/** Import */
static std::auto_ptr<DHParams> Import(const std::string& dhstr)
{
std::auto_ptr<DHParams> dh(new DHParams);
int ret = gnutls_dh_params_import_pkcs3(dh->dh_params, Datum(dhstr).get(), GNUTLS_X509_FMT_PEM);
ThrowOnError(ret, "Unable to import DH params");
return dh;
}
int ufwissl_ssl_context_set_dh_file(ufwissl_ssl_context * ctx,
const char *filename)
{
gnutls_datum_t datum_dh;
int ret;
datum_dh.data = NULL;
if (!filename)
return UFWISSL_ERROR;
/* read CRL and CA */
ret = read_to_datum(filename, &datum_dh);
if (ret != 0)
return UFWISSL_ERROR;
if (gnutls_dh_params_init(&ctx->dh) < 0) {
free(datum_dh.data);
return UFWISSL_ERROR;
}
if (gnutls_dh_params_import_pkcs3(ctx->dh, &datum_dh, GNUTLS_X509_FMT_PEM) < 0) {
free(datum_dh.data);
return UFWISSL_ERROR;
}
free(datum_dh.data);
return UFWISSL_OK;
}
int
rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile)
{
int ret;
gnutls_datum_t *d_cert, *d_key;
if(cert == NULL)
{
rb_lib_log("rb_setup_ssl_server: No certificate file");
return 0;
}
if((d_cert = rb_load_file_into_datum_t(cert)) == NULL)
{
rb_lib_log("rb_setup_ssl_server: Error loading certificate: %s", strerror(errno));
return 0;
}
if((d_key = rb_load_file_into_datum_t(keyfile)) == NULL)
{
rb_lib_log("rb_setup_ssl_server: Error loading key: %s", strerror(errno));
return 0;
}
if((ret =
gnutls_certificate_set_x509_key_mem(x509, d_cert, d_key,
GNUTLS_X509_FMT_PEM)) != GNUTLS_E_SUCCESS)
{
rb_lib_log("rb_setup_ssl_server: Error loading certificate or key file: %s",
gnutls_strerror(ret));
return 0;
}
rb_free_datum_t(d_cert);
rb_free_datum_t(d_key);
if(dhfile != NULL)
{
if(gnutls_dh_params_init(&dh_params) == GNUTLS_E_SUCCESS)
{
gnutls_datum_t *data;
int xret;
data = rb_load_file_into_datum_t(dhfile);
if(data != NULL)
{
xret = gnutls_dh_params_import_pkcs3(dh_params, data,
GNUTLS_X509_FMT_PEM);
if(xret < 0)
rb_lib_log
("rb_setup_ssl_server: Error parsing DH file: %s\n",
gnutls_strerror(xret));
rb_free_datum_t(data);
}
gnutls_certificate_set_dh_params(x509, dh_params);
}
else
rb_lib_log("rb_setup_ssl_server: Unable to setup DH parameters");
}
return 1;
}
void dh_info(FILE * infile, FILE * outfile, common_info_st * ci)
{
gnutls_datum_t params;
size_t size;
int ret;
gnutls_dh_params_t dh_params;
gnutls_datum_t p, g;
unsigned int q_bits = 0;
if (gnutls_dh_params_init(&dh_params) < 0) {
fprintf(stderr, "Error in dh parameter initialization\n");
exit(1);
}
params.data = (void *) fread_file(infile, &size);
params.size = size;
ret =
gnutls_dh_params_import_pkcs3(dh_params, ¶ms,
ci->incert_format);
if (ret < 0) {
fprintf(stderr, "Error parsing dh params: %s\n",
gnutls_strerror(ret));
exit(1);
}
ret = gnutls_dh_params_export_raw(dh_params, &p, &g, &q_bits);
if (ret < 0) {
fprintf(stderr, "Error exporting parameters: %s\n",
gnutls_strerror(ret));
exit(1);
}
if (ci->outcert_format == GNUTLS_X509_FMT_PEM)
print_dh_info(outfile, &p, &g, q_bits, ci->cprint);
if (!ci->cprint) { /* generate a PKCS#3 structure */
size_t len = buffer_size;
ret =
gnutls_dh_params_export_pkcs3(dh_params,
ci->outcert_format,
buffer, &len);
if (ret == 0) {
if (ci->outcert_format == GNUTLS_X509_FMT_PEM) {
fprintf(outfile, "\n%s", buffer);
} else {
fwrite(buffer, 1, len, outfile);
}
} else {
fprintf(stderr, "Error: %s\n",
gnutls_strerror(ret));
}
}
gnutls_dh_params_deinit(dh_params);
}
/** Generate initial DH and RSA params.
* Loads the pre-generated DH primes.
*/
static void _crywrap_tls_init(void)
{
gnutls_dh_params_init(&dh_params);
gnutls_dh_params_import_pkcs3(dh_params, &dh_file,
GNUTLS_X509_FMT_PEM);
gnutls_certificate_set_dh_params(cred, dh_params);
}
static int
generate_dh_params (void)
{
const gnutls_datum_t p3 = { pkcs3, strlen (pkcs3) };
/* Generate Diffie Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
* security requirements.
*/
gnutls_dh_params_init (&dh_params);
return gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
}
void Plugin::_loadDHParams()
{
QByteArray data;
QFile file(this->dhParamsFile);
int bits;
gnutls_datum_t datum;
int error;
if (!file.open(QIODevice::ReadWrite))
throw Properties("error", "Unable to open the Diffie-Hellman parameters file").add("file", this->dhParamsFile);
bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, this->secParam);
ASSERT_INIT(gnutls_dh_params_init(&this->dhParams), "dh_params");
// The Diffie-Hellman parameters expired
if (QFileInfo(file).lastModified() < this->dhParamsExpiration)
file.resize(0);
// Import the DH parameters from the PEM file
if (file.size() > 0)
{
data = file.readAll();
datum.data = (unsigned char *)data.data();
datum.size = data.size();
if (gnutls_dh_params_import_pkcs3(this->dhParams, &datum, GNUTLS_X509_FMT_PEM) != GNUTLS_E_SUCCESS)
file.resize(0);
}
// Generates the DH parameters and store them in a PEM file
if (file.size() == 0)
{
LOG_INFO("Generating new Diffie-Hellman parameters. This might take some time.", Properties("secParam", gnutls_sec_param_get_name(this->secParam)).add("bits", bits).toMap(), "Plugin", "_generateDHParams");
data.resize(bits);
datum.data = (unsigned char *)data.data();
datum.size = bits;
ASSERT(gnutls_dh_params_generate2(this->dhParams, bits));
size_t size = datum.size;
ASSERT(gnutls_dh_params_export_pkcs3(this->dhParams, GNUTLS_X509_FMT_PEM, datum.data, &size));
file.write(data.data(), size);
}
}
static bool
Load_DH_params(void)
{
#ifdef HAVE_LIBSSL
FILE *fp;
bool ret = true;
if (!Conf_SSLOptions.DHFile) {
Log(LOG_NOTICE, "Configuration option \"DHFile\" not set!");
return false;
}
fp = fopen(Conf_SSLOptions.DHFile, "r");
if (!fp) {
Log(LOG_ERR, "%s: %s", Conf_SSLOptions.DHFile, strerror(errno));
return false;
}
dh_params = PEM_read_DHparams(fp, NULL, NULL, NULL);
if (!dh_params) {
Log(LOG_ERR, "%s: Failed to read SSL DH parameters!",
Conf_SSLOptions.DHFile);
ret = false;
}
fclose(fp);
return ret;
#endif
#ifdef HAVE_LIBGNUTLS
bool need_dhgenerate = true;
int err;
gnutls_dh_params_t tmp_dh_params;
err = gnutls_dh_params_init(&tmp_dh_params);
if (err < 0) {
Log(LOG_ERR, "Failed to initialize SSL DH parameters: %s",
gnutls_strerror(err));
return false;
}
if (Conf_SSLOptions.DHFile) {
gnutls_datum_t dhparms;
size_t size;
dhparms.data = (unsigned char *) openreadclose(Conf_SSLOptions.DHFile, &size);
if (dhparms.data) {
dhparms.size = size;
err = gnutls_dh_params_import_pkcs3(tmp_dh_params, &dhparms, GNUTLS_X509_FMT_PEM);
if (err == 0)
need_dhgenerate = false;
else
Log(LOG_ERR,
"Failed to initialize SSL DH parameters: %s",
gnutls_strerror(err));
memset(dhparms.data, 0, size);
free(dhparms.data);
}
}
if (need_dhgenerate) {
Log(LOG_WARNING,
"DHFile not set, generating %u bit DH parameters. This may take a while ...",
DH_BITS);
err = gnutls_dh_params_generate2(tmp_dh_params, DH_BITS);
if (err < 0) {
Log(LOG_ERR, "Failed to generate SSL DH parameters: %s",
gnutls_strerror(err));
return false;
}
}
dh_params = tmp_dh_params;
return true;
#endif
}
static void test_ciphersuite(const char *cipher_prio, int size)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
const gnutls_datum_t p3 = { (char *) pkcs3, strlen(pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret, cret;
const char *str;
/* Client stuff. */
gnutls_anon_client_credentials_t c_anoncred;
gnutls_session_t client;
/* Need to enable anonymous KX specifically. */
int ret;
struct benchmark_st st;
/* Init server */
gnutls_anon_allocate_server_credentials(&s_anoncred);
gnutls_dh_params_init(&dh_params);
gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM);
gnutls_anon_set_server_dh_params(s_anoncred, dh_params);
gnutls_init(&server, GNUTLS_SERVER);
ret = gnutls_priority_set_direct(server, cipher_prio, &str);
if (ret < 0) {
fprintf(stderr, "Error in %s\n", str);
exit(1);
}
gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred);
gnutls_dh_set_prime_bits(server, 1024);
gnutls_transport_set_push_function(server, server_push);
gnutls_transport_set_pull_function(server, server_pull);
gnutls_transport_set_ptr(server, (gnutls_transport_ptr_t) server);
reset_buffers();
/* Init client */
gnutls_anon_allocate_client_credentials(&c_anoncred);
gnutls_init(&client, GNUTLS_CLIENT);
ret = gnutls_priority_set_direct(client, cipher_prio, &str);
if (ret < 0) {
fprintf(stderr, "Error in %s\n", str);
exit(1);
}
gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred);
gnutls_transport_set_push_function(client, client_push);
gnutls_transport_set_pull_function(client, client_pull);
gnutls_transport_set_ptr(client, (gnutls_transport_ptr_t) client);
HANDSHAKE(client, server);
fprintf(stdout, "Testing %s with %d packet size: ",
gnutls_cipher_suite_get_name(gnutls_kx_get(server),
gnutls_cipher_get(server),
gnutls_mac_get(server)), size);
fflush(stdout);
gnutls_rnd(GNUTLS_RND_NONCE, buffer, sizeof(buffer));
start_benchmark(&st);
do {
do {
ret = gnutls_record_send(client, buffer, size);
}
while (ret == GNUTLS_E_AGAIN);
if (ret < 0) {
fprintf(stderr, "Failed sending to server\n");
exit(1);
}
do {
ret = gnutls_record_recv(server, buffer, sizeof(buffer));
}
while (ret == GNUTLS_E_AGAIN);
if (ret < 0) {
fprintf(stderr, "Failed receiving from client\n");
exit(1);
}
st.size += size;
}
while (benchmark_must_finish == 0);
stop_benchmark(&st, NULL);
gnutls_bye(client, GNUTLS_SHUT_WR);
gnutls_bye(server, GNUTLS_SHUT_WR);
gnutls_deinit(client);
gnutls_deinit(server);
gnutls_anon_free_client_credentials(c_anoncred);
gnutls_anon_free_server_credentials(s_anoncred);
gnutls_dh_params_deinit(dh_params);
}
void doit(void)
{
int err, i;
int sockets[2];
const char *srcdir;
pid_t child;
char pub_key_path[512], priv_key_path[512];
global_init();
srcdir = getenv("srcdir") ? getenv("srcdir") : ".";
for (i = 0; i < 5; i++) {
if (i <= 1)
key_id = NULL; /* try using the master key */
else if (i == 2)
key_id = "auto"; /* test auto */
else if (i >= 3)
key_id = "f30fd423c143e7ba";
if (debug) {
gnutls_global_set_log_level(5);
gnutls_global_set_log_function(log_message);
}
err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
if (err != 0)
fail("socketpair %s\n", strerror(errno));
if (sizeof(pub_key_path) <
strlen(srcdir) + strlen(pub_key_file) + 2)
abort();
strcpy(pub_key_path, srcdir);
strcat(pub_key_path, "/");
strcat(pub_key_path, pub_key_file);
if (sizeof(priv_key_path) <
strlen(srcdir) + strlen(priv_key_file) + 2)
abort();
strcpy(priv_key_path, srcdir);
strcat(priv_key_path, "/");
strcat(priv_key_path, priv_key_file);
child = fork();
if (child == -1)
fail("fork %s\n", strerror(errno));
if (child == 0) {
/* Child process (client). */
gnutls_session_t session;
gnutls_certificate_credentials_t cred;
ssize_t sent;
if (debug)
printf("client process %i\n", getpid());
err = gnutls_init(&session, GNUTLS_CLIENT);
if (err != 0)
fail("client session %d\n", err);
if (i == 0) /* we use the primary key which is RSA. Test the RSA ciphersuite */
gnutls_priority_set_direct(session,
"NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+RSA:+CTYPE-OPENPGP",
NULL);
else
gnutls_priority_set_direct(session,
"NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP",
NULL);
gnutls_transport_set_int(session, sockets[0]);
err =
gnutls_certificate_allocate_credentials(&cred);
if (err != 0)
fail("client credentials %d\n", err);
err =
gnutls_certificate_set_openpgp_key_file2(cred,
pub_key_path,
priv_key_path,
key_id,
GNUTLS_OPENPGP_FMT_BASE64);
if (err != 0)
fail("client openpgp keys %s\n",
gnutls_strerror(err));
check_loaded_key(cred);
err =
gnutls_credentials_set(session,
GNUTLS_CRD_CERTIFICATE,
cred);
if (err != 0)
fail("client credential_set %d\n", err);
gnutls_dh_set_prime_bits(session, 1024);
if (i == 4)
gnutls_openpgp_send_cert(session,
GNUTLS_OPENPGP_CERT_FINGERPRINT);
err = gnutls_handshake(session);
if (err != 0)
fail("client handshake %s (%d) \n",
gnutls_strerror(err), err);
else if (debug)
printf("client handshake successful\n");
sent =
gnutls_record_send(session, message,
sizeof(message));
if (sent != sizeof(message))
fail("client sent %li vs. %li\n",
(long) sent, (long) sizeof(message));
err = gnutls_bye(session, GNUTLS_SHUT_RDWR);
if (err != 0)
fail("client bye %d\n", err);
if (debug)
printf("client done\n");
gnutls_deinit(session);
gnutls_certificate_free_credentials(cred);
gnutls_free(stored_cli_cert.data);
gnutls_global_deinit();
return;
} else {
/* Parent process (server). */
gnutls_session_t session;
gnutls_dh_params_t dh_params;
gnutls_certificate_credentials_t cred;
char greetings[sizeof(message) * 2];
ssize_t received;
pid_t done;
int status;
const gnutls_datum_t p3 =
{ (void *) pkcs3, strlen(pkcs3) };
if (debug)
printf("server process %i (child %i)\n",
getpid(), child);
err = gnutls_init(&session, GNUTLS_SERVER);
if (err != 0)
fail("server session %d\n", err);
gnutls_priority_set_direct(session,
"NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+RSA:+CTYPE-OPENPGP",
NULL);
gnutls_transport_set_int(session, sockets[1]);
err =
gnutls_certificate_allocate_credentials(&cred);
if (err != 0)
fail("server credentials %d\n", err);
err =
gnutls_certificate_set_openpgp_key_file2(cred,
pub_key_path,
priv_key_path,
key_id,
GNUTLS_OPENPGP_FMT_BASE64);
if (err != 0)
fail("server openpgp keys %s\n",
gnutls_strerror(err));
check_loaded_key(cred);
err = gnutls_dh_params_init(&dh_params);
if (err)
fail("server DH params init %d\n", err);
err =
gnutls_dh_params_import_pkcs3(dh_params, &p3,
GNUTLS_X509_FMT_PEM);
if (err)
fail("server DH params generate %d\n",
err);
gnutls_certificate_set_dh_params(cred, dh_params);
err =
gnutls_credentials_set(session,
GNUTLS_CRD_CERTIFICATE,
cred);
if (err != 0)
fail("server credential_set %d\n", err);
gnutls_certificate_server_set_request(session,
GNUTLS_CERT_REQUIRE);
if (i == 4)
gnutls_openpgp_set_recv_key_function
(session, key_recv_func);
err = gnutls_handshake(session);
if (err != 0)
fail("server handshake %s (%d) \n",
gnutls_strerror(err), err);
if (stored_cli_cert.data == NULL) {
const gnutls_datum_t *d;
unsigned int d_size;
d = gnutls_certificate_get_peers(session,
&d_size);
if (d != NULL) {
stored_cli_cert.data =
gnutls_malloc(d[0].size);
memcpy(stored_cli_cert.data,
d[0].data, d[0].size);
stored_cli_cert.size = d[0].size;
}
}
received =
gnutls_record_recv(session, greetings,
sizeof(greetings));
if (received != sizeof(message)
|| memcmp(greetings, message, sizeof(message)))
fail("server received %li vs. %li\n",
(long) received,
(long) sizeof(message));
err = gnutls_bye(session, GNUTLS_SHUT_RDWR);
if (err != 0)
fail("server bye %s (%d) \n",
gnutls_strerror(err), err);
if (debug)
printf("server done\n");
gnutls_deinit(session);
gnutls_certificate_free_credentials(cred);
gnutls_dh_params_deinit(dh_params);
done = wait(&status);
if (done < 0)
fail("wait %s\n", strerror(errno));
if (done != child)
fail("who's that?! %d\n", done);
check_wait_status(status);
}
}
gnutls_free(stored_cli_cert.data);
gnutls_global_deinit();
}
void try_with_key_ks(const char *name, const char *client_prio, gnutls_kx_algorithm_t client_kx,
gnutls_sign_algorithm_t server_sign_algo,
gnutls_sign_algorithm_t client_sign_algo,
const gnutls_datum_t *serv_cert,
const gnutls_datum_t *serv_key,
const gnutls_datum_t *client_cert,
const gnutls_datum_t *client_key,
unsigned cert_flags,
unsigned exp_group,
gnutls_certificate_type_t server_ctype,
gnutls_certificate_type_t client_ctype)
{
int ret;
char buffer[256];
/* Server stuff. */
gnutls_certificate_credentials_t server_cred;
gnutls_anon_server_credentials_t s_anoncred;
gnutls_dh_params_t dh_params;
const gnutls_datum_t p3 =
{ (unsigned char *) pkcs3, strlen(pkcs3) };
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
/* Client stuff. */
gnutls_certificate_credentials_t client_cred;
gnutls_anon_client_credentials_t c_anoncred;
gnutls_session_t client;
int cret = GNUTLS_E_AGAIN, version;
const char *err;
/* General init. */
gnutls_global_set_log_function(tls_log_func);
if (debug)
gnutls_global_set_log_level(6);
reset_buffers();
/* Init server */
assert(gnutls_anon_allocate_server_credentials(&s_anoncred)>=0);
assert(gnutls_certificate_allocate_credentials(&server_cred)>=0);
// Set server crt creds based on ctype
switch (server_ctype) {
case GNUTLS_CRT_X509:
ret = gnutls_certificate_set_x509_key_mem(server_cred,
serv_cert, serv_key,
GNUTLS_X509_FMT_PEM);
break;
case GNUTLS_CRT_RAWPK:
ret = gnutls_certificate_set_rawpk_key_mem(server_cred,
serv_cert, serv_key, GNUTLS_X509_FMT_PEM, NULL, 0,
NULL, 0, 0);
break;
default:
ret = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
}
if (ret < 0) {
fail("Could not set key/cert: %s\n", gnutls_strerror(ret));
}
gnutls_dh_params_init(&dh_params);
gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM);
gnutls_certificate_set_dh_params(server_cred, dh_params);
gnutls_anon_set_server_dh_params(s_anoncred, dh_params);
assert(gnutls_init(&server, GNUTLS_SERVER | GNUTLS_ENABLE_RAWPK)>=0);
assert(gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE,
server_cred)>=0);
assert(gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred)>=0);
if (server_priority)
assert(gnutls_priority_set_direct(server, server_priority, NULL) >= 0);
else
assert(gnutls_priority_set_direct(server,
"NORMAL:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519:+CTYPE-ALL",
NULL)>=0);
gnutls_transport_set_push_function(server, server_push);
gnutls_transport_set_pull_function(server, server_pull);
gnutls_transport_set_ptr(server, server);
/* Init client */
ret = gnutls_certificate_allocate_credentials(&client_cred);
if (ret < 0)
exit(1);
if (cert_flags == USE_CERT) {
// Set client crt creds based on ctype
switch (client_ctype) {
case GNUTLS_CRT_X509:
gnutls_certificate_set_x509_key_mem(client_cred,
client_cert, client_key,
GNUTLS_X509_FMT_PEM);
break;
case GNUTLS_CRT_RAWPK:
gnutls_certificate_set_rawpk_key_mem(client_cred,
client_cert, client_key, GNUTLS_X509_FMT_PEM, NULL, 0,
NULL, 0, 0);
break;
default:
fail("Illegal client certificate type given\n");
}
gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUIRE);
} else if (cert_flags == ASK_CERT) {
gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST);
}
#if 0
ret = gnutls_certificate_set_x509_trust_mem(client_cred, &ca_cert, GNUTLS_X509_FMT_PEM);
if (ret < 0)
exit(1);
#endif
ret = gnutls_init(&client, GNUTLS_CLIENT | GNUTLS_ENABLE_RAWPK);
if (ret < 0)
exit(1);
assert(gnutls_anon_allocate_client_credentials(&c_anoncred)>=0);
assert(gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred)>=0);
ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE,
client_cred);
if (ret < 0)
exit(1);
gnutls_transport_set_push_function(client, client_push);
gnutls_transport_set_pull_function(client, client_pull);
gnutls_transport_set_ptr(client, client);
ret = gnutls_priority_set_direct(client, client_prio, &err);
if (ret < 0) {
if (ret == GNUTLS_E_INVALID_REQUEST)
fprintf(stderr, "Error in %s\n", err);
exit(1);
}
success("negotiating %s\n", name);
HANDSHAKE(client, server);
if (gnutls_kx_get(client) != client_kx) {
fail("%s: got unexpected key exchange algorithm: %s (expected %s)\n", name, gnutls_kx_get_name(gnutls_kx_get(client)),
gnutls_kx_get_name(client_kx));
exit(1);
}
/* test signature algorithm match */
version = gnutls_protocol_get_version(client);
if (version >= GNUTLS_TLS1_2) {
ret = gnutls_sign_algorithm_get(server);
if (ret != (int)server_sign_algo) {
fail("%s: got unexpected server signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret));
exit(1);
}
ret = gnutls_sign_algorithm_get_client(server);
if (ret != (int)client_sign_algo) {
fail("%s: got unexpected client signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret));
exit(1);
}
ret = gnutls_sign_algorithm_get(client);
if (ret != (int)server_sign_algo) {
fail("%s: cl: got unexpected server signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret));
exit(1);
}
ret = gnutls_sign_algorithm_get_client(client);
if (ret != (int)client_sign_algo) {
fail("%s: cl: got unexpected client signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret));
exit(1);
}
}
if (exp_group != 0) {
ret = gnutls_group_get(server);
if (ret != (int)exp_group) {
fail("%s: got unexpected server group: %d/%s\n", name, ret, gnutls_group_get_name(ret));
}
ret = gnutls_group_get(client);
if (ret != (int)exp_group) {
fail("%s: got unexpected client group: %d/%s\n", name, ret, gnutls_group_get_name(ret));
}
}
gnutls_record_send(server, MSG, strlen(MSG));
ret = gnutls_record_recv(client, buffer, sizeof(buffer));
if (ret == 0) {
fail("client: Peer has closed the TLS connection\n");
exit(1);
} else if (ret < 0) {
fail("client: Error: %s\n", gnutls_strerror(ret));
exit(1);
}
if (ret != strlen(MSG) || memcmp(MSG, buffer, ret) != 0) {
fail("client: Error in data received. Expected %d, got %d\n", (int)strlen(MSG), ret);
exit(1);
}
gnutls_bye(client, GNUTLS_SHUT_RDWR);
gnutls_bye(server, GNUTLS_SHUT_RDWR);
gnutls_deinit(client);
gnutls_deinit(server);
gnutls_certificate_free_credentials(server_cred);
gnutls_certificate_free_credentials(client_cred);
gnutls_anon_free_server_credentials(s_anoncred);
gnutls_anon_free_client_credentials(c_anoncred);
gnutls_dh_params_deinit(dh_params);
}
static void test_ciphersuite_kx(const char *cipher_prio)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
const gnutls_datum_t p3 = { (char *) pkcs3, strlen(pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret, cret;
const char *str;
const char *suite = NULL;
/* Client stuff. */
gnutls_anon_client_credentials_t c_anoncred;
gnutls_session_t client;
/* Need to enable anonymous KX specifically. */
int ret;
struct benchmark_st st;
/* Init server */
gnutls_anon_allocate_server_credentials(&s_anoncred);
gnutls_dh_params_init(&dh_params);
gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM);
gnutls_anon_set_server_dh_params(s_anoncred, dh_params);
start_benchmark(&st);
do {
gnutls_init(&server, GNUTLS_SERVER);
ret = gnutls_priority_set_direct(server, cipher_prio, &str);
if (ret < 0) {
fprintf(stderr, "Error in %s\n", str);
exit(1);
}
gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred);
gnutls_transport_set_push_function(server, server_push);
gnutls_transport_set_pull_function(server, server_pull);
gnutls_transport_set_ptr(server, (gnutls_transport_ptr_t) server);
reset_buffers();
/* Init client */
gnutls_anon_allocate_client_credentials(&c_anoncred);
gnutls_init(&client, GNUTLS_CLIENT);
ret = gnutls_priority_set_direct(client, cipher_prio, &str);
if (ret < 0) {
fprintf(stderr, "Error in %s\n", str);
exit(1);
}
gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred);
gnutls_transport_set_push_function(client, client_push);
gnutls_transport_set_pull_function(client, client_pull);
gnutls_transport_set_ptr(client, (gnutls_transport_ptr_t) client);
HANDSHAKE(client, server);
if (suite == NULL)
suite = gnutls_cipher_suite_get_name(gnutls_kx_get(server),
gnutls_cipher_get(server),
gnutls_mac_get(server));
gnutls_deinit(client);
gnutls_deinit(server);
st.size += 1;
}
while (benchmark_must_finish == 0);
fprintf(stdout, "Tested %s: ", suite);
stop_benchmark(&st, "transactions");
gnutls_anon_free_client_credentials(c_anoncred);
gnutls_anon_free_server_credentials(s_anoncred);
gnutls_dh_params_deinit(dh_params);
}
void dtls_try_with_key_mtu(const char *name, const char *client_prio, gnutls_kx_algorithm_t client_kx,
gnutls_sign_algorithm_t server_sign_algo,
gnutls_sign_algorithm_t client_sign_algo,
const gnutls_datum_t *serv_cert,
const gnutls_datum_t *serv_key,
const gnutls_datum_t *client_cert,
const gnutls_datum_t *client_key,
unsigned cert_flags,
unsigned smtu)
{
int ret;
char buffer[256];
/* Server stuff. */
gnutls_certificate_credentials_t serverx509cred;
gnutls_anon_server_credentials_t s_anoncred;
gnutls_dh_params_t dh_params;
const gnutls_datum_t p3 =
{ (unsigned char *) pkcs3, strlen(pkcs3) };
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
/* Client stuff. */
gnutls_certificate_credentials_t clientx509cred;
gnutls_anon_client_credentials_t c_anoncred;
gnutls_session_t client;
int cret = GNUTLS_E_AGAIN, version;
/* General init. */
gnutls_global_set_log_function(tls_log_func);
if (debug)
gnutls_global_set_log_level(6);
reset_buffers();
/* Init server */
gnutls_anon_allocate_server_credentials(&s_anoncred);
gnutls_certificate_allocate_credentials(&serverx509cred);
ret = gnutls_certificate_set_x509_key_mem(serverx509cred,
serv_cert, serv_key,
GNUTLS_X509_FMT_PEM);
if (ret < 0) {
fail("Could not set key/cert: %s\n", gnutls_strerror(ret));
}
gnutls_dh_params_init(&dh_params);
gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM);
gnutls_certificate_set_dh_params(serverx509cred, dh_params);
gnutls_anon_set_server_dh_params(s_anoncred, dh_params);
assert(gnutls_init(&server, GNUTLS_SERVER|GNUTLS_DATAGRAM|GNUTLS_NONBLOCK)>=0);
assert(gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE,
serverx509cred)>=0);
assert(gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred)>=0);
assert(gnutls_priority_set_direct(server,
"NORMAL:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519",
NULL)>=0);
gnutls_transport_set_push_function(server, server_push);
gnutls_transport_set_pull_function(server, server_pull);
gnutls_transport_set_pull_timeout_function(server, server_pull_timeout_func);
gnutls_transport_set_ptr(server, server);
if (smtu)
gnutls_dtls_set_mtu (server, smtu);
/* Init client */
ret = gnutls_certificate_allocate_credentials(&clientx509cred);
if (ret < 0)
exit(1);
if (cert_flags == USE_CERT) {
ret = gnutls_certificate_set_x509_key_mem(clientx509cred,
client_cert, client_key,
GNUTLS_X509_FMT_PEM);
if (ret < 0) {
fail("Could not set key/cert: %s\n", gnutls_strerror(ret));
}
gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUIRE);
} else if (cert_flags == ASK_CERT) {
gnutls_certificate_server_set_request(server, GNUTLS_CERT_REQUEST);
}
#if 0
ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, &ca_cert, GNUTLS_X509_FMT_PEM);
if (ret < 0)
exit(1);
#endif
ret = gnutls_init(&client, GNUTLS_CLIENT|GNUTLS_DATAGRAM|GNUTLS_NONBLOCK);
if (ret < 0)
exit(1);
assert(gnutls_anon_allocate_client_credentials(&c_anoncred)>=0);
assert(gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred)>=0);
ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE,
clientx509cred);
if (ret < 0)
exit(1);
gnutls_transport_set_push_function(client, client_push);
gnutls_transport_set_pull_function(client, client_pull);
gnutls_transport_set_pull_timeout_function(client, client_pull_timeout_func);
gnutls_transport_set_ptr(client, client);
if (smtu)
gnutls_dtls_set_mtu (client, smtu);
ret = gnutls_priority_set_direct(client, client_prio, NULL);
if (ret < 0) {
exit(1);
}
success("negotiating %s\n", name);
HANDSHAKE_DTLS(client, server);
if (gnutls_kx_get(client) != client_kx) {
fail("%s: got unexpected key exchange algorithm: %s (expected %s)\n", name, gnutls_kx_get_name(gnutls_kx_get(client)),
gnutls_kx_get_name(client_kx));
exit(1);
}
/* test signature algorithm match */
version = gnutls_protocol_get_version(client);
if (version >= GNUTLS_DTLS1_2) {
ret = gnutls_sign_algorithm_get(server);
if (ret != (int)server_sign_algo) {
fail("%s: got unexpected server signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret));
exit(1);
}
ret = gnutls_sign_algorithm_get_client(server);
if (ret != (int)client_sign_algo) {
fail("%s: got unexpected client signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret));
exit(1);
}
ret = gnutls_sign_algorithm_get(client);
if (ret != (int)server_sign_algo) {
fail("%s: cl: got unexpected server signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret));
exit(1);
}
ret = gnutls_sign_algorithm_get_client(client);
if (ret != (int)client_sign_algo) {
fail("%s: cl: got unexpected client signature algorithm: %d/%s\n", name, ret, gnutls_sign_get_name(ret));
exit(1);
}
}
gnutls_record_send(server, MSG, strlen(MSG));
ret = gnutls_record_recv(client, buffer, sizeof(buffer));
if (ret == 0) {
fail("client: Peer has closed the TLS connection\n");
exit(1);
} else if (ret < 0) {
fail("client: Error: %s\n", gnutls_strerror(ret));
exit(1);
}
if (ret != strlen(MSG) || memcmp(MSG, buffer, ret) != 0) {
fail("client: Error in data received. Expected %d, got %d\n", (int)strlen(MSG), ret);
exit(1);
}
gnutls_bye(client, GNUTLS_SHUT_RDWR);
gnutls_bye(server, GNUTLS_SHUT_RDWR);
gnutls_deinit(client);
gnutls_deinit(server);
gnutls_certificate_free_credentials(serverx509cred);
gnutls_certificate_free_credentials(clientx509cred);
gnutls_anon_free_server_credentials(s_anoncred);
gnutls_anon_free_client_credentials(c_anoncred);
gnutls_dh_params_deinit(dh_params);
}
int
qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds *creds,
const char *filename,
gnutls_dh_params_t *dh_params,
Error **errp)
{
int ret;
trace_qcrypto_tls_creds_load_dh(creds, filename ? filename : "<generated>");
if (filename == NULL) {
ret = gnutls_dh_params_init(dh_params);
if (ret < 0) {
error_setg(errp, "Unable to initialize DH parameters: %s",
gnutls_strerror(ret));
return -1;
}
ret = gnutls_dh_params_generate2(*dh_params, DH_BITS);
if (ret < 0) {
gnutls_dh_params_deinit(*dh_params);
*dh_params = NULL;
error_setg(errp, "Unable to generate DH parameters: %s",
gnutls_strerror(ret));
return -1;
}
} else {
GError *gerr = NULL;
gchar *contents;
gsize len;
gnutls_datum_t data;
if (!g_file_get_contents(filename,
&contents,
&len,
&gerr)) {
error_setg(errp, "%s", gerr->message);
g_error_free(gerr);
return -1;
}
data.data = (unsigned char *)contents;
data.size = len;
ret = gnutls_dh_params_init(dh_params);
if (ret < 0) {
g_free(contents);
error_setg(errp, "Unable to initialize DH parameters: %s",
gnutls_strerror(ret));
return -1;
}
ret = gnutls_dh_params_import_pkcs3(*dh_params,
&data,
GNUTLS_X509_FMT_PEM);
g_free(contents);
if (ret < 0) {
gnutls_dh_params_deinit(*dh_params);
*dh_params = NULL;
error_setg(errp, "Unable to load DH parameters from %s: %s",
filename, gnutls_strerror(ret));
return -1;
}
}
return 0;
}
int
rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile, const char *cipher_list)
{
int ret;
const char *err;
gnutls_datum_t *d_cert, *d_key;
if(cert == NULL)
{
rb_lib_log("rb_setup_ssl_server: No certificate file");
return 0;
}
if((d_cert = rb_load_file_into_datum_t(cert)) == NULL)
{
rb_lib_log("rb_setup_ssl_server: Error loading certificate: %s", strerror(errno));
return 0;
}
if((d_key = rb_load_file_into_datum_t(keyfile)) == NULL)
{
rb_lib_log("rb_setup_ssl_server: Error loading key: %s", strerror(errno));
return 0;
}
/* In addition to creating the certificate set, we also need to store our cert elsewhere
* so we can force GnuTLS to identify with it when acting as a client.
*/
gnutls_x509_privkey_init(&x509_key);
if ((ret = gnutls_x509_privkey_import(x509_key, d_key, GNUTLS_X509_FMT_PEM)) != GNUTLS_E_SUCCESS)
{
rb_lib_log("rb_setup_ssl_server: Error loading key file: %s", gnutls_strerror(ret));
return 0;
}
x509_cert_count = MAX_CERTS;
if ((ret = gnutls_x509_crt_list_import(x509_cert, &x509_cert_count, d_cert, GNUTLS_X509_FMT_PEM,
GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED)) < 0)
{
rb_lib_log("rb_setup_ssl_server: Error loading certificate: %s", gnutls_strerror(ret));
return 0;
}
x509_cert_count = ret;
if((ret =
gnutls_certificate_set_x509_key_mem(x509, d_cert, d_key,
GNUTLS_X509_FMT_PEM)) != GNUTLS_E_SUCCESS)
{
rb_lib_log("rb_setup_ssl_server: Error loading certificate or key file: %s",
gnutls_strerror(ret));
return 0;
}
rb_free_datum_t(d_cert);
rb_free_datum_t(d_key);
if(dhfile != NULL)
{
if(gnutls_dh_params_init(&dh_params) == GNUTLS_E_SUCCESS)
{
gnutls_datum_t *data;
int xret;
data = rb_load_file_into_datum_t(dhfile);
if(data != NULL)
{
xret = gnutls_dh_params_import_pkcs3(dh_params, data,
GNUTLS_X509_FMT_PEM);
if(xret < 0)
rb_lib_log
("rb_setup_ssl_server: Error parsing DH file: %s\n",
gnutls_strerror(xret));
rb_free_datum_t(data);
}
gnutls_certificate_set_dh_params(x509, dh_params);
}
else
rb_lib_log("rb_setup_ssl_server: Unable to setup DH parameters");
}
ret = gnutls_priority_init(&default_priority, cipher_list, &err);
if (ret < 0)
{
rb_lib_log("rb_setup_ssl_server: syntax error (using defaults instead) in ssl cipher list at: %s", err);
gnutls_priority_init(&default_priority, NULL, &err);
return 1;
}
return 1;
}
/*
* initialize a new TLS context
*/
static int
tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
{
tlsg_ctx *ctx = lo->ldo_tls_ctx;
int rc;
if ( lo->ldo_tls_ciphersuite &&
tlsg_parse_ciphers( ctx, lt->lt_ciphersuite )) {
Debug( LDAP_DEBUG_ANY,
"TLS: could not set cipher list %s.\n",
lo->ldo_tls_ciphersuite, 0, 0 );
return -1;
}
if (lo->ldo_tls_cacertdir != NULL) {
Debug( LDAP_DEBUG_ANY,
"TLS: warning: cacertdir not implemented for gnutls\n",
NULL, NULL, NULL );
}
if (lo->ldo_tls_cacertfile != NULL) {
rc = gnutls_certificate_set_x509_trust_file(
ctx->cred,
lt->lt_cacertfile,
GNUTLS_X509_FMT_PEM );
if ( rc < 0 ) return -1;
}
if ( lo->ldo_tls_certfile && lo->ldo_tls_keyfile ) {
gnutls_x509_privkey_t key;
gnutls_datum_t buf;
gnutls_x509_crt_t certs[VERIFY_DEPTH];
unsigned int max = VERIFY_DEPTH;
rc = gnutls_x509_privkey_init( &key );
if ( rc ) return -1;
/* OpenSSL builds the cert chain for us, but GnuTLS
* expects it to be present in the certfile. If it's
* not, we have to build it ourselves. So we have to
* do some special checks here...
*/
rc = tlsg_getfile( lt->lt_keyfile, &buf );
if ( rc ) return -1;
rc = gnutls_x509_privkey_import( key, &buf,
GNUTLS_X509_FMT_PEM );
LDAP_FREE( buf.data );
if ( rc < 0 ) return rc;
rc = tlsg_getfile( lt->lt_certfile, &buf );
if ( rc ) return -1;
rc = gnutls_x509_crt_list_import( certs, &max, &buf,
GNUTLS_X509_FMT_PEM, 0 );
LDAP_FREE( buf.data );
if ( rc < 0 ) return rc;
/* If there's only one cert and it's not self-signed,
* then we have to build the cert chain.
*/
if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) {
unsigned int i;
for ( i = 1; i<VERIFY_DEPTH; i++ ) {
if ( gnutls_certificate_get_issuer( ctx->cred, certs[i-1], &certs[i], 0 ))
break;
max++;
/* If this CA is self-signed, we're done */
if ( gnutls_x509_crt_check_issuer( certs[i], certs[i] ))
break;
}
}
rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key );
if ( rc ) return -1;
} else if ( lo->ldo_tls_certfile || lo->ldo_tls_keyfile ) {
Debug( LDAP_DEBUG_ANY,
"TLS: only one of certfile and keyfile specified\n",
NULL, NULL, NULL );
return -1;
}
if ( lo->ldo_tls_crlfile ) {
rc = gnutls_certificate_set_x509_crl_file(
ctx->cred,
lt->lt_crlfile,
GNUTLS_X509_FMT_PEM );
if ( rc < 0 ) return -1;
rc = 0;
}
/* FIXME: ITS#5992 - this should be configurable,
* and V1 CA certs should be phased out ASAP.
*/
gnutls_certificate_set_verify_flags( ctx->cred,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT );
if ( is_server && lo->ldo_tls_dhfile ) {
gnutls_datum_t buf;
rc = tlsg_getfile( lo->ldo_tls_dhfile, &buf );
if ( rc ) return -1;
rc = gnutls_dh_params_init( &ctx->dh_params );
if ( rc == 0 )
rc = gnutls_dh_params_import_pkcs3( ctx->dh_params, &buf,
GNUTLS_X509_FMT_PEM );
LDAP_FREE( buf.data );
if ( rc ) return -1;
gnutls_certificate_set_dh_params( ctx->cred, ctx->dh_params );
}
return 0;
}
void doit(void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
const gnutls_datum_t p3 =
{ (unsigned char *) pkcs3, strlen(pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
/* Client stuff. */
gnutls_anon_client_credentials_t c_anoncred;
gnutls_session_t client;
int cret = GNUTLS_E_AGAIN, i;
/* Need to enable anonymous KX specifically. */
ssize_t ns;
int ret, transferred = 0;
/* General init. */
global_init();
gnutls_global_set_log_function(tls_log_func);
if (debug)
gnutls_global_set_log_level(4711);
/* Init server */
gnutls_anon_allocate_server_credentials(&s_anoncred);
gnutls_dh_params_init(&dh_params);
gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM);
gnutls_anon_set_server_dh_params(s_anoncred, dh_params);
gnutls_init(&server, GNUTLS_SERVER);
gnutls_priority_set_direct(server,
"NONE:+VERS-TLS-ALL:+ARCFOUR-128:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH",
NULL);
gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred);
gnutls_transport_set_push_function(server, server_push);
gnutls_transport_set_pull_function(server, server_pull);
gnutls_transport_set_ptr(server, server);
/* Init client */
gnutls_anon_allocate_client_credentials(&c_anoncred);
gnutls_init(&client, GNUTLS_CLIENT);
gnutls_priority_set_direct(client,
"NONE:+VERS-TLS-ALL:+CIPHER-ALL:+ARCFOUR-128:+MAC-ALL:+SIGN-ALL:+COMP-NULL:+ANON-DH",
NULL);
gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred);
gnutls_transport_set_push_function(client, client_push);
gnutls_transport_set_pull_function(client, client_pull);
gnutls_transport_set_ptr(client, client);
memset(b1, 0, sizeof(b1));
HANDSHAKE(client, server);
if (debug)
success("Handshake established\n");
memset(b1, 1, MAX_BUF);
/* try the maximum allowed */
ret = gnutls_record_send(client, b1, MAX_BUF);
if (ret < 0) {
fprintf(stderr, "Error sending %d bytes: %s\n",
(int) MAX_BUF, gnutls_strerror(ret));
exit(1);
}
if (ret != MAX_BUF) {
fprintf(stderr, "Couldn't send %d bytes\n", (int) MAX_BUF);
exit(1);
}
ret = gnutls_record_recv(server, buffer, MAX_BUF);
if (ret < 0) {
fprintf(stderr, "Error receiving %d bytes: %s\n",
(int) MAX_BUF, gnutls_strerror(ret));
exit(1);
}
if (ret != MAX_BUF) {
fprintf(stderr, "Couldn't receive %d bytes, received %d\n",
(int) MAX_BUF, ret);
exit(1);
}
if (memcmp(b1, buffer, MAX_BUF) != 0) {
fprintf(stderr, "Buffers do not match!\n");
exit(1);
}
/* Try sending various other sizes */
for (i = 1; i < 128; i++) {
TRANSFER(client, server, b1, i, buffer, MAX_BUF);
}
if (debug)
fputs("\n", stdout);
gnutls_bye(client, GNUTLS_SHUT_RDWR);
gnutls_bye(server, GNUTLS_SHUT_RDWR);
gnutls_deinit(client);
gnutls_deinit(server);
gnutls_anon_free_client_credentials(c_anoncred);
gnutls_anon_free_server_credentials(s_anoncred);
gnutls_dh_params_deinit(dh_params);
gnutls_global_deinit();
}
static int
init_dh(host_item *host)
{
int fd;
int ret;
gnutls_datum m;
uschar filename[200];
/* Initialize the data structures for holding the parameters */
ret = gnutls_dh_params_init(&dh_params);
if (ret < 0) return tls_error(US"init dh_params", host, gnutls_strerror(ret));
/* Set up the name of the cache file */
if (!string_format(filename, sizeof(filename), "%s/gnutls-params",
spool_directory))
return tls_error(US"overlong filename", host, NULL);
/* Open the cache file for reading and if successful, read it and set up the
parameters. */
fd = Uopen(filename, O_RDONLY, 0);
if (fd >= 0)
{
struct stat statbuf;
if (fstat(fd, &statbuf) < 0)
{
(void)close(fd);
return tls_error(US"TLS cache stat failed", host, strerror(errno));
}
m.size = statbuf.st_size;
m.data = malloc(m.size);
if (m.data == NULL)
return tls_error(US"memory allocation failed", host, strerror(errno));
errno = 0;
if (read(fd, m.data, m.size) != m.size)
return tls_error(US"TLS cache read failed", host, strerror(errno));
(void)close(fd);
ret = gnutls_dh_params_import_pkcs3(dh_params, &m, GNUTLS_X509_FMT_PEM);
if (ret < 0)
return tls_error(US"DH params import", host, gnutls_strerror(ret));
DEBUG(D_tls) debug_printf("read D-H parameters from file\n");
free(m.data);
}
/* If the file does not exist, fall through to compute new data and cache it.
If there was any other opening error, it is serious. */
else if (errno == ENOENT)
{
ret = -1;
DEBUG(D_tls)
debug_printf("parameter cache file %s does not exist\n", filename);
}
else
return tls_error(string_open_failed(errno, "%s for reading", filename),
host, NULL);
/* If ret < 0, either the cache file does not exist, or the data it contains
is not useful. One particular case of this is when upgrading from an older
release of Exim in which the data was stored in a different format. We don't
try to be clever and support both formats; we just regenerate new data in this
case. */
if (ret < 0)
{
uschar tempfilename[sizeof(filename) + 10];
DEBUG(D_tls) debug_printf("generating %d bit Diffie-Hellman key...\n",
DH_BITS);
ret = gnutls_dh_params_generate2(dh_params, DH_BITS);
if (ret < 0) return tls_error(US"D-H key generation", host, gnutls_strerror(ret));
/* Write the parameters to a file in the spool directory so that we
can use them from other Exim processes. */
sprintf(CS tempfilename, "%s-%d", filename, (int)getpid());
fd = Uopen(tempfilename, O_WRONLY|O_CREAT, 0400);
if (fd < 0)
return tls_error(string_open_failed(errno, "%s for writing", filename),
host, NULL);
(void)fchown(fd, exim_uid, exim_gid); /* Probably not necessary */
/* export the parameters in a format that can be generated using GNUTLS'
* certtool or other programs.
*
* The commands for certtool are:
* $ certtool --generate-dh-params --bits 1024 > params
*/
m.size = PARAM_SIZE;
m.data = malloc(m.size);
if (m.data == NULL)
return tls_error(US"memory allocation failed", host, strerror(errno));
m.size = PARAM_SIZE;
ret = gnutls_dh_params_export_pkcs3(dh_params, GNUTLS_X509_FMT_PEM, m.data,
&m.size);
if (ret < 0)
return tls_error(US"DH params export", host, gnutls_strerror(ret));
m.size = Ustrlen(m.data);
errno = 0;
if (write(fd, m.data, m.size) != m.size || write(fd, "\n", 1) != 1)
return tls_error(US"TLS cache write failed", host, strerror(errno));
free(m.data);
(void)close(fd);
if (rename(CS tempfilename, CS filename) < 0)
return tls_error(string_sprintf("failed to rename %s as %s",
tempfilename, filename), host, strerror(errno));
DEBUG(D_tls) debug_printf("wrote D-H parameters to file %s\n", filename);
}
DEBUG(D_tls) debug_printf("initialized D-H parameters\n");
return OK;
}
void
doit ()
{
int err;
int sockets[2];
const char *srcdir;
char *pub_key_path, *priv_key_path;
pid_t child;
gnutls_global_init ();
srcdir = getenv ("srcdir") ? getenv ("srcdir") : ".";
if (debug)
{
gnutls_global_set_log_level (10);
gnutls_global_set_log_function (log_message);
}
err = socketpair (PF_UNIX, SOCK_STREAM, 0, sockets);
if (err != 0)
fail ("socketpair %s\n", strerror (errno));
pub_key_path = alloca (strlen (srcdir) + strlen (pub_key_file) + 2);
strcpy (pub_key_path, srcdir);
strcat (pub_key_path, "/");
strcat (pub_key_path, pub_key_file);
priv_key_path = alloca (strlen (srcdir) + strlen (priv_key_file) + 2);
strcpy (priv_key_path, srcdir);
strcat (priv_key_path, "/");
strcat (priv_key_path, priv_key_file);
child = fork ();
if (child == -1)
fail ("fork %s\n", strerror (errno));
if (child == 0)
{
/* Child process (client). */
gnutls_session_t session;
gnutls_certificate_credentials_t cred;
ssize_t sent;
if (debug)
printf ("client process %i\n", getpid ());
err = gnutls_init (&session, GNUTLS_CLIENT);
if (err != 0)
fail ("client session %d\n", err);
gnutls_priority_set_direct (session, "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP", NULL);
gnutls_transport_set_ptr (session,
(gnutls_transport_ptr_t) (intptr_t)
sockets[0]);
err = gnutls_certificate_allocate_credentials (&cred);
if (err != 0)
fail ("client credentials %d\n", err);
err =
gnutls_certificate_set_openpgp_key_file2 (cred,
pub_key_path, priv_key_path,
key_id,
GNUTLS_OPENPGP_FMT_BASE64);
if (err != 0)
fail ("client openpgp keys %d\n", err);
err = gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
if (err != 0)
fail ("client credential_set %d\n", err);
gnutls_dh_set_prime_bits (session, 1024);
err = gnutls_handshake (session);
if (err != 0)
fail ("client handshake %s (%d) \n", gnutls_strerror(err), err);
else if (debug)
printf ("client handshake successful\n");
sent = gnutls_record_send (session, message, sizeof (message));
if (sent != sizeof (message))
fail ("client sent %li vs. %li\n",
(long) sent, (long) sizeof (message));
err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
if (err != 0)
fail ("client bye %d\n", err);
if (debug)
printf ("client done\n");
gnutls_deinit(session);
gnutls_certificate_free_credentials (cred);
}
else
{
/* Parent process (server). */
gnutls_session_t session;
gnutls_dh_params_t dh_params;
gnutls_certificate_credentials_t cred;
char greetings[sizeof (message) * 2];
ssize_t received;
pid_t done;
int status;
const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
if (debug)
printf ("server process %i (child %i)\n", getpid (), child);
err = gnutls_init (&session, GNUTLS_SERVER);
if (err != 0)
fail ("server session %d\n", err);
gnutls_priority_set_direct (session, "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP", NULL);
gnutls_transport_set_ptr (session,
(gnutls_transport_ptr_t) (intptr_t)
sockets[1]);
err = gnutls_certificate_allocate_credentials (&cred);
if (err != 0)
fail ("server credentials %d\n", err);
err =
gnutls_certificate_set_openpgp_key_file2 (cred,
pub_key_path, priv_key_path,
key_id,
GNUTLS_OPENPGP_FMT_BASE64);
if (err != 0)
fail ("server openpgp keys %d\n", err);
err = gnutls_dh_params_init (&dh_params);
if (err)
fail ("server DH params init %d\n", err);
err =
gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
if (err)
fail ("server DH params generate %d\n", err);
gnutls_certificate_set_dh_params (cred, dh_params);
err = gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
if (err != 0)
fail ("server credential_set %d\n", err);
gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE);
err = gnutls_handshake (session);
if (err != 0)
fail ("server handshake %s (%d) \n", gnutls_strerror(err), err);
received = gnutls_record_recv (session, greetings, sizeof (greetings));
if (received != sizeof (message)
|| memcmp (greetings, message, sizeof (message)))
fail ("server received %li vs. %li\n",
(long) received, (long) sizeof (message));
err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
if (err != 0)
fail ("server bye %s (%d) \n", gnutls_strerror(err), err);
if (debug)
printf ("server done\n");
gnutls_deinit(session);
gnutls_certificate_free_credentials (cred);
gnutls_dh_params_deinit (dh_params);
done = wait (&status);
if (done < 0)
fail ("wait %s\n", strerror (errno));
if (done != child)
fail ("who's that?! %d\n", done);
if (WIFEXITED (status))
{
if (WEXITSTATUS (status) != 0)
fail ("child exited with status %d\n", WEXITSTATUS (status));
}
else if (WIFSIGNALED (status))
fail ("child stopped by signal %d\n", WTERMSIG (status));
else
fail ("child failed: %d\n", status);
}
}
void
doit (void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
const gnutls_datum_t p3 = { (void *) pkcs3, strlen (pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret, cret;
/* Client stuff. */
gnutls_anon_client_credentials_t c_anoncred;
gnutls_session_t client;
/* Need to enable anonymous KX specifically. */
char buffer[MAX_BUF + 1];
ssize_t ns;
int ret, transferred = 0, msglen;
/* General init. */
gnutls_global_init ();
gnutls_global_set_log_function (tls_log_func);
if (debug)
gnutls_global_set_log_level (99);
/* Init server */
gnutls_anon_allocate_server_credentials (&s_anoncred);
gnutls_dh_params_init (&dh_params);
gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
gnutls_anon_set_server_dh_params (s_anoncred, dh_params);
gnutls_init (&server, GNUTLS_SERVER|GNUTLS_DATAGRAM|GNUTLS_NONBLOCK);
ret = gnutls_priority_set_direct (server, "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", NULL);
if (ret < 0)
exit(1);
gnutls_credentials_set (server, GNUTLS_CRD_ANON, s_anoncred);
gnutls_dh_set_prime_bits (server, 1024);
gnutls_transport_set_push_function (server, server_push);
gnutls_transport_set_pull_function (server, server_pull);
gnutls_transport_set_pull_timeout_function (server, server_pull_timeout_func);
gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t)server);
/* Init client */
gnutls_anon_allocate_client_credentials (&c_anoncred);
gnutls_init (&client, GNUTLS_CLIENT|GNUTLS_DATAGRAM|GNUTLS_NONBLOCK);
cret = gnutls_priority_set_direct (client, "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH", NULL);
if (cret < 0)
exit(1);
gnutls_credentials_set (client, GNUTLS_CRD_ANON, c_anoncred);
gnutls_transport_set_push_function (client, client_push);
gnutls_transport_set_pull_function (client, client_pull);
gnutls_transport_set_pull_timeout_function (client, client_pull_timeout_func);
gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t)client);
handshake = 1;
HANDSHAKE(client, server);
handshake = 0;
if (debug)
success ("Handshake established\n");
do
{
ret = gnutls_record_send (client, MSG, strlen (MSG));
}
while(ret == GNUTLS_E_AGAIN);
//success ("client: sent %d\n", ns);
msglen = strlen(MSG);
TRANSFER(client, server, MSG, msglen, buffer, MAX_BUF);
if (debug)
fputs ("\n", stdout);
gnutls_bye (client, GNUTLS_SHUT_WR);
gnutls_bye (server, GNUTLS_SHUT_WR);
gnutls_deinit (client);
gnutls_deinit (server);
gnutls_anon_free_client_credentials (c_anoncred);
gnutls_anon_free_server_credentials (s_anoncred);
gnutls_dh_params_deinit (dh_params);
gnutls_global_deinit ();
}
static void server(int fd)
{
int ret;
gnutls_session_t session;
gnutls_anon_server_credentials_t anoncred;
gnutls_dh_params_t dh_params;
char buf[128];
const gnutls_datum_t p3 =
{ (unsigned char *) pkcs3, strlen(pkcs3) };
/* this must be called once in the program
*/
global_init();
if (debug) {
gnutls_global_set_log_function(server_log_func);
gnutls_global_set_log_level(4711);
}
gnutls_anon_allocate_server_credentials(&anoncred);
gnutls_dh_params_init(&dh_params);
gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM);
gnutls_anon_set_server_dh_params(anoncred, dh_params);
gnutls_init(&session, GNUTLS_SERVER);
/* avoid calling all the priority functions, since the defaults
* are adequate.
*/
ret = gnutls_priority_set_direct(session,
"NORMAL:+ANON-DH:+ANON-ECDH", NULL);
if (ret < 0) {
fail("server: priority set failed (%s)\n\n",
gnutls_strerror(ret));
terminate();
}
gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
gnutls_transport_set_int(session, fd);
do {
ret = gnutls_handshake(session);
}
while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
if (ret < 0) {
close(fd);
gnutls_deinit(session);
fail("server: Handshake has failed (%s)\n\n",
gnutls_strerror(ret));
terminate();
}
if (debug)
success("server: Handshake was completed\n");
if (debug)
success("server: TLS version is: %s\n",
gnutls_protocol_get_name
(gnutls_protocol_get_version(session)));
do {
ret = gnutls_record_recv(session, buf, sizeof(buf));
} while(ret > 0);
if (ret < 0) {
fail("error: %s\n", gnutls_strerror(ret));
}
/* do not wait for the peer to close the connection.
*/
gnutls_bye(session, GNUTLS_SHUT_WR);
close(fd);
gnutls_deinit(session);
gnutls_anon_free_server_credentials(anoncred);
gnutls_dh_params_deinit(dh_params);
gnutls_global_deinit();
if (debug)
success("server: finished\n");
}
void
doit (void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
/* Client stuff. */
gnutls_anon_client_credentials_t c_anoncred;
gnutls_session_t client;
int n, cret = GNUTLS_E_AGAIN;
/* Need to enable anonymous KX specifically. */
const int kx_prio[] = { GNUTLS_KX_ANON_DH, 0 };
char buffer[MAX_BUF + 1];
ssize_t ns;
int ret;
/* General init. */
gnutls_global_init ();
gnutls_global_set_log_function (tls_log_func);
if (debug)
gnutls_global_set_log_level (4711);
/* Init server */
gnutls_anon_allocate_server_credentials (&s_anoncred);
gnutls_dh_params_init (&dh_params);
gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
gnutls_anon_set_server_dh_params (s_anoncred, dh_params);
gnutls_init (&server, GNUTLS_SERVER);
gnutls_set_default_priority (server);
gnutls_kx_set_priority (server, kx_prio);
gnutls_credentials_set (server, GNUTLS_CRD_ANON, s_anoncred);
gnutls_dh_set_prime_bits (server, 1024);
gnutls_transport_set_push_function (server, server_push);
gnutls_transport_set_pull_function (server, server_pull);
gnutls_session_set_finished_function (server, server_finished_callback);
/* Init client */
gnutls_anon_allocate_client_credentials (&c_anoncred);
gnutls_init (&client, GNUTLS_CLIENT);
gnutls_set_default_priority (client);
gnutls_kx_set_priority (client, kx_prio);
gnutls_credentials_set (client, GNUTLS_CRD_ANON, c_anoncred);
gnutls_transport_set_push_function (client, client_push);
gnutls_transport_set_pull_function (client, client_pull);
gnutls_session_set_finished_function (client, client_finished_callback);
do
{
if (cret == GNUTLS_E_AGAIN)
{
if (debug)
success ("loop invoking client:\n");
cret = gnutls_handshake (client);
if (debug)
success ("client %d: %s\n", cret, gnutls_strerror (cret));
}
if (sret == GNUTLS_E_AGAIN)
{
if (debug)
success ("loop invoking server:\n");
sret = gnutls_handshake (server);
if (debug)
success ("server %d: %s\n", sret, gnutls_strerror (sret));
}
}
while (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN);
if (debug)
success ("Handshake established\n");
ns = gnutls_record_send (client, MSG, strlen (MSG));
if (debug)
success ("client: sent %d\n", (int) ns);
ret = gnutls_record_recv (server, buffer, MAX_BUF);
if (ret == 0)
fail ("server: didn't receive any data\n");
else if (ret < 0)
fail ("server: error: %s\n", gnutls_strerror (ret));
else if (debug)
{
printf ("server: received %d: ", ret);
for (n = 0; n < ret; n++)
fputc (buffer[n], stdout);
fputs ("\n", stdout);
}
ns = gnutls_record_send (server, MSG, strlen (MSG));
if (debug)
success ("server: sent %d\n", (int) ns);
ret = gnutls_record_recv (client, buffer, MAX_BUF);
if (ret == 0)
{
fail ("client: Peer has closed the TLS connection\n");
}
else if (ret < 0)
{
fail ("client: Error: %s\n", gnutls_strerror (ret));
}
else if (debug)
{
printf ("client: received %d: ", ret);
for (n = 0; n < ret; n++)
fputc (buffer[n], stdout);
fputs ("\n", stdout);
}
gnutls_bye (client, GNUTLS_SHUT_RDWR);
gnutls_bye (server, GNUTLS_SHUT_RDWR);
gnutls_deinit (client);
gnutls_deinit (server);
free (to_server);
free (to_client);
gnutls_anon_free_client_credentials (c_anoncred);
gnutls_anon_free_server_credentials (s_anoncred);
gnutls_dh_params_deinit (dh_params);
gnutls_global_deinit ();
}
void dh_params::import_pkcs3 (const gnutls_datum_t & pkcs3_params,
gnutls_x509_crt_fmt_t format)
{
RETWRAP (gnutls_dh_params_import_pkcs3 (params, &pkcs3_params, format));
}
