migration: split migration hooks out of QEMUFileOps
[qemu.git] / crypto / tlssession.c
1 /*
2 * QEMU crypto TLS session support
3 *
4 * Copyright (c) 2015 Red Hat, Inc.
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 *
19 */
20
21 #include "qemu/osdep.h"
22 #include "crypto/tlssession.h"
23 #include "crypto/tlscredsanon.h"
24 #include "crypto/tlscredsx509.h"
25 #include "qapi/error.h"
26 #include "qemu/acl.h"
27 #include "trace.h"
28
29 #ifdef CONFIG_GNUTLS
30
31
32 #include <gnutls/x509.h>
33
34
35 struct QCryptoTLSSession {
36 QCryptoTLSCreds *creds;
37 gnutls_session_t handle;
38 char *hostname;
39 char *aclname;
40 bool handshakeComplete;
41 QCryptoTLSSessionWriteFunc writeFunc;
42 QCryptoTLSSessionReadFunc readFunc;
43 void *opaque;
44 char *peername;
45 };
46
47
48 void
49 qcrypto_tls_session_free(QCryptoTLSSession *session)
50 {
51 if (!session) {
52 return;
53 }
54
55 gnutls_deinit(session->handle);
56 g_free(session->hostname);
57 g_free(session->peername);
58 g_free(session->aclname);
59 object_unref(OBJECT(session->creds));
60 g_free(session);
61 }
62
63
64 static ssize_t
65 qcrypto_tls_session_push(void *opaque, const void *buf, size_t len)
66 {
67 QCryptoTLSSession *session = opaque;
68
69 if (!session->writeFunc) {
70 errno = EIO;
71 return -1;
72 };
73
74 return session->writeFunc(buf, len, session->opaque);
75 }
76
77
78 static ssize_t
79 qcrypto_tls_session_pull(void *opaque, void *buf, size_t len)
80 {
81 QCryptoTLSSession *session = opaque;
82
83 if (!session->readFunc) {
84 errno = EIO;
85 return -1;
86 };
87
88 return session->readFunc(buf, len, session->opaque);
89 }
90
91
92 QCryptoTLSSession *
93 qcrypto_tls_session_new(QCryptoTLSCreds *creds,
94 const char *hostname,
95 const char *aclname,
96 QCryptoTLSCredsEndpoint endpoint,
97 Error **errp)
98 {
99 QCryptoTLSSession *session;
100 int ret;
101
102 session = g_new0(QCryptoTLSSession, 1);
103 trace_qcrypto_tls_session_new(
104 session, creds, hostname ? hostname : "<none>",
105 aclname ? aclname : "<none>", endpoint);
106
107 if (hostname) {
108 session->hostname = g_strdup(hostname);
109 }
110 if (aclname) {
111 session->aclname = g_strdup(aclname);
112 }
113 session->creds = creds;
114 object_ref(OBJECT(creds));
115
116 if (creds->endpoint != endpoint) {
117 error_setg(errp, "Credentials endpoint doesn't match session");
118 goto error;
119 }
120
121 if (endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
122 ret = gnutls_init(&session->handle, GNUTLS_SERVER);
123 } else {
124 ret = gnutls_init(&session->handle, GNUTLS_CLIENT);
125 }
126 if (ret < 0) {
127 error_setg(errp, "Cannot initialize TLS session: %s",
128 gnutls_strerror(ret));
129 goto error;
130 }
131
132 if (object_dynamic_cast(OBJECT(creds),
133 TYPE_QCRYPTO_TLS_CREDS_ANON)) {
134 QCryptoTLSCredsAnon *acreds = QCRYPTO_TLS_CREDS_ANON(creds);
135
136 ret = gnutls_priority_set_direct(session->handle,
137 "NORMAL:+ANON-DH", NULL);
138 if (ret < 0) {
139 error_setg(errp, "Unable to set TLS session priority: %s",
140 gnutls_strerror(ret));
141 goto error;
142 }
143 if (creds->endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
144 ret = gnutls_credentials_set(session->handle,
145 GNUTLS_CRD_ANON,
146 acreds->data.server);
147 } else {
148 ret = gnutls_credentials_set(session->handle,
149 GNUTLS_CRD_ANON,
150 acreds->data.client);
151 }
152 if (ret < 0) {
153 error_setg(errp, "Cannot set session credentials: %s",
154 gnutls_strerror(ret));
155 goto error;
156 }
157 } else if (object_dynamic_cast(OBJECT(creds),
158 TYPE_QCRYPTO_TLS_CREDS_X509)) {
159 QCryptoTLSCredsX509 *tcreds = QCRYPTO_TLS_CREDS_X509(creds);
160
161 ret = gnutls_set_default_priority(session->handle);
162 if (ret < 0) {
163 error_setg(errp, "Cannot set default TLS session priority: %s",
164 gnutls_strerror(ret));
165 goto error;
166 }
167 ret = gnutls_credentials_set(session->handle,
168 GNUTLS_CRD_CERTIFICATE,
169 tcreds->data);
170 if (ret < 0) {
171 error_setg(errp, "Cannot set session credentials: %s",
172 gnutls_strerror(ret));
173 goto error;
174 }
175
176 if (creds->endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
177 /* This requests, but does not enforce a client cert.
178 * The cert checking code later does enforcement */
179 gnutls_certificate_server_set_request(session->handle,
180 GNUTLS_CERT_REQUEST);
181 }
182 } else {
183 error_setg(errp, "Unsupported TLS credentials type %s",
184 object_get_typename(OBJECT(creds)));
185 goto error;
186 }
187
188 gnutls_transport_set_ptr(session->handle, session);
189 gnutls_transport_set_push_function(session->handle,
190 qcrypto_tls_session_push);
191 gnutls_transport_set_pull_function(session->handle,
192 qcrypto_tls_session_pull);
193
194 return session;
195
196 error:
197 qcrypto_tls_session_free(session);
198 return NULL;
199 }
200
201 static int
202 qcrypto_tls_session_check_certificate(QCryptoTLSSession *session,
203 Error **errp)
204 {
205 int ret;
206 unsigned int status;
207 const gnutls_datum_t *certs;
208 unsigned int nCerts, i;
209 time_t now;
210 gnutls_x509_crt_t cert = NULL;
211
212 now = time(NULL);
213 if (now == ((time_t)-1)) {
214 error_setg_errno(errp, errno, "Cannot get current time");
215 return -1;
216 }
217
218 ret = gnutls_certificate_verify_peers2(session->handle, &status);
219 if (ret < 0) {
220 error_setg(errp, "Verify failed: %s", gnutls_strerror(ret));
221 return -1;
222 }
223
224 if (status != 0) {
225 const char *reason = "Invalid certificate";
226
227 if (status & GNUTLS_CERT_INVALID) {
228 reason = "The certificate is not trusted";
229 }
230
231 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) {
232 reason = "The certificate hasn't got a known issuer";
233 }
234
235 if (status & GNUTLS_CERT_REVOKED) {
236 reason = "The certificate has been revoked";
237 }
238
239 if (status & GNUTLS_CERT_INSECURE_ALGORITHM) {
240 reason = "The certificate uses an insecure algorithm";
241 }
242
243 error_setg(errp, "%s", reason);
244 return -1;
245 }
246
247 certs = gnutls_certificate_get_peers(session->handle, &nCerts);
248 if (!certs) {
249 error_setg(errp, "No certificate peers");
250 return -1;
251 }
252
253 for (i = 0; i < nCerts; i++) {
254 ret = gnutls_x509_crt_init(&cert);
255 if (ret < 0) {
256 error_setg(errp, "Cannot initialize certificate: %s",
257 gnutls_strerror(ret));
258 return -1;
259 }
260
261 ret = gnutls_x509_crt_import(cert, &certs[i], GNUTLS_X509_FMT_DER);
262 if (ret < 0) {
263 error_setg(errp, "Cannot import certificate: %s",
264 gnutls_strerror(ret));
265 goto error;
266 }
267
268 if (gnutls_x509_crt_get_expiration_time(cert) < now) {
269 error_setg(errp, "The certificate has expired");
270 goto error;
271 }
272
273 if (gnutls_x509_crt_get_activation_time(cert) > now) {
274 error_setg(errp, "The certificate is not yet activated");
275 goto error;
276 }
277
278 if (gnutls_x509_crt_get_activation_time(cert) > now) {
279 error_setg(errp, "The certificate is not yet activated");
280 goto error;
281 }
282
283 if (i == 0) {
284 size_t dnameSize = 1024;
285 session->peername = g_malloc(dnameSize);
286 requery:
287 ret = gnutls_x509_crt_get_dn(cert, session->peername, &dnameSize);
288 if (ret < 0) {
289 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
290 session->peername = g_realloc(session->peername,
291 dnameSize);
292 goto requery;
293 }
294 error_setg(errp, "Cannot get client distinguished name: %s",
295 gnutls_strerror(ret));
296 goto error;
297 }
298 if (session->aclname) {
299 qemu_acl *acl = qemu_acl_find(session->aclname);
300 int allow;
301 if (!acl) {
302 error_setg(errp, "Cannot find ACL %s",
303 session->aclname);
304 goto error;
305 }
306
307 allow = qemu_acl_party_is_allowed(acl, session->peername);
308
309 if (!allow) {
310 error_setg(errp, "TLS x509 ACL check for %s is denied",
311 session->peername);
312 goto error;
313 }
314 }
315 if (session->hostname) {
316 if (!gnutls_x509_crt_check_hostname(cert, session->hostname)) {
317 error_setg(errp,
318 "Certificate does not match the hostname %s",
319 session->hostname);
320 goto error;
321 }
322 }
323 }
324
325 gnutls_x509_crt_deinit(cert);
326 }
327
328 return 0;
329
330 error:
331 gnutls_x509_crt_deinit(cert);
332 return -1;
333 }
334
335
336 int
337 qcrypto_tls_session_check_credentials(QCryptoTLSSession *session,
338 Error **errp)
339 {
340 if (object_dynamic_cast(OBJECT(session->creds),
341 TYPE_QCRYPTO_TLS_CREDS_ANON)) {
342 return 0;
343 } else if (object_dynamic_cast(OBJECT(session->creds),
344 TYPE_QCRYPTO_TLS_CREDS_X509)) {
345 if (session->creds->verifyPeer) {
346 return qcrypto_tls_session_check_certificate(session,
347 errp);
348 } else {
349 return 0;
350 }
351 } else {
352 error_setg(errp, "Unexpected credential type %s",
353 object_get_typename(OBJECT(session->creds)));
354 return -1;
355 }
356 }
357
358
359 void
360 qcrypto_tls_session_set_callbacks(QCryptoTLSSession *session,
361 QCryptoTLSSessionWriteFunc writeFunc,
362 QCryptoTLSSessionReadFunc readFunc,
363 void *opaque)
364 {
365 session->writeFunc = writeFunc;
366 session->readFunc = readFunc;
367 session->opaque = opaque;
368 }
369
370
371 ssize_t
372 qcrypto_tls_session_write(QCryptoTLSSession *session,
373 const char *buf,
374 size_t len)
375 {
376 ssize_t ret = gnutls_record_send(session->handle, buf, len);
377
378 if (ret < 0) {
379 switch (ret) {
380 case GNUTLS_E_AGAIN:
381 errno = EAGAIN;
382 break;
383 case GNUTLS_E_INTERRUPTED:
384 errno = EINTR;
385 break;
386 default:
387 errno = EIO;
388 break;
389 }
390 ret = -1;
391 }
392
393 return ret;
394 }
395
396
397 ssize_t
398 qcrypto_tls_session_read(QCryptoTLSSession *session,
399 char *buf,
400 size_t len)
401 {
402 ssize_t ret = gnutls_record_recv(session->handle, buf, len);
403
404 if (ret < 0) {
405 switch (ret) {
406 case GNUTLS_E_AGAIN:
407 errno = EAGAIN;
408 break;
409 case GNUTLS_E_INTERRUPTED:
410 errno = EINTR;
411 break;
412 default:
413 errno = EIO;
414 break;
415 }
416 ret = -1;
417 }
418
419 return ret;
420 }
421
422
423 int
424 qcrypto_tls_session_handshake(QCryptoTLSSession *session,
425 Error **errp)
426 {
427 int ret = gnutls_handshake(session->handle);
428 if (ret == 0) {
429 session->handshakeComplete = true;
430 } else {
431 if (ret == GNUTLS_E_INTERRUPTED ||
432 ret == GNUTLS_E_AGAIN) {
433 ret = 1;
434 } else {
435 error_setg(errp, "TLS handshake failed: %s",
436 gnutls_strerror(ret));
437 ret = -1;
438 }
439 }
440
441 return ret;
442 }
443
444
445 QCryptoTLSSessionHandshakeStatus
446 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *session)
447 {
448 if (session->handshakeComplete) {
449 return QCRYPTO_TLS_HANDSHAKE_COMPLETE;
450 } else if (gnutls_record_get_direction(session->handle) == 0) {
451 return QCRYPTO_TLS_HANDSHAKE_RECVING;
452 } else {
453 return QCRYPTO_TLS_HANDSHAKE_SENDING;
454 }
455 }
456
457
458 int
459 qcrypto_tls_session_get_key_size(QCryptoTLSSession *session,
460 Error **errp)
461 {
462 gnutls_cipher_algorithm_t cipher;
463 int ssf;
464
465 cipher = gnutls_cipher_get(session->handle);
466 ssf = gnutls_cipher_get_key_size(cipher);
467 if (!ssf) {
468 error_setg(errp, "Cannot get TLS cipher key size");
469 return -1;
470 }
471 return ssf;
472 }
473
474
475 char *
476 qcrypto_tls_session_get_peer_name(QCryptoTLSSession *session)
477 {
478 if (session->peername) {
479 return g_strdup(session->peername);
480 }
481 return NULL;
482 }
483
484
485 #else /* ! CONFIG_GNUTLS */
486
487
488 QCryptoTLSSession *
489 qcrypto_tls_session_new(QCryptoTLSCreds *creds G_GNUC_UNUSED,
490 const char *hostname G_GNUC_UNUSED,
491 const char *aclname G_GNUC_UNUSED,
492 QCryptoTLSCredsEndpoint endpoint G_GNUC_UNUSED,
493 Error **errp)
494 {
495 error_setg(errp, "TLS requires GNUTLS support");
496 return NULL;
497 }
498
499
500 void
501 qcrypto_tls_session_free(QCryptoTLSSession *sess G_GNUC_UNUSED)
502 {
503 }
504
505
506 int
507 qcrypto_tls_session_check_credentials(QCryptoTLSSession *sess G_GNUC_UNUSED,
508 Error **errp)
509 {
510 error_setg(errp, "TLS requires GNUTLS support");
511 return -1;
512 }
513
514
515 void
516 qcrypto_tls_session_set_callbacks(
517 QCryptoTLSSession *sess G_GNUC_UNUSED,
518 QCryptoTLSSessionWriteFunc writeFunc G_GNUC_UNUSED,
519 QCryptoTLSSessionReadFunc readFunc G_GNUC_UNUSED,
520 void *opaque G_GNUC_UNUSED)
521 {
522 }
523
524
525 ssize_t
526 qcrypto_tls_session_write(QCryptoTLSSession *sess,
527 const char *buf,
528 size_t len)
529 {
530 errno = -EIO;
531 return -1;
532 }
533
534
535 ssize_t
536 qcrypto_tls_session_read(QCryptoTLSSession *sess,
537 char *buf,
538 size_t len)
539 {
540 errno = -EIO;
541 return -1;
542 }
543
544
545 int
546 qcrypto_tls_session_handshake(QCryptoTLSSession *sess,
547 Error **errp)
548 {
549 error_setg(errp, "TLS requires GNUTLS support");
550 return -1;
551 }
552
553
554 QCryptoTLSSessionHandshakeStatus
555 qcrypto_tls_session_get_handshake_status(QCryptoTLSSession *sess)
556 {
557 return QCRYPTO_TLS_HANDSHAKE_COMPLETE;
558 }
559
560
561 int
562 qcrypto_tls_session_get_key_size(QCryptoTLSSession *sess,
563 Error **errp)
564 {
565 error_setg(errp, "TLS requires GNUTLS support");
566 return -1;
567 }
568
569
570 char *
571 qcrypto_tls_session_get_peer_name(QCryptoTLSSession *sess)
572 {
573 return NULL;
574 }
575
576 #endif