--- /dev/null
+
+#include "sslAppUtils.h"
+#include "sslThreading.h"
+#include "identPicker.h"
+#include <utilLib/fileIo.h>
+#include <utilLib/common.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <sys/param.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#include <Security/AuthSession.h> // for Sec errors
+#include <CoreFoundation/CFDate.h>
+
+/* Set true when PR-3074739 is merged to TOT */
+#define NEW_SSL_ERRS_3074739 1
+
+const char *sslGetCipherSuiteString(SSLCipherSuite cs)
+{
+ static char noSuite[40];
+
+ switch(cs) {
+ case SSL_NULL_WITH_NULL_NULL:
+ return "SSL_NULL_WITH_NULL_NULL";
+ case SSL_RSA_WITH_NULL_MD5:
+ return "SSL_RSA_WITH_NULL_MD5";
+ case SSL_RSA_WITH_NULL_SHA:
+ return "SSL_RSA_WITH_NULL_SHA";
+ case SSL_RSA_EXPORT_WITH_RC4_40_MD5:
+ return "SSL_RSA_EXPORT_WITH_RC4_40_MD5";
+ case SSL_RSA_WITH_RC4_128_MD5:
+ return "SSL_RSA_WITH_RC4_128_MD5";
+ case SSL_RSA_WITH_RC4_128_SHA:
+ return "SSL_RSA_WITH_RC4_128_SHA";
+ case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5:
+ return "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5";
+ case SSL_RSA_WITH_IDEA_CBC_SHA:
+ return "SSL_RSA_WITH_IDEA_CBC_SHA";
+ case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA:
+ return "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA";
+ case SSL_RSA_WITH_DES_CBC_SHA:
+ return "SSL_RSA_WITH_DES_CBC_SHA";
+ case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
+ return "SSL_RSA_WITH_3DES_EDE_CBC_SHA";
+ case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
+ return "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA";
+ case SSL_DH_DSS_WITH_DES_CBC_SHA:
+ return "SSL_DH_DSS_WITH_DES_CBC_SHA";
+ case SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA:
+ return "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA";
+ case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA:
+ return "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA";
+ case SSL_DH_RSA_WITH_DES_CBC_SHA:
+ return "SSL_DH_RSA_WITH_DES_CBC_SHA";
+ case SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA:
+ return "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA";
+ case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
+ return "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA";
+ case SSL_DHE_DSS_WITH_DES_CBC_SHA:
+ return "SSL_DHE_DSS_WITH_DES_CBC_SHA";
+ case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
+ return "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA";
+ case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
+ return "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA";
+ case SSL_DHE_RSA_WITH_DES_CBC_SHA:
+ return "SSL_DHE_RSA_WITH_DES_CBC_SHA";
+ case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+ return "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA";
+ case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5:
+ return "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5";
+ case SSL_DH_anon_WITH_RC4_128_MD5:
+ return "SSL_DH_anon_WITH_RC4_128_MD5";
+ case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA:
+ return "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA";
+ case SSL_DH_anon_WITH_DES_CBC_SHA:
+ return "SSL_DH_anon_WITH_DES_CBC_SHA";
+ case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA:
+ return "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA";
+ case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
+ return "SSL_FORTEZZA_DMS_WITH_NULL_SHA";
+ case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA:
+ return "SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA";
+ case SSL_RSA_WITH_RC2_CBC_MD5:
+ return "SSL_RSA_WITH_RC2_CBC_MD5";
+ case SSL_RSA_WITH_IDEA_CBC_MD5:
+ return "SSL_RSA_WITH_IDEA_CBC_MD5";
+ case SSL_RSA_WITH_DES_CBC_MD5:
+ return "SSL_RSA_WITH_DES_CBC_MD5";
+ case SSL_RSA_WITH_3DES_EDE_CBC_MD5:
+ return "SSL_RSA_WITH_3DES_EDE_CBC_MD5";
+ case SSL_NO_SUCH_CIPHERSUITE:
+ return "SSL_NO_SUCH_CIPHERSUITE";
+ case TLS_RSA_WITH_AES_128_CBC_SHA:
+ return "TLS_RSA_WITH_AES_128_CBC_SHA";
+ case TLS_DH_DSS_WITH_AES_128_CBC_SHA:
+ return "TLS_DH_DSS_WITH_AES_128_CBC_SHA";
+ case TLS_DH_RSA_WITH_AES_128_CBC_SHA:
+ return "TLS_DH_RSA_WITH_AES_128_CBC_SHA";
+ case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
+ return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA";
+ case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
+ return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA";
+ case TLS_DH_anon_WITH_AES_128_CBC_SHA:
+ return "TLS_DH_anon_WITH_AES_128_CBC_SHA";
+ case TLS_RSA_WITH_AES_256_CBC_SHA:
+ return "TLS_RSA_WITH_AES_256_CBC_SHA";
+ case TLS_DH_DSS_WITH_AES_256_CBC_SHA:
+ return "TLS_DH_DSS_WITH_AES_256_CBC_SHA";
+ case TLS_DH_RSA_WITH_AES_256_CBC_SHA:
+ return "TLS_DH_RSA_WITH_AES_256_CBC_SHA";
+ case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
+ return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA";
+ case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
+ return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA";
+ case TLS_DH_anon_WITH_AES_256_CBC_SHA:
+ return "TLS_DH_anon_WITH_AES_256_CBC_SHA";
+
+ /* ECDSA */
+ case TLS_ECDH_ECDSA_WITH_NULL_SHA:
+ return "TLS_ECDH_ECDSA_WITH_NULL_SHA";
+ case TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
+ return "TLS_ECDH_ECDSA_WITH_RC4_128_SHA";
+ case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
+ return "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA";
+ case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
+ return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA";
+ case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
+ return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA";
+ case TLS_ECDHE_ECDSA_WITH_NULL_SHA:
+ return "TLS_ECDHE_ECDSA_WITH_NULL_SHA";
+ case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+ return "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA";
+ case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
+ return "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA";
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+ return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA";
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+ return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
+ case TLS_ECDH_RSA_WITH_NULL_SHA:
+ return "TLS_ECDH_RSA_WITH_NULL_SHA";
+ case TLS_ECDH_RSA_WITH_RC4_128_SHA:
+ return "TLS_ECDH_RSA_WITH_RC4_128_SHA";
+ case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+ return "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA";
+ case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
+ return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA";
+ case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
+ return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA";
+ case TLS_ECDHE_RSA_WITH_NULL_SHA:
+ return "TLS_ECDHE_RSA_WITH_NULL_SHA";
+ case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+ return "TLS_ECDHE_RSA_WITH_RC4_128_SHA";
+ case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+ return "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA";
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+ return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA";
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+ return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA";
+ case TLS_ECDH_anon_WITH_NULL_SHA:
+ return "TLS_ECDH_anon_WITH_NULL_SHA";
+ case TLS_ECDH_anon_WITH_RC4_128_SHA:
+ return "TLS_ECDH_anon_WITH_RC4_128_SHA";
+ case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
+ return "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA";
+ case TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
+ return "TLS_ECDH_anon_WITH_AES_128_CBC_SHA";
+ case TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
+ return "TLS_ECDH_anon_WITH_AES_256_CBC_SHA";
+
+ default:
+ sprintf(noSuite, "Unknown (%d)", (unsigned)cs);
+ return noSuite;
+ }
+}
+
+/*
+ * Given a SSLProtocolVersion - typically from SSLGetProtocolVersion -
+ * return a string representation.
+ */
+const char *sslGetProtocolVersionString(SSLProtocol prot)
+{
+ static char noProt[20];
+
+ switch(prot) {
+ case kSSLProtocolUnknown:
+ return "kSSLProtocolUnknown";
+ case kSSLProtocol2:
+ return "kSSLProtocol2";
+ case kSSLProtocol3:
+ return "kSSLProtocol3";
+ case kSSLProtocol3Only:
+ return "kSSLProtocol3Only";
+ case kTLSProtocol1:
+ return "kTLSProtocol1";
+ case kTLSProtocol1Only:
+ return "kTLSProtocol1Only";
+ default:
+ sprintf(noProt, "Unknown (%d)", (unsigned)prot);
+ return noProt;
+ }
+}
+
+/*
+ * Return string representation of SecureTransport-related OSStatus.
+ */
+const char *sslGetSSLErrString(OSStatus err)
+{
+ static char noErrStr[20];
+
+ switch(err) {
+ case noErr:
+ return "noErr";
+ case memFullErr:
+ return "memFullErr";
+ case paramErr:
+ return "paramErr";
+ case unimpErr:
+ return "unimpErr";
+ case ioErr:
+ return "ioErr";
+ case badReqErr:
+ return "badReqErr";
+ case errSSLProtocol:
+ return "errSSLProtocol";
+ case errSSLNegotiation:
+ return "errSSLNegotiation";
+ case errSSLFatalAlert:
+ return "errSSLFatalAlert";
+ case errSSLWouldBlock:
+ return "errSSLWouldBlock";
+ case errSSLSessionNotFound:
+ return "errSSLSessionNotFound";
+ case errSSLClosedGraceful:
+ return "errSSLClosedGraceful";
+ case errSSLClosedAbort:
+ return "errSSLClosedAbort";
+ case errSSLXCertChainInvalid:
+ return "errSSLXCertChainInvalid";
+ case errSSLBadCert:
+ return "errSSLBadCert";
+ case errSSLCrypto:
+ return "errSSLCrypto";
+ case errSSLInternal:
+ return "errSSLInternal";
+ case errSSLModuleAttach:
+ return "errSSLModuleAttach";
+ case errSSLUnknownRootCert:
+ return "errSSLUnknownRootCert";
+ case errSSLNoRootCert:
+ return "errSSLNoRootCert";
+ case errSSLCertExpired:
+ return "errSSLCertExpired";
+ case errSSLCertNotYetValid:
+ return "errSSLCertNotYetValid";
+ case errSSLClosedNoNotify:
+ return "errSSLClosedNoNotify";
+ case errSSLBufferOverflow:
+ return "errSSLBufferOverflow";
+ case errSSLBadCipherSuite:
+ return "errSSLBadCipherSuite";
+ /* TLS/Panther addenda */
+ case errSSLPeerUnexpectedMsg:
+ return "errSSLPeerUnexpectedMsg";
+ case errSSLPeerBadRecordMac:
+ return "errSSLPeerBadRecordMac";
+ case errSSLPeerDecryptionFail:
+ return "errSSLPeerDecryptionFail";
+ case errSSLPeerRecordOverflow:
+ return "errSSLPeerRecordOverflow";
+ case errSSLPeerDecompressFail:
+ return "errSSLPeerDecompressFail";
+ case errSSLPeerHandshakeFail:
+ return "errSSLPeerHandshakeFail";
+ case errSSLPeerBadCert:
+ return "errSSLPeerBadCert";
+ case errSSLPeerUnsupportedCert:
+ return "errSSLPeerUnsupportedCert";
+ case errSSLPeerCertRevoked:
+ return "errSSLPeerCertRevoked";
+ case errSSLPeerCertExpired:
+ return "errSSLPeerCertExpired";
+ case errSSLPeerCertUnknown:
+ return "errSSLPeerCertUnknown";
+ case errSSLIllegalParam:
+ return "errSSLIllegalParam";
+ case errSSLPeerUnknownCA:
+ return "errSSLPeerUnknownCA";
+ case errSSLPeerAccessDenied:
+ return "errSSLPeerAccessDenied";
+ case errSSLPeerDecodeError:
+ return "errSSLPeerDecodeError";
+ case errSSLPeerDecryptError:
+ return "errSSLPeerDecryptError";
+ case errSSLPeerExportRestriction:
+ return "errSSLPeerExportRestriction";
+ case errSSLPeerProtocolVersion:
+ return "errSSLPeerProtocolVersion";
+ case errSSLPeerInsufficientSecurity:
+ return "errSSLPeerInsufficientSecurity";
+ case errSSLPeerInternalError:
+ return "errSSLPeerInternalError";
+ case errSSLPeerUserCancelled:
+ return "errSSLPeerUserCancelled";
+ case errSSLPeerNoRenegotiation:
+ return "errSSLPeerNoRenegotiation";
+ case errSSLHostNameMismatch:
+ return "errSSLHostNameMismatch";
+ case errSSLConnectionRefused:
+ return "errSSLConnectionRefused";
+ case errSSLDecryptionFail:
+ return "errSSLDecryptionFail";
+ case errSSLBadRecordMac:
+ return "errSSLBadRecordMac";
+ case errSSLRecordOverflow:
+ return "errSSLRecordOverflow";
+ case errSSLBadConfiguration:
+ return "errSSLBadConfiguration";
+
+ /* some from the Sec layer */
+ case errSecNotAvailable: return "errSecNotAvailable";
+ case errSecReadOnly: return "errSecReadOnly";
+ case errSecAuthFailed: return "errSecAuthFailed";
+ case errSecNoSuchKeychain: return "errSecNoSuchKeychain";
+ case errSecInvalidKeychain: return "errSecInvalidKeychain";
+ case errSecDuplicateItem: return "errSecDuplicateItem";
+ case errSecItemNotFound: return "errSecItemNotFound";
+ case errSecNoSuchAttr: return "errSecNoSuchAttr";
+ case errSecInvalidItemRef: return "errSecInvalidItemRef";
+ case errSecInvalidSearchRef: return "errSecInvalidSearchRef";
+ case errSecNoSuchClass: return "errSecNoSuchClass";
+ case errSecNoDefaultKeychain: return "errSecNoDefaultKeychain";
+ case errSecWrongSecVersion: return "errSecWrongSecVersion";
+ case errSessionInvalidId: return "errSessionInvalidId";
+ case errSessionInvalidAttributes: return "errSessionInvalidAttributes";
+ case errSessionAuthorizationDenied: return "errSessionAuthorizationDenied";
+ case errSessionInternal: return "errSessionInternal";
+ case errSessionInvalidFlags: return "errSessionInvalidFlags";
+ case errSecInvalidTrustSettings: return "errSecInvalidTrustSettings";
+ case errSecNoTrustSettings: return "errSecNoTrustSettings";
+
+ default:
+ if(err < (CSSM_BASE_ERROR +
+ (CSSM_ERRORCODE_MODULE_EXTENT * 8))) {
+ /* assume CSSM error */
+ return cssmErrToStr(err);
+ }
+ else {
+ sprintf(noErrStr, "Unknown (%d)", (unsigned)err);
+ return noErrStr;
+ }
+ }
+}
+
+void printSslErrStr(
+ const char *op,
+ OSStatus err)
+{
+ printf("*** %s: %s\n", op, sslGetSSLErrString(err));
+}
+
+const char *sslGetClientCertStateString(SSLClientCertificateState state)
+{
+ static char noState[20];
+
+ switch(state) {
+ case kSSLClientCertNone:
+ return "ClientCertNone";
+ case kSSLClientCertRequested:
+ return "CertRequested";
+ case kSSLClientCertSent:
+ return "ClientCertSent";
+ case kSSLClientCertRejected:
+ return "ClientCertRejected";
+ default:
+ sprintf(noState, "Unknown (%d)", (unsigned)state);
+ return noState;
+ }
+
+}
+
+const char *sslGetClientAuthTypeString(SSLClientAuthenticationType authType)
+{
+ static char noType[20];
+
+ switch(authType) {
+ case SSLClientAuthNone:
+ return "None";
+ case SSLClientAuth_RSASign:
+ return "RSASign";
+ case SSLClientAuth_DSSSign:
+ return "DSSSign";
+ case SSLClientAuth_RSAFixedDH:
+ return "RSAFixedDH";
+ case SSLClientAuth_DSS_FixedDH:
+ return "DSS_FixedDH";
+ case SSLClientAuth_ECDSASign:
+ return "ECDSASign";
+ case SSLClientAuth_RSAFixedECDH:
+ return "RSAFixedECDH";
+ case SSLClientAuth_ECDSAFixedECDH:
+ return "ECDSAFixedECDH";
+ default:
+ sprintf(noType, "Unknown (%d)", (unsigned)authType);
+ return noType;
+ }
+}
+
+/*
+ * Convert a keychain name (which may be NULL) into the CFArrayRef required
+ * by SSLSetCertificate. This is a bare-bones example of this operation,
+ * since it requires and assumes that there is exactly one SecIdentity
+ * in the keychain - i.e., there is exactly one matching cert/private key
+ * pair. A real world server would probably search a keychain for a SecIdentity
+ * matching some specific criteria.
+ */
+CFArrayRef getSslCerts(
+ const char *kcName, // may be NULL, i.e., use default
+ CSSM_BOOL encryptOnly,
+ CSSM_BOOL completeCertChain,
+ const char *anchorFile, // optional trusted anchor
+ SecKeychainRef *pKcRef) // RETURNED
+{
+ SecKeychainRef kcRef = nil;
+ OSStatus ortn;
+
+ *pKcRef = nil;
+
+ /* pick a keychain */
+ if(kcName) {
+ ortn = SecKeychainOpen(kcName, &kcRef);
+ if(ortn) {
+ printf("SecKeychainOpen returned %d.\n", (int)ortn);
+ printf("Cannot open keychain at %s. Aborting.\n", kcName);
+ return NULL;
+ }
+ }
+ else {
+ /* use default keychain */
+ ortn = SecKeychainCopyDefault(&kcRef);
+ if(ortn) {
+ printf("SecKeychainCopyDefault returned %d; aborting.\n", (int)ortn);
+ return nil;
+ }
+ }
+ *pKcRef = kcRef;
+ return sslKcRefToCertArray(kcRef, encryptOnly, completeCertChain,
+ NULL, // SSL policy
+ anchorFile);
+}
+
+/*
+ * Determine if specified SecCertificateRef is a self-signed cert.
+ * We do this by comparing the subject and issuerr names; no cryptographic
+ * verification is performed.
+ *
+ * Returns true if the cert appears to be a root.
+ */
+static bool isCertRefRoot(
+ SecCertificateRef certRef)
+{
+ /* just search for the two attrs we want */
+ UInt32 tags[2] = {kSecSubjectItemAttr, kSecIssuerItemAttr};
+ SecKeychainAttributeInfo attrInfo;
+ attrInfo.count = 2;
+ attrInfo.tag = tags;
+ attrInfo.format = NULL;
+ SecKeychainAttributeList *attrList = NULL;
+ SecKeychainAttribute *attr1 = NULL;
+ SecKeychainAttribute *attr2 = NULL;
+ bool brtn = false;
+
+ OSStatus ortn = SecKeychainItemCopyAttributesAndData(
+ (SecKeychainItemRef)certRef,
+ &attrInfo,
+ NULL, // itemClass
+ &attrList,
+ NULL, // length - don't need the data
+ NULL); // outData
+ if(ortn) {
+ cssmPerror("SecKeychainItemCopyAttributesAndData", ortn);
+ /* may want to be a bit more robust here, but this should
+ * never happen */
+ return false;
+ }
+ /* subsequent errors to errOut: */
+
+ if((attrList == NULL) || (attrList->count != 2)) {
+ printf("***Unexpected result fetching label attr\n");
+ goto errOut;
+ }
+
+ /* rootness is just byte-for-byte compare of the two names */
+ attr1 = &attrList->attr[0];
+ attr2 = &attrList->attr[1];
+ if(attr1->length == attr2->length) {
+ if(memcmp(attr1->data, attr2->data, attr1->length) == 0) {
+ brtn = true;
+ }
+ }
+errOut:
+ SecKeychainItemFreeAttributesAndData(attrList, NULL);
+ return brtn;
+}
+
+
+/*
+ * Given a SecIdentityRef, do our best to construct a complete, ordered, and
+ * verified cert chain, returning the result in a CFArrayRef. The result is
+ * suitable for use when calling SSLSetCertificate().
+ */
+OSStatus sslCompleteCertChain(
+ SecIdentityRef identity,
+ SecCertificateRef trustedAnchor, // optional additional trusted anchor
+ bool includeRoot, // include the root in outArray
+ const CSSM_OID *vfyPolicy, // optional - if NULL, use SSL
+ CFArrayRef *outArray) // created and RETURNED
+{
+ CFMutableArrayRef certArray;
+ SecTrustRef secTrust = NULL;
+ SecPolicyRef policy = NULL;
+ SecPolicySearchRef policySearch = NULL;
+ SecTrustResultType secTrustResult;
+ CSSM_TP_APPLE_EVIDENCE_INFO *dummyEv; // not used
+ CFArrayRef certChain = NULL; // constructed chain
+ CFIndex numResCerts;
+
+ certArray = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
+ CFArrayAppendValue(certArray, identity);
+
+ /*
+ * Case 1: identity is a root; we're done. Note that this case
+ * overrides the includeRoot argument.
+ */
+ SecCertificateRef certRef;
+ OSStatus ortn = SecIdentityCopyCertificate(identity, &certRef);
+ if(ortn) {
+ /* should never happen */
+ cssmPerror("SecIdentityCopyCertificate", ortn);
+ return ortn;
+ }
+ bool isRoot = isCertRefRoot(certRef);
+ if(isRoot) {
+ *outArray = certArray;
+ CFRelease(certRef);
+ return noErr;
+ }
+
+ /*
+ * Now use SecTrust to get a complete cert chain, using all of the
+ * user's keychains to look for intermediate certs.
+ * NOTE this does NOT handle root certs which are not in the system
+ * root cert DB. (The above case, where the identity is a root cert, does.)
+ */
+ CFMutableArrayRef subjCerts = CFArrayCreateMutable(NULL, 1, &kCFTypeArrayCallBacks);
+ CFArraySetValueAtIndex(subjCerts, 0, certRef);
+
+ /* the array owns the subject cert ref now */
+ CFRelease(certRef);
+
+ /* Get a SecPolicyRef for SSL cert chain verification */
+ ortn = SecPolicySearchCreate(CSSM_CERT_X_509v3,
+ vfyPolicy ? vfyPolicy : &CSSMOID_APPLE_TP_SSL,
+ NULL, // value
+ &policySearch);
+ if(ortn) {
+ cssmPerror("SecPolicySearchCreate", ortn);
+ goto errOut;
+ }
+ ortn = SecPolicySearchCopyNext(policySearch, &policy);
+ if(ortn) {
+ cssmPerror("SecPolicySearchCopyNext", ortn);
+ goto errOut;
+ }
+
+ /* build a SecTrustRef for specified policy and certs */
+ ortn = SecTrustCreateWithCertificates(subjCerts,
+ policy, &secTrust);
+ if(ortn) {
+ cssmPerror("SecTrustCreateWithCertificates", ortn);
+ goto errOut;
+ }
+
+ if(trustedAnchor) {
+ /*
+ * Tell SecTrust to trust this one in addition to the current
+ * trusted system-wide anchors.
+ */
+ CFMutableArrayRef newAnchors;
+ CFArrayRef currAnchors;
+
+ ortn = SecTrustCopyAnchorCertificates(&currAnchors);
+ if(ortn) {
+ /* should never happen */
+ cssmPerror("SecTrustCopyAnchorCertificates", ortn);
+ goto errOut;
+ }
+ newAnchors = CFArrayCreateMutableCopy(NULL,
+ CFArrayGetCount(currAnchors) + 1,
+ currAnchors);
+ CFRelease(currAnchors);
+ CFArrayAppendValue(newAnchors, trustedAnchor);
+ ortn = SecTrustSetAnchorCertificates(secTrust, newAnchors);
+ CFRelease(newAnchors);
+ if(ortn) {
+ cssmPerror("SecTrustSetAnchorCertificates", ortn);
+ goto errOut;
+ }
+ }
+ /* evaluate: GO */
+ ortn = SecTrustEvaluate(secTrust, &secTrustResult);
+ if(ortn) {
+ cssmPerror("SecTrustEvaluate", ortn);
+ goto errOut;
+ }
+ switch(secTrustResult) {
+ case kSecTrustResultUnspecified:
+ /* cert chain valid, no special UserTrust assignments */
+ case kSecTrustResultProceed:
+ /* cert chain valid AND user explicitly trusts this */
+ break;
+ default:
+ /*
+ * Cert chain construction failed.
+ * Just go with the single subject cert we were given.
+ */
+ printf("***Warning: could not construct completed cert chain\n");
+ ortn = noErr;
+ goto errOut;
+ }
+
+ /* get resulting constructed cert chain */
+ ortn = SecTrustGetResult(secTrust, &secTrustResult, &certChain, &dummyEv);
+ if(ortn) {
+ cssmPerror("SecTrustEvaluate", ortn);
+ goto errOut;
+ }
+
+ /*
+ * Copy certs from constructed chain to our result array, skipping
+ * the leaf (which is already there, as a SecIdentityRef) and possibly
+ * a root.
+ */
+ numResCerts = CFArrayGetCount(certChain);
+ if(numResCerts < 2) {
+ /*
+ * Can't happen: if subject was a root, we'd already have returned.
+ * If chain doesn't verify to a root, we'd have bailed after
+ * SecTrustEvaluate().
+ */
+ printf("***sslCompleteCertChain screwup: numResCerts %d\n",
+ (int)numResCerts);
+ ortn = noErr;
+ goto errOut;
+ }
+ if(!includeRoot) {
+ /* skip the last (root) cert) */
+ numResCerts--;
+ }
+ for(CFIndex dex=1; dex<numResCerts; dex++) {
+ certRef = (SecCertificateRef)CFArrayGetValueAtIndex(certChain, dex);
+ CFArrayAppendValue(certArray, certRef);
+ }
+errOut:
+ /* clean up */
+ if(secTrust) {
+ CFRelease(secTrust);
+ }
+ if(subjCerts) {
+ CFRelease(subjCerts);
+ }
+ if(policy) {
+ CFRelease(policy);
+ }
+ if(policySearch) {
+ CFRelease(policySearch);
+ }
+ *outArray = certArray;
+ return ortn;
+}
+
+
+/*
+ * Given an open keychain, find a SecIdentityRef and munge it into
+ * a CFArrayRef required by SSLSetCertificate().
+ */
+CFArrayRef sslKcRefToCertArray(
+ SecKeychainRef kcRef,
+ CSSM_BOOL encryptOnly,
+ CSSM_BOOL completeCertChain,
+ const CSSM_OID *vfyPolicy, // optional - if NULL, use SSL policy to complete
+ const char *trustedAnchorFile)
+{
+ /* quick check to make sure the keychain exists */
+ SecKeychainStatus kcStat;
+ OSStatus ortn = SecKeychainGetStatus(kcRef, &kcStat);
+ if(ortn) {
+ printSslErrStr("SecKeychainGetStatus", ortn);
+ printf("Can not open keychain. Aborting.\n");
+ return nil;
+ }
+
+ /*
+ * Search for "any" identity matching specified key use;
+ * in this app, we expect there to be exactly one.
+ */
+ SecIdentitySearchRef srchRef = nil;
+ ortn = SecIdentitySearchCreate(kcRef,
+ encryptOnly ? CSSM_KEYUSE_DECRYPT : CSSM_KEYUSE_SIGN,
+ &srchRef);
+ if(ortn) {
+ printf("SecIdentitySearchCreate returned %d.\n", (int)ortn);
+ printf("Cannot find signing key in keychain. Aborting.\n");
+ return nil;
+ }
+ SecIdentityRef identity = nil;
+ ortn = SecIdentitySearchCopyNext(srchRef, &identity);
+ if(ortn) {
+ printf("SecIdentitySearchCopyNext returned %d.\n", (int)ortn);
+ printf("Cannot find signing key in keychain. Aborting.\n");
+ return nil;
+ }
+ if(CFGetTypeID(identity) != SecIdentityGetTypeID()) {
+ printf("SecIdentitySearchCopyNext CFTypeID failure!\n");
+ return nil;
+ }
+
+ /*
+ * Found one.
+ */
+ if(completeCertChain) {
+ /*
+ * Place it and the other certs needed to verify it -
+ * up to but not including the root - in a CFArray.
+ */
+ SecCertificateRef anchorCert = NULL;
+ if(trustedAnchorFile) {
+ ortn = sslReadAnchor(trustedAnchorFile, &anchorCert);
+ if(ortn) {
+ printf("***Error reading anchor file\n");
+ }
+ }
+ CFArrayRef ca;
+ ortn = sslCompleteCertChain(identity, anchorCert, false, vfyPolicy, &ca);
+ if(anchorCert) {
+ CFRelease(anchorCert);
+ }
+ return ca;
+ }
+ else {
+ /* simple case, just this one identity */
+ CFArrayRef ca = CFArrayCreate(NULL,
+ (const void **)&identity,
+ 1,
+ NULL);
+ if(ca == nil) {
+ printf("CFArrayCreate error\n");
+ }
+ return ca;
+ }
+}
+
+OSStatus addTrustedSecCert(
+ SSLContextRef ctx,
+ SecCertificateRef secCert,
+ CSSM_BOOL replaceAnchors)
+{
+ OSStatus ortn;
+ CFMutableArrayRef array;
+
+ if(secCert == NULL) {
+ printf("***addTrustedSecCert screwup\n");
+ return paramErr;
+ }
+ array = CFArrayCreateMutable(kCFAllocatorDefault,
+ (CFIndex)1, &kCFTypeArrayCallBacks);
+ if(array == NULL) {
+ return memFullErr;
+ }
+ CFArrayAppendValue(array, secCert);
+ ortn = SSLSetTrustedRoots(ctx, array, replaceAnchors ? true : false);
+ if(ortn) {
+ printSslErrStr("SSLSetTrustedRoots", ortn);
+ }
+ CFRelease(array);
+ return ortn;
+}
+
+OSStatus sslReadAnchor(
+ const char *anchorFile,
+ SecCertificateRef *certRef)
+{
+ OSStatus ortn;
+ SecCertificateRef secCert;
+ unsigned char *certData;
+ unsigned certLen;
+ CSSM_DATA cert;
+ int rtn;
+
+ rtn = cspReadFile(anchorFile, &certData, &certLen);
+ if(rtn) {
+ printf("cspReadFile(%s) returned %d\n", anchorFile, rtn);
+ return -1;
+ }
+ cert.Data = certData;
+ cert.Length = certLen;
+ ortn = SecCertificateCreateFromData(&cert,
+ CSSM_CERT_X_509v3,
+ CSSM_CERT_ENCODING_DER,
+ &secCert);
+ free(certData);
+ if(ortn) {
+ printf("***SecCertificateCreateFromData returned %d\n", (int)ortn);
+ return ortn;
+ }
+ *certRef = secCert;
+ return noErr;
+}
+
+OSStatus sslAddTrustedRoot(
+ SSLContextRef ctx,
+ const char *anchorFile,
+ CSSM_BOOL replaceAnchors)
+{
+ OSStatus ortn;
+ SecCertificateRef secCert;
+
+ ortn = sslReadAnchor(anchorFile, &secCert);
+ if(ortn) {
+ printf("***Error (%ld) reading %s. SSLSetTrustedRoots skipped.\n",
+ (long)ortn, anchorFile);
+ return ortn;
+ }
+ return addTrustedSecCert(ctx, secCert, replaceAnchors);
+}
+
+#if 0
+/* Per 3537606 this is no longer necessary */
+/*
+ * Assume incoming identity contains a root (e.g., created by
+ * certtool) and add that cert to ST's trusted anchors. This
+ * enables ST's verify of the incoming chain to succeed without
+ * a kludgy "AllowAnyRoot" specification.
+ */
+OSStatus addIdentityAsTrustedRoot(
+ SSLContextRef ctx,
+ CFArrayRef identArray)
+{
+ CFIndex numItems = CFArrayGetCount(identArray);
+ if(numItems == 0) {
+ printf("***addIdentityAsTrustedRoot: empty identArray\n");
+ return paramErr;
+ }
+
+ /* Root should be the last item - could be identity, could be cert */
+ CFTypeRef theItem = CFArrayGetValueAtIndex(identArray, numItems - 1);
+ if(CFGetTypeID(theItem) == SecIdentityGetTypeID()) {
+ /* identity */
+ SecCertificateRef certRef;
+ OSStatus ortn = SecIdentityCopyCertificate(
+ (SecIdentityRef)theItem, &certRef);
+ if(ortn) {
+ cssmPerror("SecIdentityCopyCertificate", ortn);
+ printf("***Error gettting cert from identity\n");
+ return ortn;
+ }
+ ortn = addTrustedSecCert(ctx, certRef, CSSM_FALSE);
+ CFRelease(certRef);
+ return ortn;
+ }
+ else if(CFGetTypeID(theItem) == SecCertificateGetTypeID()) {
+ /* certificate */
+ return addTrustedSecCert(ctx, (SecCertificateRef)theItem, CSSM_FALSE);
+ }
+ else {
+ printf("***Bogus item in identity array\n");
+ return paramErr;
+ }
+}
+#else
+OSStatus addIdentityAsTrustedRoot(
+ SSLContextRef ctx,
+ CFArrayRef identArray)
+{
+ return noErr;
+}
+#endif
+
+/*
+ * Lists of SSLCipherSuites used in sslSetCipherRestrictions. Note that the
+ * SecureTransport library does not implement all of these; we only specify
+ * the ones it claims to support.
+ */
+const SSLCipherSuite suites40[] = {
+ SSL_RSA_EXPORT_WITH_RC4_40_MD5,
+ SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
+ SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
+ SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesDES[] = {
+ SSL_RSA_WITH_DES_CBC_SHA,
+ SSL_DH_DSS_WITH_DES_CBC_SHA,
+ SSL_DH_RSA_WITH_DES_CBC_SHA,
+ SSL_DHE_DSS_WITH_DES_CBC_SHA,
+ SSL_DHE_RSA_WITH_DES_CBC_SHA,
+ SSL_DH_anon_WITH_DES_CBC_SHA,
+ SSL_RSA_WITH_DES_CBC_MD5,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesDES40[] = {
+ SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suites3DES[] = {
+ SSL_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
+ SSL_RSA_WITH_3DES_EDE_CBC_MD5,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesRC4[] = {
+ SSL_RSA_WITH_RC4_128_MD5,
+ SSL_RSA_WITH_RC4_128_SHA,
+ SSL_DH_anon_WITH_RC4_128_MD5,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesRC4_40[] = {
+ SSL_RSA_EXPORT_WITH_RC4_40_MD5,
+ SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesRC2[] = {
+ SSL_RSA_WITH_RC2_CBC_MD5,
+ SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesAES128[] = {
+ TLS_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DH_anon_WITH_AES_128_CBC_SHA
+};
+const SSLCipherSuite suitesAES256[] = {
+ TLS_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DH_anon_WITH_AES_256_CBC_SHA
+};
+const SSLCipherSuite suitesDH[] = {
+ SSL_DH_DSS_WITH_DES_CBC_SHA,
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_RSA_WITH_DES_CBC_SHA,
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_DSS_WITH_DES_CBC_SHA,
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_RSA_WITH_DES_CBC_SHA,
+ SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_anon_WITH_RC4_128_MD5,
+ SSL_DH_anon_WITH_DES_CBC_SHA,
+ SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
+ SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DH_anon_WITH_AES_128_CBC_SHA,
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DH_anon_WITH_AES_256_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesDHAnon[] = {
+ SSL_DH_anon_WITH_RC4_128_MD5,
+ SSL_DH_anon_WITH_DES_CBC_SHA,
+ SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
+ SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
+ TLS_DH_anon_WITH_AES_128_CBC_SHA,
+ TLS_DH_anon_WITH_AES_256_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesDH_RSA[] = {
+ SSL_DH_RSA_WITH_DES_CBC_SHA,
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DHE_RSA_WITH_DES_CBC_SHA,
+ SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suitesDH_DSS[] = {
+ SSL_DH_DSS_WITH_DES_CBC_SHA,
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_DHE_DSS_WITH_DES_CBC_SHA,
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suites_SHA1[] = {
+ SSL_RSA_WITH_RC4_128_SHA,
+ SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_RSA_WITH_IDEA_CBC_SHA,
+ SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_RSA_WITH_DES_CBC_SHA,
+ SSL_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_DSS_WITH_DES_CBC_SHA,
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_RSA_WITH_DES_CBC_SHA,
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_DSS_WITH_DES_CBC_SHA,
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DHE_RSA_WITH_DES_CBC_SHA,
+ SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
+ SSL_DH_anon_WITH_DES_CBC_SHA,
+ SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
+ SSL_FORTEZZA_DMS_WITH_NULL_SHA,
+ SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
+ TLS_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_DH_anon_WITH_AES_128_CBC_SHA,
+ TLS_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_DH_anon_WITH_AES_256_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suites_MD5[] = {
+ SSL_RSA_EXPORT_WITH_RC4_40_MD5,
+ SSL_RSA_WITH_RC4_128_MD5,
+ SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
+ SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
+ SSL_DH_anon_WITH_RC4_128_MD5,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+const SSLCipherSuite suites_NULL[] = {
+ SSL_RSA_WITH_NULL_MD5,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+
+const SSLCipherSuite suites_ECDHE[] = {
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+
+const SSLCipherSuite suites_ECDH[] = {
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
+ TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDH_RSA_WITH_RC4_128_SHA,
+ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_NO_SUCH_CIPHERSUITE
+};
+
+
+/*
+ * Given an SSLContextRef and an array of SSLCipherSuites, terminated by
+ * SSL_NO_SUCH_CIPHERSUITE, select those SSLCipherSuites which the library
+ * supports and do a SSLSetEnabledCiphers() specifying those.
+ */
+OSStatus sslSetEnabledCiphers(
+ SSLContextRef ctx,
+ const SSLCipherSuite *ciphers)
+{
+ size_t numSupported;
+ OSStatus ortn;
+ SSLCipherSuite *supported = NULL;
+ SSLCipherSuite *enabled = NULL;
+ unsigned enabledDex = 0; // index into enabled
+ unsigned supportedDex = 0; // index into supported
+ unsigned inDex = 0; // index into ciphers
+
+ /* first get all the supported ciphers */
+ ortn = SSLGetNumberSupportedCiphers(ctx, &numSupported);
+ if(ortn) {
+ printSslErrStr("SSLGetNumberSupportedCiphers", ortn);
+ return ortn;
+ }
+ supported = (SSLCipherSuite *)malloc(numSupported * sizeof(SSLCipherSuite));
+ ortn = SSLGetSupportedCiphers(ctx, supported, &numSupported);
+ if(ortn) {
+ printSslErrStr("SSLGetSupportedCiphers", ortn);
+ return ortn;
+ }
+
+ /*
+ * Malloc an array we'll use for SSLGetEnabledCiphers - this will be
+ * bigger than the number of suites we actually specify
+ */
+ enabled = (SSLCipherSuite *)malloc(numSupported * sizeof(SSLCipherSuite));
+
+ /*
+ * For each valid suite in ciphers, see if it's in the list of
+ * supported ciphers. If it is, add it to the list of ciphers to be
+ * enabled.
+ */
+ for(inDex=0; ciphers[inDex] != SSL_NO_SUCH_CIPHERSUITE; inDex++) {
+ for(supportedDex=0; supportedDex<numSupported; supportedDex++) {
+ if(ciphers[inDex] == supported[supportedDex]) {
+ enabled[enabledDex++] = ciphers[inDex];
+ break;
+ }
+ }
+ }
+
+ /* send it on down. */
+ ortn = SSLSetEnabledCiphers(ctx, enabled, enabledDex);
+ if(ortn) {
+ printSslErrStr("SSLSetEnabledCiphers", ortn);
+ }
+ free(enabled);
+ free(supported);
+ return ortn;
+}
+
+/*
+ * Specify a restricted set of cipherspecs.
+ */
+OSStatus sslSetCipherRestrictions(
+ SSLContextRef ctx,
+ char cipherRestrict)
+{
+ OSStatus ortn;
+
+ if(cipherRestrict == '\0') {
+ return noErr; // actually should not have been called
+ }
+ switch(cipherRestrict) {
+ case 'e':
+ ortn = sslSetEnabledCiphers(ctx, suites40);
+ break;
+ case 'd':
+ ortn = sslSetEnabledCiphers(ctx, suitesDES);
+ break;
+ case 'D':
+ ortn = sslSetEnabledCiphers(ctx, suitesDES40);
+ break;
+ case '3':
+ ortn = sslSetEnabledCiphers(ctx, suites3DES);
+ break;
+ case '4':
+ ortn = sslSetEnabledCiphers(ctx, suitesRC4);
+ break;
+ case '$':
+ ortn = sslSetEnabledCiphers(ctx, suitesRC4_40);
+ break;
+ case '2':
+ ortn = sslSetEnabledCiphers(ctx, suitesRC2);
+ break;
+ case 'a':
+ ortn = sslSetEnabledCiphers(ctx, suitesAES128);
+ break;
+ case 'A':
+ ortn = sslSetEnabledCiphers(ctx, suitesAES256);
+ break;
+ case 'h':
+ ortn = sslSetEnabledCiphers(ctx, suitesDH);
+ break;
+ case 'H':
+ ortn = sslSetEnabledCiphers(ctx, suitesDHAnon);
+ break;
+ case 'r':
+ ortn = sslSetEnabledCiphers(ctx, suitesDH_RSA);
+ break;
+ case 's':
+ ortn = sslSetEnabledCiphers(ctx, suitesDH_DSS);
+ break;
+ case 'n':
+ ortn = sslSetEnabledCiphers(ctx, suites_NULL);
+ break;
+ case 'E':
+ ortn = sslSetEnabledCiphers(ctx, suites_ECDHE);
+ break;
+ case 'F':
+ ortn = sslSetEnabledCiphers(ctx, suites_ECDH);
+ break;
+ default:
+ printf("***bad cipherSpec***\n");
+ exit(1);
+ }
+ return ortn;
+}
+
+int sslVerifyClientCertState(
+ const char *whichSide, // "client" or "server"
+ SSLClientCertificateState expectState,
+ SSLClientCertificateState gotState)
+{
+ if(expectState == SSL_CLIENT_CERT_IGNORE) {
+ /* app says "don't bother checking" */
+ return 0;
+ }
+ if(expectState == gotState) {
+ return 0;
+ }
+ printf("***%s: Expected clientCertState %s; got %s\n", whichSide,
+ sslGetClientCertStateString(expectState),
+ sslGetClientCertStateString(gotState));
+ return 1;
+}
+
+int sslVerifyRtn(
+ const char *whichSide, // "client" or "server"
+ OSStatus expectRtn,
+ OSStatus gotRtn)
+{
+ if(expectRtn == gotRtn) {
+ return 0;
+ }
+ printf("***%s: Expected return %s; got %s\n", whichSide,
+ sslGetSSLErrString(expectRtn),
+ sslGetSSLErrString(gotRtn));
+ return 1;
+}
+
+int sslVerifyProtVers(
+ const char *whichSide, // "client" or "server"
+ SSLProtocol expectProt,
+ SSLProtocol gotProt)
+{
+ if(expectProt == SSL_PROTOCOL_IGNORE) {
+ /* app says "don't bopther checking" */
+ return 0;
+ }
+ if(expectProt == gotProt) {
+ return 0;
+ }
+ printf("***%s: Expected return %s; got %s\n", whichSide,
+ sslGetProtocolVersionString(expectProt),
+ sslGetProtocolVersionString(gotProt));
+ return 1;
+}
+
+int sslVerifyCipher(
+ const char *whichSide, // "client" or "server"
+ SSLCipherSuite expectCipher,
+ SSLCipherSuite gotCipher)
+{
+ if(expectCipher == SSL_CIPHER_IGNORE) {
+ /* app says "don't bopther checking" */
+ return 0;
+ }
+ if(expectCipher == gotCipher) {
+ return 0;
+ }
+ printf("***%s: Expected return %s; got %s\n", whichSide,
+ sslGetCipherSuiteString(expectCipher),
+ sslGetCipherSuiteString(gotCipher));
+ return 1;
+}
+
+
+OSStatus sslSetProtocols(
+ SSLContextRef ctx,
+ const char *acceptedProts,
+ SSLProtocol tryVersion) // only used if acceptedProts NULL
+{
+ OSStatus ortn;
+
+ if(acceptedProts) {
+ ortn = SSLSetProtocolVersionEnabled(ctx, kSSLProtocolAll, false);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersionEnabled(all off)", ortn);
+ return ortn;
+ }
+ for(const char *cp = acceptedProts; *cp; cp++) {
+ SSLProtocol prot;
+ switch(*cp) {
+ case '2':
+ prot = kSSLProtocol2;
+ break;
+ case '3':
+ prot = kSSLProtocol3;
+ break;
+ case 't':
+ prot = kTLSProtocol1;
+ break;
+ default:
+ printf("***BRRZAP! Bad acceptedProts string %s. Aborting.\n", acceptedProts);
+ exit(1);
+ }
+ ortn = SSLSetProtocolVersionEnabled(ctx, prot, true);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersionEnabled", ortn);
+ return ortn;
+ }
+ }
+ }
+ else {
+ ortn = SSLSetProtocolVersion(ctx, tryVersion);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersion", ortn);
+ return ortn;
+ }
+ }
+ return noErr;
+}
+
+void sslShowResult(
+ const char *whichSide, // "client" or "server"
+ SslAppTestParams *params)
+{
+ printf("%s status:\n", whichSide);
+ if(params->acceptedProts) {
+ printf(" Allowed SSL versions : %s\n", params->acceptedProts);
+ }
+ else {
+ printf(" Attempted SSL version : %s\n",
+ sslGetProtocolVersionString(params->tryVersion));
+ }
+ printf(" Result : %s\n", sslGetSSLErrString(params->ortn));
+ printf(" Negotiated SSL version : %s\n",
+ sslGetProtocolVersionString(params->negVersion));
+ printf(" Negotiated CipherSuite : %s\n",
+ sslGetCipherSuiteString(params->negCipher));
+ if(params->certState != kSSLClientCertNone) {
+ printf(" Client Cert State : %s\n",
+ sslGetClientCertStateString(params->certState));
+ }
+}
+
+/* print a '.' every few seconds to keep UI alive while connecting */
+static CFAbsoluteTime lastTime = (CFAbsoluteTime)0.0;
+#define TIME_INTERVAL 3.0
+
+void sslOutputDot()
+{
+ CFAbsoluteTime thisTime = CFAbsoluteTimeGetCurrent();
+
+ if(lastTime == 0.0) {
+ /* avoid printing first time thru */
+ lastTime = thisTime;
+ return;
+ }
+ if((thisTime - lastTime) >= TIME_INTERVAL) {
+ printf("."); fflush(stdout);
+ lastTime = thisTime;
+ }
+}
+
+/* main server pthread body */
+static void *sslServerThread(void *arg)
+{
+ SslAppTestParams *testParams = (SslAppTestParams *)arg;
+ OSStatus status;
+
+ status = sslAppServe(testParams);
+ pthread_exit((void*)status);
+ /* NOT REACHED */
+ return (void *)status;
+}
+
+/*
+ * Run one session, with the server in a separate thread.
+ * On entry, serverParams->port is the port we attempt to run on;
+ * the server thread may overwrite that with a different port if it's
+ * unable to open the port we specify. Whatever is left in
+ * serverParams->port is what's used for the client side.
+ */
+#define CLIENT_WAIT_SECONDS 1
+int sslRunSession(
+ SslAppTestParams*serverParams,
+ SslAppTestParams *clientParams,
+ const char *testDesc)
+{
+ pthread_t serverPthread;
+ OSStatus clientRtn;
+ void *serverRtn;
+
+ if(testDesc && !clientParams->quiet) {
+ printf("===== %s =====\n", testDesc);
+ }
+
+ /*
+ * Workaround for Radar 4619502: resolve references to Security.framework
+ * here, in main thread, before we fork off the server thread.
+ */
+ SecKeychainRef defaultKc = NULL;
+ SecKeychainCopyDefault(&defaultKc);
+ /* end workaround */
+
+ if(pthread_mutex_init(&serverParams->pthreadMutex, NULL)) {
+ printf("***Error initializing mutex; aborting.\n");
+ return -1;
+ }
+ if(pthread_cond_init(&serverParams->pthreadCond, NULL)) {
+ printf("***Error initializing pthreadCond; aborting.\n");
+ return -1;
+ }
+ serverParams->serverReady = false; // server sets true
+
+ int result = pthread_create(&serverPthread, NULL,
+ sslServerThread, serverParams);
+ if(result) {
+ printf("***Error starting up server thread; aborting.\n");
+ return result;
+ }
+
+ /* wait for server to set up a socket we can connect to */
+ if(pthread_mutex_lock(&serverParams->pthreadMutex)) {
+ printf("***Error acquiring server lock; aborting.\n");
+ return -1;
+ }
+ while(!serverParams->serverReady) {
+ if(pthread_cond_wait(&serverParams->pthreadCond, &serverParams->pthreadMutex)) {
+ printf("***Error waiting server thread; aborting.\n");
+ return -1;
+ }
+ }
+ pthread_mutex_unlock(&serverParams->pthreadMutex);
+ pthread_cond_destroy(&serverParams->pthreadCond);
+ pthread_mutex_destroy(&serverParams->pthreadMutex);
+
+ clientParams->port = serverParams->port;
+ clientRtn = sslAppClient(clientParams);
+ /* server doesn't shut down its socket until it sees this */
+ serverParams->clientDone = 1;
+ result = pthread_join(serverPthread, &serverRtn);
+ if(result) {
+ printf("***pthread_join returned %d, aborting\n", result);
+ return result;
+ }
+
+ if(serverParams->verbose) {
+ sslShowResult("server", serverParams);
+ }
+ if(clientParams->verbose) {
+ sslShowResult("client", clientParams);
+ }
+
+ /* verify results */
+ int ourRtn = 0;
+ ourRtn += sslVerifyRtn("server", serverParams->expectRtn, serverParams->ortn);
+ ourRtn += sslVerifyRtn("client", clientParams->expectRtn, clientParams->ortn);
+ ourRtn += sslVerifyProtVers("server", serverParams->expectVersion,
+ serverParams->negVersion);
+ ourRtn += sslVerifyProtVers("client", clientParams->expectVersion,
+ clientParams->negVersion);
+ ourRtn += sslVerifyClientCertState("server", serverParams->expectCertState,
+ serverParams->certState);
+ ourRtn += sslVerifyClientCertState("client", clientParams->expectCertState,
+ clientParams->certState);
+ if(serverParams->ortn == noErr) {
+ ourRtn += sslVerifyCipher("server", serverParams->expectCipher,
+ serverParams->negCipher);
+ }
+ if(clientParams->ortn == noErr) {
+ ourRtn += sslVerifyCipher("client", clientParams->expectCipher,
+ clientParams->negCipher);
+ }
+
+ if(defaultKc) {
+ /* for workaround for Radar 4619502 */
+ CFRelease(defaultKc);
+ }
+ return ourRtn;
+}
+
+/*
+ * Add all of the roots in a given KC to SSL ctx's trusted anchors.
+ */
+OSStatus sslAddTrustedRoots(
+ SSLContextRef ctx,
+ SecKeychainRef keychain,
+ bool *foundOne) // RETURNED, true if we found
+ // at least one root cert
+{
+ OSStatus ortn;
+ SecCertificateRef secCert;
+ SecKeychainSearchRef srch;
+
+ *foundOne = false;
+ ortn = SecKeychainSearchCreateFromAttributes(keychain,
+ kSecCertificateItemClass,
+ NULL, // any attrs
+ &srch);
+ if(ortn) {
+ printSslErrStr("SecKeychainSearchCreateFromAttributes", ortn);
+ return ortn;
+ }
+
+ /*
+ * Only use root certs. Not an error if we don't find any.
+ */
+ do {
+ ortn = SecKeychainSearchCopyNext(srch,
+ (SecKeychainItemRef *)&secCert);
+ if(ortn) {
+ break;
+ }
+
+ /* see if it's a root */
+ if(!isCertRefRoot(secCert)) {
+ continue;
+ }
+
+ /* Tell Secure Transport to trust this one. */
+ ortn = addTrustedSecCert(ctx, secCert, false);
+ if(ortn) {
+ /* fatal */
+ printSslErrStr("addTrustedSecCert", ortn);
+ return ortn;
+ }
+ CFRelease(secCert);
+ *foundOne = true;
+ } while(ortn == noErr);
+ CFRelease(srch);
+ return noErr;
+}
+
+/*
+ * Wrapper for sslIdentPicker, with optional trusted anchor specified as a filename.
+ */
+OSStatus sslIdentityPicker(
+ SecKeychainRef kcRef, // NULL means use default list
+ const char *trustedAnchor, // optional additional trusted anchor
+ bool includeRoot, // true --> root is appended to outArray
+ // false --> root not included
+ const CSSM_OID *vfyPolicy, // optional - if NULL, use SSL
+ CFArrayRef *outArray) // created and RETURNED
+{
+ SecCertificateRef trustedCert = NULL;
+ OSStatus ortn;
+
+ if(trustedAnchor) {
+ ortn = sslReadAnchor(trustedAnchor, &trustedCert);
+ if(ortn) {
+ printf("***Error reading %s. sslIdentityPicker proceeding with no anchor.\n",
+ trustedAnchor);
+ trustedCert = NULL;
+ }
+ }
+ ortn = sslIdentPicker(kcRef, trustedCert, includeRoot, vfyPolicy, outArray);
+ if(trustedCert) {
+ CFRelease(trustedCert);
+ }
+ return ortn;
+}
+
+/*
+ * Given a keychain name, convert it into a full path using the "SSL regression
+ * test suite algorithm". The Sec layer by default locates root root's keychains
+ * in different places depending on whether we're actually logged in as root
+ * or running via e.g. cron, so we force the location of root keychains to
+ * a hard-coded path. User keychain names we leave alone.
+ * This has to be kept in sync with the sslKcSetup script fragment in
+ * sslScripts.
+ */
+void sslKeychainPath(
+ const char *kcName,
+ char *kcPath) // allocd by caller, MAXPATHLEN
+{
+ if(kcName[0] == '\0') {
+ kcPath[0] = '\0';
+ }
+ else if(geteuid() == 0) {
+ /* root */
+ const char *buildDir = getenv("LOCAL_BUILD_DIR");
+ if(buildDir == NULL) {
+ buildDir = "";
+ }
+ sprintf(kcPath, "%s/Library/Keychains/%s", buildDir, kcName);
+ }
+ else {
+ /* user, leave alone */
+ strcpy(kcPath, kcName);
+ }
+}
+
+/* Verify presence of required file. Returns nonzero if not found. */
+int sslCheckFile(const char *path)
+{
+ struct stat sb;
+
+ if(stat(path, &sb)) {
+ printf("***Can't find file %s.\n", path);
+ printf(" Try running in the build directory, perhaps after running the\n"
+ " makeLocalCert script.\n");
+ return 1;
+ }
+ return 0;
+}
+
+/* Stringify a SSL_ECDSA_NamedCurve */
+extern const char *sslCurveString(
+ SSL_ECDSA_NamedCurve namedCurve)
+{
+ static char unk[100];
+
+ switch(namedCurve) {
+ case SSL_Curve_None: return "Curve_None";
+ case SSL_Curve_secp256r1: return "secp256r1";
+ case SSL_Curve_secp384r1: return "secp384r1";
+ case SSL_Curve_secp521r1: return "secp521r1";
+ default:
+ sprintf(unk, "Unknown <%d>", (int)namedCurve);
+ return unk;
+ }
+}
+
projects / apple / security.git / blobdiff