tildefriends/src/tls.c

1459 lines
36 KiB
C

#include "tls.h"
#if defined(_WIN32)
#define TF_TLS_SCHANNEL
#elif defined(__MACH__)
#define TF_TLS_APPLE
#else
#define TF_TLS_OPENSSL
#endif
#include <ctype.h>
#include <string.h>
#if defined(TF_TLS_OPENSSL)
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
typedef enum _direction_t {
k_direction_undetermined,
k_direction_accept,
k_direction_connect,
} direction_t;
typedef struct _tf_tls_context_t {
#if defined(TF_TLS_OPENSSL)
SSL_CTX* context;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
} tf_tls_context_t;
typedef struct _tf_tls_session_t {
#if defined(TF_TLS_OPENSSL)
tf_tls_context_t* context;
BIO* bio_in;
BIO* bio_out;
SSL* ssl;
const char* hostname;
direction_t direction;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
} tf_tls_session_t;
#if !defined (_WIN32) && !defined (__MACH__)
#elif defined (__MACH__)
#include <Security/SecIdentity.h>
#include <Security/SecImportExport.h>
#include <Security/SecureTransport.h>
#include <cstring>
#include <locale>
#include <vector>
extern "C" SecIdentityRef SecIdentityCreate(CFAllocatorRef allocator, SecCertificateRef certificate, SecKeyRef privateKey);
class TlsContext_osx : public TlsContext {
public:
~TlsContext_osx() override;
TlsSession* createSession() override;
bool setCertificate(const char* certificate) override;
bool setPrivateKey(const char* privateKey) override;
bool addTrustedCertificate(const char* certificate) override;
SecKeyRef& getPrivateKey()
{
return _privateKey;
}
SecCertificateRef& getCertificate()
{
return _certificate;
CFArrayRef getTrustedCertificates()
{
return _trustedCertificates;
}
private:
SecKeyRef _privateKey = 0;
SecCertificateRef _certificate = 0;
CFMutableArrayRef _trustedCertificates = 0;
};
class TlsSession_osx : public TlsSession {
public:
TlsSession_osx(TlsContext_osx* context);
~TlsSession_osx();
void startConnect() override;
void startAccept() override;
void shutdown() override;
HandshakeResult handshake() override;
int readPlain(char* buffer, size_t bytes) override;
int writePlain(const char* buffer, size_t bytes) override;
int readEncrypted(char* buffer, size_t bytes) override;
int writeEncrypted(const char* buffer, size_t bytes) override;
void setHostname(const char* hostname) override { _hostname = hostname; }
virtual int getPeerCertificate(char* buffer, size_t bytes) override;
private:
static OSStatus writeCallback(SSLConnectionRef connection, const void* data, size_t* dataLength);
static OSStatus readCallback(SSLConnectionRef connection, void* data, size_t* dataLength);
TlsContext_osx* _context = 0;
SSLContextRef _session = 0;
std::vector<char> _inBuffer;
std::vector<char> _outBuffer;
std::string _hostname;
bool _shutdown = false;
};
TlsContext_osx::~TlsContext_osx()
{
if (_privateKey)
{
CFRelease(_privateKey);
_privateKey = 0;
}
if (_certificate)
{
CFRelease(_certificate);
_certificate = 0;
}
if (_trustedCertificates)
{
CFRelease(_trustedCertificates);
_trustedCertificates = 0;
}
}
TlsSession* TlsContext_osx::createSession()
{
return new TlsSession_osx(this);
}
bool TlsContext_osx::setCertificate(const char* certificate)
{
if (_certificate)
{
CFRelease(_certificate);
_certificate = 0;
}
CFDataRef data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, reinterpret_cast<const UInt8*>(certificate), std::strlen(certificate), kCFAllocatorDefault);
CFArrayRef items = 0;
SecExternalFormat format = kSecFormatPEMSequence;
SecExternalItemType itemType = kSecItemTypeCertificate;
OSStatus status = SecItemImport(data, 0, &format, &itemType, 0, 0, 0, &items);
if (status == noErr && CFArrayGetCount(items) > 0)
{
_certificate = (SecCertificateRef)CFArrayGetValueAtIndex(items, 0);
}
return _certificate != 0;
}
bool TlsContext_osx::setPrivateKey(const char* privateKey)
{
if (_privateKey)
{
CFRelease(_privateKey);
_privateKey = 0;
}
CFDataRef data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, reinterpret_cast<const UInt8*>(privateKey), std::strlen(privateKey), kCFAllocatorDefault);
CFArrayRef items = 0;
SecExternalFormat format = kSecFormatPEMSequence;
SecExternalItemType itemType = kSecItemTypePrivateKey;
OSStatus status = SecItemImport(data, 0, &format, &itemType, 0, 0, 0, &items);
if (status == noErr && CFArrayGetCount(items) > 0)
{
_privateKey = (SecKeyRef)CFArrayGetValueAtIndex(items, 0);
}
return _privateKey != 0;
}
bool TlsContext_osx::addTrustedCertificate(const char* certificate)
{
if (!_trustedCertificates)
{
_trustedCertificates = CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks);
}
SecCertificateRef certificateItem = 0;
CFDataRef data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, reinterpret_cast<const UInt8*>(certificate), std::strlen(certificate), kCFAllocatorDefault);
CFArrayRef items = 0;
SecExternalFormat format = kSecFormatPEMSequence;
SecExternalItemType itemType = kSecItemTypeCertificate;
OSStatus status = SecItemImport(data, 0, &format, &itemType, 0, 0, 0, &items);
if (status == noErr && CFArrayGetCount(items) > 0)
{
certificateItem = (SecCertificateRef)CFArrayGetValueAtIndex(items, 0);
}
if (certificateItem)
{
CFArrayAppendValue(_trustedCertificates, certificateItem);
}
return certificateItem != 0;
}
TlsSession_osx::TlsSession_osx(TlsContext_osx* context)
{
_context = context;
}
TlsSession_osx::~TlsSession_osx()
{
if (_session)
{
CFRelease(_session);
_session = 0;
}
}
void TlsSession_osx::startAccept()
{
_session = SSLCreateContext(0, kSSLServerSide, kSSLStreamType);
if (_context->getCertificate() && _context->getPrivateKey())
{
SecIdentityRef identity = SecIdentityCreate(kCFAllocatorDefault, _context->getCertificate(), _context->getPrivateKey());
CFArrayRef array = CFArrayCreate(kCFAllocatorDefault, (const void**)&identity, 1, &kCFTypeArrayCallBacks);
SSLSetCertificate(_session, array);
}
SSLSetIOFuncs(_session, readCallback, writeCallback);
SSLSetConnection(_session, this);
handshake();
}
void TlsSession_osx::startConnect()
{
_session = SSLCreateContext(0, kSSLClientSide, kSSLStreamType);
if (_context->getTrustedCertificates())
{
// XXX: SSLSetTrustedRoots(_session, _context->getTrustedCertificates(), false);
}
SSLSetIOFuncs(_session, readCallback, writeCallback);
SSLSetConnection(_session, this);
SSLSetPeerDomainName(_session, _hostname.c_str(), _hostname.size());
handshake();
}
void TlsSession_osx::shutdown()
{
if (!_outBuffer.size())
{
SSLClose(_session);
_shutdown = false;
}
else
{
_shutdown = true;
}
}
TlsSession::HandshakeResult TlsSession_osx::handshake()
{
TlsSession::HandshakeResult result = TlsSession::kFailed;
OSStatus status = SSLHandshake(_session);
switch (status)
{
case noErr:
result = TlsSession::kDone;
break;
case errSSLWouldBlock:
result = TlsSession::kMore;
break;
default:
result = TlsSession::kFailed;
break;
}
return result;
}
int TlsSession_osx::readPlain(char* buffer, size_t bytes)
{
int result = 0;
size_t processed = bytes;
OSStatus status = SSLRead(_session, buffer, bytes, &processed);
if (status == noErr)
{
result = processed;
}
else if (status == errSSLWouldBlock)
{
result = processed;
}
else if (status == errSSLClosedGraceful)
{
result = kReadZero;
}
else
{
result = kReadFailed;
}
return result;
}
int TlsSession_osx::writePlain(const char* buffer, size_t bytes)
{
int result = 0;
size_t processed;
OSStatus status = SSLWrite(_session, buffer, bytes, &processed);
if (status == noErr)
{
result = processed;
}
else
{
result = -1;
}
return result;
}
OSStatus TlsSession_osx::writeCallback(SSLConnectionRef connection, const void* data, size_t* dataLength)
{
TlsSession_osx* tls = reinterpret_cast<TlsSession_osx*>(const_cast<void*>(connection));
tls->_outBuffer.insert(tls->_outBuffer.end(), reinterpret_cast<const char*>(data), reinterpret_cast<const char*>(data) + *dataLength);
if (tls->_shutdown && !tls->_outBuffer.size())
{
SSLClose(tls->_session);
tls->_shutdown = false;
}
return noErr;
}
OSStatus TlsSession_osx::readCallback(SSLConnectionRef connection, void* data, size_t* dataLength)
{
TlsSession_osx* tls = reinterpret_cast<TlsSession_osx*>(const_cast<void*>(connection));
OSStatus result = noErr;
size_t bytes = std::min(tls->_inBuffer.size(), *dataLength);
if (bytes > 0)
{
std::memcpy(data, tls->_inBuffer.data(), bytes);
tls->_inBuffer.erase(tls->_inBuffer.begin(), tls->_inBuffer.begin() + bytes);
}
if (bytes < *dataLength)
{
result = errSSLWouldBlock;
}
*dataLength = bytes;
return result;
}
int TlsSession_osx::readEncrypted(char* buffer, size_t bytes)
{
size_t size = std::min(bytes, _outBuffer.size());
if (size > 0)
{
std::memcpy(buffer, _outBuffer.data(), size);
_outBuffer.erase(_outBuffer.begin(), _outBuffer.begin() + size);
}
return size;
}
int TlsSession_osx::writeEncrypted(const char* buffer, size_t bytes)
{
_inBuffer.insert(_inBuffer.end(), buffer, buffer + bytes);
return bytes;
}
int TlsSession_osx::getPeerCertificate(char* buffer, size_t size)
{
int result = -1;
SecTrustRef trust = 0;
if (SSLCopyPeerTrust(_session, &trust) == noErr)
{
if (SecTrustGetCertificateCount(trust) > 0)
{
SecCertificateRef certificate = SecTrustGetCertificateAtIndex(trust, 0);
CFDataRef data = 0;
if (SecItemExport(certificate, kSecFormatX509Cert, kSecItemPemArmour, nil, &data) == noErr)
{
size_t actualSize = CFDataGetLength(data);
if (actualSize <= size)
{
CFDataGetBytes(data, CFRangeMake(0, actualSize), reinterpret_cast<UInt8*>(buffer));
result = actualSize;
}
}
}
CFRelease(trust);
}
return result;
}
TlsContext* TlsContext::create()
{
return new TlsContext_osx();
}
#elif defined (_WIN32)
#include <algorithm>
#include <assert.h>
#include <cstring>
#include <string>
#include <vector>
#define SECURITY_WIN32
#define NOMINMAX
#include <windows.h>
#include <schannel.h>
#include <security.h>
#undef SECURITY_WIN32
#undef NOMINMAX
PSecurityFunctionTable getSecurityLibrary();
class TlsContext_sspi : public TlsContext {
public:
TlsContext_sspi();
~TlsContext_sspi();
TlsSession* createSession() override;
bool setCertificate(const char* certificate) override;
bool setPrivateKey(const char* privateKey) override;
bool addTrustedCertificate(const char* certificate)
{
return false;
}
PCCERT_CONTEXT& getCertificate()
{
return _certificate;
}
private:
static const char* kContainerName;
void importKeyAndCertificate();
HCRYPTPROV _provider = 0;
HCERTSTORE _store = INVALID_HANDLE_VALUE;
PCCERT_CONTEXT _certificate = 0;
bool _dirty = true;
};
const char* TlsContext_sspi::kContainerName = "_tmp0";
class TlsSession_sspi : public TlsSession {
public:
TlsSession_sspi(TlsContext_sspi* context);
~TlsSession_sspi();
void startConnect() override;
void startAccept() override;
int getPeerCertificate(char* buffer, size_t size) override;
void shutdown() override;
HandshakeResult handshake() override;
int readPlain(char* buffer, size_t bytes) override;
int writePlain(const char* buffer, size_t bytes) override;
int readEncrypted(char* buffer, size_t bytes) override;
int writeEncrypted(const char* buffer, size_t bytes) override;
void setHostname(const char* hostname)
{
_hostname = hostname;
}
static void setError(HRESULT error);
bool getError(char* buffer, size_t bytes) override;
private:
HandshakeResult handshakeInternal(bool initial);
TlsContext_sspi* _context;
CredHandle _credentialsHandle;
CtxtHandle _securityContext;
SecPkgContext_StreamSizes _sizes;
enum { k_direction_undetermined, k_direction_connect, k_direction_accept } _direction = k_direction_undetermined;
bool _initial = false;
static HRESULT _lastError;
std::vector<char> _inBuffer;
std::vector<char> _outBuffer;
std::vector<char> _decryptedBuffer;
std::string _hostname;
};
HRESULT TlsSession_sspi::_lastError = S_OK;
PSecurityFunctionTable getSecurityLibrary()
{
PSecurityFunctionTable (*table)();
static PSecurityFunctionTable security;
static bool loaded;
if (!loaded)
{
HMODULE module = LoadLibrary("security.dll");
table = (PSecurityFunctionTable(*)())GetProcAddress(module, "InitSecurityInterfaceA");
assert(table && "failed to load security.dll");
security = table();
assert(security && "No function table in security.dll");
loaded = true;
}
return security;
}
TlsContext_sspi::TlsContext_sspi()
{
if (!CryptAcquireContext(&_provider, kContainerName, MS_DEF_RSA_SCHANNEL_PROV, PROV_RSA_SCHANNEL, CRYPT_NEWKEYSET))
{
if (GetLastError() != NTE_EXISTS || !CryptAcquireContext(&_provider, kContainerName, MS_DEF_RSA_SCHANNEL_PROV, PROV_RSA_SCHANNEL, 0))
{
TlsSession_sspi::setError(GetLastError());
}
}
_store = CertOpenStore(CERT_STORE_PROV_SYSTEM,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
_provider,
CERT_SYSTEM_STORE_LOCAL_MACHINE | CERT_STORE_NO_CRYPT_RELEASE_FLAG | CERT_STORE_OPEN_EXISTING_FLAG,
L"MY");
}
TlsContext_sspi::~TlsContext_sspi()
{
if (_store)
{
CertCloseStore(_store, 0);
_store = INVALID_HANDLE_VALUE;
}
if (_provider)
{
CryptReleaseContext(_provider, 0);
_provider = 0;
}
if (_certificate)
{
CertFreeCertificateContext(_certificate);
_certificate = 0;
}
}
bool TlsContext_sspi::setCertificate(const char* certificate)
{
if (_certificate)
{
CertFreeCertificateContext(_certificate);
_certificate = 0;
}
std::vector<BYTE> certificateBuffer;
DWORD size = 0;
if (CryptStringToBinary(certificate, 0, CRYPT_STRING_BASE64HEADER, 0, &size, 0, 0))
{
certificateBuffer.resize(size);
if (!CryptStringToBinary(certificate, 0, CRYPT_STRING_BASE64HEADER, certificateBuffer.data(), &size, 0, 0))
{
certificateBuffer.resize(0);
}
}
if (certificateBuffer.size())
{
_certificate = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, certificateBuffer.data(), certificateBuffer.size());
}
if (!CertAddCertificateContextToStore(_store, _certificate, CERT_STORE_ADD_REPLACE_EXISTING, 0))
{
TlsSession_sspi::setError(GetLastError());
}
_dirty = true;
return _certificate != 0;
}
bool TlsContext_sspi::setPrivateKey(const char* privateKey)
{
bool result = false;
std::vector<BYTE> keyBuffer;
std::vector<BYTE> keyBlob;
DWORD size = 0;
if (CryptStringToBinary(privateKey, 0, CRYPT_STRING_BASE64HEADER, 0, &size, 0, 0))
{
keyBuffer.resize(size);
if (!CryptStringToBinary(privateKey, 0, CRYPT_STRING_BASE64HEADER, keyBuffer.data(), &size, 0, 0))
{
TlsSession_sspi::setError(GetLastError());
keyBuffer.resize(0);
}
}
size = 0;
if (CryptDecodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, keyBuffer.data(), keyBuffer.size(), 0, 0, 0, &size))
{
keyBlob.resize(size);
if (!CryptDecodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, keyBuffer.data(), keyBuffer.size(), 0, 0, keyBlob.data(), &size))
{
TlsSession_sspi::setError(GetLastError());
keyBlob.resize(0);
}
}
HCRYPTKEY cryptKey = 0;
if (CryptImportKey(_provider, keyBlob.data(), keyBlob.size(), 0, 0, &cryptKey))
{
CryptDestroyKey(cryptKey);
cryptKey = 0;
result = true;
}
else
{
TlsSession_sspi::setError(GetLastError());
}
_dirty = true;
return result;
}
void TlsContext_sspi::importKeyAndCertificate()
{
if (_certificate)
{
WCHAR wname[32];
mbstowcs(wname, kContainerName, sizeof(kContainerName) + 1);
CRYPT_KEY_PROV_INFO info;
ZeroMemory(&info, sizeof(info));
info.pwszContainerName = wname;
info.pwszProvName = MS_DEF_RSA_SCHANNEL_PROV_W;
info.dwProvType = PROV_RSA_SCHANNEL;
info.dwKeySpec = AT_KEYEXCHANGE;
if (!CertSetCertificateContextProperty(_certificate, CERT_KEY_PROV_INFO_PROP_ID, 0, reinterpret_cast<const void*>(&info)))
{
TlsSession_sspi::setError(GetLastError());
}
}
_dirty = false;
}
TlsSession* TlsContext_sspi::createSession()
{
if (_dirty)
{
importKeyAndCertificate();
}
return new TlsSession_sspi(this);
}
TlsSession_sspi::TlsSession_sspi(TlsContext_sspi* context)
{
_context = context;
ZeroMemory(&_credentialsHandle, sizeof(_credentialsHandle));
ZeroMemory(&_securityContext, sizeof(_securityContext));
ZeroMemory(&_sizes, sizeof(_sizes));
}
TlsSession_sspi::~TlsSession_sspi()
{
getSecurityLibrary()->FreeCredentialsHandle(&_credentialsHandle);
getSecurityLibrary()->DeleteSecurityContext(&_securityContext);
}
void TlsSession_sspi::startAccept()
{
_direction = k_direction_accept;
_initial = true;
SCHANNEL_CRED credentials;
ZeroMemory(&credentials, sizeof(credentials));
credentials.dwVersion = SCHANNEL_CRED_VERSION;
credentials.cCreds = 1;
credentials.paCred = &_context->getCertificate();
_lastError = getSecurityLibrary()->AcquireCredentialsHandleA(0, UNISP_NAME_A, SECPKG_CRED_INBOUND, 0, &credentials, 0, 0, &_credentialsHandle, 0);
if (_lastError == S_OK)
{
handshakeInternal(true);
}
}
void TlsSession_sspi::startConnect()
{
_direction = k_direction_connect;
_initial = true;
SCHANNEL_CRED credentials;
ZeroMemory(&credentials, sizeof(credentials));
credentials.dwVersion = SCHANNEL_CRED_VERSION;
credentials.dwFlags = SCH_CRED_NO_DEFAULT_CREDS;
_lastError = getSecurityLibrary()->AcquireCredentialsHandleA(0, UNISP_NAME_A, SECPKG_CRED_OUTBOUND, 0, &credentials, 0, 0, &_credentialsHandle, 0);
if (_lastError == S_OK)
{
handshakeInternal(true);
}
}
int TlsSession_sspi::getPeerCertificate(char* buffer, size_t size)
{
int result = -1;
PCCERT_CONTEXT certificate;
HRESULT status = getSecurityLibrary()->QueryContextAttributesA(&_securityContext, SECPKG_ATTR_REMOTE_CERT_CONTEXT, &certificate);
if (FAILED(status))
{
_lastError = status;
}
else
{
DWORD bufferSize = size;
if (CryptBinaryToString(certificate->pbCertEncoded, certificate->cbCertEncoded, CRYPT_STRING_BASE64HEADER, buffer, &bufferSize))
{
return bufferSize;
}
}
return result;
}
void TlsSession_sspi::shutdown()
{
DWORD type = SCHANNEL_SHUTDOWN;
SecBufferDesc bufferDesc;
SecBuffer buffers[1];
buffers[0].pvBuffer = &type;
buffers[0].BufferType = SECBUFFER_TOKEN;
buffers[0].cbBuffer = sizeof(type);
bufferDesc.cBuffers = 1;
bufferDesc.pBuffers = buffers;
bufferDesc.ulVersion = SECBUFFER_TOKEN;
SECURITY_STATUS status = getSecurityLibrary()->ApplyControlToken(&_securityContext, &bufferDesc);
if (!FAILED(status))
{
buffers[0].pvBuffer = 0;
buffers[0].BufferType = SECBUFFER_TOKEN;
buffers[0].cbBuffer = 0;
bufferDesc.cBuffers = 1;
bufferDesc.pBuffers = buffers;
bufferDesc.ulVersion = SECBUFFER_VERSION;
DWORD outFlags = 0;
status = getSecurityLibrary()->InitializeSecurityContextA(
&_credentialsHandle,
&_securityContext,
0,
ISC_REQ_SEQUENCE_DETECT | ISC_REQ_REPLAY_DETECT | ISC_REQ_CONFIDENTIALITY | ISC_RET_EXTENDED_ERROR | ISC_REQ_ALLOCATE_MEMORY | ISC_REQ_STREAM,
0,
0,
0,
0,
&_securityContext,
&bufferDesc,
&outFlags,
0);
if (!FAILED(status) && buffers[0].pvBuffer && buffers[0].cbBuffer)
{
const char* data = reinterpret_cast<const char*>(buffers[0].pvBuffer);
_outBuffer.insert(_outBuffer.end(), data, data + buffers[0].cbBuffer);
}
}
}
TlsSession::HandshakeResult TlsSession_sspi::handshake()
{
return handshakeInternal(_initial);
}
TlsSession::HandshakeResult TlsSession_sspi::handshakeInternal(bool initial)
{
SecBufferDesc outBuffer;
SecBuffer outBuffers[1];
SecBufferDesc inBuffer;
SecBuffer inBuffers[2];
DWORD outFlags = 0;
outBuffers[0].pvBuffer = 0;
outBuffers[0].BufferType = SECBUFFER_TOKEN;
outBuffers[0].cbBuffer = 0;
outBuffer.cBuffers = 1;
outBuffer.pBuffers = outBuffers;
outBuffer.ulVersion = SECBUFFER_VERSION;
std::vector<char> buffer(_inBuffer);
inBuffers[0].pvBuffer = buffer.data();
inBuffers[0].cbBuffer = buffer.size();
inBuffers[0].BufferType = SECBUFFER_TOKEN;
inBuffers[1].pvBuffer = 0;
inBuffers[1].cbBuffer = 0;
inBuffers[1].BufferType = SECBUFFER_EMPTY;
inBuffer.cBuffers = 2;
inBuffer.pBuffers = inBuffers;
inBuffer.ulVersion = SECBUFFER_VERSION;
SECURITY_STATUS status = SEC_E_OK;
if (_direction == k_direction_connect)
{
status = getSecurityLibrary()->InitializeSecurityContextA(
&_credentialsHandle,
initial ? 0 : &_securityContext,
_hostname.size() ? const_cast<char*>(_hostname.c_str()) : 0,
ISC_REQ_SEQUENCE_DETECT | ISC_REQ_REPLAY_DETECT | ISC_REQ_CONFIDENTIALITY | ISC_RET_EXTENDED_ERROR | ISC_REQ_ALLOCATE_MEMORY | ISC_REQ_STREAM,
0,
0,
&inBuffer,
0,
&_securityContext,
&outBuffer,
&outFlags,
0);
}
else if (_direction = k_direction_accept)
{
status = getSecurityLibrary()->AcceptSecurityContext(
&_credentialsHandle,
initial ? 0 : &_securityContext,
&inBuffer,
ASC_REQ_SEQUENCE_DETECT | ASC_REQ_REPLAY_DETECT | ASC_REQ_CONFIDENTIALITY | ASC_REQ_EXTENDED_ERROR | ASC_REQ_ALLOCATE_MEMORY | ASC_REQ_STREAM,
0,
&_securityContext,
&outBuffer,
&outFlags,
0);
}
if (!FAILED(status))
{
_initial = false;
}
TlsSession::HandshakeResult result = TlsSession::kFailed;
size_t extra = 0;
for (int i = 0; i < inBuffer.cBuffers; ++i)
{
if (inBuffers[i].BufferType == SECBUFFER_EXTRA && inBuffers[i].cbBuffer)
{
extra += inBuffers[i].cbBuffer;
}
}
size_t missing = 0;
for (int i = 0; i < inBuffer.cBuffers; ++i)
{
if (inBuffers[i].BufferType == SECBUFFER_MISSING && inBuffers[i].cbBuffer)
{
missing += inBuffers[i].cbBuffer;
}
}
if (outBuffers[0].cbBuffer && outBuffers[0].pvBuffer)
{
const char* data = reinterpret_cast<const char*>(outBuffers[0].pvBuffer);
_outBuffer.insert(_outBuffer.end(), data, data + outBuffers[0].cbBuffer);
getSecurityLibrary()->FreeContextBuffer(outBuffers[0].pvBuffer);
}
if (status == SEC_E_OK)
{
result = TlsSession::kDone;
}
else if (status == SEC_E_INCOMPLETE_MESSAGE
|| status == SEC_I_CONTINUE_NEEDED)
{
result = TlsSession::kMore;
}
else if (FAILED(status))
{
result = TlsSession::kFailed;
}
_inBuffer.erase(_inBuffer.begin(), _inBuffer.end() - extra);
if (result == TlsSession::kDone)
{
status = getSecurityLibrary()->QueryContextAttributesA(&_securityContext, SECPKG_ATTR_STREAM_SIZES, &_sizes);
if (FAILED(status))
{
result = TlsSession::kFailed;
}
}
return result;
}
int TlsSession_sspi::readPlain(char* buffer, size_t bytes)
{
int result = TlsSession::kReadFailed;
if (bytes <= _decryptedBuffer.size())
{
std::memcpy(buffer, _decryptedBuffer.data(), bytes);
_decryptedBuffer.erase(_decryptedBuffer.begin(), _decryptedBuffer.begin() + bytes);
result = bytes;
}
else if (_inBuffer.size())
{
SecBufferDesc bufferDesc;
SecBuffer buffers[4];
std::vector<char> data(_inBuffer);
buffers[0].pvBuffer = data.data();
buffers[0].cbBuffer = data.size();
buffers[0].BufferType = SECBUFFER_DATA;
buffers[1].BufferType = SECBUFFER_EMPTY;
buffers[2].BufferType = SECBUFFER_EMPTY;
buffers[3].BufferType = SECBUFFER_EMPTY;
bufferDesc.ulVersion = SECBUFFER_VERSION;
bufferDesc.cBuffers = 4;
bufferDesc.pBuffers = buffers;
SECURITY_STATUS status = getSecurityLibrary()->DecryptMessage(&_securityContext, &bufferDesc, 0, 0);
if (status == SEC_I_CONTEXT_EXPIRED)
{
_inBuffer.clear();
result = TlsSession::kReadZero;
}
else if (status == SEC_E_INCOMPLETE_MESSAGE)
{
result = 0;
}
else if (status == SEC_E_OK)
{
result = 0;
size_t extra = 0;
for (int i = 0; i < bufferDesc.cBuffers; ++i)
{
if (buffers[i].BufferType == SECBUFFER_DATA)
{
const char* decrypted = reinterpret_cast<const char*>(buffers[i].pvBuffer);
_decryptedBuffer.insert(_decryptedBuffer.end(), decrypted, decrypted + buffers[i].cbBuffer);
}
else if (buffers[i].BufferType == SECBUFFER_EXTRA)
{
extra += buffers[i].cbBuffer;
}
}
_inBuffer.erase(_inBuffer.begin(), _inBuffer.end() - extra);
size_t actual = std::min(_decryptedBuffer.size(), bytes);
if (actual > 0)
{
std::memcpy(buffer, _decryptedBuffer.data(), actual);
_decryptedBuffer.erase(_decryptedBuffer.begin(), _decryptedBuffer.begin() + actual);
result = actual;
}
}
else
{
_inBuffer.clear();
result = TlsSession::kReadFailed;
}
}
else
{
size_t actual = std::min(_decryptedBuffer.size(), bytes);
if (actual > 0)
{
std::memcpy(buffer, _decryptedBuffer.data(), actual);
_decryptedBuffer.erase(_decryptedBuffer.begin(), _decryptedBuffer.begin() + actual);
result = actual;
}
else
{
result = 0;
}
}
return result;
}
int TlsSession_sspi::writePlain(const char* buffer, size_t bytes)
{
SecBufferDesc bufferDesc;
SecBuffer buffers[4];
std::vector<char> data(_sizes.cbHeader + _sizes.cbTrailer + bytes);
std::memcpy(data.data() + _sizes.cbHeader, buffer, bytes);
buffers[0].pvBuffer = data.data();
buffers[0].cbBuffer = _sizes.cbHeader;
buffers[0].BufferType = SECBUFFER_STREAM_HEADER;
buffers[1].pvBuffer = data.data() + _sizes.cbHeader;
buffers[1].cbBuffer = bytes;
buffers[1].BufferType = SECBUFFER_DATA;
buffers[2].pvBuffer = data.data() + _sizes.cbHeader + bytes;
buffers[2].cbBuffer = _sizes.cbTrailer;
buffers[2].BufferType = SECBUFFER_STREAM_TRAILER;
buffers[3].BufferType = SECBUFFER_EMPTY;
bufferDesc.ulVersion = SECBUFFER_VERSION;
bufferDesc.cBuffers = 4;
bufferDesc.pBuffers = buffers;
SECURITY_STATUS status = getSecurityLibrary()->EncryptMessage(&_securityContext, 0, &bufferDesc, 0);
for (int i = 0; i < bufferDesc.cBuffers; ++i)
{
if (buffers[i].BufferType != SECBUFFER_EMPTY && buffers[i].pvBuffer && buffers[i].cbBuffer)
{
const char* bufferData = reinterpret_cast<const char*>(buffers[i].pvBuffer);
_outBuffer.insert(_outBuffer.end(), bufferData, bufferData + buffers[i].cbBuffer);
}
}
return 0;
}
int TlsSession_sspi::readEncrypted(char* buffer, size_t bytes)
{
size_t size = std::min(bytes, _outBuffer.size());
if (size > 0)
{
std::memcpy(buffer, _outBuffer.data(), size);
_outBuffer.erase(_outBuffer.begin(), _outBuffer.begin() + size);
}
return size;
}
int TlsSession_sspi::writeEncrypted(const char* buffer, size_t bytes)
{
_inBuffer.insert(_inBuffer.end(), buffer, buffer + bytes);
return bytes;
}
void TlsSession_sspi::setError(HRESULT error)
{
_lastError = error;
}
bool TlsSession_sspi::getError(char* buffer, size_t bytes)
{
bool result = false;
if (_lastError != S_OK)
{
DWORD length = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, 0, _lastError, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPSTR)buffer, bytes, 0);
_lastError = S_OK;
if (length > 0)
{
result = true;
}
}
return result;
}
TlsContext* TlsContext::create()
{
return new TlsContext_sspi();
}
#else
TlsContext* TlsContext::create()
{
return 0;
}
#endif
tf_tls_context_t* tf_tls_context_create()
{
tf_tls_context_t* context = malloc(sizeof(tf_tls_context_t));
memset(context, 0, sizeof(*context));
#if defined(TF_TLS_OPENSSL)
SSL_library_init();
SSL_load_error_strings();
context->context = SSL_CTX_new(SSLv23_method());
SSL_CTX_set_default_verify_paths(context->context);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
return context;
}
bool tf_tls_context_set_certificate(tf_tls_context_t* context, const char* certificate)
{
#if defined(TF_TLS_OPENSSL)
int result = 0;
BIO* bio = BIO_new(BIO_s_mem());
BIO_puts(bio, certificate);
X509* x509 = PEM_read_bio_X509(bio, 0, 0, 0);
result = SSL_CTX_use_certificate(context->context, x509);
while (true)
{
x509 = PEM_read_bio_X509(bio, 0, 0, 0);
if (x509)
{
SSL_CTX_add_extra_chain_cert(context->context, x509);
}
else
{
break;
}
}
BIO_free(bio);
return result == 1;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
bool tf_tls_context_set_private_key(tf_tls_context_t* context, const char* private_key)
{
#if defined(TF_TLS_OPENSSL)
int result = 0;
BIO* bio = BIO_new(BIO_s_mem());
BIO_puts(bio, private_key);
EVP_PKEY* key = PEM_read_bio_PrivateKey(bio, 0, 0, 0);
result = SSL_CTX_use_PrivateKey(context->context, key);
BIO_free(bio);
return result == 1;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
bool tf_tls_context_add_trusted_certificate(tf_tls_context_t* context, const char* certificate)
{
#if defined(TF_TLS_OPENSSL)
bool result = false;
BIO* bio = BIO_new_mem_buf(certificate, -1);
X509* x509 = PEM_read_bio_X509(bio, 0, 0, 0);
BIO_free(bio);
if (x509)
{
X509_STORE* store = SSL_CTX_get_cert_store(context->context);
if (store && X509_STORE_add_cert(store, x509) == 1)
{
result = true;
}
X509_free(x509);
}
return result;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
tf_tls_session_t* tf_tls_context_create_session(tf_tls_context_t* context)
{
#if defined(TF_TLS_OPENSSL)
tf_tls_session_t* session = malloc(sizeof(tf_tls_session_t));
memset(session, 0, sizeof(*session));
session->context = context;
session->bio_in = BIO_new(BIO_s_mem());
session->bio_out = BIO_new(BIO_s_mem());
return session;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
void tf_tls_context_destroy(tf_tls_context_t* context)
{
#if defined(TF_TLS_OPENSSL)
SSL_CTX_free(context->context);
free(context);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
void tf_tls_session_destroy(tf_tls_session_t* session)
{
#if defined(TF_TLS_OPENSSL)
if (session->ssl)
{
SSL_free(session->ssl);
}
if (session->hostname)
{
free((void*)session->hostname);
}
free(session);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
void tf_tls_session_set_hostname(tf_tls_session_t* session, const char* hostname)
{
#if defined(TF_TLS_OPENSSL)
if (session->hostname)
{
free((void*)session->hostname);
session->hostname = NULL;
}
if (hostname)
{
session->hostname = strdup(hostname);
}
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
void tf_tls_session_start_accept(tf_tls_session_t* session)
{
#if defined(TF_TLS_OPENSSL)
session->direction = k_direction_accept;
session->ssl = SSL_new(session->context->context);
SSL_set_bio(session->ssl, session->bio_in, session->bio_out);
SSL_accept(session->ssl);
tf_tls_session_handshake(session);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
void tf_tls_session_start_connect(tf_tls_session_t* session)
{
#if defined(TF_TLS_OPENSSL)
session->direction = k_direction_connect;
session->ssl = SSL_new(session->context->context);
X509_VERIFY_PARAM* param = SSL_get0_param(session->ssl);
X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
X509_VERIFY_PARAM_set1_host(param, session->hostname, 0);
SSL_set_bio(session->ssl, session->bio_in, session->bio_out);
SSL_connect(session->ssl);
tf_tls_session_handshake(session);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
void tf_tls_session_shutdown(tf_tls_session_t* session)
{
#if defined(TF_TLS_OPENSSL)
SSL_shutdown(session->ssl);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
int tf_tls_session_get_peer_certificate(tf_tls_session_t* session, char* buffer, size_t bytes)
{
#if defined(TF_TLS_OPENSSL)
int result = -1;
X509* certificate = SSL_get_peer_certificate(session->ssl);
BIO* bio = BIO_new(BIO_s_mem());
PEM_write_bio_X509(bio, certificate);
BUF_MEM* mem;
BIO_get_mem_ptr(bio, &mem);
if (mem->length <= bytes)
{
memcpy(buffer, mem->data, mem->length);
result = mem->length;
}
BIO_free(bio);
return result;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
#if defined(TF_TLS_OPENSSL)
#if OPENSSL_VERSION_NUMBER < 0x10100000L
bool _tls_session_wildcard_match(const char* pattern, size_t pattern_length, const char* name)
{
const char* it = pattern;
while (it - pattern < pattern_length && *name)
{
if (*it == '*')
{
for (const char* p = name; *p; ++p)
{
if (_tls_session_wildcard_match(it + 1, pattern_length - 1, p))
{
return true;
}
}
return false;
}
else if (tolower(*it) == tolower(*name))
{
++it;
++name;
}
else
{
break;
}
}
return it - pattern <= pattern_length && *name == 0;
}
static bool _tls_session_verify_hostname(X509* certificate, const char* hostname)
{
bool verified = false;
void* names = X509_get_ext_d2i(certificate, NID_subject_alt_name, 0, 0);
if (names)
{
int count = sk_GENERAL_NAME_num(names);
for (int i = 0; i < count; ++i)
{
const GENERAL_NAME* check = sk_GENERAL_NAME_value(names, i);
if (!verified)
{
#if OPENSSL_VERSION_NUMBER <= 0x1000211fL
const unsigned char* name = ASN1_STRING_data(check->d.ia5);
#else
const char* name = ASN1_STRING_get0_data(check->d.ia5);
#endif
size_t length = ASN1_STRING_length(check->d.ia5);
if (_tls_session_wildcard_match((const char*)name, length, hostname))
{
verified = true;
}
}
}
sk_GENERAL_NAMES_free(names);
}
if (!verified)
{
int index = X509_NAME_get_index_by_NID(X509_get_subject_name(certificate), NID_commonName, -1);
if (index >= 0)
{
X509_NAME_ENTRY* entry = X509_NAME_get_entry(X509_get_subject_name(certificate), index);
if (entry)
{
ASN1_STRING* asn1 = X509_NAME_ENTRY_get_data(entry);
if (asn1)
{
#if OPENSSL_VERSION_NUMBER <= 0x1000211fL
const unsigned char* commonName = ASN1_STRING_data(asn1);
#else
const char* commonName = ASN1_STRING_get0_data(asn1);
#endif
if ((size_t)(ASN1_STRING_length(asn1)) == strlen((const char*)commonName))
{
verified = _tls_session_wildcard_match((const char*)commonName, ASN1_STRING_length(asn1), hostname);
}
}
}
}
}
return verified;
}
#endif
static bool _tls_session_verify_peer_certificate(tf_tls_session_t* session)
{
bool verified = false;
X509* certificate = SSL_get_peer_certificate(session->ssl);
if (certificate)
{
if (SSL_get_verify_result(session->ssl) == X509_V_OK)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (_tls_session_verify_hostname(certificate, session->hostname))
{
verified = true;
}
#else
verified = true;
#endif
}
X509_free(certificate);
}
return verified;
}
#endif
tf_tls_handshake_t tf_tls_session_handshake(tf_tls_session_t* session)
{
#if defined(TF_TLS_OPENSSL)
tf_tls_handshake_t result = k_tls_handshake_done;
if (!SSL_is_init_finished(session->ssl))
{
int value = SSL_do_handshake(session->ssl);
if (value <= 0)
{
int error = SSL_get_error(session->ssl, value);
if (error != SSL_ERROR_WANT_READ && error != SSL_ERROR_WANT_WRITE)
{
result = k_tls_handshake_failed;
}
else
{
result = k_tls_handshake_more;
}
}
}
if (result == k_tls_handshake_done && session->direction == k_direction_connect && !_tls_session_verify_peer_certificate(session))
{
result = k_tls_handshake_failed;
}
return result;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
int tf_tls_session_read_plain(tf_tls_session_t* session, char* buffer, size_t bytes)
{
#if defined(TF_TLS_OPENSSL)
int result = SSL_read(session->ssl, buffer, bytes);
if (result <= 0)
{
int error = SSL_get_error(session->ssl, result);
if (error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE)
{
result = 0;
}
else if (error == SSL_ERROR_ZERO_RETURN)
{
if ((SSL_get_shutdown(session->ssl) & SSL_RECEIVED_SHUTDOWN) != 0)
{
result = k_tls_read_zero;
}
else
{
result = 0;
}
}
else
{
result = k_tls_read_failed;
}
}
return result;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
int tf_tls_session_write_plain(tf_tls_session_t* session, const char* buffer, size_t bytes)
{
#if defined(TF_TLS_OPENSSL)
return SSL_write(session->ssl, buffer, bytes);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
int tf_tls_session_read_encrypted(tf_tls_session_t* session, char* buffer, size_t bytes)
{
#if defined(TF_TLS_OPENSSL)
return BIO_read(session->bio_out, buffer, bytes);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
int tf_tls_session_write_encrypted(tf_tls_session_t* session, const char* buffer, size_t bytes)
{
#if defined(TF_TLS_OPENSSL)
return BIO_write(session->bio_in, buffer, bytes);
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}
bool tf_tls_session_get_error(tf_tls_session_t* session, char* buffer, size_t bytes)
{
#if defined(TF_TLS_OPENSSL)
unsigned long error = ERR_get_error();
if (error != 0)
{
ERR_error_string_n(error, buffer, bytes);
}
return error != 0;
#elif defined(TF_TLS_APPLE)
#elif defined(TF_TLS_SCHANNEL)
#endif
}