1 ! Copyright (C) 2007, 2008, Slava Pestov, Elie CHAFTARI.
2 ! See http://factorcode.org/license.txt for BSD license.
3 USING: accessors alien alien.c-types alien.data alien.enums
4 alien.strings assocs byte-arrays classes.struct combinators
5 combinators.short-circuit destructors fry io io.backend
6 io.binary io.buffers io.encodings.latin1 io.encodings.utf8
7 io.files io.pathnames io.ports io.sockets io.sockets.secure
8 io.timeouts kernel libc locals math math.functions math.order
9 math.parser memoize namespaces openssl openssl.libcrypto
10 openssl.libssl random sequences sets splitting unicode ;
11 IN: io.sockets.secure.openssl
13 GENERIC: ssl-method ( symbol -- method )
14 M: TLSv1 ssl-method drop TLSv1_method ;
15 M: TLSv1.1 ssl-method drop TLSv1_1_method ;
16 M: TLSv1.2 ssl-method drop TLSv1_2_method ;
18 MEMO: make-cipher-list ( -- string )
20 "ECDHE-ECDSA-AES256-GCM-SHA384"
21 "ECDHE-ECDSA-AES256-SHA384"
22 "ECDHE-ECDSA-AES128-GCM-SHA256"
23 "ECDHE-ECDSA-AES128-SHA256"
24 "ECDHE-RSA-AES256-GCM-SHA384"
25 "ECDHE-RSA-AES256-SHA384"
26 "ECDHE-RSA-AES128-GCM-SHA256"
27 "ECDHE-RSA-AES128-SHA256"
28 "ECDHE-ECDSA-AES256-CCM8"
29 "ECDHE-ECDSA-AES256-CCM"
30 "ECDHE-ECDSA-AES128-CCM8"
31 "ECDHE-ECDSA-AES128-CCM"
32 "ECDHE-ECDSA-CAMELLIA256-SHA384"
33 "ECDHE-RSA-CAMELLIA256-SHA384"
34 "ECDHE-ECDSA-CAMELLIA128-SHA256"
35 "ECDHE-RSA-CAMELLIA128-SHA256"
36 "ECDHE-RSA-CHACHA20-POLY1305"
37 "ECDHE-ECDSA-CHACHA20-POLY1305"
38 "ECDHE-PSK-CHACHA20-POLY1305"
48 TUPLE: openssl-context < secure-context aliens sessions ;
52 : bn-bytes-needed ( num -- bytes-required )
53 log2 1 + 8 / ceiling ;
57 : number>bn ( num -- bn )
58 dup bn-bytes-needed >be
62 : disable-old-tls ( ctx -- )
64 SSL_OP_NO_TLSv1 SSL_OP_NO_TLSv1_1 bitor
65 SSL_CTX_set_options ssl-error ;
67 : set-session-cache ( ctx -- )
69 [ SSL_SESS_CACHE_BOTH SSL_CTX_set_session_cache_mode ssl-error ]
70 [ 32 random-bits >hex dup length SSL_CTX_set_session_id_context ssl-error ]
73 ERROR: file-expected path ;
75 : ensure-exists ( path -- path )
76 dup exists? [ file-expected ] unless ; inline
78 : ssl-file-path ( path -- path' )
79 absolute-path ensure-exists ;
81 : load-certificate-chain ( ctx -- )
82 dup config>> key-file>> [
83 [ handle>> ] [ config>> key-file>> ssl-file-path ] bi
84 SSL_CTX_use_certificate_chain_file
88 : password-callback ( -- alien )
89 int { void* int bool void* } cdecl
90 [| buf size rwflag password! |
91 password [ B{ 0 } password! ] unless
93 password strlen :> len
94 buf password len 1 + size min memcpy
98 : default-pasword ( ctx -- alien )
99 [ config>> password>> latin1 malloc-string ] [ aliens>> ] bi
100 [ push ] [ drop ] 2bi ;
102 : set-default-password ( ctx -- )
103 dup config>> password>> [
104 [ handle>> password-callback SSL_CTX_set_default_passwd_cb ]
106 [ handle>> ] [ default-pasword ] bi
107 SSL_CTX_set_default_passwd_cb_userdata
111 : use-private-key-file ( ctx -- )
112 dup config>> key-file>> [
114 [ config>> key-file>> ssl-file-path ] bi
115 SSL_FILETYPE_PEM SSL_CTX_use_PrivateKey_file
119 : load-verify-locations ( ctx -- )
120 dup config>> [ ca-file>> ] [ ca-path>> ] bi or [
124 [ ca-file>> dup [ ssl-file-path ] when ]
125 [ ca-path>> dup [ ssl-file-path ] when ] bi
127 SSL_CTX_load_verify_locations
128 ] [ handle>> SSL_CTX_set_default_verify_paths ] if ssl-error ;
130 : set-verify-depth ( ctx -- )
131 dup config>> verify-depth>> [
132 [ handle>> ] [ config>> verify-depth>> ] bi
133 SSL_CTX_set_verify_depth
136 TUPLE: bio < disposable handle ;
138 : <bio> ( handle -- bio ) bio new-disposable swap >>handle ;
140 M: bio dispose* handle>> BIO_free ssl-error ;
142 : <file-bio> ( path -- bio )
143 normalize-path "r" BIO_new_file dup ssl-error <bio> ;
145 : load-dh-params ( ctx -- )
146 dup config>> dh-file>> [
147 [ handle>> ] [ config>> dh-file>> ] bi <file-bio> &dispose
148 handle>> f f f PEM_read_bio_DHparams dup ssl-error
149 SSL_CTX_set_tmp_dh ssl-error
152 ! Attempt to set ecdh. If it fails, ignore...?
153 : set-ecdh-params ( ctx -- )
154 handle>> SSL_CTRL_SET_ECDH_AUTO 1 f SSL_CTX_ctrl drop ;
156 : <openssl-context> ( config ctx -- context )
157 openssl-context new-disposable
161 H{ } clone >>sessions ;
163 M: openssl <secure-context> ( config -- context )
166 dup method>> ssl-method SSL_CTX_new
167 dup ssl-error <openssl-context> |dispose
169 [ set-session-cache ]
170 [ load-certificate-chain ]
171 [ set-default-password ]
172 [ use-private-key-file ]
173 [ load-verify-locations ]
181 M: openssl-context dispose*
183 [ aliens>> [ &free drop ] each ]
184 [ sessions>> values [ SSL_SESSION_free ] each ]
185 [ handle>> SSL_CTX_free ]
189 TUPLE: ssl-handle < disposable file handle connected ;
191 SYMBOL: default-secure-context
193 : current-secure-context ( -- ctx )
195 default-secure-context [
196 <secure-config> <secure-context>
200 : get-session ( addrspec -- session/f )
201 current-secure-context sessions>> at ;
203 : save-session ( session addrspec -- )
204 current-secure-context sessions>> set-at ;
206 : set-secure-cipher-list-only ( ssl -- ssl )
207 dup handle>> make-cipher-list SSL_set_cipher_list ssl-error ;
209 : <ssl-handle> ( fd -- ssl )
211 ssl-handle new-disposable |dispose
212 current-secure-context handle>> SSL_new
213 dup ssl-error >>handle
215 set-secure-cipher-list-only
218 :: <ssl-socket> ( winsock hostname -- ssl )
219 winsock socket-handle BIO_NOCLOSE BIO_new_socket dup ssl-error :> bio
220 winsock <ssl-handle> :> handle
221 handle handle>> :> native-handle
224 native-handle swap SSL_set_tlsext_host_name ssl-error
226 native-handle bio bio SSL_set_bio
230 : syscall-error ( r -- event )
234 errno ECONNRESET = [ premature-close ]
237 ! OpenSSL docs say this it is an error condition for
238 ! a server to not send a close notify, but web
239 ! servers in the wild don't seem to do this, for
240 ! example https://www.google.com.
243 ] [ nip (ssl-error) ] if-zero ;
245 : check-ssl-error ( ssl ret exra-cases/f -- event/f )
246 [ tuck SSL_get_error ] dip
248 { SSL_ERROR_NONE [ drop f ] }
249 { SSL_ERROR_WANT_READ [ drop +input+ ] }
250 { SSL_ERROR_WANT_WRITE [ drop +output+ ] }
251 { SSL_ERROR_SYSCALL [ syscall-error ] }
252 { SSL_ERROR_SSL [ drop (ssl-error) ] }
253 } append [ [ execute( -- n ) ] dip ] assoc-map
254 at [ call( x -- y ) ] [ no-cond ] if* ;
257 : do-ssl-accept-once ( ssl -- event/f )
259 { SSL_ERROR_ZERO_RETURN [ (ssl-error) ] }
260 { SSL_ERROR_WANT_ACCEPT [ drop +input+ ] }
263 : do-ssl-accept ( ssl-handle -- )
264 dup handle>> do-ssl-accept-once
265 [ [ dup file>> ] dip wait-for-fd do-ssl-accept ] [ drop ] if* ;
267 : maybe-handshake ( ssl-handle -- )
268 dup connected>> [ drop ] [
269 [ [ do-ssl-accept ] with-timeout ]
270 [ t swap connected<< ] bi
274 : do-ssl-read ( buffer ssl -- event/f )
275 2dup swap [ buffer-end ] [ buffer-capacity ] bi SSL_read [
276 { { SSL_ERROR_ZERO_RETURN [ drop f ] } } check-ssl-error
277 ] keep swap [ 2nip ] [ swap buffer+ f ] if* ;
279 M: ssl-handle refill ( port handle -- event/f )
280 dup maybe-handshake [ buffer>> ] [ handle>> ] bi* do-ssl-read ;
283 : do-ssl-write ( buffer ssl -- event/f )
284 2dup swap [ buffer@ ] [ buffer-length ] bi SSL_write
285 [ f check-ssl-error ] keep swap [ 2nip ] [ swap buffer-consume f ] if* ;
287 M: ssl-handle drain ( port handle -- event/f )
288 dup maybe-handshake [ buffer>> ] [ handle>> ] bi* do-ssl-write ;
291 : do-ssl-connect-once ( ssl -- event/f )
292 dup SSL_connect f check-ssl-error ;
294 : do-ssl-connect ( ssl-handle -- )
295 dup handle>> do-ssl-connect-once
296 [ dupd wait-for-fd do-ssl-connect ] [ drop ] if* ;
298 : resume-session ( ssl-handle ssl-session -- )
299 [ [ handle>> ] dip SSL_set_session ssl-error ]
300 [ drop do-ssl-connect ]
303 : begin-session ( ssl-handle addrspec -- )
304 [ drop do-ssl-connect ]
305 [ [ handle>> SSL_get1_session ] dip save-session ]
308 : secure-connection ( client-out addrspec -- )
313 [ resume-session ] [ begin-session ] ?if
315 ] [ drop t >>connected drop ] 2bi ;
317 M: ssl-handle timeout
318 drop secure-socket-timeout get ;
320 M: ssl-handle cancel-operation
321 file>> cancel-operation ;
323 M: ssl-handle dispose*
325 ! Free file>> after SSL_free
326 [ file>> &dispose drop ]
327 [ handle>> SSL_free ] bi
330 : check-verify-result ( ssl-handle -- )
331 SSL_get_verify_result X509_V_ERROR number>enum dup X509_V_ERR_OK =
332 [ drop ] [ certificate-verify-error ] if ;
334 : x509name>string ( x509name -- string )
335 NID_commonName 256 <byte-array>
336 [ 256 X509_NAME_get_text_by_NID ] keep
337 swap -1 = [ drop f ] [ latin1 alien>string ] if ;
339 : subject-name ( certificate -- host )
340 X509_get_subject_name x509name>string ;
342 : issuer-name ( certificate -- issuer )
343 X509_get_issuer_name x509name>string ;
345 : sk-value ( stack v -- obj )
346 ssl-new-api? get-global [ OPENSSL_sk_value ] [ sk_value ] if ;
348 : sk-num ( stack -- num )
349 ssl-new-api? get-global [ OPENSSL_sk_num ] [ sk_num ] if ;
351 : name-stack>sequence ( name-stack -- seq )
353 sk-value GENERAL_NAME_st memory>struct
356 : alternative-dns-names ( certificate -- dns-names )
357 NID_subject_alt_name f f X509_get_ext_d2i
358 [ name-stack>sequence ] [ f ] if*
359 [ type>> GEN_DNS = ] filter
360 [ d>> dNSName>> data>> utf8 alien>string ] map ;
362 ! *.foo.com matches: foo.com, www.foo.com, a.foo.com
363 ! *.bar.foo.com matches: bar.foo.com, www.bar.foo.com, b.bar.foo.com
364 : subject-names-match? ( name pattern -- ? )
369 [ [ [ CHAR: . = ] count ] bi@ - 1 <= ]
375 : check-subject-name ( host ssl-handle -- )
376 SSL_get_peer_certificate [
377 [ alternative-dns-names ]
378 [ subject-name ] bi suffix members
379 2dup [ subject-names-match? ] with any?
380 [ 2drop ] [ subject-name-verify-error ] if
381 ] [ certificate-missing-error ] if* ;
383 M: openssl check-certificate ( host ssl -- )
384 current-secure-context config>> verify>> [
386 [ nip check-verify-result ]
387 [ check-subject-name ]
391 : check-buffer ( port -- port )
392 dup buffer>> buffer-empty? [ upgrade-buffers-full ] unless ;
394 : input/output-ports ( -- input output )
395 input-stream output-stream
396 [ get underlying-port check-buffer ] bi@
397 2dup [ handle>> ] bi@ eq? [ upgrade-on-non-socket ] unless ;
399 : make-input/output-secure ( input output -- )
400 dup handle>> non-ssl-socket? [ upgrade-on-non-socket ] unless
401 [ f <ssl-socket> ] change-handle
402 handle>> >>handle drop ;
404 : (send-secure-handshake) ( output -- )
405 remote-address get [ upgrade-on-non-socket ] unless*
408 M: openssl send-secure-handshake
410 [ make-input/output-secure ] keep
411 [ (send-secure-handshake) ] keep
412 remote-address get dup inet? [
413 host>> swap handle>> check-certificate
416 M: openssl accept-secure-handshake ( -- )
418 make-input/output-secure ;
420 openssl secure-socket-backend set-global