tortls.h 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295
  1. /* Copyright (c) 2003, Roger Dingledine
  2. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  3. * Copyright (c) 2007-2017, The Tor Project, Inc. */
  4. /* See LICENSE for licensing information */
  5. #ifndef TOR_TORTLS_H
  6. #define TOR_TORTLS_H
  7. /**
  8. * \file tortls.h
  9. * \brief Headers for tortls.c
  10. **/
  11. #include "crypto_rsa.h"
  12. #include "compat_openssl.h"
  13. #include "compat.h"
  14. #include "testsupport.h"
  15. /* Opaque structure to hold a TLS connection. */
  16. typedef struct tor_tls_t tor_tls_t;
  17. /* Opaque structure to hold an X509 certificate. */
  18. typedef struct tor_x509_cert_t tor_x509_cert_t;
  19. /* Possible return values for most tor_tls_* functions. */
  20. #define MIN_TOR_TLS_ERROR_VAL_ -9
  21. #define TOR_TLS_ERROR_MISC -9
  22. /* Rename to unexpected close or something. XXXX */
  23. #define TOR_TLS_ERROR_IO -8
  24. #define TOR_TLS_ERROR_CONNREFUSED -7
  25. #define TOR_TLS_ERROR_CONNRESET -6
  26. #define TOR_TLS_ERROR_NO_ROUTE -5
  27. #define TOR_TLS_ERROR_TIMEOUT -4
  28. #define TOR_TLS_CLOSE -3
  29. #define TOR_TLS_WANTREAD -2
  30. #define TOR_TLS_WANTWRITE -1
  31. #define TOR_TLS_DONE 0
  32. /** Collection of case statements for all TLS errors that are not due to
  33. * underlying IO failure. */
  34. #define CASE_TOR_TLS_ERROR_ANY_NONIO \
  35. case TOR_TLS_ERROR_MISC: \
  36. case TOR_TLS_ERROR_CONNREFUSED: \
  37. case TOR_TLS_ERROR_CONNRESET: \
  38. case TOR_TLS_ERROR_NO_ROUTE: \
  39. case TOR_TLS_ERROR_TIMEOUT
  40. /** Use this macro in a switch statement to catch _any_ TLS error. That way,
  41. * if more errors are added, your switches will still work. */
  42. #define CASE_TOR_TLS_ERROR_ANY \
  43. CASE_TOR_TLS_ERROR_ANY_NONIO: \
  44. case TOR_TLS_ERROR_IO
  45. #define TOR_TLS_IS_ERROR(rv) ((rv) < TOR_TLS_CLOSE)
  46. #ifdef TORTLS_PRIVATE
  47. #define TOR_TLS_MAGIC 0x71571571
  48. typedef enum {
  49. TOR_TLS_ST_HANDSHAKE, TOR_TLS_ST_OPEN, TOR_TLS_ST_GOTCLOSE,
  50. TOR_TLS_ST_SENTCLOSE, TOR_TLS_ST_CLOSED, TOR_TLS_ST_RENEGOTIATE,
  51. TOR_TLS_ST_BUFFEREVENT
  52. } tor_tls_state_t;
  53. #define tor_tls_state_bitfield_t ENUM_BF(tor_tls_state_t)
  54. struct x509_st;
  55. struct ssl_st;
  56. struct ssl_ctx_st;
  57. struct ssl_session_st;
  58. /** Holds a SSL_CTX object and related state used to configure TLS
  59. * connections.
  60. */
  61. typedef struct tor_tls_context_t {
  62. int refcnt;
  63. struct ssl_ctx_st *ctx;
  64. tor_x509_cert_t *my_link_cert;
  65. tor_x509_cert_t *my_id_cert;
  66. tor_x509_cert_t *my_auth_cert;
  67. crypto_pk_t *link_key;
  68. crypto_pk_t *auth_key;
  69. } tor_tls_context_t;
  70. /** Structure that we use for a single certificate. */
  71. struct tor_x509_cert_t {
  72. struct x509_st *cert;
  73. uint8_t *encoded;
  74. size_t encoded_len;
  75. unsigned pkey_digests_set : 1;
  76. common_digests_t cert_digests;
  77. common_digests_t pkey_digests;
  78. };
  79. /** Holds a SSL object and its associated data. Members are only
  80. * accessed from within tortls.c.
  81. */
  82. struct tor_tls_t {
  83. uint32_t magic;
  84. tor_tls_context_t *context; /** A link to the context object for this tls. */
  85. struct ssl_st *ssl; /**< An OpenSSL SSL object. */
  86. int socket; /**< The underlying file descriptor for this TLS connection. */
  87. char *address; /**< An address to log when describing this connection. */
  88. tor_tls_state_bitfield_t state : 3; /**< The current SSL state,
  89. * depending on which operations
  90. * have completed successfully. */
  91. unsigned int isServer:1; /**< True iff this is a server-side connection */
  92. unsigned int wasV2Handshake:1; /**< True iff the original handshake for
  93. * this connection used the updated version
  94. * of the connection protocol (client sends
  95. * different cipher list, server sends only
  96. * one certificate). */
  97. /** True iff we should call negotiated_callback when we're done reading. */
  98. unsigned int got_renegotiate:1;
  99. /** Return value from tor_tls_classify_client_ciphers, or 0 if we haven't
  100. * called that function yet. */
  101. int8_t client_cipher_list_type;
  102. /** Incremented every time we start the server side of a handshake. */
  103. uint8_t server_handshake_count;
  104. size_t wantwrite_n; /**< 0 normally, >0 if we returned wantwrite last
  105. * time. */
  106. /** Last values retrieved from BIO_number_read()/write(); see
  107. * tor_tls_get_n_raw_bytes() for usage.
  108. */
  109. unsigned long last_write_count;
  110. unsigned long last_read_count;
  111. /** If set, a callback to invoke whenever the client tries to renegotiate
  112. * the handshake. */
  113. void (*negotiated_callback)(tor_tls_t *tls, void *arg);
  114. /** Argument to pass to negotiated_callback. */
  115. void *callback_arg;
  116. };
  117. STATIC int tor_errno_to_tls_error(int e);
  118. STATIC int tor_tls_get_error(tor_tls_t *tls, int r, int extra,
  119. const char *doing, int severity, int domain);
  120. STATIC tor_tls_t *tor_tls_get_by_ssl(const struct ssl_st *ssl);
  121. STATIC void tor_tls_allocate_tor_tls_object_ex_data_index(void);
  122. #ifdef TORTLS_OPENSSL_PRIVATE
  123. STATIC int always_accept_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx);
  124. STATIC int tor_tls_classify_client_ciphers(const struct ssl_st *ssl,
  125. STACK_OF(SSL_CIPHER) *peer_ciphers);
  126. #endif
  127. STATIC int tor_tls_client_is_using_v2_ciphers(const struct ssl_st *ssl);
  128. MOCK_DECL(STATIC void, try_to_extract_certs_from_tls,
  129. (int severity, tor_tls_t *tls, struct x509_st **cert_out,
  130. struct x509_st **id_cert_out));
  131. #ifndef HAVE_SSL_SESSION_GET_MASTER_KEY
  132. STATIC size_t SSL_SESSION_get_master_key(struct ssl_session_st *s,
  133. uint8_t *out,
  134. size_t len);
  135. #endif
  136. STATIC void tor_tls_debug_state_callback(const struct ssl_st *ssl,
  137. int type, int val);
  138. STATIC void tor_tls_server_info_callback(const struct ssl_st *ssl,
  139. int type, int val);
  140. #ifdef TORTLS_OPENSSL_PRIVATE
  141. STATIC int tor_tls_session_secret_cb(struct ssl_st *ssl, void *secret,
  142. int *secret_len,
  143. STACK_OF(SSL_CIPHER) *peer_ciphers,
  144. CONST_IF_OPENSSL_1_1_API SSL_CIPHER **cipher,
  145. void *arg);
  146. STATIC int find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m,
  147. uint16_t cipher);
  148. #endif /* defined(TORTLS_OPENSSL_PRIVATE) */
  149. MOCK_DECL(STATIC struct x509_st *, tor_tls_create_certificate,
  150. (crypto_pk_t *rsa,
  151. crypto_pk_t *rsa_sign,
  152. const char *cname,
  153. const char *cname_sign,
  154. unsigned int cert_lifetime));
  155. STATIC tor_tls_context_t *tor_tls_context_new(crypto_pk_t *identity,
  156. unsigned int key_lifetime, unsigned flags, int is_client);
  157. MOCK_DECL(STATIC tor_x509_cert_t *, tor_x509_cert_new,
  158. (struct x509_st *x509_cert));
  159. STATIC int tor_tls_context_init_one(tor_tls_context_t **ppcontext,
  160. crypto_pk_t *identity,
  161. unsigned int key_lifetime,
  162. unsigned int flags,
  163. int is_client);
  164. STATIC void tls_log_errors(tor_tls_t *tls, int severity, int domain,
  165. const char *doing);
  166. #ifdef TOR_UNIT_TESTS
  167. extern int tor_tls_object_ex_data_index;
  168. extern tor_tls_context_t *server_tls_context;
  169. extern tor_tls_context_t *client_tls_context;
  170. extern uint16_t v2_cipher_list[];
  171. extern uint64_t total_bytes_written_over_tls;
  172. extern uint64_t total_bytes_written_by_tls;
  173. STATIC tor_x509_cert_t *tor_x509_cert_replace_expiration(
  174. const tor_x509_cert_t *inp,
  175. time_t new_expiration_time,
  176. crypto_pk_t *signing_key);
  177. #endif /* defined(TOR_UNIT_TESTS) */
  178. #endif /* defined(TORTLS_PRIVATE) */
  179. tor_x509_cert_t *tor_x509_cert_dup(const tor_x509_cert_t *cert);
  180. const char *tor_tls_err_to_string(int err);
  181. void tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz);
  182. void tor_tls_free_all(void);
  183. #define TOR_TLS_CTX_IS_PUBLIC_SERVER (1u<<0)
  184. #define TOR_TLS_CTX_USE_ECDHE_P256 (1u<<1)
  185. #define TOR_TLS_CTX_USE_ECDHE_P224 (1u<<2)
  186. int tor_tls_context_init(unsigned flags,
  187. crypto_pk_t *client_identity,
  188. crypto_pk_t *server_identity,
  189. unsigned int key_lifetime);
  190. tor_tls_t *tor_tls_new(int sock, int is_server);
  191. void tor_tls_set_logged_address(tor_tls_t *tls, const char *address);
  192. void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
  193. void (*cb)(tor_tls_t *, void *arg),
  194. void *arg);
  195. int tor_tls_is_server(tor_tls_t *tls);
  196. void tor_tls_free_(tor_tls_t *tls);
  197. #define tor_tls_free(tls) FREE_AND_NULL(tor_tls_t, tor_tls_free_, (tls))
  198. int tor_tls_peer_has_cert(tor_tls_t *tls);
  199. MOCK_DECL(tor_x509_cert_t *,tor_tls_get_peer_cert,(tor_tls_t *tls));
  200. MOCK_DECL(tor_x509_cert_t *,tor_tls_get_own_cert,(tor_tls_t *tls));
  201. int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity);
  202. int tor_tls_check_lifetime(int severity,
  203. tor_tls_t *tls, time_t now,
  204. int past_tolerance,
  205. int future_tolerance);
  206. MOCK_DECL(int, tor_tls_read, (tor_tls_t *tls, char *cp, size_t len));
  207. int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n);
  208. int tor_tls_handshake(tor_tls_t *tls);
  209. int tor_tls_finish_handshake(tor_tls_t *tls);
  210. void tor_tls_unblock_renegotiation(tor_tls_t *tls);
  211. void tor_tls_block_renegotiation(tor_tls_t *tls);
  212. void tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls);
  213. int tor_tls_shutdown(tor_tls_t *tls);
  214. int tor_tls_get_pending_bytes(tor_tls_t *tls);
  215. size_t tor_tls_get_forced_write_size(tor_tls_t *tls);
  216. void tor_tls_get_n_raw_bytes(tor_tls_t *tls,
  217. size_t *n_read, size_t *n_written);
  218. int tor_tls_get_buffer_sizes(tor_tls_t *tls,
  219. size_t *rbuf_capacity, size_t *rbuf_bytes,
  220. size_t *wbuf_capacity, size_t *wbuf_bytes);
  221. MOCK_DECL(double, tls_get_write_overhead_ratio, (void));
  222. int tor_tls_used_v1_handshake(tor_tls_t *tls);
  223. int tor_tls_get_num_server_handshakes(tor_tls_t *tls);
  224. int tor_tls_server_got_renegotiate(tor_tls_t *tls);
  225. MOCK_DECL(int,tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out));
  226. MOCK_DECL(int,tor_tls_export_key_material,(
  227. tor_tls_t *tls, uint8_t *secrets_out,
  228. const uint8_t *context,
  229. size_t context_len,
  230. const char *label));
  231. /* Log and abort if there are unhandled TLS errors in OpenSSL's error stack.
  232. */
  233. #define check_no_tls_errors() check_no_tls_errors_(__FILE__,__LINE__)
  234. void check_no_tls_errors_(const char *fname, int line);
  235. void tor_tls_log_one_error(tor_tls_t *tls, unsigned long err,
  236. int severity, int domain, const char *doing);
  237. void tor_x509_cert_free_(tor_x509_cert_t *cert);
  238. #define tor_x509_cert_free(c) \
  239. FREE_AND_NULL(tor_x509_cert_t, tor_x509_cert_free_, (c))
  240. tor_x509_cert_t *tor_x509_cert_decode(const uint8_t *certificate,
  241. size_t certificate_len);
  242. void tor_x509_cert_get_der(const tor_x509_cert_t *cert,
  243. const uint8_t **encoded_out, size_t *size_out);
  244. const common_digests_t *tor_x509_cert_get_id_digests(
  245. const tor_x509_cert_t *cert);
  246. const common_digests_t *tor_x509_cert_get_cert_digests(
  247. const tor_x509_cert_t *cert);
  248. int tor_tls_get_my_certs(int server,
  249. const tor_x509_cert_t **link_cert_out,
  250. const tor_x509_cert_t **id_cert_out);
  251. crypto_pk_t *tor_tls_get_my_client_auth_key(void);
  252. crypto_pk_t *tor_tls_cert_get_key(tor_x509_cert_t *cert);
  253. MOCK_DECL(int,tor_tls_cert_matches_key,(const tor_tls_t *tls,
  254. const tor_x509_cert_t *cert));
  255. int tor_tls_cert_is_valid(int severity,
  256. const tor_x509_cert_t *cert,
  257. const tor_x509_cert_t *signing_cert,
  258. time_t now,
  259. int check_rsa_1024);
  260. const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
  261. int evaluate_ecgroup_for_tls(const char *ecgroup);
  262. #endif /* !defined(TOR_TORTLS_H) */