35#if defined(ENABLE_PKCS11) && defined(ENABLE_CRYPTO_OPENSSL)
41#include <pkcs11-helper-1.0/pkcs11h-openssl.h>
43#ifdef HAVE_XKEY_PROVIDER
44static XKEY_EXTERNAL_SIGN_fn xkey_pkcs11h_sign;
46#if PKCS11H_VERSION > ((1 << 16) | (27 << 8))
49#define MD_TYPE(n) { NID_sha##n, CKM_SHA##n, CKG_MGF1_SHA##n }
55} mdtypes[] = { MD_TYPE(224),
59 { NID_sha1, CKM_SHA_1, CKG_MGF1_SHA1 },
60 { NID_undef, 0, 0 } };
68set_pss_params(CK_RSA_PKCS_PSS_PARAMS *pss_params, XKEY_SIGALG sigalg, pkcs11h_certificate_t cert)
72 EVP_PKEY *pubkey = NULL;
74 if ((x509 = pkcs11h_openssl_getX509(cert)) == NULL || (pubkey = X509_get0_pubkey(x509)) == NULL)
76 msg(
M_WARN,
"PKCS#11: Unable get public key");
82 int nid = OBJ_sn2nid(sigalg.mdname);
83 while (mdtypes[
i].nid != NID_undef && mdtypes[
i].nid != nid)
87 pss_params->hashAlg = mdtypes[
i].ckm_id;
88 pss_params->mgf = mdtypes[
i].mgf_id;
91 const EVP_MD *md = EVP_get_digestbyname(sigalg.mdname);
95 "WARN: set_pss_params: EVP_get_digestbyname returned NULL "
100 int mdsize = EVP_MD_get_size(md);
103 if (!strcmp(sigalg.saltlen,
"digest"))
107 else if (!strcmp(sigalg.saltlen,
"max"))
109 saltlen = xkey_max_saltlen(EVP_PKEY_get_bits(pubkey), mdsize);
112 if (saltlen < 0 || pss_params->hashAlg == 0)
115 "WARN: invalid RSA_PKCS1_PSS parameters: saltlen = <%s> "
117 sigalg.saltlen, sigalg.mdname);
120 pss_params->sLen = (
unsigned long)saltlen;
122 msg(
D_XKEY,
"set_pss_params: sLen = %lu, hashAlg = %lu, mgf = %lu", pss_params->sLen,
123 pss_params->hashAlg, pss_params->mgf);
138#define set_pss_params(...) (1)
146pkcs11h_certificate_signAny_ex(
const pkcs11h_certificate_t cert,
const CK_MECHANISM *mech,
147 const unsigned char *tbs,
size_t tbslen,
unsigned char *sig,
150 if (mech->mechanism == CKM_RSA_PKCS_PSS)
152 msg(
M_NONFATAL,
"PKCS#11: Error: PSS padding is not supported by "
153 "this version of pkcs11-helper library.");
154 return CKR_MECHANISM_INVALID;
156 return pkcs11h_certificate_signAny(cert, mech->mechanism, tbs, tbslen, sig, siglen);
166xkey_pkcs11h_sign(
void *handle,
unsigned char *sig,
size_t *siglen,
const unsigned char *tbs,
167 size_t tbslen, XKEY_SIGALG sigalg)
169 pkcs11h_certificate_t cert = handle;
170 CK_MECHANISM mech = { CKM_RSA_PKCS, NULL, 0 };
171 CK_RSA_PKCS_PSS_PARAMS pss_params = { 0 };
173 unsigned char buf[EVP_MAX_MD_SIZE];
175 size_t siglen_max = *siglen;
177 unsigned char enc[EVP_MAX_MD_SIZE + 32];
178 size_t enc_len =
sizeof(enc);
180 if (!strcmp(sigalg.op,
"DigestSign"))
182 msg(
D_XKEY,
"xkey_pkcs11h_sign: computing digest");
183 if (xkey_digest(tbs, tbslen, buf, &buflen, sigalg.mdname))
186 tbslen = (size_t)buflen;
195 if (!strcmp(sigalg.keytype,
"EC"))
197 msg(
D_XKEY,
"xkey_pkcs11h_sign: signing with EC key");
198 mech.mechanism = CKM_ECDSA;
200 else if (!strcmp(sigalg.keytype,
"RSA"))
202 msg(
D_XKEY,
"xkey_pkcs11h_sign: signing with RSA key: padmode = %s", sigalg.padmode);
203 if (!strcmp(sigalg.padmode,
"none"))
205 mech.mechanism = CKM_RSA_X_509;
207 else if (!strcmp(sigalg.padmode,
"pss"))
209 mech.mechanism = CKM_RSA_PKCS_PSS;
211 if (!set_pss_params(&pss_params, sigalg, cert))
216 mech.pParameter = &pss_params;
217 mech.ulParameterLen =
sizeof(pss_params);
219 else if (!strcmp(sigalg.padmode,
"pkcs1"))
223 if (!encode_pkcs1(enc, &enc_len, sigalg.mdname, tbs, tbslen))
232 msg(
M_WARN,
"PKCS#11: Unknown padmode <%s>", sigalg.padmode);
240 if (CKR_OK != pkcs11h_certificate_signAny_ex(cert, &mech, tbs, tbslen, sig, siglen))
244 if (strcmp(sigalg.keytype,
"EC"))
250 int derlen = ecdsa_bin2der(sig, (
int)*siglen, siglen_max);
263xkey_handle_free(
void *handle)
265 pkcs11h_certificate_freeCertificate(handle);
280xkey_load_from_pkcs11h(pkcs11h_certificate_t certificate,
struct tls_root_ctx *
const ctx)
284 X509 *x509 = pkcs11h_openssl_getX509(certificate);
287 msg(
M_WARN,
"PKCS#11: Unable get x509 certificate object");
291 EVP_PKEY *pubkey = X509_get0_pubkey(x509);
293 XKEY_PRIVKEY_FREE_fn *free_op = xkey_handle_free;
294 XKEY_EXTERNAL_SIGN_fn *sign_op = xkey_pkcs11h_sign;
296 EVP_PKEY *pkey = xkey_load_generic_key(
tls_libctx, certificate, pubkey, sign_op, free_op);
299 msg(
M_WARN,
"PKCS#11: Failed to load private key into xkey provider");
305 if (!SSL_CTX_use_cert_and_key(ctx->
ctx, x509, pkey, NULL, 0))
308 msg(
M_FATAL,
"PKCS#11: Failed to set cert and private key for OpenSSL");
324 pkcs11h_certificate_freeCertificate(certificate);
331pkcs11_init_tls_session(pkcs11h_certificate_t certificate,
struct tls_root_ctx *
const ssl_ctx)
333#ifdef HAVE_XKEY_PROVIDER
334 return (xkey_load_from_pkcs11h(certificate, ssl_ctx) == 0);
339 EVP_PKEY *evp = NULL;
340 pkcs11h_openssl_session_t openssl_session = NULL;
342 if ((openssl_session = pkcs11h_openssl_createSession(certificate)) == NULL)
344 msg(
M_WARN,
"PKCS#11: Cannot initialize openssl session");
353 if ((evp = pkcs11h_openssl_session_getEVP(openssl_session)) == NULL)
355 msg(
M_WARN,
"PKCS#11: Unable get evp object");
359 if ((x509 = pkcs11h_openssl_session_getX509(openssl_session)) == NULL)
361 msg(
M_WARN,
"PKCS#11: Unable get certificate object");
365 if (!SSL_CTX_use_PrivateKey(ssl_ctx->
ctx, evp))
367 msg(
M_WARN,
"PKCS#11: Cannot set private key for openssl");
371 if (!SSL_CTX_use_certificate(ssl_ctx->
ctx, x509))
374 msg(
M_FATAL,
"PKCS#11: Cannot set certificate for openssl");
384 if (certificate != NULL)
386 pkcs11h_certificate_freeCertificate(certificate);
400 if (openssl_session != NULL)
402 pkcs11h_openssl_freeSession(openssl_session);
403 openssl_session = NULL;
410pkcs11_certificate_dn(pkcs11h_certificate_t certificate,
struct gc_arena *
gc)
416 if ((x509 = pkcs11h_openssl_getX509(certificate)) == NULL)
432pkcs11_certificate_serial(pkcs11h_certificate_t certificate,
char *serial,
size_t serial_len)
439 if ((x509 = pkcs11h_openssl_getX509(certificate)) == NULL)
445 if ((bio = BIO_new(BIO_s_mem())) == NULL)
451 i2a_ASN1_INTEGER(bio, X509_get_serialNumber(x509));
452 n = BIO_read(bio, serial, serial_len - 1);
void crypto_print_openssl_errors(const unsigned int flags)
Retrieve any occurred OpenSSL errors and print those errors.
PKCS #11 SSL library-specific backend.
OSSL_LIB_CTX * tls_libctx
Control Channel Verification Module.
char * x509_get_subject(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Garbage collection arena used to keep track of dynamically allocated memory.
Structure that wraps the TLS context.
static int cleanup(void **state)