1 /* Copyright (C) 2009-2012, Martin Johansson <martin@fatbob.nu>
2 Copyright (C) 2005-2012, Thorvald Natvig <thorvald@natvig.com>
6 Redistribution and use in source and binary forms, with or without
7 modification, are permitted provided that the following conditions
10 - Redistributions of source code must retain the above copyright notice,
11 this list of conditions and the following disclaimer.
12 - Redistributions in binary form must reproduce the above copyright notice,
13 this list of conditions and the following disclaimer in the documentation
14 and/or other materials provided with the distribution.
15 - Neither the name of the Developers nor the names of its contributors may
16 be used to endorse or promote products derived from this software without
17 specific prior written permission.
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR
23 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
24 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
25 PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
26 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
27 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
28 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
29 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
44 #include <polarssl/havege.h>
45 #include <polarssl/certs.h>
46 #include <polarssl/x509.h>
47 #include <polarssl/ssl.h>
48 #include <polarssl/net.h>
50 #ifdef POLARSSL_API_V1_2
53 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
54 TLS_RSA_WITH_AES_256_CBC_SHA,
55 TLS_RSA_WITH_AES_128_CBC_SHA,
61 SSL_EDH_RSA_AES_256_SHA,
67 static x509_cert certificate;
68 static rsa_context key;
69 bool_t builtInTestCertificate;
71 #ifdef USE_POLARSSL_HAVEGE
79 "9CE85640903BF123906947FEDE767261" \
80 "D9B4A973EB8F7D984A8C656E2BCC161C" \
81 "183D4CA471BA78225F940F16D1D99CA3" \
82 "E66152CC68EDCE1311A390F307741835" \
83 "44FF6AB553EC7073AD0CB608F2A3B480" \
84 "19E6C02BCED40BD30E91BB2469089670" \
85 "DEF409C08E8AC24D1732A6128D2220DC53";
88 #ifdef USE_POLARSSL_TESTCERT
89 static void initTestCert()
92 builtInTestCertificate = true;
93 rc = x509parse_crt(&certificate, (unsigned char *)test_srv_crt,
94 strlen(test_srv_crt));
96 Log_fatal("Could not parse built-in test certificate");
99 static void initTestKey()
103 rc = x509parse_key(&key, (unsigned char *)test_srv_key,
104 strlen(test_srv_key), NULL, 0);
106 Log_fatal("Could not parse built-in test RSA key");
111 * How to generate a self-signed cert with openssl:
112 * openssl genrsa 1024 > host.key
113 * openssl req -new -x509 -nodes -sha1 -days 365 -key host.key > host.cert
115 static void initCert()
118 char *crtfile = (char *)getStrConf(CERTIFICATE);
120 if (crtfile == NULL) {
121 #ifdef USE_POLARSSL_TESTCERT
122 Log_warn("No certificate file specified. Falling back to test certificate.");
125 Log_fatal("No certificate file specified");
129 rc = x509parse_crtfile(&certificate, crtfile);
131 #ifdef USE_POLARSSL_TESTCERT
132 Log_warn("Could not read certificate file '%s'. Falling back to test certificate.", crtfile);
135 Log_fatal("Could not read certificate file '%s'", crtfile);
141 static void initKey()
144 char *keyfile = (char *)getStrConf(KEY);
147 Log_fatal("No key file specified");
148 rc = x509parse_keyfile(&key, keyfile, NULL);
150 Log_fatal("Could not read RSA key file %s", keyfile);
153 #ifndef USE_POLARSSL_HAVEGE
154 int urandom_bytes(void *ctx, unsigned char *dest, size_t len)
159 cur = read(urandom_fd, dest, len);
167 #define DEBUG_LEVEL 0
168 static void pssl_debug(void *ctx, int level, const char *str)
170 if (level <= DEBUG_LEVEL)
171 Log_info("PolarSSL [level %d]: %s", level, str);
179 #ifdef USE_POLARSSL_TESTCERT
180 if (builtInTestCertificate) {
181 Log_warn("*** Using built-in test certificate and RSA key ***");
182 Log_warn("*** This is not secure! Please use a CA-signed certificate or create a key and self-signed certificate ***");
191 /* Initialize random number generator */
192 #ifdef USE_POLARSSL_HAVEGE
195 urandom_fd = open("/dev/urandom", O_RDONLY);
197 Log_fatal("Cannot open /dev/urandom");
198 Log_info("Using random number generator /dev/urandom");
201 #ifdef POLARSSL_VERSION_MAJOR
202 version_get_string(verstring);
203 Log_info("PolarSSL library version %s initialized", verstring);
205 Log_info("PolarSSL library initialized");
209 void SSLi_deinit(void)
211 x509_free(&certificate);
215 /* Create SHA1 of last certificate in the peer's chain. */
216 bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash)
218 x509_cert const *cert;
219 #ifdef POLARSSL_API_V1_2
220 cert = ssl_get_peer_cert(ssl);
222 cert = ssl->peer_cert;
227 sha1(cert->raw.p, cert->raw.len, hash);
231 SSL_handle_t *SSLi_newconnection(int *fd, bool_t *SSLready)
237 ssl = malloc(sizeof(ssl_context));
238 ssn = malloc(sizeof(ssl_session));
240 Log_fatal("Out of memory");
241 memset(ssl, 0, sizeof(ssl_context));
242 memset(ssn, 0, sizeof(ssl_session));
246 Log_fatal("Failed to initialize: %d", rc);
248 ssl_set_endpoint(ssl, SSL_IS_SERVER);
249 ssl_set_authmode(ssl, SSL_VERIFY_OPTIONAL);
251 #ifdef USE_POLARSSL_HAVEGE
252 ssl_set_rng(ssl, HAVEGE_RAND, &hs);
254 ssl_set_rng(ssl, urandom_bytes, NULL);
257 ssl_set_dbg(ssl, pssl_debug, NULL);
258 ssl_set_bio(ssl, net_recv, fd, net_send, fd);
260 #ifdef POLARSSL_API_V1
261 ssl_set_ciphersuites(ssl, ciphers);
263 ssl_set_ciphers(ssl, ciphers);
266 #ifdef POLARSSL_API_V1_2
267 ssl_set_session(ssl, ssn);
269 ssl_set_session(ssl, 0, 0, ssn);
272 ssl_set_ca_chain(ssl, &certificate, NULL, NULL);
273 ssl_set_own_cert(ssl, &certificate, &key);
274 ssl_set_dh_param(ssl, my_dhm_P, my_dhm_G);
279 int SSLi_nonblockaccept(SSL_handle_t *ssl, bool_t *SSLready)
283 rc = ssl_handshake(ssl);
285 #ifdef POLARSSL_API_V1
286 if (rc == POLARSSL_ERR_NET_WANT_READ || rc == POLARSSL_ERR_NET_WANT_WRITE) {
288 if (rc == POLARSSL_ERR_NET_TRY_AGAIN) {
291 } else if (POLARSSL_ERR_X509_CERT_VERIFY_FAILED) { /* Allow this (selfsigned etc) */
294 Log_warn("SSL handshake failed: %d", rc);
302 int SSLi_read(SSL_handle_t *ssl, uint8_t *buf, int len)
306 rc = ssl_read(ssl, buf, len);
307 #ifdef POLARSSL_API_V1
308 if (rc == POLARSSL_ERR_NET_WANT_READ)
310 if (rc == POLARSSL_ERR_NET_TRY_AGAIN)
312 return SSLI_ERROR_WANT_READ;
316 int SSLi_write(SSL_handle_t *ssl, uint8_t *buf, int len)
320 rc = ssl_write(ssl, buf, len);
321 #ifdef POLARSSL_API_V1
322 if (rc == POLARSSL_ERR_NET_WANT_WRITE)
324 if (rc == POLARSSL_ERR_NET_TRY_AGAIN)
326 return SSLI_ERROR_WANT_WRITE;
330 int SSLi_get_error(SSL_handle_t *ssl, int code)
335 bool_t SSLi_data_pending(SSL_handle_t *ssl)
337 return ssl_get_bytes_avail(ssl) > 0;
340 void SSLi_shutdown(SSL_handle_t *ssl)
342 ssl_close_notify(ssl);
345 void SSLi_free(SSL_handle_t *ssl)
347 Log_debug("SSLi_free");
348 free(ssl->session); /* XXX - Hmmm. */
358 #include <openssl/x509v3.h>
359 #include <openssl/ssl.h>
360 #include <openssl/err.h>
361 #include <openssl/safestack.h>
364 static SSL_CTX *context;
365 static EVP_PKEY *pkey;
367 static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx);
369 static int SSL_add_ext(X509 * crt, int nid, char *value) {
372 X509V3_set_ctx_nodb(&ctx);
373 X509V3_set_ctx(&ctx, crt, crt, NULL, NULL, 0);
374 ex = X509V3_EXT_conf_nid(NULL, &ctx, nid, value);
378 X509_add_ext(crt, ex, -1);
379 X509_EXTENSION_free(ex);
383 static X509 *SSL_readcert(char *certfile)
388 /* open the private key file */
389 fp = fopen(certfile, "r");
391 Log_warn("Unable to open the X509 file %s for reading.", certfile);
395 /* allocate memory for the cert structure */
398 if (PEM_read_X509(fp, &x509, NULL, NULL) == 0) {
399 /* error reading the x509 information - check the error stack */
400 Log_warn("Error trying to read X509 info.");
409 static RSA *SSL_readprivatekey(char *keyfile)
414 /* open the private key file for reading */
415 fp = fopen(keyfile, "r");
417 Log_warn("Unable to open the private key file %s for reading.", keyfile);
421 /* allocate memory for the RSA structure */
424 /* assign a callback function for the password */
426 /* read a private key from file */
427 if (PEM_read_RSAPrivateKey(fp, &rsa, NULL, NULL) <= 0) {
428 /* error reading the key - check the error stack */
429 Log_warn("Error trying to read private key.");
438 static void SSL_writecert(char *certfile, X509 *x509)
443 /* prepare a BIO for outputting error messages */
445 err_output = BIO_new_fp(stderr,BIO_NOCLOSE);
447 /* open the private key file */
448 fp = fopen(certfile, "w");
450 BIO_printf(err_output, "Unable to open the X509 file for writing.\n");
451 BIO_free(err_output);
455 if (PEM_write_X509(fp, x509) == 0) {
456 BIO_printf(err_output, "Error trying to write X509 info.\n");
457 ERR_print_errors(err_output);
462 static void SSL_writekey(char *keyfile, RSA *rsa)
466 /* prepare a BIO for outputing error messages */
467 err_output = BIO_new_fp(stderr, BIO_NOCLOSE);
469 /* open the private key file for reading */
470 fp = fopen(keyfile, "w");
472 BIO_printf(err_output, "Unable to open the private key file %s for writing.\n", keyfile);
473 BIO_free(err_output);
477 if (PEM_write_RSAPrivateKey(fp, rsa, NULL, NULL, 0, NULL, NULL) == 0) {
478 /* error reading the key - check the error stack */
479 BIO_printf(err_output, "Error trying to write private key\n");
480 ERR_print_errors(err_output);
485 static void SSL_initializeCert() {
486 char *crt, *key, *pass;
488 crt = (char *)getStrConf(CERTIFICATE);
489 key = (char *)getStrConf(KEY);
490 pass = (char *)getStrConf(PASSPHRASE);
492 x509 = SSL_readcert(crt);
493 rsa = SSL_readprivatekey(key);
495 pkey = EVP_PKEY_new();
496 EVP_PKEY_assign_RSA(pkey, rsa);
502 qscCert = QSslCertificate(key);
503 if (! qscCert.isNull()) {
504 logthis("Using certificate from key.");
508 if (! qscCert.isNull()) {
509 QSsl::KeyAlgorithm alg = qscCert.publicKey().algorithm();
510 /* Fetch algorith from cert */
511 if (! key.isEmpty()) {
513 qskKey = QSslKey(key, alg, QSsl::Pem, QSsl::PrivateKey, pass);
514 if (qskKey.isNull()) {
515 logthis("Failed to parse key.");
519 if (! crt.isEmpty() && qskKey.isNull()) {
520 /* get key from certificate */
521 qskKey = QSslKey(crt, alg, QSsl::Pem, QSsl::PrivateKey, pass);
522 if (! qskKey.isNull()) {
523 logthis("Using key from certificate.");
531 logthis("Generating new server certificate.");
535 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
537 bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
540 pkey = EVP_PKEY_new();
541 rsa = RSA_generate_key(1024,RSA_F4,NULL,NULL);
542 EVP_PKEY_assign_RSA(pkey, rsa);
544 X509_set_version(x509, 2);
545 ASN1_INTEGER_set(X509_get_serialNumber(x509),1);
546 X509_gmtime_adj(X509_get_notBefore(x509),0);
547 X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365);
548 X509_set_pubkey(x509, pkey);
550 X509_NAME *name=X509_get_subject_name(x509);
552 X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (const uint8_t *)"Murmur Autogenerated Certificate v2", -1, -1, 0);
553 X509_set_issuer_name(x509, name);
554 SSL_add_ext(x509, NID_basic_constraints, "critical,CA:FALSE");
555 SSL_add_ext(x509, NID_ext_key_usage, "serverAuth,clientAuth");
556 SSL_add_ext(x509, NID_subject_key_identifier, "hash");
557 SSL_add_ext(x509, NID_netscape_comment, "Generated from umurmur");
559 X509_sign(x509, pkey, EVP_md5());
561 SSL_writecert(crt, x509);
562 SSL_writekey(key, rsa);
569 const SSL_METHOD *method;
571 int i, offset = 0, cipherstringlen = 0;
572 STACK_OF(SSL_CIPHER) *cipherlist = NULL, *cipherlist_new = NULL;
574 char *cipherstring, tempstring[128];
577 OpenSSL_add_all_algorithms(); /* load & register all cryptos, etc. */
578 SSL_load_error_strings(); /* load all error messages */
579 ERR_load_crypto_strings(); /* load all error messages */
580 method = SSLv23_server_method(); /* create new server-method instance */
581 context = SSL_CTX_new(method); /* create new context from method */
584 ERR_print_errors_fp(stderr);
587 SSL_initializeCert();
588 if (SSL_CTX_use_certificate(context, x509) <= 0)
589 Log_fatal("Failed to initialize cert");
590 if (SSL_CTX_use_PrivateKey(context, pkey) <= 0) {
591 ERR_print_errors_fp(stderr);
592 Log_fatal("Failed to initialize private key");
595 /* Set cipher list */
596 ssl = SSL_new(context);
597 cipherlist = (STACK_OF(SSL_CIPHER) *) SSL_get_ciphers(ssl);
598 cipherlist_new = (STACK_OF(SSL_CIPHER) *) sk_SSL_CIPHER_new_null();
600 for ( i = 0; (cipher = sk_SSL_CIPHER_value(cipherlist, i)) != NULL; i++) {
601 if (SSL_CIPHER_get_bits(cipher, NULL) >= 128) {
602 sk_SSL_CIPHER_push(cipherlist_new, cipher);
605 Log_debug("List of ciphers:");
606 if (cipherlist_new) {
607 for (i = 0; (cipher = sk_SSL_CIPHER_value(cipherlist_new, i)) != NULL; i++) {
608 Log_debug("%s", SSL_CIPHER_get_name(cipher));
609 cipherstringlen += strlen(SSL_CIPHER_get_name(cipher)) + 1;
611 cipherstring = malloc(cipherstringlen + 1);
612 if (cipherstring == NULL)
613 Log_fatal("Out of memory");
614 for (i = 0; (cipher = sk_SSL_CIPHER_value(cipherlist_new, i)) != NULL; i++) {
615 offset += sprintf(cipherstring + offset, "%s:", SSL_CIPHER_get_name(cipher));
620 sk_SSL_CIPHER_free(cipherlist_new);
622 if (strlen(cipherstring) == 0)
623 Log_fatal("No suitable ciphers found!");
625 if (SSL_CTX_set_cipher_list(context, cipherstring) == 0)
626 Log_fatal("Failed to set cipher list!");
630 SSL_CTX_set_verify(context, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,
634 Log_info("OpenSSL library initialized");
638 void SSLi_deinit(void)
640 SSL_CTX_free(context);
644 int SSLi_nonblockaccept(SSL_handle_t *ssl, bool_t *SSLready)
647 rc = SSL_accept(ssl);
649 if (SSL_get_error(ssl, rc) == SSL_ERROR_WANT_READ ||
650 SSL_get_error(ssl, rc) == SSL_ERROR_WANT_WRITE) {
651 Log_debug("SSL not ready");
654 Log_warn("SSL error: %s", ERR_error_string(SSL_get_error(ssl, rc), NULL));
662 SSL_handle_t *SSLi_newconnection(int *fd, bool_t *SSLready)
667 ssl = SSL_new(context);
668 SSL_set_fd(ssl, *fd);
669 if (SSLi_nonblockaccept(ssl, SSLready) < 0) {
676 /* Create SHA1 of last certificate in the peer's chain. */
677 bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash)
683 x509 = SSL_get_peer_certificate(ssl);
688 len = i2d_X509(x509, NULL);
697 SHA1(buf, len, hash);
702 void SSLi_closeconnection(SSL_handle_t *ssl)
707 void SSLi_shutdown(SSL_handle_t *ssl)
712 int SSLi_read(SSL_handle_t *ssl, uint8_t *buf, int len)
714 return SSL_read(ssl, buf, len);
717 int SSLi_write(SSL_handle_t *ssl, uint8_t *buf, int len)
719 return SSL_write(ssl, buf, len);
722 int SSLi_get_error(SSL_handle_t *ssl, int code)
724 return SSL_get_error(ssl, code);
727 bool_t SSLi_data_pending(SSL_handle_t *ssl)
729 return SSL_pending(ssl);
732 void SSLi_free(SSL_handle_t *ssl)
737 static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
744 err_cert = X509_STORE_CTX_get_current_cert(ctx);
745 err = X509_STORE_CTX_get_error(ctx);
746 depth = X509_STORE_CTX_get_error_depth(ctx);
748 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
749 X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
753 err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
754 X509_STORE_CTX_set_error(ctx, err);
757 Log_warn("SSL: verify error:num=%d:%s:depth=%d:%s\n", err,
758 X509_verify_cert_error_string(err), depth, buf);
761 * At this point, err contains the last verification error. We can use
762 * it for something special
764 if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
765 X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
766 Log_warn("issuer= %s", buf);