/* check_leaf_cert_and_privkey checks whether the certificate in |leaf_buffer| * and the private key in |privkey| are suitable and coherent. It returns * |leaf_cert_and_privkey_error| and pushes to the error queue if a problem is * found. If the certificate and private key are valid, but incoherent, it * returns |leaf_cert_and_privkey_mismatch|. Otherwise it returns * |leaf_cert_and_privkey_ok|. */ static enum leaf_cert_and_privkey_result_t check_leaf_cert_and_privkey( CRYPTO_BUFFER *leaf_buffer, EVP_PKEY *privkey) { enum leaf_cert_and_privkey_result_t ret = leaf_cert_and_privkey_error; CBS cert_cbs; CRYPTO_BUFFER_init_CBS(leaf_buffer, &cert_cbs); EVP_PKEY *pubkey = ssl_cert_parse_pubkey(&cert_cbs); if (pubkey == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); goto out; } if (!ssl_is_key_type_supported(pubkey->type)) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); goto out; } /* An ECC certificate may be usable for ECDH or ECDSA. We only support ECDSA * certificates, so sanity-check the key usage extension. */ if (pubkey->type == EVP_PKEY_EC && !ssl_cert_check_digital_signature_key_usage(&cert_cbs)) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); goto out; } if (privkey != NULL && /* Sanity-check that the private key and the certificate match. */ !ssl_compare_public_and_private_key(pubkey, privkey)) { ERR_clear_error(); ret = leaf_cert_and_privkey_mismatch; goto out; } ret = leaf_cert_and_privkey_ok; out: EVP_PKEY_free(pubkey); return ret; }
int ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey) { if (privkey == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_R_NO_PRIVATE_KEY_ASSIGNED); return 0; } if (cert->chain == NULL || sk_CRYPTO_BUFFER_value(cert->chain, 0) == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); return 0; } CBS cert_cbs; CRYPTO_BUFFER_init_CBS(sk_CRYPTO_BUFFER_value(cert->chain, 0), &cert_cbs); EVP_PKEY *pubkey = ssl_cert_parse_pubkey(&cert_cbs); if (!pubkey) { OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); return 0; } const int ok = ssl_compare_public_and_private_key(pubkey, privkey); EVP_PKEY_free(pubkey); return ok; }
static int ssl_set_cert(CERT *cert, CRYPTO_BUFFER *buffer) { CBS cert_cbs; CRYPTO_BUFFER_init_CBS(buffer, &cert_cbs); EVP_PKEY *pubkey = ssl_cert_parse_pubkey(&cert_cbs); if (pubkey == NULL) { return 0; } if (!is_key_type_supported(pubkey->type)) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); EVP_PKEY_free(pubkey); return 0; } /* An ECC certificate may be usable for ECDH or ECDSA. We only support ECDSA * certificates, so sanity-check the key usage extension. */ if (pubkey->type == EVP_PKEY_EC && !ssl_cert_check_digital_signature_key_usage(&cert_cbs)) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE); EVP_PKEY_free(pubkey); return 0; } if (cert->privatekey != NULL) { /* Sanity-check that the private key and the certificate match, unless the * key is opaque (in case of, say, a smartcard). */ if (!EVP_PKEY_is_opaque(cert->privatekey) && !ssl_compare_public_and_private_key(pubkey, cert->privatekey)) { /* don't fail for a cert/key mismatch, just free current private key * (when switching to a different cert & key, first this function should * be used, then ssl_set_pkey */ EVP_PKEY_free(cert->privatekey); cert->privatekey = NULL; /* clear error queue */ ERR_clear_error(); } } EVP_PKEY_free(pubkey); ssl_cert_flush_cached_x509_leaf(cert); if (cert->chain != NULL) { CRYPTO_BUFFER_free(sk_CRYPTO_BUFFER_value(cert->chain, 0)); sk_CRYPTO_BUFFER_set(cert->chain, 0, buffer); CRYPTO_BUFFER_up_ref(buffer); return 1; } cert->chain = sk_CRYPTO_BUFFER_new_null(); if (cert->chain == NULL) { return 0; } if (!sk_CRYPTO_BUFFER_push(cert->chain, buffer)) { sk_CRYPTO_BUFFER_free(cert->chain); cert->chain = NULL; return 0; } CRYPTO_BUFFER_up_ref(buffer); return 1; }