int day, sec;
if (!ASN1_TIME_diff(&day, &sec, NULL, to))
- /* Invalid time format */
+ /* Invalid time format */
if (day > 0 || sec > 0)
- printf("Later\n");
+ printf("Later\n");
else if (day < 0 || sec < 0)
- printf("Sooner\n");
+ printf("Sooner\n");
else
- printf("Same\n");
+ printf("Same\n");
=head1 RETURN VALUES
}
for (;;) {
- switch(ASYNC_start_job(&job, ctx, &ret, jobfunc, msg, sizeof(msg))) {
+ switch (ASYNC_start_job(&job, ctx, &ret, jobfunc, msg, sizeof(msg))) {
case ASYNC_ERR:
case ASYNC_NO_JOBS:
- printf("An error occurred\n");
- goto end;
+ printf("An error occurred\n");
+ goto end;
case ASYNC_PAUSE:
- printf("Job was paused\n");
- break;
+ printf("Job was paused\n");
+ break;
case ASYNC_FINISH:
- printf("Job finished with return value %d\n", ret);
- goto end;
+ printf("Job finished with return value %d\n", ret);
+ goto end;
}
/* Wait for the job to be woken */
These flags are bit flags, so they are to be combined with the
C<|> operator, for example:
- BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);
+ BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);
=head1 RETURN VALUES
bio = BIO_new_fp(stdin, BIO_NOCLOSE);
bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
BIO_push(b64, bio);
- while((inlen = BIO_read(b64, inbuf, 512)) > 0)
- BIO_write(bio_out, inbuf, inlen);
+ while ((inlen = BIO_read(b64, inbuf, 512)) > 0)
+ BIO_write(bio_out, inbuf, inlen);
BIO_flush(bio_out);
BIO_free_all(b64);
bio = BIO_new(BIO_s_null());
mdtmp = BIO_new(BIO_f_md());
BIO_set_md(mdtmp, EVP_sha1());
- /* For BIO_push() we want to append the sink BIO and keep a note of
+ /*
+ * For BIO_push() we want to append the sink BIO and keep a note of
* the start of the chain.
*/
bio = BIO_push(mdtmp, bio);
BIO_set_md(mdtmp, EVP_md5());
bio = BIO_push(mdtmp, bio);
do {
- rdlen = BIO_read(bio, buf, sizeof(buf));
- /* Might want to do something with the data here */
+ rdlen = BIO_read(bio, buf, sizeof(buf));
+ /* Might want to do something with the data here */
} while (rdlen > 0);
This next example retrieves the message digests from a BIO chain and
int i;
mdtmp = bio; /* Assume bio has previously been set up */
do {
- EVP_MD *md;
- mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
- if (!mdtmp) break;
- BIO_get_md(mdtmp, &md);
- printf("%s digest", OBJ_nid2sn(EVP_MD_type(md)));
- mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
- for (i = 0; i < mdlen; i++) printf(":%02X", mdbuf[i]);
- printf("\n");
- mdtmp = BIO_next(mdtmp);
+ EVP_MD *md;
+ mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
+ if (!mdtmp)
+ break;
+ BIO_get_md(mdtmp, &md);
+ printf("%s digest", OBJ_nid2sn(EVP_MD_type(md)));
+ mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
+ for (i = 0; i < mdlen; i++) printf(":%02X", mdbuf[i]);
+ printf("\n");
+ mdtmp = BIO_next(mdtmp);
} while (mdtmp);
BIO_free_all(bio);
exit(1);
}
if (BIO_do_handshake(sbio) <= 0) {
- fprintf(stderr, "Error establishing SSL connection\n");
- ERR_print_errors_fp(stderr);
- exit(1);
+ fprintf(stderr, "Error establishing SSL connection\n");
+ ERR_print_errors_fp(stderr);
+ exit(1);
}
/* XXX Could examine ssl here to get connection info */
BIO_puts(sbio, "GET / HTTP/1.0\n\n");
- for ( ; ; ) {
+ for (;;) {
len = BIO_read(sbio, tmpbuf, 1024);
if (len <= 0)
break;
BIO_puts(sbio, "\r\nConnection Established\r\nRequest headers:\r\n");
BIO_puts(sbio, "--------------------------------------------------\r\n");
- for ( ; ; ) {
+ for (;;) {
len = BIO_gets(sbio, tmpbuf, 1024);
if (len <= 0)
break;
btmp = in_bio; /* in_bio is chain to search through */
do {
- btmp = BIO_find_type(btmp, BIO_TYPE_MD);
- if (btmp == NULL) break; /* Not found */
- /* btmp is a digest BIO, do something with it ...*/
- ...
+ btmp = BIO_find_type(btmp, BIO_TYPE_MD);
+ if (btmp == NULL)
+ break; /* Not found */
+ /* btmp is a digest BIO, do something with it ...*/
+ ...
- btmp = BIO_next(btmp);
+ btmp = BIO_next(btmp);
} while (btmp);
exit(1);
}
BIO_puts(cbio, "GET / HTTP/1.0\n\n");
- for ( ; ; ) {
+ for (;;) {
len = BIO_read(cbio, tmpbuf, 1024);
if (len <= 0)
break;
BIO *bio_out;
bio_out = BIO_new(BIO_s_file());
- if (bio_out == NULL) /* Error ... */
- if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE)) /* Error ... */
+ if (bio_out == NULL)
+ /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+ /* Error */
BIO_printf(bio_out, "Hello World\n");
Write to a file:
BIO *out;
out = BIO_new_file("filename.txt", "w");
- if (!out) /* Error occurred */
+ if (!out)
+ /* Error */
BIO_printf(out, "Hello World\n");
BIO_free(out);
BIO *out;
out = BIO_new(BIO_s_file());
- if (out == NULL) /* Error ... */
- if (!BIO_write_filename(out, "filename.txt")) /* Error ... */
+ if (out == NULL)
+ /* Error */
+ if (!BIO_write_filename(out, "filename.txt"))
+ /* Error */
BIO_printf(out, "Hello World\n");
BIO_free(out);
is called before the read and
- callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue, readbytes)
+ callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+ readbytes)
or
is called before the write and
- callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue, written)
+ callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+ written)
or
is called before the operation and
- callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue, readbytes)
+ callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+ readbytes)
or
BN_CTX *ctx;
ctx = BN_CTX_new();
- if(!ctx) /* Handle error */
+ if (!ctx)
+ /* error */
...
BN_CTX_free(ctx);
BN_GENCB *callback;
callback = BN_GENCB_new();
- if(!callback) /* handle error */
+ if (!callback)
+ /* error */
...
BN_GENCB_free(callback);
considered fatal):
if (CONF_modules_load_file(NULL, NULL, 0) <= 0) {
- fprintf(stderr, "FATAL: error loading configuration file\n");
- ERR_print_errors_fp(stderr);
- exit(1);
+ fprintf(stderr, "FATAL: error loading configuration file\n");
+ ERR_print_errors_fp(stderr);
+ exit(1);
}
Load default configuration file using the section indicated by "myapp",
if (CONF_modules_load_file(NULL, "myapp",
CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
- fprintf(stderr, "FATAL: error loading configuration file\n");
- ERR_print_errors_fp(stderr);
- exit(1);
+ fprintf(stderr, "FATAL: error loading configuration file\n");
+ ERR_print_errors_fp(stderr);
+ exit(1);
}
Load custom configuration file and section, only print warnings on error,
if (CONF_modules_load_file("/something/app.cnf", "myapp",
CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
- fprintf(stderr, "WARNING: error loading configuration file\n");
- ERR_print_errors_fp(stderr);
+ fprintf(stderr, "WARNING: error loading configuration file\n");
+ ERR_print_errors_fp(stderr);
}
Load and parse configuration file manually, custom error handling:
long eline;
fp = fopen("/somepath/app.cnf", "r");
if (fp == NULL) {
- fprintf(stderr, "Error opening configuration file\n");
- /* Other missing configuration file behaviour */
+ fprintf(stderr, "Error opening configuration file\n");
+ /* Other missing configuration file behaviour */
} else {
- cnf = NCONF_new(NULL);
- if (NCONF_load_fp(cnf, fp, &eline) == 0) {
- fprintf(stderr, "Error on line %ld of configuration file\n", eline);
- ERR_print_errors_fp(stderr);
- /* Other malformed configuration file behaviour */
- } else if (CONF_modules_load(cnf, "appname", 0) <= 0) {
- fprintf(stderr, "Error configuring application\n");
- ERR_print_errors_fp(stderr);
- /* Other configuration error behaviour */
- }
- fclose(fp);
- NCONF_free(cnf);
- }
+ cnf = NCONF_new(NULL);
+ if (NCONF_load_fp(cnf, fp, &eline) == 0) {
+ fprintf(stderr, "Error on line %ld of configuration file\n", eline);
+ ERR_print_errors_fp(stderr);
+ /* Other malformed configuration file behaviour */
+ } else if (CONF_modules_load(cnf, "appname", 0) <= 0) {
+ fprintf(stderr, "Error configuring application\n");
+ ERR_print_errors_fp(stderr);
+ /* Other configuration error behaviour */
+ }
+ fclose(fp);
+ NCONF_free(cnf);
+ }
=head1 RETURN VALUES
This example safely initializes and uses a lock.
- #ifdef _WIN32
- # include <windows.h>
- #endif
- #include <openssl/crypto.h>
-
- static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
- static CRYPTO_RWLOCK *lock;
-
- static void myinit(void)
- {
- lock = CRYPTO_THREAD_lock_new();
- }
-
- static int mylock(void)
- {
- if (!CRYPTO_THREAD_run_once(&once, void init) || lock == NULL)
- return 0;
- return CRYPTO_THREAD_write_lock(lock);
- }
-
- static int myunlock(void)
- {
- return CRYPTO_THREAD_unlock(lock);
- }
-
- int serialized(void)
- {
- int ret = 0;
-
- if (mylock()) {
- /* Your code here, do not return without releasing the lock! */
- ret = ... ;
- }
- myunlock();
- return ret;
- }
+ #ifdef _WIN32
+ # include <windows.h>
+ #endif
+ #include <openssl/crypto.h>
+
+ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
+ static CRYPTO_RWLOCK *lock;
+
+ static void myinit(void)
+ {
+ lock = CRYPTO_THREAD_lock_new();
+ }
+
+ static int mylock(void)
+ {
+ if (!CRYPTO_THREAD_run_once(&once, void init) || lock == NULL)
+ return 0;
+ return CRYPTO_THREAD_write_lock(lock);
+ }
+
+ static int myunlock(void)
+ {
+ return CRYPTO_THREAD_unlock(lock);
+ }
+
+ int serialized(void)
+ {
+ int ret = 0;
+
+ if (mylock()) {
+ /* Your code here, do not return without releasing the lock! */
+ ret = ... ;
+ }
+ myunlock();
+ return ret;
+ }
Finalization of locks is an advanced topic, not covered in this example.
This can only be done at process exit or when a dynamically loaded library is
#include <openssl/opensslconf.h>
#if defined(OPENSSL_THREADS)
- // thread support enabled
+ // thread support enabled
#else
- // no thread support
+ // no thread support
#endif
=head1 SEE ALSO
First step: create an EC_KEY object (note: this part is B<not> ECDSA
specific)
- int ret;
+ int ret;
ECDSA_SIG *sig;
- EC_KEY *eckey;
+ EC_KEY *eckey;
eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- if (eckey == NULL) {
- /* error */
- }
- if (EC_KEY_generate_key(eckey) == 0) {
- /* error */
- }
+ if (eckey == NULL)
+ /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+ /* error */
Second step: compute the ECDSA signature of a SHA-256 hash value
using ECDSA_do_sign():
sig = ECDSA_do_sign(digest, 32, eckey);
- if (sig == NULL) {
- /* error */
- }
+ if (sig == NULL)
+ /* error */
or using ECDSA_sign():
unsigned char *buffer, *pp;
- int buf_len;
+ int buf_len;
buf_len = ECDSA_size(eckey);
- buffer = OPENSSL_malloc(buf_len);
+ buffer = OPENSSL_malloc(buf_len);
pp = buffer;
- if (ECDSA_sign(0, dgst, dgstlen, pp, &buf_len, eckey) == 0) {
- /* error */
- }
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &buf_len, eckey) == 0)
+ /* error */
Third step: verify the created ECDSA signature using ECDSA_do_verify():
and finally evaluate the return value:
- if (ret == 1) {
- /* signature ok */
- } else if (ret == 0) {
- /* incorrect signature */
- } else {
- /* error */
- }
+ if (ret == 1)
+ /* signature ok */
+ else if (ret == 0)
+ /* incorrect signature */
+ else
+ /* error */
=head1 CONFORMING TO
const char *engine_id = "ACME";
ENGINE_load_builtin_engines();
e = ENGINE_by_id(engine_id);
- if(!e)
+ if (!e)
/* the engine isn't available */
return;
- if(!ENGINE_init(e)) {
+ if (!ENGINE_init(e)) {
/* the engine couldn't initialise, release 'e' */
ENGINE_free(e);
return;
}
- if(!ENGINE_set_default_RSA(e))
- /* This should only happen when 'e' can't initialise, but the previous
- * statement suggests it did. */
+ if (!ENGINE_set_default_RSA(e))
+ /*
+ * This should only happen when 'e' can't initialise, but the previous
+ * statement suggests it did.
+ */
abort();
ENGINE_set_default_DSA(e);
ENGINE_set_default_ciphers(e);
ENGINE *e = ENGINE_by_id(engine_id);
if (!e) return 0;
while (pre_num--) {
- if(!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+ if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
fprintf(stderr, "Failed command (%s - %s:%s)\n", engine_id,
- pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : "(NULL)");
+ pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : "(NULL)");
ENGINE_free(e);
return 0;
}
ENGINE_free(e);
return 0;
}
- /* ENGINE_init() returned a functional reference, so free the structural
- * reference from ENGINE_by_id(). */
+ /*
+ * ENGINE_init() returned a functional reference, so free the structural
+ * reference from ENGINE_by_id().
+ */
ENGINE_free(e);
- while(post_num--) {
- if(!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+ while (post_num--) {
+ if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
fprintf(stderr, "Failed command (%s - %s:%s)\n", engine_id,
- post_cmds[0], post_cmds[1] ? post_cmds[1] : "(NULL)");
+ post_cmds[0], post_cmds[1] ? post_cmds[1] : "(NULL)");
ENGINE_finish(e);
return 0;
}
typedef struct ERR_string_data_st
{
- unsigned long error;
- char *string;
+ unsigned long error;
+ char *string;
} ERR_STRING_DATA;
The error code is generated from the library number and a function and
main(int argc, char *argv[])
{
- EVP_MD_CTX *mdctx;
- const EVP_MD *md;
- char mess1[] = "Test Message\n";
- char mess2[] = "Hello World\n";
- unsigned char md_value[EVP_MAX_MD_SIZE];
- int md_len, i;
-
- if (argv[1] == NULL) {
- printf("Usage: mdtest digestname\n");
- exit(1);
- }
-
- md = EVP_get_digestbyname(argv[1]);
- if (md == NULL) {
- printf("Unknown message digest %s\n", argv[1]);
- exit(1);
- }
-
- mdctx = EVP_MD_CTX_new();
- EVP_DigestInit_ex(mdctx, md, NULL);
- EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
- EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
- EVP_DigestFinal_ex(mdctx, md_value, &md_len);
- EVP_MD_CTX_free(mdctx);
-
- printf("Digest is: ");
- for (i = 0; i < md_len; i++)
- printf("%02x", md_value[i]);
- printf("\n");
-
- exit(0);
+ EVP_MD_CTX *mdctx;
+ const EVP_MD *md;
+ char mess1[] = "Test Message\n";
+ char mess2[] = "Hello World\n";
+ unsigned char md_value[EVP_MAX_MD_SIZE];
+ int md_len, i;
+
+ if (argv[1] == NULL) {
+ printf("Usage: mdtest digestname\n");
+ exit(1);
+ }
+
+ md = EVP_get_digestbyname(argv[1]);
+ if (md == NULL) {
+ printf("Unknown message digest %s\n", argv[1]);
+ exit(1);
+ }
+
+ mdctx = EVP_MD_CTX_new();
+ EVP_DigestInit_ex(mdctx, md, NULL);
+ EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+ EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+ EVP_DigestFinal_ex(mdctx, md_value, &md_len);
+ EVP_MD_CTX_free(mdctx);
+
+ printf("Digest is: ");
+ for (i = 0; i < md_len; i++)
+ printf("%02x", md_value[i]);
+ printf("\n");
+
+ exit(0);
}
=head1 SEE ALSO
Encrypt a string using IDEA:
int do_crypt(char *outfile)
- {
- unsigned char outbuf[1024];
- int outlen, tmplen;
- /* Bogus key and IV: we'd normally set these from
- * another source.
- */
- unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
- unsigned char iv[] = {1,2,3,4,5,6,7,8};
- char intext[] = "Some Crypto Text";
- EVP_CIPHER_CTX *ctx;
- FILE *out;
-
- ctx = EVP_CIPHER_CTX_new();
- EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
-
- if(!EVP_EncryptUpdate(ctx, outbuf, &outlen, intext, strlen(intext)))
- {
- /* Error */
- return 0;
- }
- /* Buffer passed to EVP_EncryptFinal() must be after data just
- * encrypted to avoid overwriting it.
- */
- if(!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen))
- {
- /* Error */
- return 0;
- }
- outlen += tmplen;
- EVP_CIPHER_CTX_free(ctx);
- /* Need binary mode for fopen because encrypted data is
- * binary data. Also cannot use strlen() on it because
- * it won't be null terminated and may contain embedded
- * nulls.
- */
- out = fopen(outfile, "wb");
- fwrite(outbuf, 1, outlen, out);
- fclose(out);
- return 1;
- }
+ {
+ unsigned char outbuf[1024];
+ int outlen, tmplen;
+ /*
+ * Bogus key and IV: we'd normally set these from
+ * another source.
+ */
+ unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+ unsigned char iv[] = {1,2,3,4,5,6,7,8};
+ char intext[] = "Some Crypto Text";
+ EVP_CIPHER_CTX *ctx;
+ FILE *out;
+
+ ctx = EVP_CIPHER_CTX_new();
+ EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+ if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, intext, strlen(intext))) {
+ /* Error */
+ return 0;
+ }
+ /*
+ * Buffer passed to EVP_EncryptFinal() must be after data just
+ * encrypted to avoid overwriting it.
+ */
+ if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen)) {
+ /* Error */
+ return 0;
+ }
+ outlen += tmplen;
+ EVP_CIPHER_CTX_free(ctx);
+ /*
+ * Need binary mode for fopen because encrypted data is
+ * binary data. Also cannot use strlen() on it because
+ * it won't be NUL terminated and may contain embedded
+ * NULs.
+ */
+ out = fopen(outfile, "wb");
+ fwrite(outbuf, 1, outlen, out);
+ fclose(out);
+ return 1;
+ }
The ciphertext from the above example can be decrypted using the B<openssl>
utility with the command line (shown on two lines for clarity):
- openssl idea -d <filename
- -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708
+ openssl idea -d \
+ -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 <filename
General encryption and decryption function example using FILE I/O and AES128
with a 128-bit key:
int do_crypt(FILE *in, FILE *out, int do_encrypt)
- {
- /* Allow enough space in output buffer for additional block */
- unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
- int inlen, outlen;
- EVP_CIPHER_CTX *ctx;
- /* Bogus key and IV: we'd normally set these from
- * another source.
- */
- unsigned char key[] = "0123456789abcdeF";
- unsigned char iv[] = "1234567887654321";
-
- /* Don't set key or IV right away; we want to check lengths */
- ctx = EVP_CIPHER_CTX_new();
- EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
- do_encrypt);
- OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
- OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
-
- /* Now we can set key and IV */
- EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
-
- for(;;)
- {
- inlen = fread(inbuf, 1, 1024, in);
- if (inlen <= 0) break;
- if(!EVP_CipherUpdate(ctx, outbuf, &outlen, inbuf, inlen))
- {
- /* Error */
- EVP_CIPHER_CTX_free(ctx);
- return 0;
- }
- fwrite(outbuf, 1, outlen, out);
- }
- if(!EVP_CipherFinal_ex(ctx, outbuf, &outlen))
- {
- /* Error */
- EVP_CIPHER_CTX_free(ctx);
- return 0;
- }
- fwrite(outbuf, 1, outlen, out);
-
- EVP_CIPHER_CTX_free(ctx);
- return 1;
- }
+ {
+ /* Allow enough space in output buffer for additional block */
+ unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+ int inlen, outlen;
+ EVP_CIPHER_CTX *ctx;
+ /*
+ * Bogus key and IV: we'd normally set these from
+ * another source.
+ */
+ unsigned char key[] = "0123456789abcdeF";
+ unsigned char iv[] = "1234567887654321";
+
+ /* Don't set key or IV right away; we want to check lengths */
+ ctx = EVP_CIPHER_CTX_new();
+ EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+ do_encrypt);
+ OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+ OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+ /* Now we can set key and IV */
+ EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+ for (;;) {
+ inlen = fread(inbuf, 1, 1024, in);
+ if (inlen <= 0)
+ break;
+ if (!EVP_CipherUpdate(ctx, outbuf, &outlen, inbuf, inlen)) {
+ /* Error */
+ EVP_CIPHER_CTX_free(ctx);
+ return 0;
+ }
+ fwrite(outbuf, 1, outlen, out);
+ }
+ if (!EVP_CipherFinal_ex(ctx, outbuf, &outlen)) {
+ /* Error */
+ EVP_CIPHER_CTX_free(ctx);
+ return 0;
+ }
+ fwrite(outbuf, 1, outlen, out);
+
+ EVP_CIPHER_CTX_free(ctx);
+ return 1;
+ }
=head1 SEE ALSO
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
if (EVP_PKEY_derive_init(pctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, "salt", 4) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set1_hkdf_key(pctx, "secret", 6) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 6) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_derive(pctx, out, &outlen) <= 0)
- /* Error */
+ /* Error */
=head1 CONFORMING TO
size_t outlen = sizeof(out);
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
if (EVP_PKEY_derive_init(pctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_derive(pctx, out, &outlen) <= 0)
- /* Error */
+ /* Error */
=head1 SEE ALSO
unsigned char *out, *in;
size_t outlen, inlen;
EVP_PKEY *key;
- /* NB: assumes key in, inlen are already set up
+ /*
+ * NB: assumes key in, inlen are already set up
* and that key is an RSA private key
*/
ctx = EVP_PKEY_CTX_new(key);
if (!ctx)
- /* Error occurred */
+ /* Error occurred */
if (EVP_PKEY_decrypt_init(ctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
- /* Error */
+ /* Error */
/* Determine buffer length */
if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
- /* Error */
+ /* Error */
out = OPENSSL_malloc(outlen);
if (!out)
- /* malloc failure */
+ /* malloc failure */
if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
- /* Error */
+ /* Error */
/* Decrypted data is outlen bytes written to buffer out */
ctx = EVP_PKEY_CTX_new(pkey);
if (!ctx)
- /* Error occurred */
+ /* Error occurred */
if (EVP_PKEY_derive_init(ctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
- /* Error */
+ /* Error */
/* Determine buffer length */
if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
- /* Error */
+ /* Error */
skey = OPENSSL_malloc(skeylen);
if (!skey)
- /* malloc failure */
+ /* malloc failure */
if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
- /* Error */
+ /* Error */
/* Shared secret is skey bytes written to buffer skey */
unsigned char *out, *in;
size_t outlen, inlen;
EVP_PKEY *key;
- /* NB: assumes eng, key, in, inlen are already set up,
+ /*
+ * NB: assumes eng, key, in, inlen are already set up,
* and that key is an RSA public key
*/
ctx = EVP_PKEY_CTX_new(key, eng);
if (!ctx)
- /* Error occurred */
+ /* Error occurred */
if (EVP_PKEY_encrypt_init(ctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
- /* Error */
+ /* Error */
/* Determine buffer length */
if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
- /* Error */
+ /* Error */
out = OPENSSL_malloc(outlen);
if (!out)
- /* malloc failure */
+ /* malloc failure */
if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
- /* Error */
+ /* Error */
/* Encrypted data is outlen bytes written to buffer out */
EVP_PKEY *pkey = NULL;
ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
if (!ctx)
- /* Error occurred */
+ /* Error occurred */
if (EVP_PKEY_keygen_init(ctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
- /* Error */
+ /* Error */
/* Generate key */
if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
- /* Error */
+ /* Error */
Generate a key from a set of parameters:
/* Assumed param is set up already */
ctx = EVP_PKEY_CTX_new(param);
if (!ctx)
- /* Error occurred */
+ /* Error occurred */
if (EVP_PKEY_keygen_init(ctx) <= 0)
- /* Error */
+ /* Error */
/* Generate key */
if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
- /* Error */
+ /* Error */
Example of generation callback for OpenSSL public key implementations:
EVP_PKEY_CTX_set_app_data(ctx, status_bio);
static int genpkey_cb(EVP_PKEY_CTX *ctx)
- {
- char c = '*';
- BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
- int p;
- p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
- if (p == 0) c = '.';
- if (p == 1) c = '+';
- if (p == 2) c = '*';
- if (p == 3) c = '\n';
- BIO_write(b, &c, 1);
- (void)BIO_flush(b);
- return 1;
- }
+ {
+ char c = '*';
+ BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+ int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+ if (p == 0)
+ c = '.';
+ if (p == 1)
+ c = '+';
+ if (p == 2)
+ c = '*';
+ if (p == 3)
+ c = '\n';
+ BIO_write(b, &c, 1);
+ (void)BIO_flush(b);
+ return 1;
+ }
=head1 SEE ALSO
*/
ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */);
if (!ctx)
- /* Error occurred */
+ /* Error occurred */
if (EVP_PKEY_sign_init(ctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
- /* Error */
+ /* Error */
/* Determine buffer length */
if (EVP_PKEY_sign(ctx, NULL, &siglen, md, mdlen) <= 0)
- /* Error */
+ /* Error */
sig = OPENSSL_malloc(siglen);
if (!sig)
- /* malloc failure */
+ /* malloc failure */
if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
- /* Error */
+ /* Error */
/* Signature is siglen bytes written to buffer sig */
unsigned char *md, *sig;
size_t mdlen, siglen;
EVP_PKEY *verify_key;
- /* NB: assumes verify_key, sig, siglen md and mdlen are already set up
+ /*
+ * NB: assumes verify_key, sig, siglen md and mdlen are already set up
* and that verify_key is an RSA public key
*/
ctx = EVP_PKEY_CTX_new(verify_key);
if (!ctx)
- /* Error occurred */
+ /* Error occurred */
if (EVP_PKEY_verify_init(ctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
- /* Error */
+ /* Error */
/* Perform operation */
ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
- /* ret == 1 indicates success, 0 verify failure and < 0 for some
+ /*
+ * ret == 1 indicates success, 0 verify failure and < 0 for some
* other error.
*/
unsigned char *rout, *sig;
size_t routlen, siglen;
EVP_PKEY *verify_key;
- /* NB: assumes verify_key, sig and siglen are already set up
+ /*
+ * NB: assumes verify_key, sig and siglen are already set up
* and that verify_key is an RSA public key
*/
ctx = EVP_PKEY_CTX_new(verify_key);
if (!ctx)
- /* Error occurred */
+ /* Error occurred */
if (EVP_PKEY_verify_recover_init(ctx) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
- /* Error */
+ /* Error */
if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
- /* Error */
+ /* Error */
/* Determine buffer length */
if (EVP_PKEY_verify_recover(ctx, NULL, &routlen, sig, siglen) <= 0)
- /* Error */
+ /* Error */
rout = OPENSSL_malloc(routlen);
if (!rout)
- /* malloc failure */
+ /* malloc failure */
if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0)
- /* Error */
+ /* Error */
/* Recovered data is routlen bytes written to buffer rout */
Check if an object is B<commonName>
if (OBJ_obj2nid(obj) == NID_commonName)
- /* Do something */
+ /* Do something */
Create a new NID and initialize an object from it:
if (OCSP_REQUEST_add0_id(req, cid) == NULL)
/* error */
- /* Do something with req, e.g. query responder */
+ /* Do something with req, e.g. query responder */
OCSP_REQUEST_free(req);
X509 *x;
x = PEM_read_bio_X509(bp, NULL, 0, NULL);
- if (x == NULL) {
+ if (x == NULL)
/* Error */
- }
Alternative method:
X509 *x = NULL;
- if (!PEM_read_bio_X509(bp, &x, 0, NULL)) {
+ if (!PEM_read_bio_X509(bp, &x, 0, NULL))
/* Error */
- }
Write a certificate to a BIO:
- if (!PEM_write_bio_X509(bp, x)) {
+ if (!PEM_write_bio_X509(bp, x))
/* Error */
- }
Write a private key (using traditional format) to a BIO using
triple DES encryption, the pass phrase is prompted for:
- if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL)) {
+ if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
/* Error */
- }
Write a private key (using PKCS#8 format) to a BIO using triple
DES encryption, using the pass phrase "hello":
- if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, "hello")) {
+ if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+ NULL, 0, 0, "hello"))
/* Error */
- }
Read a private key from a BIO using a pass phrase callback:
key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, "My Private Key");
- if (key == NULL) {
+ if (key == NULL)
/* Error */
- }
Skeleton pass phrase callback:
memcpy(iv, HexToBin("3F17F5316E2BAC89"), niv);
rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
- if (rc != nkey) {
+ if (rc != nkey)
/* Error */
- }
/* On success, use key and iv to initialize the cipher */
int main(int argc, char **argv)
{
- FILE *fp;
- PKCS12 *p12;
- if (argc != 5) {
- fprintf(stderr, "Usage: pkread p12file password newpass opfile\n");
- return 1;
- }
- if ((fp = fopen(argv[1], "rb")) == NULL) {
- fprintf(stderr, "Error opening file %s\n", argv[1]);
- return 1;
- }
- p12 = d2i_PKCS12_fp(fp, NULL);
- fclose(fp);
- if (p12 == NULL) {
- fprintf(stderr, "Error reading PKCS#12 file\n");
- ERR_print_errors_fp(stderr);
- return 1;
- }
- if (PKCS12_newpass(p12, argv[2], argv[3]) == 0) {
- fprintf(stderr, "Error changing password\n");
- ERR_print_errors_fp(stderr);
- PKCS12_free(p12);
- return 1;
- }
- if ((fp = fopen(argv[4], "wb")) == NULL) {
- fprintf(stderr, "Error opening file %s\n", argv[4]);
- PKCS12_free(p12);
- return 1;
- }
- i2d_PKCS12_fp(fp, p12);
- PKCS12_free(p12);
- fclose(fp);
- return 0;
+ FILE *fp;
+ PKCS12 *p12;
+ if (argc != 5) {
+ fprintf(stderr, "Usage: pkread p12file password newpass opfile\n");
+ return 1;
+ }
+ if ((fp = fopen(argv[1], "rb")) == NULL) {
+ fprintf(stderr, "Error opening file %s\n", argv[1]);
+ return 1;
+ }
+ p12 = d2i_PKCS12_fp(fp, NULL);
+ fclose(fp);
+ if (p12 == NULL) {
+ fprintf(stderr, "Error reading PKCS#12 file\n");
+ ERR_print_errors_fp(stderr);
+ return 1;
+ }
+ if (PKCS12_newpass(p12, argv[2], argv[3]) == 0) {
+ fprintf(stderr, "Error changing password\n");
+ ERR_print_errors_fp(stderr);
+ PKCS12_free(p12);
+ return 1;
+ }
+ if ((fp = fopen(argv[4], "wb")) == NULL) {
+ fprintf(stderr, "Error opening file %s\n", argv[4]);
+ PKCS12_free(p12);
+ return 1;
+ }
+ i2d_PKCS12_fp(fp, p12);
+ PKCS12_free(p12);
+ fclose(fp);
+ return 0;
}
typedef struct rand_meth_st
{
- void (*seed)(const void *buf, int num);
- int (*bytes)(unsigned char *buf, int num);
- void (*cleanup)(void);
- void (*add)(const void *buf, int num, int entropy);
- int (*pseudorand)(unsigned char *buf, int num);
- int (*status)(void);
+ void (*seed)(const void *buf, int num);
+ int (*bytes)(unsigned char *buf, int num);
+ void (*cleanup)(void);
+ void (*add)(const void *buf, int num, int entropy);
+ int (*pseudorand)(unsigned char *buf, int num);
+ int (*status)(void);
} RAND_METHOD;
The components point to method implementations used by (or called by), in order,
typedef struct rsa_meth_st
{
/* name of the implementation */
- const char *name;
+ const char *name;
/* encrypt */
- int (*rsa_pub_enc)(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_pub_enc)(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
/* verify arbitrary data */
- int (*rsa_pub_dec)(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_pub_dec)(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
/* sign arbitrary data */
- int (*rsa_priv_enc)(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_priv_enc)(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
/* decrypt */
- int (*rsa_priv_dec)(int flen, unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_priv_dec)(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
- /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
- implementations) */
- int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+ /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some implementations) */
+ int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
/* compute r = a ^ p mod m (May be NULL for some implementations) */
- int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
/* called at RSA_new */
- int (*init)(RSA *rsa);
+ int (*init)(RSA *rsa);
/* called at RSA_free */
- int (*finish)(RSA *rsa);
+ int (*finish)(RSA *rsa);
- /* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
+ /*
+ * RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
* operations, even if p,q,dmp1,dmq1,iqmp
* are NULL
* RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
*/
- int flags;
+ int flags;
- char *app_data; /* ?? */
+ char *app_data; /* ?? */
- int (*rsa_sign)(int type,
- const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
- int (*rsa_verify)(int dtype,
- const unsigned char *m, unsigned int m_length,
- const unsigned char *sigbuf, unsigned int siglen,
- const RSA *rsa);
+ int (*rsa_sign)(int type,
+ const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+ int (*rsa_verify)(int dtype,
+ const unsigned char *m, unsigned int m_length,
+ const unsigned char *sigbuf, unsigned int siglen,
+ const RSA *rsa);
/* keygen. If NULL builtin RSA key generation will be used */
- int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+ int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
} RSA_METHOD;
#include <openssl/ct.h>
typedef enum {
- CT_LOG_ENTRY_TYPE_NOT_SET = -1,
- CT_LOG_ENTRY_TYPE_X509 = 0,
- CT_LOG_ENTRY_TYPE_PRECERT = 1
+ CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+ CT_LOG_ENTRY_TYPE_X509 = 0,
+ CT_LOG_ENTRY_TYPE_PRECERT = 1
} ct_log_entry_type_t;
typedef enum {
- SCT_VERSION_NOT_SET = -1,
- SCT_VERSION_V1 = 0
+ SCT_VERSION_NOT_SET = -1,
+ SCT_VERSION_V1 = 0
} sct_version_t;
typedef enum {
- SCT_SOURCE_UNKNOWN,
- SCT_SOURCE_TLS_EXTENSION,
- SCT_SOURCE_X509V3_EXTENSION,
- SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ SCT_SOURCE_UNKNOWN,
+ SCT_SOURCE_TLS_EXTENSION,
+ SCT_SOURCE_X509V3_EXTENSION,
+ SCT_SOURCE_OCSP_STAPLED_RESPONSE
} sct_source_t;
SCT *SCT_new(void);
#include <openssl/ct.h>
typedef enum {
- SCT_VALIDATION_STATUS_NOT_SET,
- SCT_VALIDATION_STATUS_UNKNOWN_LOG,
- SCT_VALIDATION_STATUS_VALID,
- SCT_VALIDATION_STATUS_INVALID,
- SCT_VALIDATION_STATUS_UNVERIFIED,
- SCT_VALIDATION_STATUS_UNKNOWN_VERSION
+ SCT_VALIDATION_STATUS_NOT_SET,
+ SCT_VALIDATION_STATUS_UNKNOWN_LOG,
+ SCT_VALIDATION_STATUS_VALID,
+ SCT_VALIDATION_STATUS_INVALID,
+ SCT_VALIDATION_STATUS_UNVERIFIED,
+ SCT_VALIDATION_STATUS_UNKNOWN_VERSION
} sct_validation_status_t;
int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
[test_sect]
# list of confuration modules
-
ssl_conf = ssl_sect
[ssl_sect]
-
server = server_section
[server_section]
-
RSA.Certificate = server-rsa.pem
ECDSA.Certificate = server-ecdsa.pem
Ciphers = ALL:!RC4
An application could call:
if (CONF_modules_load_file("config.cnf", "testapp", 0) <= 0) {
- fprintf(stderr, "Error processing config file\n");
- goto err;
+ fprintf(stderr, "Error processing config file\n");
+ goto err;
}
ctx = SSL_CTX_new(TLS_server_method());
retrieved, and must be copied by the application if it is to be retained beyond
the lifetime of the SSL connection.
- SSL_CTX *ctx;
- SSL *ssl;
- int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
- int num_usable = 0;
- const char *nexthop_domain = "example.com";
- const char *dane_tlsa_domain = "smtp.example.com";
- uint8_t usage, selector, mtype;
-
- if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
- /* handle error */
- if (SSL_CTX_dane_enable(ctx) <= 0)
- /* handle error */
-
- if ((ssl = SSL_new(ctx)) == NULL)
- /* handle error */
-
- if (SSL_dane_enable(ssl, dane_tlsa_domain) <= 0)
- /* handle error */
-
- /*
- * For many applications it is safe to skip DANE-EE(3) namechecks. Do not
- * disable the checks unless "unknown key share" attacks pose no risk for
- * your application.
- */
- SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
-
- if (!SSL_add1_host(ssl, nexthop_domain))
- /* handle error */
- SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
-
- for (... each TLSA record ...) {
- unsigned char *data;
- size_t len;
- int ret;
-
- /* set usage, selector, mtype, data, len */
-
- /*
- * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
- * They treat all other certificate usages, and in particular PKIX-TA(0)
- * and PKIX-EE(1), as unusable.
- */
- switch (usage) {
- default:
- case 0: /* PKIX-TA(0) */
- case 1: /* PKIX-EE(1) */
- continue;
- case 2: /* DANE-TA(2) */
- case 3: /* DANE-EE(3) */
- break;
- }
-
- ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
- /* free data as appropriate */
-
- if (ret < 0)
- /* handle SSL library internal error */
- else if (ret == 0)
- /* handle unusable TLSA record */
- else
- ++num_usable;
- }
-
- /*
- * At this point, the verification mode is still the default SSL_VERIFY_NONE.
- * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
- * are unusable, so continue the handshake even if authentication fails.
- */
- if (num_usable == 0) {
- /* Log all records unusable? */
-
- /* Optionally set verify_cb to a suitable non-NULL callback. */
- SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
- } else {
- /* At least one usable record. We expect to verify the peer */
-
- /* Optionally set verify_cb to a suitable non-NULL callback. */
-
- /*
- * Below we elect to fail the handshake when peer verification fails.
- * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
- * complete the handshake, check the verification status, and if not
- * verified disconnect gracefully at the application layer, especially if
- * application protocol supports informing the server that authentication
- * failed.
- */
- SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
- }
-
- /*
- * Load any saved session for resumption, making sure that the previous
- * session applied the same security and authentication requirements that
- * would be expected of a fresh connection.
- */
-
- /* Perform SSL_connect() handshake and handle errors here */
-
- if (SSL_session_reused(ssl)) {
- if (SSL_get_verify_result(ssl) == X509_V_OK) {
- /*
- * Resumed session was originally verified, this connection is
- * authenticated.
- */
- } else {
- /*
- * Resumed session was not originally verified, this connection is not
- * authenticated.
- */
- }
- } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
- const char *peername = SSL_get0_peername(ssl);
- EVP_PKEY *mspki = NULL;
-
- int depth = SSL_get0_dane_authority(ssl, NULL, &mspki);
- if (depth >= 0) {
- (void) SSL_get0_dane_tlsa(ssl, &usage, &selector, &mtype, NULL, NULL);
- printf("DANE TLSA %d %d %d %s at depth %d\n", usage, selector, mtype,
- (mspki != NULL) ? "TA public key verified certificate" :
- depth ? "matched TA certificate" : "matched EE certificate",
- depth);
- }
- if (peername != NULL) {
- /* Name checks were in scope and matched the peername */
- printf("Verified peername: %s\n", peername);
- }
- } else {
- /*
- * Not authenticated, presumably all TLSA rrs unusable, but possibly a
- * callback suppressed connection termination despite the presence of
- * usable TLSA RRs none of which matched. Do whatever is appropriate for
- * fresh unauthenticated connections.
- */
- }
+ SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = "example.com";
+ const char *dane_tlsa_domain = "smtp.example.com";
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+ /* error */
+ if (SSL_CTX_dane_enable(ctx) <= 0)
+ /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+ /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) <= 0)
+ /* error */
+
+ /*
+ * For many applications it is safe to skip DANE-EE(3) namechecks. Do not
+ * disable the checks unless "unknown key share" attacks pose no risk for
+ * your application.
+ */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+ /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+ unsigned char *data;
+ size_t len;
+ int ret;
+
+ /* set usage, selector, mtype, data, len */
+
+ /*
+ * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+ * They treat all other certificate usages, and in particular PKIX-TA(0)
+ * and PKIX-EE(1), as unusable.
+ */
+ switch (usage) {
+ default:
+ case 0: /* PKIX-TA(0) */
+ case 1: /* PKIX-EE(1) */
+ continue;
+ case 2: /* DANE-TA(2) */
+ case 3: /* DANE-EE(3) */
+ break;
+ }
+
+ ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+ /* free data as appropriate */
+
+ if (ret < 0)
+ /* handle SSL library internal error */
+ else if (ret == 0)
+ /* handle unusable TLSA record */
+ else
+ ++num_usable;
+ }
+
+ /*
+ * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+ * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+ * are unusable, so continue the handshake even if authentication fails.
+ */
+ if (num_usable == 0) {
+ /* Log all records unusable? */
+
+ /* Optionally set verify_cb to a suitable non-NULL callback. */
+ SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+ /* At least one usable record. We expect to verify the peer */
+
+ /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+ /*
+ * Below we elect to fail the handshake when peer verification fails.
+ * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+ * complete the handshake, check the verification status, and if not
+ * verified disconnect gracefully at the application layer, especially if
+ * application protocol supports informing the server that authentication
+ * failed.
+ */
+ SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+ * Load any saved session for resumption, making sure that the previous
+ * session applied the same security and authentication requirements that
+ * would be expected of a fresh connection.
+ */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+ if (SSL_get_verify_result(ssl) == X509_V_OK) {
+ /*
+ * Resumed session was originally verified, this connection is
+ * authenticated.
+ */
+ } else {
+ /*
+ * Resumed session was not originally verified, this connection is not
+ * authenticated.
+ */
+ }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+ const char *peername = SSL_get0_peername(ssl);
+ EVP_PKEY *mspki = NULL;
+
+ int depth = SSL_get0_dane_authority(ssl, NULL, &mspki);
+ if (depth >= 0) {
+ (void) SSL_get0_dane_tlsa(ssl, &usage, &selector, &mtype, NULL, NULL);
+ printf("DANE TLSA %d %d %d %s at depth %d\n", usage, selector, mtype,
+ (mspki != NULL) ? "TA public key verified certificate" :
+ depth ? "matched TA certificate" : "matched EE certificate",
+ depth);
+ }
+ if (peername != NULL) {
+ /* Name checks were in scope and matched the peername */
+ printf("Verified peername: %s\n", peername);
+ }
+ } else {
+ /*
+ * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+ * callback suppressed connection termination despite the presence of
+ * usable TLSA RRs none of which matched. Do whatever is appropriate for
+ * fresh unauthenticated connections.
+ */
+ }
=head1 NOTES
#!/bin/sh
rm CAfile.pem
for i in ca1.pem ca2.pem ca3.pem ; do
- openssl x509 -in $i -text >> CAfile.pem
+ openssl x509 -in $i -text >> CAfile.pem
done
Prepare the directory /some/where/certs containing several CA certificates
Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA
using an array:
- const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+ const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
- SSL_CTX_set1_sigalgs(ctx, slist, 4);
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);
Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA
using a string:
- SSL_CTX_set1_sigalgs_list(ctx, "ECDSA+SHA256:RSA+SHA256");
+ SSL_CTX_set1_sigalgs_list(ctx, "ECDSA+SHA256:RSA+SHA256");
=head1 RETURN VALUES
Scan all certificates in B<CAfile> and list them as acceptable CAs:
- SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
+ SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
=head1 SEE ALSO
int my_cb(char *buf, int size, int rwflag, void *u)
{
- strncpy(buf, (char *)u, size);
- buf[size - 1] = '\0';
- return strlen(buf);
+ strncpy(buf, (char *)u, size);
+ buf[size - 1] = '\0';
+ return strlen(buf);
}
=head1 HISTORY
#define MAX_SESSION_ID_ATTEMPTS 10
static int generate_session_id(const SSL *ssl, unsigned char *id,
- unsigned int *id_len)
+ unsigned int *id_len)
{
- unsigned int count = 0;
- do {
- RAND_pseudo_bytes(id, *id_len);
- /*
- * Prefix the session_id with the required prefix. NB: If our
- * prefix is too long, clip it - but there will be worse effects
- * anyway, eg. the server could only possibly create 1 session
- * ID (ie. the prefix!) so all future session negotiations will
- * fail due to conflicts.
- */
- memcpy(id, session_id_prefix,
- (strlen(session_id_prefix) < *id_len) ?
- strlen(session_id_prefix) : *id_len);
- }
- while (SSL_has_matching_session_id(ssl, id, *id_len) &&
- (++count < MAX_SESSION_ID_ATTEMPTS));
- if (count >= MAX_SESSION_ID_ATTEMPTS)
- return 0;
- return 1;
- }
+ unsigned int count = 0;
+ do {
+ RAND_pseudo_bytes(id, *id_len);
+ /*
+ * Prefix the session_id with the required prefix. NB: If our
+ * prefix is too long, clip it - but there will be worse effects
+ * anyway, eg. the server could only possibly create 1 session
+ * ID (ie. the prefix!) so all future session negotiations will
+ * fail due to conflicts.
+ */
+ memcpy(id, session_id_prefix, strlen(session_id_prefix) < *id_len ?
+ strlen(session_id_prefix) : *id_len);
+ } while (SSL_has_matching_session_id(ssl, id, *id_len)
+ && ++count < MAX_SESSION_ID_ATTEMPTS);
+ if (count >= MAX_SESSION_ID_ATTEMPTS)
+ return 0;
+ return 1;
+ }
=head1 RETURN VALUES
about alerts being handled and error messages to the B<bio_err> BIO.
void apps_ssl_info_callback(SSL *s, int where, int ret)
- {
- const char *str;
- int w;
-
- w = where & ~SSL_ST_MASK;
-
- if (w & SSL_ST_CONNECT) str = "SSL_connect";
- else if (w & SSL_ST_ACCEPT) str = "SSL_accept";
- else str = "undefined";
-
- if (where & SSL_CB_LOOP)
- {
- BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
- }
- else if (where & SSL_CB_ALERT)
- {
- str = (where & SSL_CB_READ) ? "read" : "write";
- BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n",
- str,
- SSL_alert_type_string_long(ret),
- SSL_alert_desc_string_long(ret));
- }
- else if (where & SSL_CB_EXIT)
- {
- if (ret == 0)
- BIO_printf(bio_err, "%s:failed in %s\n",
- str, SSL_state_string_long(s));
- else if (ret < 0)
- {
- BIO_printf(bio_err, "%s:error in %s\n",
- str, SSL_state_string_long(s));
- }
- }
- }
+ {
+ const char *str;
+ int w = where & ~SSL_ST_MASK;
+
+ if (w & SSL_ST_CONNECT)
+ str = "SSL_connect";
+ else if (w & SSL_ST_ACCEPT)
+ str = "SSL_accept";
+ else
+ str = "undefined";
+
+ if (where & SSL_CB_LOOP) {
+ BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
+ } else if (where & SSL_CB_ALERT) {
+ str = (where & SSL_CB_READ) ? "read" : "write";
+ BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", str,
+ SSL_alert_type_string_long(ret),
+ SSL_alert_desc_string_long(ret));
+ } else if (where & SSL_CB_EXIT) {
+ if (ret == 0) {
+ BIO_printf(bio_err, "%s:failed in %s\n",
+ str, SSL_state_string_long(s));
+ } else if (ret < 0) {
+ BIO_printf(bio_err, "%s:error in %s\n",
+ str, SSL_state_string_long(s));
+ }
+ }
+ }
=head1 SEE ALSO
=head1 EXAMPLES
Reference Implementation:
- SSL_CTX_set_tlsext_ticket_key_cb(SSL, ssl_tlsext_ticket_key_cb);
- ....
-
- static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)
- {
- if (enc) { /* create new session */
- if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) )
- return -1; /* insufficient random */
-
- key = currentkey(); /* something that you need to implement */
- if ( key == NULL ) {
- /* current key doesn't exist or isn't valid */
- key = createkey(); /* something that you need to implement.
- * createkey needs to initialise, a name,
- * an aes_key, a hmac_key and optionally
- * an expire time. */
- if ( key == NULL ) /* key couldn't be created */
- return 0;
- }
- memcpy(key_name, key->name, 16);
-
- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);
- HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
-
- return 1;
-
- } else { /* retrieve session */
- key = findkey(name);
-
- if (key == NULL || key->expire < now() )
- return 0;
-
- HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv );
-
- if (key->expire < ( now() - RENEW_TIME ) )
- /* return 2 - this session will get a new ticket even though the current is still valid */
- return 2;
-
- return 1;
-
- }
- }
-
+ SSL_CTX_set_tlsext_ticket_key_cb(SSL, ssl_tlsext_ticket_key_cb);
+ ...
+
+ static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16],
+ unsigned char *iv, EVP_CIPHER_CTX *ctx,
+ HMAC_CTX *hctx, int enc)
+ {
+ if (enc) { /* create new session */
+ if (RAND_bytes(iv, EVP_MAX_IV_LENGTH))
+ return -1; /* insufficient random */
+
+ key = currentkey(); /* something that you need to implement */
+ if (key == NULL) {
+ /* current key doesn't exist or isn't valid */
+ key = createkey(); /*
+ * Something that you need to implement.
+ * createkey needs to initialise a name,
+ * an aes_key, a hmac_key and optionally
+ * an expire time.
+ */
+ if (key == NULL) /* key couldn't be created */
+ return 0;
+ }
+ memcpy(key_name, key->name, 16);
+
+ EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);
+ HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
+
+ return 1;
+
+ } else { /* retrieve session */
+ key = findkey(name);
+
+ if (key == NULL || key->expire < now())
+ return 0;
+
+ HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
+ EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);
+
+ if (key->expire < now() - RENEW_TIME) {
+ /*
+ * return 2 - This session will get a new ticket even though the
+ * current one is still valid.
+ */
+ return 2;
+ }
+ return 1;
+ }
+ }
=head1 RETURN VALUES
Setup DH parameters with a key length of 2048 bits. (Error handling
partly left out.)
- Command-line parameter generation:
+Command-line parameter generation:
+
$ openssl dhparam -out dh_param_2048.pem 2048
- Code for setting up parameters during server initialization:
+Code for setting up parameters during server initialization:
- ...
SSL_CTX ctx = SSL_CTX_new();
- ...
- /* Set up ephemeral DH parameters. */
DH *dh_2048 = NULL;
FILE *paramfile;
paramfile = fopen("dh_param_2048.pem", "r");
if (paramfile) {
- dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
- fclose(paramfile);
+ dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+ fclose(paramfile);
} else {
- /* Error. */
- }
- if (dh_2048 == NULL) {
- /* Error. */
- }
- if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
- /* Error. */
+ /* Error. */
}
+ if (dh_2048 == NULL)
+ /* Error. */
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1)
+ /* Error. */
...
=head1 RETURN VALUES
int always_continue;
} mydata_t;
int mydata_index;
+
...
static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
{
- char buf[256];
- X509 *err_cert;
- int err, depth;
- SSL *ssl;
- mydata_t *mydata;
-
- err_cert = X509_STORE_CTX_get_current_cert(ctx);
- err = X509_STORE_CTX_get_error(ctx);
- depth = X509_STORE_CTX_get_error_depth(ctx);
-
- /*
- * Retrieve the pointer to the SSL of the connection currently treated
- * and the application specific data stored into the SSL object.
- */
- ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
- mydata = SSL_get_ex_data(ssl, mydata_index);
-
- X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
-
- /*
- * Catch a too long certificate chain. The depth limit set using
- * SSL_CTX_set_verify_depth() is by purpose set to "limit+1" so
- * that whenever the "depth>verify_depth" condition is met, we
- * have violated the limit and want to log this error condition.
- * We must do it here, because the CHAIN_TOO_LONG error would not
- * be found explicitly; only errors introduced by cutting off the
- * additional certificates would be logged.
- */
- if (depth > mydata->verify_depth) {
- preverify_ok = 0;
- err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
- X509_STORE_CTX_set_error(ctx, err);
- }
- if (!preverify_ok) {
- printf("verify error:num=%d:%s:depth=%d:%s\n", err,
- X509_verify_cert_error_string(err), depth, buf);
- }
- else if (mydata->verbose_mode)
- {
- printf("depth=%d:%s\n", depth, buf);
- }
-
- /*
- * At this point, err contains the last verification error. We can use
- * it for something special
- */
- if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT))
- {
- X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
- printf("issuer= %s\n", buf);
- }
-
- if (mydata->always_continue)
- return 1;
- else
- return preverify_ok;
+ char buf[256];
+ X509 *err_cert;
+ int err, depth;
+ SSL *ssl;
+ mydata_t *mydata;
+
+ err_cert = X509_STORE_CTX_get_current_cert(ctx);
+ err = X509_STORE_CTX_get_error(ctx);
+ depth = X509_STORE_CTX_get_error_depth(ctx);
+
+ /*
+ * Retrieve the pointer to the SSL of the connection currently treated
+ * and the application specific data stored into the SSL object.
+ */
+ ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+ mydata = SSL_get_ex_data(ssl, mydata_index);
+
+ X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+ /*
+ * Catch a too long certificate chain. The depth limit set using
+ * SSL_CTX_set_verify_depth() is by purpose set to "limit+1" so
+ * that whenever the "depth>verify_depth" condition is met, we
+ * have violated the limit and want to log this error condition.
+ * We must do it here, because the CHAIN_TOO_LONG error would not
+ * be found explicitly; only errors introduced by cutting off the
+ * additional certificates would be logged.
+ */
+ if (depth > mydata->verify_depth) {
+ preverify_ok = 0;
+ err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+ X509_STORE_CTX_set_error(ctx, err);
+ }
+ if (!preverify_ok) {
+ printf("verify error:num=%d:%s:depth=%d:%s\n", err,
+ X509_verify_cert_error_string(err), depth, buf);
+ } else if (mydata->verbose_mode) {
+ printf("depth=%d:%s\n", depth, buf);
+ }
+
+ /*
+ * At this point, err contains the last verification error. We can use
+ * it for something special
+ */
+ if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+ X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+ printf("issuer= %s\n", buf);
+ }
+
+ if (mydata->always_continue)
+ return 1;
+ else
+ return preverify_ok;
}
...
mydata_index = SSL_get_ex_new_index(0, "mydata index", NULL, NULL, NULL);
...
- SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
verify_callback);
/*
...
SSL_accept(ssl); /* check of success left out for clarity */
- if (peer = SSL_get_peer_certificate(ssl))
- {
- if (SSL_get_verify_result(ssl) == X509_V_OK)
- {
- /* The client sent a certificate which verified OK */
- }
+ if (peer = SSL_get_peer_certificate(ssl)) {
+ if (SSL_get_verify_result(ssl) == X509_V_OK) {
+ /* The client sent a certificate which verified OK */
+ }
}
=head1 SEE ALSO
...
cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
if (cert_names != NULL)
- SSL_CTX_set_client_CA_list(ctx, cert_names);
+ SSL_CTX_set_client_CA_list(ctx, cert_names);
else
- error_handling();
+ /* error */
...
=head1 RETURN VALUES
and must be copied by the application if it is to be retained beyond
the lifetime of the SSL connection.
- SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
- if (!SSL_set1_host(ssl, "smtp.example.com")) {
- /* handle error */
- }
- if (!SSL_add1_host(ssl, "example.com")) {
- /* handle error */
- }
-
- /* XXX: Perform SSL_connect() handshake and handle errors here */
-
- if (SSL_get_verify_result(ssl) == X509_V_OK) {
- const char *peername = SSL_get0_peername(ssl);
-
- if (peername != NULL) {
- /* Name checks were in scope and matched the peername */
- }
- }
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+ if (!SSL_set1_host(ssl, "smtp.example.com"))
+ /* error */
+ if (!SSL_add1_host(ssl, "example.com"))
+ /* error */
+
+ /* XXX: Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_get_verify_result(ssl) == X509_V_OK) {
+ const char *peername = SSL_get0_peername(ssl);
+
+ if (peername != NULL)
+ /* Name checks were in scope and matched the peername */
+ }
=head1 SEE ALSO
X509_NAME *nm;
nm = X509_NAME_new();
if (nm == NULL)
- /* Some error */
+ /* Some error */
if (!X509_NAME_add_entry_by_txt(nm, "C", MBSTRING_ASC,
- "UK", -1, -1, 0))
- /* Error */
+ "UK", -1, -1, 0))
+ /* Error */
if (!X509_NAME_add_entry_by_txt(nm, "O", MBSTRING_ASC,
- "Disorganized Organization", -1, -1, 0))
- /* Error */
+ "Disorganized Organization", -1, -1, 0))
+ /* Error */
if (!X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC,
- "Joe Bloggs", -1, -1, 0))
- /* Error */
+ "Joe Bloggs", -1, -1, 0))
+ /* Error */
=head1 RETURN VALUES
int i;
X509_NAME_ENTRY *e;
- for (i = 0; i < X509_NAME_entry_count(nm); i++)
- {
- e = X509_NAME_get_entry(nm, i);
- /* Do something with e */
- }
+ for (i = 0; i < X509_NAME_entry_count(nm); i++) {
+ e = X509_NAME_get_entry(nm, i);
+ /* Do something with e */
+ }
Process all commonName entries:
int lastpos = -1;
X509_NAME_ENTRY *e;
- for (;;)
- {
- lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
- if (lastpos == -1)
- break;
- e = X509_NAME_get_entry(nm, lastpos);
- /* Do something with e */
- }
+ for (;;) {
+ lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+ if (lastpos == -1)
+ break;
+ e = X509_NAME_get_entry(nm, lastpos);
+ /* Do something with e */
+ }
=head1 RETURN VALUES
returned chain persists after the B<ctx> structure is freed, when it is
no longer needed it should be free up using:
- sk_X509_pop_free(chain, X509_free);
+ sk_X509_pop_free(chain, X509_free);
X509_verify_cert_error_string() returns a human readable error string for
verification error B<n>.
Default callback operation:
- int verify_callback(int ok, X509_STORE_CTX *ctx)
- {
- return ok;
- }
+ int verify_callback(int ok, X509_STORE_CTX *ctx) {
+ return ok;
+ }
Simple example, suppose a certificate in the chain is expired and we wish
to continue after this error:
- int verify_callback(int ok, X509_STORE_CTX *ctx)
- {
- /* Tolerate certificate expiration */
- if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
- return 1;
- /* Otherwise don't override */
- return ok;
- }
+ int verify_callback(int ok, X509_STORE_CTX *ctx) {
+ /* Tolerate certificate expiration */
+ if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+ return 1;
+ /* Otherwise don't override */
+ return ok;
+ }
More complex example, we don't wish to continue after B<any> certificate has
expired just one specific case:
int verify_callback(int ok, X509_STORE_CTX *ctx)
- {
- int err = X509_STORE_CTX_get_error(ctx);
- X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
- if (err == X509_V_ERR_CERT_HAS_EXPIRED)
- {
- if (check_is_acceptable_expired_cert(err_cert)
- return 1;
- }
- return ok;
- }
+ {
+ int err = X509_STORE_CTX_get_error(ctx);
+ X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+ if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+ if (check_is_acceptable_expired_cert(err_cert)
+ return 1;
+ }
+ return ok;
+ }
Full featured logging callback. In this case the B<bio_err> is assumed to be
a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
B<ex_data>.
int verify_callback(int ok, X509_STORE_CTX *ctx)
- {
- X509 *err_cert;
- int err, depth;
-
- err_cert = X509_STORE_CTX_get_current_cert(ctx);
- err = X509_STORE_CTX_get_error(ctx);
- depth = X509_STORE_CTX_get_error_depth(ctx);
-
- BIO_printf(bio_err, "depth=%d ", depth);
- if (err_cert)
- {
- X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
- 0, XN_FLAG_ONELINE);
- BIO_puts(bio_err, "\n");
- }
- else
- BIO_puts(bio_err, "<no cert>\n");
- if (!ok)
- BIO_printf(bio_err, "verify error:num=%d:%s\n", err,
- X509_verify_cert_error_string(err));
- switch (err)
- {
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
- BIO_puts(bio_err, "issuer= ");
- X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
- 0, XN_FLAG_ONELINE);
- BIO_puts(bio_err, "\n");
- break;
- case X509_V_ERR_CERT_NOT_YET_VALID:
- case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
- BIO_printf(bio_err, "notBefore=");
- ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
- BIO_printf(bio_err, "\n");
- break;
- case X509_V_ERR_CERT_HAS_EXPIRED:
- case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
- BIO_printf(bio_err, "notAfter=");
- ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
- BIO_printf(bio_err, "\n");
- break;
- case X509_V_ERR_NO_EXPLICIT_POLICY:
- policies_print(bio_err, ctx);
- break;
- }
- if (err == X509_V_OK && ok == 2)
- /* print out policies */
-
- BIO_printf(bio_err, "verify return:%d\n", ok);
- return(ok);
- }
+ {
+ X509 *err_cert;
+ int err, depth;
+
+ err_cert = X509_STORE_CTX_get_current_cert(ctx);
+ err = X509_STORE_CTX_get_error(ctx);
+ depth = X509_STORE_CTX_get_error_depth(ctx);
+
+ BIO_printf(bio_err, "depth=%d ", depth);
+ if (err_cert) {
+ X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+ 0, XN_FLAG_ONELINE);
+ BIO_puts(bio_err, "\n");
+ }
+ else
+ BIO_puts(bio_err, "<no cert>\n");
+ if (!ok)
+ BIO_printf(bio_err, "verify error:num=%d:%s\n", err,
+ X509_verify_cert_error_string(err));
+ switch (err) {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ BIO_puts(bio_err, "issuer= ");
+ X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+ 0, XN_FLAG_ONELINE);
+ BIO_puts(bio_err, "\n");
+ break;
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ BIO_printf(bio_err, "notBefore=");
+ ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+ BIO_printf(bio_err, "\n");
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ BIO_printf(bio_err, "notAfter=");
+ ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+ BIO_printf(bio_err, "\n");
+ break;
+ case X509_V_ERR_NO_EXPLICIT_POLICY:
+ policies_print(bio_err, ctx);
+ break;
+ }
+ if (err == X509_V_OK && ok == 2)
+ /* print out policies */
+
+ BIO_printf(bio_err, "verify return:%d\n", ok);
+ return(ok);
+ }
=head1 SEE ALSO
Enable CRL checking when performing certificate verification during SSL
connections associated with an B<SSL_CTX> structure B<ctx>:
- X509_VERIFY_PARAM *param;
- param = X509_VERIFY_PARAM_new();
- X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
- SSL_CTX_set1_param(ctx, param);
- X509_VERIFY_PARAM_free(param);
+ X509_VERIFY_PARAM *param;
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);
=head1 SEE ALSO