1 /* 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. 3 * 4 * Use of this source code is governed by a BSD-style license 5 * that can be found in the LICENSE file in the root of the source 6 * tree. An additional intellectual property rights grant can be found 7 * in the file PATENTS. All contributing project authors may 8 * be found in the AUTHORS file in the root of the source tree. 9 */ 10 11 #ifndef WEBRTC_BASE_SSLSTREAMADAPTER_H_ 12 #define WEBRTC_BASE_SSLSTREAMADAPTER_H_ 13 14 #include <string> 15 #include <vector> 16 17 #include "webrtc/base/stream.h" 18 #include "webrtc/base/sslidentity.h" 19 20 namespace rtc { 21 22 // Constants for SSL profile. 23 const int TLS_NULL_WITH_NULL_NULL = 0; 24 25 // Constants for SRTP profiles. 26 const int SRTP_INVALID_CRYPTO_SUITE = 0; 27 const int SRTP_AES128_CM_SHA1_80 = 0x0001; 28 const int SRTP_AES128_CM_SHA1_32 = 0x0002; 29 30 // Cipher suite to use for SRTP. Typically a 80-bit HMAC will be used, except 31 // in applications (voice) where the additional bandwidth may be significant. 32 // A 80-bit HMAC is always used for SRTCP. 33 // 128-bit AES with 80-bit SHA-1 HMAC. 34 extern const char CS_AES_CM_128_HMAC_SHA1_80[]; 35 // 128-bit AES with 32-bit SHA-1 HMAC. 36 extern const char CS_AES_CM_128_HMAC_SHA1_32[]; 37 38 // Given the DTLS-SRTP protection profile ID, as defined in 39 // https://tools.ietf.org/html/rfc4568#section-6.2 , return the SRTP profile 40 // name, as defined in https://tools.ietf.org/html/rfc5764#section-4.1.2. 41 std::string SrtpCryptoSuiteToName(int crypto_suite); 42 43 // The reverse of above conversion. 44 int SrtpCryptoSuiteFromName(const std::string& crypto_suite); 45 46 // SSLStreamAdapter : A StreamInterfaceAdapter that does SSL/TLS. 47 // After SSL has been started, the stream will only open on successful 48 // SSL verification of certificates, and the communication is 49 // encrypted of course. 50 // 51 // This class was written with SSLAdapter as a starting point. It 52 // offers a similar interface, with two differences: there is no 53 // support for a restartable SSL connection, and this class has a 54 // peer-to-peer mode. 55 // 56 // The SSL library requires initialization and cleanup. Static method 57 // for doing this are in SSLAdapter. They should possibly be moved out 58 // to a neutral class. 59 60 61 enum SSLRole { SSL_CLIENT, SSL_SERVER }; 62 enum SSLMode { SSL_MODE_TLS, SSL_MODE_DTLS }; 63 enum SSLProtocolVersion { 64 SSL_PROTOCOL_TLS_10, 65 SSL_PROTOCOL_TLS_11, 66 SSL_PROTOCOL_TLS_12, 67 SSL_PROTOCOL_DTLS_10 = SSL_PROTOCOL_TLS_11, 68 SSL_PROTOCOL_DTLS_12 = SSL_PROTOCOL_TLS_12, 69 }; 70 71 // Errors for Read -- in the high range so no conflict with OpenSSL. 72 enum { SSE_MSG_TRUNC = 0xff0001 }; 73 74 class SSLStreamAdapter : public StreamAdapterInterface { 75 public: 76 // Instantiate an SSLStreamAdapter wrapping the given stream, 77 // (using the selected implementation for the platform). 78 // Caller is responsible for freeing the returned object. 79 static SSLStreamAdapter* Create(StreamInterface* stream); 80 SSLStreamAdapter(StreamInterface * stream)81 explicit SSLStreamAdapter(StreamInterface* stream) 82 : StreamAdapterInterface(stream), ignore_bad_cert_(false), 83 client_auth_enabled_(true) { } 84 set_ignore_bad_cert(bool ignore)85 void set_ignore_bad_cert(bool ignore) { ignore_bad_cert_ = ignore; } ignore_bad_cert()86 bool ignore_bad_cert() const { return ignore_bad_cert_; } 87 set_client_auth_enabled(bool enabled)88 void set_client_auth_enabled(bool enabled) { client_auth_enabled_ = enabled; } client_auth_enabled()89 bool client_auth_enabled() const { return client_auth_enabled_; } 90 91 // Specify our SSL identity: key and certificate. Mostly this is 92 // only used in the peer-to-peer mode (unless we actually want to 93 // provide a client certificate to a server). 94 // SSLStream takes ownership of the SSLIdentity object and will 95 // free it when appropriate. Should be called no more than once on a 96 // given SSLStream instance. 97 virtual void SetIdentity(SSLIdentity* identity) = 0; 98 99 // Call this to indicate that we are to play the server's role in 100 // the peer-to-peer mode. 101 // The default argument is for backward compatibility 102 // TODO(ekr@rtfm.com): rename this SetRole to reflect its new function 103 virtual void SetServerRole(SSLRole role = SSL_SERVER) = 0; 104 105 // Do DTLS or TLS 106 virtual void SetMode(SSLMode mode) = 0; 107 108 // Set maximum supported protocol version. The highest version supported by 109 // both ends will be used for the connection, i.e. if one party supports 110 // DTLS 1.0 and the other DTLS 1.2, DTLS 1.0 will be used. 111 // If requested version is not supported by underlying crypto library, the 112 // next lower will be used. 113 virtual void SetMaxProtocolVersion(SSLProtocolVersion version) = 0; 114 115 // The mode of operation is selected by calling either 116 // StartSSLWithServer or StartSSLWithPeer. 117 // Use of the stream prior to calling either of these functions will 118 // pass data in clear text. 119 // Calling one of these functions causes SSL negotiation to begin as 120 // soon as possible: right away if the underlying wrapped stream is 121 // already opened, or else as soon as it opens. 122 // 123 // These functions return a negative error code on failure. 124 // Returning 0 means success so far, but negotiation is probably not 125 // complete and will continue asynchronously. In that case, the 126 // exposed stream will open after successful negotiation and 127 // verification, or an SE_CLOSE event will be raised if negotiation 128 // fails. 129 130 // StartSSLWithServer starts SSL negotiation with a server in 131 // traditional mode. server_name specifies the expected server name 132 // which the server's certificate needs to specify. 133 virtual int StartSSLWithServer(const char* server_name) = 0; 134 135 // StartSSLWithPeer starts negotiation in the special peer-to-peer 136 // mode. 137 // Generally, SetIdentity() and possibly SetServerRole() should have 138 // been called before this. 139 // SetPeerCertificate() or SetPeerCertificateDigest() must also be called. 140 // It may be called after StartSSLWithPeer() but must be called before the 141 // underlying stream opens. 142 virtual int StartSSLWithPeer() = 0; 143 144 // Specify the digest of the certificate that our peer is expected to use in 145 // peer-to-peer mode. Only this certificate will be accepted during 146 // SSL verification. The certificate is assumed to have been 147 // obtained through some other secure channel (such as the XMPP 148 // channel). Unlike SetPeerCertificate(), this must specify the 149 // terminal certificate, not just a CA. 150 // SSLStream makes a copy of the digest value. 151 virtual bool SetPeerCertificateDigest(const std::string& digest_alg, 152 const unsigned char* digest_val, 153 size_t digest_len) = 0; 154 155 // Retrieves the peer's X.509 certificate, if a connection has been 156 // established. It returns the transmitted over SSL, including the entire 157 // chain. The returned certificate is owned by the caller. 158 virtual bool GetPeerCertificate(SSLCertificate** cert) const = 0; 159 160 // Retrieves the IANA registration id of the cipher suite used for the 161 // connection (e.g. 0x2F for "TLS_RSA_WITH_AES_128_CBC_SHA"). 162 virtual bool GetSslCipherSuite(int* cipher_suite); 163 164 // Key Exporter interface from RFC 5705 165 // Arguments are: 166 // label -- the exporter label. 167 // part of the RFC defining each exporter 168 // usage (IN) 169 // context/context_len -- a context to bind to for this connection; 170 // optional, can be NULL, 0 (IN) 171 // use_context -- whether to use the context value 172 // (needed to distinguish no context from 173 // zero-length ones). 174 // result -- where to put the computed value 175 // result_len -- the length of the computed value 176 virtual bool ExportKeyingMaterial(const std::string& label, 177 const uint8_t* context, 178 size_t context_len, 179 bool use_context, 180 uint8_t* result, 181 size_t result_len); 182 183 // DTLS-SRTP interface 184 virtual bool SetDtlsSrtpCryptoSuites(const std::vector<int>& crypto_suites); 185 virtual bool GetDtlsSrtpCryptoSuite(int* crypto_suite); 186 187 // Capabilities testing 188 static bool HaveDtls(); 189 static bool HaveDtlsSrtp(); 190 static bool HaveExporter(); 191 192 // Returns the default Ssl cipher used between streams of this class 193 // for the given protocol version. This is used by the unit tests. 194 // TODO(guoweis): Move this away from a static class method. 195 static int GetDefaultSslCipherForTest(SSLProtocolVersion version, 196 KeyType key_type); 197 198 // TODO(guoweis): Move this away from a static class method. Currently this is 199 // introduced such that any caller could depend on sslstreamadapter.h without 200 // depending on specific SSL implementation. 201 static std::string SslCipherSuiteToName(int cipher_suite); 202 203 private: 204 // If true, the server certificate need not match the configured 205 // server_name, and in fact missing certificate authority and other 206 // verification errors are ignored. 207 bool ignore_bad_cert_; 208 209 // If true (default), the client is required to provide a certificate during 210 // handshake. If no certificate is given, handshake fails. This applies to 211 // server mode only. 212 bool client_auth_enabled_; 213 }; 214 215 } // namespace rtc 216 217 #endif // WEBRTC_BASE_SSLSTREAMADAPTER_H_ 218