2 * GnuTLS-based implementation of the schannel (SSL/TLS) provider.
4 * Copyright 2005 Juan Lang
5 * Copyright 2008 Henri Verbeet
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
23 #include "wine/port.h"
27 #ifdef SONAME_LIBGNUTLS
28 #include <gnutls/gnutls.h>
29 #include <gnutls/crypto.h>
36 #include "secur32_priv.h"
37 #include "wine/debug.h"
38 #include "wine/library.h"
40 #if defined(SONAME_LIBGNUTLS) && !defined(HAVE_SECURITY_SECURITY_H)
42 WINE_DEFAULT_DEBUG_CHANNEL(secur32
);
43 WINE_DECLARE_DEBUG_CHANNEL(winediag
);
45 /* Not present in gnutls version < 2.9.10. */
46 static int (*pgnutls_cipher_get_block_size
)(gnutls_cipher_algorithm_t algorithm
);
48 static void *libgnutls_handle
;
49 #define MAKE_FUNCPTR(f) static typeof(f) * p##f
50 MAKE_FUNCPTR(gnutls_alert_get
);
51 MAKE_FUNCPTR(gnutls_alert_get_name
);
52 MAKE_FUNCPTR(gnutls_certificate_allocate_credentials
);
53 MAKE_FUNCPTR(gnutls_certificate_free_credentials
);
54 MAKE_FUNCPTR(gnutls_certificate_get_peers
);
55 MAKE_FUNCPTR(gnutls_cipher_get
);
56 MAKE_FUNCPTR(gnutls_cipher_get_key_size
);
57 MAKE_FUNCPTR(gnutls_credentials_set
);
58 MAKE_FUNCPTR(gnutls_deinit
);
59 MAKE_FUNCPTR(gnutls_global_deinit
);
60 MAKE_FUNCPTR(gnutls_global_init
);
61 MAKE_FUNCPTR(gnutls_global_set_log_function
);
62 MAKE_FUNCPTR(gnutls_global_set_log_level
);
63 MAKE_FUNCPTR(gnutls_handshake
);
64 MAKE_FUNCPTR(gnutls_init
);
65 MAKE_FUNCPTR(gnutls_kx_get
);
66 MAKE_FUNCPTR(gnutls_mac_get
);
67 MAKE_FUNCPTR(gnutls_mac_get_key_size
);
68 MAKE_FUNCPTR(gnutls_perror
);
69 MAKE_FUNCPTR(gnutls_protocol_get_version
);
70 MAKE_FUNCPTR(gnutls_priority_set_direct
);
71 MAKE_FUNCPTR(gnutls_record_get_max_size
);
72 MAKE_FUNCPTR(gnutls_record_recv
);
73 MAKE_FUNCPTR(gnutls_record_send
);
74 MAKE_FUNCPTR(gnutls_server_name_set
);
75 MAKE_FUNCPTR(gnutls_transport_get_ptr
);
76 MAKE_FUNCPTR(gnutls_transport_set_errno
);
77 MAKE_FUNCPTR(gnutls_transport_set_ptr
);
78 MAKE_FUNCPTR(gnutls_transport_set_pull_function
);
79 MAKE_FUNCPTR(gnutls_transport_set_push_function
);
82 #if GNUTLS_VERSION_MAJOR < 3
83 #define GNUTLS_CIPHER_AES_192_CBC 92
84 #define GNUTLS_CIPHER_AES_128_GCM 93
85 #define GNUTLS_CIPHER_AES_256_GCM 94
87 #define GNUTLS_MAC_AEAD 200
89 #define GNUTLS_KX_ANON_ECDH 11
90 #define GNUTLS_KX_ECDHE_RSA 12
91 #define GNUTLS_KX_ECDHE_ECDSA 13
92 #define GNUTLS_KX_ECDHE_PSK 14
95 static int compat_cipher_get_block_size(gnutls_cipher_algorithm_t cipher
)
98 case GNUTLS_CIPHER_3DES_CBC
:
100 case GNUTLS_CIPHER_AES_128_CBC
:
101 case GNUTLS_CIPHER_AES_256_CBC
:
103 case GNUTLS_CIPHER_ARCFOUR_128
:
104 case GNUTLS_CIPHER_ARCFOUR_40
:
106 case GNUTLS_CIPHER_DES_CBC
:
108 case GNUTLS_CIPHER_NULL
:
110 case GNUTLS_CIPHER_RC2_40_CBC
:
113 FIXME("Unknown cipher %#x, returning 1\n", cipher
);
118 static ssize_t
schan_pull_adapter(gnutls_transport_ptr_t transport
,
119 void *buff
, size_t buff_len
)
121 struct schan_transport
*t
= (struct schan_transport
*)transport
;
122 gnutls_session_t s
= (gnutls_session_t
)schan_session_for_transport(t
);
124 int ret
= schan_pull(transport
, buff
, &buff_len
);
127 pgnutls_transport_set_errno(s
, ret
);
134 static ssize_t
schan_push_adapter(gnutls_transport_ptr_t transport
,
135 const void *buff
, size_t buff_len
)
137 struct schan_transport
*t
= (struct schan_transport
*)transport
;
138 gnutls_session_t s
= (gnutls_session_t
)schan_session_for_transport(t
);
140 int ret
= schan_push(transport
, buff
, &buff_len
);
143 pgnutls_transport_set_errno(s
, ret
);
150 static const struct {
152 const char *gnutls_flag
;
153 } protocol_priority_flags
[] = {
154 {SP_PROT_TLS1_3_CLIENT
, "VERS-TLS1.3"},
155 {SP_PROT_TLS1_2_CLIENT
, "VERS-TLS1.2"},
156 {SP_PROT_TLS1_1_CLIENT
, "VERS-TLS1.1"},
157 {SP_PROT_TLS1_0_CLIENT
, "VERS-TLS1.0"},
158 {SP_PROT_SSL3_CLIENT
, "VERS-SSL3.0"}
159 /* {SP_PROT_SSL2_CLIENT} is not supported by GnuTLS */
162 static DWORD supported_protocols
;
164 static void check_supported_protocols(void)
166 gnutls_session_t session
;
171 err
= pgnutls_init(&session
, GNUTLS_CLIENT
);
172 if (err
!= GNUTLS_E_SUCCESS
)
178 for(i
= 0; i
< ARRAY_SIZE(protocol_priority_flags
); i
++)
180 sprintf(priority
, "NORMAL:-%s", protocol_priority_flags
[i
].gnutls_flag
);
181 err
= pgnutls_priority_set_direct(session
, priority
, NULL
);
182 if (err
== GNUTLS_E_SUCCESS
)
184 TRACE("%s is supported\n", protocol_priority_flags
[i
].gnutls_flag
);
185 supported_protocols
|= protocol_priority_flags
[i
].enable_flag
;
188 TRACE("%s is not supported\n", protocol_priority_flags
[i
].gnutls_flag
);
191 pgnutls_deinit(session
);
194 DWORD
schan_imp_enabled_protocols(void)
196 return supported_protocols
;
199 BOOL
schan_imp_create_session(schan_imp_session
*session
, schan_credentials
*cred
)
201 gnutls_session_t
*s
= (gnutls_session_t
*)session
;
202 char priority
[128] = "NORMAL:%LATEST_RECORD_VERSION", *p
;
203 BOOL using_vers_all
= FALSE
, disabled
;
206 int err
= pgnutls_init(s
, cred
->credential_use
== SECPKG_CRED_INBOUND
? GNUTLS_SERVER
: GNUTLS_CLIENT
);
207 if (err
!= GNUTLS_E_SUCCESS
)
213 p
= priority
+ strlen(priority
);
215 /* VERS-ALL is nice to use for forward compatibility. It was introduced before support for TLS1.3,
216 * so if TLS1.3 is supported, we may safely use it. Otherwise explicitly disable all known
217 * disabled protocols. */
218 if (supported_protocols
& SP_PROT_TLS1_3_CLIENT
)
220 strcpy(p
, ":-VERS-ALL");
222 using_vers_all
= TRUE
;
225 for (i
= 0; i
< ARRAY_SIZE(protocol_priority_flags
); i
++)
227 if (!(supported_protocols
& protocol_priority_flags
[i
].enable_flag
)) continue;
229 disabled
= !(cred
->enabled_protocols
& protocol_priority_flags
[i
].enable_flag
);
230 if (using_vers_all
&& disabled
) continue;
233 *p
++ = disabled
? '-' : '+';
234 strcpy(p
, protocol_priority_flags
[i
].gnutls_flag
);
238 TRACE("Using %s priority\n", debugstr_a(priority
));
239 err
= pgnutls_priority_set_direct(*s
, priority
, NULL
);
240 if (err
!= GNUTLS_E_SUCCESS
)
247 err
= pgnutls_credentials_set(*s
, GNUTLS_CRD_CERTIFICATE
,
248 (gnutls_certificate_credentials_t
)cred
->credentials
);
249 if (err
!= GNUTLS_E_SUCCESS
)
256 pgnutls_transport_set_pull_function(*s
, schan_pull_adapter
);
257 pgnutls_transport_set_push_function(*s
, schan_push_adapter
);
262 void schan_imp_dispose_session(schan_imp_session session
)
264 gnutls_session_t s
= (gnutls_session_t
)session
;
268 void schan_imp_set_session_transport(schan_imp_session session
,
269 struct schan_transport
*t
)
271 gnutls_session_t s
= (gnutls_session_t
)session
;
272 pgnutls_transport_set_ptr(s
, (gnutls_transport_ptr_t
)t
);
275 void schan_imp_set_session_target(schan_imp_session session
, const char *target
)
277 gnutls_session_t s
= (gnutls_session_t
)session
;
279 pgnutls_server_name_set( s
, GNUTLS_NAME_DNS
, target
, strlen(target
) );
282 SECURITY_STATUS
schan_imp_handshake(schan_imp_session session
)
284 gnutls_session_t s
= (gnutls_session_t
)session
;
288 err
= pgnutls_handshake(s
);
290 case GNUTLS_E_SUCCESS
:
291 TRACE("Handshake completed\n");
295 TRACE("Continue...\n");
296 return SEC_I_CONTINUE_NEEDED
;
298 case GNUTLS_E_WARNING_ALERT_RECEIVED
:
300 gnutls_alert_description_t alert
= pgnutls_alert_get(s
);
302 WARN("WARNING ALERT: %d %s\n", alert
, pgnutls_alert_get_name(alert
));
305 case GNUTLS_A_UNRECOGNIZED_NAME
:
309 return SEC_E_INTERNAL_ERROR
;
313 case GNUTLS_E_FATAL_ALERT_RECEIVED
:
315 gnutls_alert_description_t alert
= pgnutls_alert_get(s
);
316 WARN("FATAL ALERT: %d %s\n", alert
, pgnutls_alert_get_name(alert
));
317 return SEC_E_INTERNAL_ERROR
;
322 return SEC_E_INTERNAL_ERROR
;
330 static DWORD
schannel_get_protocol(gnutls_protocol_t proto
)
332 /* FIXME: currently schannel only implements client connections, but
333 * there's no reason it couldn't be used for servers as well. The
334 * context doesn't tell us which it is, so assume client for now.
338 case GNUTLS_SSL3
: return SP_PROT_SSL3_CLIENT
;
339 case GNUTLS_TLS1_0
: return SP_PROT_TLS1_0_CLIENT
;
340 case GNUTLS_TLS1_1
: return SP_PROT_TLS1_1_CLIENT
;
341 case GNUTLS_TLS1_2
: return SP_PROT_TLS1_2_CLIENT
;
343 FIXME("unknown protocol %d\n", proto
);
348 static ALG_ID
schannel_get_cipher_algid(gnutls_cipher_algorithm_t cipher
)
352 case GNUTLS_CIPHER_UNKNOWN
:
353 case GNUTLS_CIPHER_NULL
: return 0;
354 case GNUTLS_CIPHER_ARCFOUR_40
:
355 case GNUTLS_CIPHER_ARCFOUR_128
: return CALG_RC4
;
356 case GNUTLS_CIPHER_DES_CBC
: return CALG_DES
;
357 case GNUTLS_CIPHER_3DES_CBC
: return CALG_3DES
;
358 case GNUTLS_CIPHER_AES_128_CBC
:
359 case GNUTLS_CIPHER_AES_128_GCM
: return CALG_AES_128
;
360 case GNUTLS_CIPHER_AES_192_CBC
: return CALG_AES_192
;
361 case GNUTLS_CIPHER_AES_256_GCM
:
362 case GNUTLS_CIPHER_AES_256_CBC
: return CALG_AES_256
;
363 case GNUTLS_CIPHER_RC2_40_CBC
: return CALG_RC2
;
365 FIXME("unknown algorithm %d\n", cipher
);
370 static ALG_ID
schannel_get_mac_algid(gnutls_mac_algorithm_t mac
, gnutls_cipher_algorithm_t cipher
)
374 case GNUTLS_MAC_UNKNOWN
:
375 case GNUTLS_MAC_NULL
: return 0;
376 case GNUTLS_MAC_MD2
: return CALG_MD2
;
377 case GNUTLS_MAC_MD5
: return CALG_MD5
;
378 case GNUTLS_MAC_SHA1
: return CALG_SHA1
;
379 case GNUTLS_MAC_SHA256
: return CALG_SHA_256
;
380 case GNUTLS_MAC_SHA384
: return CALG_SHA_384
;
381 case GNUTLS_MAC_SHA512
: return CALG_SHA_512
;
382 case GNUTLS_MAC_AEAD
:
383 /* When using AEAD (such as GCM), we return PRF algorithm instead
384 which is defined in RFC 5289. */
387 case GNUTLS_CIPHER_AES_128_GCM
: return CALG_SHA_256
;
388 case GNUTLS_CIPHER_AES_256_GCM
: return CALG_SHA_384
;
394 FIXME("unknown algorithm %d, cipher %d\n", mac
, cipher
);
399 static ALG_ID
schannel_get_kx_algid(int kx
)
403 case GNUTLS_KX_UNKNOWN
: return 0;
405 case GNUTLS_KX_RSA_EXPORT
: return CALG_RSA_KEYX
;
406 case GNUTLS_KX_DHE_PSK
:
407 case GNUTLS_KX_DHE_DSS
:
408 case GNUTLS_KX_DHE_RSA
: return CALG_DH_EPHEM
;
409 case GNUTLS_KX_ANON_ECDH
: return CALG_ECDH
;
410 case GNUTLS_KX_ECDHE_RSA
:
411 case GNUTLS_KX_ECDHE_PSK
:
412 case GNUTLS_KX_ECDHE_ECDSA
: return CALG_ECDH_EPHEM
;
414 FIXME("unknown algorithm %d\n", kx
);
419 unsigned int schan_imp_get_session_cipher_block_size(schan_imp_session session
)
421 gnutls_session_t s
= (gnutls_session_t
)session
;
422 return pgnutls_cipher_get_block_size(pgnutls_cipher_get(s
));
425 unsigned int schan_imp_get_max_message_size(schan_imp_session session
)
427 return pgnutls_record_get_max_size((gnutls_session_t
)session
);
430 SECURITY_STATUS
schan_imp_get_connection_info(schan_imp_session session
,
431 SecPkgContext_ConnectionInfo
*info
)
433 gnutls_session_t s
= (gnutls_session_t
)session
;
434 gnutls_protocol_t proto
= pgnutls_protocol_get_version(s
);
435 gnutls_cipher_algorithm_t alg
= pgnutls_cipher_get(s
);
436 gnutls_mac_algorithm_t mac
= pgnutls_mac_get(s
);
437 gnutls_kx_algorithm_t kx
= pgnutls_kx_get(s
);
439 info
->dwProtocol
= schannel_get_protocol(proto
);
440 info
->aiCipher
= schannel_get_cipher_algid(alg
);
441 info
->dwCipherStrength
= pgnutls_cipher_get_key_size(alg
) * 8;
442 info
->aiHash
= schannel_get_mac_algid(mac
, alg
);
443 info
->dwHashStrength
= pgnutls_mac_get_key_size(mac
) * 8;
444 info
->aiExch
= schannel_get_kx_algid(kx
);
445 /* FIXME: info->dwExchStrength? */
446 info
->dwExchStrength
= 0;
450 ALG_ID
schan_imp_get_key_signature_algorithm(schan_imp_session session
)
452 gnutls_session_t s
= (gnutls_session_t
)session
;
453 gnutls_kx_algorithm_t kx
= pgnutls_kx_get(s
);
455 TRACE("(%p)\n", session
);
459 case GNUTLS_KX_UNKNOWN
: return 0;
461 case GNUTLS_KX_RSA_EXPORT
:
462 case GNUTLS_KX_DHE_RSA
:
463 case GNUTLS_KX_ECDHE_RSA
: return CALG_RSA_SIGN
;
464 case GNUTLS_KX_ECDHE_ECDSA
: return CALG_ECDSA
;
466 FIXME("unknown algorithm %d\n", kx
);
471 SECURITY_STATUS
schan_imp_get_session_peer_certificate(schan_imp_session session
, HCERTSTORE store
,
474 gnutls_session_t s
= (gnutls_session_t
)session
;
475 PCCERT_CONTEXT cert
= NULL
;
476 const gnutls_datum_t
*datum
;
477 unsigned list_size
, i
;
480 datum
= pgnutls_certificate_get_peers(s
, &list_size
);
482 return SEC_E_INTERNAL_ERROR
;
484 for(i
= 0; i
< list_size
; i
++) {
485 res
= CertAddEncodedCertificateToStore(store
, X509_ASN_ENCODING
, datum
[i
].data
, datum
[i
].size
,
486 CERT_STORE_ADD_REPLACE_EXISTING
, i
? NULL
: &cert
);
489 CertFreeCertificateContext(cert
);
490 return GetLastError();
498 SECURITY_STATUS
schan_imp_send(schan_imp_session session
, const void *buffer
,
501 gnutls_session_t s
= (gnutls_session_t
)session
;
502 SSIZE_T ret
, total
= 0;
506 ret
= pgnutls_record_send(s
, (const char *)buffer
+ total
, *length
- total
);
510 TRACE( "sent %ld now %ld/%ld\n", ret
, total
, *length
);
511 if (total
== *length
) return SEC_E_OK
;
513 else if (ret
== GNUTLS_E_AGAIN
)
515 struct schan_transport
*t
= (struct schan_transport
*)pgnutls_transport_get_ptr(s
);
518 if (schan_get_buffer(t
, &t
->out
, &count
)) continue;
519 return SEC_I_CONTINUE_NEEDED
;
524 return SEC_E_INTERNAL_ERROR
;
529 SECURITY_STATUS
schan_imp_recv(schan_imp_session session
, void *buffer
,
532 gnutls_session_t s
= (gnutls_session_t
)session
;
536 ret
= pgnutls_record_recv(s
, buffer
, *length
);
540 else if (ret
== GNUTLS_E_AGAIN
)
542 struct schan_transport
*t
= (struct schan_transport
*)pgnutls_transport_get_ptr(s
);
545 if (schan_get_buffer(t
, &t
->in
, &count
))
548 return SEC_I_CONTINUE_NEEDED
;
553 return SEC_E_INTERNAL_ERROR
;
559 BOOL
schan_imp_allocate_certificate_credentials(schan_credentials
*c
)
561 int ret
= pgnutls_certificate_allocate_credentials((gnutls_certificate_credentials_t
*)&c
->credentials
);
562 if (ret
!= GNUTLS_E_SUCCESS
)
564 return (ret
== GNUTLS_E_SUCCESS
);
567 void schan_imp_free_certificate_credentials(schan_credentials
*c
)
569 pgnutls_certificate_free_credentials(c
->credentials
);
572 static void schan_gnutls_log(int level
, const char *msg
)
574 TRACE("<%d> %s", level
, msg
);
577 BOOL
schan_imp_init(void)
581 libgnutls_handle
= wine_dlopen(SONAME_LIBGNUTLS
, RTLD_NOW
, NULL
, 0);
582 if (!libgnutls_handle
)
584 ERR_(winediag
)("Failed to load libgnutls, secure connections will not be available.\n");
588 #define LOAD_FUNCPTR(f) \
589 if (!(p##f = wine_dlsym(libgnutls_handle, #f, NULL, 0))) \
591 ERR("Failed to load %s\n", #f); \
595 LOAD_FUNCPTR(gnutls_alert_get
)
596 LOAD_FUNCPTR(gnutls_alert_get_name
)
597 LOAD_FUNCPTR(gnutls_certificate_allocate_credentials
)
598 LOAD_FUNCPTR(gnutls_certificate_free_credentials
)
599 LOAD_FUNCPTR(gnutls_certificate_get_peers
)
600 LOAD_FUNCPTR(gnutls_cipher_get
)
601 LOAD_FUNCPTR(gnutls_cipher_get_key_size
)
602 LOAD_FUNCPTR(gnutls_credentials_set
)
603 LOAD_FUNCPTR(gnutls_deinit
)
604 LOAD_FUNCPTR(gnutls_global_deinit
)
605 LOAD_FUNCPTR(gnutls_global_init
)
606 LOAD_FUNCPTR(gnutls_global_set_log_function
)
607 LOAD_FUNCPTR(gnutls_global_set_log_level
)
608 LOAD_FUNCPTR(gnutls_handshake
)
609 LOAD_FUNCPTR(gnutls_init
)
610 LOAD_FUNCPTR(gnutls_kx_get
)
611 LOAD_FUNCPTR(gnutls_mac_get
)
612 LOAD_FUNCPTR(gnutls_mac_get_key_size
)
613 LOAD_FUNCPTR(gnutls_perror
)
614 LOAD_FUNCPTR(gnutls_protocol_get_version
)
615 LOAD_FUNCPTR(gnutls_priority_set_direct
)
616 LOAD_FUNCPTR(gnutls_record_get_max_size
);
617 LOAD_FUNCPTR(gnutls_record_recv
);
618 LOAD_FUNCPTR(gnutls_record_send
);
619 LOAD_FUNCPTR(gnutls_server_name_set
)
620 LOAD_FUNCPTR(gnutls_transport_get_ptr
)
621 LOAD_FUNCPTR(gnutls_transport_set_errno
)
622 LOAD_FUNCPTR(gnutls_transport_set_ptr
)
623 LOAD_FUNCPTR(gnutls_transport_set_pull_function
)
624 LOAD_FUNCPTR(gnutls_transport_set_push_function
)
627 if (!(pgnutls_cipher_get_block_size
= wine_dlsym(libgnutls_handle
, "gnutls_cipher_get_block_size", NULL
, 0)))
629 WARN("gnutls_cipher_get_block_size not found\n");
630 pgnutls_cipher_get_block_size
= compat_cipher_get_block_size
;
633 ret
= pgnutls_global_init();
634 if (ret
!= GNUTLS_E_SUCCESS
)
640 if (TRACE_ON(secur32
))
642 pgnutls_global_set_log_level(4);
643 pgnutls_global_set_log_function(schan_gnutls_log
);
646 check_supported_protocols();
650 wine_dlclose(libgnutls_handle
, NULL
, 0);
651 libgnutls_handle
= NULL
;
655 void schan_imp_deinit(void)
657 pgnutls_global_deinit();
658 wine_dlclose(libgnutls_handle
, NULL
, 0);
659 libgnutls_handle
= NULL
;
662 #endif /* SONAME_LIBGNUTLS && !HAVE_SECURITY_SECURITY_H */
