2 * QEMU crypto TLS session support
4 * Copyright (c) 2015 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include "crypto/tlssession.h"
22 #include "crypto/tlscredsanon.h"
23 #include "crypto/tlscredsx509.h"
30 #include <gnutls/x509.h>
33 struct QCryptoTLSSession
{
34 QCryptoTLSCreds
*creds
;
35 gnutls_session_t handle
;
38 bool handshakeComplete
;
39 QCryptoTLSSessionWriteFunc writeFunc
;
40 QCryptoTLSSessionReadFunc readFunc
;
47 qcrypto_tls_session_free(QCryptoTLSSession
*session
)
53 gnutls_deinit(session
->handle
);
54 g_free(session
->hostname
);
55 g_free(session
->peername
);
56 g_free(session
->aclname
);
57 object_unref(OBJECT(session
->creds
));
63 qcrypto_tls_session_push(void *opaque
, const void *buf
, size_t len
)
65 QCryptoTLSSession
*session
= opaque
;
67 if (!session
->writeFunc
) {
72 return session
->writeFunc(buf
, len
, session
->opaque
);
77 qcrypto_tls_session_pull(void *opaque
, void *buf
, size_t len
)
79 QCryptoTLSSession
*session
= opaque
;
81 if (!session
->readFunc
) {
86 return session
->readFunc(buf
, len
, session
->opaque
);
91 qcrypto_tls_session_new(QCryptoTLSCreds
*creds
,
94 QCryptoTLSCredsEndpoint endpoint
,
97 QCryptoTLSSession
*session
;
100 session
= g_new0(QCryptoTLSSession
, 1);
101 trace_qcrypto_tls_session_new(
102 session
, creds
, hostname
? hostname
: "<none>",
103 aclname
? aclname
: "<none>", endpoint
);
106 session
->hostname
= g_strdup(hostname
);
109 session
->aclname
= g_strdup(aclname
);
111 session
->creds
= creds
;
112 object_ref(OBJECT(creds
));
114 if (creds
->endpoint
!= endpoint
) {
115 error_setg(errp
, "Credentials endpoint doesn't match session");
119 if (endpoint
== QCRYPTO_TLS_CREDS_ENDPOINT_SERVER
) {
120 ret
= gnutls_init(&session
->handle
, GNUTLS_SERVER
);
122 ret
= gnutls_init(&session
->handle
, GNUTLS_CLIENT
);
125 error_setg(errp
, "Cannot initialize TLS session: %s",
126 gnutls_strerror(ret
));
130 if (object_dynamic_cast(OBJECT(creds
),
131 TYPE_QCRYPTO_TLS_CREDS_ANON
)) {
132 QCryptoTLSCredsAnon
*acreds
= QCRYPTO_TLS_CREDS_ANON(creds
);
134 ret
= gnutls_priority_set_direct(session
->handle
,
135 "NORMAL:+ANON-DH", NULL
);
137 error_setg(errp
, "Unable to set TLS session priority: %s",
138 gnutls_strerror(ret
));
141 if (creds
->endpoint
== QCRYPTO_TLS_CREDS_ENDPOINT_SERVER
) {
142 ret
= gnutls_credentials_set(session
->handle
,
144 acreds
->data
.server
);
146 ret
= gnutls_credentials_set(session
->handle
,
148 acreds
->data
.client
);
151 error_setg(errp
, "Cannot set session credentials: %s",
152 gnutls_strerror(ret
));
155 } else if (object_dynamic_cast(OBJECT(creds
),
156 TYPE_QCRYPTO_TLS_CREDS_X509
)) {
157 QCryptoTLSCredsX509
*tcreds
= QCRYPTO_TLS_CREDS_X509(creds
);
159 ret
= gnutls_set_default_priority(session
->handle
);
161 error_setg(errp
, "Cannot set default TLS session priority: %s",
162 gnutls_strerror(ret
));
165 ret
= gnutls_credentials_set(session
->handle
,
166 GNUTLS_CRD_CERTIFICATE
,
169 error_setg(errp
, "Cannot set session credentials: %s",
170 gnutls_strerror(ret
));
174 if (creds
->endpoint
== QCRYPTO_TLS_CREDS_ENDPOINT_SERVER
) {
175 /* This requests, but does not enforce a client cert.
176 * The cert checking code later does enforcement */
177 gnutls_certificate_server_set_request(session
->handle
,
178 GNUTLS_CERT_REQUEST
);
181 error_setg(errp
, "Unsupported TLS credentials type %s",
182 object_get_typename(OBJECT(creds
)));
186 gnutls_transport_set_ptr(session
->handle
, session
);
187 gnutls_transport_set_push_function(session
->handle
,
188 qcrypto_tls_session_push
);
189 gnutls_transport_set_pull_function(session
->handle
,
190 qcrypto_tls_session_pull
);
195 qcrypto_tls_session_free(session
);
200 qcrypto_tls_session_check_certificate(QCryptoTLSSession
*session
,
205 const gnutls_datum_t
*certs
;
206 unsigned int nCerts
, i
;
208 gnutls_x509_crt_t cert
= NULL
;
211 if (now
== ((time_t)-1)) {
212 error_setg_errno(errp
, errno
, "Cannot get current time");
216 ret
= gnutls_certificate_verify_peers2(session
->handle
, &status
);
218 error_setg(errp
, "Verify failed: %s", gnutls_strerror(ret
));
223 const char *reason
= "Invalid certificate";
225 if (status
& GNUTLS_CERT_INVALID
) {
226 reason
= "The certificate is not trusted";
229 if (status
& GNUTLS_CERT_SIGNER_NOT_FOUND
) {
230 reason
= "The certificate hasn't got a known issuer";
233 if (status
& GNUTLS_CERT_REVOKED
) {
234 reason
= "The certificate has been revoked";
237 if (status
& GNUTLS_CERT_INSECURE_ALGORITHM
) {
238 reason
= "The certificate uses an insecure algorithm";
241 error_setg(errp
, "%s", reason
);
245 certs
= gnutls_certificate_get_peers(session
->handle
, &nCerts
);
247 error_setg(errp
, "No certificate peers");
251 for (i
= 0; i
< nCerts
; i
++) {
252 ret
= gnutls_x509_crt_init(&cert
);
254 error_setg(errp
, "Cannot initialize certificate: %s",
255 gnutls_strerror(ret
));
259 ret
= gnutls_x509_crt_import(cert
, &certs
[i
], GNUTLS_X509_FMT_DER
);
261 error_setg(errp
, "Cannot import certificate: %s",
262 gnutls_strerror(ret
));
266 if (gnutls_x509_crt_get_expiration_time(cert
) < now
) {
267 error_setg(errp
, "The certificate has expired");
271 if (gnutls_x509_crt_get_activation_time(cert
) > now
) {
272 error_setg(errp
, "The certificate is not yet activated");
276 if (gnutls_x509_crt_get_activation_time(cert
) > now
) {
277 error_setg(errp
, "The certificate is not yet activated");
282 size_t dnameSize
= 1024;
283 session
->peername
= g_malloc(dnameSize
);
285 ret
= gnutls_x509_crt_get_dn(cert
, session
->peername
, &dnameSize
);
287 if (ret
== GNUTLS_E_SHORT_MEMORY_BUFFER
) {
288 session
->peername
= g_realloc(session
->peername
,
292 error_setg(errp
, "Cannot get client distinguished name: %s",
293 gnutls_strerror(ret
));
296 if (session
->aclname
) {
297 qemu_acl
*acl
= qemu_acl_find(session
->aclname
);
300 error_setg(errp
, "Cannot find ACL %s",
305 allow
= qemu_acl_party_is_allowed(acl
, session
->peername
);
307 error_setg(errp
, "TLS x509 ACL check for %s is %s",
308 session
->peername
, allow
? "allowed" : "denied");
313 if (session
->hostname
) {
314 if (!gnutls_x509_crt_check_hostname(cert
, session
->hostname
)) {
316 "Certificate does not match the hostname %s",
323 gnutls_x509_crt_deinit(cert
);
329 gnutls_x509_crt_deinit(cert
);
335 qcrypto_tls_session_check_credentials(QCryptoTLSSession
*session
,
338 if (object_dynamic_cast(OBJECT(session
->creds
),
339 TYPE_QCRYPTO_TLS_CREDS_ANON
)) {
341 } else if (object_dynamic_cast(OBJECT(session
->creds
),
342 TYPE_QCRYPTO_TLS_CREDS_X509
)) {
343 if (session
->creds
->verifyPeer
) {
344 return qcrypto_tls_session_check_certificate(session
,
350 error_setg(errp
, "Unexpected credential type %s",
351 object_get_typename(OBJECT(session
->creds
)));
358 qcrypto_tls_session_set_callbacks(QCryptoTLSSession
*session
,
359 QCryptoTLSSessionWriteFunc writeFunc
,
360 QCryptoTLSSessionReadFunc readFunc
,
363 session
->writeFunc
= writeFunc
;
364 session
->readFunc
= readFunc
;
365 session
->opaque
= opaque
;
370 qcrypto_tls_session_write(QCryptoTLSSession
*session
,
374 ssize_t ret
= gnutls_record_send(session
->handle
, buf
, len
);
381 case GNUTLS_E_INTERRUPTED
:
396 qcrypto_tls_session_read(QCryptoTLSSession
*session
,
400 ssize_t ret
= gnutls_record_recv(session
->handle
, buf
, len
);
407 case GNUTLS_E_INTERRUPTED
:
422 qcrypto_tls_session_handshake(QCryptoTLSSession
*session
,
425 int ret
= gnutls_handshake(session
->handle
);
427 session
->handshakeComplete
= true;
429 if (ret
== GNUTLS_E_INTERRUPTED
||
430 ret
== GNUTLS_E_AGAIN
) {
433 error_setg(errp
, "TLS handshake failed: %s",
434 gnutls_strerror(ret
));
443 QCryptoTLSSessionHandshakeStatus
444 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession
*session
)
446 if (session
->handshakeComplete
) {
447 return QCRYPTO_TLS_HANDSHAKE_COMPLETE
;
448 } else if (gnutls_record_get_direction(session
->handle
) == 0) {
449 return QCRYPTO_TLS_HANDSHAKE_RECVING
;
451 return QCRYPTO_TLS_HANDSHAKE_SENDING
;
457 qcrypto_tls_session_get_key_size(QCryptoTLSSession
*session
,
460 gnutls_cipher_algorithm_t cipher
;
463 cipher
= gnutls_cipher_get(session
->handle
);
464 ssf
= gnutls_cipher_get_key_size(cipher
);
466 error_setg(errp
, "Cannot get TLS cipher key size");
474 qcrypto_tls_session_get_peer_name(QCryptoTLSSession
*session
)
476 if (session
->peername
) {
477 return g_strdup(session
->peername
);
483 #else /* ! CONFIG_GNUTLS */
487 qcrypto_tls_session_new(QCryptoTLSCreds
*creds G_GNUC_UNUSED
,
488 const char *hostname G_GNUC_UNUSED
,
489 const char *aclname G_GNUC_UNUSED
,
490 QCryptoTLSCredsEndpoint endpoint G_GNUC_UNUSED
,
493 error_setg(errp
, "TLS requires GNUTLS support");
499 qcrypto_tls_session_free(QCryptoTLSSession
*sess G_GNUC_UNUSED
)
505 qcrypto_tls_session_check_credentials(QCryptoTLSSession
*sess G_GNUC_UNUSED
,
508 error_setg(errp
, "TLS requires GNUTLS support");
514 qcrypto_tls_session_set_callbacks(
515 QCryptoTLSSession
*sess G_GNUC_UNUSED
,
516 QCryptoTLSSessionWriteFunc writeFunc G_GNUC_UNUSED
,
517 QCryptoTLSSessionReadFunc readFunc G_GNUC_UNUSED
,
518 void *opaque G_GNUC_UNUSED
)
524 qcrypto_tls_session_write(QCryptoTLSSession
*sess
,
534 qcrypto_tls_session_read(QCryptoTLSSession
*sess
,
544 qcrypto_tls_session_handshake(QCryptoTLSSession
*sess
,
547 error_setg(errp
, "TLS requires GNUTLS support");
552 QCryptoTLSSessionHandshakeStatus
553 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession
*sess
)
555 return QCRYPTO_TLS_HANDSHAKE_COMPLETE
;
560 qcrypto_tls_session_get_key_size(QCryptoTLSSession
*sess
,
563 error_setg(errp
, "TLS requires GNUTLS support");
569 qcrypto_tls_session_get_peer_name(QCryptoTLSSession
*sess
)