Push the use of X509 upwards, out of |ssl_set_cert|.

This change moves the interface between |X509| and |CRYPTO_BUFFER| a little further out, towards the API. Change-Id: I1c014d20f12ad83427575843ca0b3bb22de1a694 Reviewed-on: https://boringssl-review.googlesource.com/13365 Reviewed-by: Adam Langley <agl@google.com>
2017-01-25 09:34:42 -08:00 · 2017-01-25 09:34:42 -08:00 · c26692cfdd
commit c26692cfdd
parent e1e78130f5
3 changed files with 64 additions and 68 deletions
--- a/ssl/internal.h
+++ b/ssl/internal.h
@ -1702,6 +1702,11 @@ void ssl_cert_free(CERT *c);
 CRYPTO_BUFFER *x509_to_buffer(X509 *x509);
 void ssl_cert_flush_cached_x509_leaf(CERT *cert);
 int ssl_cert_cache_leaf_cert(CERT *cert);
+/* ssl_compare_public_and_private_key returns one if |pubkey| is the public
+ * counterpart to |privkey|. Otherwise it returns zero and pushes a helpful
+ * message on the error queue. */
+int ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
+                                       const EVP_PKEY *privkey);
 int ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey);
 int ssl_get_new_session(SSL_HANDSHAKE *hs, int is_server);
 int ssl_encrypt_ticket(SSL *ssl, CBB *out, const SSL_SESSION *session);
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@ -750,16 +750,8 @@ EVP_PKEY *ssl_cert_parse_pubkey(const CBS *in) {
  return EVP_parse_public_key(&tbs_cert);
 }

-static int ssl_check_cert_and_private_key_match(const CRYPTO_BUFFER *cert,
-                                                const EVP_PKEY *privkey) {
-  CBS cert_cbs;
-  CRYPTO_BUFFER_init_CBS(cert, &cert_cbs);
-  EVP_PKEY *pubkey = ssl_cert_parse_pubkey(&cert_cbs);
-  if (!pubkey) {
-    OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE);
-    return 0;
-  }
-
+int ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
+                                       const EVP_PKEY *privkey) {
  int ret = 0;

  switch (EVP_PKEY_cmp(pubkey, privkey)) {
@ -779,7 +771,6 @@ static int ssl_check_cert_and_private_key_match(const CRYPTO_BUFFER *cert,
      break;
  }

-  EVP_PKEY_free(pubkey);
  return ret;
 }

@ -795,8 +786,17 @@ int ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey) {
    return 0;
  }

-  return ssl_check_cert_and_private_key_match(
-      sk_CRYPTO_BUFFER_value(cert->chain, 0), privkey);
+  CBS cert_cbs;
+  CRYPTO_BUFFER_init_CBS(sk_CRYPTO_BUFFER_value(cert->chain, 0), &cert_cbs);
+  EVP_PKEY *pubkey = ssl_cert_parse_pubkey(&cert_cbs);
+  if (!pubkey) {
+    OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE);
+    return 0;
+  }
+
+  const int ok = ssl_compare_public_and_private_key(pubkey, privkey);
+  EVP_PKEY_free(pubkey);
+  return ok;
 }

 int ssl_cert_check_digital_signature_key_usage(const CBS *in) {
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@ -70,7 +70,7 @@
 #include "internal.h"


-static int ssl_set_cert(CERT *cert, X509 *x509);
+static int ssl_set_cert(CERT *cert, CRYPTO_BUFFER *buffer);
 static int ssl_set_pkey(CERT *cert, EVP_PKEY *pkey);

 static int is_key_type_supported(int key_type) {
@ -82,26 +82,26 @@ int SSL_use_certificate(SSL *ssl, X509 *x) {
    OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);
    return 0;
  }
-  return ssl_set_cert(ssl->cert, x);
+
+  CRYPTO_BUFFER *buffer = x509_to_buffer(x);
+  if (buffer == NULL) {
+    return 0;
+  }
+
+  const int ok = ssl_set_cert(ssl->cert, buffer);
+  CRYPTO_BUFFER_free(buffer);
+  return ok;
 }

 int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *der, size_t der_len) {
-  if (der_len > LONG_MAX) {
-    OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
+  CRYPTO_BUFFER *buffer = CRYPTO_BUFFER_new(der, der_len, NULL);
+  if (buffer == NULL) {
    return 0;
  }

-  const uint8_t *p = der;
-  X509 *x509 = d2i_X509(NULL, &p, (long)der_len);
-  if (x509 == NULL || p != der + der_len) {
-    OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);
-    X509_free(x509);
-    return 0;
-  }
-
-  int ret = SSL_use_certificate(ssl, x509);
-  X509_free(x509);
-  return ret;
+  const int ok = ssl_set_cert(ssl->cert, buffer);
+  CRYPTO_BUFFER_free(buffer);
+  return ok;
 }

 int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) {
@ -185,40 +185,44 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) {
    return 0;
  }

-  return ssl_set_cert(ctx->cert, x);
-}
-
-static int ssl_set_cert(CERT *cert, X509 *x) {
-  EVP_PKEY *pkey = X509_get_pubkey(x);
-  if (pkey == NULL) {
-    OPENSSL_PUT_ERROR(SSL, SSL_R_X509_LIB);
+  CRYPTO_BUFFER *buffer = x509_to_buffer(x);
+  if (buffer == NULL) {
    return 0;
  }

-  if (!is_key_type_supported(pkey->type)) {
+  const int ok = ssl_set_cert(ctx->cert, buffer);
+  CRYPTO_BUFFER_free(buffer);
+  return ok;
+}
+
+static int ssl_set_cert(CERT *cert, CRYPTO_BUFFER *buffer) {
+  CBS cert_cbs;
+  CRYPTO_BUFFER_init_CBS(buffer, &cert_cbs);
+  EVP_PKEY *pubkey = ssl_cert_parse_pubkey(&cert_cbs);
+  if (pubkey == NULL) {
+    return 0;
+  }
+
+  if (!is_key_type_supported(pubkey->type)) {
    OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-    EVP_PKEY_free(pkey);
+    EVP_PKEY_free(pubkey);
    return 0;
  }

  /* An ECC certificate may be usable for ECDH or ECDSA. We only support ECDSA
   * certificates, so sanity-check the key usage extension. */
-  if (pkey->type == EVP_PKEY_EC) {
-    /* This call populates extension flags (ex_flags). */
-    X509_check_purpose(x, -1, 0);
-    if ((x->ex_flags & EXFLAG_KUSAGE) &&
-        !(x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE)) {
-      OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-      EVP_PKEY_free(pkey);
-      return 0;
-    }
+  if (pubkey->type == EVP_PKEY_EC &&
+      !ssl_cert_check_digital_signature_key_usage(&cert_cbs)) {
+    OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+    EVP_PKEY_free(pubkey);
+    return 0;
  }

  if (cert->privatekey != NULL) {
    /* Sanity-check that the private key and the certificate match, unless the
     * key is opaque (in case of, say, a smartcard). */
    if (!EVP_PKEY_is_opaque(cert->privatekey) &&
-        !X509_check_private_key(x, cert->privatekey)) {
+        !ssl_compare_public_and_private_key(pubkey, cert->privatekey)) {
      /* don't fail for a cert/key mismatch, just free current private key
       * (when switching to a different cert & key, first this function should
       * be used, then ssl_set_pkey */
@ -229,55 +233,42 @@ static int ssl_set_cert(CERT *cert, X509 *x) {
    }
  }

-  EVP_PKEY_free(pkey);
-
-  CRYPTO_BUFFER *buffer = x509_to_buffer(x);
-  if (!buffer) {
-    return 0;
-  }
+  EVP_PKEY_free(pubkey);

  ssl_cert_flush_cached_x509_leaf(cert);

  if (cert->chain != NULL) {
    CRYPTO_BUFFER_free(sk_CRYPTO_BUFFER_value(cert->chain, 0));
    sk_CRYPTO_BUFFER_set(cert->chain, 0, buffer);
+    CRYPTO_BUFFER_up_ref(buffer);
    return 1;
  }

  cert->chain = sk_CRYPTO_BUFFER_new_null();
  if (cert->chain == NULL) {
-    CRYPTO_BUFFER_free(buffer);
    return 0;
  }

  if (!sk_CRYPTO_BUFFER_push(cert->chain, buffer)) {
-    CRYPTO_BUFFER_free(buffer);
    sk_CRYPTO_BUFFER_free(cert->chain);
    cert->chain = NULL;
    return 0;
  }
+  CRYPTO_BUFFER_up_ref(buffer);

  return 1;
 }

 int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, size_t der_len,
                                 const uint8_t *der) {
-  if (der_len > LONG_MAX) {
-    OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
+  CRYPTO_BUFFER *buffer = CRYPTO_BUFFER_new(der, der_len, NULL);
+  if (buffer == NULL) {
    return 0;
  }

-  const uint8_t *p = der;
-  X509 *x509 = d2i_X509(NULL, &p, (long)der_len);
-  if (x509 == NULL || p != der + der_len) {
-    OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);
-    X509_free(x509);
-    return 0;
-  }
-
-  int ret = SSL_CTX_use_certificate(ctx, x509);
-  X509_free(x509);
-  return ret;
+  const int ok = ssl_set_cert(ctx->cert, buffer);
+  CRYPTO_BUFFER_free(buffer);
+  return ok;
 }

 int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) {