GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: crypto/crypto_context.cc Lines: 603 719 83.9 %
Date: 2022-08-16 04:20:39 Branches: 289 476 60.7 %

Line Branch Exec Source
1
#include "crypto/crypto_context.h"
2
#include "crypto/crypto_bio.h"
3
#include "crypto/crypto_common.h"
4
#include "crypto/crypto_util.h"
5
#include "base_object-inl.h"
6
#include "env-inl.h"
7
#include "memory_tracker-inl.h"
8
#include "node.h"
9
#include "node_buffer.h"
10
#include "node_options.h"
11
#include "util.h"
12
#include "v8.h"
13
14
#include <openssl/x509.h>
15
#include <openssl/pkcs12.h>
16
#include <openssl/rand.h>
17
#ifndef OPENSSL_NO_ENGINE
18
#include <openssl/engine.h>
19
#endif  // !OPENSSL_NO_ENGINE
20
21
namespace node {
22
23
using v8::Array;
24
using v8::ArrayBufferView;
25
using v8::Context;
26
using v8::DontDelete;
27
using v8::Exception;
28
using v8::External;
29
using v8::FunctionCallbackInfo;
30
using v8::FunctionTemplate;
31
using v8::HandleScope;
32
using v8::Int32;
33
using v8::Integer;
34
using v8::Isolate;
35
using v8::Local;
36
using v8::Object;
37
using v8::PropertyAttribute;
38
using v8::ReadOnly;
39
using v8::Signature;
40
using v8::String;
41
using v8::Value;
42
43
namespace crypto {
44
static const char* const root_certs[] = {
45
#include "node_root_certs.h"  // NOLINT(build/include_order)
46
};
47
48
static const char system_cert_path[] = NODE_OPENSSL_SYSTEM_CERT_PATH;
49
50
static X509_STORE* root_cert_store;
51
52
static bool extra_root_certs_loaded = false;
53
54
// Takes a string or buffer and loads it into a BIO.
55
// Caller responsible for BIO_free_all-ing the returned object.
56
2565
BIOPointer LoadBIO(Environment* env, Local<Value> v) {
57
5130
  HandleScope scope(env->isolate());
58
59
5130
  if (v->IsString()) {
60
2962
    Utf8Value s(env->isolate(), v);
61
1481
    return NodeBIO::NewFixed(*s, s.length());
62
  }
63
64
1084
  if (v->IsArrayBufferView()) {
65
1084
    ArrayBufferViewContents<char> buf(v.As<ArrayBufferView>());
66
1084
    return NodeBIO::NewFixed(buf.data(), buf.length());
67
  }
68
69
  return nullptr;
70
}
71
72
namespace {
73
951
int SSL_CTX_use_certificate_chain(SSL_CTX* ctx,
74
                                  X509Pointer&& x,
75
                                  STACK_OF(X509)* extra_certs,
76
                                  X509Pointer* cert,
77
                                  X509Pointer* issuer_) {
78
951
  CHECK(!*issuer_);
79
951
  CHECK(!*cert);
80
951
  X509* issuer = nullptr;
81
82
951
  int ret = SSL_CTX_use_certificate(ctx, x.get());
83
84
951
  if (ret) {
85
    // If we could set up our certificate, now proceed to
86
    // the CA certificates.
87
951
    SSL_CTX_clear_extra_chain_certs(ctx);
88
89
1377
    for (int i = 0; i < sk_X509_num(extra_certs); i++) {
90
426
      X509* ca = sk_X509_value(extra_certs, i);
91
92
      // NOTE: Increments reference count on `ca`
93
426
      if (!SSL_CTX_add1_chain_cert(ctx, ca)) {
94
        ret = 0;
95
        issuer = nullptr;
96
        break;
97
      }
98
      // Note that we must not free r if it was successfully
99
      // added to the chain (while we must free the main
100
      // certificate, since its reference count is increased
101
      // by SSL_CTX_use_certificate).
102
103
      // Find issuer
104

426
      if (issuer != nullptr || X509_check_issued(ca, x.get()) != X509_V_OK)
105
4
        continue;
106
107
422
      issuer = ca;
108
    }
109
  }
110
111
  // Try getting issuer from a cert store
112
951
  if (ret) {
113
951
    if (issuer == nullptr) {
114
      // TODO(tniessen): SSL_CTX_get_issuer does not allow the caller to
115
      // distinguish between a failed operation and an empty result. Fix that
116
      // and then handle the potential error properly here (set ret to 0).
117
529
      *issuer_ = SSL_CTX_get_issuer(ctx, x.get());
118
      // NOTE: get_cert_store doesn't increment reference count,
119
      // no need to free `store`
120
    } else {
121
      // Increment issuer reference count
122
422
      issuer_->reset(X509_dup(issuer));
123
422
      if (!*issuer_) {
124
        ret = 0;
125
      }
126
    }
127
  }
128
129

951
  if (ret && x != nullptr) {
130
951
    cert->reset(X509_dup(x.get()));
131
951
    if (!*cert)
132
      ret = 0;
133
  }
134
951
  return ret;
135
}
136
137
// Read a file that contains our certificate in "PEM" format,
138
// possibly followed by a sequence of CA certificates that should be
139
// sent to the peer in the Certificate message.
140
//
141
// Taken from OpenSSL - edited for style.
142
939
int SSL_CTX_use_certificate_chain(SSL_CTX* ctx,
143
                                  BIOPointer&& in,
144
                                  X509Pointer* cert,
145
                                  X509Pointer* issuer) {
146
  // Just to ensure that `ERR_peek_last_error` below will return only errors
147
  // that we are interested in
148
939
  ERR_clear_error();
149
150
  X509Pointer x(
151
1878
      PEM_read_bio_X509_AUX(in.get(), nullptr, NoPasswordCallback, nullptr));
152
153
939
  if (!x)
154
    return 0;
155
156
939
  unsigned long err = 0;  // NOLINT(runtime/int)
157
158
1878
  StackOfX509 extra_certs(sk_X509_new_null());
159
939
  if (!extra_certs)
160
    return 0;
161
162
  while (X509Pointer extra {PEM_read_bio_X509(in.get(),
163
                                    nullptr,
164
                                    NoPasswordCallback,
165
1356
                                    nullptr)}) {
166
417
    if (sk_X509_push(extra_certs.get(), extra.get())) {
167
417
      extra.release();
168
417
      continue;
169
    }
170
171
    return 0;
172
417
  }
173
174
  // When the while loop ends, it's usually just EOF.
175
939
  err = ERR_peek_last_error();
176

1878
  if (ERR_GET_LIB(err) == ERR_LIB_PEM &&
177
939
      ERR_GET_REASON(err) == PEM_R_NO_START_LINE) {
178
939
    ERR_clear_error();
179
  } else {
180
    // some real error
181
    return 0;
182
  }
183
184
1878
  return SSL_CTX_use_certificate_chain(ctx,
185
939
                                       std::move(x),
186
                                       extra_certs.get(),
187
                                       cert,
188
939
                                       issuer);
189
}
190
191
}  // namespace
192
193
280
X509_STORE* NewRootCertStore() {
194

280
  static std::vector<X509*> root_certs_vector;
195

280
  static Mutex root_certs_vector_mutex;
196
560
  Mutex::ScopedLock lock(root_certs_vector_mutex);
197
198

553
  if (root_certs_vector.empty() &&
199
273
      per_process::cli_options->ssl_openssl_cert_store == false) {
200
35904
    for (size_t i = 0; i < arraysize(root_certs); i++) {
201
      X509* x509 =
202
35632
          PEM_read_bio_X509(NodeBIO::NewFixed(root_certs[i],
203
35632
                                              strlen(root_certs[i])).get(),
204
                            nullptr,   // no re-use of X509 structure
205
                            NoPasswordCallback,
206
35632
                            nullptr);  // no callback data
207
208
      // Parse errors from the built-in roots are fatal.
209
35632
      CHECK_NOT_NULL(x509);
210
211
35632
      root_certs_vector.push_back(x509);
212
    }
213
  }
214
215
280
  X509_STORE* store = X509_STORE_new();
216
280
  if (*system_cert_path != '\0') {
217
    ERR_set_mark();
218
    X509_STORE_load_locations(store, system_cert_path, nullptr);
219
    ERR_pop_to_mark();
220
  }
221
222
280
  Mutex::ScopedLock cli_lock(node::per_process::cli_options_mutex);
223
280
  if (per_process::cli_options->ssl_openssl_cert_store) {
224
1
    X509_STORE_set_default_paths(store);
225
  } else {
226
36828
    for (X509* cert : root_certs_vector) {
227
36549
      X509_up_ref(cert);
228
36549
      X509_STORE_add_cert(store, cert);
229
    }
230
  }
231
232
280
  return store;
233
}
234
235
226
void GetRootCertificates(const FunctionCallbackInfo<Value>& args) {
236
226
  Environment* env = Environment::GetCurrent(args);
237
29832
  Local<Value> result[arraysize(root_certs)];
238
239
29832
  for (size_t i = 0; i < arraysize(root_certs); i++) {
240
29606
    if (!String::NewFromOneByte(
241
            env->isolate(),
242
29606
            reinterpret_cast<const uint8_t*>(root_certs[i]))
243
59212
            .ToLocal(&result[i])) {
244
      return;
245
    }
246
  }
247
248
452
  args.GetReturnValue().Set(
249
      Array::New(env->isolate(), result, arraysize(root_certs)));
250
}
251
252
bool SecureContext::HasInstance(Environment* env, const Local<Value>& value) {
253
  return GetConstructorTemplate(env)->HasInstance(value);
254
}
255
256
770
Local<FunctionTemplate> SecureContext::GetConstructorTemplate(
257
    Environment* env) {
258
770
  Local<FunctionTemplate> tmpl = env->secure_context_constructor_template();
259
770
  if (tmpl.IsEmpty()) {
260
770
    Isolate* isolate = env->isolate();
261
770
    tmpl = NewFunctionTemplate(isolate, New);
262
1540
    tmpl->InstanceTemplate()->SetInternalFieldCount(
263
        SecureContext::kInternalFieldCount);
264
770
    tmpl->Inherit(BaseObject::GetConstructorTemplate(env));
265
770
    tmpl->SetClassName(FIXED_ONE_BYTE_STRING(env->isolate(), "SecureContext"));
266
267
770
    SetProtoMethod(isolate, tmpl, "init", Init);
268
770
    SetProtoMethod(isolate, tmpl, "setKey", SetKey);
269
770
    SetProtoMethod(isolate, tmpl, "setCert", SetCert);
270
770
    SetProtoMethod(isolate, tmpl, "addCACert", AddCACert);
271
770
    SetProtoMethod(isolate, tmpl, "addCRL", AddCRL);
272
770
    SetProtoMethod(isolate, tmpl, "addRootCerts", AddRootCerts);
273
770
    SetProtoMethod(isolate, tmpl, "setCipherSuites", SetCipherSuites);
274
770
    SetProtoMethod(isolate, tmpl, "setCiphers", SetCiphers);
275
770
    SetProtoMethod(isolate, tmpl, "setSigalgs", SetSigalgs);
276
770
    SetProtoMethod(isolate, tmpl, "setECDHCurve", SetECDHCurve);
277
770
    SetProtoMethod(isolate, tmpl, "setDHParam", SetDHParam);
278
770
    SetProtoMethod(isolate, tmpl, "setMaxProto", SetMaxProto);
279
770
    SetProtoMethod(isolate, tmpl, "setMinProto", SetMinProto);
280
770
    SetProtoMethod(isolate, tmpl, "getMaxProto", GetMaxProto);
281
770
    SetProtoMethod(isolate, tmpl, "getMinProto", GetMinProto);
282
770
    SetProtoMethod(isolate, tmpl, "setOptions", SetOptions);
283
770
    SetProtoMethod(isolate, tmpl, "setSessionIdContext", SetSessionIdContext);
284
770
    SetProtoMethod(isolate, tmpl, "setSessionTimeout", SetSessionTimeout);
285
770
    SetProtoMethod(isolate, tmpl, "close", Close);
286
770
    SetProtoMethod(isolate, tmpl, "loadPKCS12", LoadPKCS12);
287
770
    SetProtoMethod(isolate, tmpl, "setTicketKeys", SetTicketKeys);
288
770
    SetProtoMethod(isolate, tmpl, "setFreeListLength", SetFreeListLength);
289
770
    SetProtoMethod(
290
        isolate, tmpl, "enableTicketKeyCallback", EnableTicketKeyCallback);
291
292
770
    SetProtoMethodNoSideEffect(isolate, tmpl, "getTicketKeys", GetTicketKeys);
293
770
    SetProtoMethodNoSideEffect(
294
        isolate, tmpl, "getCertificate", GetCertificate<true>);
295
770
    SetProtoMethodNoSideEffect(
296
        isolate, tmpl, "getIssuer", GetCertificate<false>);
297
298
#ifndef OPENSSL_NO_ENGINE
299
770
    SetProtoMethod(isolate, tmpl, "setEngineKey", SetEngineKey);
300
770
    SetProtoMethod(isolate, tmpl, "setClientCertEngine", SetClientCertEngine);
301
#endif  // !OPENSSL_NO_ENGINE
302
303
#define SET_INTEGER_CONSTANTS(name, value)                                     \
304
  tmpl->Set(FIXED_ONE_BYTE_STRING(isolate, name),                              \
305
            Integer::NewFromUnsigned(isolate, value));
306
2310
    SET_INTEGER_CONSTANTS("kTicketKeyReturnIndex", kTicketKeyReturnIndex);
307
2310
    SET_INTEGER_CONSTANTS("kTicketKeyHMACIndex", kTicketKeyHMACIndex);
308
2310
    SET_INTEGER_CONSTANTS("kTicketKeyAESIndex", kTicketKeyAESIndex);
309
2310
    SET_INTEGER_CONSTANTS("kTicketKeyNameIndex", kTicketKeyNameIndex);
310
2310
    SET_INTEGER_CONSTANTS("kTicketKeyIVIndex", kTicketKeyIVIndex);
311
  #undef SET_INTEGER_CONSTANTS
312
313
    Local<FunctionTemplate> ctx_getter_templ = FunctionTemplate::New(
314
770
        isolate, CtxGetter, Local<Value>(), Signature::New(isolate, tmpl));
315
316
3080
    tmpl->PrototypeTemplate()->SetAccessorProperty(
317
        FIXED_ONE_BYTE_STRING(isolate, "_external"),
318
        ctx_getter_templ,
319
        Local<FunctionTemplate>(),
320
        static_cast<PropertyAttribute>(ReadOnly | DontDelete));
321
322
770
    env->set_secure_context_constructor_template(tmpl);
323
  }
324
770
  return tmpl;
325
}
326
327
770
void SecureContext::Initialize(Environment* env, Local<Object> target) {
328
770
  Local<Context> context = env->context();
329
770
  SetConstructorFunction(context,
330
                         target,
331
                         "SecureContext",
332
                         GetConstructorTemplate(env),
333
                         SetConstructorFunctionFlag::NONE);
334
335
770
  SetMethodNoSideEffect(
336
      context, target, "getRootCertificates", GetRootCertificates);
337
  // Exposed for testing purposes only.
338
770
  SetMethodNoSideEffect(context,
339
                        target,
340
                        "isExtraRootCertsFileLoaded",
341
                        IsExtraRootCertsFileLoaded);
342
770
}
343
344
5338
void SecureContext::RegisterExternalReferences(
345
    ExternalReferenceRegistry* registry) {
346
5338
  registry->Register(New);
347
5338
  registry->Register(Init);
348
5338
  registry->Register(SetKey);
349
5338
  registry->Register(SetCert);
350
5338
  registry->Register(AddCACert);
351
5338
  registry->Register(AddCRL);
352
5338
  registry->Register(AddRootCerts);
353
5338
  registry->Register(SetCipherSuites);
354
5338
  registry->Register(SetCiphers);
355
5338
  registry->Register(SetSigalgs);
356
5338
  registry->Register(SetECDHCurve);
357
5338
  registry->Register(SetDHParam);
358
5338
  registry->Register(SetMaxProto);
359
5338
  registry->Register(SetMinProto);
360
5338
  registry->Register(GetMaxProto);
361
5338
  registry->Register(GetMinProto);
362
5338
  registry->Register(SetOptions);
363
5338
  registry->Register(SetSessionIdContext);
364
5338
  registry->Register(SetSessionTimeout);
365
5338
  registry->Register(Close);
366
5338
  registry->Register(LoadPKCS12);
367
5338
  registry->Register(SetTicketKeys);
368
5338
  registry->Register(SetFreeListLength);
369
5338
  registry->Register(EnableTicketKeyCallback);
370
5338
  registry->Register(GetTicketKeys);
371
5338
  registry->Register(GetCertificate<true>);
372
5338
  registry->Register(GetCertificate<false>);
373
374
#ifndef OPENSSL_NO_ENGINE
375
5338
  registry->Register(SetEngineKey);
376
5338
  registry->Register(SetClientCertEngine);
377
#endif  // !OPENSSL_NO_ENGINE
378
379
5338
  registry->Register(CtxGetter);
380
381
5338
  registry->Register(GetRootCertificates);
382
5338
  registry->Register(IsExtraRootCertsFileLoaded);
383
5338
}
384
385
SecureContext* SecureContext::Create(Environment* env) {
386
  Local<Object> obj;
387
  if (!GetConstructorTemplate(env)
388
          ->InstanceTemplate()
389
          ->NewInstance(env->context()).ToLocal(&obj)) {
390
    return nullptr;
391
  }
392
393
  return new SecureContext(env, obj);
394
}
395
396
2499
SecureContext::SecureContext(Environment* env, Local<Object> wrap)
397
2499
    : BaseObject(env, wrap) {
398
2499
  MakeWeak();
399
2499
  env->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
400
2499
}
401
402
2490
inline void SecureContext::Reset() {
403
2490
  if (ctx_ != nullptr) {
404
2439
    env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
405
  }
406
2490
  ctx_.reset();
407
2490
  cert_.reset();
408
2490
  issuer_.reset();
409
2490
}
410
411
9960
SecureContext::~SecureContext() {
412
4980
  Reset();
413
9960
}
414
415
2499
void SecureContext::New(const FunctionCallbackInfo<Value>& args) {
416
2499
  Environment* env = Environment::GetCurrent(args);
417
2499
  new SecureContext(env, args.This());
418
2499
}
419
420
2497
void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
421
  SecureContext* sc;
422
2546
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
423
2497
  Environment* env = sc->env();
424
425
2497
  CHECK_EQ(args.Length(), 3);
426
2497
  CHECK(args[1]->IsInt32());
427
2497
  CHECK(args[2]->IsInt32());
428
429
4994
  int min_version = args[1].As<Int32>()->Value();
430
4994
  int max_version = args[2].As<Int32>()->Value();
431
2497
  const SSL_METHOD* method = TLS_method();
432
433
2497
  if (max_version == 0)
434
    max_version = kMaxSupportedVersion;
435
436
4994
  if (args[0]->IsString()) {
437
364
    Utf8Value sslmethod(env->isolate(), args[0]);
438
439
    // Note that SSLv2 and SSLv3 are disallowed but SSLv23_method and friends
440
    // are still accepted.  They are OpenSSL's way of saying that all known
441
    // protocols below TLS 1.3 are supported unless explicitly disabled (which
442
    // we do below for SSLv2 and SSLv3.)
443
713
    if (sslmethod == "SSLv2_method" ||
444

713
        sslmethod == "SSLv2_server_method" ||
445
348
        sslmethod == "SSLv2_client_method") {
446
17
      THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, "SSLv2 methods disabled");
447
17
      return;
448
679
    } else if (sslmethod == "SSLv3_method" ||
449

679
               sslmethod == "SSLv3_server_method" ||
450
331
               sslmethod == "SSLv3_client_method") {
451
17
      THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, "SSLv3 methods disabled");
452
17
      return;
453
330
    } else if (sslmethod == "SSLv23_method") {
454
36
      max_version = TLS1_2_VERSION;
455
294
    } else if (sslmethod == "SSLv23_server_method") {
456
1
      max_version = TLS1_2_VERSION;
457
1
      method = TLS_server_method();
458
293
    } else if (sslmethod == "SSLv23_client_method") {
459
1
      max_version = TLS1_2_VERSION;
460
1
      method = TLS_client_method();
461
292
    } else if (sslmethod == "TLS_method") {
462
53
      min_version = 0;
463
53
      max_version = kMaxSupportedVersion;
464
239
    } else if (sslmethod == "TLS_server_method") {
465
      min_version = 0;
466
      max_version = kMaxSupportedVersion;
467
      method = TLS_server_method();
468
239
    } else if (sslmethod == "TLS_client_method") {
469
      min_version = 0;
470
      max_version = kMaxSupportedVersion;
471
      method = TLS_client_method();
472
239
    } else if (sslmethod == "TLSv1_method") {
473
71
      min_version = TLS1_VERSION;
474
71
      max_version = TLS1_VERSION;
475
168
    } else if (sslmethod == "TLSv1_server_method") {
476
1
      min_version = TLS1_VERSION;
477
1
      max_version = TLS1_VERSION;
478
1
      method = TLS_server_method();
479
167
    } else if (sslmethod == "TLSv1_client_method") {
480
1
      min_version = TLS1_VERSION;
481
1
      max_version = TLS1_VERSION;
482
1
      method = TLS_client_method();
483
166
    } else if (sslmethod == "TLSv1_1_method") {
484
71
      min_version = TLS1_1_VERSION;
485
71
      max_version = TLS1_1_VERSION;
486
95
    } else if (sslmethod == "TLSv1_1_server_method") {
487
1
      min_version = TLS1_1_VERSION;
488
1
      max_version = TLS1_1_VERSION;
489
1
      method = TLS_server_method();
490
94
    } else if (sslmethod == "TLSv1_1_client_method") {
491
1
      min_version = TLS1_1_VERSION;
492
1
      max_version = TLS1_1_VERSION;
493
1
      method = TLS_client_method();
494
93
    } else if (sslmethod == "TLSv1_2_method") {
495
75
      min_version = TLS1_2_VERSION;
496
75
      max_version = TLS1_2_VERSION;
497
18
    } else if (sslmethod == "TLSv1_2_server_method") {
498
2
      min_version = TLS1_2_VERSION;
499
2
      max_version = TLS1_2_VERSION;
500
2
      method = TLS_server_method();
501
16
    } else if (sslmethod == "TLSv1_2_client_method") {
502
1
      min_version = TLS1_2_VERSION;
503
1
      max_version = TLS1_2_VERSION;
504
1
      method = TLS_client_method();
505
    } else {
506
15
      const std::string msg("Unknown method: ");
507
15
      THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, (msg + * sslmethod).c_str());
508
15
      return;
509
    }
510
  }
511
512
2448
  sc->ctx_.reset(SSL_CTX_new(method));
513
2448
  if (!sc->ctx_) {
514
    return ThrowCryptoError(env, ERR_get_error(), "SSL_CTX_new");
515
  }
516
2448
  SSL_CTX_set_app_data(sc->ctx_.get(), sc);
517
518
  // Disable SSLv2 in the case when method == TLS_method() and the
519
  // cipher list contains SSLv2 ciphers (not the default, should be rare.)
520
  // The bundled OpenSSL doesn't have SSLv2 support but the system OpenSSL may.
521
  // SSLv3 is disabled because it's susceptible to downgrade attacks (POODLE.)
522
2448
  SSL_CTX_set_options(sc->ctx_.get(), SSL_OP_NO_SSLv2);
523
2448
  SSL_CTX_set_options(sc->ctx_.get(), SSL_OP_NO_SSLv3);
524
#if OPENSSL_VERSION_MAJOR >= 3
525
2448
  SSL_CTX_set_options(sc->ctx_.get(), SSL_OP_ALLOW_CLIENT_RENEGOTIATION);
526
#endif
527
528
  // Enable automatic cert chaining. This is enabled by default in OpenSSL, but
529
  // disabled by default in BoringSSL. Enable it explicitly to make the
530
  // behavior match when Node is built with BoringSSL.
531
2448
  SSL_CTX_clear_mode(sc->ctx_.get(), SSL_MODE_NO_AUTO_CHAIN);
532
533
  // SSL session cache configuration
534
2448
  SSL_CTX_set_session_cache_mode(sc->ctx_.get(),
535
                                 SSL_SESS_CACHE_CLIENT |
536
                                 SSL_SESS_CACHE_SERVER |
537
                                 SSL_SESS_CACHE_NO_INTERNAL |
538
                                 SSL_SESS_CACHE_NO_AUTO_CLEAR);
539
540
2448
  SSL_CTX_set_min_proto_version(sc->ctx_.get(), min_version);
541
2448
  SSL_CTX_set_max_proto_version(sc->ctx_.get(), max_version);
542
543
  // OpenSSL 1.1.0 changed the ticket key size, but the OpenSSL 1.0.x size was
544
  // exposed in the public API. To retain compatibility, install a callback
545
  // which restores the old algorithm.
546
4896
  if (RAND_bytes(sc->ticket_key_name_, sizeof(sc->ticket_key_name_)) <= 0 ||
547

4896
      RAND_bytes(sc->ticket_key_hmac_, sizeof(sc->ticket_key_hmac_)) <= 0 ||
548
2448
      RAND_bytes(sc->ticket_key_aes_, sizeof(sc->ticket_key_aes_)) <= 0) {
549
    return THROW_ERR_CRYPTO_OPERATION_FAILED(
550
        env, "Error generating ticket keys");
551
  }
552
2448
  SSL_CTX_set_tlsext_ticket_key_cb(sc->ctx_.get(), TicketCompatibilityCallback);
553
}
554
555
12399
SSLPointer SecureContext::CreateSSL() {
556
12399
  return SSLPointer(SSL_new(ctx_.get()));
557
}
558
559
12399
void SecureContext::SetNewSessionCallback(NewSessionCb cb) {
560
12399
  SSL_CTX_sess_set_new_cb(ctx_.get(), cb);
561
12399
}
562
563
12399
void SecureContext::SetGetSessionCallback(GetSessionCb cb) {
564
12399
  SSL_CTX_sess_set_get_cb(ctx_.get(), cb);
565
12399
}
566
567
951
void SecureContext::SetSelectSNIContextCallback(SelectSNIContextCb cb) {
568
951
  SSL_CTX_set_tlsext_servername_callback(ctx_.get(), cb);
569
951
}
570
571
8
void SecureContext::SetKeylogCallback(KeylogCb cb) {
572
8
  SSL_CTX_set_keylog_callback(ctx_.get(), cb);
573
8
}
574
575
921
void SecureContext::SetKey(const FunctionCallbackInfo<Value>& args) {
576
921
  Environment* env = Environment::GetCurrent(args);
577
578
  SecureContext* sc;
579
929
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
580
581
921
  CHECK_GE(args.Length(), 1);  // Private key argument is mandatory
582
583
921
  BIOPointer bio(LoadBIO(env, args[0]));
584
921
  if (!bio)
585
    return;
586
587
921
  ByteSource passphrase;
588
1842
  if (args[1]->IsString())
589
48
    passphrase = ByteSource::FromString(env, args[1].As<String>());
590
  // This redirection is necessary because the PasswordCallback expects a
591
  // pointer to a pointer to the passphrase ByteSource to allow passing in
592
  // const ByteSources.
593
921
  const ByteSource* pass_ptr = &passphrase;
594
595
  EVPKeyPointer key(
596
      PEM_read_bio_PrivateKey(bio.get(),
597
                              nullptr,
598
                              PasswordCallback,
599
921
                              &pass_ptr));
600
601
921
  if (!key)
602
7
    return ThrowCryptoError(env, ERR_get_error(), "PEM_read_bio_PrivateKey");
603
604
914
  if (!SSL_CTX_use_PrivateKey(sc->ctx_.get(), key.get()))
605
1
    return ThrowCryptoError(env, ERR_get_error(), "SSL_CTX_use_PrivateKey");
606
}
607
608
8
void SecureContext::SetSigalgs(const FunctionCallbackInfo<Value>& args) {
609
  SecureContext* sc;
610
8
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
611
8
  Environment* env = sc->env();
612
  ClearErrorOnReturn clear_error_on_return;
613
614
8
  CHECK_EQ(args.Length(), 1);
615
16
  CHECK(args[0]->IsString());
616
617
8
  const Utf8Value sigalgs(env->isolate(), args[0]);
618
619
8
  if (!SSL_CTX_set1_sigalgs_list(sc->ctx_.get(), *sigalgs))
620
    return ThrowCryptoError(env, ERR_get_error());
621
}
622
623
#ifndef OPENSSL_NO_ENGINE
624
void SecureContext::SetEngineKey(const FunctionCallbackInfo<Value>& args) {
625
  Environment* env = Environment::GetCurrent(args);
626
627
  SecureContext* sc;
628
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
629
630
  CHECK_EQ(args.Length(), 2);
631
632
  CryptoErrorStore errors;
633
  Utf8Value engine_id(env->isolate(), args[1]);
634
  EnginePointer engine = LoadEngineById(*engine_id, &errors);
635
  if (!engine) {
636
    Local<Value> exception;
637
    if (errors.ToException(env).ToLocal(&exception))
638
      env->isolate()->ThrowException(exception);
639
    return;
640
  }
641
642
  if (!ENGINE_init(engine.get())) {
643
    return THROW_ERR_CRYPTO_OPERATION_FAILED(
644
        env, "Failure to initialize engine");
645
  }
646
647
  engine.finish_on_exit = true;
648
649
  Utf8Value key_name(env->isolate(), args[0]);
650
  EVPKeyPointer key(ENGINE_load_private_key(engine.get(), *key_name,
651
                                            nullptr, nullptr));
652
653
  if (!key)
654
    return ThrowCryptoError(env, ERR_get_error(), "ENGINE_load_private_key");
655
656
  if (!SSL_CTX_use_PrivateKey(sc->ctx_.get(), key.get()))
657
    return ThrowCryptoError(env, ERR_get_error(), "SSL_CTX_use_PrivateKey");
658
659
  sc->private_key_engine_ = std::move(engine);
660
}
661
#endif  // !OPENSSL_NO_ENGINE
662
663
939
void SecureContext::SetCert(const FunctionCallbackInfo<Value>& args) {
664
939
  Environment* env = Environment::GetCurrent(args);
665
666
  SecureContext* sc;
667
939
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
668
669
939
  CHECK_GE(args.Length(), 1);  // Certificate argument is mandator
670
671
939
  BIOPointer bio(LoadBIO(env, args[0]));
672
939
  if (!bio)
673
    return;
674
675
939
  sc->cert_.reset();
676
939
  sc->issuer_.reset();
677
678
939
  if (!SSL_CTX_use_certificate_chain(
679
939
          sc->ctx_.get(),
680
939
          std::move(bio),
681
939
          &sc->cert_,
682
939
          &sc->issuer_)) {
683
    return ThrowCryptoError(
684
        env,
685
        ERR_get_error(),
686
        "SSL_CTX_use_certificate_chain");
687
  }
688
}
689
690
625
void SecureContext::AddCACert(const FunctionCallbackInfo<Value>& args) {
691
625
  Environment* env = Environment::GetCurrent(args);
692
693
  SecureContext* sc;
694
625
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
695
  ClearErrorOnReturn clear_error_on_return;
696
697
625
  CHECK_GE(args.Length(), 1);  // CA certificate argument is mandatory
698
699
625
  BIOPointer bio(LoadBIO(env, args[0]));
700
625
  if (!bio)
701
    return;
702
703
625
  X509_STORE* cert_store = SSL_CTX_get_cert_store(sc->ctx_.get());
704
1594
  while (X509* x509 = PEM_read_bio_X509_AUX(
705
1594
      bio.get(), nullptr, NoPasswordCallback, nullptr)) {
706
969
    if (cert_store == root_cert_store) {
707
1
      cert_store = NewRootCertStore();
708
1
      SSL_CTX_set_cert_store(sc->ctx_.get(), cert_store);
709
    }
710
969
    X509_STORE_add_cert(cert_store, x509);
711
969
    SSL_CTX_add_client_CA(sc->ctx_.get(), x509);
712
969
    X509_free(x509);
713
969
  }
714
}
715
716
2
void SecureContext::AddCRL(const FunctionCallbackInfo<Value>& args) {
717
2
  Environment* env = Environment::GetCurrent(args);
718
719
  SecureContext* sc;
720
3
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
721
722
2
  CHECK_GE(args.Length(), 1);  // CRL argument is mandatory
723
724
  ClearErrorOnReturn clear_error_on_return;
725
726
2
  BIOPointer bio(LoadBIO(env, args[0]));
727
2
  if (!bio)
728
    return;
729
730
  DeleteFnPtr<X509_CRL, X509_CRL_free> crl(
731
2
      PEM_read_bio_X509_CRL(bio.get(), nullptr, NoPasswordCallback, nullptr));
732
733
2
  if (!crl)
734
1
    return THROW_ERR_CRYPTO_OPERATION_FAILED(env, "Failed to parse CRL");
735
736
1
  X509_STORE* cert_store = SSL_CTX_get_cert_store(sc->ctx_.get());
737
1
  if (cert_store == root_cert_store) {
738
    cert_store = NewRootCertStore();
739
    SSL_CTX_set_cert_store(sc->ctx_.get(), cert_store);
740
  }
741
742
1
  X509_STORE_add_crl(cert_store, crl.get());
743
1
  X509_STORE_set_flags(cert_store,
744
                       X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
745
}
746
747
1843
void SecureContext::AddRootCerts(const FunctionCallbackInfo<Value>& args) {
748
  SecureContext* sc;
749
1843
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
750
1843
  ClearErrorOnReturn clear_error_on_return;
751
752
1843
  if (root_cert_store == nullptr) {
753
268
    root_cert_store = NewRootCertStore();
754
  }
755
756
  // Increment reference count so global store is not deleted along with CTX.
757
1843
  X509_STORE_up_ref(root_cert_store);
758
1843
  SSL_CTX_set_cert_store(sc->ctx_.get(), root_cert_store);
759
}
760
761
1910
void SecureContext::SetCipherSuites(const FunctionCallbackInfo<Value>& args) {
762
  // BoringSSL doesn't allow API config of TLS1.3 cipher suites.
763
#ifndef OPENSSL_IS_BORINGSSL
764
  SecureContext* sc;
765
1911
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
766
1910
  Environment* env = sc->env();
767
  ClearErrorOnReturn clear_error_on_return;
768
769
1910
  CHECK_EQ(args.Length(), 1);
770
3820
  CHECK(args[0]->IsString());
771
772
1910
  const Utf8Value ciphers(env->isolate(), args[0]);
773
1910
  if (!SSL_CTX_set_ciphersuites(sc->ctx_.get(), *ciphers))
774
1
    return ThrowCryptoError(env, ERR_get_error(), "Failed to set ciphers");
775
#endif
776
}
777
778
2374
void SecureContext::SetCiphers(const FunctionCallbackInfo<Value>& args) {
779
  SecureContext* sc;
780
2389
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
781
2374
  Environment* env = sc->env();
782
  ClearErrorOnReturn clear_error_on_return;
783
784
2374
  CHECK_EQ(args.Length(), 1);
785
4748
  CHECK(args[0]->IsString());
786
787
2374
  Utf8Value ciphers(env->isolate(), args[0]);
788
2374
  if (!SSL_CTX_set_cipher_list(sc->ctx_.get(), *ciphers)) {
789
15
    unsigned long err = ERR_get_error();  // NOLINT(runtime/int)
790
791

15
    if (strlen(*ciphers) == 0 && ERR_GET_REASON(err) == SSL_R_NO_CIPHER_MATCH) {
792
      // TLS1.2 ciphers were deliberately cleared, so don't consider
793
      // SSL_R_NO_CIPHER_MATCH to be an error (this is how _set_cipher_suites()
794
      // works). If the user actually sets a value (like "no-such-cipher"), then
795
      // that's actually an error.
796
11
      return;
797
    }
798
4
    return ThrowCryptoError(env, err, "Failed to set ciphers");
799
  }
800
}
801
802
2366
void SecureContext::SetECDHCurve(const FunctionCallbackInfo<Value>& args) {
803
  SecureContext* sc;
804
2369
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
805
2366
  Environment* env = sc->env();
806
807
2366
  CHECK_GE(args.Length(), 1);  // ECDH curve name argument is mandatory
808
4732
  CHECK(args[0]->IsString());
809
810
2366
  Utf8Value curve(env->isolate(), args[0]);
811
812

2376
  if (strcmp(*curve, "auto") != 0 &&
813
10
      !SSL_CTX_set1_curves_list(sc->ctx_.get(), *curve)) {
814
3
    return THROW_ERR_CRYPTO_OPERATION_FAILED(env, "Failed to set ECDH curve");
815
  }
816
}
817
818
10
void SecureContext::SetDHParam(const FunctionCallbackInfo<Value>& args) {
819
  SecureContext* sc;
820
13
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.This());
821
10
  Environment* env = sc->env();
822
  ClearErrorOnReturn clear_error_on_return;
823
824
10
  CHECK_GE(args.Length(), 1);  // DH argument is mandatory
825
826
10
  DHPointer dh;
827
  {
828
10
    BIOPointer bio(LoadBIO(env, args[0]));
829
10
    if (!bio)
830
      return;
831
832
10
    dh.reset(PEM_read_bio_DHparams(bio.get(), nullptr, nullptr, nullptr));
833
  }
834
835
  // Invalid dhparam is silently discarded and DHE is no longer used.
836
10
  if (!dh)
837
1
    return;
838
839
  const BIGNUM* p;
840
9
  DH_get0_pqg(dh.get(), &p, nullptr, nullptr);
841
9
  const int size = BN_num_bits(p);
842
9
  if (size < 1024) {
843
2
    return THROW_ERR_INVALID_ARG_VALUE(
844
2
        env, "DH parameter is less than 1024 bits");
845
7
  } else if (size < 2048) {
846
6
    args.GetReturnValue().Set(FIXED_ONE_BYTE_STRING(
847
        env->isolate(), "DH parameter is less than 2048 bits"));
848
  }
849
850
7
  SSL_CTX_set_options(sc->ctx_.get(), SSL_OP_SINGLE_DH_USE);
851
852
7
  if (!SSL_CTX_set_tmp_dh(sc->ctx_.get(), dh.get())) {
853
    return THROW_ERR_CRYPTO_OPERATION_FAILED(
854
        env, "Error setting temp DH parameter");
855
  }
856
}
857
858
11
void SecureContext::SetMinProto(const FunctionCallbackInfo<Value>& args) {
859
  SecureContext* sc;
860
11
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
861
862
11
  CHECK_EQ(args.Length(), 1);
863
11
  CHECK(args[0]->IsInt32());
864
865
22
  int version = args[0].As<Int32>()->Value();
866
867
11
  CHECK(SSL_CTX_set_min_proto_version(sc->ctx_.get(), version));
868
}
869
870
void SecureContext::SetMaxProto(const FunctionCallbackInfo<Value>& args) {
871
  SecureContext* sc;
872
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
873
874
  CHECK_EQ(args.Length(), 1);
875
  CHECK(args[0]->IsInt32());
876
877
  int version = args[0].As<Int32>()->Value();
878
879
  CHECK(SSL_CTX_set_max_proto_version(sc->ctx_.get(), version));
880
}
881
882
11
void SecureContext::GetMinProto(const FunctionCallbackInfo<Value>& args) {
883
  SecureContext* sc;
884
11
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
885
886
11
  CHECK_EQ(args.Length(), 0);
887
888
  long version =  // NOLINT(runtime/int)
889
11
    SSL_CTX_get_min_proto_version(sc->ctx_.get());
890
22
  args.GetReturnValue().Set(static_cast<uint32_t>(version));
891
}
892
893
11
void SecureContext::GetMaxProto(const FunctionCallbackInfo<Value>& args) {
894
  SecureContext* sc;
895
11
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
896
897
11
  CHECK_EQ(args.Length(), 0);
898
899
  long version =  // NOLINT(runtime/int)
900
11
    SSL_CTX_get_max_proto_version(sc->ctx_.get());
901
22
  args.GetReturnValue().Set(static_cast<uint32_t>(version));
902
}
903
904
922
void SecureContext::SetOptions(const FunctionCallbackInfo<Value>& args) {
905
922
  Environment* env = Environment::GetCurrent(args);
906
  SecureContext* sc;
907
922
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
908
909
922
  CHECK_GE(args.Length(), 1);
910
922
  CHECK(args[0]->IsNumber());
911
912
922
  int64_t val = args[0]->IntegerValue(env->context()).FromMaybe(0);
913
914
922
  SSL_CTX_set_options(sc->ctx_.get(),
915
                      static_cast<long>(val));  // NOLINT(runtime/int)
916
}
917
918
851
void SecureContext::SetSessionIdContext(
919
    const FunctionCallbackInfo<Value>& args) {
920
  SecureContext* sc;
921
1702
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
922
851
  Environment* env = sc->env();
923
924
851
  CHECK_GE(args.Length(), 1);
925
1702
  CHECK(args[0]->IsString());
926
927
851
  const Utf8Value sessionIdContext(env->isolate(), args[0]);
928
  const unsigned char* sid_ctx =
929
851
      reinterpret_cast<const unsigned char*>(*sessionIdContext);
930
851
  unsigned int sid_ctx_len = sessionIdContext.length();
931
932
851
  if (SSL_CTX_set_session_id_context(sc->ctx_.get(), sid_ctx, sid_ctx_len) == 1)
933
851
    return;
934
935
  BUF_MEM* mem;
936
  Local<String> message;
937
938
  BIOPointer bio(BIO_new(BIO_s_mem()));
939
  if (!bio) {
940
    message = FIXED_ONE_BYTE_STRING(env->isolate(),
941
                                    "SSL_CTX_set_session_id_context error");
942
  } else {
943
    ERR_print_errors(bio.get());
944
    BIO_get_mem_ptr(bio.get(), &mem);
945
    message = OneByteString(env->isolate(), mem->data, mem->length);
946
  }
947
948
  env->isolate()->ThrowException(Exception::TypeError(message));
949
}
950
951
1
void SecureContext::SetSessionTimeout(const FunctionCallbackInfo<Value>& args) {
952
  SecureContext* sc;
953
1
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
954
955
1
  CHECK_GE(args.Length(), 1);
956
1
  CHECK(args[0]->IsInt32());
957
958
2
  int32_t sessionTimeout = args[0].As<Int32>()->Value();
959
1
  SSL_CTX_set_timeout(sc->ctx_.get(), sessionTimeout);
960
}
961
962
void SecureContext::Close(const FunctionCallbackInfo<Value>& args) {
963
  SecureContext* sc;
964
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
965
  sc->Reset();
966
}
967
968
// Takes .pfx or .p12 and password in string or buffer format
969
18
void SecureContext::LoadPKCS12(const FunctionCallbackInfo<Value>& args) {
970
18
  Environment* env = Environment::GetCurrent(args);
971
972
18
  std::vector<char> pass;
973
18
  bool ret = false;
974
975
  SecureContext* sc;
976
18
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
977
  ClearErrorOnReturn clear_error_on_return;
978
979
18
  if (args.Length() < 1) {
980
    return THROW_ERR_MISSING_ARGS(env, "PFX certificate argument is mandatory");
981
  }
982
983
18
  BIOPointer in(LoadBIO(env, args[0]));
984
18
  if (!in) {
985
    return THROW_ERR_CRYPTO_OPERATION_FAILED(
986
        env, "Unable to load PFX certificate");
987
  }
988
989
18
  if (args.Length() >= 2) {
990
15
    THROW_AND_RETURN_IF_NOT_BUFFER(env, args[1], "Pass phrase");
991
30
    Local<ArrayBufferView> abv = args[1].As<ArrayBufferView>();
992
15
    size_t passlen = abv->ByteLength();
993
15
    pass.resize(passlen + 1);
994
15
    abv->CopyContents(pass.data(), passlen);
995
15
    pass[passlen] = '\0';
996
  }
997
998
  // Free previous certs
999
18
  sc->issuer_.reset();
1000
18
  sc->cert_.reset();
1001
1002
18
  X509_STORE* cert_store = SSL_CTX_get_cert_store(sc->ctx_.get());
1003
1004
18
  DeleteFnPtr<PKCS12, PKCS12_free> p12;
1005
18
  EVPKeyPointer pkey;
1006
18
  X509Pointer cert;
1007
18
  StackOfX509 extra_certs;
1008
1009
18
  PKCS12* p12_ptr = nullptr;
1010
18
  EVP_PKEY* pkey_ptr = nullptr;
1011
18
  X509* cert_ptr = nullptr;
1012
18
  STACK_OF(X509)* extra_certs_ptr = nullptr;
1013
18
  if (d2i_PKCS12_bio(in.get(), &p12_ptr) &&
1014
32
      (p12.reset(p12_ptr), true) &&  // Move ownership to the smart pointer.
1015
16
      PKCS12_parse(p12.get(), pass.data(),
1016
                   &pkey_ptr,
1017
                   &cert_ptr,
1018
                   &extra_certs_ptr) &&
1019
12
      (pkey.reset(pkey_ptr), cert.reset(cert_ptr),
1020
24
       extra_certs.reset(extra_certs_ptr), true) &&  // Move ownership.
1021
12
      SSL_CTX_use_certificate_chain(sc->ctx_.get(),
1022
12
                                    std::move(cert),
1023
                                    extra_certs.get(),
1024
12
                                    &sc->cert_,
1025

46
                                    &sc->issuer_) &&
1026
12
      SSL_CTX_use_PrivateKey(sc->ctx_.get(), pkey.get())) {
1027
    // Add CA certs too
1028
21
    for (int i = 0; i < sk_X509_num(extra_certs.get()); i++) {
1029
9
      X509* ca = sk_X509_value(extra_certs.get(), i);
1030
1031
9
      if (cert_store == root_cert_store) {
1032
6
        cert_store = NewRootCertStore();
1033
6
        SSL_CTX_set_cert_store(sc->ctx_.get(), cert_store);
1034
      }
1035
9
      X509_STORE_add_cert(cert_store, ca);
1036
9
      SSL_CTX_add_client_CA(sc->ctx_.get(), ca);
1037
    }
1038
12
    ret = true;
1039
  }
1040
1041
18
  if (!ret) {
1042
    // TODO(@jasnell): Should this use ThrowCryptoError?
1043
6
    unsigned long err = ERR_get_error();  // NOLINT(runtime/int)
1044
6
    const char* str = ERR_reason_error_string(err);
1045
6
    str = str != nullptr ? str : "Unknown error";
1046
1047
6
    return env->ThrowError(str);
1048
  }
1049
}
1050
1051
#ifndef OPENSSL_NO_ENGINE
1052
void SecureContext::SetClientCertEngine(
1053
    const FunctionCallbackInfo<Value>& args) {
1054
  Environment* env = Environment::GetCurrent(args);
1055
  CHECK_EQ(args.Length(), 1);
1056
  CHECK(args[0]->IsString());
1057
1058
  SecureContext* sc;
1059
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
1060
1061
  MarkPopErrorOnReturn mark_pop_error_on_return;
1062
1063
  // SSL_CTX_set_client_cert_engine does not itself support multiple
1064
  // calls by cleaning up before overwriting the client_cert_engine
1065
  // internal context variable.
1066
  // Instead of trying to fix up this problem we in turn also do not
1067
  // support multiple calls to SetClientCertEngine.
1068
  CHECK(!sc->client_cert_engine_provided_);
1069
1070
  CryptoErrorStore errors;
1071
  const Utf8Value engine_id(env->isolate(), args[0]);
1072
  EnginePointer engine = LoadEngineById(*engine_id, &errors);
1073
  if (!engine) {
1074
    Local<Value> exception;
1075
    if (errors.ToException(env).ToLocal(&exception))
1076
      env->isolate()->ThrowException(exception);
1077
    return;
1078
  }
1079
1080
  // Note that this takes another reference to `engine`.
1081
  if (!SSL_CTX_set_client_cert_engine(sc->ctx_.get(), engine.get()))
1082
    return ThrowCryptoError(env, ERR_get_error());
1083
  sc->client_cert_engine_provided_ = true;
1084
}
1085
#endif  // !OPENSSL_NO_ENGINE
1086
1087
10
void SecureContext::GetTicketKeys(const FunctionCallbackInfo<Value>& args) {
1088
#if !defined(OPENSSL_NO_TLSEXT) && defined(SSL_CTX_get_tlsext_ticket_keys)
1089
1090
  SecureContext* wrap;
1091
10
  ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
1092
1093
  Local<Object> buff;
1094
20
  if (!Buffer::New(wrap->env(), 48).ToLocal(&buff))
1095
    return;
1096
1097
10
  memcpy(Buffer::Data(buff), wrap->ticket_key_name_, 16);
1098
10
  memcpy(Buffer::Data(buff) + 16, wrap->ticket_key_hmac_, 16);
1099
10
  memcpy(Buffer::Data(buff) + 32, wrap->ticket_key_aes_, 16);
1100
1101
20
  args.GetReturnValue().Set(buff);
1102
#endif  // !def(OPENSSL_NO_TLSEXT) && def(SSL_CTX_get_tlsext_ticket_keys)
1103
}
1104
1105
23
void SecureContext::SetTicketKeys(const FunctionCallbackInfo<Value>& args) {
1106
#if !defined(OPENSSL_NO_TLSEXT) && defined(SSL_CTX_get_tlsext_ticket_keys)
1107
  SecureContext* wrap;
1108
23
  ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
1109
1110
23
  CHECK_GE(args.Length(), 1);  // Ticket keys argument is mandatory
1111
23
  CHECK(args[0]->IsArrayBufferView());
1112
46
  ArrayBufferViewContents<char> buf(args[0].As<ArrayBufferView>());
1113
1114
23
  CHECK_EQ(buf.length(), 48);
1115
1116
23
  memcpy(wrap->ticket_key_name_, buf.data(), 16);
1117
23
  memcpy(wrap->ticket_key_hmac_, buf.data() + 16, 16);
1118
23
  memcpy(wrap->ticket_key_aes_, buf.data() + 32, 16);
1119
1120
46
  args.GetReturnValue().Set(true);
1121
#endif  // !def(OPENSSL_NO_TLSEXT) && def(SSL_CTX_get_tlsext_ticket_keys)
1122
}
1123
1124
void SecureContext::SetFreeListLength(const FunctionCallbackInfo<Value>& args) {
1125
}
1126
1127
// Currently, EnableTicketKeyCallback and TicketKeyCallback are only present for
1128
// the regression test in test/parallel/test-https-resume-after-renew.js.
1129
1
void SecureContext::EnableTicketKeyCallback(
1130
    const FunctionCallbackInfo<Value>& args) {
1131
  SecureContext* wrap;
1132
1
  ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
1133
1134
1
  SSL_CTX_set_tlsext_ticket_key_cb(wrap->ctx_.get(), TicketKeyCallback);
1135
}
1136
1137
4
int SecureContext::TicketKeyCallback(SSL* ssl,
1138
                                     unsigned char* name,
1139
                                     unsigned char* iv,
1140
                                     EVP_CIPHER_CTX* ectx,
1141
                                     HMAC_CTX* hctx,
1142
                                     int enc) {
1143
  static const int kTicketPartSize = 16;
1144
1145
  SecureContext* sc = static_cast<SecureContext*>(
1146
4
      SSL_CTX_get_app_data(SSL_get_SSL_CTX(ssl)));
1147
1148
4
  Environment* env = sc->env();
1149
8
  HandleScope handle_scope(env->isolate());
1150
4
  Context::Scope context_scope(env->context());
1151
1152
16
  Local<Value> argv[3];
1153
1154
8
  if (!Buffer::Copy(
1155
          env,
1156
          reinterpret_cast<char*>(name),
1157
12
          kTicketPartSize).ToLocal(&argv[0]) ||
1158
4
      !Buffer::Copy(
1159
          env,
1160
          reinterpret_cast<char*>(iv),
1161
8
          kTicketPartSize).ToLocal(&argv[1])) {
1162
    return -1;
1163
  }
1164
1165
8
  argv[2] = enc != 0 ? v8::True(env->isolate()) : v8::False(env->isolate());
1166
1167
  Local<Value> ret;
1168
8
  if (!node::MakeCallback(
1169
          env->isolate(),
1170
          sc->object(),
1171
          env->ticketkeycallback_string(),
1172
4
          arraysize(argv),
1173
          argv,
1174

12
          {0, 0}).ToLocal(&ret) ||
1175
4
      !ret->IsArray()) {
1176
    return -1;
1177
  }
1178
4
  Local<Array> arr = ret.As<Array>();
1179
1180
  Local<Value> val;
1181

12
  if (!arr->Get(env->context(), kTicketKeyReturnIndex).ToLocal(&val) ||
1182
4
      !val->IsInt32()) {
1183
    return -1;
1184
  }
1185
1186
4
  int r = val.As<Int32>()->Value();
1187
4
  if (r < 0)
1188
    return r;
1189
1190
  Local<Value> hmac;
1191
  Local<Value> aes;
1192
1193
4
  if (!arr->Get(env->context(), kTicketKeyHMACIndex).ToLocal(&hmac) ||
1194


16
      !arr->Get(env->context(), kTicketKeyAESIndex).ToLocal(&aes) ||
1195
4
      Buffer::Length(aes) != kTicketPartSize) {
1196
    return -1;
1197
  }
1198
1199
4
  if (enc) {
1200
    Local<Value> name_val;
1201
    Local<Value> iv_val;
1202
3
    if (!arr->Get(env->context(), kTicketKeyNameIndex).ToLocal(&name_val) ||
1203

9
        !arr->Get(env->context(), kTicketKeyIVIndex).ToLocal(&iv_val) ||
1204

9
        Buffer::Length(name_val) != kTicketPartSize ||
1205
3
        Buffer::Length(iv_val) != kTicketPartSize) {
1206
      return -1;
1207
    }
1208
1209
3
    name_val.As<ArrayBufferView>()->CopyContents(name, kTicketPartSize);
1210
3
    iv_val.As<ArrayBufferView>()->CopyContents(iv, kTicketPartSize);
1211
  }
1212
1213
4
  ArrayBufferViewContents<unsigned char> hmac_buf(hmac);
1214
8
  HMAC_Init_ex(hctx,
1215
4
               hmac_buf.data(),
1216
4
               hmac_buf.length(),
1217
               EVP_sha256(),
1218
               nullptr);
1219
1220
4
  ArrayBufferViewContents<unsigned char> aes_key(aes.As<ArrayBufferView>());
1221
4
  if (enc) {
1222
3
    EVP_EncryptInit_ex(ectx,
1223
                       EVP_aes_128_cbc(),
1224
                       nullptr,
1225
                       aes_key.data(),
1226
                       iv);
1227
  } else {
1228
1
    EVP_DecryptInit_ex(ectx,
1229
                       EVP_aes_128_cbc(),
1230
                       nullptr,
1231
                       aes_key.data(),
1232
                       iv);
1233
  }
1234
1235
4
  return r;
1236
}
1237
1238
1335
int SecureContext::TicketCompatibilityCallback(SSL* ssl,
1239
                                               unsigned char* name,
1240
                                               unsigned char* iv,
1241
                                               EVP_CIPHER_CTX* ectx,
1242
                                               HMAC_CTX* hctx,
1243
                                               int enc) {
1244
  SecureContext* sc = static_cast<SecureContext*>(
1245
1335
      SSL_CTX_get_app_data(SSL_get_SSL_CTX(ssl)));
1246
1247
1335
  if (enc) {
1248
1275
    memcpy(name, sc->ticket_key_name_, sizeof(sc->ticket_key_name_));
1249
2550
    if (RAND_bytes(iv, 16) <= 0 ||
1250
1275
        EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), nullptr,
1251

2550
                           sc->ticket_key_aes_, iv) <= 0 ||
1252
1275
        HMAC_Init_ex(hctx, sc->ticket_key_hmac_, sizeof(sc->ticket_key_hmac_),
1253
                     EVP_sha256(), nullptr) <= 0) {
1254
      return -1;
1255
    }
1256
1275
    return 1;
1257
  }
1258
1259
60
  if (memcmp(name, sc->ticket_key_name_, sizeof(sc->ticket_key_name_)) != 0) {
1260
    // The ticket key name does not match. Discard the ticket.
1261
9
    return 0;
1262
  }
1263
1264
51
  if (EVP_DecryptInit_ex(ectx, EVP_aes_128_cbc(), nullptr, sc->ticket_key_aes_,
1265

102
                         iv) <= 0 ||
1266
51
      HMAC_Init_ex(hctx, sc->ticket_key_hmac_, sizeof(sc->ticket_key_hmac_),
1267
                   EVP_sha256(), nullptr) <= 0) {
1268
    return -1;
1269
  }
1270
51
  return 1;
1271
}
1272
1273
2
void SecureContext::CtxGetter(const FunctionCallbackInfo<Value>& info) {
1274
  SecureContext* sc;
1275
2
  ASSIGN_OR_RETURN_UNWRAP(&sc, info.This());
1276
4
  Local<External> ext = External::New(info.GetIsolate(), sc->ctx_.get());
1277
4
  info.GetReturnValue().Set(ext);
1278
}
1279
1280
template <bool primary>
1281
12
void SecureContext::GetCertificate(const FunctionCallbackInfo<Value>& args) {
1282
  SecureContext* wrap;
1283
12
  ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
1284
12
  Environment* env = wrap->env();
1285
  X509* cert;
1286
1287
  if (primary)
1288
6
    cert = wrap->cert_.get();
1289
  else
1290
6
    cert = wrap->issuer_.get();
1291
12
  if (cert == nullptr)
1292
    return args.GetReturnValue().SetNull();
1293
1294
12
  int size = i2d_X509(cert, nullptr);
1295
  Local<Object> buff;
1296
24
  if (!Buffer::New(env, size).ToLocal(&buff))
1297
    return;
1298
12
  unsigned char* serialized = reinterpret_cast<unsigned char*>(
1299
12
      Buffer::Data(buff));
1300
12
  i2d_X509(cert, &serialized);
1301
1302
24
  args.GetReturnValue().Set(buff);
1303
}
1304
1305
namespace {
1306
4
unsigned long AddCertsFromFile(  // NOLINT(runtime/int)
1307
    X509_STORE* store,
1308
    const char* file) {
1309
4
  ERR_clear_error();
1310
8
  MarkPopErrorOnReturn mark_pop_error_on_return;
1311
1312
8
  BIOPointer bio(BIO_new_file(file, "r"));
1313
4
  if (!bio)
1314
1
    return ERR_get_error();
1315
1316
  while (X509* x509 =
1317
6
      PEM_read_bio_X509(bio.get(), nullptr, NoPasswordCallback, nullptr)) {
1318
3
    X509_STORE_add_cert(store, x509);
1319
3
    X509_free(x509);
1320
3
  }
1321
1322
3
  unsigned long err = ERR_peek_error();  // NOLINT(runtime/int)
1323
  // Ignore error if its EOF/no start line found.
1324

6
  if (ERR_GET_LIB(err) == ERR_LIB_PEM &&
1325
3
      ERR_GET_REASON(err) == PEM_R_NO_START_LINE) {
1326
3
    return 0;
1327
  }
1328
1329
  return err;
1330
}
1331
}  // namespace
1332
1333
// UseExtraCaCerts is called only once at the start of the Node.js process.
1334
4
void UseExtraCaCerts(const std::string& file) {
1335
4
  ClearErrorOnReturn clear_error_on_return;
1336
1337
4
  if (root_cert_store == nullptr) {
1338
4
    root_cert_store = NewRootCertStore();
1339
1340
4
    if (!file.empty()) {
1341
4
      unsigned long err = AddCertsFromFile(  // NOLINT(runtime/int)
1342
                                           root_cert_store,
1343
                                           file.c_str());
1344
4
      if (err) {
1345
1
        fprintf(stderr,
1346
                "Warning: Ignoring extra certs from `%s`, load failed: %s\n",
1347
                file.c_str(),
1348
                ERR_error_string(err, nullptr));
1349
      } else {
1350
3
        extra_root_certs_loaded = true;
1351
      }
1352
    }
1353
  }
1354
4
}
1355
1356
// Exposed to JavaScript strictly for testing purposes.
1357
3
void IsExtraRootCertsFileLoaded(
1358
    const FunctionCallbackInfo<Value>& args) {
1359
6
  return args.GetReturnValue().Set(extra_root_certs_loaded);
1360
}
1361
1362
}  // namespace crypto
1363
}  // namespace node