diff options
author | Todd Short <tshort@akamai.com> | 2021-01-27 14:23:33 -0500 |
---|---|---|
committer | Todd Short <todd.short@me.com> | 2023-03-28 13:49:54 -0400 |
commit | 3c95ef22df55cb2d9dc64ce1f3be6e5a8ee63206 (patch) | |
tree | 0f7fcff4ec4735c778595db4f4a85bce70715d8b /ssl/t1_lib.c | |
parent | 5ab3f71a33cb0140fc29ae9244cd4f8331c2f3a5 (diff) |
RFC7250 (RPK) support
Add support for the RFC7250 certificate-type extensions.
Alows the use of only private keys for connection (i.e. certs not needed).
Add APIs
Add unit tests
Add documentation
Add s_client/s_server support
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18185)
Diffstat (limited to 'ssl/t1_lib.c')
-rw-r--r-- | ssl/t1_lib.c | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index e528467dd9..189f241f7a 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -2192,6 +2192,7 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL_CONNECTION *s, SSL_HMAC *hctx = NULL; EVP_CIPHER_CTX *ctx = NULL; SSL_CTX *tctx = s->session_ctx; + SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s); if (eticklen == 0) { /* @@ -2263,7 +2264,6 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL_CONNECTION *s, renew_ticket = 1; } else { EVP_CIPHER *aes256cbc = NULL; - SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s); /* Check key name matches */ if (memcmp(etick, tctx->ext.tick_key_name, @@ -2341,7 +2341,7 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL_CONNECTION *s, slen += declen; p = sdec; - sess = d2i_SSL_SESSION(NULL, &p, slen); + sess = d2i_SSL_SESSION_ex(NULL, &p, slen, sctx->libctx, sctx->propq); slen -= p - sdec; OPENSSL_free(sdec); if (sess) { @@ -3048,9 +3048,15 @@ int tls1_check_chain(SSL_CONNECTION *s, X509 *x, EVP_PKEY *pk, uint32_t *pvalid; unsigned int suiteb_flags = tls1_suiteb(s); - /* idx == -1 means checking server chains */ + /* + * Meaning of idx: + * idx == -1 means SSL_check_chain() invocation + * idx == -2 means checking client certificate chains + * idx >= 0 means checking SSL_PKEY index + * + * For RPK, where there may be no cert, we ignore -1 + */ if (idx != -1) { - /* idx == -2 means checking client certificate chains */ if (idx == -2) { cpk = c->key; idx = (int)(cpk - c->pkeys); @@ -3061,13 +3067,19 @@ int tls1_check_chain(SSL_CONNECTION *s, X509 *x, EVP_PKEY *pk, pk = cpk->privatekey; chain = cpk->chain; strict_mode = c->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT; + if (tls12_rpk_and_privkey(s, idx)) { + if (EVP_PKEY_is_a(pk, "EC") && !tls1_check_pkey_comp(s, pk)) + return 0; + *pvalid = rv = CERT_PKEY_RPK; + return rv; + } /* If no cert or key, forget it */ - if (!x || !pk) + if (x == NULL || pk == NULL) goto end; } else { size_t certidx; - if (!x || !pk) + if (x == NULL || pk == NULL) return 0; if (ssl_cert_lookup_by_pkey(pk, &certidx, @@ -3487,6 +3499,10 @@ static int tls12_get_cert_sigalg_idx(const SSL_CONNECTION *s, && (s->s3.tmp.new_cipher->algorithm_mkey & SSL_kRSA) != 0)) return -1; + /* If doing RPK, the CERT_PKEY won't be "valid" */ + if (tls12_rpk_and_privkey(s, sig_idx)) + return s->s3.tmp.valid_flags[sig_idx] & CERT_PKEY_RPK ? sig_idx : -1; + return s->s3.tmp.valid_flags[sig_idx] & CERT_PKEY_VALID ? sig_idx : -1; } |