SSL s)
195	{
196	const unsigned char *p;
197	int i;
198	int cert_type_num = SSL_get0_certificate_types(s, &p);
199	if (!cert_type_num)
200	return;
201	BIO_puts(bio, "Client Certificate Types: ");
202	for (i = 0; i < cert_type_num; i++) {
203	unsigned char cert_type = p[i];
204	const char *cname = lookup((int)cert_type, cert_type_list, NULL);
205
206	if (i)
207	BIO_puts(bio, ", ");
208	if (cname)
209	BIO_puts(bio, cname);
210	else
211	BIO_printf(bio, "UNKNOWN (%d),", cert_type);
212	}
213	BIO_puts(bio, "\n");
214	}
215
216	static int do_print_sigalgs(BIO out, SSL s, int shared)
217	{
218	int i, nsig, client;
219	client = SSL_is_server(s) ? 0 : 1;
220	if (shared)
221	nsig = SSL_get_shared_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL);
222	else
223	nsig = SSL_get_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL);
224	if (nsig == 0)
225	return 1;
226
227	if (shared)
228	BIO_puts(out, "Shared ");
229
230	if (client)
231	BIO_puts(out, "Requested ");
232	BIO_puts(out, "Signature Algorithms: ");
233	for (i = 0; i < nsig; i++) {
234	int hash_nid, sign_nid;
235	unsigned char rhash, rsign;
236	const char *sstr = NULL;
237	if (shared)
238	SSL_get_shared_sigalgs(s, i, &sign_nid, &hash_nid, NULL,
239	&rsign, &rhash);
240	else
241	SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL, &rsign, &rhash);
242	if (i)
243	BIO_puts(out, ":");
244	if (sign_nid == EVP_PKEY_RSA)
245	sstr = "RSA";
246	else if (sign_nid == EVP_PKEY_DSA)
247	sstr = "DSA";
248	else if (sign_nid == EVP_PKEY_EC)
249	sstr = "ECDSA";
250	if (sstr)
251	BIO_printf(out, "%s+", sstr);
252	else
253	BIO_printf(out, "0x%02X+", (int)rsign);
254	if (hash_nid != NID_undef)
255	BIO_printf(out, "%s", OBJ_nid2sn(hash_nid));
256	else
257	BIO_printf(out, "0x%02X", (int)rhash);
258	}
259	BIO_puts(out, "\n");
260	return 1;
261	}
262
263	int ssl_print_sigalgs(BIO out, SSL s)
264	{
265	int mdnid;
266	if (!SSL_is_server(s))
267	ssl_print_client_cert_types(out, s);
268	do_print_sigalgs(out, s, 0);
269	do_print_sigalgs(out, s, 1);
270	if (SSL_get_peer_signature_nid(s, &mdnid))
271	BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid));
272	return 1;
273	}
274
275	#ifndef OPENSSL_NO_EC
276	int ssl_print_point_formats(BIO out, SSL s)
277	{
278	int i, nformats;
279	const char *pformats;
280	nformats = SSL_get0_ec_point_formats(s, &pformats);
281	if (nformats <= 0)
282	return 1;
283	BIO_puts(out, "Supported Elliptic Curve Point Formats: ");
284	for (i = 0; i < nformats; i++, pformats++) {
285	if (i)
286	BIO_puts(out, ":");
287	switch (*pformats) {
288	case TLSEXT_ECPOINTFORMAT_uncompressed:
289	BIO_puts(out, "uncompressed");
290	break;
291
292	case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime:
293	BIO_puts(out, "ansiX962_compressed_prime");
294	break;
295
296	case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2:
297	BIO_puts(out, "ansiX962_compressed_char2");
298	break;
299
300	default:
301	BIO_printf(out, "unknown(%d)", (int)*pformats);
302	break;
303
304	}
305	}
306	BIO_puts(out, "\n");
307	return 1;
308	}
309
310	int ssl_print_curves(BIO out, SSL s, int noshared)
311	{
312	int i, ncurves, *curves, nid;
313	const char *cname;
314
315	ncurves = SSL_get1_curves(s, NULL);
316	if (ncurves <= 0)
317	return 1;
318	curves = app_malloc(ncurves * sizeof(int), "curves to print");
319	SSL_get1_curves(s, curves);
320
321	BIO_puts(out, "Supported Elliptic Curves: ");
322	for (i = 0; i < ncurves; i++) {
323	if (i)
324	BIO_puts(out, ":");
325	nid = curves[i];
326	/* If unrecognised print out hex version */
327	if (nid & TLSEXT_nid_unknown)
328	BIO_printf(out, "0x%04X", nid & 0xFFFF);
329	else {
330	/* Use NIST name for curve if it exists */
331	cname = EC_curve_nid2nist(nid);
332	if (!cname)
333	cname = OBJ_nid2sn(nid);
334	BIO_printf(out, "%s", cname);
335	}
336	}
337	OPENSSL_free(curves);
338	if (noshared) {
339	BIO_puts(out, "\n");
340	return 1;
341	}
342	BIO_puts(out, "\nShared Elliptic curves: ");
343	ncurves = SSL_get_shared_curve(s, -1);
344	for (i = 0; i < ncurves; i++) {
345	if (i)
346	BIO_puts(out, ":");
347	nid = SSL_get_shared_curve(s, i);
348	cname = EC_curve_nid2nist(nid);
349	if (!cname)
350	cname = OBJ_nid2sn(nid);
351	BIO_printf(out, "%s", cname);
352	}
353	if (ncurves == 0)
354	BIO_puts(out, "NONE");
355	BIO_puts(out, "\n");
356	return 1;
357	}
358	#endif
359	int ssl_print_tmp_key(BIO out, SSL s)
360	{
361	EVP_PKEY *key;
362	if (!SSL_get_server_tmp_key(s, &key))
363	return 1;
364	BIO_puts(out, "Server Temp Key: ");
365	switch (EVP_PKEY_id(key)) {
366	case EVP_PKEY_RSA:
367	BIO_printf(out, "RSA, %d bits\n", EVP_PKEY_bits(key));
368	break;
369
370	case EVP_PKEY_DH:
371	BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key));
372	break;
373	#ifndef OPENSSL_NO_EC
374	case EVP_PKEY_EC:
375	{
376	EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
377	int nid;
378	const char *cname;
379	nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
380	EC_KEY_free(ec);
381	cname = EC_curve_nid2nist(nid);
382	if (!cname)
383	cname = OBJ_nid2sn(nid);
384	BIO_printf(out, "ECDH, %s, %d bits\n", cname, EVP_PKEY_bits(key));
385	}
386	break;
387	#endif
388	default:
389	BIO_printf(out, "%s, %d bits\n", OBJ_nid2sn(EVP_PKEY_id(key)),
390	EVP_PKEY_bits(key));
391	}
392	EVP_PKEY_free(key);
393	return 1;
394	}
395
396	long bio_dump_callback(BIO bio, int cmd, const char argp,
397	int argi, long argl, long ret)
398	{
399	BIO *out;
400
401	out = (BIO *)BIO_get_callback_arg(bio);
402	if (out == NULL)
403	return (ret);
404
405	if (cmd == (BIO_CB_READ \| BIO_CB_RETURN)) {
406	BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
407	(void )bio, (void )argp, (unsigned long)argi, ret, ret);
408	BIO_dump(out, argp, (int)ret);
409	return (ret);
410	} else if (cmd == (BIO_CB_WRITE \| BIO_CB_RETURN)) {
411	BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
412	(void )bio, (void )argp, (unsigned long)argi, ret, ret);
413	BIO_dump(out, argp, (int)ret);
414	}
415	return (ret);
416	}
417
418	void apps_ssl_info_callback(const SSL *s, int where, int ret)
419	{
420	const char *str;
421	int w;
422
423	w = where & ~SSL_ST_MASK;
424
425	if (w & SSL_ST_CONNECT)
426	str = "SSL_connect";
427	else if (w & SSL_ST_ACCEPT)
428	str = "SSL_accept";
429	else
430	str = "undefined";
431
432	if (where & SSL_CB_LOOP) {
433	BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
434	} else if (where & SSL_CB_ALERT) {
435	str = (where & SSL_CB_READ) ? "read" : "write";
436	BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n",
437	str,
438	SSL_alert_type_string_long(ret),
439	SSL_alert_desc_string_long(ret));
440	} else if (where & SSL_CB_EXIT) {
441	if (ret == 0)
442	BIO_printf(bio_err, "%s:failed in %s\n",
443	str, SSL_state_string_long(s));
444	else if (ret < 0) {
445	BIO_printf(bio_err, "%s:error in %s\n",
446	str, SSL_state_string_long(s));
447	}
448	}
449	}
450
451	static STRINT_PAIR ssl_versions[] = {
452	{"SSL 3.0", SSL3_VERSION},
453	{"TLS 1.0", TLS1_VERSION},
454	{"TLS 1.1", TLS1_1_VERSION},
455	{"TLS 1.2", TLS1_2_VERSION},
456	{"DTLS 1.0", DTLS1_VERSION},
457	{"DTLS 1.0 (bad)", DTLS1_BAD_VER},
458	{NULL}
459	};
460	static STRINT_PAIR alert_types[] = {
461	{" close_notify", 0},
462	{" unexpected_message", 10},
463	{" bad_record_mac", 20},
464	{" decryption_failed", 21},
465	{" record_overflow", 22},
466	{" decompression_failure", 30},
467	{" handshake_failure", 40},
468	{" bad_certificate", 42},
469	{" unsupported_certificate", 43},
470	{" certificate_revoked", 44},
471	{" certificate_expired", 45},
472	{" certificate_unknown", 46},
473	{" illegal_parameter", 47},
474	{" unknown_ca", 48},
475	{" access_denied", 49},
476	{" decode_error", 50},
477	{" decrypt_error", 51},
478	{" export_restriction", 60},
479	{" protocol_version", 70},
480	{" insufficient_security", 71},
481	{" internal_error", 80},
482	{" user_canceled", 90},
483	{" no_renegotiation", 100},
484	{" unsupported_extension", 110},
485	{" certificate_unobtainable", 111},
486	{" unrecognized_name", 112},
487	{" bad_certificate_status_response", 113},
488	{" bad_certificate_hash_value", 114},
489	{" unknown_psk_identity", 115},
490	{NULL}
491	};
492
493	static STRINT_PAIR handshakes[] = {
494	{", HelloRequest", 0},
495	{", ClientHello", 1},
496	{", ServerHello", 2},
497	{", HelloVerifyRequest", 3},
498	{", NewSessionTicket", 4},
499	{", Certificate", 11},
500	{", ServerKeyExchange", 12},
501	{", CertificateRequest", 13},
502	{", ServerHelloDone", 14},
503	{", CertificateVerify", 15},
504	{", ClientKeyExchange", 16},
505	{", Finished", 20},
506	{", CertificateUrl", 21},
507	{", CertificateStatus", 22},
508	{", SupplementalData", 23},
509	{NULL}
510	};
511
512	void msg_cb(int write_p, int version, int content_type, const void *buf,
513	size_t len, SSL ssl, void arg)
514	{
515	BIO *bio = arg;
516	const char *str_write_p = write_p ? ">>>" : "<<<";
517	const char *str_version = lookup(version, ssl_versions, "???");
518	const char str_content_type = "", str_details1 = "", *str_details2 = "";
519	const unsigned char* bp = buf;
520
521	if (version == SSL3_VERSION \|\|
522	version == TLS1_VERSION \|\|
523	version == TLS1_1_VERSION \|\|
524	version == TLS1_2_VERSION \|\|
525	version == DTLS1_VERSION \|\| version == DTLS1_BAD_VER) {
526	switch (content_type) {
527	case 20:
528	str_content_type = "ChangeCipherSpec";
529	break;
530	case 21:
531	str_content_type = "Alert";
532	str_details1 = ", ???";
533	if (len == 2) {
534	switch (bp[0]) {
535	case 1:
536	str_details1 = ", warning";
537	break;
538	case 2:
539	str_details1 = ", fatal";
540	break;
541	}
542	str_details2 = lookup((int)bp[1], alert_types, " ???");
543	}
544	break;
545	case 22:
546	str_content_type = "Handshake";
547	str_details1 = "???";
548	if (len > 0)
549	str_details1 = lookup((int)bp[0], handshakes, "???");
550	break;
551	case 23:
552	str_content_type = "ApplicationData";
553	break;
554	#ifndef OPENSSL_NO_HEARTBEATS
555	case 24:
556	str_details1 = ", Heartbeat";
557
558	if (len > 0) {
559	switch (bp[0]) {
560	case 1:
561	str_details1 = ", HeartbeatRequest";
562	break;
563	case 2:
564	str_details1 = ", HeartbeatResponse";
565	break;
566	}
567	}
568	break;
569	#endif
570	}
571	}
572
573	BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version,
574	str_content_type, (unsigned long)len, str_details1,
575	str_details2);
576
577	if (len > 0) {
578	size_t num, i;
579
580	BIO_printf(bio, " ");
581	num = len;
582	for (i = 0; i < num; i++) {
583	if (i % 16 == 0 && i > 0)
584	BIO_printf(bio, "\n ");
585	BIO_printf(bio, " %02x", ((const unsigned char *)buf)[i]);
586	}
587	if (i < len)
588	BIO_printf(bio, " ...");
589	BIO_printf(bio, "\n");
590	}
591	(void)BIO_flush(bio);
592	}
593
594	static STRINT_PAIR tlsext_types[] = {
595	{"server name", TLSEXT_TYPE_server_name},
596	{"max fragment length", TLSEXT_TYPE_max_fragment_length},
597	{"client certificate URL", TLSEXT_TYPE_client_certificate_url},
598	{"trusted CA keys", TLSEXT_TYPE_trusted_ca_keys},
599	{"truncated HMAC", TLSEXT_TYPE_truncated_hmac},
600	{"status request", TLSEXT_TYPE_status_request},
601	{"user mapping", TLSEXT_TYPE_user_mapping},
602	{"client authz", TLSEXT_TYPE_client_authz},
603	{"server authz", TLSEXT_TYPE_server_authz},
604	{"cert type", TLSEXT_TYPE_cert_type},
605	{"elliptic curves", TLSEXT_TYPE_elliptic_curves},
606	{"EC point formats", TLSEXT_TYPE_ec_point_formats},
607	{"SRP", TLSEXT_TYPE_srp},
608	{"signature algorithms", TLSEXT_TYPE_signature_algorithms},
609	{"use SRTP", TLSEXT_TYPE_use_srtp},
610	{"heartbeat", TLSEXT_TYPE_heartbeat},
611	{"session ticket", TLSEXT_TYPE_session_ticket},
612	{"renegotiation info", TLSEXT_TYPE_renegotiate},
613	{"signed certificate timestamps", TLSEXT_TYPE_signed_certificate_timestamp},
614	{"TLS padding", TLSEXT_TYPE_padding},
615	#ifdef TLSEXT_TYPE_next_proto_neg
616	{"next protocol", TLSEXT_TYPE_next_proto_neg},
617	#endif
618	#ifdef TLSEXT_TYPE_encrypt_then_mac
619	{"encrypt-then-mac", TLSEXT_TYPE_encrypt_then_mac},
620	#endif
621	#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
622	{"application layer protocol negotiation",
623	TLSEXT_TYPE_application_layer_protocol_negotiation},
624	#endif
625	#ifdef TLSEXT_TYPE_extended_master_secret
626	{"extended master secret", TLSEXT_TYPE_extended_master_secret},
627	#endif
628	{NULL}
629	};
630
631	void tlsext_cb(SSL *s, int client_server, int type,
632	const unsigned char data, int len, void arg)
633	{
634	BIO *bio = arg;
635	const char *extname = lookup(type, tlsext_types, "unknown");
636
637	BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
638	client_server ? "server" : "client", extname, type, len);
639	BIO_dump(bio, (const char *)data, len);
640	(void)BIO_flush(bio);
641	}
642
643	#ifndef OPENSSL_NO_SOCK
644	int generate_cookie_callback(SSL ssl, unsigned char cookie,
645	unsigned int *cookie_len)
646	{
647	unsigned char *buffer;
648	size_t length;
649	unsigned short port;
650	BIO_ADDR *peer = NULL;
651
652	/* Initialize a random secret */
653	if (!cookie_initialized) {
654	if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) {
655	BIO_printf(bio_err, "error setting random cookie secret\n");
656	return 0;
657	}
658	cookie_initialized = 1;
659	}
660
661	peer = BIO_ADDR_new();
662	if (peer == NULL) {
663	BIO_printf(bio_err, "memory full\n");
664	return 0;
665	}
666
667	/* Read peer information */
668	(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), peer);
669
670	/* Create buffer with peer's address and port */
671	BIO_ADDR_rawaddress(peer, NULL, &length);
672	OPENSSL_assert(length != 0);
673	port = BIO_ADDR_rawport(peer);
674	length += sizeof(port);
675	buffer = app_malloc(length, "cookie generate buffer");
676
677	memcpy(buffer, &port, sizeof(port));
678	BIO_ADDR_rawaddress(peer, buffer + sizeof(port), NULL);
679
680	/* Calculate HMAC of buffer using the secret */
681	HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
682	buffer, length, cookie, cookie_len);
683
684	OPENSSL_free(buffer);
685	BIO_ADDR_free(peer);
686
687	return 1;
688	}
689
690	int verify_cookie_callback(SSL ssl, const unsigned char cookie,
691	unsigned int cookie_len)
692	{
693	unsigned char result[EVP_MAX_MD_SIZE];
694	unsigned int resultlength;
695
696	/* Note: we check cookie_initialized because if it's not,
697	* it cannot be valid */
698	if (cookie_initialized
699	&& generate_cookie_callback(ssl, result, &resultlength)
700	&& cookie_len == resultlength
701	&& memcmp(result, cookie, resultlength) == 0)
702	return 1;
703
704	return 0;
705	}
706	#endif
707
708	/*
709	* Example of extended certificate handling. Where the standard support of
710	* one certificate per algorithm is not sufficient an application can decide
711	* which certificate(s) to use at runtime based on whatever criteria it deems
712	* appropriate.
713	*/
714
715	/* Linked list of certificates, keys and chains */
716	struct ssl_excert_st {
717	int certform;
718	const char *certfile;
719	int keyform;
720	const char *keyfile;
721	const char *chainfile;
722	X509 *cert;
723	EVP_PKEY *key;
724	STACK_OF(X509) *chain;
725	int build_chain;
726	struct ssl_excert_st next, prev;
727	};
728
729	static STRINT_PAIR chain_flags[] = {
730	{"Overall Validity", CERT_PKEY_VALID},
731	{"Sign with EE key", CERT_PKEY_SIGN},
732	{"EE signature", CERT_PKEY_EE_SIGNATURE},
733	{"CA signature", CERT_PKEY_CA_SIGNATURE},
734	{"EE key parameters", CERT_PKEY_EE_PARAM},
735	{"CA key parameters", CERT_PKEY_CA_PARAM},
736	{"Explicitly sign with EE key", CERT_PKEY_EXPLICIT_SIGN},
737	{"Issuer Name", CERT_PKEY_ISSUER_NAME},
738	{"Certificate Type", CERT_PKEY_CERT_TYPE},
739	{NULL}
740	};
741
742	static void print_chain_flags(SSL *s, int flags)
743	{
744	STRINT_PAIR *pp;
745
746	for (pp = chain_flags; pp->name; ++pp)
747	BIO_printf(bio_err, "\t%s: %s\n",
748	pp->name,
749	(flags & pp->retval) ? "OK" : "NOT OK");
750	BIO_printf(bio_err, "\tSuite B: ");
751	if (SSL_set_cert_flags(s, 0) & SSL_CERT_FLAG_SUITEB_128_LOS)
752	BIO_puts(bio_err, flags & CERT_PKEY_SUITEB ? "OK\n" : "NOT OK\n");
753	else
754	BIO_printf(bio_err, "not tested\n");
755	}
756
757	/*
758	* Very basic selection callback: just use any certificate chain reported as
759	* valid. More sophisticated could prioritise according to local policy.
760	*/
761	static int set_cert_cb(SSL ssl, void arg)
762	{
763	int i, rv;
764	SSL_EXCERT *exc = arg;
765	#ifdef CERT_CB_TEST_RETRY
766	static int retry_cnt;
767	if (retry_cnt < 5) {
768	retry_cnt++;
769	BIO_printf(bio_err,
770	"Certificate callback retry test: count %d\n",
771	retry_cnt);
772	return -1;
773	}
774	#endif
775	SSL_certs_clear(ssl);
776
777	if (!exc)
778	return 1;
779
780	/*
781	* Go to end of list and traverse backwards since we prepend newer
782	* entries this retains the original order.
783	*/
784	while (exc->next)
785	exc = exc->next;
786
787	i = 0;
788
789	while (exc) {
790	i++;
791	rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain);
792	BIO_printf(bio_err, "Checking cert chain %d:\nSubject: ", i);
793	X509_NAME_print_ex(bio_err, X509_get_subject_name(exc->cert), 0,
794	XN_FLAG_ONELINE);
795	BIO_puts(bio_err, "\n");
796	print_chain_flags(ssl, rv);
797	if (rv & CERT_PKEY_VALID) {
798	if (!SSL_use_certificate(ssl, exc->cert)
799	\|\| !SSL_use_PrivateKey(ssl, exc->key)) {
800	return 0;
801	}
802	/*
803	* NB: we wouldn't normally do this as it is not efficient
804	* building chains on each connection better to cache the chain
805	* in advance.
806	*/
807	if (exc->build_chain) {
808	if (!SSL_build_cert_chain(ssl, 0))
809	return 0;
810	} else if (exc->chain)
811	SSL_set1_chain(ssl, exc->chain);
812	}
813	exc = exc->prev;
814	}
815	return 1;
816	}
817
818	void ssl_ctx_set_excert(SSL_CTX ctx, SSL_EXCERT exc)
819	{
820	SSL_CTX_set_cert_cb(ctx, set_cert_cb, exc);
821	}
822
823	static int ssl_excert_prepend(SSL_EXCERT **pexc)
824	{
825	SSL_EXCERT exc = app_malloc(sizeof(exc), "prepend cert");
826
827	memset(exc, 0, sizeof(*exc));
828
829	exc->next = *pexc;
830	*pexc = exc;
831
832	if (exc->next) {
833	exc->certform = exc->next->certform;
834	exc->keyform = exc->next->keyform;
835	exc->next->prev = exc;
836	} else {
837	exc->certform = FORMAT_PEM;
838	exc->keyform = FORMAT_PEM;
839	}
840	return 1;
841
842	}
843
844	void ssl_excert_free(SSL_EXCERT *exc)
845	{
846	SSL_EXCERT *curr;
847
848	if (!exc)
849	return;
850	while (exc) {
851	X509_free(exc->cert);
852	EVP_PKEY_free(exc->key);
853	sk_X509_pop_free(exc->chain, X509_free);
854	curr = exc;
855	exc = exc->next;
856	OPENSSL_free(curr);
857	}
858	}
859
860	int load_excert(SSL_EXCERT **pexc)
861	{
862	SSL_EXCERT exc = pexc;
863	if (!exc)
864	return 1;
865	/* If nothing in list, free and set to NULL */
866	if (!exc->certfile && !exc->next) {
867	ssl_excert_free(exc);
868	*pexc = NULL;
869	return 1;
870	}
871	for (; exc; exc = exc->next) {
872	if (!exc->certfile) {
873	BIO_printf(bio_err, "Missing filename\n");
874	return 0;
875	}
876	exc->cert = load_cert(exc->certfile, exc->certform,
877	"Server Certificate");
878	if (!exc->cert)
879	return 0;
880	if (exc->keyfile) {
881	exc->key = load_key(exc->keyfile, exc->keyform,
882	0, NULL, NULL, "Server Key");
883	} else {
884	exc->key = load_key(exc->certfile, exc->certform,
885	0, NULL, NULL, "Server Key");
886	}
887	if (!exc->key)
888	return 0;
889	if (exc->chainfile) {
890	if (!load_certs(exc->chainfile, &exc->chain, FORMAT_PEM, NULL,
891	"Server Chain"))
892	return 0;
893	}
894	}
895	return 1;
896	}
897
898	enum range { OPT_X_ENUM };
899
900	int args_excert(int opt, SSL_EXCERT **pexc)
901	{
902	SSL_EXCERT exc = pexc;
903
904	assert(opt > OPT_X__FIRST);
905	assert(opt < OPT_X__LAST);
906
907	if (exc == NULL) {
908	if (!ssl_excert_prepend(&exc)) {
909	BIO_printf(bio_err, " %s: Error initialising xcert\n",
910	opt_getprog());
911	goto err;
912	}
913	*pexc = exc;
914	}
915
916	switch ((enum range)opt) {
917	case OPT_X__FIRST:
918	case OPT_X__LAST:
919	return 0;
920	case OPT_X_CERT:
921	if (exc->certfile && !ssl_excert_prepend(&exc)) {
922	BIO_printf(bio_err, "%s: Error adding xcert\n", opt_getprog());
923	goto err;
924	}
925	*pexc = exc;
926	exc->certfile = opt_arg();
927	break;
928	case OPT_X_KEY:
929	if (exc->keyfile) {
930	BIO_printf(bio_err, "%s: Key already specified\n", opt_getprog());
931	goto err;
932	}
933	exc->keyfile = opt_arg();
934	break;
935	case OPT_X_CHAIN:
936	if (exc->chainfile) {
937	BIO_printf(bio_err, "%s: Chain already specified\n",
938	opt_getprog());
939	goto err;
940	}
941	exc->chainfile = opt_arg();
942	break;
943	case OPT_X_CHAIN_BUILD:
944	exc->build_chain = 1;
945	break;
946	case OPT_X_CERTFORM:
947	if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &exc->certform))
948	return 0;
949	break;
950	case OPT_X_KEYFORM:
951	if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &exc->keyform))
952	return 0;
953	break;
954	}
955	return 1;
956
957	err:
958	ERR_print_errors(bio_err);
959	ssl_excert_free(exc);
960	*pexc = NULL;
961	return 0;
962	}
963
964	static void print_raw_cipherlist(SSL *s)
965	{
966	const unsigned char *rlist;
967	static const unsigned char scsv_id[] = { 0, 0xFF };
968	size_t i, rlistlen, num;
969	if (!SSL_is_server(s))
970	return;
971	num = SSL_get0_raw_cipherlist(s, NULL);
972	OPENSSL_assert(num == 2);
973	rlistlen = SSL_get0_raw_cipherlist(s, &rlist);
974	BIO_puts(bio_err, "Client cipher list: ");
975	for (i = 0; i < rlistlen; i += num, rlist += num) {
976	const SSL_CIPHER *c = SSL_CIPHER_find(s, rlist);
977	if (i)
978	BIO_puts(bio_err, ":");
979	if (c)
980	BIO_puts(bio_err, SSL_CIPHER_get_name(c));
981	else if (!memcmp(rlist, scsv_id, num))
982	BIO_puts(bio_err, "SCSV");
983	else {
984	size_t j;
985	BIO_puts(bio_err, "0x");
986	for (j = 0; j < num; j++)
987	BIO_printf(bio_err, "%02X", rlist[j]);
988	}
989	}
990	BIO_puts(bio_err, "\n");
991	}
992
993	/*
994	* Hex encoder for TLSA RRdata, not ':' delimited.
995	*/
996	static char hexencode(const unsigned char data, size_t len)
997	{
998	static const char *hex = "0123456789abcdef";
999	char *out;
1000	char *cp;
1001	size_t outlen = 2 * len + 1;
1002	int ilen = (int) outlen;
1003
1004	if (outlen < len \|\| ilen < 0 \|\| outlen != (size_t)ilen) {
1005	BIO_printf(bio_err, "%s: %" PRIu64 "-byte buffer too large to hexencode\n",
1006	opt_getprog(), (uint64_t)len);
1007	exit(1);
1008	}
1009	cp = out = app_malloc(ilen, "TLSA hex data buffer");
1010
1011	while (len-- > 0) {
1012	cp++ = hex[(data >> 4) & 0x0f];
1013	cp++ = hex[data++ & 0x0f];
1014	}
1015	*cp = '\0';
1016	return out;
1017	}
1018
1019	void print_verify_detail(SSL s, BIO bio)
1020	{
1021	int mdpth;
1022	EVP_PKEY *mspki;
1023	long verify_err = SSL_get_verify_result(s);
1024
1025	if (verify_err == X509_V_OK) {
1026	const char *peername = SSL_get0_peername(s);
1027
1028	BIO_printf(bio, "Verification: OK\n");
1029	if (peername != NULL)
1030	BIO_printf(bio, "Verified peername: %s\n", peername);
1031	} else {
1032	const char *reason = X509_verify_cert_error_string(verify_err);
1033
1034	BIO_printf(bio, "Verification error: %s\n", reason);
1035	}
1036
1037	if ((mdpth = SSL_get0_dane_authority(s, NULL, &mspki)) >= 0) {
1038	uint8_t usage, selector, mtype;
1039	const unsigned char *data = NULL;
1040	size_t dlen = 0;
1041	char *hexdata;
1042
1043	mdpth = SSL_get0_dane_tlsa(s, &usage, &selector, &mtype, &data, &dlen);
1044
1045	/*
1046	* The TLSA data field can be quite long when it is a certificate,
1047	* public key or even a SHA2-512 digest. Because the initial octets of
1048	* ASN.1 certificates and public keys contain mostly boilerplate OIDs
1049	* and lengths, we show the last 12 bytes of the data instead, as these
1050	* are more likely to distinguish distinct TLSA records.
1051	*/
1052	#define TLSA_TAIL_SIZE 12
1053	if (dlen > TLSA_TAIL_SIZE)
1054	hexdata = hexencode(data + dlen - TLSA_TAIL_SIZE, TLSA_TAIL_SIZE);
1055	else
1056	hexdata = hexencode(data, dlen);
1057	BIO_printf(bio, "DANE TLSA %d %d %d %s%s %s at depth %d\n",
1058	usage, selector, mtype,
1059	(dlen > TLSA_TAIL_SIZE) ? "..." : "", hexdata,
1060	(mspki != NULL) ? "signed the certificate" :
1061	mdpth ? "matched TA certificate" : "matched EE certificate",
1062	mdpth);
1063	OPENSSL_free(hexdata);
1064	}
1065	}
1066
1067	void print_ssl_summary(SSL *s)
1068	{
1069	const SSL_CIPHER *c;
1070	X509 *peer;
1071	/* const char pnam = SSL_is_server(s) ? "client" : "server"; /
1072
1073	BIO_printf(bio_err, "Protocol version: %s\n", SSL_get_version(s));
1074	print_raw_cipherlist(s);
1075	c = SSL_get_current_cipher(s);
1076	BIO_printf(bio_err, "Ciphersuite: %s\n", SSL_CIPHER_get_name(c));
1077	do_print_sigalgs(bio_err, s, 0);
1078	peer = SSL_get_peer_certificate(s);
1079	if (peer) {
1080	int nid;
1081
1082	BIO_puts(bio_err, "Peer certificate: ");
1083	X509_NAME_print_ex(bio_err, X509_get_subject_name(peer),
1084	0, XN_FLAG_ONELINE);
1085	BIO_puts(bio_err, "\n");
1086	if (SSL_get_peer_signature_nid(s, &nid))
1087	BIO_printf(bio_err, "Hash used: %s\n", OBJ_nid2sn(nid));
1088	print_verify_detail(s, bio_err);
1089	} else
1090	BIO_puts(bio_err, "No peer certificate\n");
1091	X509_free(peer);
1092	#ifndef OPENSSL_NO_EC
1093	ssl_print_point_formats(bio_err, s);
1094	if (SSL_is_server(s))
1095	ssl_print_curves(bio_err, s, 1);
1096	else
1097	ssl_print_tmp_key(bio_err, s);
1098	#else
1099	if (!SSL_is_server(s))
1100	ssl_print_tmp_key(bio_err, s);
1101	#endif
1102	}
1103
1104	int config_ctx(SSL_CONF_CTX cctx, STACK_OF(OPENSSL_STRING) str,
1105	SSL_CTX *ctx)
1106	{
1107	int i;
1108
1109	SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
1110	for (i = 0; i < sk_OPENSSL_STRING_num(str); i += 2) {
1111	const char *flag = sk_OPENSSL_STRING_value(str, i);
1112	const char *arg = sk_OPENSSL_STRING_value(str, i + 1);
1113	if (SSL_CONF_cmd(cctx, flag, arg) <= 0) {
1114	if (arg)
1115	BIO_printf(bio_err, "Error with command: \"%s %s\"\n",
1116	flag, arg);
1117	else
1118	BIO_printf(bio_err, "Error with command: \"%s\"\n", flag);
1119	ERR_print_errors(bio_err);
1120	return 0;
1121	}
1122	}
1123	if (!SSL_CONF_CTX_finish(cctx)) {
1124	BIO_puts(bio_err, "Error finishing context\n");
1125	ERR_print_errors(bio_err);
1126	return 0;
1127	}
1128	return 1;
1129	}
1130
1131	static int add_crls_store(X509_STORE st, STACK_OF(X509_CRL) crls)
1132	{
1133	X509_CRL *crl;
1134	int i;
1135	for (i = 0; i < sk_X509_CRL_num(crls); i++) {
1136	crl = sk_X509_CRL_value(crls, i);
1137	X509_STORE_add_crl(st, crl);
1138	}
1139	return 1;
1140	}
1141
1142	int ssl_ctx_add_crls(SSL_CTX ctx, STACK_OF(X509_CRL) crls, int crl_download)
1143	{
1144	X509_STORE *st;
1145	st = SSL_CTX_get_cert_store(ctx);
1146	add_crls_store(st, crls);
1147	if (crl_download)
1148	store_setup_crl_download(st);
1149	return 1;
1150	}
1151
1152	int ssl_load_stores(SSL_CTX *ctx,
1153	const char vfyCApath, const char vfyCAfile,
1154	const char chCApath, const char chCAfile,
1155	STACK_OF(X509_CRL) *crls, int crl_download)
1156	{
1157	X509_STORE vfy = NULL, ch = NULL;
1158	int rv = 0;
1159	if (vfyCApath != NULL \|\| vfyCAfile != NULL) {
1160	vfy = X509_STORE_new();
1161	if (vfy == NULL)
1162	goto err;
1163	if (!X509_STORE_load_locations(vfy, vfyCAfile, vfyCApath))
1164	goto err;
1165	add_crls_store(vfy, crls);
1166	SSL_CTX_set1_verify_cert_store(ctx, vfy);
1167	if (crl_download)
1168	store_setup_crl_download(vfy);
1169	}
1170	if (chCApath != NULL \|\| chCAfile != NULL) {
1171	ch = X509_STORE_new();
1172	if (ch == NULL)
1173	goto err;
1174	if (!X509_STORE_load_locations(ch, chCAfile, chCApath))
1175	goto err;
1176	SSL_CTX_set1_chain_cert_store(ctx, ch);
1177	}
1178	rv = 1;
1179	err:
1180	X509_STORE_free(vfy);
1181	X509_STORE_free(ch);
1182	return rv;
1183	}
1184
1185	/* Verbose print out of security callback */
1186
1187	typedef struct {
1188	BIO *out;
1189	int verbose;
1190	int (old_cb) (const SSL s, const SSL_CTX *ctx, int op, int bits, int nid,
1191	void other, void ex);
1192	} security_debug_ex;
1193
1194	static STRINT_PAIR callback_types[] = {
1195	{"Supported Ciphersuite", SSL_SECOP_CIPHER_SUPPORTED},
1196	{"Shared Ciphersuite", SSL_SECOP_CIPHER_SHARED},
1197	{"Check Ciphersuite", SSL_SECOP_CIPHER_CHECK},
1198	#ifndef OPENSSL_NO_DH
1199	{"Temp DH key bits", SSL_SECOP_TMP_DH},
1200	#endif
1201	{"Supported Curve", SSL_SECOP_CURVE_SUPPORTED},
1202	{"Shared Curve", SSL_SECOP_CURVE_SHARED},
1203	{"Check Curve", SSL_SECOP_CURVE_CHECK},
1204	{"Supported Signature Algorithm digest", SSL_SECOP_SIGALG_SUPPORTED},
1205	{"Shared Signature Algorithm digest", SSL_SECOP_SIGALG_SHARED},
1206	{"Check Signature Algorithm digest", SSL_SECOP_SIGALG_CHECK},
1207	{"Signature Algorithm mask", SSL_SECOP_SIGALG_MASK},
1208	{"Certificate chain EE key", SSL_SECOP_EE_KEY},
1209	{"Certificate chain CA key", SSL_SECOP_CA_KEY},
1210	{"Peer Chain EE key", SSL_SECOP_PEER_EE_KEY},
1211	{"Peer Chain CA key", SSL_SECOP_PEER_CA_KEY},
1212	{"Certificate chain CA digest", SSL_SECOP_CA_MD},
1213	{"Peer chain CA digest", SSL_SECOP_PEER_CA_MD},
1214	{"SSL compression", SSL_SECOP_COMPRESSION},
1215	{"Session ticket", SSL_SECOP_TICKET},
1216	{NULL}
1217	};
1218
1219	static int security_callback_debug(const SSL s, const SSL_CTX ctx,
1220	int op, int bits, int nid,
1221	void other, void ex)
1222	{
1223	security_debug_ex *sdb = ex;
1224	int rv, show_bits = 1, cert_md = 0;
1225	const char *nm;
1226	rv = sdb->old_cb(s, ctx, op, bits, nid, other, ex);
1227	if (rv == 1 && sdb->verbose < 2)
1228	return 1;
1229	BIO_puts(sdb->out, "Security callback: ");
1230
1231	nm = lookup(op, callback_types, NULL);
1232	switch (op) {
1233	case SSL_SECOP_TICKET:
1234	case SSL_SECOP_COMPRESSION:
1235	show_bits = 0;
1236	nm = NULL;
1237	break;
1238	case SSL_SECOP_VERSION:
1239	BIO_printf(sdb->out, "Version=%s", lookup(nid, ssl_versions, "???"));
1240	show_bits = 0;
1241	nm = NULL;
1242	break;
1243	case SSL_SECOP_CA_MD:
1244	case SSL_SECOP_PEER_CA_MD:
1245	cert_md = 1;
1246	break;
1247	}
1248	if (nm)
1249	BIO_printf(sdb->out, "%s=", nm);
1250
1251	switch (op & SSL_SECOP_OTHER_TYPE) {
1252
1253	case SSL_SECOP_OTHER_CIPHER:
1254	BIO_puts(sdb->out, SSL_CIPHER_get_name(other));
1255	break;
1256
1257	#ifndef OPENSSL_NO_EC
1258	case SSL_SECOP_OTHER_CURVE:
1259	{
1260	const char *cname;
1261	cname = EC_curve_nid2nist(nid);
1262	if (cname == NULL)
1263	cname = OBJ_nid2sn(nid);
1264	BIO_puts(sdb->out, cname);
1265	}
1266	break;
1267	#endif
1268	#ifndef OPENSSL_NO_DH
1269	case SSL_SECOP_OTHER_DH:
1270	{
1271	DH *dh = other;
1272	BIO_printf(sdb->out, "%d", DH_bits(dh));
1273	break;
1274	}
1275	#endif
1276	case SSL_SECOP_OTHER_CERT:
1277	{
1278	if (cert_md) {
1279	int sig_nid = X509_get_signature_nid(other);
1280	BIO_puts(sdb->out, OBJ_nid2sn(sig_nid));
1281	} else {
1282	EVP_PKEY *pkey = X509_get0_pubkey(other);
1283	const char *algname = "";
1284	EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL,
1285	&algname, EVP_PKEY_get0_asn1(pkey));
1286	BIO_printf(sdb->out, "%s, bits=%d",
1287	algname, EVP_PKEY_bits(pkey));
1288	}
1289	break;
1290	}
1291	case SSL_SECOP_OTHER_SIGALG:
1292	{
1293	const unsigned char *salg = other;
1294	const char *sname = NULL;
1295	switch (salg[1]) {
1296	case TLSEXT_signature_anonymous:
1297	sname = "anonymous";
1298	break;
1299	case TLSEXT_signature_rsa:
1300	sname = "RSA";
1301	break;
1302	case TLSEXT_signature_dsa:
1303	sname = "DSA";
1304	break;
1305	case TLSEXT_signature_ecdsa:
1306	sname = "ECDSA";
1307	break;
1308	}
1309
1310	BIO_puts(sdb->out, OBJ_nid2sn(nid));
1311	if (sname)
1312	BIO_printf(sdb->out, ", algorithm=%s", sname);
1313	else
1314	BIO_printf(sdb->out, ", algid=%d", salg[1]);
1315	break;
1316	}
1317
1318	}
1319
1320	if (show_bits)
1321	BIO_printf(sdb->out, ", security bits=%d", bits);
1322	BIO_printf(sdb->out, ": %s\n", rv ? "yes" : "no");
1323	return rv;
1324	}
1325
1326	void ssl_ctx_security_debug(SSL_CTX *ctx, int verbose)
1327	{
1328	static security_debug_ex sdb;
1329
1330	sdb.out = bio_err;
1331	sdb.verbose = verbose;
1332	sdb.old_cb = SSL_CTX_get_security_callback(ctx);
1333	SSL_CTX_set_security_callback(ctx, security_callback_debug);
1334	SSL_CTX_set0_security_ex_data(ctx, &sdb);
1335	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: EcnlProtoTool/trunk/openssl-1.1.0e/apps/s_cb.c@ 331

Download in other formats: