1 //
2 // Context.cpp
3 //
4 // Library: NetSSL_OpenSSL
5 // Package: SSLCore
6 // Module: Context
7 //
8 // Copyright (c) 2006-2010, Applied Informatics Software Engineering GmbH.
9 // and Contributors.
10 //
11 // SPDX-License-Identifier: BSL-1.0
12 //
13
14
15 #include "Poco/Net/Context.h"
16 #include "Poco/Net/SSLManager.h"
17 #include "Poco/Net/SSLException.h"
18 #include "Poco/Net/Utility.h"
19 #include "Poco/Crypto/OpenSSLInitializer.h"
20 #include "Poco/File.h"
21 #include "Poco/Path.h"
22 #include "Poco/Timestamp.h"
23 #include <openssl/bio.h>
24 #include <openssl/err.h>
25 #include <openssl/ssl.h>
26 #include <openssl/x509v3.h>
27
28
29 namespace Poco {
30 namespace Net {
31
32
Params()33 Context::Params::Params():
34 verificationMode(VERIFY_RELAXED),
35 verificationDepth(9),
36 loadDefaultCAs(false),
37 cipherList("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"),
38 dhUse2048Bits(false)
39 {
40 }
41
42
Context(Usage usage,const Params & params)43 Context::Context(Usage usage, const Params& params):
44 _usage(usage),
45 _mode(params.verificationMode),
46 _pSSLContext(0),
47 _extendedCertificateVerification(true)
48 {
49 init(params);
50 }
51
52
Context(Usage usage,const std::string & privateKeyFile,const std::string & certificateFile,const std::string & caLocation,VerificationMode verificationMode,int verificationDepth,bool loadDefaultCAs,const std::string & cipherList)53 Context::Context(
54 Usage usage,
55 const std::string& privateKeyFile,
56 const std::string& certificateFile,
57 const std::string& caLocation,
58 VerificationMode verificationMode,
59 int verificationDepth,
60 bool loadDefaultCAs,
61 const std::string& cipherList):
62 _usage(usage),
63 _mode(verificationMode),
64 _pSSLContext(0),
65 _extendedCertificateVerification(true)
66 {
67 Params params;
68 params.privateKeyFile = privateKeyFile;
69 params.certificateFile = certificateFile;
70 params.caLocation = caLocation;
71 params.verificationMode = verificationMode;
72 params.verificationDepth = verificationDepth;
73 params.loadDefaultCAs = loadDefaultCAs;
74 params.cipherList = cipherList;
75 init(params);
76 }
77
78
Context(Usage usage,const std::string & caLocation,VerificationMode verificationMode,int verificationDepth,bool loadDefaultCAs,const std::string & cipherList)79 Context::Context(
80 Usage usage,
81 const std::string& caLocation,
82 VerificationMode verificationMode,
83 int verificationDepth,
84 bool loadDefaultCAs,
85 const std::string& cipherList):
86 _usage(usage),
87 _mode(verificationMode),
88 _pSSLContext(0),
89 _extendedCertificateVerification(true)
90 {
91 Params params;
92 params.caLocation = caLocation;
93 params.verificationMode = verificationMode;
94 params.verificationDepth = verificationDepth;
95 params.loadDefaultCAs = loadDefaultCAs;
96 params.cipherList = cipherList;
97 init(params);
98 }
99
100
~Context()101 Context::~Context()
102 {
103 try
104 {
105 SSL_CTX_free(_pSSLContext);
106 Poco::Crypto::OpenSSLInitializer::uninitialize();
107 }
108 catch (...)
109 {
110 poco_unexpected();
111 }
112 }
113
114
init(const Params & params)115 void Context::init(const Params& params)
116 {
117 Poco::Crypto::OpenSSLInitializer::initialize();
118
119 createSSLContext();
120
121 try
122 {
123 int errCode = 0;
124 if (!params.caLocation.empty())
125 {
126 Poco::File aFile(params.caLocation);
127 if (aFile.isDirectory())
128 errCode = SSL_CTX_load_verify_locations(_pSSLContext, 0, Poco::Path::transcode(params.caLocation).c_str());
129 else
130 errCode = SSL_CTX_load_verify_locations(_pSSLContext, Poco::Path::transcode(params.caLocation).c_str(), 0);
131 if (errCode != 1)
132 {
133 std::string msg = Utility::getLastError();
134 throw SSLContextException(std::string("Cannot load CA file/directory at ") + params.caLocation, msg);
135 }
136 }
137
138 if (params.loadDefaultCAs)
139 {
140 errCode = SSL_CTX_set_default_verify_paths(_pSSLContext);
141 if (errCode != 1)
142 {
143 std::string msg = Utility::getLastError();
144 throw SSLContextException("Cannot load default CA certificates", msg);
145 }
146 }
147
148 if (!params.privateKeyFile.empty())
149 {
150 errCode = SSL_CTX_use_PrivateKey_file(_pSSLContext, Poco::Path::transcode(params.privateKeyFile).c_str(), SSL_FILETYPE_PEM);
151 if (errCode != 1)
152 {
153 std::string msg = Utility::getLastError();
154 throw SSLContextException(std::string("Error loading private key from file ") + params.privateKeyFile, msg);
155 }
156 }
157
158 if (!params.certificateFile.empty())
159 {
160 errCode = SSL_CTX_use_certificate_chain_file(_pSSLContext, Poco::Path::transcode(params.certificateFile).c_str());
161 if (errCode != 1)
162 {
163 std::string errMsg = Utility::getLastError();
164 throw SSLContextException(std::string("Error loading certificate from file ") + params.certificateFile, errMsg);
165 }
166 }
167
168 if (isForServerUse())
169 SSL_CTX_set_verify(_pSSLContext, params.verificationMode, &SSLManager::verifyServerCallback);
170 else
171 SSL_CTX_set_verify(_pSSLContext, params.verificationMode, &SSLManager::verifyClientCallback);
172
173 SSL_CTX_set_cipher_list(_pSSLContext, params.cipherList.c_str());
174 SSL_CTX_set_verify_depth(_pSSLContext, params.verificationDepth);
175 SSL_CTX_set_mode(_pSSLContext, SSL_MODE_AUTO_RETRY);
176 SSL_CTX_set_session_cache_mode(_pSSLContext, SSL_SESS_CACHE_OFF);
177
178 initDH(params.dhUse2048Bits, params.dhParamsFile);
179 initECDH(params.ecdhCurve);
180 }
181 catch (...)
182 {
183 SSL_CTX_free(_pSSLContext);
184 throw;
185 }
186 }
187
188
useCertificate(const Poco::Crypto::X509Certificate & certificate)189 void Context::useCertificate(const Poco::Crypto::X509Certificate& certificate)
190 {
191 int errCode = SSL_CTX_use_certificate(_pSSLContext, const_cast<X509*>(certificate.certificate()));
192 if (errCode != 1)
193 {
194 std::string msg = Utility::getLastError();
195 throw SSLContextException("Cannot set certificate for Context", msg);
196 }
197 }
198
199
addChainCertificate(const Poco::Crypto::X509Certificate & certificate)200 void Context::addChainCertificate(const Poco::Crypto::X509Certificate& certificate)
201 {
202 X509* pCert = certificate.dup();
203 int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, pCert);
204 if (errCode != 1)
205 {
206 X509_free(pCert);
207 std::string msg = Utility::getLastError();
208 throw SSLContextException("Cannot add chain certificate to Context", msg);
209 }
210 }
211
212
addCertificateAuthority(const Crypto::X509Certificate & certificate)213 void Context::addCertificateAuthority(const Crypto::X509Certificate &certificate)
214 {
215 if (X509_STORE* store = SSL_CTX_get_cert_store(_pSSLContext))
216 {
217 int errCode = X509_STORE_add_cert(store, const_cast<X509*>(certificate.certificate()));
218 if (errCode != 1)
219 {
220 std::string msg = Utility::getLastError();
221 throw SSLContextException("Cannot add certificate authority to Context", msg);
222 }
223 }
224 else
225 {
226 std::string msg = Utility::getLastError();
227 throw SSLContextException("Cannot add certificate authority to Context", msg);
228 }
229 }
230
231
usePrivateKey(const Poco::Crypto::RSAKey & key)232 void Context::usePrivateKey(const Poco::Crypto::RSAKey& key)
233 {
234 int errCode = SSL_CTX_use_RSAPrivateKey(_pSSLContext, key.impl()->getRSA());
235 if (errCode != 1)
236 {
237 std::string msg = Utility::getLastError();
238 throw SSLContextException("Cannot set private key for Context", msg);
239 }
240 }
241
242
usePrivateKey(const Poco::Crypto::EVPPKey & pkey)243 void Context::usePrivateKey(const Poco::Crypto::EVPPKey& pkey)
244 {
245 int errCode = SSL_CTX_use_PrivateKey(_pSSLContext, const_cast<EVP_PKEY*>(static_cast<const EVP_PKEY*>(pkey)));
246 if (errCode != 1)
247 {
248 std::string msg = Utility::getLastError();
249 throw SSLContextException("Cannot set private key for Context", msg);
250 }
251 }
252
253
enableSessionCache(bool flag)254 void Context::enableSessionCache(bool flag)
255 {
256 if (flag)
257 {
258 SSL_CTX_set_session_cache_mode(_pSSLContext, isForServerUse() ? SSL_SESS_CACHE_SERVER : SSL_SESS_CACHE_CLIENT);
259 }
260 else
261 {
262 SSL_CTX_set_session_cache_mode(_pSSLContext, SSL_SESS_CACHE_OFF);
263 }
264 }
265
266
enableSessionCache(bool flag,const std::string & sessionIdContext)267 void Context::enableSessionCache(bool flag, const std::string& sessionIdContext)
268 {
269 poco_assert (isForServerUse());
270
271 if (flag)
272 {
273 SSL_CTX_set_session_cache_mode(_pSSLContext, SSL_SESS_CACHE_SERVER);
274 }
275 else
276 {
277 SSL_CTX_set_session_cache_mode(_pSSLContext, SSL_SESS_CACHE_OFF);
278 }
279
280 unsigned length = static_cast<unsigned>(sessionIdContext.length());
281 if (length > SSL_MAX_SSL_SESSION_ID_LENGTH) length = SSL_MAX_SSL_SESSION_ID_LENGTH;
282 int rc = SSL_CTX_set_session_id_context(_pSSLContext, reinterpret_cast<const unsigned char*>(sessionIdContext.data()), length);
283 if (rc != 1) throw SSLContextException("cannot set session ID context");
284 }
285
286
sessionCacheEnabled() const287 bool Context::sessionCacheEnabled() const
288 {
289 return SSL_CTX_get_session_cache_mode(_pSSLContext) != SSL_SESS_CACHE_OFF;
290 }
291
292
setSessionCacheSize(std::size_t size)293 void Context::setSessionCacheSize(std::size_t size)
294 {
295 poco_assert (isForServerUse());
296
297 SSL_CTX_sess_set_cache_size(_pSSLContext, static_cast<long>(size));
298 }
299
300
getSessionCacheSize() const301 std::size_t Context::getSessionCacheSize() const
302 {
303 poco_assert (isForServerUse());
304
305 return static_cast<std::size_t>(SSL_CTX_sess_get_cache_size(_pSSLContext));
306 }
307
308
setSessionTimeout(long seconds)309 void Context::setSessionTimeout(long seconds)
310 {
311 poco_assert (isForServerUse());
312
313 SSL_CTX_set_timeout(_pSSLContext, seconds);
314 }
315
316
getSessionTimeout() const317 long Context::getSessionTimeout() const
318 {
319 poco_assert (isForServerUse());
320
321 return SSL_CTX_get_timeout(_pSSLContext);
322 }
323
324
flushSessionCache()325 void Context::flushSessionCache()
326 {
327 poco_assert (isForServerUse());
328
329 Poco::Timestamp now;
330 SSL_CTX_flush_sessions(_pSSLContext, static_cast<long>(now.epochTime()));
331 }
332
333
enableExtendedCertificateVerification(bool flag)334 void Context::enableExtendedCertificateVerification(bool flag)
335 {
336 _extendedCertificateVerification = flag;
337 }
338
339
disableStatelessSessionResumption()340 void Context::disableStatelessSessionResumption()
341 {
342 #if defined(SSL_OP_NO_TICKET)
343 SSL_CTX_set_options(_pSSLContext, SSL_OP_NO_TICKET);
344 #endif
345 }
346
347
disableProtocols(int protocols)348 void Context::disableProtocols(int protocols)
349 {
350 if (protocols & PROTO_SSLV2)
351 {
352 #if defined(SSL_OP_NO_SSLv2)
353 SSL_CTX_set_options(_pSSLContext, SSL_OP_NO_SSLv2);
354 #endif
355 }
356 if (protocols & PROTO_SSLV3)
357 {
358 #if defined(SSL_OP_NO_SSLv3)
359 SSL_CTX_set_options(_pSSLContext, SSL_OP_NO_SSLv3);
360 #endif
361 }
362 if (protocols & PROTO_TLSV1)
363 {
364 #if defined(SSL_OP_NO_TLSv1)
365 SSL_CTX_set_options(_pSSLContext, SSL_OP_NO_TLSv1);
366 #endif
367 }
368 if (protocols & PROTO_TLSV1_1)
369 {
370 #if defined(SSL_OP_NO_TLSv1_1)
371 SSL_CTX_set_options(_pSSLContext, SSL_OP_NO_TLSv1_1);
372 #endif
373 }
374 if (protocols & PROTO_TLSV1_2)
375 {
376 #if defined(SSL_OP_NO_TLSv1_2)
377 SSL_CTX_set_options(_pSSLContext, SSL_OP_NO_TLSv1_2);
378 #endif
379 }
380 if (protocols & PROTO_TLSV1_3)
381 {
382 #if defined(SSL_OP_NO_TLSv1_3)
383 SSL_CTX_set_options(_pSSLContext, SSL_OP_NO_TLSv1_3);
384 #endif
385 }
386 }
387
388
requireMinimumProtocol(Protocols protocol)389 void Context::requireMinimumProtocol(Protocols protocol)
390 {
391 #if OPENSSL_VERSION_NUMBER >= 0x10101000L
392 int version = 0;
393 switch (protocol)
394 {
395 case PROTO_SSLV2:
396 throw Poco::InvalidArgumentException("SSLv2 is no longer supported");
397 case PROTO_SSLV3:
398 version = SSL3_VERSION;
399 break;
400 case PROTO_TLSV1:
401 version = TLS1_VERSION;
402 break;
403 case PROTO_TLSV1_1:
404 version = TLS1_1_VERSION;
405 break;
406 case PROTO_TLSV1_2:
407 version = TLS1_2_VERSION;
408 break;
409 case PROTO_TLSV1_3:
410 version = TLS1_3_VERSION;
411 break;
412 }
413 if (!SSL_CTX_set_min_proto_version(_pSSLContext, version))
414 {
415 unsigned long err = ERR_get_error();
416 throw SSLException("Cannot set minimum supported version on SSL_CTX object", ERR_error_string(err, 0));
417 }
418
419 #else
420
421 switch (protocol)
422 {
423 case PROTO_SSLV2:
424 throw Poco::InvalidArgumentException("SSLv2 is no longer supported");
425
426 case PROTO_SSLV3:
427 disableProtocols(PROTO_SSLV2);
428 break;
429
430 case PROTO_TLSV1:
431 disableProtocols(PROTO_SSLV2 | PROTO_SSLV3);
432 break;
433
434 case PROTO_TLSV1_1:
435 #if defined(SSL_OP_NO_TLSv1_1) && !defined(OPENSSL_NO_TLS1)
436 disableProtocols(PROTO_SSLV2 | PROTO_SSLV3 | PROTO_TLSV1);
437 #else
438 throw Poco::InvalidArgumentException("TLSv1.1 is not supported by the available OpenSSL library");
439 #endif
440 break;
441
442 case PROTO_TLSV1_2:
443 #if defined(SSL_OP_NO_TLSv1_2) && !defined(OPENSSL_NO_TLS1)
444 disableProtocols(PROTO_SSLV2 | PROTO_SSLV3 | PROTO_TLSV1 | PROTO_TLSV1_1);
445 #else
446 throw Poco::InvalidArgumentException("TLSv1.2 is not supported by the available OpenSSL library");
447 #endif
448 break;
449
450 case PROTO_TLSV1_3:
451 throw Poco::InvalidArgumentException("TLSv1.3 is not supported by the available OpenSSL library");
452 break;
453 }
454 #endif
455 }
456
457
preferServerCiphers()458 void Context::preferServerCiphers()
459 {
460 #if defined(SSL_OP_CIPHER_SERVER_PREFERENCE)
461 SSL_CTX_set_options(_pSSLContext, SSL_OP_CIPHER_SERVER_PREFERENCE);
462 #endif
463 }
464
465
createSSLContext()466 void Context::createSSLContext()
467 {
468 int minTLSVersion = 0;
469
470 if (SSLManager::isFIPSEnabled())
471 {
472 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
473 _pSSLContext = SSL_CTX_new(TLS_method());
474 #else
475 _pSSLContext = SSL_CTX_new(TLSv1_method());
476 #endif
477 }
478 else
479 {
480 switch (_usage)
481 {
482 case CLIENT_USE:
483 case TLS_CLIENT_USE:
484 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
485 _pSSLContext = SSL_CTX_new(TLS_client_method());
486 minTLSVersion = TLS1_VERSION;
487 #else
488 _pSSLContext = SSL_CTX_new(SSLv23_client_method());
489 #endif
490 break;
491
492 case SERVER_USE:
493 case TLS_SERVER_USE:
494 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
495 _pSSLContext = SSL_CTX_new(TLS_server_method());
496 minTLSVersion = TLS1_VERSION;
497 #else
498 _pSSLContext = SSL_CTX_new(SSLv23_server_method());
499 #endif
500 break;
501
502 case TLSV1_CLIENT_USE:
503 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
504 _pSSLContext = SSL_CTX_new(TLS_client_method());
505 minTLSVersion = TLS1_VERSION;
506 #else
507 _pSSLContext = SSL_CTX_new(TLSv1_client_method());
508 #endif
509 break;
510
511 case TLSV1_SERVER_USE:
512 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
513 _pSSLContext = SSL_CTX_new(TLS_server_method());
514 minTLSVersion = TLS1_VERSION;
515 #else
516 _pSSLContext = SSL_CTX_new(TLSv1_server_method());
517 #endif
518 break;
519
520 #if defined(SSL_OP_NO_TLSv1_1) && !defined(OPENSSL_NO_TLS1)
521 /* SSL_OP_NO_TLSv1_1 is defined in ssl.h if the library version supports TLSv1.1.
522 * OPENSSL_NO_TLS1 is defined in opensslconf.h or on the compiler command line
523 * if TLS1.x was removed at OpenSSL library build time via Configure options.
524 */
525 case TLSV1_1_CLIENT_USE:
526 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
527 _pSSLContext = SSL_CTX_new(TLS_client_method());
528 minTLSVersion = TLS1_1_VERSION;
529 #else
530 _pSSLContext = SSL_CTX_new(TLSv1_1_client_method());
531 #endif
532 break;
533
534 case TLSV1_1_SERVER_USE:
535 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
536 _pSSLContext = SSL_CTX_new(TLS_server_method());
537 minTLSVersion = TLS1_1_VERSION;
538 #else
539 _pSSLContext = SSL_CTX_new(TLSv1_1_server_method());
540 #endif
541 break;
542 #endif
543
544 #if defined(SSL_OP_NO_TLSv1_2) && !defined(OPENSSL_NO_TLS1)
545 case TLSV1_2_CLIENT_USE:
546 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
547 _pSSLContext = SSL_CTX_new(TLS_client_method());
548 minTLSVersion = TLS1_2_VERSION;
549 #else
550 _pSSLContext = SSL_CTX_new(TLSv1_2_client_method());
551 #endif
552 break;
553
554 case TLSV1_2_SERVER_USE:
555 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
556 _pSSLContext = SSL_CTX_new(TLS_server_method());
557 minTLSVersion = TLS1_2_VERSION;
558 #else
559 _pSSLContext = SSL_CTX_new(TLSv1_2_server_method());
560 #endif
561 break;
562 #endif
563
564 #if defined(SSL_OP_NO_TLSv1_3) && !defined(OPENSSL_NO_TLS1)
565 case TLSV1_3_CLIENT_USE:
566 #if OPENSSL_VERSION_NUMBER >= 0x10101000L
567 _pSSLContext = SSL_CTX_new(TLS_client_method());
568 minTLSVersion = TLS1_3_VERSION;
569 #endif
570 break;
571
572 case TLSV1_3_SERVER_USE:
573 #if OPENSSL_VERSION_NUMBER >= 0x10101000L
574 _pSSLContext = SSL_CTX_new(TLS_server_method());
575 minTLSVersion = TLS1_3_VERSION;
576 #endif
577 break;
578 #endif
579
580 default:
581 throw Poco::InvalidArgumentException("Invalid or unsupported usage");
582 }
583 }
584 if (!_pSSLContext)
585 {
586 unsigned long err = ERR_get_error();
587 throw SSLException("Cannot create SSL_CTX object", ERR_error_string(err, 0));
588 }
589
590 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
591 if (minTLSVersion)
592 {
593 if (!SSL_CTX_set_min_proto_version(_pSSLContext, minTLSVersion))
594 {
595 SSL_CTX_free(_pSSLContext);
596 _pSSLContext = 0;
597 unsigned long err = ERR_get_error();
598 throw SSLException("Cannot set minimum supported version on SSL_CTX object", ERR_error_string(err, 0));
599 }
600 }
601 #endif
602
603 SSL_CTX_set_default_passwd_cb(_pSSLContext, &SSLManager::privateKeyPassphraseCallback);
604 Utility::clearErrorStack();
605 SSL_CTX_set_options(_pSSLContext, SSL_OP_ALL);
606 }
607
608
initDH(bool use2048Bits,const std::string & dhParamsFile)609 void Context::initDH(bool use2048Bits, const std::string& dhParamsFile)
610 {
611 #ifndef OPENSSL_NO_DH
612 static const unsigned char dh1024_p[] =
613 {
614 0xB1,0x0B,0x8F,0x96,0xA0,0x80,0xE0,0x1D,0xDE,0x92,0xDE,0x5E,
615 0xAE,0x5D,0x54,0xEC,0x52,0xC9,0x9F,0xBC,0xFB,0x06,0xA3,0xC6,
616 0x9A,0x6A,0x9D,0xCA,0x52,0xD2,0x3B,0x61,0x60,0x73,0xE2,0x86,
617 0x75,0xA2,0x3D,0x18,0x98,0x38,0xEF,0x1E,0x2E,0xE6,0x52,0xC0,
618 0x13,0xEC,0xB4,0xAE,0xA9,0x06,0x11,0x23,0x24,0x97,0x5C,0x3C,
619 0xD4,0x9B,0x83,0xBF,0xAC,0xCB,0xDD,0x7D,0x90,0xC4,0xBD,0x70,
620 0x98,0x48,0x8E,0x9C,0x21,0x9A,0x73,0x72,0x4E,0xFF,0xD6,0xFA,
621 0xE5,0x64,0x47,0x38,0xFA,0xA3,0x1A,0x4F,0xF5,0x5B,0xCC,0xC0,
622 0xA1,0x51,0xAF,0x5F,0x0D,0xC8,0xB4,0xBD,0x45,0xBF,0x37,0xDF,
623 0x36,0x5C,0x1A,0x65,0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,
624 0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71,
625 };
626
627 static const unsigned char dh1024_g[] =
628 {
629 0xA4,0xD1,0xCB,0xD5,0xC3,0xFD,0x34,0x12,0x67,0x65,0xA4,0x42,
630 0xEF,0xB9,0x99,0x05,0xF8,0x10,0x4D,0xD2,0x58,0xAC,0x50,0x7F,
631 0xD6,0x40,0x6C,0xFF,0x14,0x26,0x6D,0x31,0x26,0x6F,0xEA,0x1E,
632 0x5C,0x41,0x56,0x4B,0x77,0x7E,0x69,0x0F,0x55,0x04,0xF2,0x13,
633 0x16,0x02,0x17,0xB4,0xB0,0x1B,0x88,0x6A,0x5E,0x91,0x54,0x7F,
634 0x9E,0x27,0x49,0xF4,0xD7,0xFB,0xD7,0xD3,0xB9,0xA9,0x2E,0xE1,
635 0x90,0x9D,0x0D,0x22,0x63,0xF8,0x0A,0x76,0xA6,0xA2,0x4C,0x08,
636 0x7A,0x09,0x1F,0x53,0x1D,0xBF,0x0A,0x01,0x69,0xB6,0xA2,0x8A,
637 0xD6,0x62,0xA4,0xD1,0x8E,0x73,0xAF,0xA3,0x2D,0x77,0x9D,0x59,
638 0x18,0xD0,0x8B,0xC8,0x85,0x8F,0x4D,0xCE,0xF9,0x7C,0x2A,0x24,
639 0x85,0x5E,0x6E,0xEB,0x22,0xB3,0xB2,0xE5,
640 };
641
642 static const unsigned char dh2048_p[] =
643 {
644 0x87,0xA8,0xE6,0x1D,0xB4,0xB6,0x66,0x3C,0xFF,0xBB,0xD1,0x9C,
645 0x65,0x19,0x59,0x99,0x8C,0xEE,0xF6,0x08,0x66,0x0D,0xD0,0xF2,
646 0x5D,0x2C,0xEE,0xD4,0x43,0x5E,0x3B,0x00,0xE0,0x0D,0xF8,0xF1,
647 0xD6,0x19,0x57,0xD4,0xFA,0xF7,0xDF,0x45,0x61,0xB2,0xAA,0x30,
648 0x16,0xC3,0xD9,0x11,0x34,0x09,0x6F,0xAA,0x3B,0xF4,0x29,0x6D,
649 0x83,0x0E,0x9A,0x7C,0x20,0x9E,0x0C,0x64,0x97,0x51,0x7A,0xBD,
650 0x5A,0x8A,0x9D,0x30,0x6B,0xCF,0x67,0xED,0x91,0xF9,0xE6,0x72,
651 0x5B,0x47,0x58,0xC0,0x22,0xE0,0xB1,0xEF,0x42,0x75,0xBF,0x7B,
652 0x6C,0x5B,0xFC,0x11,0xD4,0x5F,0x90,0x88,0xB9,0x41,0xF5,0x4E,
653 0xB1,0xE5,0x9B,0xB8,0xBC,0x39,0xA0,0xBF,0x12,0x30,0x7F,0x5C,
654 0x4F,0xDB,0x70,0xC5,0x81,0xB2,0x3F,0x76,0xB6,0x3A,0xCA,0xE1,
655 0xCA,0xA6,0xB7,0x90,0x2D,0x52,0x52,0x67,0x35,0x48,0x8A,0x0E,
656 0xF1,0x3C,0x6D,0x9A,0x51,0xBF,0xA4,0xAB,0x3A,0xD8,0x34,0x77,
657 0x96,0x52,0x4D,0x8E,0xF6,0xA1,0x67,0xB5,0xA4,0x18,0x25,0xD9,
658 0x67,0xE1,0x44,0xE5,0x14,0x05,0x64,0x25,0x1C,0xCA,0xCB,0x83,
659 0xE6,0xB4,0x86,0xF6,0xB3,0xCA,0x3F,0x79,0x71,0x50,0x60,0x26,
660 0xC0,0xB8,0x57,0xF6,0x89,0x96,0x28,0x56,0xDE,0xD4,0x01,0x0A,
661 0xBD,0x0B,0xE6,0x21,0xC3,0xA3,0x96,0x0A,0x54,0xE7,0x10,0xC3,
662 0x75,0xF2,0x63,0x75,0xD7,0x01,0x41,0x03,0xA4,0xB5,0x43,0x30,
663 0xC1,0x98,0xAF,0x12,0x61,0x16,0xD2,0x27,0x6E,0x11,0x71,0x5F,
664 0x69,0x38,0x77,0xFA,0xD7,0xEF,0x09,0xCA,0xDB,0x09,0x4A,0xE9,
665 0x1E,0x1A,0x15,0x97,
666 };
667
668 static const unsigned char dh2048_g[] =
669 {
670 0x3F,0xB3,0x2C,0x9B,0x73,0x13,0x4D,0x0B,0x2E,0x77,0x50,0x66,
671 0x60,0xED,0xBD,0x48,0x4C,0xA7,0xB1,0x8F,0x21,0xEF,0x20,0x54,
672 0x07,0xF4,0x79,0x3A,0x1A,0x0B,0xA1,0x25,0x10,0xDB,0xC1,0x50,
673 0x77,0xBE,0x46,0x3F,0xFF,0x4F,0xED,0x4A,0xAC,0x0B,0xB5,0x55,
674 0xBE,0x3A,0x6C,0x1B,0x0C,0x6B,0x47,0xB1,0xBC,0x37,0x73,0xBF,
675 0x7E,0x8C,0x6F,0x62,0x90,0x12,0x28,0xF8,0xC2,0x8C,0xBB,0x18,
676 0xA5,0x5A,0xE3,0x13,0x41,0x00,0x0A,0x65,0x01,0x96,0xF9,0x31,
677 0xC7,0x7A,0x57,0xF2,0xDD,0xF4,0x63,0xE5,0xE9,0xEC,0x14,0x4B,
678 0x77,0x7D,0xE6,0x2A,0xAA,0xB8,0xA8,0x62,0x8A,0xC3,0x76,0xD2,
679 0x82,0xD6,0xED,0x38,0x64,0xE6,0x79,0x82,0x42,0x8E,0xBC,0x83,
680 0x1D,0x14,0x34,0x8F,0x6F,0x2F,0x91,0x93,0xB5,0x04,0x5A,0xF2,
681 0x76,0x71,0x64,0xE1,0xDF,0xC9,0x67,0xC1,0xFB,0x3F,0x2E,0x55,
682 0xA4,0xBD,0x1B,0xFF,0xE8,0x3B,0x9C,0x80,0xD0,0x52,0xB9,0x85,
683 0xD1,0x82,0xEA,0x0A,0xDB,0x2A,0x3B,0x73,0x13,0xD3,0xFE,0x14,
684 0xC8,0x48,0x4B,0x1E,0x05,0x25,0x88,0xB9,0xB7,0xD2,0xBB,0xD2,
685 0xDF,0x01,0x61,0x99,0xEC,0xD0,0x6E,0x15,0x57,0xCD,0x09,0x15,
686 0xB3,0x35,0x3B,0xBB,0x64,0xE0,0xEC,0x37,0x7F,0xD0,0x28,0x37,
687 0x0D,0xF9,0x2B,0x52,0xC7,0x89,0x14,0x28,0xCD,0xC6,0x7E,0xB6,
688 0x18,0x4B,0x52,0x3D,0x1D,0xB2,0x46,0xC3,0x2F,0x63,0x07,0x84,
689 0x90,0xF0,0x0E,0xF8,0xD6,0x47,0xD1,0x48,0xD4,0x79,0x54,0x51,
690 0x5E,0x23,0x27,0xCF,0xEF,0x98,0xC5,0x82,0x66,0x4B,0x4C,0x0F,
691 0x6C,0xC4,0x16,0x59,
692 };
693
694 DH* dh = 0;
695 if (!dhParamsFile.empty())
696 {
697 BIO* bio = BIO_new_file(dhParamsFile.c_str(), "r");
698 if (!bio)
699 {
700 std::string msg = Utility::getLastError();
701 throw SSLContextException(std::string("Error opening Diffie-Hellman parameters file ") + dhParamsFile, msg);
702 }
703 dh = PEM_read_bio_DHparams(bio, 0, 0, 0);
704 BIO_free(bio);
705 if (!dh)
706 {
707 std::string msg = Utility::getLastError();
708 throw SSLContextException(std::string("Error reading Diffie-Hellman parameters from file ") + dhParamsFile, msg);
709 }
710 }
711 else
712 {
713 dh = DH_new();
714 if (!dh)
715 {
716 std::string msg = Utility::getLastError();
717 throw SSLContextException("Error creating Diffie-Hellman parameters", msg);
718 }
719 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
720 BIGNUM* p = nullptr;
721 BIGNUM* g = nullptr;
722 if (use2048Bits)
723 {
724 p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), 0);
725 g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), 0);
726 DH_set0_pqg(dh, p, 0, g);
727 DH_set_length(dh, 256);
728 }
729 else
730 {
731 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
732 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
733 DH_set0_pqg(dh, p, 0, g);
734 DH_set_length(dh, 160);
735 }
736 if (!p || !g)
737 {
738 DH_free(dh);
739 throw SSLContextException("Error creating Diffie-Hellman parameters");
740 }
741 #else
742 if (use2048Bits)
743 {
744 dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), 0);
745 dh->g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), 0);
746 dh->length = 256;
747 }
748 else
749 {
750 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
751 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
752 dh->length = 160;
753 }
754 if ((!dh->p) || (!dh->g))
755 {
756 DH_free(dh);
757 throw SSLContextException("Error creating Diffie-Hellman parameters");
758 }
759 #endif
760 }
761 SSL_CTX_set_tmp_dh(_pSSLContext, dh);
762 SSL_CTX_set_options(_pSSLContext, SSL_OP_SINGLE_DH_USE);
763 DH_free(dh);
764 #else
765 if (!dhParamsFile.empty())
766 throw SSLContextException("OpenSSL does not support DH");
767 #endif
768 }
769
770
initECDH(const std::string & curve)771 void Context::initECDH(const std::string& curve)
772 {
773 #ifndef OPENSSL_NO_ECDH
774 #if OPENSSL_VERSION_NUMBER >= 0x1000200fL
775 const std::string groups(curve.empty() ?
776 #if OPENSSL_VERSION_NUMBER >= 0x1010100fL
777 "X448:X25519:P-521:P-384:P-256"
778 #elif OPENSSL_VERSION_NUMBER >= 0x1010000fL
779 // while OpenSSL 1.1.0 didn't support Ed25519 (EdDSA using Curve25519),
780 // it did support X25519 (ECDH using Curve25516).
781 "X25519:P-521:P-384:P-256"
782 #else
783 "P-521:P-384:P-256"
784 #endif
785 : curve);
786 if (SSL_CTX_set1_curves_list(_pSSLContext, groups.c_str()) == 0)
787 {
788 throw SSLContextException("Cannot set ECDH groups", groups);
789 }
790 SSL_CTX_set_options(_pSSLContext, SSL_OP_SINGLE_ECDH_USE);
791 #elif OPENSSL_VERSION_NUMBER >= 0x0090800fL
792 int nid = 0;
793 if (!curve.empty())
794 {
795 nid = OBJ_sn2nid(curve.c_str());
796 }
797 else
798 {
799 nid = OBJ_sn2nid("prime256v1");
800 }
801 if (nid == 0)
802 {
803 throw SSLContextException("Unknown ECDH curve name", curve);
804 }
805
806 EC_KEY* ecdh = EC_KEY_new_by_curve_name(nid);
807 if (!ecdh)
808 {
809 throw SSLContextException("Cannot create ECDH curve");
810 }
811 SSL_CTX_set_tmp_ecdh(_pSSLContext, ecdh);
812 SSL_CTX_set_options(_pSSLContext, SSL_OP_SINGLE_ECDH_USE);
813 EC_KEY_free(ecdh);
814 #endif
815 #endif
816 }
817
818
819 } } // namespace Poco::Net
820