31 #elif defined(_MSC_VER) 37 #if defined(ENABLE_CRYPTO_OPENSSL) 49 #ifdef ENABLE_CRYPTOAPI 55 #include <openssl/bn.h> 56 #include <openssl/crypto.h> 57 #include <openssl/dh.h> 58 #include <openssl/dsa.h> 59 #include <openssl/err.h> 60 #include <openssl/pkcs12.h> 61 #include <openssl/rsa.h> 62 #include <openssl/x509.h> 63 #include <openssl/ssl.h> 65 #include <openssl/ec.h> 79 #if OPENSSL_VERSION_NUMBER < 0x10100000L 82 SSL_load_error_strings();
84 OpenSSL_add_all_algorithms();
86 mydata_index = SSL_get_ex_new_index(0,
"struct session *", NULL, NULL, NULL);
93 #if OPENSSL_VERSION_NUMBER < 0x10100000L 112 ctx->
ctx = SSL_CTX_new(SSLv23_server_method());
114 if (ctx->
ctx == NULL)
118 if (ERR_peek_error() != 0)
130 ctx->
ctx = SSL_CTX_new(SSLv23_client_method());
132 if (ctx->
ctx == NULL)
136 if (ERR_peek_error() != 0)
147 SSL_CTX_free(ctx->
ctx);
155 return NULL != ctx->
ctx;
160 const char* label,
size_t label_size,
161 void *ekm,
size_t ekm_size)
166 if (SSL_export_keying_material(ssl, ekm, ekm_size, label,
167 label_size, NULL, 0, 0) == 1)
182 #ifndef INFO_CALLBACK_SSL_CONST 183 #define INFO_CALLBACK_SSL_CONST const 188 if (where & SSL_CB_LOOP)
191 where & SSL_ST_CONNECT ?
"connect" :
192 where &SSL_ST_ACCEPT ?
"accept" :
193 "undefined", SSL_state_string_long(s));
195 else if (where & SSL_CB_ALERT)
198 where & SSL_CB_READ ?
"read" :
"write",
199 SSL_alert_type_string_long(ret),
200 SSL_alert_desc_string_long(ret));
212 #if defined(TLS1_3_VERSION) 215 #elif OPENSSL_VERSION_NUMBER >= 0x10100000L 227 if (OpenSSL_version_num() >= 0x1010100fL)
235 #elif defined(TLS1_2_VERSION) || defined(SSL_OP_NO_TLSv1_2) 237 #elif defined(TLS1_1_VERSION) || defined(SSL_OP_NO_TLSv1_1) 254 return TLS1_1_VERSION;
258 return TLS1_2_VERSION;
268 #ifndef TLS1_3_VERSION 276 return TLS1_3_VERSION;
294 tls_ver_min = cur_min < TLS1_VERSION ? TLS1_VERSION : cur_min;
318 long sslopt = SSL_OP_SINGLE_DH_USE | SSL_OP_NO_TICKET;
319 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE 320 sslopt |= SSL_OP_CIPHER_SERVER_PREFERENCE;
322 sslopt |= SSL_OP_NO_COMPRESSION;
326 #ifdef SSL_OP_NO_RENEGOTIATION 327 sslopt |= SSL_OP_NO_RENEGOTIATION;
330 SSL_CTX_set_options(ctx->
ctx, sslopt);
337 #ifdef SSL_MODE_RELEASE_BUFFERS 338 SSL_CTX_set_mode(ctx->
ctx, SSL_MODE_RELEASE_BUFFERS);
340 SSL_CTX_set_session_cache_mode(ctx->
ctx, SSL_SESS_CACHE_OFF);
344 int verify_flags = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
351 verify_flags = SSL_VERIFY_PEER;
364 size_t begin_of_cipher, end_of_cipher;
366 const char *current_cipher;
367 size_t current_cipher_len;
371 size_t openssl_ciphers_len = 0;
372 openssl_ciphers[0] =
'\0';
375 begin_of_cipher = end_of_cipher = 0;
376 for (; begin_of_cipher < strlen(ciphers); begin_of_cipher = end_of_cipher)
378 end_of_cipher += strcspn(&ciphers[begin_of_cipher],
":");
381 if (NULL == cipher_pair)
384 current_cipher = &ciphers[begin_of_cipher];
385 current_cipher_len = end_of_cipher - begin_of_cipher;
390 msg(
D_LOW,
"No valid translation found for TLS cipher '%.*s'",
397 current_cipher_len = strlen(current_cipher);
399 if (end_of_cipher - begin_of_cipher == current_cipher_len
400 && 0 != memcmp(&ciphers[begin_of_cipher], cipher_pair->
iana_name,
401 end_of_cipher - begin_of_cipher))
409 if ((SIZE_MAX - openssl_ciphers_len) < current_cipher_len
410 || (len - 1) < (openssl_ciphers_len + current_cipher_len))
413 "Failed to set restricted TLS cipher list, too long (>%d).",
418 memcpy(&openssl_ciphers[openssl_ciphers_len], current_cipher, current_cipher_len);
419 openssl_ciphers_len += current_cipher_len;
420 openssl_ciphers[openssl_ciphers_len] =
':';
421 openssl_ciphers_len++;
426 if (openssl_ciphers_len > 0)
428 openssl_ciphers[openssl_ciphers_len-1] =
'\0';
438 if (!SSL_CTX_set_cipher_list(ctx->
ctx,
455 char openssl_ciphers[4096];
461 if (!SSL_CTX_set_cipher_list(ctx->
ctx, openssl_ciphers))
463 crypto_msg(
M_FATAL,
"Failed to set restricted TLS cipher list: %s", openssl_ciphers);
476 if (strlen(ciphers) >= (len - 1))
479 "Failed to set restricted TLS 1.3 cipher list, too long (>%d).",
483 strncpy(openssl_ciphers, ciphers, len);
485 for (
size_t i = 0; i < strlen(openssl_ciphers); i++)
487 if (openssl_ciphers[i] ==
'-')
489 openssl_ciphers[i] =
'_';
504 #if !defined(TLS1_3_VERSION) 506 "Ignoring TLS 1.3 only tls-ciphersuites '%s' setting.",
511 char openssl_ciphers[4096];
515 if (!SSL_CTX_set_ciphersuites(ctx->
ctx, openssl_ciphers))
526 #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL 531 if (!profile || 0 == strcmp(profile,
"legacy"))
533 SSL_CTX_set_security_level(ctx->
ctx, 1);
535 else if (0 == strcmp(profile,
"preferred"))
537 SSL_CTX_set_security_level(ctx->
ctx, 2);
539 else if (0 == strcmp(profile,
"suiteb"))
541 SSL_CTX_set_security_level(ctx->
ctx, 3);
542 SSL_CTX_set_cipher_list(ctx->
ctx,
"SUITEB128");
546 msg(
M_FATAL,
"ERROR: Invalid cert profile: %s", profile);
551 msg(
M_WARN,
"WARNING: OpenSSL 1.0.2 does not support --tls-cert-profile" 552 ", ignoring user-set profile: '%s'", profile);
581 while ((token =
strsep(&tmp_groups,
":")))
583 if (
streq(token,
"secp256r1"))
585 token =
"prime256v1";
587 int nid = OBJ_sn2nid(token);
591 msg(
M_WARN,
"Warning unknown curve/group specified: %s", token);
595 glist[glistlen] = nid;
616 cert = SSL_CTX_get0_certificate(ctx->
ctx);
630 msg(
M_WARN,
"WARNING: Your certificate is not yet valid!");
640 msg(
M_WARN,
"WARNING: Your certificate has expired!");
655 if (!(bio = BIO_new_mem_buf((
char *)dh_file, -1)))
663 if (!(bio = BIO_new_file(dh_file,
"r")))
669 dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
677 if (!SSL_CTX_set_tmp_dh(ctx->
ctx, dh))
692 #ifndef OPENSSL_NO_EC 695 const char *sname = NULL;
698 SSL_CTX_set_options(ctx->
ctx, SSL_OP_SINGLE_ECDH_USE);
700 if (curve_name != NULL)
703 msg(
D_TLS_DEBUG,
"Using user specified ECDH curve (%s)", curve_name);
704 nid = OBJ_sn2nid(curve_name);
708 #if OPENSSL_VERSION_NUMBER < 0x10100000L 712 SSL_CTX_set_ecdh_auto(ctx->
ctx, 1);
721 sname = OBJ_nid2sn(nid);
728 if (NID_undef == nid || NULL == (ecdh = EC_KEY_new_by_curve_name(nid)))
731 ecdh = EC_KEY_new_by_curve_name(NID_secp384r1);
732 const char *source = (NULL == curve_name) ?
733 "extract curve from certificate" :
"use supplied curve";
735 "Failed to %s (%s), using secp384r1 instead.", source, sname);
736 sname = OBJ_nid2sn(NID_secp384r1);
739 if (!SSL_CTX_set_tmp_ecdh(ctx->
ctx, ecdh))
748 msg(
D_LOW,
"Your OpenSSL library was built without elliptic curve support." 749 " Skipping ECDH parameter loading.");
755 bool pkcs12_file_inline,
bool load_ca_file)
767 if (pkcs12_file_inline)
769 BIO *b64 = BIO_new(BIO_f_base64());
770 BIO *bio = BIO_new_mem_buf((
void *) pkcs12_file,
771 (
int) strlen(pkcs12_file));
774 p12 = d2i_PKCS12_bio(b64, NULL);
789 p12 = d2i_PKCS12_fp(fp, NULL);
798 if (!PKCS12_parse(p12,
"", &pkey, &cert, &ca))
803 if (!PKCS12_parse(p12, password, &pkey, &cert, &ca))
805 #ifdef ENABLE_MANAGEMENT 806 if (
management && (ERR_GET_REASON(ERR_peek_error()) == PKCS12_R_MAC_VERIFY_FAILURE))
818 if (!SSL_CTX_use_certificate(ctx->
ctx, cert))
824 if (!SSL_CTX_use_PrivateKey(ctx->
ctx, pkey))
830 if (!SSL_CTX_check_private_key(ctx->
ctx))
842 if (ca && sk_X509_num(ca))
844 for (i = 0; i < sk_X509_num(ca); i++)
846 X509_STORE *cert_store = SSL_CTX_get_cert_store(ctx->
ctx);
847 if (!X509_STORE_add_cert(cert_store,sk_X509_value(ca, i)))
849 crypto_msg(
M_FATAL,
"Cannot add certificate to certificate chain (X509_STORE_add_cert)");
851 if (!SSL_CTX_add_client_CA(ctx->
ctx, sk_X509_value(ca, i)))
853 crypto_msg(
M_FATAL,
"Cannot add certificate to client CA list (SSL_CTX_add_client_CA)");
865 if (ca && sk_X509_num(ca))
867 for (i = 0; i < sk_X509_num(ca); i++)
869 if (!SSL_CTX_add_extra_chain_cert(ctx->
ctx,sk_X509_value(ca, i)))
871 crypto_msg(
M_FATAL,
"Cannot add extra certificate to chain (SSL_CTX_add_extra_chain_cert)");
879 #ifdef ENABLE_CRYPTOAPI 888 crypto_msg(
M_FATAL,
"Cannot load certificate \"%s\" from Microsoft Certificate Store", cryptoapi_cert);
900 if (!PEM_read_bio_X509(bio, &cert, NULL, NULL))
907 && ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE)
910 (void)ERR_get_error();
918 if (SSL_CTX_add_extra_chain_cert(ctx->
ctx, cert) != 1)
929 bool cert_file_inline)
937 if (cert_file_inline)
939 in = BIO_new_mem_buf((
char *) cert_file, -1);
943 in = BIO_new_file(cert_file,
"r");
948 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
952 x = PEM_read_bio_X509(in, NULL,
957 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_PEM_LIB);
961 ret = SSL_CTX_use_certificate(ctx->
ctx, x);
970 if (cert_file_inline)
990 bool priv_key_file_inline)
992 SSL_CTX *ssl_ctx = NULL;
994 EVP_PKEY *pkey = NULL;
1001 if (priv_key_file_inline)
1003 in = BIO_new_mem_buf((
char *) priv_key_file, -1);
1007 in = BIO_new_file(priv_key_file,
"r");
1015 pkey = PEM_read_bio_PrivateKey(in, NULL,
1023 if (!pkey || !SSL_CTX_use_PrivateKey(ssl_ctx, pkey))
1025 #ifdef ENABLE_MANAGEMENT 1026 if (
management && (ERR_GET_REASON(ERR_peek_error()) == EVP_R_BAD_DECRYPT))
1037 if (!SSL_CTX_check_private_key(ssl_ctx))
1044 EVP_PKEY_free(pkey);
1055 X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx->
ctx);
1064 STACK_OF(X509_OBJECT) *objs = X509_STORE_get0_objects(store);
1065 for (
int i = 0; i < sk_X509_OBJECT_num(objs); i++)
1067 X509_OBJECT *obj = sk_X509_OBJECT_value(objs, i);
1071 sk_X509_OBJECT_delete(objs, i);
1076 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
1080 in = BIO_new_mem_buf((
char *) crl_file, -1);
1084 in = BIO_new_file(crl_file,
"r");
1094 int num_crls_loaded = 0;
1097 X509_CRL *crl = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
1103 bool eof = ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE;
1105 if (num_crls_loaded > 0 && eof)
1108 (void)ERR_get_error();
1117 if (!X509_STORE_add_crl(store, crl))
1127 msg(
M_INFO,
"CRL: loaded %d CRLs from file %s", num_crls_loaded, crl_file);
1133 #ifdef ENABLE_MANAGEMENT 1137 rsa_pub_enc(
int flen,
const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding)
1145 rsa_pub_dec(
int flen,
const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding)
1153 rsa_priv_dec(
int flen,
const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding)
1166 const RSA_METHOD *meth = RSA_get_method(rsa);
1180 case RSA_PKCS1_PADDING:
1181 return "RSA_PKCS1_PADDING";
1183 case RSA_NO_PADDING:
1184 return "RSA_NO_PADDING";
1204 unsigned char *sig,
unsigned int siglen,
1205 const char *algorithm)
1207 char *in_b64 = NULL;
1208 char *out_b64 = NULL;
1230 rsa_priv_enc(
int flen,
const unsigned char *from,
unsigned char *to, RSA *rsa,
1233 unsigned int len = RSA_size(rsa);
1236 if (padding != RSA_PKCS1_PADDING && padding != RSA_NO_PADDING)
1244 return (ret == len) ? ret : -1;
1251 RSA_METHOD *rsa_meth;
1259 rsa_meth =
RSA_meth_new(
"OpenVPN external private key RSA Method",
1260 RSA_METHOD_FLAG_NO_CHECK);
1274 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
1279 const BIGNUM *n = NULL;
1280 const BIGNUM *e = NULL;
1284 if (!RSA_set_method(rsa, rsa_meth))
1292 if (!SSL_CTX_use_RSAPrivateKey(ctx->
ctx, rsa))
1312 #if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC) 1316 openvpn_extkey_ec_finish(EC_KEY *ec)
1319 const EC_KEY_METHOD *ec_meth = EC_KEY_get_method(ec);
1320 EC_KEY_METHOD_free((EC_KEY_METHOD *) ec_meth);
1328 ecdsa_sign(
int type,
const unsigned char *dgst,
int dgstlen,
unsigned char *sig,
1329 unsigned int *siglen,
const BIGNUM *kinv,
const BIGNUM *r, EC_KEY *ec)
1331 int capacity = ECDSA_size(ec);
1349 ecdsa_sign_setup(EC_KEY *ec, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
1359 ecdsa_sign_sig(
const unsigned char *dgst,
int dgstlen,
const BIGNUM *in_kinv,
1360 const BIGNUM *in_r, EC_KEY *ec)
1362 ECDSA_SIG *ecsig = NULL;
1363 unsigned int len = ECDSA_size(ec);
1366 unsigned char *buf =
gc_malloc(len,
false, &gc);
1367 if (ecdsa_sign(0, dgst, dgstlen, buf, &len, NULL, NULL, ec) != 1)
1372 ecsig = d2i_ECDSA_SIG(NULL, (
const unsigned char **)&buf, len);
1380 tls_ctx_use_external_ec_key(
struct tls_root_ctx *ctx, EVP_PKEY *pkey)
1383 EVP_PKEY *privkey = NULL;
1384 EC_KEY_METHOD *ec_method;
1388 ec_method = EC_KEY_METHOD_new(EC_KEY_OpenSSL());
1395 EC_KEY_METHOD_set_init(ec_method, NULL, openvpn_extkey_ec_finish, NULL, NULL, NULL, NULL);
1396 EC_KEY_METHOD_set_sign(ec_method, ecdsa_sign, ecdsa_sign_setup, ecdsa_sign_sig);
1401 EC_KEY_METHOD_free(ec_method);
1404 if (!EC_KEY_set_method(ec, ec_method))
1406 EC_KEY_METHOD_free(ec_method);
1411 privkey = EVP_PKEY_new();
1412 if (!EVP_PKEY_assign_EC_KEY(privkey, ec))
1418 if (!SSL_CTX_use_PrivateKey(ctx->
ctx, privkey))
1424 EVP_PKEY_free(privkey);
1429 EVP_PKEY_free(privkey);
1442 X509 *cert = SSL_CTX_get0_certificate(ctx->
ctx);
1450 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA)
1457 #if (OPENSSL_VERSION_NUMBER > 0x10100000L) && !defined(OPENSSL_NO_EC) 1458 else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC)
1460 if (!tls_ctx_use_external_ec_key(ctx, pkey))
1467 crypto_msg(
M_WARN,
"management-external-key requires an RSA or EC certificate");
1492 return X509_NAME_cmp(*a, *b);
1497 bool ca_file_inline,
const char *ca_path,
bool tls_server)
1499 STACK_OF(X509_INFO) *info_stack = NULL;
1500 STACK_OF(X509_NAME) *cert_names = NULL;
1501 X509_LOOKUP *lookup = NULL;
1502 X509_STORE *store = NULL;
1503 X509_NAME *xn = NULL;
1505 int i, added = 0, prev = 0;
1509 store = SSL_CTX_get_cert_store(ctx->
ctx);
1520 in = BIO_new_mem_buf((
char *)ca_file, -1);
1524 in = BIO_new_file(ca_file,
"r");
1529 info_stack = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
1534 for (i = 0; i < sk_X509_INFO_num(info_stack); i++)
1536 X509_INFO *info = sk_X509_INFO_value(info_stack, i);
1539 X509_STORE_add_crl(store, info->crl);
1542 if (tls_server && !info->x509)
1549 X509_STORE_add_cert(store, info->x509);
1558 if (cert_names == NULL)
1567 xn = X509_get_subject_name(info->x509);
1574 if (sk_X509_NAME_find(cert_names, xn) == -1)
1576 xn = X509_NAME_dup(xn);
1581 sk_X509_NAME_push(cert_names, xn);
1587 int cnum = sk_X509_NAME_num(cert_names);
1588 if (cnum != (prev + 1))
1591 "Cannot load CA certificate file %s (entry %d did not validate)",
1598 sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
1603 SSL_CTX_set_client_CA_list(ctx->
ctx, cert_names);
1609 "Cannot load CA certificate file %s (no entries were read)",
1615 int cnum = sk_X509_NAME_num(cert_names);
1619 "of %d entries were valid X509 names)",
1631 lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
1632 if (lookup && X509_LOOKUP_add_dir(lookup, ca_path, X509_FILETYPE_PEM))
1634 msg(
M_WARN,
"WARNING: experimental option --capath %s", ca_path);
1640 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
1646 bool extra_certs_file_inline)
1649 if (extra_certs_file_inline)
1651 in = BIO_new_mem_buf((
char *)extra_certs_file, -1);
1655 in = BIO_new_file(extra_certs_file,
"r");
1662 extra_certs_file_inline));
1686 #warning BIO_DEBUG defined 1689 static bool biofp_toggle;
1690 static time_t biofp_last_open;
1691 static const int biofp_reopen_interval = 600;
1706 const time_t current = time(NULL);
1707 const pid_t pid = getpid();
1709 if (biofp_last_open + biofp_reopen_interval < current)
1717 biofp = fopen(fn,
"w");
1719 biofp_last_open = time(NULL);
1725 bio_debug_data(
const char *mode, BIO *bio,
const uint8_t *buf,
int len,
const char *desc)
1731 fprintf(biofp,
"BIO_%s %s time=%" PRIi64
" bio=" ptr_format " len=%d data=%s\n",
1739 bio_debug_oc(
const char *mode, BIO *bio)
1742 fprintf(biofp,
"BIO %s time=%" PRIi64
" bio=" ptr_format "\n",
1743 mode, (int64_t)time(NULL), (
ptr_type)bio);
1753 bio_write(BIO *bio,
const uint8_t *data,
int size,
const char *desc)
1767 bio_debug_data(
"write", bio, data, size, desc);
1769 i = BIO_write(bio, data, size);
1773 if (BIO_should_retry(bio))
1838 i = BIO_read(bio,
BPTR(buf), len);
1843 bio_debug_data(
"read", bio,
BPTR(buf), i, desc);
1847 if (BIO_should_retry(bio))
1880 ks_ssl->
ssl = SSL_new(ssl_ctx->
ctx);
1895 bio_debug_oc(
"open ssl_bio", ks_ssl->
ssl_bio);
1896 bio_debug_oc(
"open ct_in", ks_ssl->
ct_in);
1897 bio_debug_oc(
"open ct_out", ks_ssl->
ct_out);
1902 SSL_set_accept_state(ks_ssl->
ssl);
1906 SSL_set_connect_state(ks_ssl->
ssl);
1910 BIO_set_ssl(ks_ssl->
ssl_bio, ks_ssl->
ssl, BIO_NOCLOSE);
1919 bio_debug_oc(
"close ssl_bio", ks_ssl->
ssl_bio);
1920 bio_debug_oc(
"close ct_in", ks_ssl->
ct_in);
1921 bio_debug_oc(
"close ct_out", ks_ssl->
ct_out);
1923 BIO_free_all(ks_ssl->
ssl_bio);
1924 SSL_free(ks_ssl->
ssl);
1934 #ifdef ENABLE_CRYPTO_OPENSSL 1938 "tls_write_plaintext");
1969 ret =
bio_read(ks_ssl->
ct_out, buf, maxlen,
"tls_read_ciphertext");
2014 const char *curve =
"";
2015 const char *type =
"(error getting type)";
2016 EVP_PKEY *pkey = X509_get_pubkey(cert);
2024 int typeid = EVP_PKEY_id(pkey);
2026 #ifndef OPENSSL_NO_EC 2030 const EC_GROUP *group = EC_KEY_get0_group(ec);
2032 int nid = EC_GROUP_get_curve_name(group);
2033 if (nid == 0 || (curve = OBJ_nid2sn(nid)) == NULL)
2035 curve =
"(error getting curve name)";
2039 if (EVP_PKEY_id(pkey) != 0)
2041 int typeid = EVP_PKEY_id(pkey);
2042 type = OBJ_nid2sn(
typeid);
2046 if (
typeid == EVP_PKEY_RSA)
2050 else if (
typeid == EVP_PKEY_DSA)
2054 else if (
typeid == EVP_PKEY_EC)
2057 type =
"EC, curve ";
2059 else if (type == NULL)
2061 type =
"unknown type";
2065 char sig[128] = { 0 };
2066 int signature_nid = X509_get_signature_nid(cert);
2067 if (signature_nid != 0)
2070 OBJ_nid2sn(signature_nid));
2074 EVP_PKEY_bits(pkey), type, curve, sig);
2076 EVP_PKEY_free(pkey);
2089 const SSL_CIPHER *ciph;
2094 ciph = SSL_get_current_cipher(ks_ssl->
ssl);
2097 SSL_get_version(ks_ssl->
ssl),
2098 SSL_CIPHER_get_version(ciph),
2099 SSL_CIPHER_get_name(ciph));
2100 X509 *cert = SSL_get_peer_certificate(ks_ssl->
ssl);
2112 const char *tls_cert_profile,
2117 tls_ctx.
ctx = SSL_CTX_new(SSLv23_method());
2123 #if defined(TLS1_3_VERSION) 2139 SSL *ssl = SSL_new(tls_ctx.
ctx);
2145 #if OPENSSL_VERSION_NUMBER < 0x1010000fL 2146 STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
2148 STACK_OF(SSL_CIPHER) *sk = SSL_get1_supported_ciphers(ssl);
2150 for (
int i = 0; i < sk_SSL_CIPHER_num(sk); i++)
2152 const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i);
2154 const char *cipher_name = SSL_CIPHER_get_name(c);
2161 printf(
"%s\n", cipher_name);
2163 else if (NULL == pair)
2166 printf(
"%s (No IANA name known to OpenVPN, use OpenSSL name.)\n",
2174 #if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) 2175 sk_SSL_CIPHER_free(sk);
2178 SSL_CTX_free(tls_ctx.
ctx);
2188 printf(
"Consider using openssl 'ecparam -list_curves' as\n" 2189 "alternative to running this command.\n");
2190 #ifndef OPENSSL_NO_EC 2191 EC_builtin_curve *curves = NULL;
2195 crv_len = EC_get_builtin_curves(NULL, 0);
2197 if (EC_get_builtin_curves(curves, crv_len))
2199 printf(
"\nAvailable Elliptic curves/groups:\n");
2200 for (n = 0; n < crv_len; n++)
2203 sname = OBJ_nid2sn(curves[n].nid);
2209 printf(
"%s\n", sname);
2218 msg(
M_WARN,
"Your OpenSSL library was built without elliptic curve support. " 2219 "No curves available.");
2228 const char *cipher_name;
2230 ctx = SSL_CTX_new(SSLv23_method());
2241 cipher_name = SSL_get_cipher_list(ssl, 0);
void tls_ctx_restrict_ciphers_tls13(struct tls_root_ctx *ctx, const char *ciphers)
Restrict the list of ciphers that can be used within the TLS context for TLS 1.3 and higher...
#define INFO_CALLBACK_SSL_CONST
void print_details(struct key_state_ssl *ks_ssl, const char *prefix)
static int rsa_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
EVP_PKEY * engine_load_key(const char *file, SSL_CTX *ctx)
Load a key file from an engine.
struct key_state_ssl ks_ssl
static void strncpynt(char *dest, const char *src, size_t maxlen)
struct key_state key[KS_SIZE]
bool tls_ctx_set_options(struct tls_root_ctx *ctx, unsigned int ssl_flags)
Set any library specific options.
static void * SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
Fetch the default password callback user data from the SSL context.
void tls_ctx_load_cryptoapi(struct tls_root_ctx *ctx, const char *cryptoapi_cert)
char * string_alloc(const char *str, struct gc_arena *gc)
void tls_ctx_set_cert_profile(struct tls_root_ctx *ctx, const char *profile)
Set the TLS certificate profile.
void tls_ctx_load_ca(struct tls_root_ctx *ctx, const char *ca_file, bool ca_file_inline, const char *ca_path, bool tls_server)
Load certificate authority certificates from the given file or path.
static void secure_memzero(void *data, size_t len)
Securely zeroise memory.
int key_state_write_plaintext_const(struct key_state_ssl *ks_ssl, const uint8_t *data, int len)
Insert plaintext data into the TLS module.
static pem_password_cb * SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
Fetch the default password callback from the SSL context.
static void gc_free(struct gc_arena *a)
void crypto_print_openssl_errors(const unsigned int flags)
Retrieve any occurred OpenSSL errors and print those errors.
#define PERF_BIO_WRITE_CIPHERTEXT
void management_auth_failure(struct management *man, const char *type, const char *reason)
static int rsa_pub_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
void tls_ctx_load_cert_file(struct tls_root_ctx *ctx, const char *cert_file, bool cert_file_inline)
Use Windows cryptoapi for key and cert, and add to library-specific TLS context.
int pem_password_callback(char *buf, int size, int rwflag, void *u)
Callback to retrieve the user's password.
static int RSA_meth_set_priv_dec(RSA_METHOD *meth, int(*priv_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the private decoding function of an RSA_METHOD object.
void tls_ctx_load_extra_certs(struct tls_root_ctx *ctx, const char *extra_certs_file, bool extra_certs_file_inline)
Load extra certificate authority certificates from the given file or path.
static int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min)
Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1.
static int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data)
Set the application data of an RSA_METHOD object.
bool tls_ctx_initialised(struct tls_root_ctx *ctx)
Checks whether the given TLS context is initialised.
static void perf_pop(void)
#define crypto_msg(flags,...)
Retrieve any OpenSSL errors, then print the supplied error message.
static void perf_push(int type)
static char * format_hex(const uint8_t *data, int size, int maxoutput, struct gc_arena *gc)
static void print_cert_details(X509 *cert, char *buf, size_t buflen)
Print human readable information about the certifcate into buf.
#define PERF_BIO_READ_PLAINTEXT
static int RSA_meth_set_priv_enc(RSA_METHOD *meth, int(*priv_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the private encoding function of an RSA_METHOD object.
static int RSA_meth_set_pub_dec(RSA_METHOD *meth, int(*pub_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the public decoding function of an RSA_METHOD object.
int key_state_write_plaintext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Insert a plaintext buffer into the TLS module.
static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
Get the EC_KEY object of a public key.
#define ALLOC_ARRAY(dptr, type, n)
static void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
Get the RSA parameters.
static int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max)
Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1.
#define SSLF_CLIENT_CERT_NOT_REQUIRED
int SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop)
void tls_ctx_free(struct tls_root_ctx *ctx)
Frees the library-specific TLSv1 context.
void tls_clear_error(void)
Clear the underlying SSL library's error state.
const char * get_rsa_padding_name(const int padding)
static void RSA_meth_free(RSA_METHOD *meth)
Free an existing RSA_METHOD object.
static void X509_OBJECT_free(X509_OBJECT *obj)
Destroy a X509 object.
void tls_ctx_load_dh_params(struct tls_root_ctx *ctx, const char *dh_file, bool dh_file_inline)
Load Diffie Hellman Parameters, and load them into the library-specific TLS context.
void convert_tls_list_to_openssl(char *openssl_ciphers, size_t len, const char *ciphers)
int len
Length in bytes of the actual content within the allocated memory.
static int rsa_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
static void bio_write_post(const int status, struct buffer *buf)
#define SSL_CTX_set1_groups
void convert_tls13_list_to_openssl(char *openssl_ciphers, size_t len, const char *ciphers)
static int tls_ctx_use_external_rsa_key(struct tls_root_ctx *ctx, EVP_PKEY *pkey)
bool openvpn_snprintf(char *str, size_t size, const char *format,...)
static EVP_PKEY * X509_get0_pubkey(const X509 *x)
Get the public key from a X509 certificate.
int tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char *pkcs12_file, bool pkcs12_file_inline, bool load_ca_file)
Load PKCS #12 file for key, cert and (optionally) CA certs, and add to library-specific TLS context...
#define SSLF_TLS_VERSION_MAX_SHIFT
void show_available_curves(void)
#define PERF_BIO_READ_CIPHERTEXT
static struct gc_arena gc_new(void)
#define KS_PRIMARY
Primary key state index.
void show_available_tls_ciphers_list(const char *cipher_list, const char *tls_cert_profile, bool tls13)
int tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, bool priv_key_file_inline)
Load private key file into the given TLS context.
char * management_query_pk_sig(struct management *man, const char *b64_data, const char *algorithm)
static int RSA_meth_set_pub_enc(RSA_METHOD *meth, int(*pub_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the public encoding function of an RSA_METHOD object.
const char * print_key_filename(const char *str, bool is_inline)
To be used when printing a string that may contain inline data.
void get_highest_preference_tls_cipher(char *buf, int size)
#define SSLF_TLS_VERSION_MIN_MASK
void * gc_malloc(size_t size, bool clear, struct gc_arena *a)
int openvpn_base64_decode(const char *str, void *data, int size)
void backend_tls_ctx_reload_crl(struct tls_root_ctx *ssl_ctx, const char *crl_file, bool crl_inline)
Reload the Certificate Revocation List for the SSL channel.
bool key_state_export_keying_material(struct tls_session *session, const char *label, size_t label_size, void *ekm, size_t ekm_size)
Keying Material Exporters [RFC 5705] allows additional keying material to be derived from existing TL...
#define PERF_BIO_WRITE_PLAINTEXT
int tls_version_max(void)
Return the maximum TLS version (as a TLS_VER_x constant) supported by current SSL implementation...
static RSA * EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
Get the RSA object of a public key.
static STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *store)
Fetch the X509 object stack from the X509 store.
int key_state_read_plaintext(struct key_state_ssl *ks_ssl, struct buffer *buf, int maxlen)
Extract plaintext data from the TLS module.
static RSA_METHOD * RSA_meth_new(const char *name, int flags)
Allocate a new RSA method object.
int verify_callback(void *session_obj, mbedtls_x509_crt *cert, int cert_depth, uint32_t *flags)
Verify that the remote OpenVPN peer's certificate allows setting up a VPN tunnel. ...
static int buf_forward_capacity(const struct buffer *buf)
void tls_init_lib(void)
Perform any static initialisation necessary by the library.
const char * get_ssl_library_version(void)
return a pointer to a static memory area containing the name and version number of the SSL library in...
int openvpn_base64_encode(const void *data, int size, char **str)
Get a tls_cipher_name_pair containing OpenSSL and IANA names for supplied TLS cipher name...
#define D_HANDSHAKE_VERBOSE
static int rsa_pub_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
void key_state_ssl_free(struct key_state_ssl *ks_ssl)
Free the SSL channel part of the given key state.
#define X509_get0_notBefore
void tls_ctx_server_new(struct tls_root_ctx *ctx)
Initialise a library-specific TLS context for a server.
static void tls_ctx_add_extra_certs(struct tls_root_ctx *ctx, BIO *bio, bool optional)
#define X509_get0_notAfter
char * strsep(char **stringp, const char *delim)
static int openssl_tls_version(int ver)
Convert internal version number to openssl version number.
static int sk_x509_name_cmp(const X509_NAME *const *a, const X509_NAME *const *b)
static int get_sig_from_man(const unsigned char *dgst, unsigned int dgstlen, unsigned char *sig, unsigned int siglen, const char *algorithm)
Pass the input hash in 'dgst' to management and get the signature back.
void tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
Restrict the list of ciphers that can be used within the TLS context for TLS 1.2 and below...
#define ALLOC_ARRAY_CLEAR_GC(dptr, type, n, gc)
Structure that wraps the TLS context.
#define SSLF_CLIENT_CERT_OPTIONAL
static void check_malloc_return(const void *p)
Security parameter state of a single session within a VPN tunnel.
#define VALGRIND_MAKE_READABLE(addr, len)
void tls_ctx_check_cert_time(const struct tls_root_ctx *ctx)
Check our certificate notBefore and notAfter fields, and warn if the cert is either not yet valid or ...
Wrapper structure for dynamically allocated memory.
int mydata_index
Allocate space in SSL objects in which to store a struct tls_session pointer back to parent...
static int SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
Return the min SSL protocol version currently enabled in the context.
void tls_ctx_set_tls_groups(struct tls_root_ctx *ctx, const char *groups)
Set the (elliptic curve) group allowed for signatures and key exchange.
static void info_callback(INFO_CALLBACK_SSL_CONST SSL *s, int where, int ret)
int key_state_write_ciphertext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Insert a ciphertext buffer into the TLS module.
int get_num_elements(const char *string, char delimiter)
Returns the occurrences of 'delimiter' in a string +1 This is typically used to find out the number e...
static int constrain_int(int x, int min, int max)
int tls_ctx_use_management_external_key(struct tls_root_ctx *ctx)
Tell the management interface to load the given certificate and the external private key matching the...
static int RSA_set0_key(RSA *rsa, BIGNUM *n, BIGNUM *e, BIGNUM *d)
Set the RSA parameters.
Garbage collection arena used to keep track of dynamically allocated memory.
const char * openssl_name
void tls_ctx_client_new(struct tls_root_ctx *ctx)
Initialises a library-specific TLS context for a client.
void key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_ctx, bool is_server, struct tls_session *session)
Initialise the SSL channel part of the given key state.
void tls_free_lib(void)
Free any global SSL library-specific data structures.
#define UP_TYPE_PRIVATE_KEY
static int openvpn_extkey_rsa_finish(RSA *rsa)
int key_state_read_ciphertext(struct key_state_ssl *ks_ssl, struct buffer *buf, int maxlen)
Extract ciphertext data from the TLS module.
#define SSLF_TLS_VERSION_MAX_MASK
static int RSA_meth_set_init(RSA_METHOD *meth, int(*init)(RSA *rsa))
Set the init function of an RSA_METHOD object.
#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT
static int bio_write(BIO *bio, const uint8_t *data, int size, const char *desc)
#define SSLF_TLS_VERSION_MIN_SHIFT
static SERVICE_STATUS status
const tls_cipher_name_pair * tls_get_cipher_name_pair(const char *cipher_name, size_t len)
void tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name)
Load Elliptic Curve Parameters, and load them into the library-specific TLS context.
static void RSA_set_flags(RSA *rsa, int flags)
Set the RSA flags.
static int X509_OBJECT_get_type(const X509_OBJECT *obj)
Get the type of an X509 object.
static int RSA_meth_set_finish(RSA_METHOD *meth, int(*finish)(RSA *rsa))
Set the finish function of an RSA_METHOD object.
static bool tls_ctx_set_tls_versions(struct tls_root_ctx *ctx, unsigned int ssl_flags)
static int bio_read(BIO *bio, struct buffer *buf, int maxlen, const char *desc)