tortls.h 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271
  1. /* Copyright (c) 2003, Roger Dingledine
  2. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  3. * Copyright (c) 2007-2016, The Tor Project, Inc. */
  4. /* See LICENSE for licensing information */
  5. #ifndef TOR_TORTLS_H
  6. #define TOR_TORTLS_H
  7. /**
  8. * \file tortls.h
  9. * \brief Headers for tortls.c
  10. **/
  11. #include "crypto.h"
  12. #include "compat_openssl.h"
  13. #include "compat.h"
  14. #include "testsupport.h"
  15. /* Opaque structure to hold a TLS connection. */
  16. typedef struct tor_tls_t tor_tls_t;
  17. /* Opaque structure to hold an X509 certificate. */
  18. typedef struct tor_x509_cert_t tor_x509_cert_t;
  19. /* Possible return values for most tor_tls_* functions. */
  20. #define MIN_TOR_TLS_ERROR_VAL_ -9
  21. #define TOR_TLS_ERROR_MISC -9
  22. /* Rename to unexpected close or something. XXXX */
  23. #define TOR_TLS_ERROR_IO -8
  24. #define TOR_TLS_ERROR_CONNREFUSED -7
  25. #define TOR_TLS_ERROR_CONNRESET -6
  26. #define TOR_TLS_ERROR_NO_ROUTE -5
  27. #define TOR_TLS_ERROR_TIMEOUT -4
  28. #define TOR_TLS_CLOSE -3
  29. #define TOR_TLS_WANTREAD -2
  30. #define TOR_TLS_WANTWRITE -1
  31. #define TOR_TLS_DONE 0
  32. /** Collection of case statements for all TLS errors that are not due to
  33. * underlying IO failure. */
  34. #define CASE_TOR_TLS_ERROR_ANY_NONIO \
  35. case TOR_TLS_ERROR_MISC: \
  36. case TOR_TLS_ERROR_CONNREFUSED: \
  37. case TOR_TLS_ERROR_CONNRESET: \
  38. case TOR_TLS_ERROR_NO_ROUTE: \
  39. case TOR_TLS_ERROR_TIMEOUT
  40. /** Use this macro in a switch statement to catch _any_ TLS error. That way,
  41. * if more errors are added, your switches will still work. */
  42. #define CASE_TOR_TLS_ERROR_ANY \
  43. CASE_TOR_TLS_ERROR_ANY_NONIO: \
  44. case TOR_TLS_ERROR_IO
  45. #define TOR_TLS_IS_ERROR(rv) ((rv) < TOR_TLS_CLOSE)
  46. #ifdef TORTLS_PRIVATE
  47. #define TOR_TLS_MAGIC 0x71571571
  48. typedef enum {
  49. TOR_TLS_ST_HANDSHAKE, TOR_TLS_ST_OPEN, TOR_TLS_ST_GOTCLOSE,
  50. TOR_TLS_ST_SENTCLOSE, TOR_TLS_ST_CLOSED, TOR_TLS_ST_RENEGOTIATE,
  51. TOR_TLS_ST_BUFFEREVENT
  52. } tor_tls_state_t;
  53. #define tor_tls_state_bitfield_t ENUM_BF(tor_tls_state_t)
  54. /** Holds a SSL_CTX object and related state used to configure TLS
  55. * connections.
  56. */
  57. typedef struct tor_tls_context_t {
  58. int refcnt;
  59. SSL_CTX *ctx;
  60. tor_x509_cert_t *my_link_cert;
  61. tor_x509_cert_t *my_id_cert;
  62. tor_x509_cert_t *my_auth_cert;
  63. crypto_pk_t *link_key;
  64. crypto_pk_t *auth_key;
  65. } tor_tls_context_t;
  66. /** Structure that we use for a single certificate. */
  67. struct tor_x509_cert_t {
  68. X509 *cert;
  69. uint8_t *encoded;
  70. size_t encoded_len;
  71. unsigned pkey_digests_set : 1;
  72. common_digests_t cert_digests;
  73. common_digests_t pkey_digests;
  74. };
  75. /** Holds a SSL object and its associated data. Members are only
  76. * accessed from within tortls.c.
  77. */
  78. struct tor_tls_t {
  79. uint32_t magic;
  80. tor_tls_context_t *context; /** A link to the context object for this tls. */
  81. SSL *ssl; /**< An OpenSSL SSL object. */
  82. int socket; /**< The underlying file descriptor for this TLS connection. */
  83. char *address; /**< An address to log when describing this connection. */
  84. tor_tls_state_bitfield_t state : 3; /**< The current SSL state,
  85. * depending on which operations
  86. * have completed successfully. */
  87. unsigned int isServer:1; /**< True iff this is a server-side connection */
  88. unsigned int wasV2Handshake:1; /**< True iff the original handshake for
  89. * this connection used the updated version
  90. * of the connection protocol (client sends
  91. * different cipher list, server sends only
  92. * one certificate). */
  93. /** True iff we should call negotiated_callback when we're done reading. */
  94. unsigned int got_renegotiate:1;
  95. /** Return value from tor_tls_classify_client_ciphers, or 0 if we haven't
  96. * called that function yet. */
  97. int8_t client_cipher_list_type;
  98. /** Incremented every time we start the server side of a handshake. */
  99. uint8_t server_handshake_count;
  100. size_t wantwrite_n; /**< 0 normally, >0 if we returned wantwrite last
  101. * time. */
  102. /** Last values retrieved from BIO_number_read()/write(); see
  103. * tor_tls_get_n_raw_bytes() for usage.
  104. */
  105. unsigned long last_write_count;
  106. unsigned long last_read_count;
  107. /** If set, a callback to invoke whenever the client tries to renegotiate
  108. * the handshake. */
  109. void (*negotiated_callback)(tor_tls_t *tls, void *arg);
  110. /** Argument to pass to negotiated_callback. */
  111. void *callback_arg;
  112. };
  113. STATIC int tor_errno_to_tls_error(int e);
  114. STATIC int tor_tls_get_error(tor_tls_t *tls, int r, int extra,
  115. const char *doing, int severity, int domain);
  116. STATIC tor_tls_t *tor_tls_get_by_ssl(const SSL *ssl);
  117. STATIC void tor_tls_allocate_tor_tls_object_ex_data_index(void);
  118. STATIC int always_accept_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx);
  119. STATIC int tor_tls_classify_client_ciphers(const SSL *ssl,
  120. STACK_OF(SSL_CIPHER) *peer_ciphers);
  121. STATIC int tor_tls_client_is_using_v2_ciphers(const SSL *ssl);
  122. MOCK_DECL(STATIC void, try_to_extract_certs_from_tls,
  123. (int severity, tor_tls_t *tls, X509 **cert_out, X509 **id_cert_out));
  124. #ifndef HAVE_SSL_SESSION_GET_MASTER_KEY
  125. STATIC size_t SSL_SESSION_get_master_key(SSL_SESSION *s, uint8_t *out,
  126. size_t len);
  127. #endif
  128. STATIC void tor_tls_debug_state_callback(const SSL *ssl, int type, int val);
  129. STATIC void tor_tls_server_info_callback(const SSL *ssl, int type, int val);
  130. STATIC int tor_tls_session_secret_cb(SSL *ssl, void *secret,
  131. int *secret_len,
  132. STACK_OF(SSL_CIPHER) *peer_ciphers,
  133. CONST_IF_OPENSSL_1_1_API SSL_CIPHER **cipher,
  134. void *arg);
  135. STATIC int find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m,
  136. uint16_t cipher);
  137. MOCK_DECL(STATIC X509*, tor_tls_create_certificate,(crypto_pk_t *rsa,
  138. crypto_pk_t *rsa_sign,
  139. const char *cname,
  140. const char *cname_sign,
  141. unsigned int cert_lifetime));
  142. STATIC tor_tls_context_t *tor_tls_context_new(crypto_pk_t *identity,
  143. unsigned int key_lifetime, unsigned flags, int is_client);
  144. MOCK_DECL(STATIC tor_x509_cert_t *, tor_x509_cert_new,(X509 *x509_cert));
  145. STATIC int tor_tls_context_init_one(tor_tls_context_t **ppcontext,
  146. crypto_pk_t *identity,
  147. unsigned int key_lifetime,
  148. unsigned int flags,
  149. int is_client);
  150. STATIC void tls_log_errors(tor_tls_t *tls, int severity, int domain,
  151. const char *doing);
  152. #ifdef TOR_UNIT_TESTS
  153. extern int tor_tls_object_ex_data_index;
  154. extern tor_tls_context_t *server_tls_context;
  155. extern tor_tls_context_t *client_tls_context;
  156. extern uint16_t v2_cipher_list[];
  157. extern uint64_t total_bytes_written_over_tls;
  158. extern uint64_t total_bytes_written_by_tls;
  159. #endif
  160. #endif /* endif TORTLS_PRIVATE */
  161. tor_x509_cert_t *tor_x509_cert_dup(const tor_x509_cert_t *cert);
  162. const char *tor_tls_err_to_string(int err);
  163. void tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz);
  164. void tor_tls_free_all(void);
  165. #define TOR_TLS_CTX_IS_PUBLIC_SERVER (1u<<0)
  166. #define TOR_TLS_CTX_USE_ECDHE_P256 (1u<<1)
  167. #define TOR_TLS_CTX_USE_ECDHE_P224 (1u<<2)
  168. int tor_tls_context_init(unsigned flags,
  169. crypto_pk_t *client_identity,
  170. crypto_pk_t *server_identity,
  171. unsigned int key_lifetime);
  172. tor_tls_t *tor_tls_new(int sock, int is_server);
  173. void tor_tls_set_logged_address(tor_tls_t *tls, const char *address);
  174. void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
  175. void (*cb)(tor_tls_t *, void *arg),
  176. void *arg);
  177. int tor_tls_is_server(tor_tls_t *tls);
  178. void tor_tls_free(tor_tls_t *tls);
  179. int tor_tls_peer_has_cert(tor_tls_t *tls);
  180. MOCK_DECL(tor_x509_cert_t *,tor_tls_get_peer_cert,(tor_tls_t *tls));
  181. int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity);
  182. int tor_tls_check_lifetime(int severity,
  183. tor_tls_t *tls, time_t now,
  184. int past_tolerance,
  185. int future_tolerance);
  186. MOCK_DECL(int, tor_tls_read, (tor_tls_t *tls, char *cp, size_t len));
  187. int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n);
  188. int tor_tls_handshake(tor_tls_t *tls);
  189. int tor_tls_finish_handshake(tor_tls_t *tls);
  190. void tor_tls_unblock_renegotiation(tor_tls_t *tls);
  191. void tor_tls_block_renegotiation(tor_tls_t *tls);
  192. void tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls);
  193. int tor_tls_shutdown(tor_tls_t *tls);
  194. int tor_tls_get_pending_bytes(tor_tls_t *tls);
  195. size_t tor_tls_get_forced_write_size(tor_tls_t *tls);
  196. void tor_tls_get_n_raw_bytes(tor_tls_t *tls,
  197. size_t *n_read, size_t *n_written);
  198. int tor_tls_get_buffer_sizes(tor_tls_t *tls,
  199. size_t *rbuf_capacity, size_t *rbuf_bytes,
  200. size_t *wbuf_capacity, size_t *wbuf_bytes);
  201. MOCK_DECL(double, tls_get_write_overhead_ratio, (void));
  202. int tor_tls_used_v1_handshake(tor_tls_t *tls);
  203. int tor_tls_get_num_server_handshakes(tor_tls_t *tls);
  204. int tor_tls_server_got_renegotiate(tor_tls_t *tls);
  205. MOCK_DECL(int,tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out));
  206. MOCK_DECL(int,tor_tls_export_key_material,(
  207. tor_tls_t *tls, uint8_t *secrets_out,
  208. const uint8_t *context,
  209. size_t context_len,
  210. const char *label));
  211. /* Log and abort if there are unhandled TLS errors in OpenSSL's error stack.
  212. */
  213. #define check_no_tls_errors() check_no_tls_errors_(__FILE__,__LINE__)
  214. void check_no_tls_errors_(const char *fname, int line);
  215. void tor_tls_log_one_error(tor_tls_t *tls, unsigned long err,
  216. int severity, int domain, const char *doing);
  217. void tor_x509_cert_free(tor_x509_cert_t *cert);
  218. tor_x509_cert_t *tor_x509_cert_decode(const uint8_t *certificate,
  219. size_t certificate_len);
  220. void tor_x509_cert_get_der(const tor_x509_cert_t *cert,
  221. const uint8_t **encoded_out, size_t *size_out);
  222. const common_digests_t *tor_x509_cert_get_id_digests(
  223. const tor_x509_cert_t *cert);
  224. const common_digests_t *tor_x509_cert_get_cert_digests(
  225. const tor_x509_cert_t *cert);
  226. int tor_tls_get_my_certs(int server,
  227. const tor_x509_cert_t **link_cert_out,
  228. const tor_x509_cert_t **id_cert_out);
  229. crypto_pk_t *tor_tls_get_my_client_auth_key(void);
  230. crypto_pk_t *tor_tls_cert_get_key(tor_x509_cert_t *cert);
  231. MOCK_DECL(int,tor_tls_cert_matches_key,(const tor_tls_t *tls,
  232. const tor_x509_cert_t *cert));
  233. int tor_tls_cert_is_valid(int severity,
  234. const tor_x509_cert_t *cert,
  235. const tor_x509_cert_t *signing_cert,
  236. time_t now,
  237. int check_rsa_1024);
  238. const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
  239. int evaluate_ecgroup_for_tls(const char *ecgroup);
  240. #endif