OpenVPN
ssl_verify_mbedtls.c
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2026 OpenVPN Inc <sales@openvpn.net>
9 * Copyright (C) 2010-2026 Sentyron B.V. <openvpn@sentyron.com>
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2
13 * as published by the Free Software Foundation.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, see <https://www.gnu.org/licenses/>.
22 */
23
29#ifdef HAVE_CONFIG_H
30#include "config.h"
31#endif
32
33#include "syshead.h"
34
35#if defined(ENABLE_CRYPTO_MBEDTLS)
36
37#include <mbedtls/version.h>
38
39#if MBEDTLS_VERSION_NUMBER < 0x04000000
40#include "crypto_mbedtls_legacy.h"
41#include <mbedtls/bignum.h>
42#include <mbedtls/sha1.h>
43#else
44#include "crypto_mbedtls.h"
45#endif
46
47#include "mbedtls_compat.h"
48
49#include "ssl_verify.h"
50#include <mbedtls/asn1.h>
51#include <mbedtls/error.h>
52#include <mbedtls/oid.h>
53
54#define MAX_SUBJECT_LENGTH 256
55
56int
57verify_callback(void *session_obj, mbedtls_x509_crt *cert, int cert_depth, uint32_t *flags)
58{
59 struct tls_session *session = (struct tls_session *)session_obj;
60 struct gc_arena gc = gc_new();
61
62 ASSERT(cert);
63 ASSERT(session);
64
65 session->verified = false;
66
67 /* Remember certificate hash */
68 struct buffer cert_fingerprint = x509_get_sha256_fingerprint(cert, &gc);
69 cert_hash_remember(session, cert_depth, &cert_fingerprint);
70
71 if (session->opt->verify_hash_no_ca)
72 {
73 /*
74 * If we decide to verify the peer certificate based on the fingerprint
75 * we ignore wrong dates and the certificate not being trusted.
76 * Any other problem with the certificate (wrong key, bad cert,...)
77 * will still trigger an error.
78 * Clearing these flags relies on verify_cert will later rejecting a
79 * certificate that has no matching fingerprint.
80 */
81 uint32_t flags_ignore = MBEDTLS_X509_BADCERT_NOT_TRUSTED | MBEDTLS_X509_BADCERT_EXPIRED
82 | MBEDTLS_X509_BADCERT_FUTURE;
83 *flags = *flags & ~flags_ignore;
84 }
85
86 /* did peer present cert which was signed by our root cert? */
87 if (*flags != 0)
88 {
89 int ret = 0;
90 char errstr[512] = { 0 };
91 char *subject = x509_get_subject(cert, &gc);
92 char *serial = backend_x509_get_serial(cert, &gc);
93
94 ret = mbedtls_x509_crt_verify_info(errstr, sizeof(errstr) - 1, "", *flags);
95 if (ret <= 0
96 && snprintf(errstr, sizeof(errstr), "Could not retrieve error string, flags=%" PRIx32,
97 *flags)
98 >= sizeof(errstr))
99 {
100 errstr[0] = '\0';
101 }
102 else
103 {
104 chomp(errstr);
105 }
106
107 if (subject)
108 {
109 msg(D_TLS_ERRORS, "VERIFY ERROR: depth=%d, subject=%s, serial=%s: %s", cert_depth,
110 subject, serial ? serial : "<not available>", errstr);
111 }
112 else
113 {
114 msg(D_TLS_ERRORS,
115 "VERIFY ERROR: depth=%d, (could not extract X509 "
116 "subject string from certificate): %s",
117 cert_depth, errstr);
118 }
119
120 /* Leave flags set to non-zero to indicate that the cert is not ok */
121 }
122 else if (SUCCESS != verify_cert(session, cert, cert_depth))
123 {
124 *flags |= MBEDTLS_X509_BADCERT_OTHER;
125 }
126
127 gc_free(&gc);
128
129 /*
130 * PolarSSL/mbed TLS-1.2.0+ expects 0 on anything except fatal errors.
131 */
132 return 0;
133}
134
135/* not supported for mbedTLS yet */
136bool
137x509_username_field_ext_supported(const char *fieldname)
138{
139 return false;
140}
141
142result_t
143backend_x509_get_username(char *cn, size_t cn_len, char *x509_username_field, mbedtls_x509_crt *cert)
144{
145 mbedtls_x509_name *name;
146
147 ASSERT(cn != NULL);
148
149 name = &cert->subject;
150
151 /* Find common name */
152 while (name != NULL)
153 {
154 if (0 == memcmp(name->oid.p, MBEDTLS_OID_AT_CN, MBEDTLS_OID_SIZE(MBEDTLS_OID_AT_CN)))
155 {
156 break;
157 }
158
159 name = name->next;
160 }
161
162 /* Not found, return an error if this is the peer's certificate */
163 if (name == NULL)
164 {
165 return FAILURE;
166 }
167
168 /* Found, extract CN */
169 if (cn_len > name->val.len)
170 {
171 memcpy(cn, name->val.p, name->val.len);
172 cn[name->val.len] = '\0';
173 }
174 else
175 {
176 memcpy(cn, name->val.p, cn_len);
177 cn[cn_len - 1] = '\0';
178 }
179
180 return SUCCESS;
181}
182
183#if MBEDTLS_VERSION_NUMBER >= 0x04000000
184/* Mbed TLS 4 has no function to print the certificate serial number and does
185 * not expose the bignum functions anymore. So in order to write the serial
186 * number as a decimal string, we implement bignum % 10 and bignum / 10. */
187static char
188bignum_mod_10(const uint8_t *bignum, size_t bignum_length)
189{
190 int result = 0;
191 for (size_t i = 0; i < bignum_length; i++)
192 {
193 result = (result * 256) % 10;
194 result = (result + bignum[i]) % 10;
195 }
196 return (char)result;
197}
198
199/* Divide bignum by 10 rounded down, in place. */
200static void
201bignum_div_10(uint8_t *bignum, size_t *bignum_length)
202{
203 /*
204 * Some intuition for the algorithm below:
205 *
206 * We want to calculate
207 *
208 * (bignum[0] * 256^n + bignum[1] * 256^(n-1) + ... + bignum[n]) / 10.
209 *
210 * Let remainder = bignum[0] % 10 and carry = remainder * 256.
211 * Then we can write the above as
212 *
213 * (bignum[0] / 10) * 256^n
214 * + ((carry + bignum[1]) * 256^(n-1) + ... + bignum[n]) / 10.
215 *
216 * So now we have the first byte of our result. The second byte will be
217 * (carry + bignum[1]) / 10. Note that this fits into one byte because
218 * 0 <= remainder < 10. We calculate the next remainder and carry as
219 * remainder = (carry + bignum[1]) % 10 and carry = remainder * 256 and
220 * move on to the next byte until we are done.
221 */
222 size_t new_length = 0;
223 int carry = 0;
224 for (size_t i = 0; i < *bignum_length; i++)
225 {
226 uint8_t next_byte = (uint8_t)((bignum[i] + carry) / 10);
227 int remainder = (bignum[i] + carry) % 10;
228 carry = remainder * 256;
229
230 /* Write the byte unless it's a leading zero. */
231 if (new_length != 0 || next_byte != 0)
232 {
233 bignum[new_length++] = next_byte;
234 }
235 }
236 *bignum_length = new_length;
237}
238
239/* Write the decimal representation of bignum to out, if enough space is available.
240 * Returns the number of bytes needed in out, or 0 on error. To calculate the
241 * necessary buffer size, the function can be called with out = NULL. */
242static size_t
243write_bignum(char *out, size_t out_size, const uint8_t *bignum, size_t bignum_length)
244{
245 if (bignum_length == 0)
246 {
247 /* We want out to be "0". */
248 if (out != NULL)
249 {
250 if (out_size >= 2)
251 {
252 out[0] = '0';
253 out[1] = '\0';
254 }
255 else if (out_size > 0)
256 {
257 out[0] = '\0';
258 }
259 }
260 return 2;
261 }
262
263 uint8_t *bignum_copy = malloc(bignum_length);
264 if (bignum_copy == NULL)
265 {
266 return 0;
267 }
268 memcpy(bignum_copy, bignum, bignum_length);
269
270 size_t bytes_needed = 0;
271 size_t bytes_written = 0;
272 while (bignum_length > 0)
273 {
274 /* We're writing the digits in reverse order. We put them in the right order later. */
275 char digit = bignum_mod_10(bignum_copy, bignum_length);
276 if (out != NULL && bytes_written < out_size - 1)
277 {
278 out[bytes_written++] = '0' + (char)digit;
279 }
280 bytes_needed += 1;
281 bignum_div_10(bignum_copy, &bignum_length);
282 }
283
284 if (out != NULL)
285 {
286 if (bytes_written == bytes_needed)
287 {
288 /* We had space for all digits. Now reverse them. */
289 for (size_t i = 0; i < bytes_written / 2; i++)
290 {
291 char tmp = out[i];
292 out[i] = out[bytes_written - 1 - i];
293 out[bytes_written - 1 - i] = tmp;
294 }
295 out[bytes_written] = '\0';
296 }
297 else if (out_size > 0)
298 {
299 out[0] = '\0';
300 }
301 }
302 bytes_needed += 1;
303
304 free(bignum_copy);
305 return bytes_needed;
306}
307#endif /* MBEDTLS_VERSION_NUMBER >= 0x04000000 */
308
309char *
310backend_x509_get_serial(mbedtls_x509_crt *cert, struct gc_arena *gc)
311{
312 char *buf = NULL;
313 size_t buflen = 0;
314
315#if MBEDTLS_VERSION_NUMBER < 0x04000000
316 mbedtls_mpi serial_mpi = { 0 };
317
318 /* Transform asn1 integer serial into mbed TLS MPI */
319 mbedtls_mpi_init(&serial_mpi);
320 if (!mbed_ok(mbedtls_mpi_read_binary(&serial_mpi, cert->serial.p, cert->serial.len)))
321 {
322 msg(M_WARN, "Failed to retrieve serial from certificate.");
323 goto end;
324 }
325
326 /* Determine decimal representation length, allocate buffer */
327 mbedtls_mpi_write_string(&serial_mpi, 10, NULL, 0, &buflen);
328 buf = gc_malloc(buflen, true, gc);
329
330 /* Write MPI serial as decimal string into buffer */
331 if (!mbed_ok(mbedtls_mpi_write_string(&serial_mpi, 10, buf, buflen, &buflen)))
332 {
333 msg(M_WARN, "Failed to write serial to string.");
334 buf = NULL;
335 goto end;
336 }
337
338end:
339 mbedtls_mpi_free(&serial_mpi);
340 return buf;
341#else
342 buflen = write_bignum(NULL, 0, cert->serial.p, cert->serial.len);
343 if (buflen == 0)
344 {
345 msg(M_WARN, "Failed to write serial to string.");
346 return NULL;
347 }
348 buf = gc_malloc(buflen, true, gc);
349 if (write_bignum(buf, buflen, cert->serial.p, cert->serial.len) != buflen)
350 {
351 msg(M_WARN, "Failed to write serial to string.");
352 return NULL;
353 }
354 return buf;
355#endif /* MBEDTLS_VERSION_NUMBER < 0x04000000 */
356}
357
358char *
359backend_x509_get_serial_hex(mbedtls_x509_crt *cert, struct gc_arena *gc)
360{
361 char *buf = NULL;
362 size_t len = cert->serial.len * 3 + 1;
363
364 buf = gc_malloc(len, true, gc);
365
366 if (mbedtls_x509_serial_gets(buf, len - 1, &cert->serial) < 0)
367 {
368 buf = NULL;
369 }
370
371 return buf;
372}
373
374result_t
375backend_x509_write_pem(openvpn_x509_cert_t *cert, const char *filename)
376{
377 /* mbed TLS does not make it easy to write a certificate in PEM format.
378 * The only way is to directly access the DER encoded raw certificate
379 * and PEM encode it ourselves */
380
381 struct gc_arena gc = gc_new();
382 /* just do a very loose upper bound for the base64 based PEM encoding
383 * using 3 times the space for the base64 and 100 bytes for the
384 * headers and footer */
385 struct buffer pem = alloc_buf_gc(cert->raw.len * 3 + 100, &gc);
386
387 struct buffer der = { 0 };
388 buf_set_read(&der, cert->raw.p, cert->raw.len);
389
390 if (!crypto_pem_encode("CERTIFICATE", &pem, &der, &gc))
391 {
392 goto err;
393 }
394
395 if (!buffer_write_file(filename, &pem))
396 {
397 goto err;
398 }
399
400 gc_free(&gc);
401 return SUCCESS;
402err:
403 msg(D_TLS_DEBUG_LOW, "Error writing X509 certificate to file %s", filename);
404 gc_free(&gc);
405 return FAILURE;
406}
407
408#if defined(__GNUC__) || defined(__clang__)
409#pragma GCC diagnostic push
410#pragma GCC diagnostic ignored "-Wconversion"
411#endif
412
413static struct buffer
414x509_get_fingerprint(const mbedtls_md_info_t *md_info, mbedtls_x509_crt *cert, struct gc_arena *gc)
415{
416 const size_t md_size = mbedtls_md_get_size(md_info);
417 struct buffer fingerprint = alloc_buf_gc(md_size, gc);
418 mbedtls_md(md_info, cert->raw.p, cert->raw.len, BPTR(&fingerprint));
419 ASSERT(buf_inc_len(&fingerprint, md_size));
420 return fingerprint;
421}
422
423#if defined(__GNUC__) || defined(__clang__)
424#pragma GCC diagnostic pop
425#endif
426
427struct buffer
428x509_get_sha1_fingerprint(mbedtls_x509_crt *cert, struct gc_arena *gc)
429{
430 return x509_get_fingerprint(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), cert, gc);
431}
432
433struct buffer
434x509_get_sha256_fingerprint(mbedtls_x509_crt *cert, struct gc_arena *gc)
435{
436 return x509_get_fingerprint(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), cert, gc);
437}
438
439char *
440x509_get_subject(mbedtls_x509_crt *cert, struct gc_arena *gc)
441{
442 char tmp_subject[MAX_SUBJECT_LENGTH] = { 0 };
443 char *subject = NULL;
444
445 int ret = 0;
446
447 ret = mbedtls_x509_dn_gets(tmp_subject, MAX_SUBJECT_LENGTH - 1, &cert->subject);
448 if (ret > 0)
449 {
450 /* Allocate the required space for the subject */
451 subject = string_alloc(tmp_subject, gc);
452 }
453
454 return subject;
455}
456
457static void
458do_setenv_x509(struct env_set *es, const char *name, char *value, int depth)
459{
460 char *name_expand;
461 size_t name_expand_size;
462
463 string_mod(value, CC_ANY, CC_CRLF, '?');
464 msg(D_X509_ATTR, "X509 ATTRIBUTE name='%s' value='%s' depth=%d", name, value, depth);
465 name_expand_size = 64 + strlen(name);
466 name_expand = (char *)malloc(name_expand_size);
467 check_malloc_return(name_expand);
468 snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name);
469 setenv_str(es, name_expand, value);
470 free(name_expand);
471}
472
473static char *
474asn1_buf_to_c_string(const mbedtls_asn1_buf *orig, struct gc_arena *gc)
475{
476 size_t i;
477 char *val;
478
479 if (!(orig->tag == MBEDTLS_ASN1_UTF8_STRING || orig->tag == MBEDTLS_ASN1_PRINTABLE_STRING
480 || orig->tag == MBEDTLS_ASN1_IA5_STRING))
481 {
482 /* Only support C-string compatible types */
483 return string_alloc("ERROR: unsupported ASN.1 string type", gc);
484 }
485
486 for (i = 0; i < orig->len; ++i)
487 {
488 if (orig->p[i] == '\0')
489 {
490 return string_alloc("ERROR: embedded null value", gc);
491 }
492 }
493 val = gc_malloc(orig->len + 1, false, gc);
494 memcpy(val, orig->p, orig->len);
495 val[orig->len] = '\0';
496 return val;
497}
498
499static void
500do_setenv_name(struct env_set *es, const struct x509_track *xt, const mbedtls_x509_crt *cert,
501 int depth, struct gc_arena *gc)
502{
503 const mbedtls_x509_name *xn;
504 for (xn = &cert->subject; xn != NULL; xn = xn->next)
505 {
506 const char *xn_short_name = NULL;
507 if (0 == mbedtls_oid_get_attr_short_name(&xn->oid, &xn_short_name)
508 && 0 == strcmp(xt->name, xn_short_name))
509 {
510 char *val_str = asn1_buf_to_c_string(&xn->val, gc);
511 do_setenv_x509(es, xt->name, val_str, depth);
512 }
513 }
514}
515
516void
517x509_track_add(const struct x509_track **ll_head, const char *name, msglvl_t msglevel,
518 struct gc_arena *gc)
519{
520 struct x509_track *xt;
521 ALLOC_OBJ_CLEAR_GC(xt, struct x509_track, gc);
522 if (*name == '+')
523 {
524 xt->flags |= XT_FULL_CHAIN;
525 ++name;
526 }
527 xt->name = name;
528 xt->next = *ll_head;
529 *ll_head = xt;
530}
531
532void
533x509_setenv_track(const struct x509_track *xt, struct env_set *es, const int depth,
534 mbedtls_x509_crt *cert)
535{
536 struct gc_arena gc = gc_new();
537 while (xt)
538 {
539 if (depth == 0 || (xt->flags & XT_FULL_CHAIN))
540 {
541 if (0 == strcmp(xt->name, "SHA1") || 0 == strcmp(xt->name, "SHA256"))
542 {
543 /* Fingerprint is not part of X509 structure */
544 struct buffer cert_hash;
545 char *fingerprint;
546
547 if (0 == strcmp(xt->name, "SHA1"))
548 {
549 cert_hash = x509_get_sha1_fingerprint(cert, &gc);
550 }
551 else
552 {
553 cert_hash = x509_get_sha256_fingerprint(cert, &gc);
554 }
555
556 fingerprint =
557 format_hex_ex(BPTR(&cert_hash), BLEN(&cert_hash), 0, 1 | FHE_CAPS, ":", &gc);
558 do_setenv_x509(es, xt->name, fingerprint, depth);
559 }
560 else
561 {
562 do_setenv_name(es, xt, cert, depth, &gc);
563 }
564 }
565 xt = xt->next;
566 }
567 gc_free(&gc);
568}
569
570/*
571 * Save X509 fields to environment, using the naming convention:
572 *
573 * X509_{cert_depth}_{name}={value}
574 */
575void
576x509_setenv(struct env_set *es, int cert_depth, mbedtls_x509_crt *cert)
577{
578 int i;
579 unsigned char c;
580 const mbedtls_x509_name *name;
581 char s[128] = { 0 };
582
583 name = &cert->subject;
584
585 while (name != NULL)
586 {
587 char name_expand[64 + 8];
588 const char *shortname;
589
590 if (0 == mbedtls_oid_get_attr_short_name(&name->oid, &shortname))
591 {
592 snprintf(name_expand, sizeof(name_expand), "X509_%d_%s", cert_depth, shortname);
593 }
594 else
595 {
596 snprintf(name_expand, sizeof(name_expand), "X509_%d_\?\?", cert_depth);
597 }
598
599 for (i = 0; i < name->val.len; i++)
600 {
601 if (i >= (int)sizeof(s) - 1)
602 {
603 break;
604 }
605
606 c = name->val.p[i];
607 if (c < 32 || c == 127 || (c > 128 && c < 160))
608 {
609 s[i] = '?';
610 }
611 else
612 {
613 s[i] = c;
614 }
615 }
616 s[i] = '\0';
617
618 /* Check both strings, set environment variable */
619 string_mod(name_expand, CC_PRINT, CC_CRLF, '_');
620 string_mod((char *)s, CC_PRINT, CC_CRLF, '_');
621 setenv_str_incr(es, name_expand, (char *)s);
622
623 name = name->next;
624 }
625}
626
627/* Dummy function because Netscape certificate types are not supported in OpenVPN with mbedtls.
628 * Returns SUCCESS if usage is NS_CERT_CHECK_NONE, FAILURE otherwise. */
629result_t
630x509_verify_ns_cert_type(mbedtls_x509_crt *cert, const int usage)
631{
632 if (usage == NS_CERT_CHECK_NONE)
633 {
634 return SUCCESS;
635 }
636
637 return FAILURE;
638}
639
640result_t
641x509_verify_cert_ku(mbedtls_x509_crt *cert, const unsigned int *const expected_ku, size_t expected_len)
642{
643 msg(D_HANDSHAKE, "Validating certificate key usage");
644
645 if (!mbedtls_x509_crt_has_ext_type(cert, MBEDTLS_X509_EXT_KEY_USAGE))
646 {
647 msg(D_TLS_ERRORS, "ERROR: Certificate does not have key usage extension");
648 return FAILURE;
649 }
650
651 if (expected_ku[0] == OPENVPN_KU_REQUIRED)
652 {
653 /* Extension required, value checked by TLS library */
654 return SUCCESS;
655 }
656
657 result_t fFound = FAILURE;
658 for (size_t i = 0; SUCCESS != fFound && i < expected_len; i++)
659 {
660 if (expected_ku[i] != 0 && 0 == mbedtls_x509_crt_check_key_usage(cert, expected_ku[i]))
661 {
662 fFound = SUCCESS;
663 }
664 }
665
666 if (fFound != SUCCESS)
667 {
668 msg(D_TLS_ERRORS, "ERROR: Certificate has invalid key usage, expected one of:");
669 for (size_t i = 0; i < expected_len && expected_ku[i]; i++)
670 {
671 msg(D_TLS_ERRORS, " * %04x", expected_ku[i]);
672 }
673 }
674
675 return fFound;
676}
677
678result_t
679x509_verify_cert_eku(mbedtls_x509_crt *cert, const char *const expected_oid)
680{
681 result_t fFound = FAILURE;
682
683 if (!mbedtls_x509_crt_has_ext_type(cert, MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE))
684 {
685 msg(D_HANDSHAKE, "Certificate does not have extended key usage extension");
686 }
687 else
688 {
689 mbedtls_x509_sequence *oid_seq = &(cert->ext_key_usage);
690
691 msg(D_HANDSHAKE, "Validating certificate extended key usage");
692 while (oid_seq != NULL)
693 {
694 mbedtls_x509_buf *oid = &oid_seq->buf;
695 char oid_num_str[1024];
696 const char *oid_str;
697
698 if (0 == mbedtls_oid_get_extended_key_usage(oid, &oid_str))
699 {
700 msg(D_HANDSHAKE, "++ Certificate has EKU (str) %s, expects %s", oid_str,
701 expected_oid);
702 if (!strcmp(expected_oid, oid_str))
703 {
704 fFound = SUCCESS;
705 break;
706 }
707 }
708
709 if (0 < mbedtls_oid_get_numeric_string(oid_num_str, sizeof(oid_num_str), oid))
710 {
711 msg(D_HANDSHAKE, "++ Certificate has EKU (oid) %s, expects %s", oid_num_str,
712 expected_oid);
713 if (!strcmp(expected_oid, oid_num_str))
714 {
715 fFound = SUCCESS;
716 break;
717 }
718 }
719 oid_seq = oid_seq->next;
720 }
721 }
722
723 return fFound;
724}
725
726bool
727tls_verify_crl_missing(const struct tls_options *opt)
728{
729 if (opt->crl_file && !(opt->ssl_flags & SSLF_CRL_VERIFY_DIR)
730 && (opt->ssl_ctx->crl == NULL || opt->ssl_ctx->crl->version == 0))
731 {
732 return true;
733 }
734 return false;
735}
736
737#endif /* #if defined(ENABLE_CRYPTO_MBEDTLS) */
buffer_write_file
bool buffer_write_file(const char *filename, const struct buffer *buf)
Write buffer contents to file.
Definition buffer.c:301
chomp
void chomp(char *str)
Definition buffer.c:613
gc_malloc
void * gc_malloc(size_t size, bool clear, struct gc_arena *a)
Definition buffer.c:336
alloc_buf_gc
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition buffer.c:89
format_hex_ex
char * format_hex_ex(const uint8_t *data, size_t size, size_t maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc)
Definition buffer.c:483
string_mod
bool string_mod(char *str, const unsigned int inclusive, const unsigned int exclusive, const char replace)
Modifies a string in place by replacing certain classes of characters of it with a specified characte...
Definition buffer.c:1045
string_alloc
char * string_alloc(const char *str, struct gc_arena *gc)
Definition buffer.c:648
CC_ANY
#define CC_ANY
any character
Definition buffer.h:877
BPTR
#define BPTR(buf)
Definition buffer.h:123
buf_inc_len
static bool buf_inc_len(struct buffer *buf, int inc)
Definition buffer.h:588
CC_CRLF
#define CC_CRLF
carriage return or newline
Definition buffer.h:914
buf_set_read
static void buf_set_read(struct buffer *buf, const uint8_t *data, size_t size)
Definition buffer.h:348
ALLOC_OBJ_CLEAR_GC
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
Definition buffer.h:1101
BLEN
#define BLEN(buf)
Definition buffer.h:126
check_malloc_return
static void check_malloc_return(void *p)
Definition buffer.h:1107
gc_free
static void gc_free(struct gc_arena *a)
Definition buffer.h:1025
CC_PRINT
#define CC_PRINT
printable (>= 32, != 127)
Definition buffer.h:885
FHE_CAPS
#define FHE_CAPS
Definition buffer.h:498
gc_new
static struct gc_arena gc_new(void)
Definition buffer.h:1017
crypto_pem_encode
bool crypto_pem_encode(const char *name, struct buffer *dst, const struct buffer *src, struct gc_arena *gc)
Encode binary data as PEM.
Definition crypto_openssl.c:496
crypto_mbedtls.h
Data Channel Cryptography backend interface using the TF-PSA-Crypto library part of Mbed TLS 4.
mbed_ok
#define mbed_ok(errval)
Check errval and log on error.
Definition crypto_mbedtls.h:161
crypto_mbedtls_legacy.h
Data Channel Cryptography mbed TLS-specific backend interface.
setenv_str
void setenv_str(struct env_set *es, const char *name, const char *value)
Definition env_set.c:307
setenv_str_incr
void setenv_str_incr(struct env_set *es, const char *name, const char *value)
Store the supplied name value pair in the env_set.
Definition env_set.c:329
D_TLS_DEBUG_LOW
#define D_TLS_DEBUG_LOW
Definition errlevel.h:76
D_X509_ATTR
#define D_X509_ATTR
Definition errlevel.h:102
D_HANDSHAKE
#define D_HANDSHAKE
Definition errlevel.h:71
D_TLS_ERRORS
#define D_TLS_ERRORS
Definition errlevel.h:58
verify_callback
int verify_callback(void *session_obj, mbedtls_x509_crt *cert, int cert_depth, uint32_t *flags)
Verify that the remote OpenVPN peer's certificate allows setting up a VPN tunnel.
mbedtls_compat.h
mbedtls compatibility stub.
openvpn_x509_cert_t
X509 openvpn_x509_cert_t
Definition openvpn-plugin.h:40
msg
#define msg(flags,...)
Definition error.h:152
msglvl_t
unsigned int msglvl_t
Definition error.h:77
ASSERT
#define ASSERT(x)
Definition error.h:219
M_WARN
#define M_WARN
Definition error.h:92
usage
void usage(void)
Definition options.c:4834
SSLF_CRL_VERIFY_DIR
#define SSLF_CRL_VERIFY_DIR
Definition ssl_common.h:428
verify_cert
result_t verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_depth)
Definition ssl_verify.c:577
cert_hash_remember
void cert_hash_remember(struct tls_session *session, const int error_depth, const struct buffer *cert_hash)
Definition ssl_verify.c:194
ssl_verify.h
Control Channel Verification Module.
OPENVPN_KU_REQUIRED
#define OPENVPN_KU_REQUIRED
Require keyUsage to be present in cert (0xFFFF is an invalid KU value)
Definition ssl_verify.h:257
XT_FULL_CHAIN
#define XT_FULL_CHAIN
Definition ssl_verify.h:241
NS_CERT_CHECK_NONE
#define NS_CERT_CHECK_NONE
Do not perform Netscape certificate type verification.
Definition ssl_verify.h:250
x509_get_sha256_fingerprint
struct buffer x509_get_sha256_fingerprint(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Retrieve the certificate's SHA256 fingerprint.
Definition ssl_verify_openssl.c:354
x509_username_field_ext_supported
bool x509_username_field_ext_supported(const char *extname)
Return true iff the supplied extension field is supported by the –x509-username-field option.
Definition ssl_verify_openssl.c:115
x509_setenv_track
void x509_setenv_track(const struct x509_track *xt, struct env_set *es, const int depth, openvpn_x509_cert_t *x509)
Definition ssl_verify_openssl.c:461
x509_setenv
void x509_setenv(struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert)
Definition ssl_verify_openssl.c:549
tls_verify_crl_missing
bool tls_verify_crl_missing(const struct tls_options *opt)
Return true iff a CRL is configured, but is not loaded.
Definition ssl_verify_openssl.c:782
backend_x509_write_pem
result_t backend_x509_write_pem(openvpn_x509_cert_t *cert, const char *filename)
Definition ssl_verify_openssl.c:322
x509_verify_ns_cert_type
result_t x509_verify_ns_cert_type(openvpn_x509_cert_t *cert, const int usage)
Definition ssl_verify_openssl.c:607
backend_x509_get_serial_hex
char * backend_x509_get_serial_hex(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Definition ssl_verify_openssl.c:314
x509_get_sha1_fingerprint
struct buffer x509_get_sha1_fingerprint(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Retrieve the certificate's SHA1 fingerprint.
Definition ssl_verify_openssl.c:344
x509_verify_cert_ku
result_t x509_verify_cert_ku(openvpn_x509_cert_t *x509, const unsigned *const expected_ku, size_t expected_len)
x509_get_subject
char * x509_get_subject(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Definition ssl_verify_openssl.c:364
backend_x509_get_serial
char * backend_x509_get_serial(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Definition ssl_verify_openssl.c:295
backend_x509_get_username
result_t backend_x509_get_username(char *common_name, size_t cn_len, char *x509_username_field, openvpn_x509_cert_t *peer_cert)
Definition ssl_verify_openssl.c:251
x509_track_add
void x509_track_add(const struct x509_track **ll_head, const char *name, msglvl_t msglevel, struct gc_arena *gc)
Definition ssl_verify_openssl.c:420
result_t
result_t
Result of verification function.
Definition ssl_verify_backend.h:36
FAILURE
@ FAILURE
Definition ssl_verify_backend.h:38
SUCCESS
@ SUCCESS
Definition ssl_verify_backend.h:37
x509_verify_cert_eku
result_t x509_verify_cert_eku(openvpn_x509_cert_t *x509, const char *const expected_oid)
Definition ssl_verify_openssl.c:733
do_setenv_x509
static void do_setenv_x509(struct env_set *es, const char *name, char *value, int depth)
Definition ssl_verify_openssl.c:445
buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60
buffer::len
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65
cert_hash
Structure containing the hash for a single certificate.
Definition ssl_verify.h:58
env_set
Definition env_set.h:43
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116
md_info
Definition crypto_mbedtls.h:95
tls_options
Definition ssl_common.h:307
tls_options::ssl_flags
unsigned int ssl_flags
Definition ssl_common.h:434
tls_options::ssl_ctx
struct tls_root_ctx * ssl_ctx
Definition ssl_common.h:311
tls_options::crl_file
const char * crl_file
Definition ssl_common.h:356
tls_root_ctx::crl
mbedtls_x509_crl * crl
Certificate Revocation List.
Definition ssl_mbedtls.h:125
tls_session
Security parameter state of a single session within a VPN tunnel.
Definition ssl_common.h:489
x509_track
Definition ssl_verify.h:238
x509_track::flags
unsigned int flags
Definition ssl_verify.h:242
x509_track::next
const struct x509_track * next
Definition ssl_verify.h:239
x509_track::name
const char * name
Definition ssl_verify.h:240
es
struct env_set * es
Definition test_pkcs11.c:138
gc
struct gc_arena gc
Definition test_ssl.c:131
Generated by doxygen 1.9.8