1 /* ssl/ssltest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly
144 on Linux and GNU platforms. */
145 #include <sys/types.h>
146 #include <sys/param.h>
147 #include <sys/socket.h>
148
149 #include <netinet/in.h>
150
151 #include <assert.h>
152 #include <errno.h>
153 #include <limits.h>
154 #include <netdb.h>
155 #include <stdio.h>
156 #include <stdlib.h>
157 #include <string.h>
158 #include <time.h>
159 #include <unistd.h>
160
161 #include <ctype.h>
162
163 #include <openssl/opensslconf.h>
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
172 #endif
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #include <openssl/rsa.h>
176 #include <openssl/dsa.h>
177 #include <openssl/dh.h>
178 #include <openssl/bn.h>
179
180 #define TEST_SERVER_CERT "../apps/server.pem"
181 #define TEST_CLIENT_CERT "../apps/client.pem"
182
183 static int verify_callback(int ok, X509_STORE_CTX *ctx);
184 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
185 #define APP_CALLBACK_STRING "Test Callback Argument"
186 struct app_verify_arg {
187 char *string;
188 int app_verify;
189 int allow_proxy_certs;
190 char *proxy_auth;
191 char *proxy_cond;
192 };
193
194 static DH *get_dh1024(void);
195 static DH *get_dh1024dsa(void);
196
197 static BIO *bio_err = NULL;
198 static BIO *bio_stdout = NULL;
199
200 static const char *alpn_client;
201 static const char *alpn_server;
202 static const char *alpn_expected;
203 static unsigned char *alpn_selected;
204
205 /*
206 * next_protos_parse parses a comma separated list of strings into a string
207 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
208 * outlen: (output) set to the length of the resulting buffer on success.
209 * err: (maybe NULL) on failure, an error message line is written to this BIO.
210 * in: a NUL terminated string like "abc,def,ghi"
211 *
212 * returns: a malloced buffer or NULL on failure.
213 */
214 static unsigned char *
next_protos_parse(unsigned short * outlen,const char * in)215 next_protos_parse(unsigned short *outlen, const char *in)
216 {
217 size_t i, len, start = 0;
218 unsigned char *out;
219
220 len = strlen(in);
221 if (len >= 65535)
222 return (NULL);
223
224 if ((out = malloc(strlen(in) + 1)) == NULL)
225 return (NULL);
226
227 for (i = 0; i <= len; ++i) {
228 if (i == len || in[i] == ',') {
229 if (i - start > 255) {
230 free(out);
231 return (NULL);
232 }
233 out[start] = i - start;
234 start = i + 1;
235 } else
236 out[i+1] = in[i];
237 }
238 *outlen = len + 1;
239 return (out);
240 }
241
242 static int
cb_server_alpn(SSL * s,const unsigned char ** out,unsigned char * outlen,const unsigned char * in,unsigned int inlen,void * arg)243 cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen,
244 const unsigned char *in, unsigned int inlen, void *arg)
245 {
246 unsigned char *protos;
247 unsigned short protos_len;
248
249 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) {
250 fprintf(stderr,
251 "failed to parser ALPN server protocol string: %s\n",
252 alpn_server);
253 abort();
254 }
255
256 if (SSL_select_next_proto((unsigned char **)out, outlen, protos,
257 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) {
258 free(protos);
259 return (SSL_TLSEXT_ERR_NOACK);
260 }
261
262 /*
263 * Make a copy of the selected protocol which will be freed in
264 * verify_alpn.
265 */
266 if ((alpn_selected = malloc(*outlen)) == NULL) {
267 fprintf(stderr, "malloc failed\n");
268 abort();
269 }
270 memcpy(alpn_selected, *out, *outlen);
271 *out = alpn_selected;
272 free(protos);
273
274 return (SSL_TLSEXT_ERR_OK);
275 }
276
277 static int
verify_alpn(SSL * client,SSL * server)278 verify_alpn(SSL *client, SSL *server)
279 {
280 const unsigned char *client_proto, *server_proto;
281 unsigned int client_proto_len = 0, server_proto_len = 0;
282
283 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
284 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
285
286 free(alpn_selected);
287 alpn_selected = NULL;
288
289 if (client_proto_len != server_proto_len ||
290 memcmp(client_proto, server_proto, client_proto_len) != 0) {
291 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
292 goto err;
293 }
294
295 if (client_proto_len > 0 && alpn_expected == NULL) {
296 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
297 goto err;
298 }
299
300 if (alpn_expected != NULL &&
301 (client_proto_len != strlen(alpn_expected) ||
302 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
303 BIO_printf(bio_stdout, "ALPN selected protocols not equal to "
304 "expected protocol: %s\n", alpn_expected);
305 goto err;
306 }
307
308 return (0);
309
310 err:
311 BIO_printf(bio_stdout, "ALPN results: client: '");
312 BIO_write(bio_stdout, client_proto, client_proto_len);
313 BIO_printf(bio_stdout, "', server: '");
314 BIO_write(bio_stdout, server_proto, server_proto_len);
315 BIO_printf(bio_stdout, "'\n");
316 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
317 alpn_client, alpn_server);
318
319 return (-1);
320 }
321
322 static char *cipher = NULL;
323 static int verbose = 0;
324 static int debug = 0;
325
326 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
327 clock_t *c_time);
328 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
329
330 static void
sv_usage(void)331 sv_usage(void)
332 {
333 fprintf(stderr, "usage: ssltest [args ...]\n");
334 fprintf(stderr, "\n");
335 fprintf(stderr, " -server_auth - check server certificate\n");
336 fprintf(stderr, " -client_auth - do client authentication\n");
337 fprintf(stderr, " -proxy - allow proxy certificates\n");
338 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
339 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n");
340 fprintf(stderr, " -v - more output\n");
341 fprintf(stderr, " -d - debug output\n");
342 fprintf(stderr, " -reuse - use session-id reuse\n");
343 fprintf(stderr, " -num <val> - number of connections to perform\n");
344 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n");
345 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
346 fprintf(stderr, " -no_dhe - disable DHE\n");
347 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
348 fprintf(stderr, " -dtls1 - use DTLSv1\n");
349 fprintf(stderr, " -tls1 - use TLSv1\n");
350 fprintf(stderr, " -tls1_2 - use TLSv1.2\n");
351 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
352 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
353 fprintf(stderr, " -cert arg - Server certificate file\n");
354 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n");
355 fprintf(stderr, " -c_cert arg - Client certificate file\n");
356 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n");
357 fprintf(stderr, " -cipher arg - The cipher list\n");
358 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
359 fprintf(stderr, " -f - Test even cases that can't work\n");
360 fprintf(stderr, " -time - measure processor time used by client and server\n");
361 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
362 " Use \"openssl ecparam -list_curves\" for all names\n" \
363 " (default is sect163r2).\n");
364 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
365 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
366 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
367 }
368
369 static void
print_details(SSL * c_ssl,const char * prefix)370 print_details(SSL *c_ssl, const char *prefix)
371 {
372 const SSL_CIPHER *ciph;
373 X509 *cert;
374
375 ciph = SSL_get_current_cipher(c_ssl);
376 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
377 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph),
378 SSL_CIPHER_get_name(ciph));
379 cert = SSL_get_peer_certificate(c_ssl);
380 if (cert != NULL) {
381 EVP_PKEY *pkey = X509_get_pubkey(cert);
382 if (pkey != NULL) {
383 if (pkey->type == EVP_PKEY_RSA &&
384 pkey->pkey.rsa != NULL &&
385 pkey->pkey.rsa->n != NULL) {
386 BIO_printf(bio_stdout, ", %d bit RSA",
387 BN_num_bits(pkey->pkey.rsa->n));
388 } else if (pkey->type == EVP_PKEY_DSA &&
389 pkey->pkey.dsa != NULL &&
390 pkey->pkey.dsa->p != NULL) {
391 BIO_printf(bio_stdout, ", %d bit DSA",
392 BN_num_bits(pkey->pkey.dsa->p));
393 }
394 EVP_PKEY_free(pkey);
395 }
396 X509_free(cert);
397 }
398 /* The SSL API does not allow us to look at temporary RSA/DH keys,
399 * otherwise we should print their lengths too */
400 BIO_printf(bio_stdout, "\n");
401 }
402
403 int
main(int argc,char * argv[])404 main(int argc, char *argv[])
405 {
406 char *CApath = NULL, *CAfile = NULL;
407 int badop = 0;
408 int bio_pair = 0;
409 int force = 0;
410 int tls1 = 0, tls1_2 = 0, dtls1 = 0, ret = 1;
411 int client_auth = 0;
412 int server_auth = 0, i;
413 struct app_verify_arg app_verify_arg =
414 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
415 char *server_cert = TEST_SERVER_CERT;
416 char *server_key = NULL;
417 char *client_cert = TEST_CLIENT_CERT;
418 char *client_key = NULL;
419 char *named_curve = NULL;
420 SSL_CTX *s_ctx = NULL;
421 SSL_CTX *c_ctx = NULL;
422 const SSL_METHOD *meth = NULL;
423 SSL *c_ssl, *s_ssl;
424 int number = 1, reuse = 0;
425 long bytes = 256L;
426 DH *dh;
427 int dhe1024dsa = 0;
428 EC_KEY *ecdh = NULL;
429 int no_dhe = 0;
430 int no_ecdhe = 0;
431 int print_time = 0;
432 clock_t s_time = 0, c_time = 0;
433
434 verbose = 0;
435 debug = 0;
436 cipher = 0;
437
438 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT);
439
440 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT);
441
442 argc--;
443 argv++;
444
445 while (argc >= 1) {
446 if (!strcmp(*argv, "-F")) {
447 fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n");
448 exit(0);
449 } else if (strcmp(*argv, "-server_auth") == 0)
450 server_auth = 1;
451 else if (strcmp(*argv, "-client_auth") == 0)
452 client_auth = 1;
453 else if (strcmp(*argv, "-proxy_auth") == 0) {
454 if (--argc < 1)
455 goto bad;
456 app_verify_arg.proxy_auth= *(++argv);
457 } else if (strcmp(*argv, "-proxy_cond") == 0) {
458 if (--argc < 1)
459 goto bad;
460 app_verify_arg.proxy_cond= *(++argv);
461 } else if (strcmp(*argv, "-v") == 0)
462 verbose = 1;
463 else if (strcmp(*argv, "-d") == 0)
464 debug = 1;
465 else if (strcmp(*argv, "-reuse") == 0)
466 reuse = 1;
467 else if (strcmp(*argv, "-dhe1024dsa") == 0) {
468 dhe1024dsa = 1;
469 } else if (strcmp(*argv, "-no_dhe") == 0)
470 no_dhe = 1;
471 else if (strcmp(*argv, "-no_ecdhe") == 0)
472 no_ecdhe = 1;
473 else if (strcmp(*argv, "-dtls1") == 0)
474 dtls1 = 1;
475 else if (strcmp(*argv, "-tls1") == 0)
476 tls1 = 1;
477 else if (strcmp(*argv, "-tls1_2") == 0)
478 tls1_2 = 1;
479 else if (strncmp(*argv, "-num", 4) == 0) {
480 if (--argc < 1)
481 goto bad;
482 number = atoi(*(++argv));
483 if (number == 0)
484 number = 1;
485 } else if (strcmp(*argv, "-bytes") == 0) {
486 if (--argc < 1)
487 goto bad;
488 bytes = atol(*(++argv));
489 if (bytes == 0L)
490 bytes = 1L;
491 i = strlen(argv[0]);
492 if (argv[0][i - 1] == 'k')
493 bytes*=1024L;
494 if (argv[0][i - 1] == 'm')
495 bytes*=1024L*1024L;
496 } else if (strcmp(*argv, "-cert") == 0) {
497 if (--argc < 1)
498 goto bad;
499 server_cert= *(++argv);
500 } else if (strcmp(*argv, "-s_cert") == 0) {
501 if (--argc < 1)
502 goto bad;
503 server_cert= *(++argv);
504 } else if (strcmp(*argv, "-key") == 0) {
505 if (--argc < 1)
506 goto bad;
507 server_key= *(++argv);
508 } else if (strcmp(*argv, "-s_key") == 0) {
509 if (--argc < 1)
510 goto bad;
511 server_key= *(++argv);
512 } else if (strcmp(*argv, "-c_cert") == 0) {
513 if (--argc < 1)
514 goto bad;
515 client_cert= *(++argv);
516 } else if (strcmp(*argv, "-c_key") == 0) {
517 if (--argc < 1)
518 goto bad;
519 client_key= *(++argv);
520 } else if (strcmp(*argv, "-cipher") == 0) {
521 if (--argc < 1)
522 goto bad;
523 cipher= *(++argv);
524 } else if (strcmp(*argv, "-CApath") == 0) {
525 if (--argc < 1)
526 goto bad;
527 CApath= *(++argv);
528 } else if (strcmp(*argv, "-CAfile") == 0) {
529 if (--argc < 1)
530 goto bad;
531 CAfile= *(++argv);
532 } else if (strcmp(*argv, "-bio_pair") == 0) {
533 bio_pair = 1;
534 } else if (strcmp(*argv, "-f") == 0) {
535 force = 1;
536 } else if (strcmp(*argv, "-time") == 0) {
537 print_time = 1;
538 } else if (strcmp(*argv, "-named_curve") == 0) {
539 if (--argc < 1)
540 goto bad;
541 named_curve = *(++argv);
542 } else if (strcmp(*argv, "-app_verify") == 0) {
543 app_verify_arg.app_verify = 1;
544 } else if (strcmp(*argv, "-proxy") == 0) {
545 app_verify_arg.allow_proxy_certs = 1;
546 } else if (strcmp(*argv, "-alpn_client") == 0) {
547 if (--argc < 1)
548 goto bad;
549 alpn_client = *(++argv);
550 } else if (strcmp(*argv, "-alpn_server") == 0) {
551 if (--argc < 1)
552 goto bad;
553 alpn_server = *(++argv);
554 } else if (strcmp(*argv, "-alpn_expected") == 0) {
555 if (--argc < 1)
556 goto bad;
557 alpn_expected = *(++argv);
558 } else {
559 fprintf(stderr, "unknown option %s\n", *argv);
560 badop = 1;
561 break;
562 }
563 argc--;
564 argv++;
565 }
566 if (badop) {
567 bad:
568 sv_usage();
569 goto end;
570 }
571
572 if (!dtls1 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) {
573 fprintf(stderr,
574 "This case cannot work. Use -f to perform "
575 "the test anyway (and\n-d to see what happens), "
576 "or add one of -dtls1, -tls1, -tls1_2, -reuse\n"
577 "to avoid protocol mismatch.\n");
578 exit(1);
579 }
580
581 if (print_time) {
582 if (!bio_pair) {
583 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
584 bio_pair = 1;
585 }
586 if (number < 50 && !force)
587 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
588 }
589
590 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
591
592 SSL_library_init();
593 SSL_load_error_strings();
594
595 if (dtls1)
596 meth = DTLSv1_method();
597 else if (tls1)
598 meth = TLSv1_method();
599 else if (tls1_2)
600 meth = TLSv1_2_method();
601 else
602 meth = TLS_method();
603
604 c_ctx = SSL_CTX_new(meth);
605 s_ctx = SSL_CTX_new(meth);
606 if ((c_ctx == NULL) || (s_ctx == NULL)) {
607 ERR_print_errors(bio_err);
608 goto end;
609 }
610
611 if (cipher != NULL) {
612 SSL_CTX_set_cipher_list(c_ctx, cipher);
613 SSL_CTX_set_cipher_list(s_ctx, cipher);
614 }
615
616 if (!no_dhe) {
617 if (dhe1024dsa) {
618 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
619 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
620 dh = get_dh1024dsa();
621 } else
622 dh = get_dh1024();
623 SSL_CTX_set_tmp_dh(s_ctx, dh);
624 DH_free(dh);
625 }
626
627 if (!no_ecdhe) {
628 int nid;
629
630 if (named_curve != NULL) {
631 nid = OBJ_sn2nid(named_curve);
632 if (nid == 0) {
633 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
634 goto end;
635 }
636 } else
637 nid = NID_X9_62_prime256v1;
638
639 ecdh = EC_KEY_new_by_curve_name(nid);
640 if (ecdh == NULL) {
641 BIO_printf(bio_err, "unable to create curve\n");
642 goto end;
643 }
644
645 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
646 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
647 EC_KEY_free(ecdh);
648 }
649
650 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert,
651 SSL_FILETYPE_PEM)) {
652 ERR_print_errors(bio_err);
653 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
654 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) {
655 ERR_print_errors(bio_err);
656 goto end;
657 }
658
659 if (client_auth) {
660 SSL_CTX_use_certificate_file(c_ctx, client_cert,
661 SSL_FILETYPE_PEM);
662 SSL_CTX_use_PrivateKey_file(c_ctx,
663 (client_key ? client_key : client_cert),
664 SSL_FILETYPE_PEM);
665 }
666
667 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
668 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
669 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
670 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
671 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
672 ERR_print_errors(bio_err);
673 /* goto end; */
674 }
675
676 if (client_auth) {
677 BIO_printf(bio_err, "client authentication\n");
678 SSL_CTX_set_verify(s_ctx,
679 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
680 verify_callback);
681 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
682 &app_verify_arg);
683 }
684 if (server_auth) {
685 BIO_printf(bio_err, "server authentication\n");
686 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER,
687 verify_callback);
688 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
689 &app_verify_arg);
690 }
691
692 {
693 int session_id_context = 0;
694 SSL_CTX_set_session_id_context(s_ctx,
695 (void *)&session_id_context, sizeof(session_id_context));
696 }
697
698 if (alpn_server != NULL)
699 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
700
701 if (alpn_client != NULL) {
702 unsigned short alpn_len;
703 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
704
705 if (alpn == NULL) {
706 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
707 goto end;
708 }
709 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
710 free(alpn);
711 }
712
713 c_ssl = SSL_new(c_ctx);
714 s_ssl = SSL_new(s_ctx);
715
716 for (i = 0; i < number; i++) {
717 if (!reuse)
718 SSL_set_session(c_ssl, NULL);
719 if (bio_pair)
720 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time,
721 &c_time);
722 else
723 ret = doit(s_ssl, c_ssl, bytes);
724 }
725
726 if (!verbose) {
727 print_details(c_ssl, "");
728 }
729 if ((number > 1) || (bytes > 1L))
730 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",
731 number, bytes);
732 if (print_time) {
733 #ifdef CLOCKS_PER_SEC
734 /* "To determine the time in seconds, the value returned
735 * by the clock function should be divided by the value
736 * of the macro CLOCKS_PER_SEC."
737 * -- ISO/IEC 9899 */
738 BIO_printf(bio_stdout,
739 "Approximate total server time: %6.2f s\n"
740 "Approximate total client time: %6.2f s\n",
741 (double)s_time/CLOCKS_PER_SEC,
742 (double)c_time/CLOCKS_PER_SEC);
743 #else
744 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
745 * -- cc on NeXTstep/OpenStep */
746 BIO_printf(bio_stdout,
747 "Approximate total server time: %6.2f units\n"
748 "Approximate total client time: %6.2f units\n",
749 (double)s_time,
750 (double)c_time);
751 #endif
752 }
753
754 SSL_free(s_ssl);
755 SSL_free(c_ssl);
756
757 end:
758 SSL_CTX_free(s_ctx);
759 SSL_CTX_free(c_ctx);
760 BIO_free(bio_stdout);
761
762 #ifndef OPENSSL_NO_ENGINE
763 ENGINE_cleanup();
764 #endif
765 CRYPTO_cleanup_all_ex_data();
766 ERR_free_strings();
767 ERR_remove_thread_state(NULL);
768 EVP_cleanup();
769 CRYPTO_mem_leaks(bio_err);
770 BIO_free(bio_err);
771
772 exit(ret);
773 return ret;
774 }
775
776 int
doit_biopair(SSL * s_ssl,SSL * c_ssl,long count,clock_t * s_time,clock_t * c_time)777 doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time,
778 clock_t *c_time)
779 {
780 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
781 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
782 BIO *server = NULL, *server_io = NULL;
783 BIO *client = NULL, *client_io = NULL;
784 int ret = 1;
785
786 size_t bufsiz = 256; /* small buffer for testing */
787
788 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
789 goto err;
790 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
791 goto err;
792
793 s_ssl_bio = BIO_new(BIO_f_ssl());
794 if (!s_ssl_bio)
795 goto err;
796
797 c_ssl_bio = BIO_new(BIO_f_ssl());
798 if (!c_ssl_bio)
799 goto err;
800
801 SSL_set_connect_state(c_ssl);
802 SSL_set_bio(c_ssl, client, client);
803 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
804
805 SSL_set_accept_state(s_ssl);
806 SSL_set_bio(s_ssl, server, server);
807 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
808
809 do {
810 /* c_ssl_bio: SSL filter BIO
811 *
812 * client: pseudo-I/O for SSL library
813 *
814 * client_io: client's SSL communication; usually to be
815 * relayed over some I/O facility, but in this
816 * test program, we're the server, too:
817 *
818 * server_io: server's SSL communication
819 *
820 * server: pseudo-I/O for SSL library
821 *
822 * s_ssl_bio: SSL filter BIO
823 *
824 * The client and the server each employ a "BIO pair":
825 * client + client_io, server + server_io.
826 * BIO pairs are symmetric. A BIO pair behaves similar
827 * to a non-blocking socketpair (but both endpoints must
828 * be handled by the same thread).
829 * [Here we could connect client and server to the ends
830 * of a single BIO pair, but then this code would be less
831 * suitable as an example for BIO pairs in general.]
832 *
833 * Useful functions for querying the state of BIO pair endpoints:
834 *
835 * BIO_ctrl_pending(bio) number of bytes we can read now
836 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
837 * other side's read attempt
838 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
839 *
840 * ..._read_request is never more than ..._write_guarantee;
841 * it depends on the application which one you should use.
842 */
843
844 /* We have non-blocking behaviour throughout this test program, but
845 * can be sure that there is *some* progress in each iteration; so
846 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
847 * -- we just try everything in each iteration
848 */
849
850 {
851 /* CLIENT */
852
853 char cbuf[1024*8];
854 int i, r;
855 clock_t c_clock = clock();
856
857 memset(cbuf, 0, sizeof(cbuf));
858
859 if (debug)
860 if (SSL_in_init(c_ssl))
861 printf("client waiting in SSL_connect - %s\n",
862 SSL_state_string_long(c_ssl));
863
864 if (cw_num > 0) {
865 /* Write to server. */
866
867 if (cw_num > (long)sizeof cbuf)
868 i = sizeof cbuf;
869 else
870 i = (int)cw_num;
871 r = BIO_write(c_ssl_bio, cbuf, i);
872 if (r < 0) {
873 if (!BIO_should_retry(c_ssl_bio)) {
874 fprintf(stderr, "ERROR in CLIENT\n");
875 goto err;
876 }
877 /* BIO_should_retry(...) can just be ignored here.
878 * The library expects us to call BIO_write with
879 * the same arguments again, and that's what we will
880 * do in the next iteration. */
881 } else if (r == 0) {
882 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
883 goto err;
884 } else {
885 if (debug)
886 printf("client wrote %d\n", r);
887 cw_num -= r;
888
889 }
890 }
891
892 if (cr_num > 0) {
893 /* Read from server. */
894
895 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
896 if (r < 0) {
897 if (!BIO_should_retry(c_ssl_bio)) {
898 fprintf(stderr, "ERROR in CLIENT\n");
899 goto err;
900 }
901 /* Again, "BIO_should_retry" can be ignored. */
902 } else if (r == 0) {
903 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
904 goto err;
905 } else {
906 if (debug)
907 printf("client read %d\n", r);
908 cr_num -= r;
909 }
910 }
911
912 /* c_time and s_time increments will typically be very small
913 * (depending on machine speed and clock tick intervals),
914 * but sampling over a large number of connections should
915 * result in fairly accurate figures. We cannot guarantee
916 * a lot, however -- if each connection lasts for exactly
917 * one clock tick, it will be counted only for the client
918 * or only for the server or even not at all.
919 */
920 *c_time += (clock() - c_clock);
921 }
922
923 {
924 /* SERVER */
925
926 char sbuf[1024*8];
927 int i, r;
928 clock_t s_clock = clock();
929
930 memset(sbuf, 0, sizeof(sbuf));
931
932 if (debug)
933 if (SSL_in_init(s_ssl))
934 printf("server waiting in SSL_accept - %s\n",
935 SSL_state_string_long(s_ssl));
936
937 if (sw_num > 0) {
938 /* Write to client. */
939
940 if (sw_num > (long)sizeof sbuf)
941 i = sizeof sbuf;
942 else
943 i = (int)sw_num;
944 r = BIO_write(s_ssl_bio, sbuf, i);
945 if (r < 0) {
946 if (!BIO_should_retry(s_ssl_bio)) {
947 fprintf(stderr, "ERROR in SERVER\n");
948 goto err;
949 }
950 /* Ignore "BIO_should_retry". */
951 } else if (r == 0) {
952 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
953 goto err;
954 } else {
955 if (debug)
956 printf("server wrote %d\n", r);
957 sw_num -= r;
958
959 }
960 }
961
962 if (sr_num > 0) {
963 /* Read from client. */
964
965 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
966 if (r < 0) {
967 if (!BIO_should_retry(s_ssl_bio)) {
968 fprintf(stderr, "ERROR in SERVER\n");
969 goto err;
970 }
971 /* blah, blah */
972 } else if (r == 0) {
973 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
974 goto err;
975 } else {
976 if (debug)
977 printf("server read %d\n", r);
978 sr_num -= r;
979 }
980 }
981
982 *s_time += (clock() - s_clock);
983 }
984
985 {
986 /* "I/O" BETWEEN CLIENT AND SERVER. */
987
988 size_t r1, r2;
989 BIO *io1 = server_io, *io2 = client_io;
990 /* we use the non-copying interface for io1
991 * and the standard BIO_write/BIO_read interface for io2
992 */
993
994 static int prev_progress = 1;
995 int progress = 0;
996
997 /* io1 to io2 */
998 do {
999 size_t num;
1000 int r;
1001
1002 r1 = BIO_ctrl_pending(io1);
1003 r2 = BIO_ctrl_get_write_guarantee(io2);
1004
1005 num = r1;
1006 if (r2 < num)
1007 num = r2;
1008 if (num) {
1009 char *dataptr;
1010
1011 if (INT_MAX < num) /* yeah, right */
1012 num = INT_MAX;
1013
1014 r = BIO_nread(io1, &dataptr, (int)num);
1015 assert(r > 0);
1016 assert(r <= (int)num);
1017 /* possibly r < num (non-contiguous data) */
1018 num = r;
1019 r = BIO_write(io2, dataptr, (int)num);
1020 if (r != (int)num) /* can't happen */
1021 {
1022 fprintf(stderr, "ERROR: BIO_write could not write "
1023 "BIO_ctrl_get_write_guarantee() bytes");
1024 goto err;
1025 }
1026 progress = 1;
1027
1028 if (debug)
1029 printf((io1 == client_io) ?
1030 "C->S relaying: %d bytes\n" :
1031 "S->C relaying: %d bytes\n",
1032 (int)num);
1033 }
1034 } while (r1 && r2);
1035
1036 /* io2 to io1 */
1037 {
1038 size_t num;
1039 int r;
1040
1041 r1 = BIO_ctrl_pending(io2);
1042 r2 = BIO_ctrl_get_read_request(io1);
1043 /* here we could use ..._get_write_guarantee instead of
1044 * ..._get_read_request, but by using the latter
1045 * we test restartability of the SSL implementation
1046 * more thoroughly */
1047 num = r1;
1048 if (r2 < num)
1049 num = r2;
1050 if (num) {
1051 char *dataptr;
1052
1053 if (INT_MAX < num)
1054 num = INT_MAX;
1055
1056 if (num > 1)
1057 --num; /* test restartability even more thoroughly */
1058
1059 r = BIO_nwrite0(io1, &dataptr);
1060 assert(r > 0);
1061 if (r < (int)num)
1062 num = r;
1063 r = BIO_read(io2, dataptr, (int)num);
1064 if (r != (int)num) /* can't happen */
1065 {
1066 fprintf(stderr, "ERROR: BIO_read could not read "
1067 "BIO_ctrl_pending() bytes");
1068 goto err;
1069 }
1070 progress = 1;
1071 r = BIO_nwrite(io1, &dataptr, (int)num);
1072 if (r != (int)num) /* can't happen */
1073 {
1074 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
1075 "BIO_nwrite0() bytes");
1076 goto err;
1077 }
1078
1079 if (debug)
1080 printf((io2 == client_io) ?
1081 "C->S relaying: %d bytes\n" :
1082 "S->C relaying: %d bytes\n",
1083 (int)num);
1084 }
1085 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
1086
1087 if (!progress && !prev_progress) {
1088 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
1089 fprintf(stderr, "ERROR: got stuck\n");
1090 goto err;
1091 }
1092 }
1093 prev_progress = progress;
1094 }
1095 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
1096
1097 if (verbose)
1098 print_details(c_ssl, "DONE via BIO pair: ");
1099
1100 if (verify_alpn(c_ssl, s_ssl) < 0) {
1101 ret = 1;
1102 goto err;
1103 }
1104
1105 ret = 0;
1106
1107 err:
1108 ERR_print_errors(bio_err);
1109
1110 BIO_free(server);
1111 BIO_free(server_io);
1112 BIO_free(client);
1113 BIO_free(client_io);
1114 BIO_free(s_ssl_bio);
1115 BIO_free(c_ssl_bio);
1116
1117 return ret;
1118 }
1119
1120
1121 #define W_READ 1
1122 #define W_WRITE 2
1123 #define C_DONE 1
1124 #define S_DONE 2
1125
1126 int
doit(SSL * s_ssl,SSL * c_ssl,long count)1127 doit(SSL *s_ssl, SSL *c_ssl, long count)
1128 {
1129 char cbuf[1024*8], sbuf[1024*8];
1130 long cw_num = count, cr_num = count;
1131 long sw_num = count, sr_num = count;
1132 int ret = 1;
1133 BIO *c_to_s = NULL;
1134 BIO *s_to_c = NULL;
1135 BIO *c_bio = NULL;
1136 BIO *s_bio = NULL;
1137 int c_r, c_w, s_r, s_w;
1138 int i, j;
1139 int done = 0;
1140 int c_write, s_write;
1141 int do_server = 0, do_client = 0;
1142
1143 memset(cbuf, 0, sizeof(cbuf));
1144 memset(sbuf, 0, sizeof(sbuf));
1145
1146 c_to_s = BIO_new(BIO_s_mem());
1147 s_to_c = BIO_new(BIO_s_mem());
1148 if ((s_to_c == NULL) || (c_to_s == NULL)) {
1149 ERR_print_errors(bio_err);
1150 goto err;
1151 }
1152
1153 c_bio = BIO_new(BIO_f_ssl());
1154 s_bio = BIO_new(BIO_f_ssl());
1155 if ((c_bio == NULL) || (s_bio == NULL)) {
1156 ERR_print_errors(bio_err);
1157 goto err;
1158 }
1159
1160 SSL_set_connect_state(c_ssl);
1161 SSL_set_bio(c_ssl, s_to_c, c_to_s);
1162 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
1163
1164 SSL_set_accept_state(s_ssl);
1165 SSL_set_bio(s_ssl, c_to_s, s_to_c);
1166 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
1167
1168 c_r = 0;
1169 s_r = 1;
1170 c_w = 1;
1171 s_w = 0;
1172 c_write = 1, s_write = 0;
1173
1174 /* We can always do writes */
1175 for (;;) {
1176 do_server = 0;
1177 do_client = 0;
1178
1179 i = (int)BIO_pending(s_bio);
1180 if ((i && s_r) || s_w)
1181 do_server = 1;
1182
1183 i = (int)BIO_pending(c_bio);
1184 if ((i && c_r) || c_w)
1185 do_client = 1;
1186
1187 if (do_server && debug) {
1188 if (SSL_in_init(s_ssl))
1189 printf("server waiting in SSL_accept - %s\n",
1190 SSL_state_string_long(s_ssl));
1191 }
1192
1193 if (do_client && debug) {
1194 if (SSL_in_init(c_ssl))
1195 printf("client waiting in SSL_connect - %s\n",
1196 SSL_state_string_long(c_ssl));
1197 }
1198
1199 if (!do_client && !do_server) {
1200 fprintf(stdout, "ERROR in STARTUP\n");
1201 ERR_print_errors(bio_err);
1202 goto err;
1203 }
1204
1205 if (do_client && !(done & C_DONE)) {
1206 if (c_write) {
1207 j = (cw_num > (long)sizeof(cbuf)) ?
1208 (int)sizeof(cbuf) : (int)cw_num;
1209 i = BIO_write(c_bio, cbuf, j);
1210 if (i < 0) {
1211 c_r = 0;
1212 c_w = 0;
1213 if (BIO_should_retry(c_bio)) {
1214 if (BIO_should_read(c_bio))
1215 c_r = 1;
1216 if (BIO_should_write(c_bio))
1217 c_w = 1;
1218 } else {
1219 fprintf(stderr, "ERROR in CLIENT\n");
1220 ERR_print_errors(bio_err);
1221 goto err;
1222 }
1223 } else if (i == 0) {
1224 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1225 goto err;
1226 } else {
1227 if (debug)
1228 printf("client wrote %d\n", i);
1229 /* ok */
1230 s_r = 1;
1231 c_write = 0;
1232 cw_num -= i;
1233 }
1234 } else {
1235 i = BIO_read(c_bio, cbuf, sizeof(cbuf));
1236 if (i < 0) {
1237 c_r = 0;
1238 c_w = 0;
1239 if (BIO_should_retry(c_bio)) {
1240 if (BIO_should_read(c_bio))
1241 c_r = 1;
1242 if (BIO_should_write(c_bio))
1243 c_w = 1;
1244 } else {
1245 fprintf(stderr, "ERROR in CLIENT\n");
1246 ERR_print_errors(bio_err);
1247 goto err;
1248 }
1249 } else if (i == 0) {
1250 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1251 goto err;
1252 } else {
1253 if (debug)
1254 printf("client read %d\n", i);
1255 cr_num -= i;
1256 if (sw_num > 0) {
1257 s_write = 1;
1258 s_w = 1;
1259 }
1260 if (cr_num <= 0) {
1261 s_write = 1;
1262 s_w = 1;
1263 done = S_DONE|C_DONE;
1264 }
1265 }
1266 }
1267 }
1268
1269 if (do_server && !(done & S_DONE)) {
1270 if (!s_write) {
1271 i = BIO_read(s_bio, sbuf, sizeof(cbuf));
1272 if (i < 0) {
1273 s_r = 0;
1274 s_w = 0;
1275 if (BIO_should_retry(s_bio)) {
1276 if (BIO_should_read(s_bio))
1277 s_r = 1;
1278 if (BIO_should_write(s_bio))
1279 s_w = 1;
1280 } else {
1281 fprintf(stderr, "ERROR in SERVER\n");
1282 ERR_print_errors(bio_err);
1283 goto err;
1284 }
1285 } else if (i == 0) {
1286 ERR_print_errors(bio_err);
1287 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n");
1288 goto err;
1289 } else {
1290 if (debug)
1291 printf("server read %d\n", i);
1292 sr_num -= i;
1293 if (cw_num > 0) {
1294 c_write = 1;
1295 c_w = 1;
1296 }
1297 if (sr_num <= 0) {
1298 s_write = 1;
1299 s_w = 1;
1300 c_write = 0;
1301 }
1302 }
1303 } else {
1304 j = (sw_num > (long)sizeof(sbuf)) ?
1305 (int)sizeof(sbuf) : (int)sw_num;
1306 i = BIO_write(s_bio, sbuf, j);
1307 if (i < 0) {
1308 s_r = 0;
1309 s_w = 0;
1310 if (BIO_should_retry(s_bio)) {
1311 if (BIO_should_read(s_bio))
1312 s_r = 1;
1313 if (BIO_should_write(s_bio))
1314 s_w = 1;
1315 } else {
1316 fprintf(stderr, "ERROR in SERVER\n");
1317 ERR_print_errors(bio_err);
1318 goto err;
1319 }
1320 } else if (i == 0) {
1321 ERR_print_errors(bio_err);
1322 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n");
1323 goto err;
1324 } else {
1325 if (debug)
1326 printf("server wrote %d\n", i);
1327 sw_num -= i;
1328 s_write = 0;
1329 c_r = 1;
1330 if (sw_num <= 0)
1331 done |= S_DONE;
1332 }
1333 }
1334 }
1335
1336 if ((done & S_DONE) && (done & C_DONE))
1337 break;
1338 }
1339
1340 if (verbose)
1341 print_details(c_ssl, "DONE: ");
1342
1343 if (verify_alpn(c_ssl, s_ssl) < 0) {
1344 ret = 1;
1345 goto err;
1346 }
1347
1348 ret = 0;
1349 err:
1350 /* We have to set the BIO's to NULL otherwise they will be
1351 * free()ed twice. Once when th s_ssl is SSL_free()ed and
1352 * again when c_ssl is SSL_free()ed.
1353 * This is a hack required because s_ssl and c_ssl are sharing the same
1354 * BIO structure and SSL_set_bio() and SSL_free() automatically
1355 * BIO_free non NULL entries.
1356 * You should not normally do this or be required to do this */
1357 if (s_ssl != NULL) {
1358 s_ssl->rbio = NULL;
1359 s_ssl->wbio = NULL;
1360 }
1361 if (c_ssl != NULL) {
1362 c_ssl->rbio = NULL;
1363 c_ssl->wbio = NULL;
1364 }
1365
1366 BIO_free(c_to_s);
1367 BIO_free(s_to_c);
1368 BIO_free_all(c_bio);
1369 BIO_free_all(s_bio);
1370
1371 return (ret);
1372 }
1373
1374 static int
get_proxy_auth_ex_data_idx(void)1375 get_proxy_auth_ex_data_idx(void)
1376 {
1377 static volatile int idx = -1;
1378 if (idx < 0) {
1379 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
1380 if (idx < 0) {
1381 idx = X509_STORE_CTX_get_ex_new_index(0,
1382 "SSLtest for verify callback", NULL, NULL, NULL);
1383 }
1384 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
1385 }
1386 return idx;
1387 }
1388
1389 static int
verify_callback(int ok,X509_STORE_CTX * ctx)1390 verify_callback(int ok, X509_STORE_CTX *ctx)
1391 {
1392 char *s, buf[256];
1393
1394 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
1395 sizeof buf);
1396 if (s != NULL) {
1397 if (ok)
1398 fprintf(stderr, "depth=%d %s\n",
1399 ctx->error_depth, buf);
1400 else {
1401 fprintf(stderr, "depth=%d error=%d %s\n",
1402 ctx->error_depth, ctx->error, buf);
1403 }
1404 }
1405
1406 if (ok == 0) {
1407 fprintf(stderr, "Error string: %s\n",
1408 X509_verify_cert_error_string(ctx->error));
1409 switch (ctx->error) {
1410 case X509_V_ERR_CERT_NOT_YET_VALID:
1411 case X509_V_ERR_CERT_HAS_EXPIRED:
1412 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
1413 fprintf(stderr, " ... ignored.\n");
1414 ok = 1;
1415 }
1416 }
1417
1418 if (ok == 1) {
1419 X509 *xs = ctx->current_cert;
1420 #if 0
1421 X509 *xi = ctx->current_issuer;
1422 #endif
1423
1424 if (xs->ex_flags & EXFLAG_PROXY) {
1425 unsigned int *letters =
1426 X509_STORE_CTX_get_ex_data(ctx,
1427 get_proxy_auth_ex_data_idx());
1428
1429 if (letters) {
1430 int found_any = 0;
1431 int i;
1432 PROXY_CERT_INFO_EXTENSION *pci =
1433 X509_get_ext_d2i(xs, NID_proxyCertInfo,
1434 NULL, NULL);
1435
1436 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
1437 case NID_Independent:
1438 /* Completely meaningless in this
1439 program, as there's no way to
1440 grant explicit rights to a
1441 specific PrC. Basically, using
1442 id-ppl-Independent is the perfect
1443 way to grant no rights at all. */
1444 fprintf(stderr, " Independent proxy certificate");
1445 for (i = 0; i < 26; i++)
1446 letters[i] = 0;
1447 break;
1448 case NID_id_ppl_inheritAll:
1449 /* This is basically a NOP, we
1450 simply let the current rights
1451 stand as they are. */
1452 fprintf(stderr, " Proxy certificate inherits all");
1453 break;
1454 default:
1455 s = (char *)
1456 pci->proxyPolicy->policy->data;
1457 i = pci->proxyPolicy->policy->length;
1458
1459 /* The algorithm works as follows:
1460 it is assumed that previous
1461 iterations or the initial granted
1462 rights has already set some elements
1463 of `letters'. What we need to do is
1464 to clear those that weren't granted
1465 by the current PrC as well. The
1466 easiest way to do this is to add 1
1467 to all the elements whose letters
1468 are given with the current policy.
1469 That way, all elements that are set
1470 by the current policy and were
1471 already set by earlier policies and
1472 through the original grant of rights
1473 will get the value 2 or higher.
1474 The last thing to do is to sweep
1475 through `letters' and keep the
1476 elements having the value 2 as set,
1477 and clear all the others. */
1478
1479 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
1480 while (i-- > 0) {
1481 int c = *s++;
1482 if (isascii(c) && isalpha(c)) {
1483 if (islower(c))
1484 c = toupper(c);
1485 letters[c - 'A']++;
1486 }
1487 }
1488 for (i = 0; i < 26; i++)
1489 if (letters[i] < 2)
1490 letters[i] = 0;
1491 else
1492 letters[i] = 1;
1493 }
1494
1495 found_any = 0;
1496 fprintf(stderr, ", resulting proxy rights = ");
1497 for (i = 0; i < 26; i++)
1498 if (letters[i]) {
1499 fprintf(stderr, "%c", i + 'A');
1500 found_any = 1;
1501 }
1502 if (!found_any)
1503 fprintf(stderr, "none");
1504 fprintf(stderr, "\n");
1505
1506 PROXY_CERT_INFO_EXTENSION_free(pci);
1507 }
1508 }
1509 }
1510
1511 return (ok);
1512 }
1513
1514 static void
process_proxy_debug(int indent,const char * format,...)1515 process_proxy_debug(int indent, const char *format, ...)
1516 {
1517 static const char indentation[] =
1518 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
1519 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
1520 char my_format[256];
1521 va_list args;
1522
1523 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s",
1524 indent, indent, indentation, format);
1525
1526 va_start(args, format);
1527 vfprintf(stderr, my_format, args);
1528 va_end(args);
1529 }
1530 /* Priority levels:
1531 0 [!]var, ()
1532 1 & ^
1533 2 |
1534 */
1535 static int process_proxy_cond_adders(unsigned int letters[26],
1536 const char *cond, const char **cond_end, int *pos, int indent);
1537
1538 static int
process_proxy_cond_val(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)1539 process_proxy_cond_val(unsigned int letters[26], const char *cond,
1540 const char **cond_end, int *pos, int indent)
1541 {
1542 int c;
1543 int ok = 1;
1544 int negate = 0;
1545
1546 while (isspace((int)*cond)) {
1547 cond++;
1548 (*pos)++;
1549 }
1550 c = *cond;
1551
1552 if (debug)
1553 process_proxy_debug(indent,
1554 "Start process_proxy_cond_val at position %d: %s\n",
1555 *pos, cond);
1556
1557 while (c == '!') {
1558 negate = !negate;
1559 cond++;
1560 (*pos)++;
1561 while (isspace((int)*cond)) {
1562 cond++;
1563 (*pos)++;
1564 }
1565 c = *cond;
1566 }
1567
1568 if (c == '(') {
1569 cond++;
1570 (*pos)++;
1571 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
1572 indent + 1);
1573 cond = *cond_end;
1574 if (ok < 0)
1575 goto end;
1576 while (isspace((int)*cond)) {
1577 cond++;
1578 (*pos)++;
1579 }
1580 c = *cond;
1581 if (c != ')') {
1582 fprintf(stderr,
1583 "Weird condition character in position %d: "
1584 "%c\n", *pos, c);
1585 ok = -1;
1586 goto end;
1587 }
1588 cond++;
1589 (*pos)++;
1590 } else if (isascii(c) && isalpha(c)) {
1591 if (islower(c))
1592 c = toupper(c);
1593 ok = letters[c - 'A'];
1594 cond++;
1595 (*pos)++;
1596 } else {
1597 fprintf(stderr,
1598 "Weird condition character in position %d: "
1599 "%c\n", *pos, c);
1600 ok = -1;
1601 goto end;
1602 }
1603 end:
1604 *cond_end = cond;
1605 if (ok >= 0 && negate)
1606 ok = !ok;
1607
1608 if (debug)
1609 process_proxy_debug(indent,
1610 "End process_proxy_cond_val at position %d: %s, returning %d\n",
1611 *pos, cond, ok);
1612
1613 return ok;
1614 }
1615
1616 static int
process_proxy_cond_multipliers(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)1617 process_proxy_cond_multipliers(unsigned int letters[26], const char *cond,
1618 const char **cond_end, int *pos, int indent)
1619 {
1620 int ok;
1621 char c;
1622
1623 if (debug)
1624 process_proxy_debug(indent,
1625 "Start process_proxy_cond_multipliers at position %d: %s\n",
1626 *pos, cond);
1627
1628 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
1629 cond = *cond_end;
1630 if (ok < 0)
1631 goto end;
1632
1633 while (ok >= 0) {
1634 while (isspace((int)*cond)) {
1635 cond++;
1636 (*pos)++;
1637 }
1638 c = *cond;
1639
1640 switch (c) {
1641 case '&':
1642 case '^':
1643 {
1644 int save_ok = ok;
1645
1646 cond++;
1647 (*pos)++;
1648 ok = process_proxy_cond_val(letters,
1649 cond, cond_end, pos, indent + 1);
1650 cond = *cond_end;
1651 if (ok < 0)
1652 break;
1653
1654 switch (c) {
1655 case '&':
1656 ok &= save_ok;
1657 break;
1658 case '^':
1659 ok ^= save_ok;
1660 break;
1661 default:
1662 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
1663 " STOPPING\n");
1664 exit(1);
1665 }
1666 }
1667 break;
1668 default:
1669 goto end;
1670 }
1671 }
1672 end:
1673 if (debug)
1674 process_proxy_debug(indent,
1675 "End process_proxy_cond_multipliers at position %d: %s, "
1676 "returning %d\n",
1677 *pos, cond, ok);
1678
1679 *cond_end = cond;
1680 return ok;
1681 }
1682
1683 static int
process_proxy_cond_adders(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)1684 process_proxy_cond_adders(unsigned int letters[26], const char *cond,
1685 const char **cond_end, int *pos, int indent)
1686 {
1687 int ok;
1688 char c;
1689
1690 if (debug)
1691 process_proxy_debug(indent,
1692 "Start process_proxy_cond_adders at position %d: %s\n",
1693 *pos, cond);
1694
1695 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
1696 indent + 1);
1697 cond = *cond_end;
1698 if (ok < 0)
1699 goto end;
1700
1701 while (ok >= 0) {
1702 while (isspace((int)*cond)) {
1703 cond++;
1704 (*pos)++;
1705 }
1706 c = *cond;
1707
1708 switch (c) {
1709 case '|':
1710 {
1711 int save_ok = ok;
1712
1713 cond++;
1714 (*pos)++;
1715 ok = process_proxy_cond_multipliers(letters,
1716 cond, cond_end, pos, indent + 1);
1717 cond = *cond_end;
1718 if (ok < 0)
1719 break;
1720
1721 switch (c) {
1722 case '|':
1723 ok |= save_ok;
1724 break;
1725 default:
1726 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
1727 " STOPPING\n");
1728 exit(1);
1729 }
1730 }
1731 break;
1732 default:
1733 goto end;
1734 }
1735 }
1736 end:
1737 if (debug)
1738 process_proxy_debug(indent,
1739 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
1740 *pos, cond, ok);
1741
1742 *cond_end = cond;
1743 return ok;
1744 }
1745
1746 static int
process_proxy_cond(unsigned int letters[26],const char * cond,const char ** cond_end)1747 process_proxy_cond(unsigned int letters[26], const char *cond,
1748 const char **cond_end)
1749 {
1750 int pos = 1;
1751 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
1752 }
1753
1754 static int
app_verify_callback(X509_STORE_CTX * ctx,void * arg)1755 app_verify_callback(X509_STORE_CTX *ctx, void *arg)
1756 {
1757 int ok = 1;
1758 struct app_verify_arg *cb_arg = arg;
1759 unsigned int letters[26]; /* only used with proxy_auth */
1760
1761 if (cb_arg->app_verify) {
1762 char *s = NULL, buf[256];
1763
1764 fprintf(stderr, "In app_verify_callback, allowing cert. ");
1765 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
1766 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
1767 (void *)ctx, (void *)ctx->cert);
1768 if (ctx->cert)
1769 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
1770 if (s != NULL) {
1771 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
1772 }
1773 return (1);
1774 }
1775 if (cb_arg->proxy_auth) {
1776 int found_any = 0, i;
1777 char *sp;
1778
1779 for (i = 0; i < 26; i++)
1780 letters[i] = 0;
1781 for (sp = cb_arg->proxy_auth; *sp; sp++) {
1782 int c = *sp;
1783 if (isascii(c) && isalpha(c)) {
1784 if (islower(c))
1785 c = toupper(c);
1786 letters[c - 'A'] = 1;
1787 }
1788 }
1789
1790 fprintf(stderr, " Initial proxy rights = ");
1791 for (i = 0; i < 26; i++)
1792 if (letters[i]) {
1793 fprintf(stderr, "%c", i + 'A');
1794 found_any = 1;
1795 }
1796 if (!found_any)
1797 fprintf(stderr, "none");
1798 fprintf(stderr, "\n");
1799
1800 X509_STORE_CTX_set_ex_data(ctx,
1801 get_proxy_auth_ex_data_idx(), letters);
1802 }
1803 if (cb_arg->allow_proxy_certs) {
1804 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
1805 }
1806
1807 ok = X509_verify_cert(ctx);
1808
1809 if (cb_arg->proxy_auth) {
1810 if (ok > 0) {
1811 const char *cond_end = NULL;
1812
1813 ok = process_proxy_cond(letters,
1814 cb_arg->proxy_cond, &cond_end);
1815
1816 if (ok < 0)
1817 exit(3);
1818 if (*cond_end) {
1819 fprintf(stderr, "Stopped processing condition before it's end.\n");
1820 ok = 0;
1821 }
1822 if (!ok)
1823 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
1824 cb_arg->proxy_cond);
1825 else
1826 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
1827 cb_arg->proxy_cond);
1828 }
1829 }
1830 return (ok);
1831 }
1832
1833 /* These DH parameters have been generated as follows:
1834 * $ openssl dhparam -C -noout 1024
1835 * $ openssl dhparam -C -noout -dsaparam 1024
1836 * (The second function has been renamed to avoid name conflicts.)
1837 */
1838 static DH *
get_dh1024()1839 get_dh1024()
1840 {
1841 static unsigned char dh1024_p[] = {
1842 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A,
1843 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2,
1844 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0,
1845 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2,
1846 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C,
1847 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8,
1848 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52,
1849 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1,
1850 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1,
1851 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB,
1852 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
1853 };
1854 static unsigned char dh1024_g[] = {
1855 0x02,
1856 };
1857 DH *dh;
1858
1859 if ((dh = DH_new()) == NULL)
1860 return (NULL);
1861 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
1862 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
1863 if ((dh->p == NULL) || (dh->g == NULL)) {
1864 DH_free(dh);
1865 return (NULL);
1866 }
1867 return (dh);
1868 }
1869
1870 static DH *
get_dh1024dsa()1871 get_dh1024dsa()
1872 {
1873 static unsigned char dh1024_p[] = {
1874 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00,
1875 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19,
1876 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2,
1877 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55,
1878 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC,
1879 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97,
1880 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D,
1881 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB,
1882 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6,
1883 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E,
1884 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
1885 };
1886 static unsigned char dh1024_g[] = {
1887 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05,
1888 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3,
1889 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9,
1890 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C,
1891 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65,
1892 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60,
1893 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6,
1894 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7,
1895 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1,
1896 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60,
1897 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
1898 };
1899 DH *dh;
1900
1901 if ((dh = DH_new()) == NULL)
1902 return (NULL);
1903 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
1904 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
1905 if ((dh->p == NULL) || (dh->g == NULL)) {
1906 DH_free(dh);
1907 return (NULL);
1908 }
1909 dh->length = 160;
1910 return (dh);
1911 }
1912