#include "base_object-inl.h" #include "env-inl.h" #include "node_buffer.h" #include "node_crypto.h" #include "node_crypto_common.h" #include "node.h" #include "node_internals.h" #include "node_url.h" #include "string_bytes.h" #include "v8.h" #include #include #include #include #include #include #include #include #include #include namespace node { using v8::Array; using v8::ArrayBufferView; using v8::Context; using v8::EscapableHandleScope; using v8::Integer; using v8::Local; using v8::MaybeLocal; using v8::NewStringType; using v8::Null; using v8::Object; using v8::String; using v8::Undefined; using v8::Value; namespace crypto { static constexpr int X509_NAME_FLAGS = ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_UTF8_CONVERT | XN_FLAG_SEP_MULTILINE | XN_FLAG_FN_SN; int SSL_CTX_get_issuer(SSL_CTX* ctx, X509* cert, X509** issuer) { X509_STORE* store = SSL_CTX_get_cert_store(ctx); DeleteFnPtr store_ctx( X509_STORE_CTX_new()); return store_ctx.get() != nullptr && X509_STORE_CTX_init(store_ctx.get(), store, nullptr, nullptr) == 1 && X509_STORE_CTX_get1_issuer(issuer, store_ctx.get(), cert) == 1; } void LogSecret( const SSLPointer& ssl, const char* name, const unsigned char* secret, size_t secretlen) { auto keylog_cb = SSL_CTX_get_keylog_callback(SSL_get_SSL_CTX(ssl.get())); unsigned char crandom[32]; if (keylog_cb == nullptr || SSL_get_client_random(ssl.get(), crandom, 32) != 32) { return; } std::string line = name; line += " " + StringBytes::hex_encode( reinterpret_cast(crandom), 32); line += " " + StringBytes::hex_encode( reinterpret_cast(secret), secretlen); keylog_cb(ssl.get(), line.c_str()); } bool SetALPN(const SSLPointer& ssl, const std::string& alpn) { return SSL_set_alpn_protos( ssl.get(), reinterpret_cast(alpn.c_str()), alpn.length()) == 0; } bool SetALPN(const SSLPointer& ssl, Local alpn) { if (!alpn->IsArrayBufferView()) return false; ArrayBufferViewContents protos(alpn.As()); return SSL_set_alpn_protos(ssl.get(), protos.data(), protos.length()) == 0; } MaybeLocal GetSSLOCSPResponse( Environment* env, SSL* ssl, Local default_value) { const unsigned char* resp; int len = SSL_get_tlsext_status_ocsp_resp(ssl, &resp); if (resp == nullptr) return default_value; Local ret; MaybeLocal maybe_buffer = Buffer::Copy(env, reinterpret_cast(resp), len); if (!maybe_buffer.ToLocal(&ret)) return MaybeLocal(); return ret; } bool SetTLSSession( const SSLPointer& ssl, const unsigned char* buf, size_t length) { SSLSessionPointer s(d2i_SSL_SESSION(nullptr, &buf, length)); return s == nullptr ? false : SetTLSSession(ssl, s); } bool SetTLSSession( const SSLPointer& ssl, const SSLSessionPointer& session) { return session != nullptr && SSL_set_session(ssl.get(), session.get()) == 1; } SSLSessionPointer GetTLSSession(Local val) { if (!val->IsArrayBufferView()) return SSLSessionPointer(); ArrayBufferViewContents sbuf(val.As()); return GetTLSSession(sbuf.data(), sbuf.length()); } SSLSessionPointer GetTLSSession(const unsigned char* buf, size_t length) { return SSLSessionPointer(d2i_SSL_SESSION(nullptr, &buf, length)); } std::unordered_multimap GetCertificateAltNames(X509* cert) { std::unordered_multimap map; BIOPointer bio(BIO_new(BIO_s_mem())); BUF_MEM* mem; int idx = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1); if (idx < 0) // There is no subject alt name return map; X509_EXTENSION* ext = X509_get_ext(cert, idx); CHECK_NOT_NULL(ext); const X509V3_EXT_METHOD* method = X509V3_EXT_get(ext); CHECK_EQ(method, X509V3_EXT_get_nid(NID_subject_alt_name)); GENERAL_NAMES* names = static_cast(X509V3_EXT_d2i(ext)); if (names == nullptr) // There are no names return map; for (int i = 0; i < sk_GENERAL_NAME_num(names); i++) { USE(BIO_reset(bio.get())); GENERAL_NAME* gen = sk_GENERAL_NAME_value(names, i); if (gen->type == GEN_DNS) { ASN1_IA5STRING* name = gen->d.dNSName; BIO_write(bio.get(), name->data, name->length); BIO_get_mem_ptr(bio.get(), &mem); map.emplace("dns", std::string(mem->data, mem->length)); } else { STACK_OF(CONF_VALUE)* nval = i2v_GENERAL_NAME( const_cast(method), gen, nullptr); if (nval == nullptr) continue; X509V3_EXT_val_prn(bio.get(), nval, 0, 0); sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); BIO_get_mem_ptr(bio.get(), &mem); std::string value(mem->data, mem->length); if (value.compare(0, 11, "IP Address:") == 0) { map.emplace("ip", value.substr(11)); } else if (value.compare(0, 4, "URI:") == 0) { url::URL url(value.substr(4)); if (url.flags() & url::URL_FLAGS_CANNOT_BE_BASE || url.flags() & url::URL_FLAGS_FAILED) { continue; // Skip this one } map.emplace("uri", url.host()); } } } sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free); return map; } std::string GetCertificateCN(X509* cert) { X509_NAME* subject = X509_get_subject_name(cert); if (subject != nullptr) { int nid = OBJ_txt2nid("CN"); int idx = X509_NAME_get_index_by_NID(subject, nid, -1); if (idx != -1) { X509_NAME_ENTRY* cn = X509_NAME_get_entry(subject, idx); if (cn != nullptr) { ASN1_STRING* cn_str = X509_NAME_ENTRY_get_data(cn); if (cn_str != nullptr) { return std::string(reinterpret_cast( ASN1_STRING_get0_data(cn_str))); } } } } return std::string(); } long VerifyPeerCertificate( // NOLINT(runtime/int) const SSLPointer& ssl, long def) { // NOLINT(runtime/int) long err = def; // NOLINT(runtime/int) if (X509* peer_cert = SSL_get_peer_certificate(ssl.get())) { X509_free(peer_cert); err = SSL_get_verify_result(ssl.get()); } else { const SSL_CIPHER* curr_cipher = SSL_get_current_cipher(ssl.get()); const SSL_SESSION* sess = SSL_get_session(ssl.get()); // Allow no-cert for PSK authentication in TLS1.2 and lower. // In TLS1.3 check that session was reused because TLS1.3 PSK // looks like session resumption. if (SSL_CIPHER_get_auth_nid(curr_cipher) == NID_auth_psk || (SSL_SESSION_get_protocol_version(sess) == TLS1_3_VERSION && SSL_session_reused(ssl.get()))) { return X509_V_OK; } } return err; } int UseSNIContext(const SSLPointer& ssl, BaseObjectPtr context) { SSL_CTX* ctx = context->ctx_.get(); X509* x509 = SSL_CTX_get0_certificate(ctx); EVP_PKEY* pkey = SSL_CTX_get0_privatekey(ctx); STACK_OF(X509)* chain; int err = SSL_CTX_get0_chain_certs(ctx, &chain); if (err == 1) err = SSL_use_certificate(ssl.get(), x509); if (err == 1) err = SSL_use_PrivateKey(ssl.get(), pkey); if (err == 1 && chain != nullptr) err = SSL_set1_chain(ssl.get(), chain); return err; } const char* GetClientHelloALPN(const SSLPointer& ssl) { const unsigned char* buf; size_t len; size_t rem; if (!SSL_client_hello_get0_ext( ssl.get(), TLSEXT_TYPE_application_layer_protocol_negotiation, &buf, &rem) || rem < 2) { return nullptr; } len = (buf[0] << 8) | buf[1]; if (len + 2 != rem) return nullptr; return reinterpret_cast(buf + 3); } const char* GetClientHelloServerName(const SSLPointer& ssl) { const unsigned char* buf; size_t len; size_t rem; if (!SSL_client_hello_get0_ext( ssl.get(), TLSEXT_TYPE_server_name, &buf, &rem) || rem <= 2) { return nullptr; } len = (*buf << 8) | *(buf + 1); if (len + 2 != rem) return nullptr; rem = len; if (rem == 0 || *(buf + 2) != TLSEXT_NAMETYPE_host_name) return nullptr; rem--; if (rem <= 2) return nullptr; len = (*(buf + 3) << 8) | *(buf + 4); if (len + 2 > rem) return nullptr; return reinterpret_cast(buf + 5); } const char* GetServerName(SSL* ssl) { return SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); } bool SetGroups(SecureContext* sc, const char* groups) { return SSL_CTX_set1_groups_list(**sc, groups) == 1; } const char* X509ErrorCode(long err) { // NOLINT(runtime/int) const char* code = "UNSPECIFIED"; #define CASE_X509_ERR(CODE) case X509_V_ERR_##CODE: code = #CODE; break; switch (err) { CASE_X509_ERR(UNABLE_TO_GET_ISSUER_CERT) CASE_X509_ERR(UNABLE_TO_GET_CRL) CASE_X509_ERR(UNABLE_TO_DECRYPT_CERT_SIGNATURE) CASE_X509_ERR(UNABLE_TO_DECRYPT_CRL_SIGNATURE) CASE_X509_ERR(UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY) CASE_X509_ERR(CERT_SIGNATURE_FAILURE) CASE_X509_ERR(CRL_SIGNATURE_FAILURE) CASE_X509_ERR(CERT_NOT_YET_VALID) CASE_X509_ERR(CERT_HAS_EXPIRED) CASE_X509_ERR(CRL_NOT_YET_VALID) CASE_X509_ERR(CRL_HAS_EXPIRED) CASE_X509_ERR(ERROR_IN_CERT_NOT_BEFORE_FIELD) CASE_X509_ERR(ERROR_IN_CERT_NOT_AFTER_FIELD) CASE_X509_ERR(ERROR_IN_CRL_LAST_UPDATE_FIELD) CASE_X509_ERR(ERROR_IN_CRL_NEXT_UPDATE_FIELD) CASE_X509_ERR(OUT_OF_MEM) CASE_X509_ERR(DEPTH_ZERO_SELF_SIGNED_CERT) CASE_X509_ERR(SELF_SIGNED_CERT_IN_CHAIN) CASE_X509_ERR(UNABLE_TO_GET_ISSUER_CERT_LOCALLY) CASE_X509_ERR(UNABLE_TO_VERIFY_LEAF_SIGNATURE) CASE_X509_ERR(CERT_CHAIN_TOO_LONG) CASE_X509_ERR(CERT_REVOKED) CASE_X509_ERR(INVALID_CA) CASE_X509_ERR(PATH_LENGTH_EXCEEDED) CASE_X509_ERR(INVALID_PURPOSE) CASE_X509_ERR(CERT_UNTRUSTED) CASE_X509_ERR(CERT_REJECTED) CASE_X509_ERR(HOSTNAME_MISMATCH) } #undef CASE_X509_ERR return code; } MaybeLocal GetValidationErrorReason(Environment* env, int err) { if (err == 0) return Undefined(env->isolate()); const char* reason = X509_verify_cert_error_string(err); return OneByteString(env->isolate(), reason); } MaybeLocal GetValidationErrorCode(Environment* env, int err) { if (err == 0) return Undefined(env->isolate()); return OneByteString(env->isolate(), X509ErrorCode(err)); } MaybeLocal GetCert(Environment* env, const SSLPointer& ssl) { ClearErrorOnReturn clear_error_on_return; X509* cert = SSL_get_certificate(ssl.get()); if (cert == nullptr) return Undefined(env->isolate()); Local ret; MaybeLocal maybe_cert = X509ToObject(env, cert); return maybe_cert.ToLocal(&ret) ? ret : MaybeLocal(); } namespace { template bool Set( Local context, Local target, Local name, MaybeLocal maybe_value) { Local value; if (!maybe_value.ToLocal(&value)) return false; // Undefined is ignored, but still considered successful if (value->IsUndefined()) return true; return !target->Set(context, name, value).IsNothing(); } Local ToV8Value(Environment* env, const BIOPointer& bio) { BUF_MEM* mem; BIO_get_mem_ptr(bio.get(), &mem); MaybeLocal ret = String::NewFromUtf8( env->isolate(), mem->data, NewStringType::kNormal, mem->length); USE(BIO_reset(bio.get())); return ret.FromMaybe(Local()); } MaybeLocal GetCipherName( Environment* env, const SSL_CIPHER* cipher) { if (cipher == nullptr) return Undefined(env->isolate()); return OneByteString(env->isolate(), SSL_CIPHER_get_name(cipher)); } MaybeLocal GetCipherStandardName( Environment* env, const SSL_CIPHER* cipher) { if (cipher == nullptr) return Undefined(env->isolate()); return OneByteString(env->isolate(), SSL_CIPHER_standard_name(cipher)); } MaybeLocal GetCipherVersion( Environment* env, const SSL_CIPHER* cipher) { if (cipher == nullptr) return Undefined(env->isolate()); return OneByteString(env->isolate(), SSL_CIPHER_get_version(cipher)); } StackOfX509 CloneSSLCerts(X509Pointer&& cert, const STACK_OF(X509)* const ssl_certs) { StackOfX509 peer_certs(sk_X509_new(nullptr)); if (cert) sk_X509_push(peer_certs.get(), cert.release()); for (int i = 0; i < sk_X509_num(ssl_certs); i++) { X509Pointer cert(X509_dup(sk_X509_value(ssl_certs, i))); if (!cert || !sk_X509_push(peer_certs.get(), cert.get())) return StackOfX509(); // `cert` is now managed by the stack. cert.release(); } return peer_certs; } MaybeLocal AddIssuerChainToObject( X509Pointer* cert, Local object, StackOfX509&& peer_certs, Environment* const env) { Local context = env->isolate()->GetCurrentContext(); cert->reset(sk_X509_delete(peer_certs.get(), 0)); for (;;) { int i; for (i = 0; i < sk_X509_num(peer_certs.get()); i++) { X509* ca = sk_X509_value(peer_certs.get(), i); if (X509_check_issued(ca, cert->get()) != X509_V_OK) continue; Local ca_info; MaybeLocal maybe_ca_info = X509ToObject(env, ca); if (!maybe_ca_info.ToLocal(&ca_info)) return MaybeLocal(); if (!Set(context, object, env->issuercert_string(), ca_info)) return MaybeLocal(); object = ca_info; // NOTE: Intentionally freeing cert that is not used anymore. // Delete cert and continue aggregating issuers. cert->reset(sk_X509_delete(peer_certs.get(), i)); break; } // Issuer not found, break out of the loop. if (i == sk_X509_num(peer_certs.get())) break; } return MaybeLocal(object); } MaybeLocal GetLastIssuedCert( X509Pointer* cert, const SSLPointer& ssl, Local issuer_chain, Environment* const env) { Local context = env->isolate()->GetCurrentContext(); while (X509_check_issued(cert->get(), cert->get()) != X509_V_OK) { X509* ca; if (SSL_CTX_get_issuer(SSL_get_SSL_CTX(ssl.get()), cert->get(), &ca) <= 0) break; Local ca_info; MaybeLocal maybe_ca_info = X509ToObject(env, ca); if (!maybe_ca_info.ToLocal(&ca_info)) return MaybeLocal(); if (!Set(context, issuer_chain, env->issuercert_string(), ca_info)) return MaybeLocal(); issuer_chain = ca_info; // Delete previous cert and continue aggregating issuers. cert->reset(ca); } return MaybeLocal(issuer_chain); } MaybeLocal GetRawDERCertificate(Environment* env, X509* cert) { int size = i2d_X509(cert, nullptr); AllocatedBuffer buffer = env->AllocateManaged(size); unsigned char* serialized = reinterpret_cast(buffer.data()); i2d_X509(cert, &serialized); return buffer.ToBuffer(); } MaybeLocal GetSerialNumber(Environment* env, X509* cert) { if (ASN1_INTEGER* serial_number = X509_get_serialNumber(cert)) { BignumPointer bn(ASN1_INTEGER_to_BN(serial_number, nullptr)); if (bn) { OpenSSLBuffer buf(BN_bn2hex(bn.get())); if (buf) return OneByteString(env->isolate(), buf.get()); } } return Undefined(env->isolate()); } MaybeLocal GetKeyUsage(Environment* env, X509* cert) { StackOfASN1 eku(static_cast( X509_get_ext_d2i(cert, NID_ext_key_usage, nullptr, nullptr))); if (eku) { const int count = sk_ASN1_OBJECT_num(eku.get()); MaybeStackBuffer, 16> ext_key_usage(count); char buf[256]; int j = 0; for (int i = 0; i < count; i++) { if (OBJ_obj2txt(buf, sizeof(buf), sk_ASN1_OBJECT_value(eku.get(), i), 1) >= 0) { ext_key_usage[j++] = OneByteString(env->isolate(), buf); } } return Array::New(env->isolate(), ext_key_usage.out(), count); } return Undefined(env->isolate()); } void AddFingerprintDigest( const unsigned char* md, unsigned int md_size, char (*fingerprint)[3 * EVP_MAX_MD_SIZE + 1]) { unsigned int i; const char hex[] = "0123456789ABCDEF"; for (i = 0; i < md_size; i++) { (*fingerprint)[3*i] = hex[(md[i] & 0xf0) >> 4]; (*fingerprint)[(3*i)+1] = hex[(md[i] & 0x0f)]; (*fingerprint)[(3*i)+2] = ':'; } if (md_size > 0) { (*fingerprint)[(3*(md_size-1))+2] = '\0'; } else { (*fingerprint)[0] = '\0'; } } bool SafeX509ExtPrint(const BIOPointer& out, X509_EXTENSION* ext) { const X509V3_EXT_METHOD* method = X509V3_EXT_get(ext); if (method != X509V3_EXT_get_nid(NID_subject_alt_name)) return false; GENERAL_NAMES* names = static_cast(X509V3_EXT_d2i(ext)); if (names == nullptr) return false; for (int i = 0; i < sk_GENERAL_NAME_num(names); i++) { GENERAL_NAME* gen = sk_GENERAL_NAME_value(names, i); if (i != 0) BIO_write(out.get(), ", ", 2); if (gen->type == GEN_DNS) { ASN1_IA5STRING* name = gen->d.dNSName; BIO_write(out.get(), "DNS:", 4); BIO_write(out.get(), name->data, name->length); } else { STACK_OF(CONF_VALUE)* nval = i2v_GENERAL_NAME( const_cast(method), gen, nullptr); if (nval == nullptr) return false; X509V3_EXT_val_prn(out.get(), nval, 0, 0); sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); } } sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free); return true; } MaybeLocal GetFingerprintDigest( Environment* env, const EVP_MD* method, X509* cert) { unsigned char md[EVP_MAX_MD_SIZE]; unsigned int md_size; char fingerprint[EVP_MAX_MD_SIZE * 3 + 1]; if (X509_digest(cert, method, md, &md_size)) { AddFingerprintDigest(md, md_size, &fingerprint); return OneByteString(env->isolate(), fingerprint); } return Undefined(env->isolate()); } MaybeLocal GetValidTo( Environment* env, X509* cert, const BIOPointer& bio) { ASN1_TIME_print(bio.get(), X509_get0_notAfter(cert)); return ToV8Value(env, bio); } MaybeLocal GetValidFrom( Environment* env, X509* cert, const BIOPointer& bio) { ASN1_TIME_print(bio.get(), X509_get0_notBefore(cert)); return ToV8Value(env, bio); } MaybeLocal GetCurveASN1Name(Environment* env, const int nid) { const char* nist = OBJ_nid2sn(nid); return nist != nullptr ? MaybeLocal(OneByteString(env->isolate(), nist)) : MaybeLocal(Undefined(env->isolate())); } MaybeLocal GetCurveNistName(Environment* env, const int nid) { const char* nist = EC_curve_nid2nist(nid); return nist != nullptr ? MaybeLocal(OneByteString(env->isolate(), nist)) : MaybeLocal(Undefined(env->isolate())); } MaybeLocal GetECPubKey( Environment* env, const EC_GROUP* group, const ECPointer& ec) { const EC_POINT* pubkey = EC_KEY_get0_public_key(ec.get()); if (pubkey == nullptr) return Undefined(env->isolate()); return ECPointToBuffer( env, group, pubkey, EC_KEY_get_conv_form(ec.get()), nullptr).FromMaybe(Local()); } MaybeLocal GetECGroup( Environment* env, const EC_GROUP* group, const ECPointer& ec) { if (group == nullptr) return Undefined(env->isolate()); int bits = EC_GROUP_order_bits(group); if (bits <= 0) return Undefined(env->isolate()); return Integer::New(env->isolate(), bits); } MaybeLocal GetPubKey(Environment* env, const RSAPointer& rsa) { int size = i2d_RSA_PUBKEY(rsa.get(), nullptr); CHECK_GE(size, 0); AllocatedBuffer buffer = env->AllocateManaged(size); unsigned char* serialized = reinterpret_cast(buffer.data()); i2d_RSA_PUBKEY(rsa.get(), &serialized); return buffer.ToBuffer(); } MaybeLocal GetExponentString( Environment* env, const BIOPointer& bio, const BIGNUM* e) { uint64_t exponent_word = static_cast(BN_get_word(e)); uint32_t lo = static_cast(exponent_word); uint32_t hi = static_cast(exponent_word >> 32); if (hi == 0) BIO_printf(bio.get(), "0x%x", lo); else BIO_printf(bio.get(), "0x%x%08x", hi, lo); return ToV8Value(env, bio); } Local GetBits(Environment* env, const BIGNUM* n) { return Integer::New(env->isolate(), BN_num_bits(n)); } MaybeLocal GetModulusString( Environment* env, const BIOPointer& bio, const BIGNUM* n) { BN_print(bio.get(), n); return ToV8Value(env, bio); } template MaybeLocal GetInfoString( Environment* env, const BIOPointer& bio, X509* cert) { int index = X509_get_ext_by_NID(cert, nid, -1); if (index < 0) return Undefined(env->isolate()); X509_EXTENSION* ext = X509_get_ext(cert, index); CHECK_NOT_NULL(ext); if (!SafeX509ExtPrint(bio, ext) && X509V3_EXT_print(bio.get(), ext, 0, 0) != 1) { USE(BIO_reset(bio.get())); return Null(env->isolate()); } return ToV8Value(env, bio); } MaybeLocal GetIssuerString( Environment* env, const BIOPointer& bio, X509* cert) { X509_NAME* issuer_name = X509_get_issuer_name(cert); if (X509_NAME_print_ex(bio.get(), issuer_name, 0, X509_NAME_FLAGS) <= 0) { USE(BIO_reset(bio.get())); return Undefined(env->isolate()); } return ToV8Value(env, bio); } MaybeLocal GetSubject( Environment* env, const BIOPointer& bio, X509* cert) { if (X509_NAME_print_ex( bio.get(), X509_get_subject_name(cert), 0, X509_NAME_FLAGS) <= 0) { USE(BIO_reset(bio.get())); return Undefined(env->isolate()); } return ToV8Value(env, bio); } } // namespace MaybeLocal GetCipherName(Environment* env, const SSLPointer& ssl) { return GetCipherName(env, SSL_get_current_cipher(ssl.get())); } MaybeLocal GetCipherStandardName( Environment* env, const SSLPointer& ssl) { return GetCipherStandardName(env, SSL_get_current_cipher(ssl.get())); } MaybeLocal GetCipherVersion(Environment* env, const SSLPointer& ssl) { return GetCipherVersion(env, SSL_get_current_cipher(ssl.get())); } MaybeLocal GetClientHelloCiphers( Environment* env, const SSLPointer& ssl) { EscapableHandleScope scope(env->isolate()); const unsigned char* buf; size_t len = SSL_client_hello_get0_ciphers(ssl.get(), &buf); size_t count = len / 2; MaybeStackBuffer, 16> ciphers(count); int j = 0; for (size_t n = 0; n < len; n += 2) { const SSL_CIPHER* cipher = SSL_CIPHER_find(ssl.get(), buf); buf += 2; Local obj = Object::New(env->isolate()); if (!Set(env->context(), obj, env->name_string(), GetCipherName(env, cipher)) || !Set(env->context(), obj, env->standard_name_string(), GetCipherStandardName(env, cipher)) || !Set(env->context(), obj, env->version_string(), GetCipherVersion(env, cipher))) { return MaybeLocal(); } ciphers[j++] = obj; } Local ret = Array::New(env->isolate(), ciphers.out(), count); return scope.Escape(ret); } MaybeLocal GetCipherInfo(Environment* env, const SSLPointer& ssl) { EscapableHandleScope scope(env->isolate()); Local info = Object::New(env->isolate()); if (!Set(env->context(), info, env->name_string(), GetCipherName(env, ssl)) || !Set(env->context(), info, env->standard_name_string(), GetCipherStandardName(env, ssl)) || !Set(env->context(), info, env->version_string(), GetCipherVersion(env, ssl))) { return MaybeLocal(); } return scope.Escape(info); } MaybeLocal GetEphemeralKey(Environment* env, const SSLPointer& ssl) { CHECK_EQ(SSL_is_server(ssl.get()), 0); EVP_PKEY* raw_key; EscapableHandleScope scope(env->isolate()); Local info = Object::New(env->isolate()); if (!SSL_get_server_tmp_key(ssl.get(), &raw_key)) return scope.Escape(info); Local context = env->context(); crypto::EVPKeyPointer key(raw_key); int kid = EVP_PKEY_id(key.get()); int bits = EVP_PKEY_bits(key.get()); switch (kid) { case EVP_PKEY_DH: if (!Set(context, info, env->type_string(), env->dh_string()) || !Set(context, info, env->size_string(), Integer::New(env->isolate(), bits))) { return MaybeLocal(); } break; case EVP_PKEY_EC: case EVP_PKEY_X25519: case EVP_PKEY_X448: { const char* curve_name; if (kid == EVP_PKEY_EC) { ECKeyPointer ec(EVP_PKEY_get1_EC_KEY(key.get())); int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec.get())); curve_name = OBJ_nid2sn(nid); } else { curve_name = OBJ_nid2sn(kid); } if (!Set(context, info, env->type_string(), env->ecdh_string()) || !Set(context, info, env->name_string(), OneByteString(env->isolate(), curve_name)) || !Set(context, info, env->size_string(), Integer::New(env->isolate(), bits))) { return MaybeLocal(); } } break; } return scope.Escape(info); } MaybeLocal ECPointToBuffer(Environment* env, const EC_GROUP* group, const EC_POINT* point, point_conversion_form_t form, const char** error) { size_t len = EC_POINT_point2oct(group, point, form, nullptr, 0, nullptr); if (len == 0) { if (error != nullptr) *error = "Failed to get public key length"; return MaybeLocal(); } AllocatedBuffer buf = env->AllocateManaged(len); len = EC_POINT_point2oct(group, point, form, reinterpret_cast(buf.data()), buf.size(), nullptr); if (len == 0) { if (error != nullptr) *error = "Failed to get public key"; return MaybeLocal(); } return buf.ToBuffer(); } MaybeLocal GetPeerCert( Environment* env, const SSLPointer& ssl, bool abbreviated, bool is_server) { ClearErrorOnReturn clear_error_on_return; Local result; MaybeLocal maybe_cert; // NOTE: This is because of the odd OpenSSL behavior. On client `cert_chain` // contains the `peer_certificate`, but on server it doesn't. X509Pointer cert(is_server ? SSL_get_peer_certificate(ssl.get()) : nullptr); STACK_OF(X509)* ssl_certs = SSL_get_peer_cert_chain(ssl.get()); if (!cert && (ssl_certs == nullptr || sk_X509_num(ssl_certs) == 0)) return Undefined(env->isolate()); // Short result requested. if (abbreviated) { maybe_cert = X509ToObject(env, cert ? cert.get() : sk_X509_value(ssl_certs, 0)); return maybe_cert.ToLocal(&result) ? result : MaybeLocal(); } StackOfX509 peer_certs = CloneSSLCerts(std::move(cert), ssl_certs); if (peer_certs == nullptr) return Undefined(env->isolate()); // First and main certificate. X509Pointer first_cert(sk_X509_value(peer_certs.get(), 0)); CHECK(first_cert); maybe_cert = X509ToObject(env, first_cert.release()).ToLocalChecked(); if (!maybe_cert.ToLocal(&result)) return MaybeLocal(); Local issuer_chain; MaybeLocal maybe_issuer_chain; maybe_issuer_chain = AddIssuerChainToObject( &cert, result, std::move(peer_certs), env); if (!maybe_issuer_chain.ToLocal(&issuer_chain)) return MaybeLocal(); maybe_issuer_chain = GetLastIssuedCert( &cert, ssl, issuer_chain, env); issuer_chain.Clear(); if (!maybe_issuer_chain.ToLocal(&issuer_chain)) return MaybeLocal(); // Last certificate should be self-signed. if (X509_check_issued(cert.get(), cert.get()) == X509_V_OK && !Set(env->context(), issuer_chain, env->issuercert_string(), issuer_chain)) { return MaybeLocal(); } return result; } MaybeLocal X509ToObject(Environment* env, X509* cert) { EscapableHandleScope scope(env->isolate()); Local context = env->context(); Local info = Object::New(env->isolate()); BIOPointer bio(BIO_new(BIO_s_mem())); if (!Set(context, info, env->subject_string(), GetSubject(env, bio, cert)) || !Set(context, info, env->issuer_string(), GetIssuerString(env, bio, cert)) || !Set(context, info, env->subjectaltname_string(), GetInfoString(env, bio, cert)) || !Set(context, info, env->infoaccess_string(), GetInfoString(env, bio, cert))) { return MaybeLocal(); } EVPKeyPointer pkey(X509_get_pubkey(cert)); RSAPointer rsa; ECPointer ec; if (pkey) { switch (EVP_PKEY_id(pkey.get())) { case EVP_PKEY_RSA: rsa.reset(EVP_PKEY_get1_RSA(pkey.get())); break; case EVP_PKEY_EC: ec.reset(EVP_PKEY_get1_EC_KEY(pkey.get())); break; } } if (rsa) { const BIGNUM* n; const BIGNUM* e; RSA_get0_key(rsa.get(), &n, &e, nullptr); if (!Set(context, info, env->modulus_string(), GetModulusString(env, bio, n)) || !Set(context, info, env->bits_string(), GetBits(env, n)) || !Set(context, info, env->exponent_string(), GetExponentString(env, bio, e)) || !Set(context, info, env->pubkey_string(), GetPubKey(env, rsa))) { return MaybeLocal(); } } else if (ec) { const EC_GROUP* group = EC_KEY_get0_group(ec.get()); if (!Set(context, info, env->bits_string(), GetECGroup(env, group, ec)) || !Set(context, info, env->pubkey_string(), GetECPubKey(env, group, ec))) { return MaybeLocal(); } const int nid = EC_GROUP_get_curve_name(group); if (nid != 0) { // Curve is well-known, get its OID and NIST nick-name (if it has one). if (!Set(context, info, env->asn1curve_string(), GetCurveASN1Name(env, nid)) || !Set(context, info, env->nistcurve_string(), GetCurveNistName(env, nid))) { return MaybeLocal(); } } else { // Unnamed curves can be described by their mathematical properties, // but aren't used much (at all?) with X.509/TLS. Support later if needed. } } // pkey, rsa, and ec pointers are no longer needed. pkey.reset(); rsa.reset(); ec.reset(); if (!Set(context, info, env->valid_from_string(), GetValidFrom(env, cert, bio)) || !Set(context, info, env->valid_to_string(), GetValidTo(env, cert, bio))) { return MaybeLocal(); } // bio is no longer needed bio.reset(); if (!Set(context, info, env->fingerprint_string(), GetFingerprintDigest(env, EVP_sha1(), cert)) || !Set(context, info, env->fingerprint256_string(), GetFingerprintDigest(env, EVP_sha256(), cert)) || !Set(context, info, env->ext_key_usage_string(), GetKeyUsage(env, cert)) || !Set(context, info, env->serial_number_string(), GetSerialNumber(env, cert)) || !Set(context, info, env->raw_string(), GetRawDERCertificate(env, cert))) { return MaybeLocal(); } return scope.Escape(info); } } // namespace crypto } // namespace node