Backport of ECC support
https://issues.apache.org/bugzilla/show_bug.cgi?id=40132
--- ./docs/conf/extra/httpd-ssl.conf.in.orig 2012-01-04 21:10:40.000000000 +0100
+++ ./docs/conf/extra/httpd-ssl.conf.in 2013-09-07 05:44:49.000000000 +0200
@@ -91,8 +91,11 @@
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
+# Recent OpenSSL snapshots include Elliptic Curve Cryptograhpy (ECC)
+# cipher suites (see RFC 4492) as part of "ALL". Edit this line
+# if you need to disable any of those ciphers.
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
# Speed-optimized SSL Cipher configuration:
# If speed is your main concern (on busy HTTPS servers e.g.),
@@ -113,18 +116,24 @@
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
+# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
+# require an ECC certificate which can also be configured in
+# parallel.
SSLCertificateFile "@exp_sysconfdir@/server.crt"
#SSLCertificateFile "@exp_sysconfdir@/server-dsa.crt"
+#SSLCertificateFile "@exp_sysconfdir@/server-ecc.crt"
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
+# ECC keys, when in use, can also be configured in parallel
SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
#SSLCertificateKeyFile "@exp_sysconfdir@/server-dsa.key"
+#SSLCertificateKeyFile "@exp_sysconfdir@/server-ecc.key"
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
--- ./modules/ssl/ssl_private.h.orig 2013-02-15 16:50:37.000000000 +0100
+++ ./modules/ssl/ssl_private.h 2013-09-07 05:43:20.000000000 +0200
@@ -190,13 +190,23 @@
#define SSL_ALGO_UNKNOWN (0)
#define SSL_ALGO_RSA (1<<0)
#define SSL_ALGO_DSA (1<<1)
+#ifndef OPENSSL_NO_EC
+#define SSL_ALGO_ECC (1<<2)
+#define SSL_ALGO_ALL (SSL_ALGO_RSA|SSL_ALGO_DSA|SSL_ALGO_ECC)
+#else
#define SSL_ALGO_ALL (SSL_ALGO_RSA|SSL_ALGO_DSA)
+#endif /* SSL_LIBRARY_VERSION */
#define SSL_AIDX_RSA (0)
#define SSL_AIDX_DSA (1)
+#ifndef OPENSSL_NO_EC
+#define SSL_AIDX_ECC (2)
+#define SSL_AIDX_MAX (3)
+#else
#define SSL_AIDX_MAX (2)
+#endif /* SSL_LIBRARY_VERSION */
/**
* Define IDs for the temporary RSA keys and DH params
@@ -624,8 +634,11 @@
/** OpenSSL callbacks */
RSA *ssl_callback_TmpRSA(SSL *, int, int);
DH *ssl_callback_TmpDH(SSL *, int, int);
+#ifndef OPENSSL_NO_EC
+EC_KEY *ssl_callback_TmpECDH(SSL *, int, int);
+#endif /* SSL_LIBRARY_VERSION */
int ssl_callback_SSLVerify(int, X509_STORE_CTX *);
int ssl_callback_SSLVerify_CRL(int, X509_STORE_CTX *, conn_rec *);
int ssl_callback_proxy_cert(SSL *ssl, MODSSL_CLIENT_CERT_CB_ARG_TYPE **x509, EVP_PKEY **pkey);
int ssl_callback_NewSessionCacheEntry(SSL *, SSL_SESSION *);
--- ./modules/ssl/ssl_util.c.orig 2008-09-18 16:34:51.000000000 +0200
+++ ./modules/ssl/ssl_util.c 2013-09-07 05:43:20.000000000 +0200
@@ -149,8 +149,13 @@
break;
case EVP_PKEY_DSA:
t = SSL_ALGO_DSA;
break;
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ t = SSL_ALGO_ECC;
+ break;
+#endif
default:
break;
}
}
@@ -173,8 +178,13 @@
break;
case SSL_ALGO_DSA:
cp = "DSA";
break;
+#ifndef OPENSSL_NO_EC
+ case SSL_ALGO_ECC:
+ cp = "ECC";
+ break;
+#endif
default:
break;
}
return cp;
@@ -244,9 +254,13 @@
apr_hash_set(table, key, klen, NULL);
}
+#ifndef OPENSSL_NO_EC
+static const char *ssl_asn1_key_types[] = {"RSA", "DSA", "ECC"};
+#else
static const char *ssl_asn1_key_types[] = {"RSA", "DSA"};
+#endif
const char *ssl_asn1_keystr(int keytype)
{
if (keytype >= SSL_AIDX_MAX) {
--- ./modules/ssl/ssl_engine_init.c.orig 2012-10-07 08:39:16.000000000 +0200
+++ ./modules/ssl/ssl_engine_init.c 2013-09-07 05:43:20.000000000 +0200
@@ -398,9 +398,13 @@
/*
* Check for problematic re-initializations
*/
if (mctx->pks->certs[SSL_AIDX_RSA] ||
- mctx->pks->certs[SSL_AIDX_DSA])
+ mctx->pks->certs[SSL_AIDX_DSA]
+#ifndef OPENSSL_NO_EC
+ || mctx->pks->certs[SSL_AIDX_ECC]
+#endif
+ )
{
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
"Illegal attempt to re-initialise SSL for server "
"(SSLEngine On should go in the VirtualHost, not in global scope.)");
@@ -598,8 +602,11 @@
SSL_CTX *ctx = mctx->ssl_ctx;
SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA);
SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH);
+#ifndef OPENSSL_NO_EC
+ SSL_CTX_set_tmp_ecdh_callback(ctx,ssl_callback_TmpECDH);
+#endif
SSL_CTX_set_info_callback(ctx, ssl_callback_Info);
}
@@ -865,11 +872,18 @@
SSLModConfigRec *mc = myModConfig(s);
ssl_asn1_t *asn1;
MODSSL_D2I_PrivateKey_CONST unsigned char *ptr;
const char *type = ssl_asn1_keystr(idx);
- int pkey_type = (idx == SSL_AIDX_RSA) ? EVP_PKEY_RSA : EVP_PKEY_DSA;
+ int pkey_type;
EVP_PKEY *pkey;
+#ifndef OPENSSL_NO_EC
+ if (idx == SSL_AIDX_ECC)
+ pkey_type = EVP_PKEY_EC;
+ else
+#endif /* SSL_LIBRARY_VERSION */
+ pkey_type = (idx == SSL_AIDX_RSA) ? EVP_PKEY_RSA : EVP_PKEY_DSA;
+
if (!(asn1 = ssl_asn1_table_get(mc->tPrivateKey, id))) {
return FALSE;
}
@@ -977,22 +991,36 @@
apr_pool_t *p,
apr_pool_t *ptemp,
modssl_ctx_t *mctx)
{
- const char *rsa_id, *dsa_id;
+ const char *rsa_id, *dsa_id, *ecc_id;
const char *vhost_id = mctx->sc->vhost_id;
int i;
- int have_rsa, have_dsa;
+ int have_rsa, have_dsa, have_ecc;
rsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_RSA);
dsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_DSA);
+#ifndef OPENSSL_NO_EC
+ ecc_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_ECC);
+#endif
have_rsa = ssl_server_import_cert(s, mctx, rsa_id, SSL_AIDX_RSA);
have_dsa = ssl_server_import_cert(s, mctx, dsa_id, SSL_AIDX_DSA);
+#ifndef OPENSSL_NO_EC
+ have_ecc = ssl_server_import_cert(s, mctx, ecc_id, SSL_AIDX_ECC);
+#endif
- if (!(have_rsa || have_dsa)) {
+ if (!(have_rsa || have_dsa
+#ifndef OPENSSL_NO_EC
+ || have_ecc
+#endif
+)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+#ifndef OPENSSL_NO_EC
+ "Oops, no RSA, DSA or ECC server certificate found "
+#else
"Oops, no RSA or DSA server certificate found "
+#endif
"for '%s:%d'?!", s->server_hostname, s->port);
ssl_die();
}
@@ -1001,12 +1029,23 @@
}
have_rsa = ssl_server_import_key(s, mctx, rsa_id, SSL_AIDX_RSA);
have_dsa = ssl_server_import_key(s, mctx, dsa_id, SSL_AIDX_DSA);
+#if SSL_LIBRARY_VERSION >= 0x00908000
+ have_ecc = ssl_server_import_key(s, mctx, ecc_id, SSL_AIDX_ECC);
+#endif
- if (!(have_rsa || have_dsa)) {
+ if (!(have_rsa || have_dsa
+#if SSL_LIBRARY_VERSION >= 0x00908000
+ || have_ecc
+#endif
+ )) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+#if SSL_LIBRARY_VERSION >= 0x00908000
+ "Oops, no RSA, DSA or ECC server private key found?!");
+#else
"Oops, no RSA or DSA server private key found?!");
+#endif
ssl_die();
}
}
--- ./modules/ssl/ssl_engine_kernel.c.orig 2013-02-15 16:50:37.000000000 +0100
+++ ./modules/ssl/ssl_engine_kernel.c 2013-09-07 05:43:20.000000000 +0200
@@ -1266,8 +1266,35 @@
return (DH *)mc->pTmpKeys[idx];
}
+#ifndef OPENSSL_NO_EC
+EC_KEY *ssl_callback_TmpECDH(SSL *ssl, int export, int keylen)
+{
+ conn_rec *c = (conn_rec *)SSL_get_app_data(ssl);
+ SSLModConfigRec *mc = myModConfig(c->base_server);
+ int idx;
+ static EC_KEY *ecdh = NULL;
+ static init = 0;
+
+ /* XXX Uses 256-bit key for now. TODO: support other sizes. */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c,
+ "handing out temporary 256 bit ECC key");
+
+ if (init == 0) {
+ ecdh = EC_KEY_new();
+ if (ecdh != NULL) {
+ /* ecdh->group = EC_GROUP_new_by_nid(NID_secp160r2); */
+ EC_KEY_set_group(ecdh,
+ EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+ }
+ init = 1;
+ }
+
+ return ecdh;
+}
+#endif
+
/*
* This OpenSSL callback function is called when OpenSSL
* does client authentication and verifies the certificate chain.
*/
--- ./modules/ssl/mod_ssl.c.orig 2012-10-07 08:39:16.000000000 +0200
+++ ./modules/ssl/mod_ssl.c 2013-09-07 05:43:20.000000000 +0200
@@ -440,8 +440,11 @@
* Configure callbacks for SSL connection
*/
SSL_set_tmp_rsa_callback(ssl, ssl_callback_TmpRSA);
SSL_set_tmp_dh_callback(ssl, ssl_callback_TmpDH);
+#ifndef OPENSSL_NO_EC
+ SSL_set_tmp_ecdh_callback(ssl, ssl_callback_TmpECDH);
+#endif
SSL_set_verify_result(ssl, X509_V_OK);
ssl_io_filter_init(c, ssl);
--- ./modules/ssl/ssl_toolkit_compat.h.orig 2012-08-17 19:30:46.000000000 +0200
+++ ./modules/ssl/ssl_toolkit_compat.h 2013-09-07 05:45:26.000000000 +0200
@@ -37,8 +37,14 @@
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/x509v3.h>
+
+/* ECC support came along in OpenSSL 0.9.8 */
+#if (OPENSSL_VERSION_NUMBER < 0x00908000)
+#define OPENSSL_NO_EC
+#endif
+
/** Avoid tripping over an engine build installed globally and detected
* when the user points at an explicit non-engine flavor of OpenSSL
*/
#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)