1 /* Copyright (C) 2009-2013, Martin Johansson <martin@fatbob.nu>
2 Copyright (C) 2005-2013, Thorvald Natvig <thorvald@natvig.com>
6 Redistribution and use in source and binary forms, with or without
7 modification, are permitted provided that the following conditions
10 - Redistributions of source code must retain the above copyright notice,
11 this list of conditions and the following disclaimer.
12 - Redistributions in binary form must reproduce the above copyright notice,
13 this list of conditions and the following disclaimer in the documentation
14 and/or other materials provided with the distribution.
15 - Neither the name of the Developers nor the names of its contributors may
16 be used to endorse or promote products derived from this software without
17 specific prior written permission.
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR
23 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
24 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
25 PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
26 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
27 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
28 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
29 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
44 #include <polarssl/havege.h>
45 #include <polarssl/certs.h>
46 #include <polarssl/x509.h>
47 #include <polarssl/ssl.h>
48 #include <polarssl/net.h>
50 #ifdef POLARSSL_API_V1_2
53 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
54 TLS_RSA_WITH_AES_256_CBC_SHA,
55 TLS_RSA_WITH_AES_128_CBC_SHA,
61 SSL_EDH_RSA_AES_256_SHA,
67 static x509_cert certificate;
68 static rsa_context key;
69 bool_t builtInTestCertificate;
71 #ifdef USE_POLARSSL_HAVEGE
79 "9CE85640903BF123906947FEDE767261" \
80 "D9B4A973EB8F7D984A8C656E2BCC161C" \
81 "183D4CA471BA78225F940F16D1D99CA3" \
82 "E66152CC68EDCE1311A390F307741835" \
83 "44FF6AB553EC7073AD0CB608F2A3B480" \
84 "19E6C02BCED40BD30E91BB2469089670" \
85 "DEF409C08E8AC24D1732A6128D2220DC53";
88 #ifdef USE_POLARSSL_TESTCERT
89 static void initTestCert()
92 builtInTestCertificate = true;
93 rc = x509parse_crt(&certificate, (unsigned char *)test_srv_crt,
94 strlen(test_srv_crt));
96 Log_fatal("Could not parse built-in test certificate");
99 static void initTestKey()
103 rc = x509parse_key(&key, (unsigned char *)test_srv_key,
104 strlen(test_srv_key), NULL, 0);
106 Log_fatal("Could not parse built-in test RSA key");
111 * How to generate a self-signed cert with openssl:
112 * openssl genrsa 1024 > host.key
113 * openssl req -new -x509 -nodes -sha1 -days 365 -key host.key > host.cert
115 static void initCert()
118 char *crtfile = (char *)getStrConf(CERTIFICATE);
120 if (crtfile == NULL) {
121 #ifdef USE_POLARSSL_TESTCERT
122 Log_warn("No certificate file specified. Falling back to test certificate.");
125 Log_fatal("No certificate file specified");
129 rc = x509parse_crtfile(&certificate, crtfile);
131 #ifdef USE_POLARSSL_TESTCERT
132 Log_warn("Could not read certificate file '%s'. Falling back to test certificate.", crtfile);
135 Log_fatal("Could not read certificate file '%s'", crtfile);
141 static void initKey()
144 char *keyfile = (char *)getStrConf(KEY);
147 Log_fatal("No key file specified");
148 rc = x509parse_keyfile(&key, keyfile, NULL);
150 Log_fatal("Could not read RSA key file %s", keyfile);
153 #ifndef USE_POLARSSL_HAVEGE
154 int urandom_bytes(void *ctx, unsigned char *dest, size_t len)
159 cur = read(urandom_fd, dest, len);
168 #define DEBUG_LEVEL 0
169 static void pssl_debug(void *ctx, int level, const char *str)
171 if (level <= DEBUG_LEVEL)
172 Log_info("PolarSSL [level %d]: %s", level, str);
180 #ifdef USE_POLARSSL_TESTCERT
181 if (builtInTestCertificate) {
182 Log_warn("*** Using built-in test certificate and RSA key ***");
183 Log_warn("*** This is not secure! Please use a CA-signed certificate or create a key and self-signed certificate ***");
192 /* Initialize random number generator */
193 #ifdef USE_POLARSSL_HAVEGE
196 urandom_fd = open("/dev/urandom", O_RDONLY);
198 Log_fatal("Cannot open /dev/urandom");
201 version_get_string(verstring);
202 Log_info("PolarSSL library version %s initialized", verstring);
205 void SSLi_deinit(void)
207 x509_free(&certificate);
211 /* Create SHA1 of last certificate in the peer's chain. */
212 bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash)
214 x509_cert const *cert;
215 #ifdef POLARSSL_API_V1_2
216 cert = ssl_get_peer_cert(ssl);
218 cert = ssl->peer_cert;
223 sha1(cert->raw.p, cert->raw.len, hash);
227 SSL_handle_t *SSLi_newconnection(int *fd, bool_t *SSLready)
233 ssl = malloc(sizeof(ssl_context));
234 ssn = malloc(sizeof(ssl_session));
236 Log_fatal("Out of memory");
237 memset(ssl, 0, sizeof(ssl_context));
238 memset(ssn, 0, sizeof(ssl_session));
242 Log_fatal("Failed to initialize: %d", rc);
244 ssl_set_endpoint(ssl, SSL_IS_SERVER);
245 ssl_set_authmode(ssl, SSL_VERIFY_OPTIONAL);
247 #ifdef USE_POLARSSL_HAVEGE
248 ssl_set_rng(ssl, HAVEGE_RAND, &hs);
250 ssl_set_rng(ssl, urandom_bytes, NULL);
253 ssl_set_dbg(ssl, pssl_debug, NULL);
254 ssl_set_bio(ssl, net_recv, fd, net_send, fd);
256 ssl_set_ciphersuites(ssl, ciphers);
258 #ifdef POLARSSL_API_V1_2
259 ssl_set_session(ssl, ssn);
261 ssl_set_session(ssl, 0, 0, ssn);
264 ssl_set_ca_chain(ssl, &certificate, NULL, NULL);
265 ssl_set_own_cert(ssl, &certificate, &key);
266 ssl_set_dh_param(ssl, my_dhm_P, my_dhm_G);
271 int SSLi_nonblockaccept(SSL_handle_t *ssl, bool_t *SSLready)
275 rc = ssl_handshake(ssl);
277 if (rc == POLARSSL_ERR_NET_WANT_READ || rc == POLARSSL_ERR_NET_WANT_WRITE) {
279 } else if (rc == POLARSSL_ERR_X509_CERT_VERIFY_FAILED) { /* Allow this (selfsigned etc) */
282 Log_warn("SSL handshake failed: %d", rc);
290 int SSLi_read(SSL_handle_t *ssl, uint8_t *buf, int len)
294 rc = ssl_read(ssl, buf, len);
295 if (rc == POLARSSL_ERR_NET_WANT_READ)
296 return SSLI_ERROR_WANT_READ;
300 int SSLi_write(SSL_handle_t *ssl, uint8_t *buf, int len)
304 rc = ssl_write(ssl, buf, len);
305 if (rc == POLARSSL_ERR_NET_WANT_WRITE)
306 return SSLI_ERROR_WANT_WRITE;
310 int SSLi_get_error(SSL_handle_t *ssl, int code)
315 bool_t SSLi_data_pending(SSL_handle_t *ssl)
317 return ssl_get_bytes_avail(ssl) > 0;
320 void SSLi_shutdown(SSL_handle_t *ssl)
322 ssl_close_notify(ssl);
325 void SSLi_free(SSL_handle_t *ssl)
327 Log_debug("SSLi_free");
328 #if (POLARSSL_VERSION_MINOR <= 2 && POLARSSL_VERSION_PATCH < 6)
329 free(ssl->session); /* Workaround for memory leak in PolarSSL < 1.2.6 */
341 #include <openssl/x509v3.h>
342 #include <openssl/ssl.h>
343 #include <openssl/err.h>
344 #include <openssl/safestack.h>
347 static SSL_CTX *context;
348 static EVP_PKEY *pkey;
350 static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx);
352 static int SSL_add_ext(X509 * crt, int nid, char *value) {
355 X509V3_set_ctx_nodb(&ctx);
356 X509V3_set_ctx(&ctx, crt, crt, NULL, NULL, 0);
357 ex = X509V3_EXT_conf_nid(NULL, &ctx, nid, value);
361 X509_add_ext(crt, ex, -1);
362 X509_EXTENSION_free(ex);
366 static X509 *SSL_readcert(char *certfile)
371 /* open the private key file */
372 fp = fopen(certfile, "r");
374 Log_warn("Unable to open the X509 file %s for reading.", certfile);
378 /* allocate memory for the cert structure */
381 if (PEM_read_X509(fp, &x509, NULL, NULL) == 0) {
382 /* error reading the x509 information - check the error stack */
383 Log_warn("Error trying to read X509 info.");
392 static RSA *SSL_readprivatekey(char *keyfile)
397 /* open the private key file for reading */
398 fp = fopen(keyfile, "r");
400 Log_warn("Unable to open the private key file %s for reading.", keyfile);
404 /* allocate memory for the RSA structure */
407 /* assign a callback function for the password */
409 /* read a private key from file */
410 if (PEM_read_RSAPrivateKey(fp, &rsa, NULL, NULL) <= 0) {
411 /* error reading the key - check the error stack */
412 Log_warn("Error trying to read private key.");
421 static void SSL_writecert(char *certfile, X509 *x509)
425 /* open the private key file */
426 fp = fopen(certfile, "w");
428 Log_warn("Unable to open the X509 file %s for writing", certfile);
431 if (PEM_write_X509(fp, x509) == 0) {
432 Log_warn("Error trying to write X509 info.");
437 static void SSL_writekey(char *keyfile, RSA *rsa)
441 /* open the private key file for reading */
442 fp = fopen(keyfile, "w");
444 Log_warn("Unable to open the private key file %s for writing.", keyfile);
448 if (PEM_write_RSAPrivateKey(fp, rsa, NULL, NULL, 0, NULL, NULL) == 0) {
449 Log_warn("Error trying to write private key");
454 static void SSL_initializeCert() {
455 char *crt, *key, *pass;
457 crt = (char *)getStrConf(CERTIFICATE);
458 key = (char *)getStrConf(KEY);
459 pass = (char *)getStrConf(PASSPHRASE);
461 x509 = SSL_readcert(crt);
462 rsa = SSL_readprivatekey(key);
464 pkey = EVP_PKEY_new();
465 EVP_PKEY_assign_RSA(pkey, rsa);
471 qscCert = QSslCertificate(key);
472 if (! qscCert.isNull()) {
473 logthis("Using certificate from key.");
477 if (! qscCert.isNull()) {
478 QSsl::KeyAlgorithm alg = qscCert.publicKey().algorithm();
479 /* Fetch algorith from cert */
480 if (! key.isEmpty()) {
482 qskKey = QSslKey(key, alg, QSsl::Pem, QSsl::PrivateKey, pass);
483 if (qskKey.isNull()) {
484 logthis("Failed to parse key.");
488 if (! crt.isEmpty() && qskKey.isNull()) {
489 /* get key from certificate */
490 qskKey = QSslKey(crt, alg, QSsl::Pem, QSsl::PrivateKey, pass);
491 if (! qskKey.isNull()) {
492 logthis("Using key from certificate.");
500 Log_info("Generating new server certificate.");
503 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
506 pkey = EVP_PKEY_new();
507 rsa = RSA_generate_key(1024,RSA_F4,NULL,NULL);
508 EVP_PKEY_assign_RSA(pkey, rsa);
510 X509_set_version(x509, 2);
511 ASN1_INTEGER_set(X509_get_serialNumber(x509),1);
512 X509_gmtime_adj(X509_get_notBefore(x509),0);
513 X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365);
514 X509_set_pubkey(x509, pkey);
516 X509_NAME *name=X509_get_subject_name(x509);
518 X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (const uint8_t *)"Murmur Autogenerated Certificate v2", -1, -1, 0);
519 X509_set_issuer_name(x509, name);
520 SSL_add_ext(x509, NID_basic_constraints, "critical,CA:FALSE");
521 SSL_add_ext(x509, NID_ext_key_usage, "serverAuth,clientAuth");
522 SSL_add_ext(x509, NID_subject_key_identifier, "hash");
523 SSL_add_ext(x509, NID_netscape_comment, "Generated from umurmur");
525 X509_sign(x509, pkey, EVP_md5());
527 SSL_writecert(crt, x509);
528 SSL_writekey(key, rsa);
535 const SSL_METHOD *method;
537 int i, offset = 0, cipherstringlen = 0;
538 STACK_OF(SSL_CIPHER) *cipherlist = NULL, *cipherlist_new = NULL;
540 char *cipherstring, tempstring[128];
543 OpenSSL_add_all_algorithms(); /* load & register all cryptos, etc. */
544 SSL_load_error_strings(); /* load all error messages */
545 ERR_load_crypto_strings(); /* load all error messages */
546 method = SSLv23_server_method(); /* create new server-method instance */
547 context = SSL_CTX_new(method); /* create new context from method */
550 ERR_print_errors_fp(stderr);
553 SSL_initializeCert();
554 if (SSL_CTX_use_certificate(context, x509) <= 0)
555 Log_fatal("Failed to initialize cert");
556 if (SSL_CTX_use_PrivateKey(context, pkey) <= 0) {
557 ERR_print_errors_fp(stderr);
558 Log_fatal("Failed to initialize private key");
561 /* Set cipher list */
562 ssl = SSL_new(context);
563 cipherlist = (STACK_OF(SSL_CIPHER) *) SSL_get_ciphers(ssl);
564 cipherlist_new = (STACK_OF(SSL_CIPHER) *) sk_SSL_CIPHER_new_null();
566 for ( i = 0; (cipher = sk_SSL_CIPHER_value(cipherlist, i)) != NULL; i++) {
567 if (SSL_CIPHER_get_bits(cipher, NULL) >= 128) {
568 sk_SSL_CIPHER_push(cipherlist_new, cipher);
571 Log_debug("List of ciphers:");
572 if (cipherlist_new) {
573 for (i = 0; (cipher = sk_SSL_CIPHER_value(cipherlist_new, i)) != NULL; i++) {
574 Log_debug("%s", SSL_CIPHER_get_name(cipher));
575 cipherstringlen += strlen(SSL_CIPHER_get_name(cipher)) + 1;
577 cipherstring = malloc(cipherstringlen + 1);
578 if (cipherstring == NULL)
579 Log_fatal("Out of memory");
580 for (i = 0; (cipher = sk_SSL_CIPHER_value(cipherlist_new, i)) != NULL; i++) {
581 offset += sprintf(cipherstring + offset, "%s:", SSL_CIPHER_get_name(cipher));
586 sk_SSL_CIPHER_free(cipherlist_new);
588 if (strlen(cipherstring) == 0)
589 Log_fatal("No suitable ciphers found!");
591 if (SSL_CTX_set_cipher_list(context, cipherstring) == 0)
592 Log_fatal("Failed to set cipher list!");
596 SSL_CTX_set_verify(context, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,
600 Log_info("OpenSSL library initialized");
604 void SSLi_deinit(void)
606 SSL_CTX_free(context);
610 int SSLi_nonblockaccept(SSL_handle_t *ssl, bool_t *SSLready)
613 rc = SSL_accept(ssl);
615 if (SSL_get_error(ssl, rc) == SSL_ERROR_WANT_READ ||
616 SSL_get_error(ssl, rc) == SSL_ERROR_WANT_WRITE) {
617 Log_debug("SSL not ready");
620 Log_warn("SSL error: %s", ERR_error_string(SSL_get_error(ssl, rc), NULL));
628 SSL_handle_t *SSLi_newconnection(int *fd, bool_t *SSLready)
633 ssl = SSL_new(context);
634 SSL_set_fd(ssl, *fd);
635 if (SSLi_nonblockaccept(ssl, SSLready) < 0) {
642 /* Create SHA1 of last certificate in the peer's chain. */
643 bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash)
649 x509 = SSL_get_peer_certificate(ssl);
654 len = i2d_X509(x509, NULL);
663 SHA1(buf, len, hash);
668 void SSLi_closeconnection(SSL_handle_t *ssl)
673 void SSLi_shutdown(SSL_handle_t *ssl)
678 int SSLi_read(SSL_handle_t *ssl, uint8_t *buf, int len)
680 return SSL_read(ssl, buf, len);
683 int SSLi_write(SSL_handle_t *ssl, uint8_t *buf, int len)
685 return SSL_write(ssl, buf, len);
688 int SSLi_get_error(SSL_handle_t *ssl, int code)
690 return SSL_get_error(ssl, code);
693 bool_t SSLi_data_pending(SSL_handle_t *ssl)
695 return SSL_pending(ssl);
698 void SSLi_free(SSL_handle_t *ssl)
703 static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
710 err_cert = X509_STORE_CTX_get_current_cert(ctx);
711 err = X509_STORE_CTX_get_error(ctx);
712 depth = X509_STORE_CTX_get_error_depth(ctx);
714 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
715 X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
719 err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
720 X509_STORE_CTX_set_error(ctx, err);
723 Log_warn("SSL: verify error:num=%d:%s:depth=%d:%s\n", err,
724 X509_verify_cert_error_string(err), depth, buf);
727 * At this point, err contains the last verification error. We can use
728 * it for something special
730 if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
731 X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
732 Log_warn("issuer= %s", buf);