fprintf(stderr,
" -hf names add support for some hash functions (comma-separated)\n");
fprintf(stderr,
+" -cbhash test hashing in policy callback\n");
+ fprintf(stderr,
" -serverpref enforce server's preferences for cipher suites\n");
+ fprintf(stderr,
+" -noreneg prohibit renegotiations\n");
+ fprintf(stderr,
+" -alpn name add protocol name to list of protocols (ALPN extension)\n");
+ fprintf(stderr,
+" -strictalpn fail on ALPN mismatch\n");
exit(EXIT_FAILURE);
}
size_t chain_len;
int cert_signer_algo;
private_key *sk;
+ int cbhash;
} policy_context;
static void
}
}
-static int
+static unsigned
choose_hash(unsigned chashes)
{
- int hash_id;
+ unsigned hash_id;
for (hash_id = 6; hash_id >= 2; hash_id --) {
if (((chashes >> hash_id) & 1) != 0) {
if (br_ssl_engine_get_version(&cc->eng)
< BR_TLS12)
{
- choices->hash_id = 0;
+ if (pc->cbhash) {
+ choices->algo_id = 0x0001;
+ } else {
+ choices->algo_id = 0xFF00;
+ }
} else {
- choices->hash_id = choose_hash(chashes);
+ unsigned id;
+
+ id = choose_hash(chashes);
+ if (pc->cbhash) {
+ choices->algo_id =
+ (id << 8) + 0x01;
+ } else {
+ choices->algo_id = 0xFF00 + id;
+ }
}
goto choose_ok;
}
if (br_ssl_engine_get_version(&cc->eng)
< BR_TLS12)
{
- choices->hash_id = br_sha1_ID;
+ if (pc->cbhash) {
+ choices->algo_id = 0x0203;
+ } else {
+ choices->algo_id =
+ 0xFF00 + br_sha1_ID;
+ }
} else {
- choices->hash_id =
- choose_hash(chashes >> 8);
+ unsigned id;
+
+ id = choose_hash(chashes >> 8);
+ if (pc->cbhash) {
+ choices->algo_id =
+ (id << 8) + 0x03;
+ } else {
+ choices->algo_id =
+ 0xFF00 + id;
+ }
}
goto choose_ok;
}
static uint32_t
sp_do_keyx(const br_ssl_server_policy_class **pctx,
- unsigned char *data, size_t len)
+ unsigned char *data, size_t *len)
{
policy_context *pc;
+ uint32_t r;
+ size_t xoff, xlen;
pc = (policy_context *)pctx;
switch (pc->sk->key_type) {
case BR_KEYTYPE_RSA:
return br_rsa_ssl_decrypt(
&br_rsa_i31_private, &pc->sk->key.rsa,
- data, len);
+ data, *len);
case BR_KEYTYPE_EC:
- return br_ec_prime_i31.mul(data, len, pc->sk->key.ec.x,
+ r = br_ec_all_m15.mul(data, *len, pc->sk->key.ec.x,
pc->sk->key.ec.xlen, pc->sk->key.ec.curve);
+ xoff = br_ec_all_m15.xoff(pc->sk->key.ec.curve, &xlen);
+ memmove(data, data + xoff, xlen);
+ *len = xlen;
+ return r;
default:
fprintf(stderr, "ERROR: unknown private key type (%d)\n",
(int)pc->sk->key_type);
static size_t
sp_do_sign(const br_ssl_server_policy_class **pctx,
- int hash_id, size_t hv_len, unsigned char *data, size_t len)
+ unsigned algo_id, unsigned char *data, size_t hv_len, size_t len)
{
policy_context *pc;
unsigned char hv[64];
pc = (policy_context *)pctx;
- memcpy(hv, data, hv_len);
+ if (algo_id >= 0xFF00) {
+ algo_id &= 0xFF;
+ memcpy(hv, data, hv_len);
+ } else {
+ const br_hash_class *hc;
+ br_hash_compat_context zc;
+
+ if (pc->verbose) {
+ fprintf(stderr, "Callback hashing, algo = 0x%04X,"
+ " data_len = %lu\n",
+ algo_id, (unsigned long)hv_len);
+ }
+ algo_id >>= 8;
+ hc = get_hash_impl(algo_id);
+ if (hc == NULL) {
+ if (pc->verbose) {
+ fprintf(stderr,
+ "ERROR: unsupported hash function %u\n",
+ algo_id);
+ }
+ return 0;
+ }
+ hc->init(&zc.vtable);
+ hc->update(&zc.vtable, data, hv_len);
+ hc->out(&zc.vtable, hv);
+ hv_len = (hc->desc >> BR_HASHDESC_OUT_OFF)
+ & BR_HASHDESC_OUT_MASK;
+ }
switch (pc->sk->key_type) {
size_t sig_len;
uint32_t x;
const br_hash_class *hc;
case BR_KEYTYPE_RSA:
- hash_oid = get_hash_oid(hash_id);
- if (hash_oid == NULL && hash_id != 0) {
+ hash_oid = get_hash_oid(algo_id);
+ if (hash_oid == NULL && algo_id != 0) {
if (pc->verbose) {
fprintf(stderr, "ERROR: cannot RSA-sign with"
- " unknown hash function: %d\n",
- hash_id);
+ " unknown hash function: %u\n",
+ algo_id);
}
return 0;
}
return sig_len;
case BR_KEYTYPE_EC:
- hc = get_hash_impl(hash_id);
+ hc = get_hash_impl(algo_id);
if (hc == NULL) {
if (pc->verbose) {
fprintf(stderr, "ERROR: cannot ECDSA-sign with"
- " unknown hash function: %d\n",
- hash_id);
+ " unknown hash function: %u\n",
+ algo_id);
}
return 0;
}
}
return 0;
}
- sig_len = br_ecdsa_i31_sign_asn1(&br_ec_prime_i31,
+ sig_len = br_ecdsa_i31_sign_asn1(&br_ec_all_m15,
hc, hv, &pc->sk->key.ec, data);
if (sig_len == 0) {
if (pc->verbose) {
sp_do_sign
};
+void
+free_alpn(void *alpn)
+{
+ xfree(*(char **)alpn);
+}
+
/* see brssl.h */
int
do_server(int argc, char *argv[])
size_t num_suites;
uint16_t *suite_ids;
unsigned hfuns;
+ int cbhash;
br_x509_certificate *chain;
size_t chain_len;
int cert_signer_algo;
private_key *sk;
anchor_list anchors = VEC_INIT;
+ VECTOR(const char *) alpn_names = VEC_INIT;
br_x509_minimal_context xc;
const br_hash_class *dnhash;
size_t u;
suites = NULL;
num_suites = 0;
hfuns = 0;
+ cbhash = 0;
suite_ids = NULL;
chain = NULL;
chain_len = 0;
goto server_exit_error;
}
hfuns |= x;
+ } else if (eqstr(arg, "-cbhash")) {
+ cbhash = 1;
} else if (eqstr(arg, "-serverpref")) {
flags |= BR_OPT_ENFORCE_SERVER_PREFERENCES;
} else if (eqstr(arg, "-noreneg")) {
flags |= BR_OPT_NO_RENEGOTIATION;
+ } else if (eqstr(arg, "-alpn")) {
+ if (++ i >= argc) {
+ fprintf(stderr,
+ "ERROR: no argument for '-alpn'\n");
+ usage_server();
+ goto server_exit_error;
+ }
+ VEC_ADD(alpn_names, xstrdup(argv[i]));
+ } else if (eqstr(arg, "-strictalpn")) {
+ flags |= BR_OPT_FAIL_ON_ALPN_MISMATCH;
} else {
fprintf(stderr, "ERROR: unknown option: '%s'\n", arg);
usage_server();
break;
case BR_KEYTYPE_EC:
curve = sk->key.ec.curve;
- supp = br_ec_prime_i31.supported_curves;
+ supp = br_ec_all_m15.supported_curves;
if (curve > 31 || !((supp >> curve) & 1)) {
fprintf(stderr, "ERROR: private key curve (%d)"
" is not supported\n", curve);
&br_sslrec_out_cbc_vtable);
}
if ((req & (REQ_ECDHE_RSA | REQ_ECDHE_ECDSA)) != 0) {
- br_ssl_engine_set_ec(&cc.eng, &br_ec_prime_i31);
+ br_ssl_engine_set_ec(&cc.eng, &br_ec_all_m15);
}
}
br_ssl_engine_set_suites(&cc.eng, suite_ids, num_suites);
br_ssl_session_cache_lru_init(&lru, cache, cache_len);
br_ssl_server_set_cache(&cc, &lru.vtable);
+ if (VEC_LEN(alpn_names) != 0) {
+ br_ssl_engine_set_protocol_names(&cc.eng,
+ &VEC_ELT(alpn_names, 0), VEC_LEN(alpn_names));
+ }
+
/*
* Set the policy handler (that chooses the actual cipher suite,
* selects the certificate chain, and runs the private key
pc.chain_len = chain_len;
pc.cert_signer_algo = cert_signer_algo;
pc.sk = sk;
+ pc.cbhash = cbhash;
br_ssl_server_set_policy(&cc, &pc.vtable);
/*
}
}
br_ssl_engine_set_rsavrfy(&cc.eng, &br_rsa_i31_pkcs1_vrfy);
- br_ssl_engine_set_ec(&cc.eng, &br_ec_prime_i31);
+ br_ssl_engine_set_ec(&cc.eng, &br_ec_all_m15);
br_ssl_engine_set_ecdsa(&cc.eng, &br_ecdsa_i31_vrfy_asn1);
br_x509_minimal_set_rsa(&xc, &br_rsa_i31_pkcs1_vrfy);
br_x509_minimal_set_ecdsa(&xc,
- &br_ec_prime_i31, &br_ecdsa_i31_vrfy_asn1);
+ &br_ec_all_m15, &br_ecdsa_i31_vrfy_asn1);
br_ssl_engine_set_x509(&cc.eng, &xc.vtable);
br_ssl_server_set_trust_anchor_names_alt(&cc,
&VEC_ELT(anchors, 0), VEC_LEN(anchors));
free_certificates(chain, chain_len);
free_private_key(sk);
VEC_CLEAREXT(anchors, &free_ta_contents);
+ VEC_CLEAREXT(alpn_names, &free_alpn);
xfree(iobuf);
xfree(cache);
if (fd >= 0) {