1 /* 2 * QEMU crypto TLS session support 3 * 4 * Copyright (c) 2015 Red Hat, Inc. 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 * 19 */ 20 21 #include "crypto/tlssession.h" 22 #include "crypto/tlscredsanon.h" 23 #include "crypto/tlscredsx509.h" 24 #include "qemu/acl.h" 25 #include "trace.h" 26 27 #ifdef CONFIG_GNUTLS 28 29 30 #include <gnutls/x509.h> 31 32 33 struct QCryptoTLSSession { 34 QCryptoTLSCreds *creds; 35 gnutls_session_t handle; 36 char *hostname; 37 char *aclname; 38 bool handshakeComplete; 39 QCryptoTLSSessionWriteFunc writeFunc; 40 QCryptoTLSSessionReadFunc readFunc; 41 void *opaque; 42 char *peername; 43 }; 44 45 46 void 47 qcrypto_tls_session_free(QCryptoTLSSession *session) 48 { 49 if (!session) { 50 return; 51 } 52 53 gnutls_deinit(session->handle); 54 g_free(session->hostname); 55 g_free(session->peername); 56 g_free(session->aclname); 57 object_unref(OBJECT(session->creds)); 58 g_free(session); 59 } 60 61 62 static ssize_t 63 qcrypto_tls_session_push(void *opaque, const void *buf, size_t len) 64 { 65 QCryptoTLSSession *session = opaque; 66 67 if (!session->writeFunc) { 68 errno = EIO; 69 return -1; 70 }; 71 72 return session->writeFunc(buf, len, session->opaque); 73 } 74 75 76 static ssize_t 77 qcrypto_tls_session_pull(void *opaque, void *buf, size_t len) 78 { 79 QCryptoTLSSession *session = opaque; 80 81 if (!session->readFunc) { 82 errno = EIO; 83 return -1; 84 }; 85 86 return session->readFunc(buf, len, session->opaque); 87 } 88 89 90 QCryptoTLSSession * 91 qcrypto_tls_session_new(QCryptoTLSCreds *creds, 92 const char *hostname, 93 const char *aclname, 94 QCryptoTLSCredsEndpoint endpoint, 95 Error **errp) 96 { 97 QCryptoTLSSession *session; 98 int ret; 99 100 session = g_new0(QCryptoTLSSession, 1); 101 trace_qcrypto_tls_session_new( 102 session, creds, hostname ? hostname : "<none>", 103 aclname ? aclname : "<none>", endpoint); 104 105 if (hostname) { 106 session->hostname = g_strdup(hostname); 107 } 108 if (aclname) { 109 session->aclname = g_strdup(aclname); 110 } 111 session->creds = creds; 112 object_ref(OBJECT(creds)); 113 114 if (creds->endpoint != endpoint) { 115 error_setg(errp, "Credentials endpoint doesn't match session"); 116 goto error; 117 } 118 119 if (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 120 ret = gnutls_init(&session->handle, GNUTLS_SERVER); 121 } else { 122 ret = gnutls_init(&session->handle, GNUTLS_CLIENT); 123 } 124 if (ret < 0) { 125 error_setg(errp, "Cannot initialize TLS session: %s", 126 gnutls_strerror(ret)); 127 goto error; 128 } 129 130 if (object_dynamic_cast(OBJECT(creds), 131 TYPE_QCRYPTO_TLS_CREDS_ANON)) { 132 QCryptoTLSCredsAnon *acreds = QCRYPTO_TLS_CREDS_ANON(creds); 133 134 ret = gnutls_priority_set_direct(session->handle, 135 "NORMAL:+ANON-DH", NULL); 136 if (ret < 0) { 137 error_setg(errp, "Unable to set TLS session priority: %s", 138 gnutls_strerror(ret)); 139 goto error; 140 } 141 if (creds->endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 142 ret = gnutls_credentials_set(session->handle, 143 GNUTLS_CRD_ANON, 144 acreds->data.server); 145 } else { 146 ret = gnutls_credentials_set(session->handle, 147 GNUTLS_CRD_ANON, 148 acreds->data.client); 149 } 150 if (ret < 0) { 151 error_setg(errp, "Cannot set session credentials: %s", 152 gnutls_strerror(ret)); 153 goto error; 154 } 155 } else if (object_dynamic_cast(OBJECT(creds), 156 TYPE_QCRYPTO_TLS_CREDS_X509)) { 157 QCryptoTLSCredsX509 *tcreds = QCRYPTO_TLS_CREDS_X509(creds); 158 159 ret = gnutls_set_default_priority(session->handle); 160 if (ret < 0) { 161 error_setg(errp, "Cannot set default TLS session priority: %s", 162 gnutls_strerror(ret)); 163 goto error; 164 } 165 ret = gnutls_credentials_set(session->handle, 166 GNUTLS_CRD_CERTIFICATE, 167 tcreds->data); 168 if (ret < 0) { 169 error_setg(errp, "Cannot set session credentials: %s", 170 gnutls_strerror(ret)); 171 goto error; 172 } 173 174 if (creds->endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 175 /* This requests, but does not enforce a client cert. 176 * The cert checking code later does enforcement */ 177 gnutls_certificate_server_set_request(session->handle, 178 GNUTLS_CERT_REQUEST); 179 } 180 } else { 181 error_setg(errp, "Unsupported TLS credentials type %s", 182 object_get_typename(OBJECT(creds))); 183 goto error; 184 } 185 186 gnutls_transport_set_ptr(session->handle, session); 187 gnutls_transport_set_push_function(session->handle, 188 qcrypto_tls_session_push); 189 gnutls_transport_set_pull_function(session->handle, 190 qcrypto_tls_session_pull); 191 192 return session; 193 194 error: 195 qcrypto_tls_session_free(session); 196 return NULL; 197 } 198 199 static int 200 qcrypto_tls_session_check_certificate(QCryptoTLSSession *session, 201 Error **errp) 202 { 203 int ret; 204 unsigned int status; 205 const gnutls_datum_t *certs; 206 unsigned int nCerts, i; 207 time_t now; 208 gnutls_x509_crt_t cert = NULL; 209 210 now = time(NULL); 211 if (now == ((time_t)-1)) { 212 error_setg_errno(errp, errno, "Cannot get current time"); 213 return -1; 214 } 215 216 ret = gnutls_certificate_verify_peers2(session->handle, &status); 217 if (ret < 0) { 218 error_setg(errp, "Verify failed: %s", gnutls_strerror(ret)); 219 return -1; 220 } 221 222 if (status != 0) { 223 const char *reason = "Invalid certificate"; 224 225 if (status & GNUTLS_CERT_INVALID) { 226 reason = "The certificate is not trusted"; 227 } 228 229 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) { 230 reason = "The certificate hasn't got a known issuer"; 231 } 232 233 if (status & GNUTLS_CERT_REVOKED) { 234 reason = "The certificate has been revoked"; 235 } 236 237 if (status & GNUTLS_CERT_INSECURE_ALGORITHM) { 238 reason = "The certificate uses an insecure algorithm"; 239 } 240 241 error_setg(errp, "%s", reason); 242 return -1; 243 } 244 245 certs = gnutls_certificate_get_peers(session->handle, &nCerts); 246 if (!certs) { 247 error_setg(errp, "No certificate peers"); 248 return -1; 249 } 250 251 for (i = 0; i < nCerts; i++) { 252 ret = gnutls_x509_crt_init(&cert); 253 if (ret < 0) { 254 error_setg(errp, "Cannot initialize certificate: %s", 255 gnutls_strerror(ret)); 256 return -1; 257 } 258 259 ret = gnutls_x509_crt_import(cert, &certs[i], GNUTLS_X509_FMT_DER); 260 if (ret < 0) { 261 error_setg(errp, "Cannot import certificate: %s", 262 gnutls_strerror(ret)); 263 goto error; 264 } 265 266 if (gnutls_x509_crt_get_expiration_time(cert) < now) { 267 error_setg(errp, "The certificate has expired"); 268 goto error; 269 } 270 271 if (gnutls_x509_crt_get_activation_time(cert) > now) { 272 error_setg(errp, "The certificate is not yet activated"); 273 goto error; 274 } 275 276 if (gnutls_x509_crt_get_activation_time(cert) > now) { 277 error_setg(errp, "The certificate is not yet activated"); 278 goto error; 279 } 280 281 if (i == 0) { 282 size_t dnameSize = 1024; 283 session->peername = g_malloc(dnameSize); 284 requery: 285 ret = gnutls_x509_crt_get_dn(cert, session->peername, &dnameSize); 286 if (ret < 0) { 287 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) { 288 session->peername = g_realloc(session->peername, 289 dnameSize); 290 goto requery; 291 } 292 error_setg(errp, "Cannot get client distinguished name: %s", 293 gnutls_strerror(ret)); 294 goto error; 295 } 296 if (session->aclname) { 297 qemu_acl *acl = qemu_acl_find(session->aclname); 298 int allow; 299 if (!acl) { 300 error_setg(errp, "Cannot find ACL %s", 301 session->aclname); 302 goto error; 303 } 304 305 allow = qemu_acl_party_is_allowed(acl, session->peername); 306 307 error_setg(errp, "TLS x509 ACL check for %s is %s", 308 session->peername, allow ? "allowed" : "denied"); 309 if (!allow) { 310 goto error; 311 } 312 } 313 if (session->hostname) { 314 if (!gnutls_x509_crt_check_hostname(cert, session->hostname)) { 315 error_setg(errp, 316 "Certificate does not match the hostname %s", 317 session->hostname); 318 goto error; 319 } 320 } 321 } 322 323 gnutls_x509_crt_deinit(cert); 324 } 325 326 return 0; 327 328 error: 329 gnutls_x509_crt_deinit(cert); 330 return -1; 331 } 332 333 334 int 335 qcrypto_tls_session_check_credentials(QCryptoTLSSession *session, 336 Error **errp) 337 { 338 if (object_dynamic_cast(OBJECT(session->creds), 339 TYPE_QCRYPTO_TLS_CREDS_ANON)) { 340 return 0; 341 } else if (object_dynamic_cast(OBJECT(session->creds), 342 TYPE_QCRYPTO_TLS_CREDS_X509)) { 343 if (session->creds->verifyPeer) { 344 return qcrypto_tls_session_check_certificate(session, 345 errp); 346 } else { 347 return 0; 348 } 349 } else { 350 error_setg(errp, "Unexpected credential type %s", 351 object_get_typename(OBJECT(session->creds))); 352 return -1; 353 } 354 } 355 356 357 void 358 qcrypto_tls_session_set_callbacks(QCryptoTLSSession *session, 359 QCryptoTLSSessionWriteFunc writeFunc, 360 QCryptoTLSSessionReadFunc readFunc, 361 void *opaque) 362 { 363 session->writeFunc = writeFunc; 364 session->readFunc = readFunc; 365 session->opaque = opaque; 366 } 367 368 369 ssize_t 370 qcrypto_tls_session_write(QCryptoTLSSession *session, 371 const char *buf, 372 size_t len) 373 { 374 ssize_t ret = gnutls_record_send(session->handle, buf, len); 375 376 if (ret < 0) { 377 switch (ret) { 378 case GNUTLS_E_AGAIN: 379 errno = EAGAIN; 380 break; 381 case GNUTLS_E_INTERRUPTED: 382 errno = EINTR; 383 break; 384 default: 385 errno = EIO; 386 break; 387 } 388 ret = -1; 389 } 390 391 return ret; 392 } 393 394 395 ssize_t 396 qcrypto_tls_session_read(QCryptoTLSSession *session, 397 char *buf, 398 size_t len) 399 { 400 ssize_t ret = gnutls_record_recv(session->handle, buf, len); 401 402 if (ret < 0) { 403 switch (ret) { 404 case GNUTLS_E_AGAIN: 405 errno = EAGAIN; 406 break; 407 case GNUTLS_E_INTERRUPTED: 408 errno = EINTR; 409 break; 410 default: 411 errno = EIO; 412 break; 413 } 414 ret = -1; 415 } 416 417 return ret; 418 } 419 420 421 int 422 qcrypto_tls_session_handshake(QCryptoTLSSession *session, 423 Error **errp) 424 { 425 int ret = gnutls_handshake(session->handle); 426 if (ret == 0) { 427 session->handshakeComplete = true; 428 } else { 429 if (ret == GNUTLS_E_INTERRUPTED || 430 ret == GNUTLS_E_AGAIN) { 431 ret = 1; 432 } else { 433 error_setg(errp, "TLS handshake failed: %s", 434 gnutls_strerror(ret)); 435 ret = -1; 436 } 437 } 438 439 return ret; 440 } 441 442 443 QCryptoTLSSessionHandshakeStatus 444 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *session) 445 { 446 if (session->handshakeComplete) { 447 return QCRYPTO_TLS_HANDSHAKE_COMPLETE; 448 } else if (gnutls_record_get_direction(session->handle) == 0) { 449 return QCRYPTO_TLS_HANDSHAKE_RECVING; 450 } else { 451 return QCRYPTO_TLS_HANDSHAKE_SENDING; 452 } 453 } 454 455 456 int 457 qcrypto_tls_session_get_key_size(QCryptoTLSSession *session, 458 Error **errp) 459 { 460 gnutls_cipher_algorithm_t cipher; 461 int ssf; 462 463 cipher = gnutls_cipher_get(session->handle); 464 ssf = gnutls_cipher_get_key_size(cipher); 465 if (!ssf) { 466 error_setg(errp, "Cannot get TLS cipher key size"); 467 return -1; 468 } 469 return ssf; 470 } 471 472 473 char * 474 qcrypto_tls_session_get_peer_name(QCryptoTLSSession *session) 475 { 476 if (session->peername) { 477 return g_strdup(session->peername); 478 } 479 return NULL; 480 } 481 482 483 #else /* ! CONFIG_GNUTLS */ 484 485 486 QCryptoTLSSession * 487 qcrypto_tls_session_new(QCryptoTLSCreds *creds G_GNUC_UNUSED, 488 const char *hostname G_GNUC_UNUSED, 489 const char *aclname G_GNUC_UNUSED, 490 QCryptoTLSCredsEndpoint endpoint G_GNUC_UNUSED, 491 Error **errp) 492 { 493 error_setg(errp, "TLS requires GNUTLS support"); 494 return NULL; 495 } 496 497 498 void 499 qcrypto_tls_session_free(QCryptoTLSSession *sess G_GNUC_UNUSED) 500 { 501 } 502 503 504 int 505 qcrypto_tls_session_check_credentials(QCryptoTLSSession *sess G_GNUC_UNUSED, 506 Error **errp) 507 { 508 error_setg(errp, "TLS requires GNUTLS support"); 509 return -1; 510 } 511 512 513 void 514 qcrypto_tls_session_set_callbacks( 515 QCryptoTLSSession *sess G_GNUC_UNUSED, 516 QCryptoTLSSessionWriteFunc writeFunc G_GNUC_UNUSED, 517 QCryptoTLSSessionReadFunc readFunc G_GNUC_UNUSED, 518 void *opaque G_GNUC_UNUSED) 519 { 520 } 521 522 523 ssize_t 524 qcrypto_tls_session_write(QCryptoTLSSession *sess, 525 const char *buf, 526 size_t len) 527 { 528 errno = -EIO; 529 return -1; 530 } 531 532 533 ssize_t 534 qcrypto_tls_session_read(QCryptoTLSSession *sess, 535 char *buf, 536 size_t len) 537 { 538 errno = -EIO; 539 return -1; 540 } 541 542 543 int 544 qcrypto_tls_session_handshake(QCryptoTLSSession *sess, 545 Error **errp) 546 { 547 error_setg(errp, "TLS requires GNUTLS support"); 548 return -1; 549 } 550 551 552 QCryptoTLSSessionHandshakeStatus 553 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *sess) 554 { 555 return QCRYPTO_TLS_HANDSHAKE_COMPLETE; 556 } 557 558 559 int 560 qcrypto_tls_session_get_key_size(QCryptoTLSSession *sess, 561 Error **errp) 562 { 563 error_setg(errp, "TLS requires GNUTLS support"); 564 return -1; 565 } 566 567 568 char * 569 qcrypto_tls_session_get_peer_name(QCryptoTLSSession *sess) 570 { 571 return NULL; 572 } 573 574 #endif 575