Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
[qemu.git] / crypto / tlssession.c
blob33203e8ca711d6944b6f60fe7ccef7ae43a49afb
1 /*
2 * QEMU crypto TLS session support
4 * Copyright (c) 2015 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include "qemu/osdep.h"
22 #include "crypto/tlssession.h"
23 #include "crypto/tlscredsanon.h"
24 #include "crypto/tlscredspsk.h"
25 #include "crypto/tlscredsx509.h"
26 #include "qapi/error.h"
27 #include "authz/base.h"
28 #include "trace.h"
30 #ifdef CONFIG_GNUTLS
33 #include <gnutls/x509.h>
36 struct QCryptoTLSSession {
37 QCryptoTLSCreds *creds;
38 gnutls_session_t handle;
39 char *hostname;
40 char *authzid;
41 bool handshakeComplete;
42 QCryptoTLSSessionWriteFunc writeFunc;
43 QCryptoTLSSessionReadFunc readFunc;
44 void *opaque;
45 char *peername;
49 void
50 qcrypto_tls_session_free(QCryptoTLSSession *session)
52 if (!session) {
53 return;
56 gnutls_deinit(session->handle);
57 g_free(session->hostname);
58 g_free(session->peername);
59 g_free(session->authzid);
60 object_unref(OBJECT(session->creds));
61 g_free(session);
65 static ssize_t
66 qcrypto_tls_session_push(void *opaque, const void *buf, size_t len)
68 QCryptoTLSSession *session = opaque;
70 if (!session->writeFunc) {
71 errno = EIO;
72 return -1;
75 return session->writeFunc(buf, len, session->opaque);
79 static ssize_t
80 qcrypto_tls_session_pull(void *opaque, void *buf, size_t len)
82 QCryptoTLSSession *session = opaque;
84 if (!session->readFunc) {
85 errno = EIO;
86 return -1;
89 return session->readFunc(buf, len, session->opaque);
92 #define TLS_PRIORITY_ADDITIONAL_ANON "+ANON-DH"
93 #define TLS_PRIORITY_ADDITIONAL_PSK "+ECDHE-PSK:+DHE-PSK:+PSK"
95 QCryptoTLSSession *
96 qcrypto_tls_session_new(QCryptoTLSCreds *creds,
97 const char *hostname,
98 const char *authzid,
99 QCryptoTLSCredsEndpoint endpoint,
100 Error **errp)
102 QCryptoTLSSession *session;
103 int ret;
105 session = g_new0(QCryptoTLSSession, 1);
106 trace_qcrypto_tls_session_new(
107 session, creds, hostname ? hostname : "<none>",
108 authzid ? authzid : "<none>", endpoint);
110 if (hostname) {
111 session->hostname = g_strdup(hostname);
113 if (authzid) {
114 session->authzid = g_strdup(authzid);
116 session->creds = creds;
117 object_ref(OBJECT(creds));
119 if (creds->endpoint != endpoint) {
120 error_setg(errp, "Credentials endpoint doesn't match session");
121 goto error;
124 if (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
125 ret = gnutls_init(&session->handle, GNUTLS_SERVER);
126 } else {
127 ret = gnutls_init(&session->handle, GNUTLS_CLIENT);
129 if (ret < 0) {
130 error_setg(errp, "Cannot initialize TLS session: %s",
131 gnutls_strerror(ret));
132 goto error;
135 if (object_dynamic_cast(OBJECT(creds),
136 TYPE_QCRYPTO_TLS_CREDS_ANON)) {
137 QCryptoTLSCredsAnon *acreds = QCRYPTO_TLS_CREDS_ANON(creds);
138 char *prio;
140 if (creds->priority != NULL) {
141 prio = g_strdup_printf("%s:%s",
142 creds->priority,
143 TLS_PRIORITY_ADDITIONAL_ANON);
144 } else {
145 prio = g_strdup(CONFIG_TLS_PRIORITY ":"
146 TLS_PRIORITY_ADDITIONAL_ANON);
149 ret = gnutls_priority_set_direct(session->handle, prio, NULL);
150 if (ret < 0) {
151 error_setg(errp, "Unable to set TLS session priority %s: %s",
152 prio, gnutls_strerror(ret));
153 g_free(prio);
154 goto error;
156 g_free(prio);
157 if (creds->endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
158 ret = gnutls_credentials_set(session->handle,
159 GNUTLS_CRD_ANON,
160 acreds->data.server);
161 } else {
162 ret = gnutls_credentials_set(session->handle,
163 GNUTLS_CRD_ANON,
164 acreds->data.client);
166 if (ret < 0) {
167 error_setg(errp, "Cannot set session credentials: %s",
168 gnutls_strerror(ret));
169 goto error;
171 } else if (object_dynamic_cast(OBJECT(creds),
172 TYPE_QCRYPTO_TLS_CREDS_PSK)) {
173 QCryptoTLSCredsPSK *pcreds = QCRYPTO_TLS_CREDS_PSK(creds);
174 char *prio;
176 if (creds->priority != NULL) {
177 prio = g_strdup_printf("%s:%s",
178 creds->priority,
179 TLS_PRIORITY_ADDITIONAL_PSK);
180 } else {
181 prio = g_strdup(CONFIG_TLS_PRIORITY ":"
182 TLS_PRIORITY_ADDITIONAL_PSK);
185 ret = gnutls_priority_set_direct(session->handle, prio, NULL);
186 if (ret < 0) {
187 error_setg(errp, "Unable to set TLS session priority %s: %s",
188 prio, gnutls_strerror(ret));
189 g_free(prio);
190 goto error;
192 g_free(prio);
193 if (creds->endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
194 ret = gnutls_credentials_set(session->handle,
195 GNUTLS_CRD_PSK,
196 pcreds->data.server);
197 } else {
198 ret = gnutls_credentials_set(session->handle,
199 GNUTLS_CRD_PSK,
200 pcreds->data.client);
202 if (ret < 0) {
203 error_setg(errp, "Cannot set session credentials: %s",
204 gnutls_strerror(ret));
205 goto error;
207 } else if (object_dynamic_cast(OBJECT(creds),
208 TYPE_QCRYPTO_TLS_CREDS_X509)) {
209 QCryptoTLSCredsX509 *tcreds = QCRYPTO_TLS_CREDS_X509(creds);
210 const char *prio = creds->priority;
211 if (!prio) {
212 prio = CONFIG_TLS_PRIORITY;
215 ret = gnutls_priority_set_direct(session->handle, prio, NULL);
216 if (ret < 0) {
217 error_setg(errp, "Cannot set default TLS session priority %s: %s",
218 prio, gnutls_strerror(ret));
219 goto error;
221 ret = gnutls_credentials_set(session->handle,
222 GNUTLS_CRD_CERTIFICATE,
223 tcreds->data);
224 if (ret < 0) {
225 error_setg(errp, "Cannot set session credentials: %s",
226 gnutls_strerror(ret));
227 goto error;
230 if (creds->endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
231 /* This requests, but does not enforce a client cert.
232 * The cert checking code later does enforcement */
233 gnutls_certificate_server_set_request(session->handle,
234 GNUTLS_CERT_REQUEST);
236 } else {
237 error_setg(errp, "Unsupported TLS credentials type %s",
238 object_get_typename(OBJECT(creds)));
239 goto error;
242 gnutls_transport_set_ptr(session->handle, session);
243 gnutls_transport_set_push_function(session->handle,
244 qcrypto_tls_session_push);
245 gnutls_transport_set_pull_function(session->handle,
246 qcrypto_tls_session_pull);
248 return session;
250 error:
251 qcrypto_tls_session_free(session);
252 return NULL;
255 static int
256 qcrypto_tls_session_check_certificate(QCryptoTLSSession *session,
257 Error **errp)
259 int ret;
260 unsigned int status;
261 const gnutls_datum_t *certs;
262 unsigned int nCerts, i;
263 time_t now;
264 gnutls_x509_crt_t cert = NULL;
265 Error *err = NULL;
267 now = time(NULL);
268 if (now == ((time_t)-1)) {
269 error_setg_errno(errp, errno, "Cannot get current time");
270 return -1;
273 ret = gnutls_certificate_verify_peers2(session->handle, &status);
274 if (ret < 0) {
275 error_setg(errp, "Verify failed: %s", gnutls_strerror(ret));
276 return -1;
279 if (status != 0) {
280 const char *reason = "Invalid certificate";
282 if (status & GNUTLS_CERT_INVALID) {
283 reason = "The certificate is not trusted";
286 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) {
287 reason = "The certificate hasn't got a known issuer";
290 if (status & GNUTLS_CERT_REVOKED) {
291 reason = "The certificate has been revoked";
294 if (status & GNUTLS_CERT_INSECURE_ALGORITHM) {
295 reason = "The certificate uses an insecure algorithm";
298 error_setg(errp, "%s", reason);
299 return -1;
302 certs = gnutls_certificate_get_peers(session->handle, &nCerts);
303 if (!certs) {
304 error_setg(errp, "No certificate peers");
305 return -1;
308 for (i = 0; i < nCerts; i++) {
309 ret = gnutls_x509_crt_init(&cert);
310 if (ret < 0) {
311 error_setg(errp, "Cannot initialize certificate: %s",
312 gnutls_strerror(ret));
313 return -1;
316 ret = gnutls_x509_crt_import(cert, &certs[i], GNUTLS_X509_FMT_DER);
317 if (ret < 0) {
318 error_setg(errp, "Cannot import certificate: %s",
319 gnutls_strerror(ret));
320 goto error;
323 if (gnutls_x509_crt_get_expiration_time(cert) < now) {
324 error_setg(errp, "The certificate has expired");
325 goto error;
328 if (gnutls_x509_crt_get_activation_time(cert) > now) {
329 error_setg(errp, "The certificate is not yet activated");
330 goto error;
333 if (gnutls_x509_crt_get_activation_time(cert) > now) {
334 error_setg(errp, "The certificate is not yet activated");
335 goto error;
338 if (i == 0) {
339 size_t dnameSize = 1024;
340 session->peername = g_malloc(dnameSize);
341 requery:
342 ret = gnutls_x509_crt_get_dn(cert, session->peername, &dnameSize);
343 if (ret < 0) {
344 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
345 session->peername = g_realloc(session->peername,
346 dnameSize);
347 goto requery;
349 error_setg(errp, "Cannot get client distinguished name: %s",
350 gnutls_strerror(ret));
351 goto error;
353 if (session->authzid) {
354 bool allow;
356 allow = qauthz_is_allowed_by_id(session->authzid,
357 session->peername, &err);
358 if (err) {
359 error_propagate(errp, err);
360 goto error;
362 if (!allow) {
363 error_setg(errp, "TLS x509 authz check for %s is denied",
364 session->peername);
365 goto error;
368 if (session->hostname) {
369 if (!gnutls_x509_crt_check_hostname(cert, session->hostname)) {
370 error_setg(errp,
371 "Certificate does not match the hostname %s",
372 session->hostname);
373 goto error;
378 gnutls_x509_crt_deinit(cert);
381 return 0;
383 error:
384 gnutls_x509_crt_deinit(cert);
385 return -1;
390 qcrypto_tls_session_check_credentials(QCryptoTLSSession *session,
391 Error **errp)
393 if (object_dynamic_cast(OBJECT(session->creds),
394 TYPE_QCRYPTO_TLS_CREDS_ANON)) {
395 trace_qcrypto_tls_session_check_creds(session, "nop");
396 return 0;
397 } else if (object_dynamic_cast(OBJECT(session->creds),
398 TYPE_QCRYPTO_TLS_CREDS_PSK)) {
399 trace_qcrypto_tls_session_check_creds(session, "nop");
400 return 0;
401 } else if (object_dynamic_cast(OBJECT(session->creds),
402 TYPE_QCRYPTO_TLS_CREDS_X509)) {
403 if (session->creds->verifyPeer) {
404 int ret = qcrypto_tls_session_check_certificate(session,
405 errp);
406 trace_qcrypto_tls_session_check_creds(session,
407 ret == 0 ? "pass" : "fail");
408 return ret;
409 } else {
410 trace_qcrypto_tls_session_check_creds(session, "skip");
411 return 0;
413 } else {
414 trace_qcrypto_tls_session_check_creds(session, "error");
415 error_setg(errp, "Unexpected credential type %s",
416 object_get_typename(OBJECT(session->creds)));
417 return -1;
422 void
423 qcrypto_tls_session_set_callbacks(QCryptoTLSSession *session,
424 QCryptoTLSSessionWriteFunc writeFunc,
425 QCryptoTLSSessionReadFunc readFunc,
426 void *opaque)
428 session->writeFunc = writeFunc;
429 session->readFunc = readFunc;
430 session->opaque = opaque;
434 ssize_t
435 qcrypto_tls_session_write(QCryptoTLSSession *session,
436 const char *buf,
437 size_t len)
439 ssize_t ret = gnutls_record_send(session->handle, buf, len);
441 if (ret < 0) {
442 switch (ret) {
443 case GNUTLS_E_AGAIN:
444 errno = EAGAIN;
445 break;
446 case GNUTLS_E_INTERRUPTED:
447 errno = EINTR;
448 break;
449 default:
450 errno = EIO;
451 break;
453 ret = -1;
456 return ret;
460 ssize_t
461 qcrypto_tls_session_read(QCryptoTLSSession *session,
462 char *buf,
463 size_t len)
465 ssize_t ret = gnutls_record_recv(session->handle, buf, len);
467 if (ret < 0) {
468 switch (ret) {
469 case GNUTLS_E_AGAIN:
470 errno = EAGAIN;
471 break;
472 case GNUTLS_E_INTERRUPTED:
473 errno = EINTR;
474 break;
475 case GNUTLS_E_PREMATURE_TERMINATION:
476 errno = ECONNABORTED;
477 break;
478 default:
479 errno = EIO;
480 break;
482 ret = -1;
485 return ret;
490 qcrypto_tls_session_handshake(QCryptoTLSSession *session,
491 Error **errp)
493 int ret = gnutls_handshake(session->handle);
494 if (ret == 0) {
495 session->handshakeComplete = true;
496 } else {
497 if (ret == GNUTLS_E_INTERRUPTED ||
498 ret == GNUTLS_E_AGAIN) {
499 ret = 1;
500 } else {
501 error_setg(errp, "TLS handshake failed: %s",
502 gnutls_strerror(ret));
503 ret = -1;
507 return ret;
511 QCryptoTLSSessionHandshakeStatus
512 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *session)
514 if (session->handshakeComplete) {
515 return QCRYPTO_TLS_HANDSHAKE_COMPLETE;
516 } else if (gnutls_record_get_direction(session->handle) == 0) {
517 return QCRYPTO_TLS_HANDSHAKE_RECVING;
518 } else {
519 return QCRYPTO_TLS_HANDSHAKE_SENDING;
525 qcrypto_tls_session_get_key_size(QCryptoTLSSession *session,
526 Error **errp)
528 gnutls_cipher_algorithm_t cipher;
529 int ssf;
531 cipher = gnutls_cipher_get(session->handle);
532 ssf = gnutls_cipher_get_key_size(cipher);
533 if (!ssf) {
534 error_setg(errp, "Cannot get TLS cipher key size");
535 return -1;
537 return ssf;
541 char *
542 qcrypto_tls_session_get_peer_name(QCryptoTLSSession *session)
544 if (session->peername) {
545 return g_strdup(session->peername);
547 return NULL;
551 #else /* ! CONFIG_GNUTLS */
554 QCryptoTLSSession *
555 qcrypto_tls_session_new(QCryptoTLSCreds *creds G_GNUC_UNUSED,
556 const char *hostname G_GNUC_UNUSED,
557 const char *authzid G_GNUC_UNUSED,
558 QCryptoTLSCredsEndpoint endpoint G_GNUC_UNUSED,
559 Error **errp)
561 error_setg(errp, "TLS requires GNUTLS support");
562 return NULL;
566 void
567 qcrypto_tls_session_free(QCryptoTLSSession *sess G_GNUC_UNUSED)
573 qcrypto_tls_session_check_credentials(QCryptoTLSSession *sess G_GNUC_UNUSED,
574 Error **errp)
576 error_setg(errp, "TLS requires GNUTLS support");
577 return -1;
581 void
582 qcrypto_tls_session_set_callbacks(
583 QCryptoTLSSession *sess G_GNUC_UNUSED,
584 QCryptoTLSSessionWriteFunc writeFunc G_GNUC_UNUSED,
585 QCryptoTLSSessionReadFunc readFunc G_GNUC_UNUSED,
586 void *opaque G_GNUC_UNUSED)
591 ssize_t
592 qcrypto_tls_session_write(QCryptoTLSSession *sess,
593 const char *buf,
594 size_t len)
596 errno = -EIO;
597 return -1;
601 ssize_t
602 qcrypto_tls_session_read(QCryptoTLSSession *sess,
603 char *buf,
604 size_t len)
606 errno = -EIO;
607 return -1;
612 qcrypto_tls_session_handshake(QCryptoTLSSession *sess,
613 Error **errp)
615 error_setg(errp, "TLS requires GNUTLS support");
616 return -1;
620 QCryptoTLSSessionHandshakeStatus
621 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *sess)
623 return QCRYPTO_TLS_HANDSHAKE_COMPLETE;
628 qcrypto_tls_session_get_key_size(QCryptoTLSSession *sess,
629 Error **errp)
631 error_setg(errp, "TLS requires GNUTLS support");
632 return -1;
636 char *
637 qcrypto_tls_session_get_peer_name(QCryptoTLSSession *sess)
639 return NULL;
642 #endif