summaryrefslogtreecommitdiffstats
path: root/src/tls/tls_rsa.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls/tls_rsa.c')
-rw-r--r--src/tls/tls_rsa.c127
1 files changed, 127 insertions, 0 deletions
diff --git a/src/tls/tls_rsa.c b/src/tls/tls_rsa.c
new file mode 100644
index 0000000..67f2a2e
--- /dev/null
+++ b/src/tls/tls_rsa.c
@@ -0,0 +1,127 @@
+/*++
+/* NAME
+/* tls_rsa
+/* SUMMARY
+/* RSA support
+/* SYNOPSIS
+/* #define TLS_INTERNAL
+/* #include <tls.h>
+/*
+/* RSA *tls_tmp_rsa_cb(ssl, export, keylength)
+/* SSL *ssl; /* unused */
+/* int export;
+/* int keylength;
+/* DESCRIPTION
+/* tls_tmp_rsa_cb() is a call-back routine for the
+/* SSL_CTX_set_tmp_rsa_callback() function.
+/*
+/* This implementation will generate only 512-bit ephemeral
+/* RSA keys for export ciphersuites. It will log a warning in
+/* all other usage contexts.
+/* LICENSE
+/* .ad
+/* .fi
+/* This software is free. You can do with it whatever you want.
+/* The original author kindly requests that you acknowledge
+/* the use of his software.
+/* AUTHOR(S)
+/* Originally written by:
+/* Lutz Jaenicke
+/* BTU Cottbus
+/* Allgemeine Elektrotechnik
+/* Universitaetsplatz 3-4
+/* D-03044 Cottbus, Germany
+/*
+/* Updated by:
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*
+/* Viktor Dukhovni.
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+#include <msg.h>
+
+#ifdef USE_TLS
+
+/* TLS library. */
+
+#define TLS_INTERNAL
+#include <tls.h>
+#include <openssl/rsa.h>
+
+ /*
+ * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+ */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
+/* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
+
+RSA *tls_tmp_rsa_cb(SSL *unused_ssl, int export, int keylength)
+{
+ static RSA *rsa_tmp;
+
+ /*
+ * We generate ephemeral RSA keys only for export ciphersuites. In all
+ * other contexts use of ephemeral RSA keys violates the SSL/TLS
+ * protocol, and only takes place when applications ask for trouble and
+ * set the SSL_OP_EPHEMERAL_RSA option. Postfix should never do that.
+ */
+ if (!export || keylength != 512) {
+ msg_warn("%sexport %d-bit ephemeral RSA key requested",
+ export ? "" : "non-", keylength);
+ return 0;
+ }
+ if (rsa_tmp == 0) {
+ BIGNUM *e = BN_new();
+
+ if (e != 0 && BN_set_word(e, RSA_F4) && (rsa_tmp = RSA_new()) != 0)
+ if (!RSA_generate_key_ex(rsa_tmp, keylength, e, 0)) {
+ RSA_free(rsa_tmp);
+ rsa_tmp = 0;
+ }
+ if (e)
+ BN_free(e);
+ }
+ return (rsa_tmp);
+}
+
+#endif /* OPENSSL_VERSION_NUMBER */
+
+#ifdef TEST
+
+#include <msg_vstream.h>
+
+int main(int unused_argc, char *const argv[])
+{
+ int ok = 0;
+
+ /*
+ * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+ */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ RSA *rsa;
+
+ msg_vstream_init(argv[0], VSTREAM_ERR);
+
+ /* Export at 512-bits should work */
+ rsa = tls_tmp_rsa_cb(0, 1, 512);
+ ok = rsa != 0 && RSA_size(rsa) == 512 / 8;
+ ok = ok && PEM_write_RSAPrivateKey(stdout, rsa, 0, 0, 0, 0, 0);
+ tls_print_errors();
+
+ /* Non-export or unexpected bit length should fail */
+ ok = ok && tls_tmp_rsa_cb(0, 0, 512) == 0;
+ ok = ok && tls_tmp_rsa_cb(0, 1, 1024) == 0;
+#endif
+
+ return ok ? 0 : 1;
+}
+
+#endif
+
+#endif