tor  0.4.1.0-alpha-dev
tortls.c
Go to the documentation of this file.
1 /* Copyright (c) 2003, Roger Dingledine.
2  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3  * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5 
6 #define TORTLS_PRIVATE
7 #define TOR_X509_PRIVATE
8 #include "lib/tls/x509.h"
9 #include "lib/tls/x509_internal.h"
10 #include "lib/tls/tortls_sys.h"
11 #include "lib/tls/tortls.h"
12 #include "lib/tls/tortls_st.h"
13 #include "lib/tls/tortls_internal.h"
14 #include "lib/log/util_bug.h"
15 #include "lib/intmath/cmp.h"
18 #include "lib/net/socket.h"
19 #include "lib/subsys/subsys.h"
20 
21 #ifdef _WIN32
22  #include <winsock2.h>
23  #include <ws2tcpip.h>
24 #endif
25 
26 #include <time.h>
27 
33 STATIC tor_tls_context_t *client_tls_context = NULL;
40 tor_tls_context_get(int is_server)
41 {
42  return is_server ? server_tls_context : client_tls_context;
43 }
44 
47 int
49 {
50  switch (e) {
51  case SOCK_ERRNO(ECONNRESET): // most common
52  return TOR_TLS_ERROR_CONNRESET;
53  case SOCK_ERRNO(ETIMEDOUT):
54  return TOR_TLS_ERROR_TIMEOUT;
55  case SOCK_ERRNO(EHOSTUNREACH):
56  case SOCK_ERRNO(ENETUNREACH):
57  return TOR_TLS_ERROR_NO_ROUTE;
58  case SOCK_ERRNO(ECONNREFUSED):
59  return TOR_TLS_ERROR_CONNREFUSED; // least common
60  default:
61  return TOR_TLS_ERROR_MISC;
62  }
63 }
64 
70 int
72  const tor_x509_cert_t **link_cert_out,
73  const tor_x509_cert_t **id_cert_out)
74 {
76  int rv = -1;
77  const tor_x509_cert_t *link_cert = NULL;
78  const tor_x509_cert_t *id_cert = NULL;
79  if (ctx) {
80  rv = 0;
81  link_cert = server ? ctx->my_link_cert : ctx->my_auth_cert;
82  id_cert = ctx->my_id_cert;
83  }
84  if (link_cert_out)
85  *link_cert_out = link_cert;
86  if (id_cert_out)
87  *id_cert_out = id_cert;
88  return rv;
89 }
90 
97 {
99  if (! context)
100  return NULL;
101  return context->auth_key;
102 }
103 
105 void
107 {
108  ++ctx->refcnt;
109 }
110 
113 void
115 {
116  tor_assert(ctx);
117  if (--ctx->refcnt == 0) {
118  tor_tls_context_impl_free(ctx->ctx);
119  tor_x509_cert_free(ctx->my_link_cert);
120  tor_x509_cert_free(ctx->my_id_cert);
121  tor_x509_cert_free(ctx->my_auth_cert);
122  crypto_pk_free(ctx->link_key);
123  crypto_pk_free(ctx->auth_key);
124  /* LCOV_EXCL_BR_START since ctx will never be NULL here */
125  tor_free(ctx);
126  /* LCOV_EXCL_BR_STOP */
127  }
128 }
129 
131 void
133 {
134  check_no_tls_errors();
135 
136  if (server_tls_context) {
138  server_tls_context = NULL;
140  }
141  if (client_tls_context) {
142  tor_tls_context_t *ctx = client_tls_context;
143  client_tls_context = NULL;
145  }
146 }
147 
149 const char *
151 {
152  if (err >= 0)
153  return "[Not an error.]";
154  switch (err) {
155  case TOR_TLS_ERROR_MISC: return "misc error";
156  case TOR_TLS_ERROR_IO: return "unexpected close";
157  case TOR_TLS_ERROR_CONNREFUSED: return "connection refused";
158  case TOR_TLS_ERROR_CONNRESET: return "connection reset";
159  case TOR_TLS_ERROR_NO_ROUTE: return "host unreachable";
160  case TOR_TLS_ERROR_TIMEOUT: return "connection timed out";
161  case TOR_TLS_CLOSE: return "closed";
162  case TOR_TLS_WANTREAD: return "want to read";
163  case TOR_TLS_WANTWRITE: return "want to write";
164  default: return "(unknown error code)";
165  }
166 }
167 
176 int
177 tor_tls_context_init(unsigned flags,
178  crypto_pk_t *client_identity,
179  crypto_pk_t *server_identity,
180  unsigned int key_lifetime)
181 {
182  int rv1 = 0;
183  int rv2 = 0;
184  const int is_public_server = flags & TOR_TLS_CTX_IS_PUBLIC_SERVER;
185  check_no_tls_errors();
186 
187  if (is_public_server) {
188  tor_tls_context_t *new_ctx;
189  tor_tls_context_t *old_ctx;
190 
191  tor_assert(server_identity != NULL);
192 
194  server_identity,
195  key_lifetime, flags, 0);
196 
197  if (rv1 >= 0) {
198  new_ctx = server_tls_context;
199  tor_tls_context_incref(new_ctx);
200  old_ctx = client_tls_context;
201  client_tls_context = new_ctx;
202 
203  if (old_ctx != NULL) {
204  tor_tls_context_decref(old_ctx);
205  }
206  } else {
208  "constructing a TLS context");
209  }
210  } else {
211  if (server_identity != NULL) {
213  server_identity,
214  key_lifetime,
215  flags,
216  0);
217  if (rv1 < 0)
219  "constructing a server TLS context");
220  } else {
222  server_tls_context = NULL;
223 
224  if (old_ctx != NULL) {
225  tor_tls_context_decref(old_ctx);
226  }
227  }
228 
229  rv2 = tor_tls_context_init_one(&client_tls_context,
230  client_identity,
231  key_lifetime,
232  flags,
233  1);
234  if (rv2 < 0)
236  "constructing a client TLS context");
237  }
238 
239  return MIN(rv1, rv2);
240 }
241 
248 int
250  crypto_pk_t *identity,
251  unsigned int key_lifetime,
252  unsigned int flags,
253  int is_client)
254 {
255  tor_tls_context_t *new_ctx = tor_tls_context_new(identity,
256  key_lifetime,
257  flags,
258  is_client);
259  tor_tls_context_t *old_ctx = *ppcontext;
260 
261  if (new_ctx != NULL) {
262  *ppcontext = new_ctx;
263 
264  /* Free the old context if one existed. */
265  if (old_ctx != NULL) {
266  /* This is safe even if there are open connections: we reference-
267  * count tor_tls_context_t objects. */
268  tor_tls_context_decref(old_ctx);
269  }
270  }
271 
272  return ((new_ctx != NULL) ? 0 : -1);
273 }
274 
276 #define RSA_LINK_KEY_BITS 2048
277 
279 #define IDENTITY_CERT_LIFETIME (365*24*60*60)
280 
286 int
288  crypto_pk_t *identity,
289  unsigned key_lifetime,
290  unsigned flags)
291 {
292  (void)flags;
293  int rv = -1;
294  char *nickname = NULL, *nn2 = NULL;
295  crypto_pk_t *rsa = NULL, *rsa_auth = NULL;
296  tor_x509_cert_impl_t *cert = NULL, *idcert = NULL, *authcert = NULL;
297 
298  nickname = crypto_random_hostname(8, 20, "www.", ".net");
299 
300 #ifdef DISABLE_V3_LINKPROTO_SERVERSIDE
301  nn2 = crypto_random_hostname(8, 20, "www.", ".net");
302 #else
303  nn2 = crypto_random_hostname(8, 20, "www.", ".com");
304 #endif
305 
306  /* Generate short-term RSA key for use with TLS. */
307  if (!(rsa = crypto_pk_new()))
308  goto error;
309  if (crypto_pk_generate_key_with_bits(rsa, RSA_LINK_KEY_BITS)<0)
310  goto error;
311 
312  /* Generate short-term RSA key for use in the in-protocol ("v3")
313  * authentication handshake. */
314  if (!(rsa_auth = crypto_pk_new()))
315  goto error;
316  if (crypto_pk_generate_key(rsa_auth)<0)
317  goto error;
318 
319  /* Create a link certificate signed by identity key. */
320  cert = tor_tls_create_certificate(rsa, identity, nickname, nn2,
321  key_lifetime);
322  /* Create self-signed certificate for identity key. */
323  idcert = tor_tls_create_certificate(identity, identity, nn2, nn2,
325  /* Create an authentication certificate signed by identity key. */
326  authcert = tor_tls_create_certificate(rsa_auth, identity, nickname, nn2,
327  key_lifetime);
328  if (!cert || !idcert || !authcert) {
329  log_warn(LD_CRYPTO, "Error creating certificate");
330  goto error;
331  }
332 
333  result->my_link_cert = tor_x509_cert_new(cert);
334  cert = NULL;
335  result->my_id_cert = tor_x509_cert_new(idcert);
336  idcert = NULL;
337  result->my_auth_cert = tor_x509_cert_new(authcert);
338  authcert = NULL;
339  if (!result->my_link_cert || !result->my_id_cert || !result->my_auth_cert)
340  goto error;
341  result->link_key = rsa;
342  rsa = NULL;
343  result->auth_key = rsa_auth;
344  rsa_auth = NULL;
345 
346  rv = 0;
347  error:
348 
349  tor_free(nickname);
350  tor_free(nn2);
351 
352  tor_x509_cert_impl_free(cert);
353  tor_x509_cert_impl_free(idcert);
354  tor_x509_cert_impl_free(authcert);
355  crypto_pk_free(rsa);
356  crypto_pk_free(rsa_auth);
357 
358  return rv;
359 }
363 void
364 tor_tls_set_logged_address(tor_tls_t *tls, const char *address)
365 {
366  tor_assert(tls);
367  tor_free(tls->address);
368  tls->address = tor_strdup(address);
369 }
370 
373 int
375 {
376  tor_assert(tls);
377  return tls->isServer;
378 }
379 
383 void
385 {
386  if (!tls)
387  return;
388  tor_assert(tls->ssl);
389  {
390  size_t r,w;
391  tor_tls_get_n_raw_bytes(tls,&r,&w); /* ensure written_by_tls is updated */
392  }
393  tor_tls_impl_free(tls->ssl);
394  tls->ssl = NULL;
395 #ifdef ENABLE_OPENSSL
396  tls->negotiated_callback = NULL;
397 #endif
398  if (tls->context)
399  tor_tls_context_decref(tls->context);
400  tor_free(tls->address);
401  tls->magic = 0x99999999;
402  tor_free(tls);
403 }
404 
410 int
411 tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity)
412 {
413  tor_x509_cert_impl_t *cert = NULL, *id_cert = NULL;
414  tor_x509_cert_t *peer_x509 = NULL, *id_x509 = NULL;
415  tor_assert(tls);
416  tor_assert(identity);
417  int rv = -1;
418 
419  try_to_extract_certs_from_tls(severity, tls, &cert, &id_cert);
420  if (!cert)
421  goto done;
422  if (!id_cert) {
423  log_fn(severity,LD_PROTOCOL,"No distinct identity certificate found");
424  goto done;
425  }
426  peer_x509 = tor_x509_cert_new(cert);
427  id_x509 = tor_x509_cert_new(id_cert);
428  cert = id_cert = NULL; /* Prevent double-free */
429 
430  if (! tor_tls_cert_is_valid(severity, peer_x509, id_x509, time(NULL), 0)) {
431  goto done;
432  }
433 
434  *identity = tor_tls_cert_get_key(id_x509);
435  rv = 0;
436 
437  done:
438  tor_x509_cert_impl_free(cert);
439  tor_x509_cert_impl_free(id_cert);
440  tor_x509_cert_free(peer_x509);
441  tor_x509_cert_free(id_x509);
442 
443  return rv;
444 }
445 
446 static void
447 subsys_tortls_shutdown(void)
448 {
450 }
451 
452 const subsys_fns_t sys_tortls = {
453  .name = "tortls",
454  .level = -50,
455  .shutdown = subsys_tortls_shutdown
456 };
char * address
Definition: tortls_st.h:39
tor_tls_context_t * tor_tls_context_get(int is_server)
Definition: tortls.c:40
int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity)
Definition: tortls.c:411
Declare subsystem object for the tortls module.
crypto_pk_t * tor_tls_get_my_client_auth_key(void)
Definition: tortls.c:96
Common functions for using (pseudo-)random number generators.
STATIC tor_tls_context_t * server_tls_context
Definition: tortls.c:32
Definitions for timing-related constants.
#define RSA_LINK_KEY_BITS
Definition: tortls.c:276
const char * tor_tls_err_to_string(int err)
Definition: tortls.c:150
Macro definitions for MIN, MAX, and CLAMP.
int tor_tls_cert_is_valid(int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, time_t now, int check_rsa_1024)
Definition: x509_nss.c:302
int tor_tls_context_init(unsigned flags, crypto_pk_t *client_identity, crypto_pk_t *server_identity, unsigned int key_lifetime)
Definition: tortls.c:177
void tor_tls_free_all(void)
Definition: tortls.c:132
void tor_tls_free_(tor_tls_t *tls)
Definition: tortls.c:384
Headers for crypto_rsa.c.
crypto_pk_t * tor_tls_cert_get_key(tor_x509_cert_t *cert)
Definition: x509_nss.c:285
#define tor_free(p)
Definition: malloc.h:52
void tor_tls_context_decref(tor_tls_context_t *ctx)
Definition: tortls.c:114
int tor_errno_to_tls_error(int e)
Definition: tortls.c:48
unsigned int isServer
Definition: tortls_st.h:43
tor_assert(buffer)
void tls_log_errors(tor_tls_t *tls, int severity, int domain, const char *doing)
Definition: tortls_nss.c:362
int tor_tls_context_init_certificates(tor_tls_context_t *result, crypto_pk_t *identity, unsigned key_lifetime, unsigned flags)
Definition: tortls.c:287
#define IDENTITY_CERT_LIFETIME
Definition: tortls.c:279
#define LOG_WARN
Definition: log.h:50
Headers for tortls.c.
int tor_tls_context_init_one(tor_tls_context_t **ppcontext, crypto_pk_t *identity, unsigned int key_lifetime, unsigned int flags, int is_client)
Definition: tortls.c:249
tor_tls_impl_t * ssl
Definition: tortls_st.h:36
#define log_fn(severity, domain, args,...)
Definition: log.h:266
Headers for tortls.c.
void tor_tls_set_logged_address(tor_tls_t *tls, const char *address)
Definition: tortls.c:364
const char * name
Definition: subsys.h:28
void tor_tls_get_n_raw_bytes(tor_tls_t *tls, size_t *n_read, size_t *n_written)
Definition: tortls_nss.c:654
Header for socket.c.
void tor_tls_context_incref(tor_tls_context_t *ctx)
Definition: tortls.c:106
#define LD_CRYPTO
Definition: log.h:61
Macros to manage assertions, fatal and non-fatal.
int tor_tls_is_server(tor_tls_t *tls)
Definition: tortls.c:374
#define LD_PROTOCOL
Definition: log.h:69
char * crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix, const char *suffix)
Definition: crypto_rand.c:551
int tor_tls_get_my_certs(int server, const tor_x509_cert_t **link_cert_out, const tor_x509_cert_t **id_cert_out)
Definition: tortls.c:71