search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
wined3d: Move swapchain buffer discarding to wined3d_cs_exec_present().
[wine.git] / dlls / secur32 / schannel_gnutls.c
blobc4a36a899a0a39b3cc0f2b409677f9eb988a079e
1 /*
2 * GnuTLS-based implementation of the schannel (SSL/TLS) provider.
3 *
4 * Copyright 2005 Juan Lang
5 * Copyright 2008 Henri Verbeet
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 */
21
22 #include "config.h"
23 #include "wine/port.h"
24
25 #include <stdarg.h>
26 #include <stdio.h>
27 #include <assert.h>
28 #ifdef SONAME_LIBGNUTLS
29 #include <gnutls/gnutls.h>
30 #include <gnutls/crypto.h>
31 #include <gnutls/abstract.h>
32 #endif
33
34 #include "windef.h"
35 #include "winbase.h"
36 #include "sspi.h"
37 #include "schannel.h"
38 #include "lmcons.h"
39 #include "winreg.h"
40 #include "secur32_priv.h"
41
42 #include "wine/debug.h"
43 #include "wine/unicode.h"
44
45 #if defined(SONAME_LIBGNUTLS) && !defined(HAVE_SECURITY_SECURITY_H)
46
47 WINE_DEFAULT_DEBUG_CHANNEL(secur32);
48 WINE_DECLARE_DEBUG_CHANNEL(winediag);
49
50 /* Not present in gnutls version < 2.9.10. */
51 static int (*pgnutls_cipher_get_block_size)(gnutls_cipher_algorithm_t);
52
53 /* Not present in gnutls version < 3.2.0. */
54 static int (*pgnutls_alpn_get_selected_protocol)(gnutls_session_t, gnutls_datum_t *);
55 static int (*pgnutls_alpn_set_protocols)(gnutls_session_t, const gnutls_datum_t *,
56 unsigned, unsigned int);
57
58 /* Not present in gnutls version < 3.3.0. */
59 static int (*pgnutls_privkey_import_rsa_raw)(gnutls_privkey_t, const gnutls_datum_t *,
60 const gnutls_datum_t *, const gnutls_datum_t *,
61 const gnutls_datum_t *, const gnutls_datum_t *,
62 const gnutls_datum_t *, const gnutls_datum_t *,
63 const gnutls_datum_t *);
64
65 /* Not present in gnutls version < 3.4.0. */
66 static int (*pgnutls_privkey_export_x509)(gnutls_privkey_t, gnutls_x509_privkey_t *);
67
68 static void *libgnutls_handle;
69 #define MAKE_FUNCPTR(f) static typeof(f) * p##f
70 MAKE_FUNCPTR(gnutls_alert_get);
71 MAKE_FUNCPTR(gnutls_alert_get_name);
72 MAKE_FUNCPTR(gnutls_certificate_allocate_credentials);
73 MAKE_FUNCPTR(gnutls_certificate_free_credentials);
74 MAKE_FUNCPTR(gnutls_certificate_get_peers);
75 MAKE_FUNCPTR(gnutls_certificate_set_x509_key);
76 MAKE_FUNCPTR(gnutls_cipher_get);
77 MAKE_FUNCPTR(gnutls_cipher_get_key_size);
78 MAKE_FUNCPTR(gnutls_credentials_set);
79 MAKE_FUNCPTR(gnutls_deinit);
80 MAKE_FUNCPTR(gnutls_global_deinit);
81 MAKE_FUNCPTR(gnutls_global_init);
82 MAKE_FUNCPTR(gnutls_global_set_log_function);
83 MAKE_FUNCPTR(gnutls_global_set_log_level);
84 MAKE_FUNCPTR(gnutls_handshake);
85 MAKE_FUNCPTR(gnutls_init);
86 MAKE_FUNCPTR(gnutls_kx_get);
87 MAKE_FUNCPTR(gnutls_mac_get);
88 MAKE_FUNCPTR(gnutls_mac_get_key_size);
89 MAKE_FUNCPTR(gnutls_perror);
90 MAKE_FUNCPTR(gnutls_protocol_get_version);
91 MAKE_FUNCPTR(gnutls_priority_set_direct);
92 MAKE_FUNCPTR(gnutls_privkey_deinit);
93 MAKE_FUNCPTR(gnutls_privkey_init);
94 MAKE_FUNCPTR(gnutls_record_get_max_size);
95 MAKE_FUNCPTR(gnutls_record_recv);
96 MAKE_FUNCPTR(gnutls_record_send);
97 MAKE_FUNCPTR(gnutls_server_name_set);
98 MAKE_FUNCPTR(gnutls_transport_get_ptr);
99 MAKE_FUNCPTR(gnutls_transport_set_errno);
100 MAKE_FUNCPTR(gnutls_transport_set_ptr);
101 MAKE_FUNCPTR(gnutls_transport_set_pull_function);
102 MAKE_FUNCPTR(gnutls_transport_set_push_function);
103 MAKE_FUNCPTR(gnutls_x509_crt_deinit);
104 MAKE_FUNCPTR(gnutls_x509_crt_import);
105 MAKE_FUNCPTR(gnutls_x509_crt_init);
106 MAKE_FUNCPTR(gnutls_x509_privkey_deinit);
107 #undef MAKE_FUNCPTR
108
109 #if GNUTLS_VERSION_MAJOR < 3
110 #define GNUTLS_CIPHER_AES_192_CBC 92
111 #define GNUTLS_CIPHER_AES_128_GCM 93
112 #define GNUTLS_CIPHER_AES_256_GCM 94
113
114 #define GNUTLS_MAC_AEAD 200
115
116 #define GNUTLS_KX_ANON_ECDH 11
117 #define GNUTLS_KX_ECDHE_RSA 12
118 #define GNUTLS_KX_ECDHE_ECDSA 13
119 #define GNUTLS_KX_ECDHE_PSK 14
120 #endif
121
122 #if GNUTLS_VERSION_MAJOR < 3 || (GNUTLS_VERSION_MAJOR == 3 && GNUTLS_VERSION_MINOR < 5)
123 #define GNUTLS_ALPN_SERVER_PRECEDENCE (1<<1)
124 #endif
125
126 static int compat_cipher_get_block_size(gnutls_cipher_algorithm_t cipher)
127 {
128 switch(cipher) {
129 case GNUTLS_CIPHER_3DES_CBC:
130 return 8;
131 case GNUTLS_CIPHER_AES_128_CBC:
132 case GNUTLS_CIPHER_AES_256_CBC:
133 return 16;
134 case GNUTLS_CIPHER_ARCFOUR_128:
135 case GNUTLS_CIPHER_ARCFOUR_40:
136 return 1;
137 case GNUTLS_CIPHER_DES_CBC:
138 return 8;
139 case GNUTLS_CIPHER_NULL:
140 return 1;
141 case GNUTLS_CIPHER_RC2_40_CBC:
142 return 8;
143 default:
144 FIXME("Unknown cipher %#x, returning 1\n", cipher);
145 return 1;
146 }
147 }
148
149 static int compat_gnutls_privkey_export_x509(gnutls_privkey_t privkey, gnutls_x509_privkey_t *key)
150 {
151 FIXME("\n");
152 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
153 }
154
155 static int compat_gnutls_privkey_import_rsa_raw(gnutls_privkey_t key, const gnutls_datum_t *p1,
156 const gnutls_datum_t *p2, const gnutls_datum_t *p3,
157 const gnutls_datum_t *p4, const gnutls_datum_t *p5,
158 const gnutls_datum_t *p6, const gnutls_datum_t *p7,
159 const gnutls_datum_t *p8)
160 {
161 FIXME("\n");
162 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
163 }
164
165 static int compat_gnutls_alpn_get_selected_protocol(gnutls_session_t session, gnutls_datum_t *protocol)
166 {
167 FIXME("\n");
168 return GNUTLS_E_INVALID_REQUEST;
169 }
170
171 static int compat_gnutls_alpn_set_protocols(gnutls_session_t session, const gnutls_datum_t *protocols,
172 unsigned size, unsigned int flags)
173 {
174 FIXME("\n");
175 return GNUTLS_E_INVALID_REQUEST;
176 }
177
178 static ssize_t schan_pull_adapter(gnutls_transport_ptr_t transport,
179 void *buff, size_t buff_len)
180 {
181 struct schan_transport *t = (struct schan_transport*)transport;
182 gnutls_session_t s = (gnutls_session_t)schan_session_for_transport(t);
183
184 int ret = schan_pull(transport, buff, &buff_len);
185 if (ret)
186 {
187 pgnutls_transport_set_errno(s, ret);
188 return -1;
189 }
190
191 return buff_len;
192 }
193
194 static ssize_t schan_push_adapter(gnutls_transport_ptr_t transport,
195 const void *buff, size_t buff_len)
196 {
197 struct schan_transport *t = (struct schan_transport*)transport;
198 gnutls_session_t s = (gnutls_session_t)schan_session_for_transport(t);
199
200 int ret = schan_push(transport, buff, &buff_len);
201 if (ret)
202 {
203 pgnutls_transport_set_errno(s, ret);
204 return -1;
205 }
206
207 return buff_len;
208 }
209
210 static const struct {
211 DWORD enable_flag;
212 const char *gnutls_flag;
213 } protocol_priority_flags[] = {
214 {SP_PROT_TLS1_3_CLIENT, "VERS-TLS1.3"},
215 {SP_PROT_TLS1_2_CLIENT, "VERS-TLS1.2"},
216 {SP_PROT_TLS1_1_CLIENT, "VERS-TLS1.1"},
217 {SP_PROT_TLS1_0_CLIENT, "VERS-TLS1.0"},
218 {SP_PROT_SSL3_CLIENT, "VERS-SSL3.0"}
219 /* {SP_PROT_SSL2_CLIENT} is not supported by GnuTLS */
220 };
221
222 static DWORD supported_protocols;
223
224 static void check_supported_protocols(void)
225 {
226 gnutls_session_t session;
227 char priority[64];
228 unsigned i;
229 int err;
230
231 err = pgnutls_init(&session, GNUTLS_CLIENT);
232 if (err != GNUTLS_E_SUCCESS)
233 {
234 pgnutls_perror(err);
235 return;
236 }
237
238 for(i = 0; i < ARRAY_SIZE(protocol_priority_flags); i++)
239 {
240 sprintf(priority, "NORMAL:-%s", protocol_priority_flags[i].gnutls_flag);
241 err = pgnutls_priority_set_direct(session, priority, NULL);
242 if (err == GNUTLS_E_SUCCESS)
243 {
244 TRACE("%s is supported\n", protocol_priority_flags[i].gnutls_flag);
245 supported_protocols |= protocol_priority_flags[i].enable_flag;
246 }
247 else
248 TRACE("%s is not supported\n", protocol_priority_flags[i].gnutls_flag);
249 }
250
251 pgnutls_deinit(session);
252 }
253
254 DWORD schan_imp_enabled_protocols(void)
255 {
256 return supported_protocols;
257 }
258
259 BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred)
260 {
261 gnutls_session_t *s = (gnutls_session_t*)session;
262 char priority[128] = "NORMAL:%LATEST_RECORD_VERSION", *p;
263 BOOL using_vers_all = FALSE, disabled;
264 unsigned i;
265
266 int err = pgnutls_init(s, cred->credential_use == SECPKG_CRED_INBOUND ? GNUTLS_SERVER : GNUTLS_CLIENT);
267 if (err != GNUTLS_E_SUCCESS)
268 {
269 pgnutls_perror(err);
270 return FALSE;
271 }
272
273 p = priority + strlen(priority);
274
275 /* VERS-ALL is nice to use for forward compatibility. It was introduced before support for TLS1.3,
276 * so if TLS1.3 is supported, we may safely use it. Otherwise explicitly disable all known
277 * disabled protocols. */
278 if (supported_protocols & SP_PROT_TLS1_3_CLIENT)
279 {
280 strcpy(p, ":-VERS-ALL");
281 p += strlen(p);
282 using_vers_all = TRUE;
283 }
284
285 for (i = 0; i < ARRAY_SIZE(protocol_priority_flags); i++)
286 {
287 if (!(supported_protocols & protocol_priority_flags[i].enable_flag)) continue;
288
289 disabled = !(cred->enabled_protocols & protocol_priority_flags[i].enable_flag);
290 if (using_vers_all && disabled) continue;
291
292 *p++ = ':';
293 *p++ = disabled ? '-' : '+';
294 strcpy(p, protocol_priority_flags[i].gnutls_flag);
295 p += strlen(p);
296 }
297
298 TRACE("Using %s priority\n", debugstr_a(priority));
299 err = pgnutls_priority_set_direct(*s, priority, NULL);
300 if (err != GNUTLS_E_SUCCESS)
301 {
302 pgnutls_perror(err);
303 pgnutls_deinit(*s);
304 return FALSE;
305 }
306
307 err = pgnutls_credentials_set(*s, GNUTLS_CRD_CERTIFICATE,
308 (gnutls_certificate_credentials_t)cred->credentials);
309 if (err != GNUTLS_E_SUCCESS)
310 {
311 pgnutls_perror(err);
312 pgnutls_deinit(*s);
313 return FALSE;
314 }
315
316 pgnutls_transport_set_pull_function(*s, schan_pull_adapter);
317 pgnutls_transport_set_push_function(*s, schan_push_adapter);
318
319 return TRUE;
320 }
321
322 void schan_imp_dispose_session(schan_imp_session session)
323 {
324 gnutls_session_t s = (gnutls_session_t)session;
325 pgnutls_deinit(s);
326 }
327
328 void schan_imp_set_session_transport(schan_imp_session session,
329 struct schan_transport *t)
330 {
331 gnutls_session_t s = (gnutls_session_t)session;
332 pgnutls_transport_set_ptr(s, (gnutls_transport_ptr_t)t);
333 }
334
335 void schan_imp_set_session_target(schan_imp_session session, const char *target)
336 {
337 gnutls_session_t s = (gnutls_session_t)session;
338
339 pgnutls_server_name_set( s, GNUTLS_NAME_DNS, target, strlen(target) );
340 }
341
342 SECURITY_STATUS schan_imp_handshake(schan_imp_session session)
343 {
344 gnutls_session_t s = (gnutls_session_t)session;
345 int err;
346
347 while(1) {
348 err = pgnutls_handshake(s);
349 switch(err) {
350 case GNUTLS_E_SUCCESS:
351 TRACE("Handshake completed\n");
352 return SEC_E_OK;
353
354 case GNUTLS_E_AGAIN:
355 TRACE("Continue...\n");
356 return SEC_I_CONTINUE_NEEDED;
357
358 case GNUTLS_E_WARNING_ALERT_RECEIVED:
359 {
360 gnutls_alert_description_t alert = pgnutls_alert_get(s);
361
362 WARN("WARNING ALERT: %d %s\n", alert, pgnutls_alert_get_name(alert));
363
364 switch(alert) {
365 case GNUTLS_A_UNRECOGNIZED_NAME:
366 TRACE("Ignoring\n");
367 continue;
368 default:
369 return SEC_E_INTERNAL_ERROR;
370 }
371 }
372
373 case GNUTLS_E_FATAL_ALERT_RECEIVED:
374 {
375 gnutls_alert_description_t alert = pgnutls_alert_get(s);
376 WARN("FATAL ALERT: %d %s\n", alert, pgnutls_alert_get_name(alert));
377 return SEC_E_INTERNAL_ERROR;
378 }
379
380 default:
381 pgnutls_perror(err);
382 return SEC_E_INTERNAL_ERROR;
383 }
384 }
385
386 /* Never reached */
387 return SEC_E_OK;
388 }
389
390 static DWORD schannel_get_protocol(gnutls_protocol_t proto)
391 {
392 /* FIXME: currently schannel only implements client connections, but
393 * there's no reason it couldn't be used for servers as well. The
394 * context doesn't tell us which it is, so assume client for now.
395 */
396 switch (proto)
397 {
398 case GNUTLS_SSL3: return SP_PROT_SSL3_CLIENT;
399 case GNUTLS_TLS1_0: return SP_PROT_TLS1_0_CLIENT;
400 case GNUTLS_TLS1_1: return SP_PROT_TLS1_1_CLIENT;
401 case GNUTLS_TLS1_2: return SP_PROT_TLS1_2_CLIENT;
402 default:
403 FIXME("unknown protocol %d\n", proto);
404 return 0;
405 }
406 }
407
408 static ALG_ID schannel_get_cipher_algid(gnutls_cipher_algorithm_t cipher)
409 {
410 switch (cipher)
411 {
412 case GNUTLS_CIPHER_UNKNOWN:
413 case GNUTLS_CIPHER_NULL: return 0;
414 case GNUTLS_CIPHER_ARCFOUR_40:
415 case GNUTLS_CIPHER_ARCFOUR_128: return CALG_RC4;
416 case GNUTLS_CIPHER_DES_CBC: return CALG_DES;
417 case GNUTLS_CIPHER_3DES_CBC: return CALG_3DES;
418 case GNUTLS_CIPHER_AES_128_CBC:
419 case GNUTLS_CIPHER_AES_128_GCM: return CALG_AES_128;
420 case GNUTLS_CIPHER_AES_192_CBC: return CALG_AES_192;
421 case GNUTLS_CIPHER_AES_256_GCM:
422 case GNUTLS_CIPHER_AES_256_CBC: return CALG_AES_256;
423 case GNUTLS_CIPHER_RC2_40_CBC: return CALG_RC2;
424 default:
425 FIXME("unknown algorithm %d\n", cipher);
426 return 0;
427 }
428 }
429
430 static ALG_ID schannel_get_mac_algid(gnutls_mac_algorithm_t mac, gnutls_cipher_algorithm_t cipher)
431 {
432 switch (mac)
433 {
434 case GNUTLS_MAC_UNKNOWN:
435 case GNUTLS_MAC_NULL: return 0;
436 case GNUTLS_MAC_MD2: return CALG_MD2;
437 case GNUTLS_MAC_MD5: return CALG_MD5;
438 case GNUTLS_MAC_SHA1: return CALG_SHA1;
439 case GNUTLS_MAC_SHA256: return CALG_SHA_256;
440 case GNUTLS_MAC_SHA384: return CALG_SHA_384;
441 case GNUTLS_MAC_SHA512: return CALG_SHA_512;
442 case GNUTLS_MAC_AEAD:
443 /* When using AEAD (such as GCM), we return PRF algorithm instead
444 which is defined in RFC 5289. */
445 switch (cipher)
446 {
447 case GNUTLS_CIPHER_AES_128_GCM: return CALG_SHA_256;
448 case GNUTLS_CIPHER_AES_256_GCM: return CALG_SHA_384;
449 default:
450 break;
451 }
452 /* fall through */
453 default:
454 FIXME("unknown algorithm %d, cipher %d\n", mac, cipher);
455 return 0;
456 }
457 }
458
459 static ALG_ID schannel_get_kx_algid(int kx)
460 {
461 switch (kx)
462 {
463 case GNUTLS_KX_UNKNOWN: return 0;
464 case GNUTLS_KX_RSA:
465 case GNUTLS_KX_RSA_EXPORT: return CALG_RSA_KEYX;
466 case GNUTLS_KX_DHE_PSK:
467 case GNUTLS_KX_DHE_DSS:
468 case GNUTLS_KX_DHE_RSA: return CALG_DH_EPHEM;
469 case GNUTLS_KX_ANON_ECDH: return CALG_ECDH;
470 case GNUTLS_KX_ECDHE_RSA:
471 case GNUTLS_KX_ECDHE_PSK:
472 case GNUTLS_KX_ECDHE_ECDSA: return CALG_ECDH_EPHEM;
473 default:
474 FIXME("unknown algorithm %d\n", kx);
475 return 0;
476 }
477 }
478
479 unsigned int schan_imp_get_session_cipher_block_size(schan_imp_session session)
480 {
481 gnutls_session_t s = (gnutls_session_t)session;
482 return pgnutls_cipher_get_block_size(pgnutls_cipher_get(s));
483 }
484
485 unsigned int schan_imp_get_max_message_size(schan_imp_session session)
486 {
487 return pgnutls_record_get_max_size((gnutls_session_t)session);
488 }
489
490 SECURITY_STATUS schan_imp_get_connection_info(schan_imp_session session,
491 SecPkgContext_ConnectionInfo *info)
492 {
493 gnutls_session_t s = (gnutls_session_t)session;
494 gnutls_protocol_t proto = pgnutls_protocol_get_version(s);
495 gnutls_cipher_algorithm_t alg = pgnutls_cipher_get(s);
496 gnutls_mac_algorithm_t mac = pgnutls_mac_get(s);
497 gnutls_kx_algorithm_t kx = pgnutls_kx_get(s);
498
499 info->dwProtocol = schannel_get_protocol(proto);
500 info->aiCipher = schannel_get_cipher_algid(alg);
501 info->dwCipherStrength = pgnutls_cipher_get_key_size(alg) * 8;
502 info->aiHash = schannel_get_mac_algid(mac, alg);
503 info->dwHashStrength = pgnutls_mac_get_key_size(mac) * 8;
504 info->aiExch = schannel_get_kx_algid(kx);
505 /* FIXME: info->dwExchStrength? */
506 info->dwExchStrength = 0;
507 return SEC_E_OK;
508 }
509
510 ALG_ID schan_imp_get_key_signature_algorithm(schan_imp_session session)
511 {
512 gnutls_session_t s = (gnutls_session_t)session;
513 gnutls_kx_algorithm_t kx = pgnutls_kx_get(s);
514
515 TRACE("(%p)\n", session);
516
517 switch (kx)
518 {
519 case GNUTLS_KX_UNKNOWN: return 0;
520 case GNUTLS_KX_RSA:
521 case GNUTLS_KX_RSA_EXPORT:
522 case GNUTLS_KX_DHE_RSA:
523 case GNUTLS_KX_ECDHE_RSA: return CALG_RSA_SIGN;
524 case GNUTLS_KX_ECDHE_ECDSA: return CALG_ECDSA;
525 default:
526 FIXME("unknown algorithm %d\n", kx);
527 return 0;
528 }
529 }
530
531 SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session, HCERTSTORE store,
532 PCCERT_CONTEXT *ret)
533 {
534 gnutls_session_t s = (gnutls_session_t)session;
535 PCCERT_CONTEXT cert = NULL;
536 const gnutls_datum_t *datum;
537 unsigned list_size, i;
538 BOOL res;
539
540 datum = pgnutls_certificate_get_peers(s, &list_size);
541 if(!datum)
542 return SEC_E_INTERNAL_ERROR;
543
544 for(i = 0; i < list_size; i++) {
545 res = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, datum[i].data, datum[i].size,
546 CERT_STORE_ADD_REPLACE_EXISTING, i ? NULL : &cert);
547 if(!res) {
548 if(i)
549 CertFreeCertificateContext(cert);
550 return GetLastError();
551 }
552 }
553
554 *ret = cert;
555 return SEC_E_OK;
556 }
557
558 SECURITY_STATUS schan_imp_send(schan_imp_session session, const void *buffer,
559 SIZE_T *length)
560 {
561 gnutls_session_t s = (gnutls_session_t)session;
562 SSIZE_T ret, total = 0;
563
564 for (;;)
565 {
566 ret = pgnutls_record_send(s, (const char *)buffer + total, *length - total);
567 if (ret >= 0)
568 {
569 total += ret;
570 TRACE( "sent %ld now %ld/%ld\n", ret, total, *length );
571 if (total == *length) return SEC_E_OK;
572 }
573 else if (ret == GNUTLS_E_AGAIN)
574 {
575 struct schan_transport *t = (struct schan_transport *)pgnutls_transport_get_ptr(s);
576 SIZE_T count = 0;
577
578 if (schan_get_buffer(t, &t->out, &count)) continue;
579 return SEC_I_CONTINUE_NEEDED;
580 }
581 else
582 {
583 pgnutls_perror(ret);
584 return SEC_E_INTERNAL_ERROR;
585 }
586 }
587 }
588
589 SECURITY_STATUS schan_imp_recv(schan_imp_session session, void *buffer,
590 SIZE_T *length)
591 {
592 gnutls_session_t s = (gnutls_session_t)session;
593 ssize_t ret;
594
595 again:
596 ret = pgnutls_record_recv(s, buffer, *length);
597
598 if (ret >= 0)
599 *length = ret;
600 else if (ret == GNUTLS_E_AGAIN)
601 {
602 struct schan_transport *t = (struct schan_transport *)pgnutls_transport_get_ptr(s);
603 SIZE_T count = 0;
604
605 if (schan_get_buffer(t, &t->in, &count))
606 goto again;
607
608 return SEC_I_CONTINUE_NEEDED;
609 }
610 else if (ret == GNUTLS_E_REHANDSHAKE)
611 {
612 TRACE("Rehandshake requested\n");
613 return SEC_I_RENEGOTIATE;
614 }
615 else
616 {
617 pgnutls_perror(ret);
618 return SEC_E_INTERNAL_ERROR;
619 }
620
621 return SEC_E_OK;
622 }
623
624 static unsigned int parse_alpn_protocol_list(unsigned char *buffer, unsigned int buflen, gnutls_datum_t *list)
625 {
626 unsigned int len, offset = 0, count = 0;
627
628 while (buflen)
629 {
630 len = buffer[offset++];
631 buflen--;
632 if (!len || len > buflen) return 0;
633 if (list)
634 {
635 list[count].data = &buffer[offset];
636 list[count].size = len;
637 }
638 buflen -= len;
639 offset += len;
640 count++;
641 }
642
643 return count;
644 }
645
646 void schan_imp_set_application_protocols(schan_imp_session session, unsigned char *buffer, unsigned int buflen)
647 {
648 gnutls_session_t s = (gnutls_session_t)session;
649 unsigned int extension_len, extension, count = 0, offset = 0;
650 unsigned short list_len;
651 gnutls_datum_t *protocols;
652 int ret;
653
654 if (sizeof(extension_len) > buflen) return;
655 extension_len = *(unsigned int *)&buffer[offset];
656 offset += sizeof(extension_len);
657
658 if (offset + sizeof(extension) > buflen) return;
659 extension = *(unsigned int *)&buffer[offset];
660 if (extension != SecApplicationProtocolNegotiationExt_ALPN)
661 {
662 FIXME("extension %u not supported\n", extension);
663 return;
664 }
665 offset += sizeof(extension);
666
667 if (offset + sizeof(list_len) > buflen) return;
668 list_len = *(unsigned short *)&buffer[offset];
669 offset += sizeof(list_len);
670
671 if (offset + list_len > buflen) return;
672 count = parse_alpn_protocol_list(&buffer[offset], list_len, NULL);
673 if (!count || !(protocols = heap_alloc(count * sizeof(*protocols)))) return;
674
675 parse_alpn_protocol_list(&buffer[offset], list_len, protocols);
676 if ((ret = pgnutls_alpn_set_protocols(s, protocols, count, GNUTLS_ALPN_SERVER_PRECEDENCE) < 0))
677 {
678 pgnutls_perror(ret);
679 }
680
681 heap_free(protocols);
682 }
683
684 SECURITY_STATUS schan_imp_get_application_protocol(schan_imp_session session,
685 SecPkgContext_ApplicationProtocol *protocol)
686 {
687 gnutls_session_t s = (gnutls_session_t)session;
688 gnutls_datum_t selected;
689
690 memset(protocol, 0, sizeof(*protocol));
691 if (pgnutls_alpn_get_selected_protocol(s, &selected) < 0) return SEC_E_OK;
692
693 if (selected.size <= sizeof(protocol->ProtocolId))
694 {
695 protocol->ProtoNegoStatus = SecApplicationProtocolNegotiationStatus_Success;
696 protocol->ProtoNegoExt = SecApplicationProtocolNegotiationExt_ALPN;
697 protocol->ProtocolIdSize = selected.size;
698 memcpy(protocol->ProtocolId, selected.data, selected.size);
699 TRACE("returning %s\n", debugstr_an((const char *)selected.data, selected.size));
700 }
701 return SEC_E_OK;
702 }
703
704 static WCHAR *get_key_container_path(const CERT_CONTEXT *ctx)
705 {
706 static const WCHAR rsabaseW[] =
707 {'S','o','f','t','w','a','r','e','\\','W','i','n','e','\\','C','r','y','p','t','o','\\','R','S','A','\\',0};
708 CERT_KEY_CONTEXT keyctx;
709 DWORD size = sizeof(keyctx), prov_size = 0;
710 CRYPT_KEY_PROV_INFO *prov;
711 WCHAR username[UNLEN + 1], *ret = NULL;
712 DWORD len = ARRAY_SIZE(username);
713
714 if (CertGetCertificateContextProperty(ctx, CERT_KEY_CONTEXT_PROP_ID, &keyctx, &size))
715 {
716 char *str;
717 if (!CryptGetProvParam(keyctx.hCryptProv, PP_CONTAINER, NULL, &size, 0)) return NULL;
718 if (!(str = heap_alloc(size))) return NULL;
719 if (!CryptGetProvParam(keyctx.hCryptProv, PP_CONTAINER, (BYTE *)str, &size, 0)) return NULL;
720
721 len = MultiByteToWideChar(CP_ACP, 0, str, -1, NULL, 0);
722 if (!(ret = heap_alloc(sizeof(rsabaseW) + len * sizeof(WCHAR))))
723 {
724 heap_free(str);
725 return NULL;
726 }
727 strcpyW(ret, rsabaseW);
728 MultiByteToWideChar(CP_ACP, 0, str, -1, ret + strlenW(ret), len);
729 heap_free(str);
730 }
731 else if (CertGetCertificateContextProperty(ctx, CERT_KEY_PROV_INFO_PROP_ID, NULL, &prov_size))
732 {
733 if (!(prov = heap_alloc(prov_size))) return NULL;
734 if (!CertGetCertificateContextProperty(ctx, CERT_KEY_PROV_INFO_PROP_ID, prov, &prov_size))
735 {
736 heap_free(prov);
737 return NULL;
738 }
739 if (!(ret = heap_alloc(sizeof(rsabaseW) + strlenW(prov->pwszContainerName) * sizeof(WCHAR))))
740 {
741 heap_free(prov);
742 return NULL;
743 }
744 strcpyW(ret, rsabaseW);
745 strcatW(ret, prov->pwszContainerName);
746 heap_free(prov);
747 }
748
749 if (!ret && GetUserNameW(username, &len) && (ret = heap_alloc(sizeof(rsabaseW) + len * sizeof(WCHAR))))
750 {
751 strcpyW(ret, rsabaseW);
752 strcatW(ret, username);
753 }
754
755 return ret;
756 }
757
758 #define MAX_LEAD_BYTES 8
759 static BYTE *get_key_blob(const CERT_CONTEXT *ctx, ULONG *size)
760 {
761 static const WCHAR keyexchangeW[] =
762 {'K','e','y','E','x','c','h','a','n','g','e','K','e','y','P','a','i','r',0};
763 static const WCHAR signatureW[] =
764 {'S','i','g','n','a','t','u','r','e','K','e','y','P','a','i','r',0};
765 BYTE *buf, *ret = NULL;
766 DATA_BLOB blob_in, blob_out;
767 DWORD spec = 0, type, len;
768 WCHAR *path;
769 HKEY hkey;
770
771 if (!(path = get_key_container_path(ctx))) return NULL;
772 if (RegOpenKeyExW(HKEY_CURRENT_USER, path, 0, KEY_READ, &hkey))
773 {
774 heap_free(path);
775 return NULL;
776 }
777 heap_free(path);
778
779 if (!RegQueryValueExW(hkey, keyexchangeW, 0, &type, NULL, &len)) spec = AT_KEYEXCHANGE;
780 else if (!RegQueryValueExW(hkey, signatureW, 0, &type, NULL, &len)) spec = AT_SIGNATURE;
781 else
782 {
783 RegCloseKey(hkey);
784 return NULL;
785 }
786
787 if (!(buf = heap_alloc(len + MAX_LEAD_BYTES)))
788 {
789 RegCloseKey(hkey);
790 return NULL;
791 }
792
793 if (!RegQueryValueExW(hkey, (spec == AT_KEYEXCHANGE) ? keyexchangeW : signatureW, 0, &type, buf, &len))
794 {
795 blob_in.pbData = buf;
796 blob_in.cbData = len;
797 if (CryptUnprotectData(&blob_in, NULL, NULL, NULL, NULL, 0, &blob_out))
798 {
799 assert(blob_in.cbData >= blob_out.cbData);
800 memcpy(buf, blob_out.pbData, blob_out.cbData);
801 LocalFree(blob_out.pbData);
802 *size = blob_out.cbData + MAX_LEAD_BYTES;
803 ret = buf;
804 }
805 }
806 else heap_free(buf);
807
808 RegCloseKey(hkey);
809 return ret;
810 }
811
812 static inline void reverse_bytes(BYTE *buf, ULONG len)
813 {
814 BYTE tmp;
815 ULONG i;
816 for (i = 0; i < len / 2; i++)
817 {
818 tmp = buf[i];
819 buf[i] = buf[len - i - 1];
820 buf[len - i - 1] = tmp;
821 }
822 }
823
824 static ULONG set_component(gnutls_datum_t *comp, BYTE *data, ULONG len, ULONG *buflen)
825 {
826 comp->data = data;
827 comp->size = len;
828 reverse_bytes(comp->data, comp->size);
829 if (comp->data[0] & 0x80) /* add leading 0 byte if most significant bit is set */
830 {
831 memmove(comp->data + 1, comp->data, *buflen);
832 comp->data[0] = 0;
833 comp->size++;
834 }
835 *buflen -= comp->size;
836 return comp->size;
837 }
838
839 static gnutls_x509_privkey_t get_x509_key(const CERT_CONTEXT *ctx)
840 {
841 gnutls_privkey_t key = NULL;
842 gnutls_x509_privkey_t x509key = NULL;
843 gnutls_datum_t m, e, d, p, q, u, e1, e2;
844 BYTE *ptr, *buffer;
845 RSAPUBKEY *rsakey;
846 DWORD size;
847 int ret;
848
849 if (!(buffer = get_key_blob(ctx, &size))) return NULL;
850 if (size < sizeof(BLOBHEADER)) goto done;
851
852 rsakey = (RSAPUBKEY *)(buffer + sizeof(BLOBHEADER));
853 TRACE("RSA key bitlen %u pubexp %u\n", rsakey->bitlen, rsakey->pubexp);
854
855 size -= sizeof(BLOBHEADER) + FIELD_OFFSET(RSAPUBKEY, pubexp);
856 set_component(&e, (BYTE *)&rsakey->pubexp, sizeof(rsakey->pubexp), &size);
857
858 ptr = (BYTE *)(rsakey + 1);
859 ptr += set_component(&m, ptr, rsakey->bitlen / 8, &size);
860 ptr += set_component(&p, ptr, rsakey->bitlen / 16, &size);
861 ptr += set_component(&q, ptr, rsakey->bitlen / 16, &size);
862 ptr += set_component(&e1, ptr, rsakey->bitlen / 16, &size);
863 ptr += set_component(&e2, ptr, rsakey->bitlen / 16, &size);
864 ptr += set_component(&u, ptr, rsakey->bitlen / 16, &size);
865 ptr += set_component(&d, ptr, rsakey->bitlen / 8, &size);
866
867 if ((ret = pgnutls_privkey_init(&key)) < 0)
868 {
869 pgnutls_perror(ret);
870 goto done;
871 }
872
873 if ((ret = pgnutls_privkey_import_rsa_raw(key, &m, &e, &d, &p, &q, &u, &e1, &e2)) < 0)
874 {
875 pgnutls_perror(ret);
876 goto done;
877 }
878
879 if ((ret = pgnutls_privkey_export_x509(key, &x509key)) < 0)
880 {
881 pgnutls_perror(ret);
882 }
883
884 done:
885 heap_free(buffer);
886 pgnutls_privkey_deinit(key);
887 return x509key;
888 }
889
890 static gnutls_x509_crt_t get_x509_crt(const CERT_CONTEXT *ctx)
891 {
892 gnutls_datum_t data;
893 gnutls_x509_crt_t crt;
894 int ret;
895
896 if (!ctx) return FALSE;
897 if (ctx->dwCertEncodingType != X509_ASN_ENCODING)
898 {
899 FIXME("encoding type %u not supported\n", ctx->dwCertEncodingType);
900 return NULL;
901 }
902
903 if ((ret = pgnutls_x509_crt_init(&crt)) < 0)
904 {
905 pgnutls_perror(ret);
906 return NULL;
907 }
908
909 data.data = ctx->pbCertEncoded;
910 data.size = ctx->cbCertEncoded;
911 if ((ret = pgnutls_x509_crt_import(crt, &data, GNUTLS_X509_FMT_DER)) < 0)
912 {
913 pgnutls_perror(ret);
914 pgnutls_x509_crt_deinit(crt);
915 return NULL;
916 }
917
918 return crt;
919 }
920
921 BOOL schan_imp_allocate_certificate_credentials(schan_credentials *c, const CERT_CONTEXT *ctx)
922 {
923 gnutls_certificate_credentials_t creds;
924 gnutls_x509_crt_t crt;
925 gnutls_x509_privkey_t key;
926 int ret;
927
928 ret = pgnutls_certificate_allocate_credentials(&creds);
929 if (ret != GNUTLS_E_SUCCESS)
930 {
931 pgnutls_perror(ret);
932 return FALSE;
933 }
934
935 if (!ctx)
936 {
937 c->credentials = creds;
938 return TRUE;
939 }
940
941 if (!(crt = get_x509_crt(ctx)))
942 {
943 pgnutls_certificate_free_credentials(creds);
944 return FALSE;
945 }
946
947 if (!(key = get_x509_key(ctx)))
948 {
949 pgnutls_x509_crt_deinit(crt);
950 pgnutls_certificate_free_credentials(creds);
951 return FALSE;
952 }
953
954 ret = pgnutls_certificate_set_x509_key(creds, &crt, 1, key);
955 pgnutls_x509_privkey_deinit(key);
956 pgnutls_x509_crt_deinit(crt);
957 if (ret != GNUTLS_E_SUCCESS)
958 {
959 pgnutls_perror(ret);
960 pgnutls_certificate_free_credentials(creds);
961 return FALSE;
962 }
963
964 c->credentials = creds;
965 return TRUE;
966 }
967
968 void schan_imp_free_certificate_credentials(schan_credentials *c)
969 {
970 pgnutls_certificate_free_credentials(c->credentials);
971 }
972
973 static void schan_gnutls_log(int level, const char *msg)
974 {
975 TRACE("<%d> %s", level, msg);
976 }
977
978 BOOL schan_imp_init(void)
979 {
980 int ret;
981
982 libgnutls_handle = dlopen(SONAME_LIBGNUTLS, RTLD_NOW);
983 if (!libgnutls_handle)
984 {
985 ERR_(winediag)("Failed to load libgnutls, secure connections will not be available.\n");
986 return FALSE;
987 }
988
989 #define LOAD_FUNCPTR(f) \
990 if (!(p##f = dlsym(libgnutls_handle, #f))) \
991 { \
992 ERR("Failed to load %s\n", #f); \
993 goto fail; \
994 }
995
996 LOAD_FUNCPTR(gnutls_alert_get)
997 LOAD_FUNCPTR(gnutls_alert_get_name)
998 LOAD_FUNCPTR(gnutls_certificate_allocate_credentials)
999 LOAD_FUNCPTR(gnutls_certificate_free_credentials)
1000 LOAD_FUNCPTR(gnutls_certificate_get_peers)
1001 LOAD_FUNCPTR(gnutls_certificate_set_x509_key)
1002 LOAD_FUNCPTR(gnutls_cipher_get)
1003 LOAD_FUNCPTR(gnutls_cipher_get_key_size)
1004 LOAD_FUNCPTR(gnutls_credentials_set)
1005 LOAD_FUNCPTR(gnutls_deinit)
1006 LOAD_FUNCPTR(gnutls_global_deinit)
1007 LOAD_FUNCPTR(gnutls_global_init)
1008 LOAD_FUNCPTR(gnutls_global_set_log_function)
1009 LOAD_FUNCPTR(gnutls_global_set_log_level)
1010 LOAD_FUNCPTR(gnutls_handshake)
1011 LOAD_FUNCPTR(gnutls_init)
1012 LOAD_FUNCPTR(gnutls_kx_get)
1013 LOAD_FUNCPTR(gnutls_mac_get)
1014 LOAD_FUNCPTR(gnutls_mac_get_key_size)
1015 LOAD_FUNCPTR(gnutls_perror)
1016 LOAD_FUNCPTR(gnutls_protocol_get_version)
1017 LOAD_FUNCPTR(gnutls_priority_set_direct)
1018 LOAD_FUNCPTR(gnutls_privkey_deinit)
1019 LOAD_FUNCPTR(gnutls_privkey_init)
1020 LOAD_FUNCPTR(gnutls_record_get_max_size);
1021 LOAD_FUNCPTR(gnutls_record_recv);
1022 LOAD_FUNCPTR(gnutls_record_send);
1023 LOAD_FUNCPTR(gnutls_server_name_set)
1024 LOAD_FUNCPTR(gnutls_transport_get_ptr)
1025 LOAD_FUNCPTR(gnutls_transport_set_errno)
1026 LOAD_FUNCPTR(gnutls_transport_set_ptr)
1027 LOAD_FUNCPTR(gnutls_transport_set_pull_function)
1028 LOAD_FUNCPTR(gnutls_transport_set_push_function)
1029 LOAD_FUNCPTR(gnutls_x509_crt_deinit)
1030 LOAD_FUNCPTR(gnutls_x509_crt_import)
1031 LOAD_FUNCPTR(gnutls_x509_crt_init)
1032 LOAD_FUNCPTR(gnutls_x509_privkey_deinit)
1033 #undef LOAD_FUNCPTR
1034
1035 if (!(pgnutls_cipher_get_block_size = dlsym(libgnutls_handle, "gnutls_cipher_get_block_size")))
1036 {
1037 WARN("gnutls_cipher_get_block_size not found\n");
1038 pgnutls_cipher_get_block_size = compat_cipher_get_block_size;
1039 }
1040 if (!(pgnutls_alpn_set_protocols = dlsym(libgnutls_handle, "gnutls_alpn_set_protocols")))
1041 {
1042 WARN("gnutls_alpn_set_protocols not found\n");
1043 pgnutls_alpn_set_protocols = compat_gnutls_alpn_set_protocols;
1044 }
1045 if (!(pgnutls_alpn_get_selected_protocol = dlsym(libgnutls_handle, "gnutls_alpn_get_selected_protocol")))
1046 {
1047 WARN("gnutls_alpn_get_selected_protocol not found\n");
1048 pgnutls_alpn_get_selected_protocol = compat_gnutls_alpn_get_selected_protocol;
1049 }
1050 if (!(pgnutls_privkey_export_x509 = dlsym(libgnutls_handle, "gnutls_privkey_export_x509")))
1051 {
1052 WARN("gnutls_privkey_export_x509 not found\n");
1053 pgnutls_privkey_export_x509 = compat_gnutls_privkey_export_x509;
1054 }
1055 if (!(pgnutls_privkey_import_rsa_raw = dlsym(libgnutls_handle, "gnutls_privkey_import_rsa_raw")))
1056 {
1057 WARN("gnutls_privkey_import_rsa_raw not found\n");
1058 pgnutls_privkey_import_rsa_raw = compat_gnutls_privkey_import_rsa_raw;
1059 }
1060
1061 ret = pgnutls_global_init();
1062 if (ret != GNUTLS_E_SUCCESS)
1063 {
1064 pgnutls_perror(ret);
1065 goto fail;
1066 }
1067
1068 if (TRACE_ON(secur32))
1069 {
1070 pgnutls_global_set_log_level(4);
1071 pgnutls_global_set_log_function(schan_gnutls_log);
1072 }
1073
1074 check_supported_protocols();
1075 return TRUE;
1076
1077 fail:
1078 dlclose(libgnutls_handle);
1079 libgnutls_handle = NULL;
1080 return FALSE;
1081 }
1082
1083 void schan_imp_deinit(void)
1084 {
1085 pgnutls_global_deinit();
1086 dlclose(libgnutls_handle);
1087 libgnutls_handle = NULL;
1088 }
1089
1090 #endif /* SONAME_LIBGNUTLS && !HAVE_SECURITY_SECURITY_H */
Windows API implementation