1 /* $OpenBSD: ca.c,v 1.36 2019/09/21 07:46:53 semarie Exp $ */ 2 3 /* 4 * Copyright (c) 2014 Reyk Floeter <reyk@openbsd.org> 5 * Copyright (c) 2012 Gilles Chehade <gilles@poolp.org> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/types.h> 21 #include <sys/queue.h> 22 #include <sys/socket.h> 23 #include <sys/tree.h> 24 25 #include <err.h> 26 #include <imsg.h> 27 #include <limits.h> 28 #include <pwd.h> 29 #include <signal.h> 30 #include <stdlib.h> 31 #include <string.h> 32 #include <unistd.h> 33 34 #include <openssl/ssl.h> 35 #include <openssl/pem.h> 36 #include <openssl/evp.h> 37 #include <openssl/ecdsa.h> 38 #include <openssl/rsa.h> 39 #include <openssl/engine.h> 40 #include <openssl/err.h> 41 42 #include "smtpd.h" 43 #include "log.h" 44 #include "ssl.h" 45 46 static int ca_verify_cb(int, X509_STORE_CTX *); 47 48 static int rsae_send_imsg(int, const unsigned char *, unsigned char *, 49 RSA *, int, unsigned int); 50 static int rsae_pub_enc(int, const unsigned char *, unsigned char *, 51 RSA *, int); 52 static int rsae_pub_dec(int,const unsigned char *, unsigned char *, 53 RSA *, int); 54 static int rsae_priv_enc(int, const unsigned char *, unsigned char *, 55 RSA *, int); 56 static int rsae_priv_dec(int, const unsigned char *, unsigned char *, 57 RSA *, int); 58 static int rsae_mod_exp(BIGNUM *, const BIGNUM *, RSA *, BN_CTX *); 59 static int rsae_bn_mod_exp(BIGNUM *, const BIGNUM *, const BIGNUM *, 60 const BIGNUM *, BN_CTX *, BN_MONT_CTX *); 61 static int rsae_init(RSA *); 62 static int rsae_finish(RSA *); 63 static int rsae_keygen(RSA *, int, BIGNUM *, BN_GENCB *); 64 65 static ECDSA_SIG *ecdsae_do_sign(const unsigned char *, int, const BIGNUM *, 66 const BIGNUM *, EC_KEY *); 67 static int ecdsae_sign_setup(EC_KEY *, BN_CTX *, BIGNUM **, BIGNUM **); 68 static int ecdsae_do_verify(const unsigned char *, int, const ECDSA_SIG *, 69 EC_KEY *); 70 71 72 static uint64_t reqid = 0; 73 74 static void 75 ca_shutdown(void) 76 { 77 log_debug("debug: ca agent exiting"); 78 _exit(0); 79 } 80 81 int 82 ca(void) 83 { 84 struct passwd *pw; 85 86 purge_config(PURGE_LISTENERS|PURGE_TABLES|PURGE_RULES|PURGE_DISPATCHERS); 87 88 if ((pw = getpwnam(SMTPD_USER)) == NULL) 89 fatalx("unknown user " SMTPD_USER); 90 91 if (chroot(PATH_CHROOT) == -1) 92 fatal("ca: chroot"); 93 if (chdir("/") == -1) 94 fatal("ca: chdir(\"/\")"); 95 96 config_process(PROC_CA); 97 98 if (setgroups(1, &pw->pw_gid) || 99 setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || 100 setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) 101 fatal("ca: cannot drop privileges"); 102 103 imsg_callback = ca_imsg; 104 event_init(); 105 106 signal(SIGINT, SIG_IGN); 107 signal(SIGTERM, SIG_IGN); 108 signal(SIGPIPE, SIG_IGN); 109 signal(SIGHUP, SIG_IGN); 110 111 config_peer(PROC_CONTROL); 112 config_peer(PROC_PARENT); 113 config_peer(PROC_PONY); 114 115 /* Ignore them until we get our config */ 116 mproc_disable(p_pony); 117 118 if (pledge("stdio", NULL) == -1) 119 err(1, "pledge"); 120 121 event_dispatch(); 122 fatalx("exited event loop"); 123 124 return (0); 125 } 126 127 void 128 ca_init(void) 129 { 130 BIO *in = NULL; 131 EVP_PKEY *pkey = NULL; 132 struct pki *pki; 133 const char *k; 134 void *iter_dict; 135 136 log_debug("debug: init private ssl-tree"); 137 iter_dict = NULL; 138 while (dict_iter(env->sc_pki_dict, &iter_dict, &k, (void **)&pki)) { 139 if (pki->pki_key == NULL) 140 continue; 141 142 if ((in = BIO_new_mem_buf(pki->pki_key, 143 pki->pki_key_len)) == NULL) 144 fatalx("ca_launch: key"); 145 146 if ((pkey = PEM_read_bio_PrivateKey(in, 147 NULL, NULL, NULL)) == NULL) 148 fatalx("ca_launch: PEM"); 149 BIO_free(in); 150 151 pki->pki_pkey = pkey; 152 153 freezero(pki->pki_key, pki->pki_key_len); 154 pki->pki_key = NULL; 155 } 156 } 157 158 static int 159 ca_verify_cb(int ok, X509_STORE_CTX *ctx) 160 { 161 switch (X509_STORE_CTX_get_error(ctx)) { 162 case X509_V_OK: 163 break; 164 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: 165 break; 166 case X509_V_ERR_CERT_NOT_YET_VALID: 167 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: 168 break; 169 case X509_V_ERR_CERT_HAS_EXPIRED: 170 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: 171 break; 172 case X509_V_ERR_NO_EXPLICIT_POLICY: 173 break; 174 } 175 return ok; 176 } 177 178 int 179 ca_X509_verify(void *certificate, void *chain, const char *CAfile, 180 const char *CRLfile, const char **errstr) 181 { 182 X509_STORE *store = NULL; 183 X509_STORE_CTX *xsc = NULL; 184 int ret = 0; 185 long error = 0; 186 187 if ((store = X509_STORE_new()) == NULL) 188 goto end; 189 190 if (!X509_STORE_load_locations(store, CAfile, NULL)) { 191 log_warn("warn: unable to load CA file %s", CAfile); 192 goto end; 193 } 194 X509_STORE_set_default_paths(store); 195 196 if ((xsc = X509_STORE_CTX_new()) == NULL) 197 goto end; 198 199 if (X509_STORE_CTX_init(xsc, store, certificate, chain) != 1) 200 goto end; 201 202 X509_STORE_CTX_set_verify_cb(xsc, ca_verify_cb); 203 204 ret = X509_verify_cert(xsc); 205 206 end: 207 *errstr = NULL; 208 if (ret != 1) { 209 if (xsc) { 210 error = X509_STORE_CTX_get_error(xsc); 211 *errstr = X509_verify_cert_error_string(error); 212 } 213 else if (ERR_peek_last_error()) 214 *errstr = ERR_error_string(ERR_peek_last_error(), NULL); 215 } 216 217 X509_STORE_CTX_free(xsc); 218 X509_STORE_free(store); 219 220 return ret > 0 ? 1 : 0; 221 } 222 223 void 224 ca_imsg(struct mproc *p, struct imsg *imsg) 225 { 226 RSA *rsa = NULL; 227 EC_KEY *ecdsa = NULL; 228 const void *from = NULL; 229 unsigned char *to = NULL; 230 struct msg m; 231 const char *pkiname; 232 size_t flen, tlen, padding; 233 int buf_len; 234 struct pki *pki; 235 int ret = 0; 236 uint64_t id; 237 int v; 238 239 if (imsg == NULL) 240 ca_shutdown(); 241 242 switch (imsg->hdr.type) { 243 case IMSG_CONF_START: 244 return; 245 case IMSG_CONF_END: 246 ca_init(); 247 248 /* Start fulfilling requests */ 249 mproc_enable(p_pony); 250 return; 251 252 case IMSG_CTL_VERBOSE: 253 m_msg(&m, imsg); 254 m_get_int(&m, &v); 255 m_end(&m); 256 log_trace_verbose(v); 257 return; 258 259 case IMSG_CTL_PROFILE: 260 m_msg(&m, imsg); 261 m_get_int(&m, &v); 262 m_end(&m); 263 profiling = v; 264 return; 265 266 case IMSG_CA_RSA_PRIVENC: 267 case IMSG_CA_RSA_PRIVDEC: 268 m_msg(&m, imsg); 269 m_get_id(&m, &id); 270 m_get_string(&m, &pkiname); 271 m_get_data(&m, &from, &flen); 272 m_get_size(&m, &tlen); 273 m_get_size(&m, &padding); 274 m_end(&m); 275 276 pki = dict_get(env->sc_pki_dict, pkiname); 277 if (pki == NULL || pki->pki_pkey == NULL || 278 (rsa = EVP_PKEY_get1_RSA(pki->pki_pkey)) == NULL) 279 fatalx("ca_imsg: invalid pki"); 280 281 if ((to = calloc(1, tlen)) == NULL) 282 fatalx("ca_imsg: calloc"); 283 284 switch (imsg->hdr.type) { 285 case IMSG_CA_RSA_PRIVENC: 286 ret = RSA_private_encrypt(flen, from, to, rsa, 287 padding); 288 break; 289 case IMSG_CA_RSA_PRIVDEC: 290 ret = RSA_private_decrypt(flen, from, to, rsa, 291 padding); 292 break; 293 } 294 295 m_create(p, imsg->hdr.type, 0, 0, -1); 296 m_add_id(p, id); 297 m_add_int(p, ret); 298 if (ret > 0) 299 m_add_data(p, to, (size_t)ret); 300 m_close(p); 301 302 free(to); 303 RSA_free(rsa); 304 return; 305 306 case IMSG_CA_ECDSA_SIGN: 307 m_msg(&m, imsg); 308 m_get_id(&m, &id); 309 m_get_string(&m, &pkiname); 310 m_get_data(&m, &from, &flen); 311 m_end(&m); 312 313 pki = dict_get(env->sc_pki_dict, pkiname); 314 if (pki == NULL || pki->pki_pkey == NULL || 315 (ecdsa = EVP_PKEY_get1_EC_KEY(pki->pki_pkey)) == NULL) 316 fatalx("ca_imsg: invalid pki"); 317 318 buf_len = ECDSA_size(ecdsa); 319 if ((to = calloc(1, buf_len)) == NULL) 320 fatalx("ca_imsg: calloc"); 321 ret = ECDSA_sign(0, from, flen, to, &buf_len, ecdsa); 322 m_create(p, imsg->hdr.type, 0, 0, -1); 323 m_add_id(p, id); 324 m_add_int(p, ret); 325 if (ret > 0) 326 m_add_data(p, to, (size_t)buf_len); 327 m_close(p); 328 free(to); 329 EC_KEY_free(ecdsa); 330 return; 331 } 332 333 errx(1, "ca_imsg: unexpected %s imsg", imsg_to_str(imsg->hdr.type)); 334 } 335 336 /* 337 * RSA privsep engine (called from unprivileged processes) 338 */ 339 340 const RSA_METHOD *rsa_default = NULL; 341 342 static RSA_METHOD *rsae_method = NULL; 343 344 static int 345 rsae_send_imsg(int flen, const unsigned char *from, unsigned char *to, 346 RSA *rsa, int padding, unsigned int cmd) 347 { 348 int ret = 0; 349 struct imsgbuf *ibuf; 350 struct imsg imsg; 351 int n, done = 0; 352 const void *toptr; 353 char *pkiname; 354 size_t tlen; 355 struct msg m; 356 uint64_t id; 357 358 if ((pkiname = RSA_get_ex_data(rsa, 0)) == NULL) 359 return (0); 360 361 /* 362 * Send a synchronous imsg because we cannot defer the RSA 363 * operation in OpenSSL's engine layer. 364 */ 365 m_create(p_ca, cmd, 0, 0, -1); 366 reqid++; 367 m_add_id(p_ca, reqid); 368 m_add_string(p_ca, pkiname); 369 m_add_data(p_ca, (const void *)from, (size_t)flen); 370 m_add_size(p_ca, (size_t)RSA_size(rsa)); 371 m_add_size(p_ca, (size_t)padding); 372 m_flush(p_ca); 373 374 ibuf = &p_ca->imsgbuf; 375 376 while (!done) { 377 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN) 378 fatalx("imsg_read"); 379 if (n == 0) 380 fatalx("pipe closed"); 381 382 while (!done) { 383 if ((n = imsg_get(ibuf, &imsg)) == -1) 384 fatalx("imsg_get error"); 385 if (n == 0) 386 break; 387 388 log_imsg(PROC_PONY, PROC_CA, &imsg); 389 390 switch (imsg.hdr.type) { 391 case IMSG_CA_RSA_PRIVENC: 392 case IMSG_CA_RSA_PRIVDEC: 393 break; 394 default: 395 /* Another imsg is queued up in the buffer */ 396 pony_imsg(p_ca, &imsg); 397 imsg_free(&imsg); 398 continue; 399 } 400 401 m_msg(&m, &imsg); 402 m_get_id(&m, &id); 403 if (id != reqid) 404 fatalx("invalid response id"); 405 m_get_int(&m, &ret); 406 if (ret > 0) 407 m_get_data(&m, &toptr, &tlen); 408 m_end(&m); 409 410 if (ret > 0) 411 memcpy(to, toptr, tlen); 412 done = 1; 413 414 imsg_free(&imsg); 415 } 416 } 417 mproc_event_add(p_ca); 418 419 return (ret); 420 } 421 422 static int 423 rsae_pub_enc(int flen,const unsigned char *from, unsigned char *to, RSA *rsa, 424 int padding) 425 { 426 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 427 return (RSA_meth_get_pub_enc(rsa_default)(flen, from, to, rsa, padding)); 428 } 429 430 static int 431 rsae_pub_dec(int flen,const unsigned char *from, unsigned char *to, RSA *rsa, 432 int padding) 433 { 434 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 435 return (RSA_meth_get_pub_dec(rsa_default)(flen, from, to, rsa, padding)); 436 } 437 438 static int 439 rsae_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, 440 int padding) 441 { 442 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 443 if (RSA_get_ex_data(rsa, 0) != NULL) 444 return (rsae_send_imsg(flen, from, to, rsa, padding, 445 IMSG_CA_RSA_PRIVENC)); 446 return (RSA_meth_get_priv_enc(rsa_default)(flen, from, to, rsa, padding)); 447 } 448 449 static int 450 rsae_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, 451 int padding) 452 { 453 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 454 if (RSA_get_ex_data(rsa, 0) != NULL) 455 return (rsae_send_imsg(flen, from, to, rsa, padding, 456 IMSG_CA_RSA_PRIVDEC)); 457 458 return (RSA_meth_get_priv_dec(rsa_default)(flen, from, to, rsa, padding)); 459 } 460 461 static int 462 rsae_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) 463 { 464 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 465 return (RSA_meth_get_mod_exp(rsa_default)(r0, I, rsa, ctx)); 466 } 467 468 static int 469 rsae_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 470 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) 471 { 472 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 473 return (RSA_meth_get_bn_mod_exp(rsa_default)(r, a, p, m, ctx, m_ctx)); 474 } 475 476 static int 477 rsae_init(RSA *rsa) 478 { 479 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 480 if (RSA_meth_get_init(rsa_default) == NULL) 481 return (1); 482 return (RSA_meth_get_init(rsa_default)(rsa)); 483 } 484 485 static int 486 rsae_finish(RSA *rsa) 487 { 488 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 489 if (RSA_meth_get_finish(rsa_default) == NULL) 490 return (1); 491 return (RSA_meth_get_finish(rsa_default)(rsa)); 492 } 493 494 static int 495 rsae_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) 496 { 497 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 498 return (RSA_meth_get_keygen(rsa_default)(rsa, bits, e, cb)); 499 } 500 501 502 /* 503 * ECDSA privsep engine (called from unprivileged processes) 504 */ 505 506 const ECDSA_METHOD *ecdsa_default = NULL; 507 508 static ECDSA_METHOD *ecdsae_method = NULL; 509 510 ECDSA_METHOD * 511 ECDSA_METHOD_new_temporary(const char *name, int); 512 513 ECDSA_METHOD * 514 ECDSA_METHOD_new_temporary(const char *name, int flags) 515 { 516 ECDSA_METHOD *ecdsa; 517 518 if ((ecdsa = calloc(1, sizeof (*ecdsa))) == NULL) 519 return NULL; 520 521 if ((ecdsa->name = strdup(name)) == NULL) { 522 free(ecdsa); 523 return NULL; 524 } 525 526 ecdsa->flags = flags; 527 return ecdsa; 528 } 529 530 static ECDSA_SIG * 531 ecdsae_send_enc_imsg(const unsigned char *dgst, int dgst_len, 532 const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey) 533 { 534 int ret = 0; 535 struct imsgbuf *ibuf; 536 struct imsg imsg; 537 int n, done = 0; 538 const void *toptr; 539 char *pkiname; 540 size_t tlen; 541 struct msg m; 542 uint64_t id; 543 ECDSA_SIG *sig = NULL; 544 545 if ((pkiname = ECDSA_get_ex_data(eckey, 0)) == NULL) 546 return (0); 547 548 /* 549 * Send a synchronous imsg because we cannot defer the ECDSA 550 * operation in OpenSSL's engine layer. 551 */ 552 m_create(p_ca, IMSG_CA_ECDSA_SIGN, 0, 0, -1); 553 reqid++; 554 m_add_id(p_ca, reqid); 555 m_add_string(p_ca, pkiname); 556 m_add_data(p_ca, (const void *)dgst, (size_t)dgst_len); 557 m_flush(p_ca); 558 559 ibuf = &p_ca->imsgbuf; 560 561 while (!done) { 562 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN) 563 fatalx("imsg_read"); 564 if (n == 0) 565 fatalx("pipe closed"); 566 while (!done) { 567 if ((n = imsg_get(ibuf, &imsg)) == -1) 568 fatalx("imsg_get error"); 569 if (n == 0) 570 break; 571 572 log_imsg(PROC_PONY, PROC_CA, &imsg); 573 574 switch (imsg.hdr.type) { 575 case IMSG_CA_ECDSA_SIGN: 576 break; 577 default: 578 /* Another imsg is queued up in the buffer */ 579 pony_imsg(p_ca, &imsg); 580 imsg_free(&imsg); 581 continue; 582 } 583 584 m_msg(&m, &imsg); 585 m_get_id(&m, &id); 586 if (id != reqid) 587 fatalx("invalid response id"); 588 m_get_int(&m, &ret); 589 if (ret > 0) 590 m_get_data(&m, &toptr, &tlen); 591 m_end(&m); 592 done = 1; 593 594 if (ret > 0) 595 d2i_ECDSA_SIG(&sig, (const unsigned char **)&toptr, tlen); 596 imsg_free(&imsg); 597 } 598 } 599 mproc_event_add(p_ca); 600 601 return (sig); 602 } 603 604 ECDSA_SIG * 605 ecdsae_do_sign(const unsigned char *dgst, int dgst_len, 606 const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey) 607 { 608 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 609 if (ECDSA_get_ex_data(eckey, 0) != NULL) 610 return (ecdsae_send_enc_imsg(dgst, dgst_len, inv, rp, eckey)); 611 return (ecdsa_default->ecdsa_do_sign(dgst, dgst_len, inv, rp, eckey)); 612 } 613 614 int 615 ecdsae_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, 616 BIGNUM **r) 617 { 618 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 619 return (ecdsa_default->ecdsa_sign_setup(eckey, ctx, kinv, r)); 620 } 621 622 int 623 ecdsae_do_verify(const unsigned char *dgst, int dgst_len, 624 const ECDSA_SIG *sig, EC_KEY *eckey) 625 { 626 log_debug("debug: %s: %s", proc_name(smtpd_process), __func__); 627 return (ecdsa_default->ecdsa_do_verify(dgst, dgst_len, sig, eckey)); 628 } 629 630 631 static void 632 rsa_engine_init(void) 633 { 634 ENGINE *e; 635 const char *errstr, *name; 636 637 if ((rsae_method = RSA_meth_new("RSA privsep engine", 0)) == NULL) { 638 errstr = "RSA_meth_new"; 639 goto fail; 640 } 641 642 RSA_meth_set_pub_enc(rsae_method, rsae_pub_enc); 643 RSA_meth_set_pub_dec(rsae_method, rsae_pub_dec); 644 RSA_meth_set_priv_enc(rsae_method, rsae_priv_enc); 645 RSA_meth_set_priv_dec(rsae_method, rsae_priv_dec); 646 RSA_meth_set_mod_exp(rsae_method, rsae_mod_exp); 647 RSA_meth_set_bn_mod_exp(rsae_method, rsae_bn_mod_exp); 648 RSA_meth_set_init(rsae_method, rsae_init); 649 RSA_meth_set_finish(rsae_method, rsae_finish); 650 RSA_meth_set_keygen(rsae_method, rsae_keygen); 651 652 if ((e = ENGINE_get_default_RSA()) == NULL) { 653 if ((e = ENGINE_new()) == NULL) { 654 errstr = "ENGINE_new"; 655 goto fail; 656 } 657 if (!ENGINE_set_name(e, RSA_meth_get0_name(rsae_method))) { 658 errstr = "ENGINE_set_name"; 659 goto fail; 660 } 661 if ((rsa_default = RSA_get_default_method()) == NULL) { 662 errstr = "RSA_get_default_method"; 663 goto fail; 664 } 665 } else if ((rsa_default = ENGINE_get_RSA(e)) == NULL) { 666 errstr = "ENGINE_get_RSA"; 667 goto fail; 668 } 669 670 if ((name = ENGINE_get_name(e)) == NULL) 671 name = "unknown RSA engine"; 672 673 log_debug("debug: %s: using %s", __func__, name); 674 675 if (RSA_meth_get_mod_exp(rsa_default) == NULL) 676 RSA_meth_set_mod_exp(rsae_method, NULL); 677 if (RSA_meth_get_bn_mod_exp(rsa_default) == NULL) 678 RSA_meth_set_bn_mod_exp(rsae_method, NULL); 679 if (RSA_meth_get_keygen(rsa_default) == NULL) 680 RSA_meth_set_keygen(rsae_method, NULL); 681 RSA_meth_set_flags(rsae_method, 682 RSA_meth_get_flags(rsa_default) | RSA_METHOD_FLAG_NO_CHECK); 683 RSA_meth_set0_app_data(rsae_method, 684 RSA_meth_get0_app_data(rsa_default)); 685 686 if (!ENGINE_set_RSA(e, rsae_method)) { 687 errstr = "ENGINE_set_RSA"; 688 goto fail; 689 } 690 if (!ENGINE_set_default_RSA(e)) { 691 errstr = "ENGINE_set_default_RSA"; 692 goto fail; 693 } 694 695 return; 696 697 fail: 698 ssl_error(errstr); 699 fatalx("%s", errstr); 700 } 701 702 static void 703 ecdsa_engine_init(void) 704 { 705 ENGINE *e; 706 const char *errstr, *name; 707 708 if ((ecdsae_method = ECDSA_METHOD_new_temporary("ECDSA privsep engine", 0)) == NULL) { 709 errstr = "ECDSA_METHOD_new_temporary"; 710 goto fail; 711 } 712 713 ecdsae_method->ecdsa_do_sign = ecdsae_do_sign; 714 ecdsae_method->ecdsa_sign_setup = ecdsae_sign_setup; 715 ecdsae_method->ecdsa_do_verify = ecdsae_do_verify; 716 717 if ((e = ENGINE_get_default_ECDSA()) == NULL) { 718 if ((e = ENGINE_new()) == NULL) { 719 errstr = "ENGINE_new"; 720 goto fail; 721 } 722 if (!ENGINE_set_name(e, ecdsae_method->name)) { 723 errstr = "ENGINE_set_name"; 724 goto fail; 725 } 726 if ((ecdsa_default = ECDSA_get_default_method()) == NULL) { 727 errstr = "ECDSA_get_default_method"; 728 goto fail; 729 } 730 } else if ((ecdsa_default = ENGINE_get_ECDSA(e)) == NULL) { 731 errstr = "ENGINE_get_ECDSA"; 732 goto fail; 733 } 734 735 if ((name = ENGINE_get_name(e)) == NULL) 736 name = "unknown ECDSA engine"; 737 738 log_debug("debug: %s: using %s", __func__, name); 739 740 if (!ENGINE_set_ECDSA(e, ecdsae_method)) { 741 errstr = "ENGINE_set_ECDSA"; 742 goto fail; 743 } 744 if (!ENGINE_set_default_ECDSA(e)) { 745 errstr = "ENGINE_set_default_ECDSA"; 746 goto fail; 747 } 748 749 return; 750 751 fail: 752 ssl_error(errstr); 753 fatalx("%s", errstr); 754 } 755 756 void 757 ca_engine_init(void) 758 { 759 rsa_engine_init(); 760 ecdsa_engine_init(); 761 } 762