// SslContext.cpp // Implements the cSslContext class that holds everything a single SSL context needs to function #include "Globals.h" #include "SslContext.h" #include "EntropyContext.h" #include "CtrDrbgContext.h" #include "polarssl/debug.h" cSslContext::cSslContext(void) : m_IsValid(false), m_HasHandshaken(false) { memset(&m_Ssl, 0, sizeof(m_Ssl)); } cSslContext::~cSslContext() { if (m_IsValid) { ssl_free(&m_Ssl); } } int cSslContext::Initialize(bool a_IsClient, const std::shared_ptr & a_CtrDrbg) { // Check double-initialization: if (m_IsValid) { LOGWARNING("SSL: Double initialization is not supported."); return POLARSSL_ERR_SSL_BAD_INPUT_DATA; // There is no return value well-suited for this, reuse this one. } // Set the CtrDrbg context, create a new one if needed: m_CtrDrbg = a_CtrDrbg; if (m_CtrDrbg.get() == nullptr) { m_CtrDrbg.reset(new cCtrDrbgContext); m_CtrDrbg->Initialize("Cuberite", 8); } // Initialize PolarSSL's structures: memset(&m_Ssl, 0, sizeof(m_Ssl)); int res = ssl_init(&m_Ssl); if (res != 0) { return res; } ssl_set_endpoint(&m_Ssl, a_IsClient ? SSL_IS_CLIENT : SSL_IS_SERVER); ssl_set_authmode(&m_Ssl, SSL_VERIFY_NONE); // We cannot verify because we don't have a CA chain, required by PolarSSL, implemented yet (TODO) ssl_set_rng(&m_Ssl, ctr_drbg_random, &m_CtrDrbg->m_CtrDrbg); ssl_set_bio(&m_Ssl, ReceiveEncrypted, this, SendEncrypted, this); #ifdef _DEBUG /* // These functions allow us to debug SSL and certificate problems, but produce way too much output, // so they're disabled until someone needs them ssl_set_dbg(&m_Ssl, &SSLDebugMessage, this); debug_set_threshold(2); ssl_set_verify(&m_Ssl, &SSLVerifyCert, this); //*/ /* // Set ciphersuite to the easiest one to decode, so that the connection can be wireshark-decoded: static const int CipherSuites[] = { TLS_RSA_WITH_RC4_128_MD5, TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, 0, // Must be 0-terminated! }; ssl_set_ciphersuites(&m_Ssl, CipherSuites); //*/ #endif m_IsValid = true; return 0; } void cSslContext::SetOwnCert(const cX509CertPtr & a_OwnCert, const cRsaPrivateKeyPtr & a_OwnCertPrivKey) { ASSERT(m_IsValid); // Call Initialize() first // Check that both the cert and the key is valid: if ((a_OwnCert.get() == nullptr) || (a_OwnCertPrivKey.get() == nullptr)) { LOGWARNING("SSL: Own certificate is not valid, skipping the set."); return; } // Make sure we have the cert stored for later, PolarSSL only uses the cert later on m_OwnCert = a_OwnCert; m_OwnCertPrivKey = a_OwnCertPrivKey; // Set into the context: ssl_set_own_cert_rsa(&m_Ssl, m_OwnCert->GetInternal(), m_OwnCertPrivKey->GetInternal()); } void cSslContext::SetOwnCert(const cX509CertPtr & a_OwnCert, const cCryptoKeyPtr & a_OwnCertPrivKey) { ASSERT(m_IsValid); // Call Initialize() first // Check that both the cert and the key is valid: if ((a_OwnCert.get() == nullptr) || (a_OwnCertPrivKey.get() == nullptr)) { LOGWARNING("SSL: Own certificate is not valid, skipping the set."); return; } // Make sure we have the cert stored for later, PolarSSL only uses the cert later on m_OwnCert = a_OwnCert; m_OwnCertPrivKey2 = a_OwnCertPrivKey; // Set into the context: ssl_set_own_cert(&m_Ssl, m_OwnCert->GetInternal(), m_OwnCertPrivKey2->GetInternal()); } void cSslContext::SetCACerts(const cX509CertPtr & a_CACert, const AString & a_ExpectedPeerName) { ASSERT(m_IsValid); // Call Initialize() first // Store the data in our internal buffers, to avoid losing the pointers later on // PolarSSL will need these after this call returns, and the caller may move / delete the data before that: m_ExpectedPeerName = a_ExpectedPeerName; m_CACerts = a_CACert; // Set the trusted CA root cert store: ssl_set_authmode(&m_Ssl, SSL_VERIFY_REQUIRED); ssl_set_ca_chain(&m_Ssl, m_CACerts->GetInternal(), nullptr, m_ExpectedPeerName.empty() ? nullptr : m_ExpectedPeerName.c_str()); } int cSslContext::WritePlain(const void * a_Data, size_t a_NumBytes) { ASSERT(m_IsValid); // Need to call Initialize() first if (!m_HasHandshaken) { int res = Handshake(); if (res != 0) { return res; } } return ssl_write(&m_Ssl, reinterpret_cast(a_Data), a_NumBytes); } int cSslContext::ReadPlain(void * a_Data, size_t a_MaxBytes) { ASSERT(m_IsValid); // Need to call Initialize() first if (!m_HasHandshaken) { int res = Handshake(); if (res != 0) { return res; } } return ssl_read(&m_Ssl, reinterpret_cast(a_Data), a_MaxBytes); } int cSslContext::Handshake(void) { ASSERT(m_IsValid); // Need to call Initialize() first ASSERT(!m_HasHandshaken); // Must not call twice int res = ssl_handshake(&m_Ssl); if (res == 0) { m_HasHandshaken = true; } return res; } int cSslContext::NotifyClose(void) { return ssl_close_notify(&m_Ssl); } #ifdef _DEBUG void cSslContext::SSLDebugMessage(void * a_UserParam, int a_Level, const char * a_Text) { if (a_Level > 3) { // Don't want the trace messages return; } // Remove the terminating LF: size_t len = strlen(a_Text) - 1; while ((len > 0) && (a_Text[len] <= 32)) { len--; } AString Text(a_Text, len + 1); LOGD("SSL (%d): %s", a_Level, Text.c_str()); } int cSslContext::SSLVerifyCert(void * a_This, x509_crt * a_Crt, int a_Depth, int * a_Flags) { char buf[1024]; UNUSED(a_This); LOG("Verify requested for (Depth %d):", a_Depth); x509_crt_info(buf, sizeof(buf) - 1, "", a_Crt); LOG("%s", buf); int Flags = *a_Flags; if ((Flags & BADCERT_EXPIRED) != 0) { LOG(" ! server certificate has expired"); } if ((Flags & BADCERT_REVOKED) != 0) { LOG(" ! server certificate has been revoked"); } if ((Flags & BADCERT_CN_MISMATCH) != 0) { LOG(" ! CN mismatch"); } if ((Flags & BADCERT_NOT_TRUSTED) != 0) { LOG(" ! self-signed or not signed by a trusted CA"); } if ((Flags & BADCRL_NOT_TRUSTED) != 0) { LOG(" ! CRL not trusted"); } if ((Flags & BADCRL_EXPIRED) != 0) { LOG(" ! CRL expired"); } if ((Flags & BADCERT_OTHER) != 0) { LOG(" ! other (unknown) flag"); } if (Flags == 0) { LOG(" This certificate has no flags"); } return 0; } #endif // _DEBUG