tortls.h 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293
  1. /* Copyright (c) 2003, Roger Dingledine
  2. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  3. * Copyright (c) 2007-2018, The Tor Project, Inc. */
  4. /* See LICENSE for licensing information */
  5. #ifndef TOR_TORTLS_H
  6. #define TOR_TORTLS_H
  7. /**
  8. * \file tortls.h
  9. * \brief Headers for tortls.c
  10. **/
  11. #include "lib/crypt_ops/crypto_rsa.h"
  12. #include "lib/crypt_ops/compat_openssl.h"
  13. #include "lib/testsupport/testsupport.h"
  14. /* Opaque structure to hold a TLS connection. */
  15. typedef struct tor_tls_t tor_tls_t;
  16. /* Opaque structure to hold an X509 certificate. */
  17. typedef struct tor_x509_cert_t tor_x509_cert_t;
  18. /* Possible return values for most tor_tls_* functions. */
  19. #define MIN_TOR_TLS_ERROR_VAL_ -9
  20. #define TOR_TLS_ERROR_MISC -9
  21. /* Rename to unexpected close or something. XXXX */
  22. #define TOR_TLS_ERROR_IO -8
  23. #define TOR_TLS_ERROR_CONNREFUSED -7
  24. #define TOR_TLS_ERROR_CONNRESET -6
  25. #define TOR_TLS_ERROR_NO_ROUTE -5
  26. #define TOR_TLS_ERROR_TIMEOUT -4
  27. #define TOR_TLS_CLOSE -3
  28. #define TOR_TLS_WANTREAD -2
  29. #define TOR_TLS_WANTWRITE -1
  30. #define TOR_TLS_DONE 0
  31. /** Collection of case statements for all TLS errors that are not due to
  32. * underlying IO failure. */
  33. #define CASE_TOR_TLS_ERROR_ANY_NONIO \
  34. case TOR_TLS_ERROR_MISC: \
  35. case TOR_TLS_ERROR_CONNREFUSED: \
  36. case TOR_TLS_ERROR_CONNRESET: \
  37. case TOR_TLS_ERROR_NO_ROUTE: \
  38. case TOR_TLS_ERROR_TIMEOUT
  39. /** Use this macro in a switch statement to catch _any_ TLS error. That way,
  40. * if more errors are added, your switches will still work. */
  41. #define CASE_TOR_TLS_ERROR_ANY \
  42. CASE_TOR_TLS_ERROR_ANY_NONIO: \
  43. case TOR_TLS_ERROR_IO
  44. #define TOR_TLS_IS_ERROR(rv) ((rv) < TOR_TLS_CLOSE)
  45. #ifdef TORTLS_PRIVATE
  46. #define TOR_TLS_MAGIC 0x71571571
  47. typedef enum {
  48. TOR_TLS_ST_HANDSHAKE, TOR_TLS_ST_OPEN, TOR_TLS_ST_GOTCLOSE,
  49. TOR_TLS_ST_SENTCLOSE, TOR_TLS_ST_CLOSED, TOR_TLS_ST_RENEGOTIATE,
  50. TOR_TLS_ST_BUFFEREVENT
  51. } tor_tls_state_t;
  52. #define tor_tls_state_bitfield_t ENUM_BF(tor_tls_state_t)
  53. struct x509_st;
  54. struct ssl_st;
  55. struct ssl_ctx_st;
  56. struct ssl_session_st;
  57. /** Holds a SSL_CTX object and related state used to configure TLS
  58. * connections.
  59. */
  60. typedef struct tor_tls_context_t {
  61. int refcnt;
  62. struct ssl_ctx_st *ctx;
  63. tor_x509_cert_t *my_link_cert;
  64. tor_x509_cert_t *my_id_cert;
  65. tor_x509_cert_t *my_auth_cert;
  66. crypto_pk_t *link_key;
  67. crypto_pk_t *auth_key;
  68. } tor_tls_context_t;
  69. /** Structure that we use for a single certificate. */
  70. struct tor_x509_cert_t {
  71. struct x509_st *cert;
  72. uint8_t *encoded;
  73. size_t encoded_len;
  74. unsigned pkey_digests_set : 1;
  75. common_digests_t cert_digests;
  76. common_digests_t pkey_digests;
  77. };
  78. /** Holds a SSL object and its associated data. Members are only
  79. * accessed from within tortls.c.
  80. */
  81. struct tor_tls_t {
  82. uint32_t magic;
  83. tor_tls_context_t *context; /** A link to the context object for this tls. */
  84. struct ssl_st *ssl; /**< An OpenSSL SSL object. */
  85. int socket; /**< The underlying file descriptor for this TLS connection. */
  86. char *address; /**< An address to log when describing this connection. */
  87. tor_tls_state_bitfield_t state : 3; /**< The current SSL state,
  88. * depending on which operations
  89. * have completed successfully. */
  90. unsigned int isServer:1; /**< True iff this is a server-side connection */
  91. unsigned int wasV2Handshake:1; /**< True iff the original handshake for
  92. * this connection used the updated version
  93. * of the connection protocol (client sends
  94. * different cipher list, server sends only
  95. * one certificate). */
  96. /** True iff we should call negotiated_callback when we're done reading. */
  97. unsigned int got_renegotiate:1;
  98. /** Return value from tor_tls_classify_client_ciphers, or 0 if we haven't
  99. * called that function yet. */
  100. int8_t client_cipher_list_type;
  101. /** Incremented every time we start the server side of a handshake. */
  102. uint8_t server_handshake_count;
  103. size_t wantwrite_n; /**< 0 normally, >0 if we returned wantwrite last
  104. * time. */
  105. /** Last values retrieved from BIO_number_read()/write(); see
  106. * tor_tls_get_n_raw_bytes() for usage.
  107. */
  108. unsigned long last_write_count;
  109. unsigned long last_read_count;
  110. /** If set, a callback to invoke whenever the client tries to renegotiate
  111. * the handshake. */
  112. void (*negotiated_callback)(tor_tls_t *tls, void *arg);
  113. /** Argument to pass to negotiated_callback. */
  114. void *callback_arg;
  115. };
  116. STATIC int tor_errno_to_tls_error(int e);
  117. STATIC int tor_tls_get_error(tor_tls_t *tls, int r, int extra,
  118. const char *doing, int severity, int domain);
  119. STATIC tor_tls_t *tor_tls_get_by_ssl(const struct ssl_st *ssl);
  120. STATIC void tor_tls_allocate_tor_tls_object_ex_data_index(void);
  121. #ifdef TORTLS_OPENSSL_PRIVATE
  122. STATIC int always_accept_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx);
  123. STATIC int tor_tls_classify_client_ciphers(const struct ssl_st *ssl,
  124. STACK_OF(SSL_CIPHER) *peer_ciphers);
  125. #endif
  126. STATIC int tor_tls_client_is_using_v2_ciphers(const struct ssl_st *ssl);
  127. MOCK_DECL(STATIC void, try_to_extract_certs_from_tls,
  128. (int severity, tor_tls_t *tls, struct x509_st **cert_out,
  129. struct x509_st **id_cert_out));
  130. #ifndef HAVE_SSL_SESSION_GET_MASTER_KEY
  131. STATIC size_t SSL_SESSION_get_master_key(struct ssl_session_st *s,
  132. uint8_t *out,
  133. size_t len);
  134. #endif
  135. STATIC void tor_tls_debug_state_callback(const struct ssl_st *ssl,
  136. int type, int val);
  137. STATIC void tor_tls_server_info_callback(const struct ssl_st *ssl,
  138. int type, int val);
  139. #ifdef TORTLS_OPENSSL_PRIVATE
  140. STATIC int tor_tls_session_secret_cb(struct ssl_st *ssl, void *secret,
  141. int *secret_len,
  142. STACK_OF(SSL_CIPHER) *peer_ciphers,
  143. CONST_IF_OPENSSL_1_1_API SSL_CIPHER **cipher,
  144. void *arg);
  145. STATIC int find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m,
  146. uint16_t cipher);
  147. #endif /* defined(TORTLS_OPENSSL_PRIVATE) */
  148. MOCK_DECL(STATIC struct x509_st *, tor_tls_create_certificate,
  149. (crypto_pk_t *rsa,
  150. crypto_pk_t *rsa_sign,
  151. const char *cname,
  152. const char *cname_sign,
  153. unsigned int cert_lifetime));
  154. STATIC tor_tls_context_t *tor_tls_context_new(crypto_pk_t *identity,
  155. unsigned int key_lifetime, unsigned flags, int is_client);
  156. MOCK_DECL(STATIC tor_x509_cert_t *, tor_x509_cert_new,
  157. (struct x509_st *x509_cert));
  158. STATIC int tor_tls_context_init_one(tor_tls_context_t **ppcontext,
  159. crypto_pk_t *identity,
  160. unsigned int key_lifetime,
  161. unsigned int flags,
  162. int is_client);
  163. STATIC void tls_log_errors(tor_tls_t *tls, int severity, int domain,
  164. const char *doing);
  165. #ifdef TOR_UNIT_TESTS
  166. extern int tor_tls_object_ex_data_index;
  167. extern tor_tls_context_t *server_tls_context;
  168. extern tor_tls_context_t *client_tls_context;
  169. extern uint16_t v2_cipher_list[];
  170. extern uint64_t total_bytes_written_over_tls;
  171. extern uint64_t total_bytes_written_by_tls;
  172. STATIC tor_x509_cert_t *tor_x509_cert_replace_expiration(
  173. const tor_x509_cert_t *inp,
  174. time_t new_expiration_time,
  175. crypto_pk_t *signing_key);
  176. #endif /* defined(TOR_UNIT_TESTS) */
  177. #endif /* defined(TORTLS_PRIVATE) */
  178. tor_x509_cert_t *tor_x509_cert_dup(const tor_x509_cert_t *cert);
  179. const char *tor_tls_err_to_string(int err);
  180. void tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz);
  181. void tor_tls_free_all(void);
  182. #define TOR_TLS_CTX_IS_PUBLIC_SERVER (1u<<0)
  183. #define TOR_TLS_CTX_USE_ECDHE_P256 (1u<<1)
  184. #define TOR_TLS_CTX_USE_ECDHE_P224 (1u<<2)
  185. int tor_tls_context_init(unsigned flags,
  186. crypto_pk_t *client_identity,
  187. crypto_pk_t *server_identity,
  188. unsigned int key_lifetime);
  189. tor_tls_t *tor_tls_new(int sock, int is_server);
  190. void tor_tls_set_logged_address(tor_tls_t *tls, const char *address);
  191. void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
  192. void (*cb)(tor_tls_t *, void *arg),
  193. void *arg);
  194. int tor_tls_is_server(tor_tls_t *tls);
  195. void tor_tls_free_(tor_tls_t *tls);
  196. #define tor_tls_free(tls) FREE_AND_NULL(tor_tls_t, tor_tls_free_, (tls))
  197. int tor_tls_peer_has_cert(tor_tls_t *tls);
  198. MOCK_DECL(tor_x509_cert_t *,tor_tls_get_peer_cert,(tor_tls_t *tls));
  199. MOCK_DECL(tor_x509_cert_t *,tor_tls_get_own_cert,(tor_tls_t *tls));
  200. int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity);
  201. int tor_tls_check_lifetime(int severity,
  202. tor_tls_t *tls, time_t now,
  203. int past_tolerance,
  204. int future_tolerance);
  205. MOCK_DECL(int, tor_tls_read, (tor_tls_t *tls, char *cp, size_t len));
  206. int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n);
  207. int tor_tls_handshake(tor_tls_t *tls);
  208. int tor_tls_finish_handshake(tor_tls_t *tls);
  209. void tor_tls_unblock_renegotiation(tor_tls_t *tls);
  210. void tor_tls_block_renegotiation(tor_tls_t *tls);
  211. void tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls);
  212. int tor_tls_shutdown(tor_tls_t *tls);
  213. int tor_tls_get_pending_bytes(tor_tls_t *tls);
  214. size_t tor_tls_get_forced_write_size(tor_tls_t *tls);
  215. void tor_tls_get_n_raw_bytes(tor_tls_t *tls,
  216. size_t *n_read, size_t *n_written);
  217. int tor_tls_get_buffer_sizes(tor_tls_t *tls,
  218. size_t *rbuf_capacity, size_t *rbuf_bytes,
  219. size_t *wbuf_capacity, size_t *wbuf_bytes);
  220. MOCK_DECL(double, tls_get_write_overhead_ratio, (void));
  221. int tor_tls_used_v1_handshake(tor_tls_t *tls);
  222. int tor_tls_get_num_server_handshakes(tor_tls_t *tls);
  223. int tor_tls_server_got_renegotiate(tor_tls_t *tls);
  224. MOCK_DECL(int,tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out));
  225. MOCK_DECL(int,tor_tls_export_key_material,(
  226. tor_tls_t *tls, uint8_t *secrets_out,
  227. const uint8_t *context,
  228. size_t context_len,
  229. const char *label));
  230. /* Log and abort if there are unhandled TLS errors in OpenSSL's error stack.
  231. */
  232. #define check_no_tls_errors() check_no_tls_errors_(__FILE__,__LINE__)
  233. void check_no_tls_errors_(const char *fname, int line);
  234. void tor_tls_log_one_error(tor_tls_t *tls, unsigned long err,
  235. int severity, int domain, const char *doing);
  236. void tor_x509_cert_free_(tor_x509_cert_t *cert);
  237. #define tor_x509_cert_free(c) \
  238. FREE_AND_NULL(tor_x509_cert_t, tor_x509_cert_free_, (c))
  239. tor_x509_cert_t *tor_x509_cert_decode(const uint8_t *certificate,
  240. size_t certificate_len);
  241. void tor_x509_cert_get_der(const tor_x509_cert_t *cert,
  242. const uint8_t **encoded_out, size_t *size_out);
  243. const common_digests_t *tor_x509_cert_get_id_digests(
  244. const tor_x509_cert_t *cert);
  245. const common_digests_t *tor_x509_cert_get_cert_digests(
  246. const tor_x509_cert_t *cert);
  247. int tor_tls_get_my_certs(int server,
  248. const tor_x509_cert_t **link_cert_out,
  249. const tor_x509_cert_t **id_cert_out);
  250. crypto_pk_t *tor_tls_get_my_client_auth_key(void);
  251. crypto_pk_t *tor_tls_cert_get_key(tor_x509_cert_t *cert);
  252. MOCK_DECL(int,tor_tls_cert_matches_key,(const tor_tls_t *tls,
  253. const tor_x509_cert_t *cert));
  254. int tor_tls_cert_is_valid(int severity,
  255. const tor_x509_cert_t *cert,
  256. const tor_x509_cert_t *signing_cert,
  257. time_t now,
  258. int check_rsa_1024);
  259. const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
  260. int evaluate_ecgroup_for_tls(const char *ecgroup);
  261. #endif /* !defined(TOR_TORTLS_H) */