1 /* 2 * ustream-ssl - library for SSL over ustream 3 * 4 * Copyright (C) 2012 Felix Fietkau <nbd@openwrt.org> 5 * 6 * Permission to use, copy, modify, and/or distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #include <string.h> 20 #include <ctype.h> 21 #include "ustream-ssl.h" 22 #include "ustream-internal.h" 23 #include <openssl/x509v3.h> 24 25 /* Ciphersuite preference: 26 * - for server, no weak ciphers are used if you use an ECDSA key. 27 * - forward-secret (pfs), authenticated (AEAD) ciphers are at the top: 28 * chacha20-poly1305, the fastest in software, 256-bits 29 * aes128-gcm, 128-bits 30 * aes256-gcm, 256-bits 31 * - key exchange: prefer ECDHE, then DHE (client only) 32 * - forward-secret ECDSA CBC ciphers (client-only) 33 * - forward-secret RSA CBC ciphers 34 * - non-pfs ciphers 35 * aes128, aes256, 3DES(client only) 36 */ 37 38 #ifdef WOLFSSL_SSL_H 39 # define top_ciphers \ 40 "TLS13-CHACHA20-POLY1305-SHA256:" \ 41 "TLS13-AES128-GCM-SHA256:" \ 42 "TLS13-AES256-GCM-SHA384:" \ 43 ecdhe_aead_ciphers 44 #else 45 # define tls13_ciphersuites "TLS_CHACHA20_POLY1305_SHA256:" \ 46 "TLS_AES_128_GCM_SHA256:" \ 47 "TLS_AES_256_GCM_SHA384" 48 49 # define top_ciphers \ 50 ecdhe_aead_ciphers 51 #endif 52 53 #define ecdhe_aead_ciphers \ 54 "ECDHE-ECDSA-CHACHA20-POLY1305:" \ 55 "ECDHE-ECDSA-AES128-GCM-SHA256:" \ 56 "ECDHE-ECDSA-AES256-GCM-SHA384:" \ 57 "ECDHE-RSA-CHACHA20-POLY1305:" \ 58 "ECDHE-RSA-AES128-GCM-SHA256:" \ 59 "ECDHE-RSA-AES256-GCM-SHA384" 60 61 #define dhe_aead_ciphers \ 62 "DHE-RSA-CHACHA20-POLY1305:" \ 63 "DHE-RSA-AES128-GCM-SHA256:" \ 64 "DHE-RSA-AES256-GCM-SHA384" 65 66 #define ecdhe_ecdsa_cbc_ciphers \ 67 "ECDHE-ECDSA-AES128-SHA:" \ 68 "ECDHE-ECDSA-AES256-SHA" 69 70 #define ecdhe_rsa_cbc_ciphers \ 71 "ECDHE-RSA-AES128-SHA:" \ 72 "ECDHE-RSA-AES256-SHA" 73 74 #define dhe_cbc_ciphers \ 75 "DHE-RSA-AES128-SHA:" \ 76 "DHE-RSA-AES256-SHA:" \ 77 "DHE-DES-CBC3-SHA" 78 79 #define non_pfs_aes \ 80 "AES128-GCM-SHA256:" \ 81 "AES256-GCM-SHA384:" \ 82 "AES128-SHA:" \ 83 "AES256-SHA" 84 85 #define server_cipher_list \ 86 top_ciphers ":" \ 87 ecdhe_rsa_cbc_ciphers ":" \ 88 non_pfs_aes 89 90 #define client_cipher_list \ 91 top_ciphers ":" \ 92 dhe_aead_ciphers ":" \ 93 ecdhe_ecdsa_cbc_ciphers ":" \ 94 ecdhe_rsa_cbc_ciphers ":" \ 95 dhe_cbc_ciphers ":" \ 96 non_pfs_aes ":" \ 97 "DES-CBC3-SHA" 98 99 __hidden struct ustream_ssl_ctx * 100 __ustream_ssl_context_new(bool server) 101 { 102 const void *m; 103 SSL_CTX *c; 104 105 #if OPENSSL_VERSION_NUMBER < 0x10100000L 106 static bool _init = false; 107 108 if (!_init) { 109 SSL_load_error_strings(); 110 SSL_library_init(); 111 _init = true; 112 } 113 # ifndef TLS_server_method 114 # define TLS_server_method SSLv23_server_method 115 # endif 116 # ifndef TLS_client_method 117 # define TLS_client_method SSLv23_client_method 118 # endif 119 #endif 120 121 if (server) { 122 m = TLS_server_method(); 123 } else 124 m = TLS_client_method(); 125 126 c = SSL_CTX_new((void *) m); 127 if (!c) 128 return NULL; 129 130 SSL_CTX_set_verify(c, SSL_VERIFY_NONE, NULL); 131 SSL_CTX_set_options(c, SSL_OP_NO_COMPRESSION | SSL_OP_SINGLE_ECDH_USE | 132 SSL_OP_CIPHER_SERVER_PREFERENCE); 133 #if defined(SSL_CTX_set_ecdh_auto) && OPENSSL_VERSION_NUMBER < 0x10100000L 134 SSL_CTX_set_ecdh_auto(c, 1); 135 #elif OPENSSL_VERSION_NUMBER >= 0x10101000L 136 SSL_CTX_set_ciphersuites(c, tls13_ciphersuites); 137 #endif 138 if (server) { 139 #if OPENSSL_VERSION_NUMBER >= 0x10100000L 140 SSL_CTX_set_min_proto_version(c, TLS1_2_VERSION); 141 #else 142 SSL_CTX_set_options(c, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | 143 SSL_OP_NO_TLSv1_1); 144 #endif 145 SSL_CTX_set_cipher_list(c, server_cipher_list); 146 } else { 147 SSL_CTX_set_cipher_list(c, client_cipher_list); 148 } 149 SSL_CTX_set_quiet_shutdown(c, 1); 150 151 return (void *) c; 152 } 153 154 __hidden int __ustream_ssl_add_ca_crt_file(struct ustream_ssl_ctx *ctx, const char *file) 155 { 156 int ret; 157 158 ret = SSL_CTX_load_verify_locations((void *) ctx, file, NULL); 159 if (ret < 1) 160 return -1; 161 162 return 0; 163 } 164 165 __hidden int __ustream_ssl_set_crt_file(struct ustream_ssl_ctx *ctx, const char *file) 166 { 167 int ret; 168 169 ret = SSL_CTX_use_certificate_chain_file((void *) ctx, file); 170 if (ret < 1) 171 ret = SSL_CTX_use_certificate_file((void *) ctx, file, SSL_FILETYPE_ASN1); 172 173 if (ret < 1) 174 return -1; 175 176 return 0; 177 } 178 179 __hidden int __ustream_ssl_set_key_file(struct ustream_ssl_ctx *ctx, const char *file) 180 { 181 int ret; 182 183 ret = SSL_CTX_use_PrivateKey_file((void *) ctx, file, SSL_FILETYPE_PEM); 184 if (ret < 1) 185 ret = SSL_CTX_use_PrivateKey_file((void *) ctx, file, SSL_FILETYPE_ASN1); 186 187 if (ret < 1) 188 return -1; 189 190 return 0; 191 } 192 193 __hidden int __ustream_ssl_set_ciphers(struct ustream_ssl_ctx *ctx, const char *ciphers) 194 { 195 int ret = SSL_CTX_set_cipher_list((void *) ctx, ciphers); 196 197 if (ret == 0) 198 return -1; 199 200 return 0; 201 } 202 203 __hidden void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx) 204 { 205 SSL_CTX_free((void *) ctx); 206 } 207 208 void __ustream_ssl_session_free(void *ssl) 209 { 210 SSL_shutdown(ssl); 211 SSL_free(ssl); 212 } 213 214 static void ustream_ssl_error(struct ustream_ssl *us, int ret) 215 { 216 us->error = ret; 217 uloop_timeout_set(&us->error_timer, 0); 218 } 219 220 #ifndef NO_X509_CHECK_HOST 221 222 static bool ustream_ssl_verify_cn(struct ustream_ssl *us, X509 *cert) 223 { 224 int ret; 225 226 if (!us->peer_cn) 227 return false; 228 229 # ifndef WOLFSSL_OPENSSL_H_ 230 ret = X509_check_host(cert, us->peer_cn, 0, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS, NULL); 231 # else 232 ret = wolfSSL_X509_check_host(cert, us->peer_cn, 0, 0, NULL); 233 # endif 234 return ret == 1; 235 } 236 237 #endif 238 239 static void ustream_ssl_verify_cert(struct ustream_ssl *us) 240 { 241 void *ssl = us->ssl; 242 X509 *cert; 243 int res; 244 245 res = SSL_get_verify_result(ssl); 246 if (res != X509_V_OK) { 247 if (us->notify_verify_error) 248 us->notify_verify_error(us, res, X509_verify_cert_error_string(res)); 249 return; 250 } 251 252 cert = SSL_get_peer_certificate(ssl); 253 if (!cert) 254 return; 255 256 us->valid_cert = true; 257 #ifndef NO_X509_CHECK_HOST 258 us->valid_cn = ustream_ssl_verify_cn(us, cert); 259 #endif 260 X509_free(cert); 261 } 262 263 264 __hidden enum ssl_conn_status __ustream_ssl_connect(struct ustream_ssl *us) 265 { 266 void *ssl = us->ssl; 267 int r; 268 269 ERR_clear_error(); 270 271 if (us->server) 272 r = SSL_accept(ssl); 273 else 274 r = SSL_connect(ssl); 275 276 if (r == 1) { 277 ustream_ssl_verify_cert(us); 278 return U_SSL_OK; 279 } 280 281 r = SSL_get_error(ssl, r); 282 if (r == SSL_ERROR_WANT_READ || r == SSL_ERROR_WANT_WRITE) 283 return U_SSL_PENDING; 284 285 ustream_ssl_error(us, r); 286 return U_SSL_ERROR; 287 } 288 289 __hidden int __ustream_ssl_write(struct ustream_ssl *us, const char *buf, int len) 290 { 291 void *ssl = us->ssl; 292 int ret; 293 294 ERR_clear_error(); 295 296 ret = SSL_write(ssl, buf, len); 297 298 if (ret < 0) { 299 int err = SSL_get_error(ssl, ret); 300 if (err == SSL_ERROR_WANT_WRITE) 301 return 0; 302 303 ustream_ssl_error(us, err); 304 return -1; 305 } 306 307 return ret; 308 } 309 310 __hidden int __ustream_ssl_read(struct ustream_ssl *us, char *buf, int len) 311 { 312 int ret; 313 314 ERR_clear_error(); 315 316 ret = SSL_read(us->ssl, buf, len); 317 318 if (ret < 0) { 319 ret = SSL_get_error(us->ssl, ret); 320 if (ret == SSL_ERROR_WANT_READ) 321 return U_SSL_PENDING; 322 323 ustream_ssl_error(us, ret); 324 return U_SSL_ERROR; 325 } 326 327 return ret; 328 } 329
This page was automatically generated by LXR 0.3.1. • OpenWrt