2 * Copyright (c) 2021, 2023 Omar Polo <op@omarpolo.com>
3 * Copyright (c) 2019 Renaud Allard <renaud@allard.it>
4 * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
5 * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
6 * Copyright (c) 2008 Reyk Floeter <reyk@openbsd.org>
8 * Permission to use, copy, modify, and distribute this software for any
9 * purpose with or without fee is hereby granted, provided that the above
10 * copyright notice and this permission notice appear in all copies.
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
26 #include <openssl/ec.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/obj_mac.h>
30 #include <openssl/pem.h>
31 #include <openssl/rsa.h>
32 #include <openssl/x509_vfy.h>
33 #include <openssl/x509v3.h>
38 * Default number of bits when creating a new RSA key.
43 strip_path(const char *path, int strip)
48 if ((t = strchr(path, '/')) == NULL) {
49 path = strchr(path, '\0');
60 ends_with(const char *str, const char *sufx)
71 for (j = 0; str[i] != '\0'; i++, j++)
72 if (str[i] != sufx[j])
78 absolutify_path(const char *path)
80 char wd[PATH_MAX], *r;
83 if ((r = strdup(path)) == NULL)
88 if (getcwd(wd, sizeof(wd)) == NULL)
90 if (asprintf(&r, "%s/%s", wd, path) == -1)
96 xstrdup(const char *s)
100 if ((d = strdup(s)) == NULL)
106 xcalloc(size_t nmemb, size_t size)
110 if ((d = calloc(nmemb, size)) == NULL)
116 rsa_key_create(FILE *f, const char *fname)
118 EVP_PKEY_CTX *ctx = NULL;
119 EVP_PKEY *pkey = NULL;
122 /* First, create the context and the key. */
124 if ((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL) {
125 log_warnx("EVP_PKEY_CTX_new_id failed");
126 ssl_error("EVP_PKEY_CTX_new_id");
129 if (EVP_PKEY_keygen_init(ctx) <= 0) {
130 log_warnx("EVP_PKEY_keygen_init failed");
131 ssl_error("EVP_PKEY_keygen_init");
134 if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, KBITS) <= 0) {
135 log_warnx("EVP_PKEY_CTX_set_rsa_keygen_bits failed");
136 ssl_error("EVP_PKEY_CTX_set_rsa_keygen_bits");
139 if (EVP_PKEY_keygen(ctx, &pkey) <= 0) {
140 log_warnx("EVP_PKEY_keygen failed");
141 ssl_error("EVP_PKEY_keygen");
145 /* Serialize the key to the disc. */
146 if (!PEM_write_PrivateKey(f, pkey, NULL, NULL, 0, NULL, NULL)) {
147 log_warnx("PEM_write_PrivateKey failed");
148 ssl_error("PEM_write_PrivateKey");
158 EVP_PKEY_CTX_free(ctx);
163 ec_key_create(FILE *f, const char *fname)
165 EC_KEY *eckey = NULL;
166 EVP_PKEY *pkey = NULL;
169 if ((eckey = EC_KEY_new_by_curve_name(NID_secp384r1)) == NULL) {
170 log_warnx("EC_KEY_new_by_curve_name failed");
171 ssl_error("EC_KEY_new_by_curve_name");
175 if (!EC_KEY_generate_key(eckey)) {
176 log_warnx("EC_KEY_generate_key failed");
177 ssl_error("EC_KEY_generate_key");
181 /* Serialise the key to the disc in EC format */
182 if (!PEM_write_ECPrivateKey(f, eckey, NULL, NULL, 0, NULL, NULL)) {
183 log_warnx("PEM_write_ECPrivateKey failed");
184 ssl_error("PEM_write_ECPrivateKey");
188 /* Convert the EC key into a PKEY structure */
189 if ((pkey = EVP_PKEY_new()) == NULL) {
190 log_warnx("EVP_PKEY_new failed");
191 ssl_error("EVP_PKEY_new");
194 if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) {
195 log_warnx("EVP_PKEY_set1_EC_KEY failed");
196 ssl_error("EVP_PKEY_set1_EC_KEY");
212 gencert(const char *hostname, const char *certpath, const char *keypath,
219 const unsigned char *host = (const unsigned char*)hostname;
221 log_info("Generating new %s key for %s (it could take a while)",
222 eckey ? "EC" : "RSA", host);
224 if ((f = fopen(keypath, "w")) == NULL) {
225 log_warn("can't open %s", keypath);
229 pkey = ec_key_create(f, keypath);
231 pkey = rsa_key_create(f, keypath);
233 log_warnx("failed to generate a private key");
236 if (fflush(f) == EOF || fclose(f) == EOF) {
237 log_warn("failed to flush or close the private key");
241 if ((x509 = X509_new()) == NULL) {
242 log_warnx("couldn't generate the X509 certificate");
243 ssl_error("X509_new");
247 ASN1_INTEGER_set(X509_get_serialNumber(x509), 0);
248 X509_gmtime_adj(X509_get_notBefore(x509), 0);
249 X509_gmtime_adj(X509_get_notAfter(x509), 315360000L); /* 10 years */
250 X509_set_version(x509, 2); // v3
252 if (!X509_set_pubkey(x509, pkey)) {
253 log_warnx("couldn't set the public key");
254 ssl_error("X509_set_pubkey");
258 if ((name = X509_NAME_new()) == NULL) {
259 log_warnx("X509_NAME_new failed");
260 ssl_error("X509_NAME_new");
264 if (!X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, host,
266 log_warnx("couldn't add CN to cert");
267 ssl_error("X509_NAME_add_entry_by_txt");
270 X509_set_subject_name(x509, name);
271 X509_set_issuer_name(x509, name);
273 if (!X509_sign(x509, pkey, EVP_sha256())) {
274 log_warnx("failed to sign the certificate");
275 ssl_error("X509_sign");
279 if ((f = fopen(certpath, "w")) == NULL) {
280 log_warn("can't open %s", certpath);
283 if (!PEM_write_X509(f, x509)) {
284 log_warnx("couldn't write cert");
285 ssl_error("PEM_write_X509");
288 if (fflush(f) == EOF || fclose(f) == EOF) {
289 log_warn("failed to flush or close the private key");
295 log_info("Certificate for %s successfully generated", host);
299 (void) unlink(certpath);
300 (void) unlink(keypath);
305 load_ca(uint8_t *d, size_t len)
311 if ((store = X509_STORE_new()) == NULL) {
312 log_warnx("%s: X509_STORE_new failed", __func__);
316 if ((in = BIO_new_mem_buf(d, len)) == NULL) {
317 log_warnx("%s: BIO_new_mem_buf failed", __func__);
321 if ((x = PEM_read_bio_X509(in, NULL, NULL, NULL)) == NULL) {
322 log_warnx("%s: PEM_read_bio_X509 failed", __func__);
323 ssl_error("PEM_read_bio_X509");
327 if (X509_check_ca(x) == 0) {
328 ssl_error("X509_check_ca");
332 if (!X509_STORE_add_cert(store, x)) {
333 ssl_error("X509_STORE_add_cert");
342 X509_STORE_free(store);
351 validate_against_ca(X509_STORE *ca, const uint8_t *chain, size_t len)
355 X509_STORE_CTX *ctx = NULL;
358 if ((m = BIO_new_mem_buf(chain, len)) == NULL)
361 if ((client = PEM_read_bio_X509(m, NULL, NULL, NULL)) == NULL)
364 if ((ctx = X509_STORE_CTX_new()) == NULL)
367 if (!X509_STORE_CTX_init(ctx, ca, client, NULL))
370 ret = X509_verify_cert(ctx);
377 X509_STORE_CTX_free(ctx);
382 ssl_error(const char *where)
387 while ((code = ERR_get_error()) != 0) {
388 ERR_error_string_n(code, errbuf, sizeof(errbuf));
389 log_debug("debug: SSL library error: %s: %s", where, errbuf);
394 ssl_pubkey_hash(const uint8_t *buf, size_t len)
396 static const char hex[] = "0123456789abcdef";
401 unsigned char digest[EVP_MAX_MD_SIZE];
402 unsigned int dlen, i;
404 if ((in = BIO_new_mem_buf(buf, len)) == NULL) {
405 log_warnx("%s: BIO_new_mem_buf failed", __func__);
409 if ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)) == NULL) {
410 log_warnx("%s: PEM_read_bio_X509 failed", __func__);
411 ssl_error("PEM_read_bio_X509");
415 if ((hash = malloc(TLS_CERT_HASH_SIZE)) == NULL) {
416 log_warn("%s: malloc", __func__);
420 if (X509_pubkey_digest(x509, EVP_sha256(), digest, &dlen) != 1) {
421 log_warnx("%s: X509_pubkey_digest failed", __func__);
422 ssl_error("X509_pubkey_digest");
428 if (TLS_CERT_HASH_SIZE < 2 * dlen + sizeof("SHA256:"))
429 fatalx("%s: hash buffer too small", __func__);
431 off = strlcpy(hash, "SHA256:", TLS_CERT_HASH_SIZE);
432 for (i = 0; i < dlen; ++i) {
433 hash[off++] = hex[(digest[i] >> 4) & 0xf];
434 hash[off++] = hex[digest[i] & 0xf];
446 ssl_load_pkey(const uint8_t *buf, size_t len)
451 if ((in = BIO_new_mem_buf(buf, len)) == NULL) {
452 log_warnx("%s: BIO_new_mem_buf failed", __func__);
456 if ((pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL)) == NULL) {
457 log_warnx("%s: PEM_read_bio_PrivateKey failed", __func__);
458 ssl_error("PEM_read_bio_PrivateKey");
470 h = xcalloc(1, sizeof(*h));
471 TAILQ_INIT(&h->addrs);
472 TAILQ_INIT(&h->locations);
473 TAILQ_INIT(&h->aliases);
474 TAILQ_INIT(&h->proxies);
483 l = xcalloc(1, sizeof(*l));
486 TAILQ_INIT(&l->params);
495 p = xcalloc(1, sizeof(*p));
496 p->protocols = TLS_PROTOCOLS_DEFAULT;