1 /*
2 * Copyright (C) 2004-2015 Free Software Foundation, Inc.
3 * Copyright (C) 2013 Adam Sampson <ats@offog.org>
4 * Copyright (C) 2015 Red Hat, Inc.
5 *
6 * Author: Nikos Mavrogiannopoulos
7 *
8 * This file is part of GnuTLS.
9 *
10 * GnuTLS is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 3 of the License, or
13 * (at your option) any later version.
14 *
15 * GnuTLS is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with GnuTLS; if not, write to the Free Software Foundation,
22 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
23 */
24
25 /* Tests whether memory input to ciphers are properly aligned */
26
27 #ifdef HAVE_CONFIG_H
28 #include <config.h>
29 #endif
30
31 #include <stdio.h>
32 #include <stdlib.h>
33
34 #if defined(_WIN32)
35
36 /* socketpair isn't supported on Win32. */
main(int argc,char ** argv)37 int main(int argc, char **argv)
38 {
39 exit(77);
40 }
41
42 #else
43
44 #include <string.h>
45 #include <sys/types.h>
46 #include <sys/socket.h>
47 #if !defined(_WIN32)
48 #include <sys/wait.h>
49 #endif
50 #include <unistd.h>
51 #include <gnutls/gnutls.h>
52 #include <gnutls/crypto.h>
53 #include <nettle/aes.h>
54 #include <nettle/cbc.h>
55 #include <nettle/gcm.h>
56 #include <assert.h>
57
58 #include "utils.h"
59
60 #include "ex-session-info.c"
61 #include "ex-x509-info.c"
62
63 static pid_t child;
64
tls_log_func(int level,const char * str)65 static void tls_log_func(int level, const char *str)
66 {
67 fprintf(stderr, "%s |<%d>| %s", child ? "server" : "client", level,
68 str);
69 }
70
71 #define MAX_BUF 1024
72 #define MSG "Hello TLS"
73
74 static unsigned char ca_pem[] =
75 "-----BEGIN CERTIFICATE-----\n"
76 "MIIB5zCCAVKgAwIBAgIERiYdJzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n"
77 "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTExWhcNMDgwNDE3MTMyOTExWjAZMRcw\n"
78 "FQYDVQQDEw5HbnVUTFMgdGVzdCBDQTCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA\n"
79 "vuyYeh1vfmslnuggeEKgZAVmQ5ltSdUY7H25WGSygKMUYZ0KT74v8C780qtcNt9T\n"
80 "7EPH/N6RvB4BprdssgcQLsthR3XKA84jbjjxNCcaGs33lvOz8A1nf8p3hD+cKfRi\n"
81 "kfYSW2JazLrtCC4yRCas/SPOUxu78of+3HiTfFm/oXUCAwEAAaNDMEEwDwYDVR0T\n"
82 "AQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTpPBz7rZJu5gak\n"
83 "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n"
84 "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n"
85 "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n"
86 "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n";
87 const gnutls_datum_t ca = { ca_pem, sizeof(ca_pem) };
88
89 static unsigned char cert_pem[] =
90 "-----BEGIN CERTIFICATE-----\n"
91 "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n"
92 "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n"
93 "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n"
94 "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n"
95 "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n"
96 "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n"
97 "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n"
98 "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n"
99 "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n"
100 "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n"
101 "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n"
102 "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n";
103 const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) };
104
105 static unsigned char key_pem[] =
106 "-----BEGIN RSA PRIVATE KEY-----\n"
107 "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n"
108 "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n"
109 "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n"
110 "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n"
111 "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n"
112 "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n"
113 "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n"
114 "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n"
115 "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n"
116 "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n"
117 "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n"
118 "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n"
119 "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n"
120 "-----END RSA PRIVATE KEY-----\n";
121 const gnutls_datum_t key = { key_pem, sizeof(key_pem) };
122
123 struct myaes_ctx {
124 struct aes128_ctx aes;
125 unsigned char iv[16];
126 int enc;
127 };
128
129 static unsigned aes_init = 0;
130
131 static int
myaes_init(gnutls_cipher_algorithm_t algorithm,void ** _ctx,int enc)132 myaes_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
133 {
134 if (algorithm != GNUTLS_CIPHER_AES_128_CBC)
135 return GNUTLS_E_INVALID_REQUEST;
136
137 *_ctx = calloc(1, sizeof(struct myaes_ctx));
138 if (*_ctx == NULL) {
139 return GNUTLS_E_MEMORY_ERROR;
140 }
141
142 ((struct myaes_ctx *) (*_ctx))->enc = enc;
143 aes_init = 1;
144
145 return 0;
146 }
147
148 static int
myaes_setkey(void * _ctx,const void * userkey,size_t keysize)149 myaes_setkey(void *_ctx, const void *userkey, size_t keysize)
150 {
151 struct myaes_ctx *ctx = _ctx;
152
153 assert(keysize == 16);
154
155 if (ctx->enc)
156 aes128_set_encrypt_key(&ctx->aes, userkey);
157 else
158 aes128_set_decrypt_key(&ctx->aes, userkey);
159
160 return 0;
161 }
162
myaes_setiv(void * _ctx,const void * iv,size_t iv_size)163 static int myaes_setiv(void *_ctx, const void *iv, size_t iv_size)
164 {
165 struct myaes_ctx *ctx = _ctx;
166
167 memcpy(ctx->iv, iv, 16);
168 return 0;
169 }
170
171 static int
myaes_encrypt(void * _ctx,const void * src,size_t src_size,void * dst,size_t dst_size)172 myaes_encrypt(void *_ctx, const void *src, size_t src_size,
173 void *dst, size_t dst_size)
174 {
175 struct myaes_ctx *ctx = _ctx;
176
177 #if 0 /* this is under the control of the caller */
178 if (((unsigned long)src)%16 != 0) {
179 fail("encrypt: source is not 16-byte aligned: %lu\n", ((unsigned long)src)%16);
180 }
181 #endif
182
183 if (((unsigned long)dst)%16 != 0) {
184 fail("encrypt: dest is not 16-byte aligned: %lu\n", ((unsigned long)dst)%16);
185 }
186
187 cbc_encrypt(&ctx->aes, (nettle_cipher_func*)aes128_encrypt, 16, ctx->iv, src_size, dst, src);
188 return 0;
189 }
190
191 static int
myaes_decrypt(void * _ctx,const void * src,size_t src_size,void * dst,size_t dst_size)192 myaes_decrypt(void *_ctx, const void *src, size_t src_size,
193 void *dst, size_t dst_size)
194 {
195 struct myaes_ctx *ctx = _ctx;
196
197 if (((unsigned long)src)%16 != 0) {
198 fail("decrypt: source is not 16-byte aligned: %lu\n", ((unsigned long)src)%16);
199 }
200
201 #if 0 /* this is under the control of the caller */
202 if (((unsigned long)dst)%16 != 0) {
203 fail("decrypt: dest is not 16-byte aligned: %lu\n", ((unsigned long)dst)%16);
204 }
205 #endif
206
207 cbc_decrypt(&ctx->aes, (nettle_cipher_func*)aes128_decrypt, 16, ctx->iv, src_size, dst, src);
208
209 return 0;
210 }
211
myaes_deinit(void * _ctx)212 static void myaes_deinit(void *_ctx)
213 {
214 free(_ctx);
215 }
216
client(int sd,const char * prio)217 static void client(int sd, const char *prio)
218 {
219 int ret, ii;
220 gnutls_session_t session;
221 char buffer[MAX_BUF + 1];
222 gnutls_certificate_credentials_t xcred;
223
224 gnutls_global_set_log_function(tls_log_func);
225 if (debug)
226 gnutls_global_set_log_level(6);
227
228 gnutls_certificate_allocate_credentials(&xcred);
229
230 /* sets the trusted cas file
231 */
232 gnutls_certificate_set_x509_trust_mem(xcred, &ca,
233 GNUTLS_X509_FMT_PEM);
234 gnutls_certificate_set_x509_key_mem(xcred, &cert, &key,
235 GNUTLS_X509_FMT_PEM);
236
237 /* Initialize TLS session
238 */
239 gnutls_init(&session, GNUTLS_CLIENT);
240
241 assert(gnutls_priority_set_direct(session, prio, NULL)>=0);
242
243 /* put the x509 credentials to the current session
244 */
245 gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
246
247 gnutls_transport_set_int(session, sd);
248
249 /* Perform the TLS handshake
250 */
251 ret = gnutls_handshake(session);
252
253 if (ret < 0) {
254 fail("client: Handshake failed\n");
255 gnutls_perror(ret);
256 goto end;
257 } else if (debug) {
258 success("client: Handshake was completed\n");
259 }
260
261 if (debug)
262 success("client: TLS version is: %s\n",
263 gnutls_protocol_get_name
264 (gnutls_protocol_get_version(session)));
265
266 /* see the Getting peer's information example */
267 if (debug)
268 print_info(session);
269
270 ret = gnutls_record_send(session, MSG, strlen(MSG));
271
272 if (ret == strlen(MSG)) {
273 if (debug)
274 success("client: sent record.\n");
275 } else {
276 fail("client: failed to send record.\n");
277 gnutls_perror(ret);
278 goto end;
279 }
280
281 ret = gnutls_record_recv(session, buffer, MAX_BUF);
282
283 if (debug)
284 success("client: recv returned %d.\n", ret);
285
286 if (ret == GNUTLS_E_REHANDSHAKE) {
287 if (debug)
288 success("client: doing handshake!\n");
289 ret = gnutls_handshake(session);
290 if (ret == 0) {
291 if (debug)
292 success
293 ("client: handshake complete, reading again.\n");
294 ret = gnutls_record_recv(session, buffer, MAX_BUF);
295 } else {
296 fail("client: handshake failed.\n");
297 }
298 }
299
300 if (ret == 0) {
301 if (debug)
302 success
303 ("client: Peer has closed the TLS connection\n");
304 goto end;
305 } else if (ret < 0) {
306 fail("client: Error: %s\n", gnutls_strerror(ret));
307 goto end;
308 }
309
310 if (debug) {
311 printf("- Received %d bytes: ", ret);
312 for (ii = 0; ii < ret; ii++) {
313 fputc(buffer[ii], stdout);
314 }
315 fputs("\n", stdout);
316 }
317
318 gnutls_bye(session, GNUTLS_SHUT_RDWR);
319
320 end:
321
322 close(sd);
323
324 gnutls_deinit(session);
325
326 gnutls_certificate_free_credentials(xcred);
327 }
328
329 /* This is a sample TLS 1.0 echo server, using X.509 authentication.
330 */
331
332 #define MAX_BUF 1024
333
334 /* These are global */
335
336
337
338 static unsigned char server_cert_pem[] =
339 "-----BEGIN CERTIFICATE-----\n"
340 "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n"
341 "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n"
342 "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n"
343 "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n"
344 "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n"
345 "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n"
346 "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n"
347 "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n"
348 "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n"
349 "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n"
350 "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n"
351 "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n"
352 "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n";
353
354 const gnutls_datum_t server_cert = { server_cert_pem,
355 sizeof(server_cert_pem)
356 };
357
358 static unsigned char server_key_pem[] =
359 "-----BEGIN RSA PRIVATE KEY-----\n"
360 "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n"
361 "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n"
362 "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n"
363 "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n"
364 "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n"
365 "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n"
366 "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n"
367 "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n"
368 "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n"
369 "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n"
370 "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n"
371 "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n"
372 "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n"
373 "-----END RSA PRIVATE KEY-----\n";
374
375 const gnutls_datum_t server_key = { server_key_pem,
376 sizeof(server_key_pem)
377 };
378
server(int sd,const char * prio)379 static void server(int sd, const char *prio)
380 {
381 gnutls_certificate_credentials_t x509_cred;
382 int ret;
383 gnutls_session_t session;
384 char buffer[MAX_BUF + 1];
385
386 /* this must be called once in the program
387 */
388 gnutls_global_set_log_function(tls_log_func);
389 if (debug)
390 gnutls_global_set_log_level(6);
391
392 gnutls_certificate_allocate_credentials(&x509_cred);
393 gnutls_certificate_set_x509_trust_mem(x509_cred, &ca,
394 GNUTLS_X509_FMT_PEM);
395
396 gnutls_certificate_set_x509_key_mem(x509_cred, &server_cert,
397 &server_key,
398 GNUTLS_X509_FMT_PEM);
399
400 if (debug)
401 success("Launched, generating DH parameters...\n");
402
403 gnutls_init(&session, GNUTLS_SERVER);
404
405 /* avoid calling all the priority functions, since the defaults
406 * are adequate.
407 */
408 assert(gnutls_priority_set_direct(session, prio, NULL)>=0);
409
410 gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);
411
412 gnutls_transport_set_int(session, sd);
413 ret = gnutls_handshake(session);
414 if (ret < 0) {
415 close(sd);
416 gnutls_deinit(session);
417 fail("server: Handshake has failed (%s)\n\n",
418 gnutls_strerror(ret));
419 return;
420 }
421 if (debug) {
422 success("server: Handshake was completed\n");
423 success("server: TLS version is: %s\n",
424 gnutls_protocol_get_name
425 (gnutls_protocol_get_version(session)));
426 }
427
428 /* see the Getting peer's information example */
429 if (debug)
430 print_info(session);
431
432 for (;;) {
433 memset(buffer, 0, MAX_BUF + 1);
434 ret = gnutls_record_recv(session, buffer, MAX_BUF);
435
436 if (ret == 0) {
437 if (debug)
438 success
439 ("server: Peer has closed the GnuTLS connection\n");
440 break;
441 } else if (ret < 0) {
442 fail("server: Received corrupted data(%d). Closing...\n", ret);
443 break;
444 } else if (ret > 0) {
445 /* echo data back to the client
446 */
447 gnutls_record_send(session, buffer,
448 strlen(buffer));
449 }
450 }
451 /* do not wait for the peer to close the connection.
452 */
453 gnutls_bye(session, GNUTLS_SHUT_WR);
454
455 close(sd);
456 gnutls_deinit(session);
457
458 gnutls_certificate_free_credentials(x509_cred);
459
460 if (debug)
461 success("server: finished\n");
462 }
463
464 static
start(const char * prio)465 void start(const char *prio)
466 {
467 int sockets[2];
468 int err;
469
470 err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
471 if (err == -1) {
472 perror("socketpair");
473 fail("socketpair failed\n");
474 return;
475 }
476
477 child = fork();
478 if (child < 0) {
479 perror("fork");
480 fail("fork");
481 return;
482 }
483
484 if (child) {
485 int status;
486
487 server(sockets[0], prio);
488 wait(&status);
489 check_wait_status(status);
490 } else {
491 client(sockets[1], prio);
492 exit(0);
493 }
494 }
495
doit(void)496 void doit(void)
497 {
498 int ret;
499
500 global_init();
501
502 ret = gnutls_crypto_register_cipher(GNUTLS_CIPHER_AES_128_CBC, 1,
503 myaes_init,
504 myaes_setkey,
505 myaes_setiv,
506 myaes_encrypt,
507 myaes_decrypt,
508 myaes_deinit);
509 if (ret < 0) {
510 fail("%d: cannot register cipher\n", __LINE__);
511 }
512
513
514 start("NORMAL:-CIPHER-ALL:+AES-128-CBC:-VERS-ALL:+VERS-TLS1.1");
515 start("NORMAL:-CIPHER-ALL:+AES-128-CBC:-VERS-ALL:+VERS-TLS1.2");
516
517 assert(aes_init != 0);
518
519 gnutls_global_deinit();
520 }
521
522 #endif /* _WIN32 */
523