2 * QEMU crypto TLS session support
4 * Copyright (c) 2015 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include "qemu/osdep.h"
22 #include "crypto/tlssession.h"
23 #include "crypto/tlscredsanon.h"
24 #include "crypto/tlscredspsk.h"
25 #include "crypto/tlscredsx509.h"
26 #include "qapi/error.h"
27 #include "authz/base.h"
28 #include "tlscredspriv.h"
34 #include <gnutls/x509.h>
37 struct QCryptoTLSSession
{
38 QCryptoTLSCreds
*creds
;
39 gnutls_session_t handle
;
42 bool handshakeComplete
;
43 QCryptoTLSSessionWriteFunc writeFunc
;
44 QCryptoTLSSessionReadFunc readFunc
;
51 qcrypto_tls_session_free(QCryptoTLSSession
*session
)
57 gnutls_deinit(session
->handle
);
58 g_free(session
->hostname
);
59 g_free(session
->peername
);
60 g_free(session
->authzid
);
61 object_unref(OBJECT(session
->creds
));
67 qcrypto_tls_session_push(void *opaque
, const void *buf
, size_t len
)
69 QCryptoTLSSession
*session
= opaque
;
71 if (!session
->writeFunc
) {
76 return session
->writeFunc(buf
, len
, session
->opaque
);
81 qcrypto_tls_session_pull(void *opaque
, void *buf
, size_t len
)
83 QCryptoTLSSession
*session
= opaque
;
85 if (!session
->readFunc
) {
90 return session
->readFunc(buf
, len
, session
->opaque
);
93 #define TLS_PRIORITY_ADDITIONAL_ANON "+ANON-DH"
94 #define TLS_PRIORITY_ADDITIONAL_PSK "+ECDHE-PSK:+DHE-PSK:+PSK"
97 qcrypto_tls_session_new(QCryptoTLSCreds
*creds
,
100 QCryptoTLSCredsEndpoint endpoint
,
103 QCryptoTLSSession
*session
;
106 session
= g_new0(QCryptoTLSSession
, 1);
107 trace_qcrypto_tls_session_new(
108 session
, creds
, hostname
? hostname
: "<none>",
109 authzid
? authzid
: "<none>", endpoint
);
112 session
->hostname
= g_strdup(hostname
);
115 session
->authzid
= g_strdup(authzid
);
117 session
->creds
= creds
;
118 object_ref(OBJECT(creds
));
120 if (creds
->endpoint
!= endpoint
) {
121 error_setg(errp
, "Credentials endpoint doesn't match session");
125 if (endpoint
== QCRYPTO_TLS_CREDS_ENDPOINT_SERVER
) {
126 ret
= gnutls_init(&session
->handle
, GNUTLS_SERVER
);
128 ret
= gnutls_init(&session
->handle
, GNUTLS_CLIENT
);
131 error_setg(errp
, "Cannot initialize TLS session: %s",
132 gnutls_strerror(ret
));
136 if (object_dynamic_cast(OBJECT(creds
),
137 TYPE_QCRYPTO_TLS_CREDS_ANON
)) {
138 QCryptoTLSCredsAnon
*acreds
= QCRYPTO_TLS_CREDS_ANON(creds
);
141 if (creds
->priority
!= NULL
) {
142 prio
= g_strdup_printf("%s:%s",
144 TLS_PRIORITY_ADDITIONAL_ANON
);
146 prio
= g_strdup(CONFIG_TLS_PRIORITY
":"
147 TLS_PRIORITY_ADDITIONAL_ANON
);
150 ret
= gnutls_priority_set_direct(session
->handle
, prio
, NULL
);
152 error_setg(errp
, "Unable to set TLS session priority %s: %s",
153 prio
, gnutls_strerror(ret
));
158 if (creds
->endpoint
== QCRYPTO_TLS_CREDS_ENDPOINT_SERVER
) {
159 ret
= gnutls_credentials_set(session
->handle
,
161 acreds
->data
.server
);
163 ret
= gnutls_credentials_set(session
->handle
,
165 acreds
->data
.client
);
168 error_setg(errp
, "Cannot set session credentials: %s",
169 gnutls_strerror(ret
));
172 } else if (object_dynamic_cast(OBJECT(creds
),
173 TYPE_QCRYPTO_TLS_CREDS_PSK
)) {
174 QCryptoTLSCredsPSK
*pcreds
= QCRYPTO_TLS_CREDS_PSK(creds
);
177 if (creds
->priority
!= NULL
) {
178 prio
= g_strdup_printf("%s:%s",
180 TLS_PRIORITY_ADDITIONAL_PSK
);
182 prio
= g_strdup(CONFIG_TLS_PRIORITY
":"
183 TLS_PRIORITY_ADDITIONAL_PSK
);
186 ret
= gnutls_priority_set_direct(session
->handle
, prio
, NULL
);
188 error_setg(errp
, "Unable to set TLS session priority %s: %s",
189 prio
, gnutls_strerror(ret
));
194 if (creds
->endpoint
== QCRYPTO_TLS_CREDS_ENDPOINT_SERVER
) {
195 ret
= gnutls_credentials_set(session
->handle
,
197 pcreds
->data
.server
);
199 ret
= gnutls_credentials_set(session
->handle
,
201 pcreds
->data
.client
);
204 error_setg(errp
, "Cannot set session credentials: %s",
205 gnutls_strerror(ret
));
208 } else if (object_dynamic_cast(OBJECT(creds
),
209 TYPE_QCRYPTO_TLS_CREDS_X509
)) {
210 QCryptoTLSCredsX509
*tcreds
= QCRYPTO_TLS_CREDS_X509(creds
);
211 const char *prio
= creds
->priority
;
213 prio
= CONFIG_TLS_PRIORITY
;
216 ret
= gnutls_priority_set_direct(session
->handle
, prio
, NULL
);
218 error_setg(errp
, "Cannot set default TLS session priority %s: %s",
219 prio
, gnutls_strerror(ret
));
222 ret
= gnutls_credentials_set(session
->handle
,
223 GNUTLS_CRD_CERTIFICATE
,
226 error_setg(errp
, "Cannot set session credentials: %s",
227 gnutls_strerror(ret
));
231 if (creds
->endpoint
== QCRYPTO_TLS_CREDS_ENDPOINT_SERVER
) {
232 /* This requests, but does not enforce a client cert.
233 * The cert checking code later does enforcement */
234 gnutls_certificate_server_set_request(session
->handle
,
235 GNUTLS_CERT_REQUEST
);
238 error_setg(errp
, "Unsupported TLS credentials type %s",
239 object_get_typename(OBJECT(creds
)));
243 gnutls_transport_set_ptr(session
->handle
, session
);
244 gnutls_transport_set_push_function(session
->handle
,
245 qcrypto_tls_session_push
);
246 gnutls_transport_set_pull_function(session
->handle
,
247 qcrypto_tls_session_pull
);
252 qcrypto_tls_session_free(session
);
257 qcrypto_tls_session_check_certificate(QCryptoTLSSession
*session
,
262 const gnutls_datum_t
*certs
;
263 unsigned int nCerts
, i
;
265 gnutls_x509_crt_t cert
= NULL
;
269 if (now
== ((time_t)-1)) {
270 error_setg_errno(errp
, errno
, "Cannot get current time");
274 ret
= gnutls_certificate_verify_peers2(session
->handle
, &status
);
276 error_setg(errp
, "Verify failed: %s", gnutls_strerror(ret
));
281 const char *reason
= "Invalid certificate";
283 if (status
& GNUTLS_CERT_INVALID
) {
284 reason
= "The certificate is not trusted";
287 if (status
& GNUTLS_CERT_SIGNER_NOT_FOUND
) {
288 reason
= "The certificate hasn't got a known issuer";
291 if (status
& GNUTLS_CERT_REVOKED
) {
292 reason
= "The certificate has been revoked";
295 if (status
& GNUTLS_CERT_INSECURE_ALGORITHM
) {
296 reason
= "The certificate uses an insecure algorithm";
299 error_setg(errp
, "%s", reason
);
303 certs
= gnutls_certificate_get_peers(session
->handle
, &nCerts
);
305 error_setg(errp
, "No certificate peers");
309 for (i
= 0; i
< nCerts
; i
++) {
310 ret
= gnutls_x509_crt_init(&cert
);
312 error_setg(errp
, "Cannot initialize certificate: %s",
313 gnutls_strerror(ret
));
317 ret
= gnutls_x509_crt_import(cert
, &certs
[i
], GNUTLS_X509_FMT_DER
);
319 error_setg(errp
, "Cannot import certificate: %s",
320 gnutls_strerror(ret
));
324 if (gnutls_x509_crt_get_expiration_time(cert
) < now
) {
325 error_setg(errp
, "The certificate has expired");
329 if (gnutls_x509_crt_get_activation_time(cert
) > now
) {
330 error_setg(errp
, "The certificate is not yet activated");
334 if (gnutls_x509_crt_get_activation_time(cert
) > now
) {
335 error_setg(errp
, "The certificate is not yet activated");
340 size_t dnameSize
= 1024;
341 session
->peername
= g_malloc(dnameSize
);
343 ret
= gnutls_x509_crt_get_dn(cert
, session
->peername
, &dnameSize
);
345 if (ret
== GNUTLS_E_SHORT_MEMORY_BUFFER
) {
346 session
->peername
= g_realloc(session
->peername
,
350 error_setg(errp
, "Cannot get client distinguished name: %s",
351 gnutls_strerror(ret
));
354 if (session
->authzid
) {
357 allow
= qauthz_is_allowed_by_id(session
->authzid
,
358 session
->peername
, &err
);
360 error_propagate(errp
, err
);
364 error_setg(errp
, "TLS x509 authz check for %s is denied",
369 if (session
->hostname
) {
370 if (!gnutls_x509_crt_check_hostname(cert
, session
->hostname
)) {
372 "Certificate does not match the hostname %s",
377 if (session
->creds
->endpoint
==
378 QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT
) {
379 error_setg(errp
, "No hostname for certificate validation");
385 gnutls_x509_crt_deinit(cert
);
391 gnutls_x509_crt_deinit(cert
);
397 qcrypto_tls_session_check_credentials(QCryptoTLSSession
*session
,
400 if (object_dynamic_cast(OBJECT(session
->creds
),
401 TYPE_QCRYPTO_TLS_CREDS_ANON
)) {
402 trace_qcrypto_tls_session_check_creds(session
, "nop");
404 } else if (object_dynamic_cast(OBJECT(session
->creds
),
405 TYPE_QCRYPTO_TLS_CREDS_PSK
)) {
406 trace_qcrypto_tls_session_check_creds(session
, "nop");
408 } else if (object_dynamic_cast(OBJECT(session
->creds
),
409 TYPE_QCRYPTO_TLS_CREDS_X509
)) {
410 if (session
->creds
->verifyPeer
) {
411 int ret
= qcrypto_tls_session_check_certificate(session
,
413 trace_qcrypto_tls_session_check_creds(session
,
414 ret
== 0 ? "pass" : "fail");
417 trace_qcrypto_tls_session_check_creds(session
, "skip");
421 trace_qcrypto_tls_session_check_creds(session
, "error");
422 error_setg(errp
, "Unexpected credential type %s",
423 object_get_typename(OBJECT(session
->creds
)));
430 qcrypto_tls_session_set_callbacks(QCryptoTLSSession
*session
,
431 QCryptoTLSSessionWriteFunc writeFunc
,
432 QCryptoTLSSessionReadFunc readFunc
,
435 session
->writeFunc
= writeFunc
;
436 session
->readFunc
= readFunc
;
437 session
->opaque
= opaque
;
442 qcrypto_tls_session_write(QCryptoTLSSession
*session
,
446 ssize_t ret
= gnutls_record_send(session
->handle
, buf
, len
);
453 case GNUTLS_E_INTERRUPTED
:
468 qcrypto_tls_session_read(QCryptoTLSSession
*session
,
472 ssize_t ret
= gnutls_record_recv(session
->handle
, buf
, len
);
479 case GNUTLS_E_INTERRUPTED
:
482 case GNUTLS_E_PREMATURE_TERMINATION
:
483 errno
= ECONNABORTED
;
497 qcrypto_tls_session_handshake(QCryptoTLSSession
*session
,
500 int ret
= gnutls_handshake(session
->handle
);
502 session
->handshakeComplete
= true;
504 if (ret
== GNUTLS_E_INTERRUPTED
||
505 ret
== GNUTLS_E_AGAIN
) {
508 error_setg(errp
, "TLS handshake failed: %s",
509 gnutls_strerror(ret
));
518 QCryptoTLSSessionHandshakeStatus
519 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession
*session
)
521 if (session
->handshakeComplete
) {
522 return QCRYPTO_TLS_HANDSHAKE_COMPLETE
;
523 } else if (gnutls_record_get_direction(session
->handle
) == 0) {
524 return QCRYPTO_TLS_HANDSHAKE_RECVING
;
526 return QCRYPTO_TLS_HANDSHAKE_SENDING
;
532 qcrypto_tls_session_get_key_size(QCryptoTLSSession
*session
,
535 gnutls_cipher_algorithm_t cipher
;
538 cipher
= gnutls_cipher_get(session
->handle
);
539 ssf
= gnutls_cipher_get_key_size(cipher
);
541 error_setg(errp
, "Cannot get TLS cipher key size");
549 qcrypto_tls_session_get_peer_name(QCryptoTLSSession
*session
)
551 if (session
->peername
) {
552 return g_strdup(session
->peername
);
558 #else /* ! CONFIG_GNUTLS */
562 qcrypto_tls_session_new(QCryptoTLSCreds
*creds G_GNUC_UNUSED
,
563 const char *hostname G_GNUC_UNUSED
,
564 const char *authzid G_GNUC_UNUSED
,
565 QCryptoTLSCredsEndpoint endpoint G_GNUC_UNUSED
,
568 error_setg(errp
, "TLS requires GNUTLS support");
574 qcrypto_tls_session_free(QCryptoTLSSession
*sess G_GNUC_UNUSED
)
580 qcrypto_tls_session_check_credentials(QCryptoTLSSession
*sess G_GNUC_UNUSED
,
583 error_setg(errp
, "TLS requires GNUTLS support");
589 qcrypto_tls_session_set_callbacks(
590 QCryptoTLSSession
*sess G_GNUC_UNUSED
,
591 QCryptoTLSSessionWriteFunc writeFunc G_GNUC_UNUSED
,
592 QCryptoTLSSessionReadFunc readFunc G_GNUC_UNUSED
,
593 void *opaque G_GNUC_UNUSED
)
599 qcrypto_tls_session_write(QCryptoTLSSession
*sess
,
609 qcrypto_tls_session_read(QCryptoTLSSession
*sess
,
619 qcrypto_tls_session_handshake(QCryptoTLSSession
*sess
,
622 error_setg(errp
, "TLS requires GNUTLS support");
627 QCryptoTLSSessionHandshakeStatus
628 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession
*sess
)
630 return QCRYPTO_TLS_HANDSHAKE_COMPLETE
;
635 qcrypto_tls_session_get_key_size(QCryptoTLSSession
*sess
,
638 error_setg(errp
, "TLS requires GNUTLS support");
644 qcrypto_tls_session_get_peer_name(QCryptoTLSSession
*sess
)