12 #define TOR_X509_PRIVATE
14 #include "lib/tls/x509_internal.h"
18 #include "lib/crypt_ops/compat_openssl.h"
22 DISABLE_GCC_WARNING(
"-Wredundant-decls")
24 #include <openssl/opensslv.h>
27 #error "We require OpenSSL with ECC support"
30 #include <openssl/err.h>
31 #include <openssl/asn1.h>
32 #include <openssl/bio.h>
33 #include <openssl/bn.h>
34 #include <openssl/evp.h>
35 #include <openssl/objects.h>
36 #include <openssl/rsa.h>
37 #include <openssl/x509.h>
39 ENABLE_GCC_WARNING(
"-Wredundant-decls")
41 #include "lib/log/log.h"
49 #ifdef OPENSSL_1_1_API
50 #define X509_get_notBefore_const(cert) \
51 X509_get0_notBefore(cert)
52 #define X509_get_notAfter_const(cert) \
53 X509_get0_notAfter(cert)
54 #ifndef X509_get_notBefore
55 #define X509_get_notBefore(cert) \
56 X509_getm_notBefore(cert)
58 #ifndef X509_get_notAfter
59 #define X509_get_notAfter(cert) \
60 X509_getm_notAfter(cert)
63 #define X509_get_notBefore_const(cert) \
64 ((const ASN1_TIME*) X509_get_notBefore((X509 *)cert))
65 #define X509_get_notAfter_const(cert) \
66 ((const ASN1_TIME*) X509_get_notAfter((X509 *)cert))
76 if (!(
name = X509_NAME_new()))
78 if ((nid = OBJ_txt2nid(
"commonName")) == NID_undef)
goto error;
79 if (!(X509_NAME_add_entry_by_NID(
name, nid, MBSTRING_ASC,
80 (
unsigned char*)cname, -1, -1, 0)))
104 const char *cname_sign,
105 unsigned int cert_lifetime))
109 #define SERIAL_NUMBER_SIZE 8
111 time_t start_time, end_time;
112 BIGNUM *serial_number = NULL;
113 unsigned char serial_tmp[SERIAL_NUMBER_SIZE];
114 EVP_PKEY *sign_pkey = NULL, *pkey=NULL;
116 X509_NAME *
name = NULL, *name_issuer=NULL;
120 time_t now = time(NULL);
122 tor_tls_pick_certificate_lifetime(now, cert_lifetime,
123 &start_time, &end_time);
129 if (!(sign_pkey = crypto_pk_get_openssl_evp_pkey_(rsa_sign,1)))
131 if (!(pkey = crypto_pk_get_openssl_evp_pkey_(rsa,0)))
133 if (!(x509 = X509_new()))
135 if (!(X509_set_version(x509, 2)))
139 crypto_rand((
char *)serial_tmp,
sizeof(serial_tmp));
140 if (!(serial_number = BN_bin2bn(serial_tmp,
sizeof(serial_tmp), NULL)))
142 if (!(BN_to_ASN1_INTEGER(serial_number, X509_get_serialNumber(x509))))
148 if (!(X509_set_subject_name(x509,
name)))
152 if (!(X509_set_issuer_name(x509, name_issuer)))
155 if (!X509_time_adj(X509_get_notBefore(x509),0,&start_time))
157 if (!X509_time_adj(X509_get_notAfter(x509),0,&end_time))
159 if (!X509_set_pubkey(x509, pkey))
162 if (!X509_sign(x509, sign_pkey, EVP_sha256()))
174 EVP_PKEY_free(sign_pkey);
178 BN_clear_free(serial_number);
180 X509_NAME_free(
name);
182 X509_NAME_free(name_issuer);
185 #undef SERIAL_NUMBER_SIZE
192 unsigned char *buf = NULL;
193 int length = i2d_X509(cert->cert, &buf);
195 if (length <= 0 || buf == NULL) {
198 cert->encoded_len = (size_t) length;
199 cert->encoded = tor_malloc(length);
200 memcpy(cert->encoded, buf, length);
206 tor_x509_cert_impl_free_(tor_x509_cert_impl_t *cert)
212 tor_x509_cert_impl_t *
213 tor_x509_cert_impl_dup_(tor_x509_cert_impl_t *cert)
216 return X509_dup(cert);
225 const uint8_t **encoded_out,
size_t *size_out)
230 *encoded_out = cert->encoded;
231 *size_out = cert->encoded_len;
241 const unsigned char *cp = (
const unsigned char *)certificate;
242 tor_x509_cert_t *newcert;
244 check_no_tls_errors();
246 if (certificate_len > INT_MAX)
249 x509 = d2i_X509(NULL, &cp, (
int)certificate_len);
253 if (cp - certificate != (
int)certificate_len) {
257 newcert = tor_x509_cert_new(x509);
261 if (newcert->encoded_len != certificate_len ||
262 fast_memneq(newcert->encoded, certificate, certificate_len)) {
264 tor_x509_cert_free(newcert);
281 EVP_PKEY *pkey = X509_get_pubkey(cert->cert);
285 rsa = EVP_PKEY_get1_RSA(pkey);
290 result = crypto_new_pk_from_openssl_rsa_(rsa);
302 const tor_x509_cert_t *cert,
303 const tor_x509_cert_t *signing_cert,
307 check_no_tls_errors();
311 if (!signing_cert || !cert)
314 EVP_PKEY *signing_key = X509_get_pubkey(signing_cert->cert);
317 r = X509_verify(cert->cert, signing_key);
318 EVP_PKEY_free(signing_key);
326 TOR_X509_FUTURE_SLOP) < 0)
329 cert_key = X509_get_pubkey(cert->cert);
330 if (check_rsa_1024 && cert_key) {
331 RSA *rsa = EVP_PKEY_get1_RSA(cert_key);
332 #ifdef OPENSSL_1_1_API
333 if (rsa && RSA_bits(rsa) == 1024) {
335 if (rsa && BN_num_bits(rsa->n) == 1024) {
339 log_fn(severity,
LD_CRYPTO,
"Invalid certificate: Key is not RSA1024.");
344 }
else if (cert_key) {
347 if (EVP_PKEY_base_id(cert_key) == EVP_PKEY_EC)
350 if (EVP_PKEY_bits(cert_key) >= min_bits)
353 EVP_PKEY_free(cert_key);
372 char *s1=NULL, *s2=NULL;
379 "Certificate %s. Either their clock is set wrong, or your clock "
383 if (!(bio = BIO_new(BIO_s_mem()))) {
384 log_warn(
LD_GENERAL,
"Couldn't allocate BIO!");
goto end;
386 if (!(ASN1_TIME_print(bio, X509_get_notBefore_const(cert)))) {
390 BIO_get_mem_ptr(bio, &buf);
391 s1 = tor_strndup(buf->data, buf->length);
393 (void)BIO_reset(bio);
394 if (!(ASN1_TIME_print(bio, X509_get_notAfter_const(cert)))) {
398 BIO_get_mem_ptr(bio, &buf);
399 s2 = tor_strndup(buf->data, buf->length);
401 n = strftime(mytime, 32,
"%b %d %H:%M:%S %Y UTC",
tor_gmtime_r(&now, &tm));
404 "(certificate lifetime runs from %s through %s. Your time is %s.)",
408 "(certificate lifetime runs from %s through %s. "
409 "Couldn't get your time.)",
430 int past_tolerance,
int future_tolerance)
434 t = now + future_tolerance;
435 if (X509_cmp_time(X509_get_notBefore_const(cert), &t) > 0) {
439 t = now - past_tolerance;
440 if (X509_cmp_time(X509_get_notAfter_const(cert), &t) < 0) {
448 #ifdef TOR_UNIT_TESTS
453 tor_x509_cert_replace_expiration(
const tor_x509_cert_t *inp,
454 time_t new_expiration_time,
457 X509 *newc = X509_dup(inp->cert);
458 X509_time_adj(X509_get_notAfter(newc), 0, &new_expiration_time);
459 EVP_PKEY *pk = crypto_pk_get_openssl_evp_pkey_(signing_key, 1);
460 tor_assert(X509_sign(newc, pk, EVP_sha256()));
462 return tor_x509_cert_new(newc);
void crypto_rand(char *to, size_t n)
Common functions for using (pseudo-)random number generators.
Common functions for cryptographic routines.
#define fast_memneq(a, b, c)
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
#define log_fn(severity, domain, args,...)
#define MOCK_IMPL(rv, funcname, arglist)
struct tm * tor_gmtime_r(const time_t *timep, struct tm *result)
void tls_log_errors(tor_tls_t *tls, int severity, int domain, const char *doing)
Macros to manage assertions, fatal and non-fatal.
int tor_x509_check_cert_lifetime_internal(int severity, const X509 *cert, time_t now, int past_tolerance, int future_tolerance)
X509 * tor_tls_create_certificate(crypto_pk_t *rsa, crypto_pk_t *rsa_sign, const char *cname, const char *cname_sign, unsigned int cert_lifetime)
crypto_pk_t * tor_tls_cert_get_key(tor_x509_cert_t *cert)
int tor_tls_cert_is_valid(int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, time_t now, int check_rsa_1024)
static X509_NAME * tor_x509_name_new(const char *cname)
static void log_cert_lifetime(int severity, const X509 *cert, const char *problem, time_t now)
void tor_x509_cert_get_der(const tor_x509_cert_t *cert, const uint8_t **encoded_out, size_t *size_out)
tor_x509_cert_t * tor_x509_cert_decode(const uint8_t *certificate, size_t certificate_len)
int tor_x509_cert_set_cached_der_encoding(tor_x509_cert_t *cert)