Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / 4c78702d12dce984a0616f5c91f0696a71da3fcf / . / webrtc / base / opensslstreamadapter.cc
blob: 3b3aa5d219b7c04320cc738652daa263e7706a5f [file] [log] [blame]
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1/*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]11#if HAVE_OPENSSL_SSL_H
12
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]13#include "webrtc/base/opensslstreamadapter.h"
14
15#include <openssl/bio.h>
16#include <openssl/crypto.h>
17#include <openssl/err.h>
18#include <openssl/rand.h>
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36 +0000[diff] [blame]19#include <openssl/tls1.h>
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]20#include <openssl/x509v3.h>
torbjorngaad67802016-04-07 08:55:28 -0700[diff] [blame]21#ifndef OPENSSL_IS_BORINGSSL
22#include <openssl/dtls1.h>
ssarohabbfed522016-12-11 18:42:07 -0800[diff] [blame]23#include <openssl/ssl.h>
torbjorngaad67802016-04-07 08:55:28 -0700[diff] [blame]24#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]25
jbauch555604a2016-04-26 03:13:22 -0700[diff] [blame]26#include <memory>
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]27#include <vector>
28
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]29#include "webrtc/base/checks.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]30#include "webrtc/base/common.h"
31#include "webrtc/base/logging.h"
Tommid44c0772016-03-11 17:12:32 -0800[diff] [blame]32#include "webrtc/base/safe_conversions.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]33#include "webrtc/base/stream.h"
34#include "webrtc/base/openssl.h"
35#include "webrtc/base/openssladapter.h"
36#include "webrtc/base/openssldigest.h"
37#include "webrtc/base/opensslidentity.h"
38#include "webrtc/base/stringutils.h"
Taylor Brandstetter4f0dfbd2016-06-15 17:15:23 -0700[diff] [blame]39#include "webrtc/base/timeutils.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]40#include "webrtc/base/thread.h"
41
deadbeef6cf94a02016-11-28 17:38:34 -0800[diff] [blame]42namespace {
43 bool g_use_time_callback_for_testing = false;
44}
45
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]46namespace rtc {
47
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]48#if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
49#define HAVE_DTLS_SRTP
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]50#endif
51
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]52#ifdef HAVE_DTLS_SRTP
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]53// SRTP cipher suite table. |internal_name| is used to construct a
54// colon-separated profile strings which is needed by
55// SSL_CTX_set_tlsext_use_srtp().
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]56struct SrtpCipherMapEntry {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]57 const char* internal_name;
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]58 const int id;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]59};
60
61// This isn't elegant, but it's better than an external reference
62static SrtpCipherMapEntry SrtpCipherMap[] = {
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]63 {"SRTP_AES128_CM_SHA1_80", SRTP_AES128_CM_SHA1_80},
64 {"SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32},
jbauchcb560652016-08-04 05:20:32 -0700[diff] [blame]65 {"SRTP_AEAD_AES_128_GCM", SRTP_AEAD_AES_128_GCM},
66 {"SRTP_AEAD_AES_256_GCM", SRTP_AEAD_AES_256_GCM},
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]67 {nullptr, 0}};
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]68#endif
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]69
Taylor Brandstetter4f0dfbd2016-06-15 17:15:23 -0700[diff] [blame]70#ifdef OPENSSL_IS_BORINGSSL
deadbeef6cf94a02016-11-28 17:38:34 -0800[diff] [blame]71// Not used in production code. Actual time should be relative to Jan 1, 1970.
72static void TimeCallbackForTesting(const SSL* ssl, struct timeval* out_clock) {
nissedeb95f32016-11-28 01:54:54 -0800[diff] [blame]73 int64_t time = TimeNanos();
Taylor Brandstetter4f0dfbd2016-06-15 17:15:23 -0700[diff] [blame]74 out_clock->tv_sec = time / kNumNanosecsPerSec;
deadbeef7a07f132016-11-21 14:33:57 -0800[diff] [blame]75 out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec;
Taylor Brandstetter4f0dfbd2016-06-15 17:15:23 -0700[diff] [blame]76}
77#else // #ifdef OPENSSL_IS_BORINGSSL
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]78
79// Cipher name table. Maps internal OpenSSL cipher ids to the RFC name.
80struct SslCipherMapEntry {
81 uint32_t openssl_id;
82 const char* rfc_name;
83};
84
85#define DEFINE_CIPHER_ENTRY_SSL3(name) {SSL3_CK_##name, "TLS_"#name}
86#define DEFINE_CIPHER_ENTRY_TLS1(name) {TLS1_CK_##name, "TLS_"#name}
87
88// There currently is no method available to get a RFC-compliant name for a
89// cipher suite from BoringSSL, so we need to define the mapping manually here.
90// This should go away once BoringSSL supports "SSL_CIPHER_standard_name"
91// (as available in OpenSSL if compiled with tracing enabled) or a similar
92// method.
93static const SslCipherMapEntry kSslCipherMap[] = {
94 // TLS v1.0 ciphersuites from RFC2246.
95 DEFINE_CIPHER_ENTRY_SSL3(RSA_RC4_128_SHA),
96 {SSL3_CK_RSA_DES_192_CBC3_SHA,
97 "TLS_RSA_WITH_3DES_EDE_CBC_SHA"},
98
99 // AES ciphersuites from RFC3268.
100 {TLS1_CK_RSA_WITH_AES_128_SHA,
101 "TLS_RSA_WITH_AES_128_CBC_SHA"},
102 {TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
103 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"},
104 {TLS1_CK_RSA_WITH_AES_256_SHA,
105 "TLS_RSA_WITH_AES_256_CBC_SHA"},
106 {TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
107 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"},
108
109 // ECC ciphersuites from RFC4492.
110 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_RC4_128_SHA),
111 {TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
112 "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"},
113 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_128_CBC_SHA),
114 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_256_CBC_SHA),
115
116 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_RC4_128_SHA),
117 {TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
118 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"},
119 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_128_CBC_SHA),
120 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_256_CBC_SHA),
121
122 // TLS v1.2 ciphersuites.
123 {TLS1_CK_RSA_WITH_AES_128_SHA256,
124 "TLS_RSA_WITH_AES_128_CBC_SHA256"},
125 {TLS1_CK_RSA_WITH_AES_256_SHA256,
126 "TLS_RSA_WITH_AES_256_CBC_SHA256"},
127 {TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
128 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"},
129 {TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
130 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"},
131
132 // TLS v1.2 GCM ciphersuites from RFC5288.
133 DEFINE_CIPHER_ENTRY_TLS1(RSA_WITH_AES_128_GCM_SHA256),
134 DEFINE_CIPHER_ENTRY_TLS1(RSA_WITH_AES_256_GCM_SHA384),
135 DEFINE_CIPHER_ENTRY_TLS1(DHE_RSA_WITH_AES_128_GCM_SHA256),
136 DEFINE_CIPHER_ENTRY_TLS1(DHE_RSA_WITH_AES_256_GCM_SHA384),
137 DEFINE_CIPHER_ENTRY_TLS1(DH_RSA_WITH_AES_128_GCM_SHA256),
138 DEFINE_CIPHER_ENTRY_TLS1(DH_RSA_WITH_AES_256_GCM_SHA384),
139
140 // ECDH HMAC based ciphersuites from RFC5289.
141 {TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
142 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"},
143 {TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
144 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"},
145 {TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
146 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"},
147 {TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
148 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"},
149
150 // ECDH GCM based ciphersuites from RFC5289.
151 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256),
152 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_256_GCM_SHA384),
153 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_128_GCM_SHA256),
154 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_256_GCM_SHA384),
155
156 {0, NULL}
157};
158#endif // #ifndef OPENSSL_IS_BORINGSSL
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36 +0000[diff] [blame]159
Guo-wei Shieh456696a2015-09-30 21:48:54 -0700[diff] [blame]160#if defined(_MSC_VER)
161#pragma warning(push)
162#pragma warning(disable : 4309)
163#pragma warning(disable : 4310)
164#endif // defined(_MSC_VER)
165
Guo-wei Shieh456696a2015-09-30 21:48:54 -0700[diff] [blame]166#if defined(_MSC_VER)
167#pragma warning(pop)
168#endif // defined(_MSC_VER)
169
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]170//////////////////////////////////////////////////////////////////////
171// StreamBIO
172//////////////////////////////////////////////////////////////////////
173
174static int stream_write(BIO* h, const char* buf, int num);
175static int stream_read(BIO* h, char* buf, int size);
176static int stream_puts(BIO* h, const char* str);
177static long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2);
178static int stream_new(BIO* h);
179static int stream_free(BIO* data);
180
davidben@webrtc.org36d5c3c2015-01-22 23:06:17 +0000[diff] [blame]181// TODO(davidben): This should be const once BoringSSL is assumed.
182static BIO_METHOD methods_stream = {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]183 BIO_TYPE_BIO,
184 "stream",
185 stream_write,
186 stream_read,
187 stream_puts,
188 0,
189 stream_ctrl,
190 stream_new,
191 stream_free,
192 NULL,
193};
194
davidben@webrtc.org36d5c3c2015-01-22 23:06:17 +0000[diff] [blame]195static BIO_METHOD* BIO_s_stream() { return(&methods_stream); }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]196
197static BIO* BIO_new_stream(StreamInterface* stream) {
198 BIO* ret = BIO_new(BIO_s_stream());
199 if (ret == NULL)
200 return NULL;
201 ret->ptr = stream;
202 return ret;
203}
204
205// bio methods return 1 (or at least non-zero) on success and 0 on failure.
206
207static int stream_new(BIO* b) {
208 b->shutdown = 0;
209 b->init = 1;
210 b->num = 0; // 1 means end-of-stream
211 b->ptr = 0;
212 return 1;
213}
214
215static int stream_free(BIO* b) {
216 if (b == NULL)
217 return 0;
218 return 1;
219}
220
221static int stream_read(BIO* b, char* out, int outl) {
222 if (!out)
223 return -1;
224 StreamInterface* stream = static_cast<StreamInterface*>(b->ptr);
225 BIO_clear_retry_flags(b);
226 size_t read;
227 int error;
228 StreamResult result = stream->Read(out, outl, &read, &error);
229 if (result == SR_SUCCESS) {
henrike@webrtc.orgd89b69a2014-11-06 17:23:09 +0000[diff] [blame]230 return checked_cast<int>(read);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]231 } else if (result == SR_EOS) {
232 b->num = 1;
233 } else if (result == SR_BLOCK) {
234 BIO_set_retry_read(b);
235 }
236 return -1;
237}
238
239static int stream_write(BIO* b, const char* in, int inl) {
240 if (!in)
241 return -1;
242 StreamInterface* stream = static_cast<StreamInterface*>(b->ptr);
243 BIO_clear_retry_flags(b);
244 size_t written;
245 int error;
246 StreamResult result = stream->Write(in, inl, &written, &error);
247 if (result == SR_SUCCESS) {
henrike@webrtc.orgd89b69a2014-11-06 17:23:09 +0000[diff] [blame]248 return checked_cast<int>(written);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]249 } else if (result == SR_BLOCK) {
250 BIO_set_retry_write(b);
251 }
252 return -1;
253}
254
255static int stream_puts(BIO* b, const char* str) {
henrike@webrtc.orgd89b69a2014-11-06 17:23:09 +0000[diff] [blame]256 return stream_write(b, str, checked_cast<int>(strlen(str)));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]257}
258
259static long stream_ctrl(BIO* b, int cmd, long num, void* ptr) {
henrike@webrtc.org14abcc72014-05-16 16:54:44 +0000[diff] [blame]260 RTC_UNUSED(num);
261 RTC_UNUSED(ptr);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]262
263 switch (cmd) {
264 case BIO_CTRL_RESET:
265 return 0;
266 case BIO_CTRL_EOF:
267 return b->num;
268 case BIO_CTRL_WPENDING:
269 case BIO_CTRL_PENDING:
270 return 0;
271 case BIO_CTRL_FLUSH:
272 return 1;
Henrik Lundinf4baca52015-06-10 09:45:58 +0200[diff] [blame]273 case BIO_CTRL_DGRAM_QUERY_MTU:
274 // openssl defaults to mtu=256 unless we return something here.
275 // The handshake doesn't actually need to send packets above 1k,
276 // so this seems like a sensible value that should work in most cases.
277 // Webrtc uses the same value for video packets.
278 return 1200;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]279 default:
280 return 0;
281 }
282}
283
284/////////////////////////////////////////////////////////////////////////////
285// OpenSSLStreamAdapter
286/////////////////////////////////////////////////////////////////////////////
287
288OpenSSLStreamAdapter::OpenSSLStreamAdapter(StreamInterface* stream)
289 : SSLStreamAdapter(stream),
290 state_(SSL_NONE),
291 role_(SSL_CLIENT),
Guo-wei Shieha7446d22016-01-11 15:27:03 -0800[diff] [blame]292 ssl_read_needs_write_(false),
293 ssl_write_needs_read_(false),
294 ssl_(NULL),
295 ssl_ctx_(NULL),
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]296 ssl_mode_(SSL_MODE_TLS),
Guo-wei Shieha7446d22016-01-11 15:27:03 -0800[diff] [blame]297 ssl_max_version_(SSL_PROTOCOL_TLS_12) {}
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]298
299OpenSSLStreamAdapter::~OpenSSLStreamAdapter() {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]300 Cleanup(0);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]301}
302
303void OpenSSLStreamAdapter::SetIdentity(SSLIdentity* identity) {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]304 RTC_DCHECK(!identity_);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]305 identity_.reset(static_cast<OpenSSLIdentity*>(identity));
306}
307
308void OpenSSLStreamAdapter::SetServerRole(SSLRole role) {
309 role_ = role;
310}
311
jbauch555604a2016-04-26 03:13:22 -0700[diff] [blame]312std::unique_ptr<SSLCertificate> OpenSSLStreamAdapter::GetPeerCertificate()
kwibergb4d01c42016-04-06 05:15:06 -0700[diff] [blame]313 const {
jbauch555604a2016-04-26 03:13:22 -0700[diff] [blame]314 return peer_certificate_ ? std::unique_ptr<SSLCertificate>(
kwibergb4d01c42016-04-06 05:15:06 -0700[diff] [blame]315 peer_certificate_->GetReference())
316 : nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]317}
318
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]319bool OpenSSLStreamAdapter::SetPeerCertificateDigest(
320 const std::string& digest_alg,
321 const unsigned char* digest_val,
322 size_t digest_len,
323 SSLPeerCertificateDigestError* error) {
324 RTC_DCHECK(!peer_certificate_verified_);
325 RTC_DCHECK(!has_peer_certificate_digest());
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]326 size_t expected_len;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]327 if (error) {
328 *error = SSLPeerCertificateDigestError::NONE;
329 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]330
331 if (!OpenSSLDigest::GetDigestSize(digest_alg, &expected_len)) {
332 LOG(LS_WARNING) << "Unknown digest algorithm: " << digest_alg;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]333 if (error) {
334 *error = SSLPeerCertificateDigestError::UNKNOWN_ALGORITHM;
335 }
deadbeef81f6f4f2016-09-19 17:20:52 -0700[diff] [blame]336 return false;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]337 }
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]338 if (expected_len != digest_len) {
339 if (error) {
340 *error = SSLPeerCertificateDigestError::INVALID_LENGTH;
341 }
deadbeef81f6f4f2016-09-19 17:20:52 -0700[diff] [blame]342 return false;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]343 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]344
345 peer_certificate_digest_value_.SetData(digest_val, digest_len);
346 peer_certificate_digest_algorithm_ = digest_alg;
347
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]348 if (!peer_certificate_) {
349 // Normal case, where the digest is set before we obtain the certificate
350 // from the handshake.
351 return true;
352 }
353
354 if (!VerifyPeerCertificate()) {
355 Error("SetPeerCertificateDigest", -1, SSL_AD_BAD_CERTIFICATE, false);
356 if (error) {
357 *error = SSLPeerCertificateDigestError::VERIFICATION_FAILED;
358 }
359 return false;
360 }
361
362 if (state_ == SSL_CONNECTED) {
363 // Post the event asynchronously to unwind the stack. The caller
364 // of ContinueSSL may be the same object listening for these
365 // events and may not be prepared for reentrancy.
366 PostEvent(SE_OPEN | SE_READ | SE_WRITE, 0);
367 }
368
deadbeef81f6f4f2016-09-19 17:20:52 -0700[diff] [blame]369 return true;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]370}
371
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]372std::string OpenSSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]373#ifdef OPENSSL_IS_BORINGSSL
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]374 const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher_suite);
Guo-wei Shieh456696a2015-09-30 21:48:54 -0700[diff] [blame]375 if (!ssl_cipher) {
376 return std::string();
377 }
378 char* cipher_name = SSL_CIPHER_get_rfc_name(ssl_cipher);
379 std::string rfc_name = std::string(cipher_name);
380 OPENSSL_free(cipher_name);
381 return rfc_name;
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]382#else
383 for (const SslCipherMapEntry* entry = kSslCipherMap; entry->rfc_name;
384 ++entry) {
385 if (cipher_suite == static_cast<int>(entry->openssl_id)) {
386 return entry->rfc_name;
387 }
388 }
389 return std::string();
390#endif
Guo-wei Shieh456696a2015-09-30 21:48:54 -0700[diff] [blame]391}
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36 +0000[diff] [blame]392
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]393bool OpenSSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) {
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36 +0000[diff] [blame]394 if (state_ != SSL_CONNECTED)
395 return false;
396
397 const SSL_CIPHER* current_cipher = SSL_get_current_cipher(ssl_);
398 if (current_cipher == NULL) {
399 return false;
400 }
401
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]402 *cipher_suite = static_cast<uint16_t>(SSL_CIPHER_get_id(current_cipher));
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36 +0000[diff] [blame]403 return true;
404}
405
torbjorng43166b82016-03-11 00:06:47 -0800[diff] [blame]406int OpenSSLStreamAdapter::GetSslVersion() const {
407 if (state_ != SSL_CONNECTED)
408 return -1;
409
410 int ssl_version = SSL_version(ssl_);
411 if (ssl_mode_ == SSL_MODE_DTLS) {
412 if (ssl_version == DTLS1_VERSION)
413 return SSL_PROTOCOL_DTLS_10;
414 else if (ssl_version == DTLS1_2_VERSION)
415 return SSL_PROTOCOL_DTLS_12;
416 } else {
417 if (ssl_version == TLS1_VERSION)
418 return SSL_PROTOCOL_TLS_10;
419 else if (ssl_version == TLS1_1_VERSION)
420 return SSL_PROTOCOL_TLS_11;
421 else if (ssl_version == TLS1_2_VERSION)
422 return SSL_PROTOCOL_TLS_12;
423 }
424
425 return -1;
426}
427
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]428// Key Extractor interface
429bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
Peter Boström0c4e06b2015-10-07 12:23:21 +0200[diff] [blame]430 const uint8_t* context,
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]431 size_t context_len,
432 bool use_context,
Peter Boström0c4e06b2015-10-07 12:23:21 +0200[diff] [blame]433 uint8_t* result,
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]434 size_t result_len) {
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]435#ifdef HAVE_DTLS_SRTP
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]436 int i;
437
Peter Boström0c4e06b2015-10-07 12:23:21 +0200[diff] [blame]438 i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(),
439 label.length(), const_cast<uint8_t*>(context),
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]440 context_len, use_context);
441
442 if (i != 1)
443 return false;
444
445 return true;
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]446#else
447 return false;
448#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]449}
450
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]451bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites(
452 const std::vector<int>& ciphers) {
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]453#ifdef HAVE_DTLS_SRTP
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]454 std::string internal_ciphers;
455
456 if (state_ != SSL_NONE)
457 return false;
458
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]459 for (std::vector<int>::const_iterator cipher = ciphers.begin();
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]460 cipher != ciphers.end(); ++cipher) {
461 bool found = false;
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]462 for (SrtpCipherMapEntry* entry = SrtpCipherMap; entry->internal_name;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]463 ++entry) {
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]464 if (*cipher == entry->id) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]465 found = true;
466 if (!internal_ciphers.empty())
467 internal_ciphers += ":";
468 internal_ciphers += entry->internal_name;
469 break;
470 }
471 }
472
473 if (!found) {
474 LOG(LS_ERROR) << "Could not find cipher: " << *cipher;
475 return false;
476 }
477 }
478
479 if (internal_ciphers.empty())
480 return false;
481
482 srtp_ciphers_ = internal_ciphers;
483 return true;
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]484#else
485 return false;
486#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]487}
488
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]489bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]490#ifdef HAVE_DTLS_SRTP
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]491 RTC_DCHECK(state_ == SSL_CONNECTED);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]492 if (state_ != SSL_CONNECTED)
493 return false;
494
henrike@webrtc.orgc10ecea2015-01-07 17:59:28 +0000[diff] [blame]495 const SRTP_PROTECTION_PROFILE *srtp_profile =
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]496 SSL_get_selected_srtp_profile(ssl_);
497
498 if (!srtp_profile)
499 return false;
500
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]501 *crypto_suite = srtp_profile->id;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]502 RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty());
Guo-wei Shieh521ed7b2015-11-18 19:41:53 -0800[diff] [blame]503 return true;
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]504#else
505 return false;
506#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]507}
508
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]509bool OpenSSLStreamAdapter::IsTlsConnected() {
510 return state_ == SSL_CONNECTED;
511}
512
Taylor Brandstetterc8762a82016-08-11 12:01:49 -0700[diff] [blame]513int OpenSSLStreamAdapter::StartSSL() {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]514 if (state_ != SSL_NONE) {
515 // Don't allow StartSSL to be called twice.
516 return -1;
517 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]518
Taylor Brandstetterc8762a82016-08-11 12:01:49 -0700[diff] [blame]519 if (StreamAdapterInterface::GetState() != SS_OPEN) {
520 state_ = SSL_WAIT;
521 return 0;
522 }
523
524 state_ = SSL_CONNECTING;
525 if (int err = BeginSSL()) {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]526 Error("BeginSSL", err, 0, false);
Taylor Brandstetterc8762a82016-08-11 12:01:49 -0700[diff] [blame]527 return err;
528 }
529
530 return 0;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]531}
532
533void OpenSSLStreamAdapter::SetMode(SSLMode mode) {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]534 RTC_DCHECK(state_ == SSL_NONE);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]535 ssl_mode_ = mode;
536}
537
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]538void OpenSSLStreamAdapter::SetMaxProtocolVersion(SSLProtocolVersion version) {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]539 RTC_DCHECK(ssl_ctx_ == NULL);
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]540 ssl_max_version_ = version;
541}
542
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]543//
544// StreamInterface Implementation
545//
546
547StreamResult OpenSSLStreamAdapter::Write(const void* data, size_t data_len,
548 size_t* written, int* error) {
549 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Write(" << data_len << ")";
550
551 switch (state_) {
552 case SSL_NONE:
553 // pass-through in clear text
554 return StreamAdapterInterface::Write(data, data_len, written, error);
555
556 case SSL_WAIT:
557 case SSL_CONNECTING:
558 return SR_BLOCK;
559
560 case SSL_CONNECTED:
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]561 if (waiting_to_verify_peer_certificate()) {
562 return SR_BLOCK;
563 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]564 break;
565
566 case SSL_ERROR:
567 case SSL_CLOSED:
568 default:
569 if (error)
570 *error = ssl_error_code_;
571 return SR_ERROR;
572 }
573
574 // OpenSSL will return an error if we try to write zero bytes
575 if (data_len == 0) {
576 if (written)
577 *written = 0;
578 return SR_SUCCESS;
579 }
580
581 ssl_write_needs_read_ = false;
582
henrike@webrtc.orgd89b69a2014-11-06 17:23:09 +0000[diff] [blame]583 int code = SSL_write(ssl_, data, checked_cast<int>(data_len));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]584 int ssl_error = SSL_get_error(ssl_, code);
585 switch (ssl_error) {
586 case SSL_ERROR_NONE:
587 LOG(LS_VERBOSE) << " -- success";
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]588 RTC_DCHECK(0 < code && static_cast<unsigned>(code) <= data_len);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]589 if (written)
590 *written = code;
591 return SR_SUCCESS;
592 case SSL_ERROR_WANT_READ:
593 LOG(LS_VERBOSE) << " -- error want read";
594 ssl_write_needs_read_ = true;
595 return SR_BLOCK;
596 case SSL_ERROR_WANT_WRITE:
597 LOG(LS_VERBOSE) << " -- error want write";
598 return SR_BLOCK;
599
600 case SSL_ERROR_ZERO_RETURN:
601 default:
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]602 Error("SSL_write", (ssl_error ? ssl_error : -1), 0, false);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]603 if (error)
604 *error = ssl_error_code_;
605 return SR_ERROR;
606 }
607 // not reached
608}
609
610StreamResult OpenSSLStreamAdapter::Read(void* data, size_t data_len,
611 size_t* read, int* error) {
612 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Read(" << data_len << ")";
613 switch (state_) {
614 case SSL_NONE:
615 // pass-through in clear text
616 return StreamAdapterInterface::Read(data, data_len, read, error);
617
618 case SSL_WAIT:
619 case SSL_CONNECTING:
620 return SR_BLOCK;
621
622 case SSL_CONNECTED:
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]623 if (waiting_to_verify_peer_certificate()) {
624 return SR_BLOCK;
625 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]626 break;
627
628 case SSL_CLOSED:
629 return SR_EOS;
630
631 case SSL_ERROR:
632 default:
633 if (error)
634 *error = ssl_error_code_;
635 return SR_ERROR;
636 }
637
638 // Don't trust OpenSSL with zero byte reads
639 if (data_len == 0) {
640 if (read)
641 *read = 0;
642 return SR_SUCCESS;
643 }
644
645 ssl_read_needs_write_ = false;
646
henrike@webrtc.orgd89b69a2014-11-06 17:23:09 +0000[diff] [blame]647 int code = SSL_read(ssl_, data, checked_cast<int>(data_len));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]648 int ssl_error = SSL_get_error(ssl_, code);
649 switch (ssl_error) {
650 case SSL_ERROR_NONE:
651 LOG(LS_VERBOSE) << " -- success";
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]652 RTC_DCHECK(0 < code && static_cast<unsigned>(code) <= data_len);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]653 if (read)
654 *read = code;
655
656 if (ssl_mode_ == SSL_MODE_DTLS) {
657 // Enforce atomic reads -- this is a short read
658 unsigned int pending = SSL_pending(ssl_);
659
660 if (pending) {
661 LOG(LS_INFO) << " -- short DTLS read. flushing";
662 FlushInput(pending);
663 if (error)
664 *error = SSE_MSG_TRUNC;
665 return SR_ERROR;
666 }
667 }
668 return SR_SUCCESS;
669 case SSL_ERROR_WANT_READ:
670 LOG(LS_VERBOSE) << " -- error want read";
671 return SR_BLOCK;
672 case SSL_ERROR_WANT_WRITE:
673 LOG(LS_VERBOSE) << " -- error want write";
674 ssl_read_needs_write_ = true;
675 return SR_BLOCK;
676 case SSL_ERROR_ZERO_RETURN:
677 LOG(LS_VERBOSE) << " -- remote side closed";
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]678 Close();
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]679 return SR_EOS;
680 break;
681 default:
682 LOG(LS_VERBOSE) << " -- error " << code;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]683 Error("SSL_read", (ssl_error ? ssl_error : -1), 0, false);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]684 if (error)
685 *error = ssl_error_code_;
686 return SR_ERROR;
687 }
688 // not reached
689}
690
691void OpenSSLStreamAdapter::FlushInput(unsigned int left) {
692 unsigned char buf[2048];
693
694 while (left) {
695 // This should always succeed
696 int toread = (sizeof(buf) < left) ? sizeof(buf) : left;
697 int code = SSL_read(ssl_, buf, toread);
698
699 int ssl_error = SSL_get_error(ssl_, code);
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]700 RTC_DCHECK(ssl_error == SSL_ERROR_NONE);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]701
702 if (ssl_error != SSL_ERROR_NONE) {
703 LOG(LS_VERBOSE) << " -- error " << code;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]704 Error("SSL_read", (ssl_error ? ssl_error : -1), 0, false);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]705 return;
706 }
707
708 LOG(LS_VERBOSE) << " -- flushed " << code << " bytes";
709 left -= code;
710 }
711}
712
713void OpenSSLStreamAdapter::Close() {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]714 Cleanup(0);
715 RTC_DCHECK(state_ == SSL_CLOSED || state_ == SSL_ERROR);
716 // When we're closed at SSL layer, also close the stream level which
717 // performs necessary clean up. Otherwise, a new incoming packet after
718 // this could overflow the stream buffer.
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]719 StreamAdapterInterface::Close();
720}
721
722StreamState OpenSSLStreamAdapter::GetState() const {
723 switch (state_) {
724 case SSL_WAIT:
725 case SSL_CONNECTING:
726 return SS_OPENING;
727 case SSL_CONNECTED:
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]728 if (waiting_to_verify_peer_certificate()) {
729 return SS_OPENING;
730 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]731 return SS_OPEN;
732 default:
733 return SS_CLOSED;
734 };
735 // not reached
736}
737
738void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream, int events,
739 int err) {
740 int events_to_signal = 0;
741 int signal_error = 0;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]742 RTC_DCHECK(stream == this->stream());
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]743 if ((events & SE_OPEN)) {
744 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent SE_OPEN";
745 if (state_ != SSL_WAIT) {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]746 RTC_DCHECK(state_ == SSL_NONE);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]747 events_to_signal |= SE_OPEN;
748 } else {
749 state_ = SSL_CONNECTING;
750 if (int err = BeginSSL()) {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]751 Error("BeginSSL", err, 0, true);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]752 return;
753 }
754 }
755 }
756 if ((events & (SE_READ|SE_WRITE))) {
757 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent"
758 << ((events & SE_READ) ? " SE_READ" : "")
759 << ((events & SE_WRITE) ? " SE_WRITE" : "");
760 if (state_ == SSL_NONE) {
761 events_to_signal |= events & (SE_READ|SE_WRITE);
762 } else if (state_ == SSL_CONNECTING) {
763 if (int err = ContinueSSL()) {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]764 Error("ContinueSSL", err, 0, true);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]765 return;
766 }
767 } else if (state_ == SSL_CONNECTED) {
768 if (((events & SE_READ) && ssl_write_needs_read_) ||
769 (events & SE_WRITE)) {
770 LOG(LS_VERBOSE) << " -- onStreamWriteable";
771 events_to_signal |= SE_WRITE;
772 }
773 if (((events & SE_WRITE) && ssl_read_needs_write_) ||
774 (events & SE_READ)) {
775 LOG(LS_VERBOSE) << " -- onStreamReadable";
776 events_to_signal |= SE_READ;
777 }
778 }
779 }
780 if ((events & SE_CLOSE)) {
781 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent(SE_CLOSE, " << err << ")";
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]782 Cleanup(0);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]783 events_to_signal |= SE_CLOSE;
784 // SE_CLOSE is the only event that uses the final parameter to OnEvent().
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]785 RTC_DCHECK(signal_error == 0);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]786 signal_error = err;
787 }
788 if (events_to_signal)
789 StreamAdapterInterface::OnEvent(stream, events_to_signal, signal_error);
790}
791
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]792int OpenSSLStreamAdapter::BeginSSL() {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]793 RTC_DCHECK(state_ == SSL_CONNECTING);
Taylor Brandstetterc8762a82016-08-11 12:01:49 -0700[diff] [blame]794 // The underlying stream has opened.
Taylor Brandstetterc8762a82016-08-11 12:01:49 -0700[diff] [blame]795 LOG(LS_INFO) << "BeginSSL with peer.";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]796
797 BIO* bio = NULL;
798
Taylor Brandstetterc8762a82016-08-11 12:01:49 -0700[diff] [blame]799 // First set up the context.
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]800 RTC_DCHECK(ssl_ctx_ == NULL);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]801 ssl_ctx_ = SetupSSLContext();
802 if (!ssl_ctx_)
803 return -1;
804
805 bio = BIO_new_stream(static_cast<StreamInterface*>(stream()));
806 if (!bio)
807 return -1;
808
809 ssl_ = SSL_new(ssl_ctx_);
810 if (!ssl_) {
811 BIO_free(bio);
812 return -1;
813 }
814
815 SSL_set_app_data(ssl_, this);
816
817 SSL_set_bio(ssl_, bio, bio); // the SSL object owns the bio now.
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]818 if (ssl_mode_ == SSL_MODE_DTLS) {
Taylor Brandstetter4f0dfbd2016-06-15 17:15:23 -0700[diff] [blame]819#ifdef OPENSSL_IS_BORINGSSL
820 // Change the initial retransmission timer from 1 second to 50ms.
821 // This will likely result in some spurious retransmissions, but
822 // it's useful for ensuring a timely handshake when there's packet
823 // loss.
824 DTLSv1_set_initial_timeout_duration(ssl_, 50);
825#else
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]826 // Enable read-ahead for DTLS so whole packets are read from internal BIO
827 // before parsing. This is done internally by BoringSSL for DTLS.
828 SSL_set_read_ahead(ssl_, 1);
philipel49c08692016-05-24 01:49:43 -0700[diff] [blame]829#endif
Taylor Brandstetter4f0dfbd2016-06-15 17:15:23 -0700[diff] [blame]830 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]831
832 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE |
833 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
834
David Benjamin60d5f3f2016-03-24 13:28:25 -0400[diff] [blame]835#if !defined(OPENSSL_IS_BORINGSSL)
836 // Specify an ECDH group for ECDHE ciphers, otherwise OpenSSL cannot
837 // negotiate them when acting as the server. Use NIST's P-256 which is
838 // commonly supported. BoringSSL doesn't need explicit configuration and has
839 // a reasonable default set.
jiayl@webrtc.org11c6bde2014-08-28 16:14:38 +0000[diff] [blame]840 EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
841 if (ecdh == NULL)
842 return -1;
843 SSL_set_options(ssl_, SSL_OP_SINGLE_ECDH_USE);
844 SSL_set_tmp_ecdh(ssl_, ecdh);
845 EC_KEY_free(ecdh);
David Benjamin60d5f3f2016-03-24 13:28:25 -0400[diff] [blame]846#endif
jiayl@webrtc.org11c6bde2014-08-28 16:14:38 +0000[diff] [blame]847
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]848 // Do the connect
849 return ContinueSSL();
850}
851
852int OpenSSLStreamAdapter::ContinueSSL() {
853 LOG(LS_VERBOSE) << "ContinueSSL";
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]854 RTC_DCHECK(state_ == SSL_CONNECTING);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]855
856 // Clear the DTLS timer
857 Thread::Current()->Clear(this, MSG_TIMEOUT);
858
859 int code = (role_ == SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_);
860 int ssl_error;
861 switch (ssl_error = SSL_get_error(ssl_, code)) {
862 case SSL_ERROR_NONE:
863 LOG(LS_VERBOSE) << " -- success";
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]864 // By this point, OpenSSL should have given us a certificate, or errored
865 // out if one was missing.
866 RTC_DCHECK(peer_certificate_ || !client_auth_enabled());
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]867
868 state_ = SSL_CONNECTED;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]869 if (!waiting_to_verify_peer_certificate()) {
870 // We have everything we need to start the connection, so signal
871 // SE_OPEN. If we need a client certificate fingerprint and don't have
872 // it yet, we'll instead signal SE_OPEN in SetPeerCertificateDigest.
873 //
Taylor Brandstetterfe69a742016-09-30 17:34:32 -0700[diff] [blame]874 // TODO(deadbeef): Post this event asynchronously to unwind the stack.
875 // The caller of ContinueSSL may be the same object listening for these
876 // events and may not be prepared for reentrancy.
877 // PostEvent(SE_OPEN | SE_READ | SE_WRITE, 0);
878 StreamAdapterInterface::OnEvent(stream(), SE_OPEN | SE_READ | SE_WRITE,
879 0);
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]880 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]881 break;
882
883 case SSL_ERROR_WANT_READ: {
884 LOG(LS_VERBOSE) << " -- error want read";
885 struct timeval timeout;
886 if (DTLSv1_get_timeout(ssl_, &timeout)) {
887 int delay = timeout.tv_sec * 1000 + timeout.tv_usec/1000;
888
Taylor Brandstetter5d97a9a2016-06-10 14:17:27 -0700[diff] [blame]889 Thread::Current()->PostDelayed(RTC_FROM_HERE, delay, this,
890 MSG_TIMEOUT, 0);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]891 }
892 }
893 break;
894
895 case SSL_ERROR_WANT_WRITE:
896 LOG(LS_VERBOSE) << " -- error want write";
897 break;
898
899 case SSL_ERROR_ZERO_RETURN:
900 default:
901 LOG(LS_VERBOSE) << " -- error " << code;
zhihuangd82eee02016-08-26 11:25:05 -0700[diff] [blame]902 SSLHandshakeError ssl_handshake_err = SSLHandshakeError::UNKNOWN;
903 int err_code = ERR_peek_last_error();
904 if (err_code != 0 && ERR_GET_REASON(err_code) == SSL_R_NO_SHARED_CIPHER) {
905 ssl_handshake_err = SSLHandshakeError::INCOMPATIBLE_CIPHERSUITE;
906 }
907 SignalSSLHandshakeError(ssl_handshake_err);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]908 return (ssl_error != 0) ? ssl_error : -1;
909 }
910
911 return 0;
912}
913
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]914void OpenSSLStreamAdapter::Error(const char* context,
915 int err,
916 uint8_t alert,
917 bool signal) {
918 LOG(LS_WARNING) << "OpenSSLStreamAdapter::Error(" << context << ", " << err
919 << ", " << static_cast<int>(alert) << ")";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]920 state_ = SSL_ERROR;
921 ssl_error_code_ = err;
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]922 Cleanup(alert);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]923 if (signal)
924 StreamAdapterInterface::OnEvent(stream(), SE_CLOSE, err);
925}
926
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]927void OpenSSLStreamAdapter::Cleanup(uint8_t alert) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]928 LOG(LS_INFO) << "Cleanup";
929
930 if (state_ != SSL_ERROR) {
931 state_ = SSL_CLOSED;
932 ssl_error_code_ = 0;
933 }
934
935 if (ssl_) {
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]936 int ret;
937// SSL_send_fatal_alert is only available in BoringSSL.
938#ifdef OPENSSL_IS_BORINGSSL
939 if (alert) {
940 ret = SSL_send_fatal_alert(ssl_, alert);
941 if (ret < 0) {
942 LOG(LS_WARNING) << "SSL_send_fatal_alert failed, error = "
943 << SSL_get_error(ssl_, ret);
944 }
945 } else {
946#endif
947 ret = SSL_shutdown(ssl_);
948 if (ret < 0) {
949 LOG(LS_WARNING) << "SSL_shutdown failed, error = "
950 << SSL_get_error(ssl_, ret);
951 }
952#ifdef OPENSSL_IS_BORINGSSL
jiayl@webrtc.orgf1d751c2014-09-25 16:38:46 +0000[diff] [blame]953 }
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]954#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]955 SSL_free(ssl_);
956 ssl_ = NULL;
957 }
958 if (ssl_ctx_) {
959 SSL_CTX_free(ssl_ctx_);
960 ssl_ctx_ = NULL;
961 }
962 identity_.reset();
963 peer_certificate_.reset();
964
965 // Clear the DTLS timer
966 Thread::Current()->Clear(this, MSG_TIMEOUT);
967}
968
969
970void OpenSSLStreamAdapter::OnMessage(Message* msg) {
971 // Process our own messages and then pass others to the superclass
972 if (MSG_TIMEOUT == msg->message_id) {
973 LOG(LS_INFO) << "DTLS timeout expired";
974 DTLSv1_handle_timeout(ssl_);
975 ContinueSSL();
976 } else {
977 StreamInterface::OnMessage(msg);
978 }
979}
980
981SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
982 SSL_CTX *ctx = NULL;
983
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]984#ifdef OPENSSL_IS_BORINGSSL
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]985 ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ?
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]986 DTLS_method() : TLS_method());
987 // Version limiting for BoringSSL will be done below.
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]988#else
989 const SSL_METHOD* method;
990 switch (ssl_max_version_) {
991 case SSL_PROTOCOL_TLS_10:
992 case SSL_PROTOCOL_TLS_11:
993 // OpenSSL doesn't support setting min/max versions, so we always use
994 // (D)TLS 1.0 if a max. version below the max. available is requested.
995 if (ssl_mode_ == SSL_MODE_DTLS) {
996 if (role_ == SSL_CLIENT) {
997 method = DTLSv1_client_method();
998 } else {
999 method = DTLSv1_server_method();
1000 }
1001 } else {
1002 if (role_ == SSL_CLIENT) {
1003 method = TLSv1_client_method();
1004 } else {
1005 method = TLSv1_server_method();
1006 }
1007 }
1008 break;
1009 case SSL_PROTOCOL_TLS_12:
1010 default:
1011 if (ssl_mode_ == SSL_MODE_DTLS) {
1012#if (OPENSSL_VERSION_NUMBER >= 0x10002000L)
1013 // DTLS 1.2 only available starting from OpenSSL 1.0.2
1014 if (role_ == SSL_CLIENT) {
1015 method = DTLS_client_method();
1016 } else {
1017 method = DTLS_server_method();
1018 }
1019#else
1020 if (role_ == SSL_CLIENT) {
1021 method = DTLSv1_client_method();
1022 } else {
1023 method = DTLSv1_server_method();
1024 }
1025#endif
1026 } else {
1027#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
1028 // New API only available starting from OpenSSL 1.1.0
1029 if (role_ == SSL_CLIENT) {
1030 method = TLS_client_method();
1031 } else {
1032 method = TLS_server_method();
1033 }
1034#else
1035 if (role_ == SSL_CLIENT) {
1036 method = SSLv23_client_method();
1037 } else {
1038 method = SSLv23_server_method();
1039 }
1040#endif
1041 }
1042 break;
1043 }
1044 ctx = SSL_CTX_new(method);
1045#endif // OPENSSL_IS_BORINGSSL
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]1046
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1047 if (ctx == NULL)
1048 return NULL;
1049
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]1050#ifdef OPENSSL_IS_BORINGSSL
davidbene36c46e2016-12-06 17:12:02 -0800[diff] [blame]1051 SSL_CTX_set_min_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ?
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]1052 DTLS1_VERSION : TLS1_VERSION);
1053 switch (ssl_max_version_) {
1054 case SSL_PROTOCOL_TLS_10:
davidbene36c46e2016-12-06 17:12:02 -0800[diff] [blame]1055 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ?
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]1056 DTLS1_VERSION : TLS1_VERSION);
1057 break;
1058 case SSL_PROTOCOL_TLS_11:
davidbene36c46e2016-12-06 17:12:02 -0800[diff] [blame]1059 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ?
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]1060 DTLS1_VERSION : TLS1_1_VERSION);
1061 break;
1062 case SSL_PROTOCOL_TLS_12:
1063 default:
davidbene36c46e2016-12-06 17:12:02 -0800[diff] [blame]1064 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ?
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]1065 DTLS1_2_VERSION : TLS1_2_VERSION);
1066 break;
1067 }
deadbeef6cf94a02016-11-28 17:38:34 -0800[diff] [blame]1068 if (g_use_time_callback_for_testing) {
1069 SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting);
1070 }
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]1071#endif
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]1072
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1073 if (identity_ && !identity_->ConfigureIdentity(ctx)) {
1074 SSL_CTX_free(ctx);
1075 return NULL;
1076 }
1077
tfarinaa41ab932015-10-30 16:08:48 -0700[diff] [blame]1078#if !defined(NDEBUG)
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1079 SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback);
1080#endif
1081
tkchin@webrtc.orgc569a492014-09-23 05:56:44 +0000[diff] [blame]1082 int mode = SSL_VERIFY_PEER;
1083 if (client_auth_enabled()) {
1084 // Require a certificate from the client.
1085 // Note: Normally this is always true in production, but it may be disabled
1086 // for testing purposes (e.g. SSLAdapter unit tests).
1087 mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
1088 }
1089
1090 SSL_CTX_set_verify(ctx, mode, SSLVerifyCallback);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1091 SSL_CTX_set_verify_depth(ctx, 4);
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]1092 // Select list of available ciphers. Note that !SHA256 and !SHA384 only
1093 // remove HMAC-SHA256 and HMAC-SHA384 cipher suites, not GCM cipher suites
1094 // with SHA256 or SHA384 as the handshake hash.
1095 // This matches the list of SSLClientSocketOpenSSL in Chromium.
1096 SSL_CTX_set_cipher_list(ctx,
1097 "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK");
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1098
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]1099#ifdef HAVE_DTLS_SRTP
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1100 if (!srtp_ciphers_.empty()) {
1101 if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) {
1102 SSL_CTX_free(ctx);
1103 return NULL;
1104 }
1105 }
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]1106#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1107
1108 return ctx;
1109}
1110
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]1111bool OpenSSLStreamAdapter::VerifyPeerCertificate() {
1112 if (!has_peer_certificate_digest() || !peer_certificate_) {
1113 LOG(LS_WARNING) << "Missing digest or peer certificate.";
1114 return false;
1115 }
deadbeef81f6f4f2016-09-19 17:20:52 -0700[diff] [blame]1116
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]1117 unsigned char digest[EVP_MAX_MD_SIZE];
1118 size_t digest_length;
1119 if (!OpenSSLCertificate::ComputeDigest(
1120 peer_certificate_->x509(), peer_certificate_digest_algorithm_, digest,
1121 sizeof(digest), &digest_length)) {
1122 LOG(LS_WARNING) << "Failed to compute peer cert digest.";
1123 return false;
1124 }
1125
1126 Buffer computed_digest(digest, digest_length);
1127 if (computed_digest != peer_certificate_digest_value_) {
1128 LOG(LS_WARNING) << "Rejected peer certificate due to mismatched digest.";
deadbeef81f6f4f2016-09-19 17:20:52 -0700[diff] [blame]1129 return 0;
1130 }
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]1131 // Ignore any verification error if the digest matches, since there is no
1132 // value in checking the validity of a self-signed cert issued by untrusted
1133 // sources.
1134 LOG(LS_INFO) << "Accepted peer certificate.";
1135 peer_certificate_verified_ = true;
1136 return true;
1137}
1138
1139int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) {
1140 // Get our SSL structure from the store
1141 SSL* ssl = reinterpret_cast<SSL*>(
1142 X509_STORE_CTX_get_ex_data(store, SSL_get_ex_data_X509_STORE_CTX_idx()));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1143 X509* cert = X509_STORE_CTX_get_current_cert(store);
henrike@webrtc.org4e5f65a2014-06-05 20:40:11 +0000[diff] [blame]1144 int depth = X509_STORE_CTX_get_error_depth(store);
1145
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]1146 // For now we ignore the parent certificates and verify the leaf against
henrike@webrtc.org4e5f65a2014-06-05 20:40:11 +0000[diff] [blame]1147 // the digest.
1148 //
1149 // TODO(jiayl): Verify the chain is a proper chain and report the chain to
torbjorng07d09362015-09-22 11:58:04 -0700[diff] [blame]1150 // |stream->peer_certificate_|.
henrike@webrtc.org4e5f65a2014-06-05 20:40:11 +0000[diff] [blame]1151 if (depth > 0) {
1152 LOG(LS_INFO) << "Ignored chained certificate at depth " << depth;
1153 return 1;
1154 }
1155
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]1156 OpenSSLStreamAdapter* stream =
1157 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl));
henrike@webrtc.org4e5f65a2014-06-05 20:40:11 +0000[diff] [blame]1158
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1159 // Record the peer's certificate.
1160 stream->peer_certificate_.reset(new OpenSSLCertificate(cert));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1161
deadbeef89824f62016-09-30 11:55:43 -0700[diff] [blame]1162 // If the peer certificate digest isn't known yet, we'll wait to verify
1163 // until it's known, and for now just return a success status.
1164 if (stream->peer_certificate_digest_algorithm_.empty()) {
1165 LOG(LS_INFO) << "Waiting to verify certificate until digest is known.";
1166 return 1;
1167 }
1168
1169 return stream->VerifyPeerCertificate();
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1170}
1171
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]1172bool OpenSSLStreamAdapter::HaveDtls() {
1173 return true;
1174}
1175
1176bool OpenSSLStreamAdapter::HaveDtlsSrtp() {
1177#ifdef HAVE_DTLS_SRTP
1178 return true;
1179#else
1180 return false;
1181#endif
1182}
1183
1184bool OpenSSLStreamAdapter::HaveExporter() {
1185#ifdef HAVE_DTLS_SRTP
1186 return true;
1187#else
1188 return false;
1189#endif
1190}
1191
Taylor Brandstetter4f0dfbd2016-06-15 17:15:23 -0700[diff] [blame]1192bool OpenSSLStreamAdapter::IsBoringSsl() {
1193#ifdef OPENSSL_IS_BORINGSSL
1194 return true;
1195#else
1196 return false;
1197#endif
1198}
1199
torbjorng43166b82016-03-11 00:06:47 -0800[diff] [blame]1200#define CDEF(X) \
1201 { static_cast<uint16_t>(TLS1_CK_##X & 0xffff), "TLS_" #X }
1202
1203struct cipher_list {
1204 uint16_t cipher;
1205 const char* cipher_str;
1206};
1207
1208// TODO(torbjorng): Perhaps add more cipher suites to these lists.
1209static const cipher_list OK_RSA_ciphers[] = {
1210 CDEF(ECDHE_RSA_WITH_AES_128_CBC_SHA),
1211 CDEF(ECDHE_RSA_WITH_AES_256_CBC_SHA),
1212 CDEF(ECDHE_RSA_WITH_AES_128_GCM_SHA256),
1213#ifdef TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA256
1214 CDEF(ECDHE_RSA_WITH_AES_256_GCM_SHA256),
1215#endif
torbjorngaad67802016-04-07 08:55:28 -0700[diff] [blame]1216#ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
torbjorng43166b82016-03-11 00:06:47 -0800[diff] [blame]1217 CDEF(ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256),
torbjorngaad67802016-04-07 08:55:28 -0700[diff] [blame]1218#endif
torbjorng43166b82016-03-11 00:06:47 -0800[diff] [blame]1219};
1220
1221static const cipher_list OK_ECDSA_ciphers[] = {
1222 CDEF(ECDHE_ECDSA_WITH_AES_128_CBC_SHA),
1223 CDEF(ECDHE_ECDSA_WITH_AES_256_CBC_SHA),
1224 CDEF(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256),
1225#ifdef TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256
1226 CDEF(ECDHE_ECDSA_WITH_AES_256_GCM_SHA256),
1227#endif
torbjorngaad67802016-04-07 08:55:28 -0700[diff] [blame]1228#ifdef TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
torbjorng43166b82016-03-11 00:06:47 -0800[diff] [blame]1229 CDEF(ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256),
torbjorngaad67802016-04-07 08:55:28 -0700[diff] [blame]1230#endif
torbjorng43166b82016-03-11 00:06:47 -0800[diff] [blame]1231};
1232#undef CDEF
1233
1234bool OpenSSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) {
Torbjorn Granlundb6d4ec42015-08-17 14:08:59 +0200[diff] [blame]1235 if (key_type == KT_RSA) {
torbjorng43166b82016-03-11 00:06:47 -0800[diff] [blame]1236 for (const cipher_list& c : OK_RSA_ciphers) {
1237 if (cipher == c.cipher)
1238 return true;
Torbjorn Granlundb6d4ec42015-08-17 14:08:59 +0200[diff] [blame]1239 }
Joachim Bauch831c5582015-05-20 12:48:41 +0200[diff] [blame]1240 }
torbjorng43166b82016-03-11 00:06:47 -0800[diff] [blame]1241
1242 if (key_type == KT_ECDSA) {
1243 for (const cipher_list& c : OK_ECDSA_ciphers) {
1244 if (cipher == c.cipher)
1245 return true;
1246 }
1247 }
1248
1249 return false;
1250}
1251
1252bool OpenSSLStreamAdapter::IsAcceptableCipher(const std::string& cipher,
1253 KeyType key_type) {
1254 if (key_type == KT_RSA) {
1255 for (const cipher_list& c : OK_RSA_ciphers) {
1256 if (cipher == c.cipher_str)
1257 return true;
1258 }
1259 }
1260
1261 if (key_type == KT_ECDSA) {
1262 for (const cipher_list& c : OK_ECDSA_ciphers) {
1263 if (cipher == c.cipher_str)
1264 return true;
1265 }
1266 }
1267
1268 return false;
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36 +0000[diff] [blame]1269}
1270
deadbeef6cf94a02016-11-28 17:38:34 -0800[diff] [blame]1271void OpenSSLStreamAdapter::enable_time_callback_for_testing() {
1272 g_use_time_callback_for_testing = true;
1273}
1274
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1275} // namespace rtc
deadbeeff33491e2017-01-20 17:01:45 -0800[diff] [blame]1276
1277#endif // HAVE_OPENSSL_SSL_H