/***************************************************************************

 *                                  _   _ ____  _

 *  Project                     ___| | | |  _ \| |

 *                             / __| | | | |_) | |

 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms

 * are also available at https://curl.se/docs/copyright.html.

 *

 * You may opt to use, copy, modify, merge, publish, distribute and/or sell

 * copies of the Software, and permit persons to whom the Software is

 * furnished to do so, under the terms of the COPYING file.

 *

 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY

 * KIND, either express or implied.

 *

 * SPDX-License-Identifier: curl

 *

 ***************************************************************************/

/* This file is for implementing all "generic" SSL functions that all libcurl

   internals should use. It is then responsible for calling the proper

   "backend" function.

   SSL-functions in libcurl should call functions in this source file, and not

   to any specific SSL-layer.

   Curl_ssl_ - prefix for generic ones

   Note that this source code uses the functions of the configured SSL

   backend via the global Curl_ssl instance.

   "SSL/TLS Strong Encryption: An Introduction"

   https://httpd.apache.org/docs/2.0/ssl/ssl_intro.html

*/

#include "curl_setup.h"

#ifdef HAVE_SYS_TYPES_H

#include <sys/types.h>

#endif

#include "urldata.h"

#include "cfilters.h"

#include "vtls/vtls.h" /* generic SSL protos etc */

#include "vtls/vtls_int.h"

#include "vtls/vtls_scache.h"

#include "vtls/openssl.h"        /* OpenSSL versions */

#include "vtls/gtls.h"           /* GnuTLS versions */

#include "vtls/wolfssl.h"        /* wolfSSL versions */

#include "vtls/schannel.h"       /* Schannel SSPI version */

#include "vtls/mbedtls.h"        /* mbedTLS versions */

#include "vtls/rustls.h"         /* Rustls versions */

#include "slist.h"

#include "curl_trc.h"

#include "strcase.h"

#include "url.h"

#include "progress.h"

#include "curlx/fopen.h"

#include "curl_sha256.h"

#include "curlx/base64.h"

#include "curlx/inet_pton.h"

#include "connect.h"

#include "select.h"

#include "setopt.h"

#include "curlx/strdup.h"

#include "curlx/strcopy.h"

#ifdef USE_APPLE_SECTRUST

#include <Security/Security.h>

#endif

#define CLONE_STRING(var)                    \

  do {                                       \

    if(source->var) {                        \

      dest->var = curlx_strdup(source->var); \

      if(!dest->var)                         \

        return FALSE;                        \

    }                                        \

    else                                     \

      dest->var = NULL;                      \

  } while(0)

#define CLONE_BLOB(var)                  \

  do {                                   \

    if(blobdup(&dest->var, source->var)) \

      return FALSE;                      \

  } while(0)

static CURLcode blobdup(struct curl_blob **dest, struct curl_blob *src)

{

  DEBUGASSERT(dest);

  DEBUGASSERT(!*dest);

  if(src) {

    /* only if there is data to dupe! */

    struct curl_blob *d;

    d = curlx_malloc(sizeof(struct curl_blob) + src->len);

    if(!d)

      return CURLE_OUT_OF_MEMORY;

    d->len = src->len;

    /* Always duplicate because the connection may survive longer than the

       handle that passed in the blob. */

    d->flags = CURL_BLOB_COPY;

    d->data = (void *)((char *)d + sizeof(struct curl_blob));

    memcpy(d->data, src->data, src->len);

    *dest = d;

  }

  return CURLE_OK;

}

/* returns TRUE if the blobs are identical */

static bool blobcmp(struct curl_blob *first, struct curl_blob *second)

{

  if(!first && !second) /* both are NULL */

    return TRUE;

  if(!first || !second) /* one is NULL */

    return FALSE;

  if(first->len != second->len) /* different sizes */

    return FALSE;

  return !memcmp(first->data, second->data, first->len); /* same data */

}

#ifdef USE_SSL

#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_PROXY)

static const struct alpn_spec ALPN_SPEC_H11 = {

  { ALPN_HTTP_1_1 }, 1

};

static const struct alpn_spec ALPN_SPEC_H10_H11 = {

  { ALPN_HTTP_1_0, ALPN_HTTP_1_1 }, 2

};

#ifdef USE_HTTP2

static const struct alpn_spec ALPN_SPEC_H2 = {

  { ALPN_H2 }, 1

};

static const struct alpn_spec ALPN_SPEC_H2_H11 = {

  { ALPN_H2, ALPN_HTTP_1_1 }, 2

};

static const struct alpn_spec ALPN_SPEC_H11_H2 = {

  { ALPN_HTTP_1_1, ALPN_H2 }, 2

};

#endif /* USE_HTTP2 */

static const struct alpn_spec *alpn_get_spec(http_majors wanted,

                                             http_majors preferred,

                                             bool only_http_10,

                                             bool use_alpn)

{

  if(!use_alpn)

    return NULL;

  /* If HTTP/1.0 is the wanted protocol then use ALPN http/1.0 and http/1.1.

     This is for compatibility reasons since some HTTP/1.0 servers with old

     ALPN implementations understand ALPN http/1.1 but not http/1.0. */

  if(only_http_10 && (wanted & CURL_HTTP_V1x))

    return &ALPN_SPEC_H10_H11;

#ifdef USE_HTTP2

  if(wanted & CURL_HTTP_V2x) {

    if(wanted & CURL_HTTP_V1x)

      return (preferred == CURL_HTTP_V1x) ?

        &ALPN_SPEC_H11_H2 : &ALPN_SPEC_H2_H11;

    return &ALPN_SPEC_H2;

  }

#else

  (void)wanted;

  (void)preferred;

#endif

  return &ALPN_SPEC_H11;

}

#endif /* !CURL_DISABLE_HTTP || !CURL_DISABLE_PROXY */

#endif /* USE_SSL */

void Curl_ssl_easy_config_init(struct Curl_easy *data)

{

  /*

   * libcurl 7.10 introduced SSL verification *by default*! This needs to be

   * switched off unless wanted.

   */

  data->set.ssl.primary.verifypeer = TRUE;

  data->set.ssl.primary.verifyhost = TRUE;

  data->set.ssl.primary.cache_session = TRUE; /* caching by default */

#ifndef CURL_DISABLE_PROXY

  data->set.proxy_ssl = data->set.ssl;

#endif

}

static bool match_ssl_primary_config(struct Curl_easy *data,

                                     struct ssl_primary_config *c1,

                                     struct ssl_primary_config *c2)

{

  (void)data;

  if((c1->version == c2->version) &&

     (c1->version_max == c2->version_max) &&

     (c1->ssl_options == c2->ssl_options) &&

     (c1->verifypeer == c2->verifypeer) &&

     (c1->verifyhost == c2->verifyhost) &&

     (c1->verifystatus == c2->verifystatus) &&

     blobcmp(c1->cert_blob, c2->cert_blob) &&

     blobcmp(c1->ca_info_blob, c2->ca_info_blob) &&

     blobcmp(c1->issuercert_blob, c2->issuercert_blob) &&

     Curl_safecmp(c1->CApath, c2->CApath) &&

     Curl_safecmp(c1->CAfile, c2->CAfile) &&

     Curl_safecmp(c1->issuercert, c2->issuercert) &&

     Curl_safecmp(c1->clientcert, c2->clientcert) &&

#ifdef USE_TLS_SRP

     !Curl_timestrcmp(c1->username, c2->username) &&

     !Curl_timestrcmp(c1->password, c2->password) &&

#endif

     curl_strequal(c1->cipher_list, c2->cipher_list) &&

     curl_strequal(c1->cipher_list13, c2->cipher_list13) &&

     curl_strequal(c1->curves, c2->curves) &&

     curl_strequal(c1->signature_algorithms, c2->signature_algorithms) &&

     curl_strequal(c1->CRLfile, c2->CRLfile) &&

     curl_strequal(c1->pinned_key, c2->pinned_key))

    return TRUE;

  return FALSE;

}

bool Curl_ssl_conn_config_match(struct Curl_easy *data,

                                struct connectdata *candidate,

                                bool proxy)

{

#ifndef CURL_DISABLE_PROXY

  if(proxy)

    return match_ssl_primary_config(data, &data->set.proxy_ssl.primary,

                                    &candidate->proxy_ssl_config);

#else

  (void)proxy;

#endif

  return match_ssl_primary_config(data, &data->set.ssl.primary,

                                  &candidate->ssl_config);

}

static bool clone_ssl_primary_config(struct ssl_primary_config *source,

                                     struct ssl_primary_config *dest)

{

  dest->version = source->version;

  dest->version_max = source->version_max;

  dest->verifypeer = source->verifypeer;

  dest->verifyhost = source->verifyhost;

  dest->verifystatus = source->verifystatus;

  dest->cache_session = source->cache_session;

  dest->ssl_options = source->ssl_options;

  CLONE_BLOB(cert_blob);

  CLONE_BLOB(ca_info_blob);

  CLONE_BLOB(issuercert_blob);

  CLONE_STRING(CApath);

  CLONE_STRING(CAfile);

  CLONE_STRING(issuercert);

  CLONE_STRING(clientcert);

  CLONE_STRING(cipher_list);

  CLONE_STRING(cipher_list13);

  CLONE_STRING(pinned_key);

  CLONE_STRING(curves);

  CLONE_STRING(signature_algorithms);

  CLONE_STRING(CRLfile);

#ifdef USE_TLS_SRP

  CLONE_STRING(username);

  CLONE_STRING(password);

#endif

  return TRUE;

}

static void free_primary_ssl_config(struct ssl_primary_config *sslc)

{

  Curl_safefree(sslc->CApath);

  Curl_safefree(sslc->CAfile);

  Curl_safefree(sslc->issuercert);

  Curl_safefree(sslc->clientcert);

  Curl_safefree(sslc->cipher_list);

  Curl_safefree(sslc->cipher_list13);

  Curl_safefree(sslc->pinned_key);

  Curl_safefree(sslc->cert_blob);

  Curl_safefree(sslc->ca_info_blob);

  Curl_safefree(sslc->issuercert_blob);

  Curl_safefree(sslc->curves);

  Curl_safefree(sslc->signature_algorithms);

  Curl_safefree(sslc->CRLfile);

#ifdef USE_TLS_SRP

  Curl_safefree(sslc->username);

  Curl_safefree(sslc->password);

#endif

}

CURLcode Curl_ssl_easy_config_complete(struct Curl_easy *data)

{

  struct ssl_config_data *sslc = &data->set.ssl;

#if defined(CURL_CA_PATH) || defined(CURL_CA_BUNDLE)

  struct UserDefined *set = &data->set;

  CURLcode result;

#endif

  if(Curl_ssl_backend() != CURLSSLBACKEND_SCHANNEL) {

#if defined(USE_APPLE_SECTRUST) || defined(CURL_CA_NATIVE)

    if(!sslc->custom_capath && !sslc->custom_cafile && !sslc->custom_cablob)

      sslc->native_ca_store = TRUE;

#endif

#ifdef CURL_CA_PATH

    if(!sslc->custom_capath && !set->str[STRING_SSL_CAPATH]) {

      result = Curl_setstropt(&set->str[STRING_SSL_CAPATH], CURL_CA_PATH);

      if(result)

        return result;

    }

#endif

#ifdef CURL_CA_BUNDLE

    if(!sslc->custom_cafile && !set->str[STRING_SSL_CAFILE]) {

      result = Curl_setstropt(&set->str[STRING_SSL_CAFILE], CURL_CA_BUNDLE);

      if(result)

        return result;

    }

#endif

  }

  sslc->primary.CAfile = data->set.str[STRING_SSL_CAFILE];

  sslc->primary.CRLfile = data->set.str[STRING_SSL_CRLFILE];

  sslc->primary.CApath = data->set.str[STRING_SSL_CAPATH];

  sslc->primary.issuercert = data->set.str[STRING_SSL_ISSUERCERT];

  sslc->primary.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT];

  sslc->primary.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST];

  sslc->primary.cipher_list13 = data->set.str[STRING_SSL_CIPHER13_LIST];

  sslc->primary.signature_algorithms =

    data->set.str[STRING_SSL_SIGNATURE_ALGORITHMS];

  sslc->primary.pinned_key = data->set.str[STRING_SSL_PINNEDPUBLICKEY];

  sslc->primary.cert_blob = data->set.blobs[BLOB_CERT];

  sslc->primary.ca_info_blob = data->set.blobs[BLOB_CAINFO];

  sslc->primary.curves = data->set.str[STRING_SSL_EC_CURVES];

#ifdef USE_TLS_SRP

  sslc->primary.username = data->set.str[STRING_TLSAUTH_USERNAME];

  sslc->primary.password = data->set.str[STRING_TLSAUTH_PASSWORD];

#endif

  sslc->cert_type = data->set.str[STRING_CERT_TYPE];

  sslc->key = data->set.str[STRING_KEY];

  sslc->key_type = data->set.str[STRING_KEY_TYPE];

  sslc->key_passwd = data->set.str[STRING_KEY_PASSWD];

  sslc->primary.clientcert = data->set.str[STRING_CERT];

  sslc->key_blob = data->set.blobs[BLOB_KEY];

#ifndef CURL_DISABLE_PROXY

  sslc = &data->set.proxy_ssl;

  if(Curl_ssl_backend() != CURLSSLBACKEND_SCHANNEL) {

#if defined(USE_APPLE_SECTRUST) || defined(CURL_CA_NATIVE)

    if(!sslc->custom_capath && !sslc->custom_cafile && !sslc->custom_cablob)

      sslc->native_ca_store = TRUE;

#endif

#ifdef CURL_CA_PATH

    if(!sslc->custom_capath && !set->str[STRING_SSL_CAPATH_PROXY]) {

      result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_PROXY],

                              CURL_CA_PATH);

      if(result)

        return result;

    }

#endif

#ifdef CURL_CA_BUNDLE

    if(!sslc->custom_cafile && !set->str[STRING_SSL_CAFILE_PROXY]) {

      result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_PROXY],

                              CURL_CA_BUNDLE);

      if(result)

        return result;

    }

#endif

  }

  sslc->primary.CAfile = data->set.str[STRING_SSL_CAFILE_PROXY];

  sslc->primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY];

  sslc->primary.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST_PROXY];

  sslc->primary.cipher_list13 = data->set.str[STRING_SSL_CIPHER13_LIST_PROXY];

  sslc->primary.pinned_key = data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY];

  sslc->primary.cert_blob = data->set.blobs[BLOB_CERT_PROXY];

  sslc->primary.ca_info_blob = data->set.blobs[BLOB_CAINFO_PROXY];

  sslc->primary.issuercert = data->set.str[STRING_SSL_ISSUERCERT_PROXY];

  sslc->primary.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT_PROXY];

  sslc->primary.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY];

  sslc->cert_type = data->set.str[STRING_CERT_TYPE_PROXY];

  sslc->key = data->set.str[STRING_KEY_PROXY];

  sslc->key_type = data->set.str[STRING_KEY_TYPE_PROXY];

  sslc->key_passwd = data->set.str[STRING_KEY_PASSWD_PROXY];

  sslc->primary.clientcert = data->set.str[STRING_CERT_PROXY];

  sslc->key_blob = data->set.blobs[BLOB_KEY_PROXY];

#ifdef USE_TLS_SRP

  sslc->primary.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY];

  sslc->primary.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];

#endif

#endif /* CURL_DISABLE_PROXY */

  return CURLE_OK;

}

CURLcode Curl_ssl_conn_config_init(struct Curl_easy *data,

                                   struct connectdata *conn)

{

  /* Clone "primary" SSL configurations from the esay handle to

   * the connection. They are used for connection cache matching and

   * probably outlive the easy handle */

  if(!clone_ssl_primary_config(&data->set.ssl.primary, &conn->ssl_config))

    return CURLE_OUT_OF_MEMORY;

#ifndef CURL_DISABLE_PROXY

  if(!clone_ssl_primary_config(&data->set.proxy_ssl.primary,

                               &conn->proxy_ssl_config))

    return CURLE_OUT_OF_MEMORY;

#endif

  return CURLE_OK;

}

void Curl_ssl_conn_config_cleanup(struct connectdata *conn)

{

  free_primary_ssl_config(&conn->ssl_config);

#ifndef CURL_DISABLE_PROXY

  free_primary_ssl_config(&conn->proxy_ssl_config);

#endif

}

void Curl_ssl_conn_config_update(struct Curl_easy *data, bool for_proxy)

{

  /* May be called on an easy that has no connection yet */

  if(data->conn) {

    struct ssl_primary_config *src, *dest;

#ifndef CURL_DISABLE_PROXY

    src = for_proxy ? &data->set.proxy_ssl.primary : &data->set.ssl.primary;

    dest = for_proxy ? &data->conn->proxy_ssl_config : &data->conn->ssl_config;

#else

    (void)for_proxy;

    src = &data->set.ssl.primary;

    dest = &data->conn->ssl_config;

#endif

    dest->verifyhost = src->verifyhost;

    dest->verifypeer = src->verifypeer;

    dest->verifystatus = src->verifystatus;

  }

}

#ifdef USE_SSL

static int multissl_setup(const struct Curl_ssl *backend);

#endif

curl_sslbackend Curl_ssl_backend(void)

{

#ifdef USE_SSL

  multissl_setup(NULL);

  return Curl_ssl->info.id;

#else

  return CURLSSLBACKEND_NONE;

#endif

}

#ifdef USE_SSL

/* "global" init done? */

static bool init_ssl = FALSE;

/**

 * Global SSL init

 *

 * @retval 0 error initializing SSL

 * @retval 1 SSL initialized successfully

 */

int Curl_ssl_init(void)

{

  /* make sure this is only done once */

  if(init_ssl)

    return 1;

  init_ssl = TRUE; /* never again */

  if(Curl_ssl->init)

    return Curl_ssl->init();

  return 1;

}

static bool ssl_prefs_check(struct Curl_easy *data)

{

  /* check for CURLOPT_SSLVERSION invalid parameter value */

  const unsigned char sslver = data->set.ssl.primary.version;

  if(sslver >= CURL_SSLVERSION_LAST) {

    failf(data, "Unrecognized parameter value passed via CURLOPT_SSLVERSION");

    return FALSE;

  }

  switch(data->set.ssl.primary.version_max) {

  case CURL_SSLVERSION_MAX_NONE:

  case CURL_SSLVERSION_MAX_DEFAULT:

    break;

  default:

    if((data->set.ssl.primary.version_max >> 16) < sslver) {

      failf(data, "CURL_SSLVERSION_MAX incompatible with CURL_SSLVERSION");

      return FALSE;

    }

  }

  return TRUE;

}

static struct ssl_connect_data *cf_ctx_new(struct Curl_easy *data,

                                           const struct alpn_spec *alpn)

{

  struct ssl_connect_data *ctx;

  (void)data;

  ctx = curlx_calloc(1, sizeof(*ctx));

  if(!ctx)

    return NULL;

  ctx->ssl_impl = Curl_ssl;

  ctx->alpn = alpn;

  Curl_bufq_init2(&ctx->earlydata, CURL_SSL_EARLY_MAX, 1, BUFQ_OPT_NO_SPARES);

  ctx->backend = curlx_calloc(1, ctx->ssl_impl->sizeof_ssl_backend_data);

  if(!ctx->backend) {

    curlx_free(ctx);

    return NULL;

  }

  return ctx;

}

static void cf_ctx_free(struct ssl_connect_data *ctx)

{

  if(ctx) {

    Curl_safefree(ctx->negotiated.alpn);

    Curl_bufq_free(&ctx->earlydata);

    curlx_free(ctx->backend);

    curlx_free(ctx);

  }

}

CURLcode Curl_ssl_get_channel_binding(struct Curl_easy *data, int sockindex,

                                      struct dynbuf *binding)

{

  if(Curl_ssl->get_channel_binding)

    return Curl_ssl->get_channel_binding(data, sockindex, binding);

  return CURLE_OK;

}

void Curl_ssl_close_all(struct Curl_easy *data)

{

  if(Curl_ssl->close_all)

    Curl_ssl->close_all(data);

}

CURLcode Curl_ssl_adjust_pollset(struct Curl_cfilter *cf,

                                 struct Curl_easy *data,

                                 struct easy_pollset *ps)

{

  struct ssl_connect_data *connssl = cf->ctx;

  if(connssl->io_need) {

    curl_socket_t sock = Curl_conn_cf_get_socket(cf->next, data);

    CURLcode result = CURLE_OK;

    if(sock != CURL_SOCKET_BAD) {

      if(connssl->io_need & CURL_SSL_IO_NEED_SEND) {

        result = Curl_pollset_set_out_only(data, ps, sock);

        CURL_TRC_CF(data, cf, "adjust_pollset, POLLOUT fd=%" FMT_SOCKET_T,

                    sock);

      }

      else {

        result = Curl_pollset_set_in_only(data, ps, sock);

        CURL_TRC_CF(data, cf, "adjust_pollset, POLLIN fd=%" FMT_SOCKET_T,

                    sock);

      }

    }

    return result;

  }

  return CURLE_OK;

}

/* Selects an SSL crypto engine

 */

CURLcode Curl_ssl_set_engine(struct Curl_easy *data, const char *engine)

{

  if(Curl_ssl->set_engine)

    return Curl_ssl->set_engine(data, engine);

  return CURLE_NOT_BUILT_IN;

}

/* Selects the default SSL crypto engine

 */

CURLcode Curl_ssl_set_engine_default(struct Curl_easy *data)

{

  if(Curl_ssl->set_engine_default)

    return Curl_ssl->set_engine_default(data);

  return CURLE_NOT_BUILT_IN;

}

/* Return list of OpenSSL crypto engine names. */

struct curl_slist *Curl_ssl_engines_list(struct Curl_easy *data)

{

  if(Curl_ssl->engines_list)

    return Curl_ssl->engines_list(data);

  return NULL;

}

static size_t multissl_version(char *buffer, size_t size);

void Curl_ssl_version(char *buffer, size_t size)

{

#ifdef CURL_WITH_MULTI_SSL

  (void)multissl_version(buffer, size);

#else

  (void)Curl_ssl->version(buffer, size);

#endif

}

void Curl_ssl_free_certinfo(struct Curl_easy *data)

{

  struct curl_certinfo *ci = &data->info.certs;

  if(ci->num_of_certs) {

    /* free all individual lists used */

    int i;

    for(i = 0; i < ci->num_of_certs; i++) {

      curl_slist_free_all(ci->certinfo[i]);

      ci->certinfo[i] = NULL;

    }

    curlx_free(ci->certinfo); /* free the actual array too */

    ci->certinfo = NULL;

    ci->num_of_certs = 0;

  }

}

CURLcode Curl_ssl_init_certinfo(struct Curl_easy *data, int num)

{

  struct curl_certinfo *ci = &data->info.certs;

  struct curl_slist **table;

  /* Free any previous certificate information structures */

  Curl_ssl_free_certinfo(data);

  /* Allocate the required certificate information structures */

  table = curlx_calloc((size_t)num, sizeof(struct curl_slist *));

  if(!table)

    return CURLE_OUT_OF_MEMORY;

  ci->num_of_certs = num;

  ci->certinfo = table;

  return CURLE_OK;

}

/*

 * 'value' is NOT a null-terminated string

 */

CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy *data,

                                    int certnum,

                                    const char *label,

                                    const char *value,

                                    size_t valuelen)

{

  struct curl_certinfo *ci = &data->info.certs;

  struct curl_slist *nl;

  CURLcode result = CURLE_OK;

  struct dynbuf build;

  DEBUGASSERT(certnum < ci->num_of_certs);

  curlx_dyn_init(&build, CURL_X509_STR_MAX);

  if(curlx_dyn_add(&build, label) ||

     curlx_dyn_addn(&build, ":", 1) ||

     curlx_dyn_addn(&build, value, valuelen))

    return CURLE_OUT_OF_MEMORY;

  nl = Curl_slist_append_nodup(ci->certinfo[certnum], curlx_dyn_ptr(&build));

  if(!nl) {

    curlx_dyn_free(&build);

    curl_slist_free_all(ci->certinfo[certnum]);

    result = CURLE_OUT_OF_MEMORY;

  }

  ci->certinfo[certnum] = nl;

  return result;

}

/* get length bytes of randomness */

CURLcode Curl_ssl_random(struct Curl_easy *data,

                         unsigned char *buffer, size_t length)

{

  DEBUGASSERT(length == sizeof(int));

  if(Curl_ssl->random)

    return Curl_ssl->random(data, buffer, length);

  else

    return CURLE_NOT_BUILT_IN;

}

/*

 * Public key pem to der conversion

 */

static CURLcode pubkey_pem_to_der(const char *pem,

                                  unsigned char **der, size_t *der_len)

{

  const char *begin_pos, *end_pos;

  size_t pem_count, pem_len;

  CURLcode result;

  struct dynbuf pbuf;

  /* if no pem, exit. */

  if(!pem)

    return CURLE_BAD_CONTENT_ENCODING;

  curlx_dyn_init(&pbuf, MAX_PINNED_PUBKEY_SIZE);

  begin_pos = strstr(pem, "-----BEGIN PUBLIC KEY-----");

  if(!begin_pos)

    return CURLE_BAD_CONTENT_ENCODING;

  pem_count = begin_pos - pem;

  /* Invalid if not at beginning AND not directly following \n */

  if(pem_count && '\n' != pem[pem_count - 1])

    return CURLE_BAD_CONTENT_ENCODING;

  /* 26 is length of "-----BEGIN PUBLIC KEY-----" */

  pem_count += 26;

  /* Invalid if not directly following \n */

  end_pos = strstr(pem + pem_count, "\n-----END PUBLIC KEY-----");

  if(!end_pos)

    return CURLE_BAD_CONTENT_ENCODING;

  pem_len = end_pos - pem;

  /*

   * Here we loop through the pem array one character at a time between the

   * correct indices, and place each character that is not '\n' or '\r'

   * into the stripped_pem array, which should represent the raw base64 string

   */

  while(pem_count < pem_len) {

    if('\n' != pem[pem_count] && '\r' != pem[pem_count]) {

      result = curlx_dyn_addn(&pbuf, &pem[pem_count], 1);

      if(result)

        return result;

    }

    ++pem_count;

  }

  if(curlx_dyn_len(&pbuf)) {

    result = curlx_base64_decode(curlx_dyn_ptr(&pbuf), der, der_len);

    curlx_dyn_free(&pbuf);

  }

  else

    result = CURLE_BAD_CONTENT_ENCODING;

  return result;

}

/*

 * Generic pinned public key check.

 */

CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,

                              const char *pinnedpubkey,

                              const unsigned char *pubkey, size_t pubkeylen)

{

  CURLcode result = CURLE_SSL_PINNEDPUBKEYNOTMATCH;

  /* if a path was not specified, do not pin */

  if(!pinnedpubkey)

    return CURLE_OK;

  if(!pubkey || !pubkeylen)

    return result;

  /* only do this if pinnedpubkey starts with "sha256//", length 8 */

  if(!strncmp(pinnedpubkey, "sha256//", 8)) {

    CURLcode encode;

    char *cert_hash = NULL;

    const char *pinned_hash, *end_pos;

    size_t cert_hash_len = 0, pinned_hash_len;

    unsigned char *sha256sumdigest;

    if(!Curl_ssl->sha256sum) {

      /* without sha256 support, this cannot match */

      return result;

    }

    /* compute sha256sum of public key */

    sha256sumdigest = curlx_malloc(CURL_SHA256_DIGEST_LENGTH);

    if(!sha256sumdigest)

      return CURLE_OUT_OF_MEMORY;

    encode = Curl_ssl->sha256sum(pubkey, pubkeylen,

                                 sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);

    if(!encode)

      encode = curlx_base64_encode(sha256sumdigest,

                                   CURL_SHA256_DIGEST_LENGTH,

                                   &cert_hash, &cert_hash_len);

    Curl_safefree(sha256sumdigest);

    if(encode)

      return encode;

    infof(data, " public key hash: sha256//%s", cert_hash);

    pinned_hash = pinnedpubkey;

    while(pinned_hash &&

          !strncmp(pinned_hash, "sha256//", (sizeof("sha256//") - 1))) {

      pinned_hash = pinned_hash + (sizeof("sha256//") - 1);

      end_pos = strchr(pinned_hash, ';');

      pinned_hash_len = end_pos ?

                        (size_t)(end_pos - pinned_hash) : strlen(pinned_hash);

      /* compare base64 sha256 digests" */

      if(cert_hash_len == pinned_hash_len &&

         !memcmp(cert_hash, pinned_hash, cert_hash_len)) {

        DEBUGF(infof(data, "public key hash matches pinned value"));

        result = CURLE_OK;

        break;

      }

      DEBUGF(infof(data, "public key hash does not match 'sha256//%.*s'",

                   (int)pinned_hash_len, pinned_hash));

      /* next one or we are at the end */

      pinned_hash = end_pos ? (end_pos + 1) : NULL;

    }

    Curl_safefree(cert_hash);

  }

  else {

    long filesize;

    size_t size, pem_len;

    CURLcode pem_read;

    struct dynbuf buf;

    char unsigned *pem_ptr = NULL;

    size_t left;

    FILE *fp = curlx_fopen(pinnedpubkey, "rb");

    if(!fp)

      return result;

    curlx_dyn_init(&buf, MAX_PINNED_PUBKEY_SIZE);

    /* Determine the file's size */

    if(fseek(fp, 0, SEEK_END))

      goto end;

    filesize = ftell(fp);

    if(fseek(fp, 0, SEEK_SET))

      goto end;

    if(filesize < 0 || filesize > MAX_PINNED_PUBKEY_SIZE)

      goto end;

    /*

     * if the size of our certificate is bigger than the file

     * size then it cannot match

     */

    size = curlx_sotouz((curl_off_t)filesize);

    if(pubkeylen > size)

      goto end;

    /*

     * Read the file into the dynbuf

     */

    left = size;

    do {

      char buffer[1024];

      size_t want = left > sizeof(buffer) ? sizeof(buffer) : left;

      if(want != fread(buffer, 1, want, fp))

        goto end;

      if(curlx_dyn_addn(&buf, buffer, want))

        goto end;

      left -= want;

    } while(left);

    /* If the sizes are the same, it cannot be base64 encoded, must be der */

    if(pubkeylen == size) {

      if(!memcmp(pubkey, curlx_dyn_ptr(&buf), pubkeylen))

        result = CURLE_OK;

      goto end;

    }

    /*

     * Otherwise we will assume it is PEM and try to decode it after placing

     * null-terminator

     */

    pem_read = pubkey_pem_to_der(curlx_dyn_ptr(&buf), &pem_ptr, &pem_len);

    /* if it was not read successfully, exit */

    if(pem_read)

      goto end;

    /*

     * if the size of our certificate does not match the size of

     * the decoded file, they cannot be the same, otherwise compare

     */

    if(pubkeylen == pem_len && !memcmp(pubkey, pem_ptr, pubkeylen))

      result = CURLE_OK;

end:

    curlx_dyn_free(&buf);

    Curl_safefree(pem_ptr);

    curlx_fclose(fp);

  }

  return result;

}

/*

 * Check whether the SSL backend supports the status_request extension.

 */

bool Curl_ssl_cert_status_request(void)

{

  if(Curl_ssl->cert_status_request)

    return Curl_ssl->cert_status_request();

  return FALSE;

}

static int multissl_init(void)

{

  if(multissl_setup(NULL))

    return 1;

  if(Curl_ssl->init)

    return Curl_ssl->init();

  return 1;

}

static CURLcode multissl_random(struct Curl_easy *data,

                                unsigned char *entropy, size_t length)

{

  if(multissl_setup(NULL))

    return CURLE_FAILED_INIT;

  return Curl_ssl->random(data, entropy, length);

}

static CURLcode multissl_connect(struct Curl_cfilter *cf,

                                 struct Curl_easy *data, bool *done)

{

  if(multissl_setup(NULL))

    return CURLE_FAILED_INIT;

  return Curl_ssl->do_connect(cf, data, done);

}

static CURLcode multissl_adjust_pollset(struct Curl_cfilter *cf,

                                        struct Curl_easy *data,

                                        struct easy_pollset *ps)

{

  if(multissl_setup(NULL))

    return CURLE_OK;

  return Curl_ssl->adjust_pollset(cf, data, ps);

}

static void *multissl_get_internals(struct ssl_connect_data *connssl,

                                    CURLINFO info)

{

  if(multissl_setup(NULL))

    return NULL;

  return Curl_ssl->get_internals(connssl, info);

}

static void multissl_close(struct Curl_cfilter *cf, struct Curl_easy *data)

{

  if(multissl_setup(NULL))

    return;

  Curl_ssl->close(cf, data);

}

static CURLcode multissl_recv_plain(struct Curl_cfilter *cf,

                                    struct Curl_easy *data,

                                    char *buf, size_t len, size_t *pnread)

{

  if(multissl_setup(NULL))

    return CURLE_FAILED_INIT;

  return Curl_ssl->recv_plain(cf, data, buf, len, pnread);

}

static CURLcode multissl_send_plain(struct Curl_cfilter *cf,

                                    struct Curl_easy *data,

                                    const void *mem, size_t len,

                                    size_t *pnwritten)

{

  if(multissl_setup(NULL))

    return CURLE_FAILED_INIT;

  return Curl_ssl->send_plain(cf, data, mem, len, pnwritten);

}

static const struct Curl_ssl Curl_ssl_multi = {

  { CURLSSLBACKEND_NONE, "multi" },  /* info */

  0, /* supports nothing */

  (size_t)-1, /* something insanely large to be on the safe side */

  multissl_init,                     /* init */

  NULL,                              /* cleanup */

  multissl_version,                  /* version */

  NULL,                              /* shutdown */

  NULL,                              /* data_pending */

  multissl_random,                   /* random */

  NULL,                              /* cert_status_request */

  multissl_connect,                  /* connect */

  multissl_adjust_pollset,           /* adjust_pollset */

  multissl_get_internals,            /* get_internals */

  multissl_close,                    /* close_one */

  NULL,                              /* close_all */

  NULL,                              /* set_engine */

  NULL,                              /* set_engine_default */

  NULL,                              /* engines_list */

  NULL,                              /* sha256sum */

  multissl_recv_plain,               /* recv decrypted data */

  multissl_send_plain,               /* send data to encrypt */

  NULL,                              /* get_channel_binding */

};

const struct Curl_ssl *Curl_ssl =

#ifdef CURL_WITH_MULTI_SSL

  &Curl_ssl_multi;

#elif defined(USE_WOLFSSL)

  &Curl_ssl_wolfssl;

#elif defined(USE_GNUTLS)

  &Curl_ssl_gnutls;

#elif defined(USE_MBEDTLS)

  &Curl_ssl_mbedtls;

#elif defined(USE_RUSTLS)

  &Curl_ssl_rustls;

#elif defined(USE_OPENSSL)

  &Curl_ssl_openssl;

#elif defined(USE_SCHANNEL)

  &Curl_ssl_schannel;

#else

#error "Missing struct Curl_ssl for selected SSL backend"

#endif

static const struct Curl_ssl *available_backends[] = {

#ifdef USE_WOLFSSL

  &Curl_ssl_wolfssl,

#endif

#ifdef USE_GNUTLS

  &Curl_ssl_gnutls,

#endif

#ifdef USE_MBEDTLS

  &Curl_ssl_mbedtls,

#endif

#ifdef USE_OPENSSL

  &Curl_ssl_openssl,

#endif

#ifdef USE_SCHANNEL

  &Curl_ssl_schannel,

#endif

#ifdef USE_RUSTLS

  &Curl_ssl_rustls,

#endif

  NULL

};

/* Global cleanup */

void Curl_ssl_cleanup(void)

{

  if(init_ssl) {

    /* only cleanup if we did a previous init */

    if(Curl_ssl->cleanup)

      Curl_ssl->cleanup();

#ifdef CURL_WITH_MULTI_SSL

    Curl_ssl = &Curl_ssl_multi;

#endif

    init_ssl = FALSE;

  }

}

static size_t multissl_version(char *buffer, size_t size)

{