s3_srvr.c

来自「一个用于点对点传输加密的工具包源码」· C语言 代码 · 共 1,755 行 · 第 1/3 页

C
1,755
字号
123
		/* get the list of acceptable cert types */		p++;		n=ssl3_get_req_cert_type(s,p);		d[0]=n;		p+=n;		n++;		off=n;		p+=2;		n+=2;		sk=SSL_get_client_CA_list(s);		nl=0;		if (sk != NULL)			{			for (i=0; i<sk_X509_NAME_num(sk); i++)				{				name=sk_X509_NAME_value(sk,i);				j=i2d_X509_NAME(name,NULL);				if (!BUF_MEM_grow(buf,4+n+j+2))					{					SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);					goto err;					}				p=(unsigned char *)&(buf->data[4+n]);				if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))					{					s2n(j,p);					i2d_X509_NAME(name,&p);					n+=2+j;					nl+=2+j;					}				else					{					d=p;					i2d_X509_NAME(name,&p);					j-=2; s2n(j,d); j+=2;					n+=j;					nl+=j;					}				}			}		/* else no CA names */		p=(unsigned char *)&(buf->data[4+off]);		s2n(nl,p);		d=(unsigned char *)buf->data;		*(d++)=SSL3_MT_CERTIFICATE_REQUEST;		l2n3(n,d);		/* we should now have things packed up, so lets send		 * it off */		s->init_num=n+4;		s->init_off=0;#ifdef NETSCAPE_HANG_BUG		p=(unsigned char *)s->init_buf->data + s->init_num;		/* do the header */		*(p++)=SSL3_MT_SERVER_DONE;		*(p++)=0;		*(p++)=0;		*(p++)=0;		s->init_num += 4;#endif		}	/* SSL3_ST_SW_CERT_REQ_B */	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));err:	return(-1);	}static int ssl3_get_client_key_exchange(SSL *s)	{	int i,al,ok;	long n;	unsigned long l;	unsigned char *p;#ifndef NO_RSA	RSA *rsa=NULL;	EVP_PKEY *pkey=NULL;#endif#ifndef NO_DH	BIGNUM *pub=NULL;	DH *dh_srvr;#endif	n=ssl3_get_message(s,		SSL3_ST_SR_KEY_EXCH_A,		SSL3_ST_SR_KEY_EXCH_B,		SSL3_MT_CLIENT_KEY_EXCHANGE,		400, /* ???? */		&ok);	if (!ok) return((int)n);	p=(unsigned char *)s->init_buf->data;	l=s->s3->tmp.new_cipher->algorithms;#ifndef NO_RSA	if (l & SSL_kRSA)		{		/* FIX THIS UP EAY EAY EAY EAY */		if (s->s3->tmp.use_rsa_tmp)			{			if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))				rsa=s->cert->rsa_tmp;			/* Don't do a callback because rsa_tmp should			 * be sent already */			if (rsa == NULL)				{				al=SSL_AD_HANDSHAKE_FAILURE;				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);				goto f_err;				}			}		else			{			pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;			if (	(pkey == NULL) ||				(pkey->type != EVP_PKEY_RSA) ||				(pkey->pkey.rsa == NULL))				{				al=SSL_AD_HANDSHAKE_FAILURE;				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);				goto f_err;				}			rsa=pkey->pkey.rsa;			}		/* TLS */		if (s->version > SSL3_VERSION)			{			n2s(p,i);			if (n != i+2)				{				if (!(s->options & SSL_OP_TLS_D5_BUG))					{					SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);					goto err;					}				else					p-=2;				}			else				n=i;			}		i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);		if (i != SSL_MAX_MASTER_KEY_LENGTH)			{			al=SSL_AD_DECODE_ERROR;			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);			goto f_err;			}		if (!((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))			{			/* The premaster secret must contain the same version number as the			 * ClientHello to detect version rollback attacks (strangely, the			 * protocol does not offer such protection for DH ciphersuites).			 * However, buggy clients exist that send the negotiated protocol			 * version instead if the server does not support the requested			 * protocol version.			 * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */			if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&				(p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))				{				al=SSL_AD_DECODE_ERROR;				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER);				goto f_err;				}			}		s->session->master_key_length=			s->method->ssl3_enc->generate_master_secret(s,				s->session->master_key,				p,i);		memset(p,0,i);		}	else#endif#ifndef NO_DH		if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))		{		n2s(p,i);		if (n != i+2)			{			if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))				{				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);				goto err;				}			else				{				p-=2;				i=(int)n;				}			}		if (n == 0L) /* the parameters are in the cert */			{			al=SSL_AD_HANDSHAKE_FAILURE;			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);			goto f_err;			}		else			{			if (s->s3->tmp.dh == NULL)				{				al=SSL_AD_HANDSHAKE_FAILURE;				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);				goto f_err;				}			else				dh_srvr=s->s3->tmp.dh;			}		pub=BN_bin2bn(p,i,NULL);		if (pub == NULL)			{			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);			goto err;			}		i=DH_compute_key(p,pub,dh_srvr);		if (i <= 0)			{			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);			goto err;			}		DH_free(s->s3->tmp.dh);		s->s3->tmp.dh=NULL;		BN_clear_free(pub);		pub=NULL;		s->session->master_key_length=			s->method->ssl3_enc->generate_master_secret(s,				s->session->master_key,p,i);		}	else#endif		{		al=SSL_AD_HANDSHAKE_FAILURE;		SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE);		goto f_err;		}	return(1);f_err:	ssl3_send_alert(s,SSL3_AL_FATAL,al);#if !defined(NO_DH) || !defined(NO_RSA)err:#endif	return(-1);	}static int ssl3_get_cert_verify(SSL *s)	{	EVP_PKEY *pkey=NULL;	unsigned char *p;	int al,ok,ret=0;	long n;	int type=0,i,j;	X509 *peer;	n=ssl3_get_message(s,		SSL3_ST_SR_CERT_VRFY_A,		SSL3_ST_SR_CERT_VRFY_B,		-1,		512, /* 512? */		&ok);	if (!ok) return((int)n);	if (s->session->peer != NULL)		{		peer=s->session->peer;		pkey=X509_get_pubkey(peer);		type=X509_certificate_type(peer,pkey);		}	else		{		peer=NULL;		pkey=NULL;		}	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)		{		s->s3->tmp.reuse_message=1;		if ((peer != NULL) && (type | EVP_PKT_SIGN))			{			al=SSL_AD_UNEXPECTED_MESSAGE;			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);			goto f_err;			}		ret=1;		goto end;		}	if (peer == NULL)		{		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);		al=SSL_AD_UNEXPECTED_MESSAGE;		goto f_err;		}	if (!(type & EVP_PKT_SIGN))		{		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);		al=SSL_AD_ILLEGAL_PARAMETER;		goto f_err;		}	if (s->s3->change_cipher_spec)		{		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);		al=SSL_AD_UNEXPECTED_MESSAGE;		goto f_err;		}	/* we now have a signature that we need to verify */	p=(unsigned char *)s->init_buf->data;	n2s(p,i);	n-=2;	if (i > n)		{		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);		al=SSL_AD_DECODE_ERROR;		goto f_err;		}	j=EVP_PKEY_size(pkey);	if ((i > j) || (n > j) || (n <= 0))		{		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);		al=SSL_AD_DECODE_ERROR;		goto f_err;		}#ifndef NO_RSA 	if (pkey->type == EVP_PKEY_RSA)		{		i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,			MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i, 							pkey->pkey.rsa);		if (i < 0)			{			al=SSL_AD_DECRYPT_ERROR;			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);			goto f_err;			}		if (i == 0)			{			al=SSL_AD_DECRYPT_ERROR;			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);			goto f_err;			}		}	else#endif#ifndef NO_DSA		if (pkey->type == EVP_PKEY_DSA)		{		j=DSA_verify(pkey->save_type,			&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),			SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);		if (j <= 0)			{			/* bad signature */			al=SSL_AD_DECRYPT_ERROR;			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);			goto f_err;			}		}	else#endif		{		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR);		al=SSL_AD_UNSUPPORTED_CERTIFICATE;		goto f_err;		}	ret=1;	if (0)		{f_err:		ssl3_send_alert(s,SSL3_AL_FATAL,al);		}end:	EVP_PKEY_free(pkey);	return(ret);	}static int ssl3_get_client_certificate(SSL *s)	{	int i,ok,al,ret= -1;	X509 *x=NULL;	unsigned long l,nc,llen,n;	unsigned char *p,*d,*q;	STACK_OF(X509) *sk=NULL;	n=ssl3_get_message(s,		SSL3_ST_SR_CERT_A,		SSL3_ST_SR_CERT_B,		-1,#if defined(MSDOS) && !defined(WIN32)		1024*30, /* 30k max cert list :-) */#else		1024*100, /* 100k max cert list :-) */#endif		&ok);	if (!ok) return((int)n);	if	(s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)		{		if (	(s->verify_mode & SSL_VERIFY_PEER) &&			(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))			{			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);			al=SSL_AD_HANDSHAKE_FAILURE;			goto f_err;			}		/* If tls asked for a client cert, the client must return a 0 list */		if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)			{			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);			al=SSL_AD_UNEXPECTED_MESSAGE;			goto f_err;			}		s->s3->tmp.reuse_message=1;		return(1);		}	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)		{		al=SSL_AD_UNEXPECTED_MESSAGE;		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);		goto f_err;		}	d=p=(unsigned char *)s->init_buf->data;	if ((sk=sk_X509_new_null()) == NULL)		{		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);		goto err;		}	n2l3(p,llen);	if (llen+3 != n)		{		al=SSL_AD_DECODE_ERROR;		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);		goto f_err;		}	for (nc=0; nc<llen; )		{		n2l3(p,l);		if ((l+nc+3) > llen)			{			al=SSL_AD_DECODE_ERROR;			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);			goto f_err;			}		q=p;		x=d2i_X509(NULL,&p,l);		if (x == NULL)			{			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);			goto err;			}		if (p != (q+l))			{			al=SSL_AD_DECODE_ERROR;			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);			goto f_err;			}		if (!sk_X509_push(sk,x))			{			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);			goto err;			}		x=NULL;		nc+=l+3;		}	if (sk_X509_num(sk) <= 0)		{		/* TLS does not mind 0 certs returned */		if (s->version == SSL3_VERSION)			{			al=SSL_AD_HANDSHAKE_FAILURE;			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);			goto f_err;			}		/* Fail for TLS only if we required a certificate */		else if ((s->verify_mode & SSL_VERIFY_PEER) &&			 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))			{			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);			al=SSL_AD_HANDSHAKE_FAILURE;			goto f_err;			}		}	else		{		i=ssl_verify_cert_chain(s,sk);		if (!i)			{			al=ssl_verify_alarm_type(s->verify_result);			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);			goto f_err;			}		}	if (s->session->peer != NULL) /* This should not be needed */		X509_free(s->session->peer);	s->session->peer=sk_X509_shift(sk);	s->session->verify_result = s->verify_result;	/* With the current implementation, sess_cert will always be NULL	 * when we arrive here. */	if (s->session->sess_cert == NULL)		{		s->session->sess_cert = ssl_sess_cert_new();		if (s->session->sess_cert == NULL)			{			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);			goto err;			}		}	if (s->session->sess_cert->cert_chain != NULL)		sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);	s->session->sess_cert->cert_chain=sk;	/* Inconsistency alert: cert_chain does *not* include the	 * peer's own certificate, while we do include it in s3_clnt.c */	sk=NULL;	ret=1;	if (0)		{f_err:		ssl3_send_alert(s,SSL3_AL_FATAL,al);		}err:	if (x != NULL) X509_free(x);	if (sk != NULL) sk_X509_pop_free(sk,X509_free);	return(ret);	}int ssl3_send_server_certificate(SSL *s)	{	unsigned long l;	X509 *x;	if (s->state == SSL3_ST_SW_CERT_A)		{		x=ssl_get_server_send_cert(s);		if (x == NULL)			{			SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR);			return(0);			}		l=ssl3_output_cert_chain(s,x);		s->state=SSL3_ST_SW_CERT_B;		s->init_num=(int)l;		s->init_off=0;		}	/* SSL3_ST_SW_CERT_B */	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));	}
123

s3_srvr.c - 源码说明

本页面展示了「一个用于点对点传输加密的工具包源码」中的 s3_srvr.c 源码文件,采用 C语言 编程语言编写,共 1,755 行代码。您可以在线阅读完整代码内容,也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与点对点相关的技术资源,包括源代码、技术文档、电路图等,是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?