diff options
Diffstat (limited to 'lib/ssl/src')
54 files changed, 2547 insertions, 914 deletions
| diff --git a/lib/ssl/src/Makefile b/lib/ssl/src/Makefile index 0c00a650b9..790328dc45 100644 --- a/lib/ssl/src/Makefile +++ b/lib/ssl/src/Makefile @@ -1,18 +1,19 @@  #  # %CopyrightBegin%  # -# Copyright Ericsson AB 1999-2014. All Rights Reserved. +# Copyright Ericsson AB 1999-2015. All Rights Reserved.  # -# The contents of this file are subject to the Erlang Public License, -# Version 1.1, (the "License"); you may not use this file except in -# compliance with the License. You should have received a copy of the -# Erlang Public License along with this software. If not, it can be -# retrieved online at http://www.erlang.org/. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at  # -# Software distributed under the License is distributed on an "AS IS" -# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -# the License for the specific language governing rights and limitations -# under the License. +#     http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License.  #  # %CopyrightEnd%  # @@ -38,7 +39,8 @@ RELSYSDIR = $(RELEASE_PATH)/lib/ssl-$(VSN)  # ----------------------------------------------------  BEHAVIOUR_MODULES= \ -        ssl_session_cache_api +        ssl_session_cache_api \ +	ssl_crl_cache_api  MODULES= \  	ssl \ @@ -65,6 +67,8 @@ MODULES= \  	ssl_manager \  	ssl_session \  	ssl_session_cache \ +	ssl_crl\ +	ssl_crl_cache \  	ssl_socket \  	ssl_listen_tracker_sup \  	tls_record \ @@ -164,5 +168,5 @@ $(EBIN)/ssl_session_cache.$(EMULATOR):  ssl_internal.hrl ssl_handshake.hrl  $(EBIN)/ssl_session_cache_api.$(EMULATOR):  ssl_internal.hrl ssl_handshake.hrl  $(EBIN)/ssl_ssl3.$(EMULATOR): ssl_internal.hrl ssl_record.hrl ssl_cipher.hrl  $(EBIN)/ssl_tls1.$(EMULATOR): ssl_internal.hrl ssl_record.hrl ssl_cipher.hrl - +$(EBIN)/ssl_cache.$(EMULATOR): ssl_cache.erl ssl_internal.hrl ../../public_key/include/public_key.hrl diff --git a/lib/ssl/src/dtls.erl b/lib/ssl/src/dtls.erl index 780bddeb10..14aefd4989 100644 --- a/lib/ssl/src/dtls.erl +++ b/lib/ssl/src/dtls.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 1999-2013. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl index 508983ddac..78662e0ea2 100644 --- a/lib/ssl/src/dtls_connection.erl +++ b/lib/ssl/src/dtls_connection.erl @@ -1,18 +1,19 @@  %%  %% %CopyrightBegin%  %% -%% Copyright Ericsson AB 2013-2014. All Rights Reserved. +%% Copyright Ericsson AB 2013-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -146,7 +147,7 @@ init([Role, Host, Port, Socket, {SSLOpts0, _} = Options,  User, CbInfo]) ->      Handshake = ssl_handshake:init_handshake_history(),      TimeStamp = calendar:datetime_to_gregorian_seconds({date(), time()}),      try ssl_config:init(SSLOpts0, Role) of -	{ok, Ref, CertDbHandle, FileRefHandle, CacheHandle, OwnCert, Key, DHParams} -> +	{ok, Ref, CertDbHandle, FileRefHandle, CacheHandle,  CRLDbInfo, OwnCert, Key, DHParams} ->  	    Session = State0#state.session,  	    State = State0#state{  		      tls_handshake_history = Handshake, @@ -155,6 +156,7 @@ init([Role, Host, Port, Socket, {SSLOpts0, _} = Options,  User, CbInfo]) ->  		      file_ref_db = FileRefHandle,  		      cert_db_ref = Ref,  		      cert_db = CertDbHandle, +		      crl_db = CRLDbInfo,  		      session_cache = CacheHandle,  		      private_key = Key,  		      diffie_hellman_params = DHParams}, @@ -227,9 +229,9 @@ hello(Hello,      case dtls_handshake:hello(Hello, SslOptions, ConnectionStates0, Renegotiation) of  	#alert{} = Alert ->  	    handle_own_alert(Alert, ReqVersion, hello, State); -	{Version, NewId, ConnectionStates, NextProtocol} -> +	{Version, NewId, ConnectionStates, ProtoExt, Protocol} ->  	    ssl_connection:handle_session(Hello,  -					  Version, NewId, ConnectionStates, NextProtocol, State) +					  Version, NewId, ConnectionStates, ProtoExt, Protocol, State)      end;  hello(Msg, State) -> @@ -513,6 +515,7 @@ initial_state(Role, Host, Port, Socket, {SSLOptions, SocketOptions}, User,  	   user_data_buffer = <<>>,  	   session_cache_cb = SessionCacheCb,  	   renegotiation = {false, first}, +	   allow_renegotiate = SSLOptions#ssl_options.client_renegotiation,  	   start_or_recv_from = undefined,  	   send_queue = queue:new(),  	   protocol_cb = ?MODULE diff --git a/lib/ssl/src/dtls_connection.hrl b/lib/ssl/src/dtls_connection.hrl index 08707dc8de..b74801b50a 100644 --- a/lib/ssl/src/dtls_connection.hrl +++ b/lib/ssl/src/dtls_connection.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/dtls_connection_sup.erl b/lib/ssl/src/dtls_connection_sup.erl index 0b4711cfb4..cf50537869 100644 --- a/lib/ssl/src/dtls_connection_sup.erl +++ b/lib/ssl/src/dtls_connection_sup.erl @@ -3,16 +3,17 @@  %%   %% Copyright Ericsson AB 2007-2014. All Rights Reserved.  %%  -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%%  -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%   %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/dtls_handshake.erl b/lib/ssl/src/dtls_handshake.erl index 31d525b295..22c0ce7a13 100644 --- a/lib/ssl/src/dtls_handshake.erl +++ b/lib/ssl/src/dtls_handshake.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  -module(dtls_handshake). @@ -181,8 +182,8 @@ handle_server_hello_extensions(Version, SessionId, Random, CipherSuite,  						      SslOpt, ConnectionStates0, Renegotiation) of  	#alert{} = Alert ->  	    Alert; -	{ConnectionStates, Protocol} -> -	    {Version, SessionId, ConnectionStates, Protocol} +	{ConnectionStates, ProtoExt, Protocol} -> +	    {Version, SessionId, ConnectionStates, ProtoExt, Protocol}      end.  dtls_fragment(Mss, MsgType, Len, MsgSeq, Bin, Offset, Acc) diff --git a/lib/ssl/src/dtls_handshake.hrl b/lib/ssl/src/dtls_handshake.hrl index 3b57575b6d..be32112120 100644 --- a/lib/ssl/src/dtls_handshake.hrl +++ b/lib/ssl/src/dtls_handshake.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/dtls_record.erl b/lib/ssl/src/dtls_record.erl index ae35dd7ea4..2530d66052 100644 --- a/lib/ssl/src/dtls_record.erl +++ b/lib/ssl/src/dtls_record.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd% @@ -120,6 +121,26 @@ get_dtls_records_aux(Data, Acc) ->      end.  encode_plain_text(Type, Version, Data, +		  #connection_states{current_write = +					 #connection_state{ +					    epoch = Epoch, +					    sequence_number = Seq, +					    compression_state=CompS0, +					    security_parameters= +						#security_parameters{ +						   cipher_type = ?AEAD, +						   compression_algorithm=CompAlg} +					   }= WriteState0} = ConnectionStates) -> +    {Comp, CompS1} = ssl_record:compress(CompAlg, Data, CompS0), +    WriteState1 = WriteState0#connection_state{compression_state = CompS1}, +    AAD = calc_aad(Type, Version, Epoch, Seq), +    {CipherFragment, WriteState} = ssl_record:cipher_aead(dtls_v1:corresponding_tls_version(Version), +							  Comp, WriteState1, AAD), +    CipherText = encode_tls_cipher_text(Type, Version, Epoch, Seq, CipherFragment), +    {CipherText, ConnectionStates#connection_states{current_write = +							WriteState#connection_state{sequence_number = Seq +1}}}; + +encode_plain_text(Type, Version, Data,  		  #connection_states{current_write=#connection_state{  						      epoch = Epoch,  						      sequence_number = Seq, @@ -141,16 +162,44 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version,  			    sequence_number = Seq,  			    fragment = CipherFragment} = CipherText,  		   #connection_states{current_read = -					  #connection_state{compression_state = CompressionS0, -							    security_parameters = SecParams} = ReadState0} -		   = ConnnectionStates0) -> -    CompressAlg = SecParams#security_parameters.compression_algorithm, +					  #connection_state{ +					     compression_state = CompressionS0, +					     security_parameters= +						 #security_parameters{ +						    cipher_type = ?AEAD, +						    compression_algorithm=CompAlg} +					    } = ReadState0}= ConnnectionStates0) -> +    AAD = calc_aad(Type, Version, Epoch, Seq), +    case ssl_record:decipher_aead(dtls_v1:corresponding_tls_version(Version), +				  CipherFragment, ReadState0, AAD) of +	{PlainFragment, ReadState1} -> +	    {Plain, CompressionS1} = ssl_record:uncompress(CompAlg, +							   PlainFragment, CompressionS0), +	    ConnnectionStates = ConnnectionStates0#connection_states{ +				  current_read = ReadState1#connection_state{ +						   compression_state = CompressionS1}}, +	    {CipherText#ssl_tls{fragment = Plain}, ConnnectionStates}; +	#alert{} = Alert -> +	    Alert +    end; + +decode_cipher_text(#ssl_tls{type = Type, version = Version, +			    epoch = Epoch, +			    sequence_number = Seq, +			    fragment = CipherFragment} = CipherText, +		   #connection_states{current_read = +					  #connection_state{ +					     compression_state = CompressionS0, +					     security_parameters= +						 #security_parameters{ +						    compression_algorithm=CompAlg} +					    } = ReadState0}= ConnnectionStates0) ->      {PlainFragment, Mac, ReadState1} = ssl_record:decipher(dtls_v1:corresponding_tls_version(Version),  							   CipherFragment, ReadState0, true),      MacHash = calc_mac_hash(ReadState1, Type, Version, Epoch, Seq, PlainFragment),      case ssl_record:is_correct_mac(Mac, MacHash) of  	true -> -	    {Plain, CompressionS1} = ssl_record:uncompress(CompressAlg, +	    {Plain, CompressionS1} = ssl_record:uncompress(CompAlg,  							   PlainFragment, CompressionS0),  	    ConnnectionStates = ConnnectionStates0#connection_states{  				  current_read = ReadState1#connection_state{ @@ -368,3 +417,7 @@ calc_mac_hash(#connection_state{mac_secret = MacSecret,  mac_hash(Version, MacAlg, MacSecret, SeqNo, Type, Length, Fragment) ->      dtls_v1:mac_hash(Version, MacAlg, MacSecret, SeqNo, Type,  		     Length, Fragment). + +calc_aad(Type, {MajVer, MinVer}, Epoch, SeqNo) -> +    NewSeq = (Epoch bsl 48) + SeqNo, +    <<NewSeq:64/integer, ?BYTE(Type), ?BYTE(MajVer), ?BYTE(MinVer)>>. diff --git a/lib/ssl/src/dtls_record.hrl b/lib/ssl/src/dtls_record.hrl index edb77fb2b1..ab59a5fea1 100644 --- a/lib/ssl/src/dtls_record.hrl +++ b/lib/ssl/src/dtls_record.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/dtls_v1.erl b/lib/ssl/src/dtls_v1.erl index 5a7ab32887..99cedd2adc 100644 --- a/lib/ssl/src/dtls_v1.erl +++ b/lib/ssl/src/dtls_v1.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/inet_tls_dist.erl b/lib/ssl/src/inet_tls_dist.erl index a633df1558..404ae93d20 100644 --- a/lib/ssl/src/inet_tls_dist.erl +++ b/lib/ssl/src/inet_tls_dist.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2011-2012. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl.app.src b/lib/ssl/src/ssl.app.src index 36681e2897..be8ef6f85f 100644 --- a/lib/ssl/src/ssl.app.src +++ b/lib/ssl/src/ssl.app.src @@ -39,6 +39,10 @@  	       ssl_manager,  	       ssl_pkix_db,  	       ssl_certificate, +	       %% CRL handling +	       ssl_crl, +	       ssl_crl_cache,  +	       ssl_crl_cache_api,  	       %% App structure  	       ssl_app,  	       ssl_sup, @@ -49,7 +53,7 @@      {applications, [crypto, public_key, kernel, stdlib]},      {env, []},      {mod, {ssl_app, []}}, -    {runtime_dependencies, ["stdlib-2.0","public_key-0.22","kernel-3.0", -			    "erts-6.0","crypto-3.3"]}]}. +    {runtime_dependencies, ["stdlib-2.0","public_key-1.0","kernel-3.0", +			    "erts-6.0","crypto-3.3", "inets-5.10.7"]}]}. diff --git a/lib/ssl/src/ssl.appup.src b/lib/ssl/src/ssl.appup.src index d100e41930..8d5bd6f8d8 100644 --- a/lib/ssl/src/ssl.appup.src +++ b/lib/ssl/src/ssl.appup.src @@ -1,16 +1,26 @@  %% -*- erlang -*-  {"%VSN%",   [ -  {<<"6.0">>, [{load_module, ssl_handshake, soft_purge, soft_purge, []}]}, -  {<<"5\\.3\\.[1-7]($|\\..*)">>, [{restart_application, ssl}]}, -  {<<"5\\.[0-2]($|\\..*)">>, [{restart_application, ssl}]}, +  {<<"7\\.0">>, [{load_module, ssl, soft_purge, soft_purge, []}, +	       {load_module, ssl_connection, soft_purge, soft_purge, []}, +	       {load_module, tls_connection, soft_purge, soft_purge, []}, +	       {load_module, ssl_session, soft_purge, soft_purge, []}, +	       {load_module, ssl_session_cache, soft_purge, soft_purge, []} +	      ]}, +  {<<"6\\..*">>, [{restart_application, ssl}]}, +  {<<"5\\..*">>, [{restart_application, ssl}]},    {<<"4\\..*">>, [{restart_application, ssl}]},    {<<"3\\..*">>, [{restart_application, ssl}]}   ],    [ -  {<<"6.0">>, [{load_module, ssl_handshake, soft_purge, soft_purge, []}]}, -  {<<"5\\.3\\.[1-7]($|\\..*)">>, [{restart_application, ssl}]}, -  {<<"5\\.[0-2]($|\\..*)">>, [{restart_application, ssl}]}, +  {<<"7\\.0">>, [{load_module, ssl, soft_purge, soft_purge, []}, +	       {load_module, ssl_connection, soft_purge, soft_purge, []}, +	       {load_module, tls_connection, soft_purge, soft_purge, []}, +	       {load_module, ssl_session, soft_purge, soft_purge, []}, +	       {load_module, ssl_session_cache, soft_purge, soft_purge, []} +	      ]}, +  {<<"6\\..*">>, [{restart_application, ssl}]}, +  {<<"5\\..*">>, [{restart_application, ssl}]},    {<<"4\\..*">>, [{restart_application, ssl}]},    {<<"3\\..*">>, [{restart_application, ssl}]}   ] diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 5f4ad7f013..03495cfd90 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 1999-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -33,14 +34,18 @@  	 listen/2, transport_accept/1, transport_accept/2,  	 ssl_accept/1, ssl_accept/2, ssl_accept/3,  	 controlling_process/2, peername/1, peercert/1, sockname/1, -	 close/1, shutdown/2, recv/2, recv/3, send/2, getopts/2, setopts/2 +	 close/1, close/2, shutdown/2, recv/2, recv/3, send/2, getopts/2, setopts/2  	]).  %% SSL/TLS protocol handling  -export([cipher_suites/0, cipher_suites/1, suite_definition/1,  	 connection_info/1, versions/0, session_info/1, format_error/1, -	 renegotiate/1, prf/5, negotiated_next_protocol/1]). +     renegotiate/1, prf/5, negotiated_protocol/1, negotiated_next_protocol/1, +	 connection_information/1, connection_information/2]).  %% Misc --export([random_bytes/1]). +-export([random_bytes/1, handle_options/2]). + +-deprecated({negotiated_next_protocol, 1, next_major_release}). +-deprecated({connection_info, 1, next_major_release}).  -include("ssl_api.hrl").  -include("ssl_internal.hrl"). @@ -94,7 +99,8 @@ stop() ->  connect(Socket, SslOptions) when is_port(Socket) ->      connect(Socket, SslOptions, infinity). -connect(Socket, SslOptions0, Timeout) when is_port(Socket) -> +connect(Socket, SslOptions0, Timeout) when is_port(Socket), +					    (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity) ->      {Transport,_,_,_} = proplists:get_value(cb_info, SslOptions0,  					      {gen_tcp, tcp, tcp_closed, tcp_error}),      EmulatedOptions = ssl_socket:emulated_options(), @@ -120,7 +126,7 @@ connect(Socket, SslOptions0, Timeout) when is_port(Socket) ->  connect(Host, Port, Options) ->      connect(Host, Port, Options, infinity). -connect(Host, Port, Options, Timeout) -> +connect(Host, Port, Options, Timeout) when (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity) ->      try handle_options(Options) of  	{ok, Config} ->  	    do_connect(Host,Port,Config,Timeout) @@ -170,7 +176,7 @@ transport_accept(#sslsocket{pid = {ListenSocket,  				   #config{transport_info =  {Transport,_,_, _} =CbInfo,  					   connection_cb = ConnectionCb,  					   ssl = SslOpts, -					   emulated = Tracker}}}, Timeout) ->    +					   emulated = Tracker}}}, Timeout) when (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity) ->         case Transport:accept(ListenSocket, Timeout) of  	{ok, Socket} ->  	    {ok, EmOpts} = ssl_socket:get_emulated_opts(Tracker), @@ -203,15 +209,16 @@ transport_accept(#sslsocket{pid = {ListenSocket,  ssl_accept(ListenSocket) ->      ssl_accept(ListenSocket, infinity). -ssl_accept(#sslsocket{} = Socket, Timeout) -> +ssl_accept(#sslsocket{} = Socket, Timeout) when  (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity) ->      ssl_connection:handshake(Socket, Timeout);  ssl_accept(ListenSocket, SslOptions)  when is_port(ListenSocket) ->       ssl_accept(ListenSocket, SslOptions, infinity). -ssl_accept(#sslsocket{} = Socket, [], Timeout) -> +ssl_accept(#sslsocket{} = Socket, [], Timeout) when (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity)->      ssl_accept(#sslsocket{} = Socket, Timeout); -ssl_accept(#sslsocket{fd = {_, _, _, Tracker}} = Socket, SslOpts0, Timeout) -> +ssl_accept(#sslsocket{fd = {_, _, _, Tracker}} = Socket, SslOpts0, Timeout) when  +      (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity)->      try   	{ok, EmOpts, InheritedSslOpts} = ssl_socket:get_all_opts(Tracker),	  	SslOpts = handle_options(SslOpts0, InheritedSslOpts), @@ -219,7 +226,8 @@ ssl_accept(#sslsocket{fd = {_, _, _, Tracker}} = Socket, SslOpts0, Timeout) ->      catch  	Error = {error, _Reason} -> Error      end; -ssl_accept(Socket, SslOptions, Timeout) when is_port(Socket) ->  +ssl_accept(Socket, SslOptions, Timeout) when is_port(Socket), +					     (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity) ->       {Transport,_,_,_} =  	proplists:get_value(cb_info, SslOptions, {gen_tcp, tcp, tcp_closed, tcp_error}),      EmulatedOptions = ssl_socket:emulated_options(), @@ -242,11 +250,27 @@ ssl_accept(Socket, SslOptions, Timeout) when is_port(Socket) ->  %% Description: Close an ssl connection  %%--------------------------------------------------------------------  close(#sslsocket{pid = Pid}) when is_pid(Pid) -> -    ssl_connection:close(Pid); +    ssl_connection:close(Pid, {close, ?DEFAULT_TIMEOUT});  close(#sslsocket{pid = {ListenSocket, #config{transport_info={Transport,_, _, _}}}}) ->      Transport:close(ListenSocket).  %%-------------------------------------------------------------------- +-spec  close(#sslsocket{}, integer() | {pid(), integer()}) -> term(). +%% +%% Description: Close an ssl connection +%%-------------------------------------------------------------------- +close(#sslsocket{pid = TLSPid},  +      {Pid, Timeout} = DownGrade) when is_pid(TLSPid),  +				       is_pid(Pid),  +				       (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity) -> +    ssl_connection:close(TLSPid, {close, DownGrade}); +close(#sslsocket{pid = TLSPid}, Timeout) when is_pid(TLSPid),  +					      (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity) -> +    ssl_connection:close(TLSPid, {close, Timeout}); +close(#sslsocket{pid = {ListenSocket, #config{transport_info={Transport,_, _, _}}}}, _) -> +    Transport:close(ListenSocket). + +%%--------------------------------------------------------------------  -spec send(#sslsocket{}, iodata()) -> ok | {error, reason()}.  %%  %% Description: Sends data over the ssl connection @@ -264,7 +288,8 @@ send(#sslsocket{pid = {ListenSocket, #config{transport_info={Transport, _, _, _}  %%--------------------------------------------------------------------  recv(Socket, Length) ->      recv(Socket, Length, infinity). -recv(#sslsocket{pid = Pid}, Length, Timeout) when is_pid(Pid) -> +recv(#sslsocket{pid = Pid}, Length, Timeout) when is_pid(Pid), +						  (is_integer(Timeout) andalso Timeout > 0) or (Timeout == infinity)->      ssl_connection:recv(Pid, Length, Timeout);  recv(#sslsocket{pid = {Listen,  		       #config{transport_info = {Transport, _, _, _}}}}, _,_) when is_port(Listen)-> @@ -284,16 +309,42 @@ controlling_process(#sslsocket{pid = {Listen,  				   is_pid(NewOwner) ->      Transport:controlling_process(Listen, NewOwner). + +%%-------------------------------------------------------------------- +-spec connection_information(#sslsocket{}) -> {ok, list()} | {error, reason()}. +%% +%% Description: Return SSL information for the connection +%%-------------------------------------------------------------------- +connection_information(#sslsocket{pid = Pid}) when is_pid(Pid) -> ssl_connection:connection_information(Pid); +connection_information(#sslsocket{pid = {Listen, _}}) when is_port(Listen) -> {error, enotconn}. + + +%%-------------------------------------------------------------------- +-spec connection_information(#sslsocket{}, [atom]) -> {ok, list()} | {error, reason()}. +%% +%% Description: Return SSL information for the connection +%%-------------------------------------------------------------------- +connection_information(#sslsocket{} = SSLSocket, Items) ->  +    case connection_information(SSLSocket) of +        {ok, I} -> +            {ok, lists:filter(fun({K, _}) -> lists:foldl(fun(K1, Acc) when K1 =:= K -> Acc +  1; (_, Acc) -> Acc end, 0, Items) > 0 end, I)}; +        E -> +            E +    end. +  %%--------------------------------------------------------------------  -spec connection_info(#sslsocket{}) -> 	{ok, {tls_record:tls_atom_version(), ssl_cipher:erl_cipher_suite()}} |  					{error, reason()}.  %%  %% Description: Returns ssl protocol and cipher used for the connection  %%-------------------------------------------------------------------- -connection_info(#sslsocket{pid = Pid}) when is_pid(Pid) -> -    ssl_connection:info(Pid); -connection_info(#sslsocket{pid = {Listen, _}}) when is_port(Listen) -> -    {error, enotconn}. +connection_info(#sslsocket{} = SSLSocket) -> +    case connection_information(SSLSocket) of +        {ok, Result} -> +            {ok, {proplists:get_value(protocol, Result), proplists:get_value(cipher_suite, Result)}}; +        Error -> +            Error +    end.  %%--------------------------------------------------------------------  -spec peername(#sslsocket{}) -> {ok, {inet:ip_address(), inet:port_number()}} | {error, reason()}. @@ -330,13 +381,27 @@ suite_definition(S) ->      {KeyExchange, Cipher, Hash}.  %%-------------------------------------------------------------------- +-spec negotiated_protocol(#sslsocket{}) -> {ok, binary()} | {error, reason()}. +%% +%% Description: Returns the protocol that has been negotiated. If no +%% protocol has been negotiated will return {error, protocol_not_negotiated} +%%-------------------------------------------------------------------- +negotiated_protocol(#sslsocket{pid = Pid}) -> +    ssl_connection:negotiated_protocol(Pid). + +%%--------------------------------------------------------------------  -spec negotiated_next_protocol(#sslsocket{}) -> {ok, binary()} | {error, reason()}.  %%  %% Description: Returns the next protocol that has been negotiated. If no  %% protocol has been negotiated will return {error, next_protocol_not_negotiated}  %%-------------------------------------------------------------------- -negotiated_next_protocol(#sslsocket{pid = Pid}) -> -    ssl_connection:negotiated_next_protocol(Pid). +negotiated_next_protocol(Socket) -> +    case negotiated_protocol(Socket) of +        {error, protocol_not_negotiated} -> +            {error, next_protocol_not_negotiated}; +        Res -> +            Res +    end.  %%--------------------------------------------------------------------  -spec cipher_suites(erlang | openssl | all) -> [ssl_cipher:erl_cipher_suite()] | @@ -353,12 +418,8 @@ cipher_suites(openssl) ->       || S <- ssl_cipher:filter_suites(ssl_cipher:suites(Version))];  cipher_suites(all) ->      Version = tls_record:highest_protocol_version([]), -    Supported = ssl_cipher:all_suites(Version) -	++ ssl_cipher:anonymous_suites() -	++ ssl_cipher:psk_suites(Version) -	++ ssl_cipher:srp_suites(), -    ssl_cipher:filter_suites([suite_definition(S) || S <- Supported]). - +    ssl_cipher:filter_suites([suite_definition(S) +			      || S <-ssl_cipher:all_suites(Version)]).  cipher_suites() ->      cipher_suites(erlang). @@ -454,7 +515,7 @@ session_info(#sslsocket{pid = {Listen,_}}) when is_port(Listen) ->  versions() ->      Vsns = tls_record:supported_protocol_versions(),      SupportedVsns = [tls_record:protocol_version(Vsn) || Vsn <- Vsns], -    AvailableVsns = ?ALL_SUPPORTED_VERSIONS, +    AvailableVsns = ?ALL_AVAILABLE_VERSIONS,      %% TODO Add DTLS versions when supported      [{ssl_app, ?VSN}, {supported, SupportedVsns}, {available, AvailableVsns}]. @@ -645,9 +706,14 @@ handle_options(Opts0) ->  		    reuse_session = handle_option(reuse_session, Opts, ReuseSessionFun),  		    reuse_sessions = handle_option(reuse_sessions, Opts, true),  		    secure_renegotiate = handle_option(secure_renegotiate, Opts, false), +		    client_renegotiation = handle_option(client_renegotiation, Opts, true),  		    renegotiate_at = handle_option(renegotiate_at, Opts, ?DEFAULT_RENEGOTIATE_AT),  		    hibernate_after = handle_option(hibernate_after, Opts, undefined),  		    erl_dist = handle_option(erl_dist, Opts, false), +		    alpn_advertised_protocols = +			handle_option(alpn_advertised_protocols, Opts, undefined), +		    alpn_preferred_protocols = +			handle_option(alpn_preferred_protocols, Opts, undefined),  		    next_protocols_advertised =  			handle_option(next_protocols_advertised, Opts, undefined),  		    next_protocol_selector = @@ -655,10 +721,14 @@ handle_options(Opts0) ->  			  handle_option(client_preferred_next_protocols, Opts, undefined)),  		    log_alert = handle_option(log_alert, Opts, true),  		    server_name_indication = handle_option(server_name_indication, Opts, undefined), +		    sni_hosts = handle_option(sni_hosts, Opts, []), +		    sni_fun = handle_option(sni_fun, Opts, undefined),  		    honor_cipher_order = handle_option(honor_cipher_order, Opts, false),  		    protocol = proplists:get_value(protocol, Opts, tls),  		    padding_check =  proplists:get_value(padding_check, Opts, true), -		    fallback =  proplists:get_value(fallback, Opts, false) +		    fallback =  proplists:get_value(fallback, Opts, false), +		    crl_check = handle_option(crl_check, Opts, false), +		    crl_cache = handle_option(crl_cache, Opts, {ssl_crl_cache, {internal, []}})  		   },      CbInfo  = proplists:get_value(cb_info, Opts, {gen_tcp, tcp, tcp_closed, tcp_error}), @@ -667,11 +737,12 @@ handle_options(Opts0) ->  		  depth, cert, certfile, key, keyfile,  		  password, cacerts, cacertfile, dh, dhfile,  		  user_lookup_fun, psk_identity, srp_identity, ciphers, -		  reuse_session, reuse_sessions, ssl_imp, +		  reuse_session, reuse_sessions, ssl_imp, client_renegotiation,  		  cb_info, renegotiate_at, secure_renegotiate, hibernate_after, -		  erl_dist, next_protocols_advertised, +		  erl_dist, alpn_advertised_protocols, sni_hosts, sni_fun, +		  alpn_preferred_protocols, next_protocols_advertised,  		  client_preferred_next_protocols, log_alert, -		  server_name_indication, honor_cipher_order, padding_check, +		  server_name_indication, honor_cipher_order, padding_check, crl_check, crl_cache,  		  fallback],      SockOpts = lists:foldl(fun(Key, PropList) -> @@ -685,6 +756,18 @@ handle_options(Opts0) ->  		 inet_user = SockOpts, transport_info = CbInfo, connection_cb = ConnetionCb  		}}. +handle_option(sni_fun, Opts, Default) -> +    OptFun = validate_option(sni_fun, +                             proplists:get_value(sni_fun, Opts, Default)), +    OptHosts = proplists:get_value(sni_hosts, Opts, undefined), +    case {OptFun, OptHosts} of +        {Default, _} -> +            Default; +        {_, undefined} -> +            OptFun; +        _ -> +            throw({error, {conflict_options, [sni_fun, sni_hosts]}}) +    end;  handle_option(OptionName, Opts, Default) ->      validate_option(OptionName,  		    proplists:get_value(OptionName, Opts, Default)). @@ -741,6 +824,7 @@ validate_option(key, {KeyType, Value}) when is_binary(Value),  					    KeyType == dsa; %% Backwards compatibility  					    KeyType == 'RSAPrivateKey';  					    KeyType == 'DSAPrivateKey'; +					    KeyType == 'ECPrivateKey';  					    KeyType == 'PrivateKeyInfo' ->      {KeyType, Value}; @@ -796,6 +880,8 @@ validate_option(reuse_sessions, Value) when is_boolean(Value) ->  validate_option(secure_renegotiate, Value) when is_boolean(Value) ->      Value; +validate_option(client_renegotiation, Value) when is_boolean(Value) -> +    Value;  validate_option(renegotiate_at, Value) when is_integer(Value) ->      erlang:min(Value, ?DEFAULT_RENEGOTIATE_AT); @@ -805,6 +891,20 @@ validate_option(hibernate_after, Value) when is_integer(Value), Value >= 0 ->      Value;  validate_option(erl_dist,Value) when is_boolean(Value) ->      Value; +validate_option(Opt, Value) +  when Opt =:= alpn_advertised_protocols orelse Opt =:= alpn_preferred_protocols, +       is_list(Value) -> +    case tls_record:highest_protocol_version([]) of +	{3,0} -> +	    throw({error, {options, {not_supported_in_sslv3, {Opt, Value}}}}); +	_ -> +	    validate_binary_list(Opt, Value), +	    Value +    end; +validate_option(Opt, Value) +  when Opt =:= alpn_advertised_protocols orelse Opt =:= alpn_preferred_protocols, +       Value =:= undefined -> +    undefined;  validate_option(client_preferred_next_protocols = Opt, {Precedence, PreferredProtocols} = Value)    when is_list(PreferredProtocols) ->      case tls_record:highest_protocol_version([]) of @@ -848,15 +948,41 @@ validate_option(server_name_indication, disable) ->      disable;  validate_option(server_name_indication, undefined) ->      undefined; +validate_option(sni_hosts, []) -> +    []; +validate_option(sni_hosts, [{Hostname, SSLOptions} | Tail]) when is_list(Hostname) -> +	RecursiveSNIOptions = proplists:get_value(sni_hosts, SSLOptions, undefined), +	case RecursiveSNIOptions of +		undefined -> +			[{Hostname, validate_options(SSLOptions)} | validate_option(sni_hosts, Tail)]; +		_ -> +			throw({error, {options, {sni_hosts, RecursiveSNIOptions}}}) +	end; +validate_option(sni_fun, undefined) -> +    undefined; +validate_option(sni_fun, Fun) when is_function(Fun) -> +    Fun;  validate_option(honor_cipher_order, Value) when is_boolean(Value) ->      Value;  validate_option(padding_check, Value) when is_boolean(Value) ->      Value;  validate_option(fallback, Value) when is_boolean(Value) ->      Value; +validate_option(crl_check, Value) when is_boolean(Value)  -> +    Value; +validate_option(crl_check, Value) when (Value == best_effort) or (Value == peer) ->  +    Value; +validate_option(crl_cache, {Cb, {_Handle, Options}} = Value) when is_atom(Cb) and is_list(Options) -> +    Value;  validate_option(Opt, Value) ->      throw({error, {options, {Opt, Value}}}). + +validate_options([]) -> +	[]; +validate_options([{Opt, Value} | Tail]) -> +	[{Opt, validate_option(Opt, Value)} | validate_options(Tail)]. +  validate_npn_ordering(client) ->      ok;  validate_npn_ordering(server) -> @@ -959,10 +1085,7 @@ binary_cipher_suites(Version, [{_,_,_}| _] = Ciphers0) ->      binary_cipher_suites(Version, Ciphers);  binary_cipher_suites(Version, [Cipher0 | _] = Ciphers0) when is_binary(Cipher0) -> -    All = ssl_cipher:suites(Version) -	++ ssl_cipher:anonymous_suites() -	++ ssl_cipher:psk_suites(Version) -	++ ssl_cipher:srp_suites(), +    All = ssl_cipher:all_suites(Version),      case [Cipher || Cipher <- Ciphers0, lists:member(Cipher, All)] of  	[] ->  	    %% Defaults to all supported suites that does @@ -1128,8 +1251,14 @@ new_ssl_options([{renegotiate_at, Value} | Rest], #ssl_options{} = Opts, RecordC      new_ssl_options(Rest, Opts#ssl_options{ renegotiate_at = validate_option(renegotiate_at, Value)}, RecordCB);  new_ssl_options([{secure_renegotiate, Value} | Rest], #ssl_options{} = Opts, RecordCB) ->       new_ssl_options(Rest, Opts#ssl_options{secure_renegotiate = validate_option(secure_renegotiate, Value)}, RecordCB);  +new_ssl_options([{client_renegotiation, Value} | Rest], #ssl_options{} = Opts, RecordCB) ->  +    new_ssl_options(Rest, Opts#ssl_options{client_renegotiation = validate_option(client_renegotiation, Value)}, RecordCB);   new_ssl_options([{hibernate_after, Value} | Rest], #ssl_options{} = Opts, RecordCB) ->       new_ssl_options(Rest, Opts#ssl_options{hibernate_after = validate_option(hibernate_after, Value)}, RecordCB); +new_ssl_options([{alpn_advertised_protocols, Value} | Rest], #ssl_options{} = Opts, RecordCB) -> +	new_ssl_options(Rest, Opts#ssl_options{alpn_advertised_protocols = validate_option(alpn_advertised_protocols, Value)}, RecordCB); +new_ssl_options([{alpn_preferred_protocols, Value} | Rest], #ssl_options{} = Opts, RecordCB) -> +	new_ssl_options(Rest, Opts#ssl_options{alpn_preferred_protocols = validate_option(alpn_preferred_protocols, Value)}, RecordCB);  new_ssl_options([{next_protocols_advertised, Value} | Rest], #ssl_options{} = Opts, RecordCB) ->       new_ssl_options(Rest, Opts#ssl_options{next_protocols_advertised = validate_option(next_protocols_advertised, Value)}, RecordCB);  new_ssl_options([{client_preferred_next_protocols, Value} | Rest], #ssl_options{} = Opts, RecordCB) ->  @@ -1189,3 +1318,4 @@ handle_verify_options(Opts, CaCerts) ->  	Value ->  	    throw({error, {options, {verify, Value}}})      end. + diff --git a/lib/ssl/src/ssl_alert.erl b/lib/ssl/src/ssl_alert.erl index 9e372f739a..3e35e24527 100644 --- a/lib/ssl/src/ssl_alert.erl +++ b/lib/ssl/src/ssl_alert.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -163,5 +164,7 @@ description_txt(?UNKNOWN_PSK_IDENTITY) ->      "unknown psk identity";  description_txt(?INAPPROPRIATE_FALLBACK) ->      "inappropriate fallback"; +description_txt(?NO_APPLICATION_PROTOCOL) -> +    "no application protocol";  description_txt(Enum) ->      lists:flatten(io_lib:format("unsupported/unknown alert: ~p", [Enum])). diff --git a/lib/ssl/src/ssl_alert.hrl b/lib/ssl/src/ssl_alert.hrl index a3619e4a35..8c4bd08d31 100644 --- a/lib/ssl/src/ssl_alert.hrl +++ b/lib/ssl/src/ssl_alert.hrl @@ -3,16 +3,17 @@  %%   %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %%  -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%%  -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%   %% %CopyrightEnd%  %% @@ -69,6 +70,8 @@  %%         bad_certificate_hash_value(114),        %% RFC 4366  %%       unknown_psk_identity(115), +%% RFC 7301 +%%       no_application_protocol(120),  %%           (255)  %%       } AlertDescription; @@ -103,6 +106,7 @@  -define(BAD_CERTIFICATE_STATUS_RESPONSE, 113).  -define(BAD_CERTIFICATE_HASH_VALUE, 114).  -define(UNKNOWN_PSK_IDENTITY, 115). +-define(NO_APPLICATION_PROTOCOL, 120).  -define(ALERT_REC(Level,Desc), #alert{level=Level,description=Desc,where={?FILE, ?LINE}}). diff --git a/lib/ssl/src/ssl_api.hrl b/lib/ssl/src/ssl_api.hrl index 22185ff60a..ceef7b0438 100644 --- a/lib/ssl/src/ssl_api.hrl +++ b/lib/ssl/src/ssl_api.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -49,6 +50,8 @@                           {srp_identity, {string(), string()}} |                           {ciphers, ciphers()} | {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} |                           {reuse_session, fun()} | {hibernate_after, integer()|undefined} | +                         {alpn_advertised_protocols, [binary()]} | +                         {alpn_preferred_protocols, [binary()]} |                           {next_protocols_advertised, list(binary())} |                           {client_preferred_next_protocols, binary(), client | server, list(binary())}. diff --git a/lib/ssl/src/ssl_app.erl b/lib/ssl/src/ssl_app.erl index 0c475a6d01..191300b0a1 100644 --- a/lib/ssl/src/ssl_app.erl +++ b/lib/ssl/src/ssl_app.erl @@ -3,16 +3,17 @@  %%   %% Copyright Ericsson AB 1998-2011. All Rights Reserved.  %%  -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%%  -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%   %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl index 30d224fee2..4658e76ab1 100644 --- a/lib/ssl/src/ssl_certificate.erl +++ b/lib/ssl/src/ssl_certificate.erl @@ -1,18 +1,19 @@  %%  %% %CopyrightBegin%  %% -%% Copyright Ericsson AB 2007-2014 All Rights Reserved. +%% Copyright Ericsson AB 2007-2015 All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -33,7 +34,8 @@  -export([trusted_cert_and_path/4,  	 certificate_chain/3,  	 file_to_certificats/2, -	 validate_extension/3, +	 file_to_crls/2, +	 validate/3,  	 is_valid_extkey_usage/2,  	 is_valid_key_usage/2,  	 select_extension/2, @@ -83,16 +85,19 @@ trusted_cert_and_path(CertChain, CertDbHandle, CertDbRef, PartialChainHandler) -      end.  %%-------------------------------------------------------------------- --spec certificate_chain(undefined | binary(), db_handle(), certdb_ref()) -> -			  {error, no_cert} | {ok, [der_cert()]}. +-spec certificate_chain(undefined | binary() | #'OTPCertificate'{} , db_handle(), certdb_ref()) -> +			  {error, no_cert} | {ok, #'OTPCertificate'{} | undefined, [der_cert()]}.  %%  %% Description: Return the certificate chain to send to peer.  %%--------------------------------------------------------------------  certificate_chain(undefined, _, _) ->      {error, no_cert}; -certificate_chain(OwnCert, CertDbHandle, CertsDbRef) -> +certificate_chain(OwnCert, CertDbHandle, CertsDbRef) when is_binary(OwnCert) ->      ErlCert = public_key:pkix_decode_cert(OwnCert, otp), -    certificate_chain(ErlCert, OwnCert, CertDbHandle, CertsDbRef, [OwnCert]). +    certificate_chain(ErlCert, OwnCert, CertDbHandle, CertsDbRef, [OwnCert]); +certificate_chain(OwnCert, CertDbHandle, CertsDbRef) -> +    DerCert = public_key:pkix_encode('OTPCertificate', OwnCert, otp), +    certificate_chain(OwnCert, DerCert, CertDbHandle, CertsDbRef, [DerCert]).  %%--------------------------------------------------------------------  -spec file_to_certificats(binary(), term()) -> [der_cert()].  %% @@ -101,29 +106,39 @@ certificate_chain(OwnCert, CertDbHandle, CertsDbRef) ->  file_to_certificats(File, DbHandle) ->      {ok, List} = ssl_manager:cache_pem_file(File, DbHandle),      [Bin || {'Certificate', Bin, not_encrypted} <- List]. + +%%-------------------------------------------------------------------- +-spec file_to_crls(binary(), term()) -> [der_cert()]. +%% +%% Description: Return list of DER encoded certificates. +%%-------------------------------------------------------------------- +file_to_crls(File, DbHandle) -> +    {ok, List} = ssl_manager:cache_pem_file(File, DbHandle), +    [Bin || {'CertificateList', Bin, not_encrypted} <- List]. +  %%-------------------------------------------------------------------- --spec validate_extension(term(), {extension, #'Extension'{}} | {bad_cert, atom()} | valid, -			 term()) -> {valid, term()} | -				    {fail, tuple()} | -				    {unknown, term()}. +-spec validate(term(), {extension, #'Extension'{}} | {bad_cert, atom()} | valid, +	       term()) -> {valid, term()} | +			  {fail, tuple()} | +			  {unknown, term()}.  %%  %% Description:  Validates ssl/tls specific extensions  %%-------------------------------------------------------------------- -validate_extension(_,{extension, #'Extension'{extnID = ?'id-ce-extKeyUsage', -					      extnValue = KeyUse}}, Role) -> +validate(_,{extension, #'Extension'{extnID = ?'id-ce-extKeyUsage', +				    extnValue = KeyUse}}, {Role, _,_, _, _}) ->      case is_valid_extkey_usage(KeyUse, Role) of  	true ->  	    {valid, Role};  	false ->  	    {fail, {bad_cert, invalid_ext_key_usage}}      end; -validate_extension(_, {bad_cert, _} = Reason, _) -> -    {fail, Reason}; -validate_extension(_, {extension, _}, Role) -> +validate(_, {extension, _}, Role) ->      {unknown, Role}; -validate_extension(_, valid, Role) -> +validate(_, {bad_cert, _} = Reason, _) -> +    {fail, Reason}; +validate(_, valid, Role) ->      {valid, Role}; -validate_extension(_, valid_peer, Role) -> +validate(_, valid_peer, Role) ->      {valid, Role}.  %%-------------------------------------------------------------------- @@ -194,14 +209,14 @@ certificate_chain(OtpCert, _Cert, CertDbHandle, CertsDbRef, Chain) ->  		    %% certificate. The verification of the  		    %% cert chain will fail if guess is  		    %% incorrect. -		    {ok, lists:reverse(Chain)} +		    {ok, undefined, lists:reverse(Chain)}  	    end;  	{{ok, {SerialNr, Issuer}}, SelfSigned} ->   	    certificate_chain(CertDbHandle, CertsDbRef, Chain, SerialNr, Issuer, SelfSigned)      end. -certificate_chain(_,_, Chain, _SerialNr, _Issuer, true) -> -    {ok, lists:reverse(Chain)}; +certificate_chain(_, _, [RootCert | _] = Chain, _, _, true) ->	   +    {ok, RootCert, lists:reverse(Chain)};		        certificate_chain(CertDbHandle, CertsDbRef, Chain, SerialNr, Issuer, _SelfSigned) ->      case ssl_manager:lookup_trusted_cert(CertDbHandle, CertsDbRef, @@ -214,7 +229,7 @@ certificate_chain(CertDbHandle, CertsDbRef, Chain, SerialNr, Issuer, _SelfSigned  	    %% The trusted cert may be obmitted from the chain as the  	    %% counter part needs to have it anyway to be able to  	    %% verify it. -	    {ok, lists:reverse(Chain)}		       +	    {ok, undefined, lists:reverse(Chain)}		            end.  find_issuer(OtpCert, CertDbHandle) -> diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index bec0055353..8c2a16ba96 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -33,9 +34,10 @@  -include_lib("public_key/include/public_key.hrl").  -export([security_parameters/2, security_parameters/3, suite_definition/1, -	 decipher/6, cipher/5, suite/1, suites/1, all_suites/1,  -	 ec_keyed_suites/0, anonymous_suites/0, psk_suites/1, srp_suites/0, -	 openssl_suite/1, openssl_suite_name/1, filter/2, filter_suites/1, +	 cipher_init/3, decipher/6, cipher/5, decipher_aead/6, cipher_aead/6, +	 suite/1, suites/1, all_suites/1,  +	 ec_keyed_suites/0, anonymous_suites/1, psk_suites/1, srp_suites/0, +	 rc4_suites/1, openssl_suite/1, openssl_suite_name/1, filter/2, filter_suites/1,  	 hash_algorithm/1, sign_algorithm/1, is_acceptable_hash/2, is_fallback/1]).  -export_type([cipher_suite/0, @@ -43,7 +45,7 @@  	      key_algo/0]).  -type cipher()            :: null |rc4_128 | idea_cbc | des40_cbc | des_cbc | '3des_ede_cbc'  -			   | aes_128_cbc |  aes_256_cbc. +			   | aes_128_cbc |  aes_256_cbc | aes_128_gcm | aes_256_gcm | chacha20_poly1305.  -type hash()              :: null | sha | md5 | sha224 | sha256 | sha384 | sha512.  -type key_algo()          :: null | rsa | dhe_rsa | dhe_dss | ecdhe_ecdsa| ecdh_ecdsa | ecdh_rsa| srp_rsa| srp_dss | psk | dhe_psk | rsa_psk | dh_anon | ecdh_anon | srp_anon.  -type erl_cipher_suite()  :: {key_algo(), cipher(), hash()}. @@ -87,20 +89,32 @@ security_parameters(Version, CipherSuite, SecParams) ->        hash_size = hash_size(Hash)}.  %%-------------------------------------------------------------------- +-spec cipher_init(cipher_enum(), binary(), binary()) -> #cipher_state{}. +%% +%% Description: Initializes the #cipher_state according to BCA +%%------------------------------------------------------------------- +cipher_init(?RC4, IV, Key) -> +    State = crypto:stream_init(rc4, Key), +    #cipher_state{iv = IV, key = Key, state = State}; +cipher_init(?AES_GCM, IV, Key) -> +    <<Nonce:64>> = ssl:random_bytes(8), +    #cipher_state{iv = IV, key = Key, nonce = Nonce}; +cipher_init(_BCA, IV, Key) -> +    #cipher_state{iv = IV, key = Key}. + +%%--------------------------------------------------------------------  -spec cipher(cipher_enum(), #cipher_state{}, binary(), iodata(), ssl_record:ssl_version()) ->  		    {binary(), #cipher_state{}}.   %%  %% Description: Encrypts the data and the MAC using chipher described  %% by cipher_enum() and updating the cipher state +%% Used for "MAC then Cipher" suites where first an HMAC of the +%% data is calculated and the data plus the HMAC is ecncrypted.  %%-------------------------------------------------------------------  cipher(?NULL, CipherState, <<>>, Fragment, _Version) ->      GenStreamCipherList = [Fragment, <<>>],      {GenStreamCipherList, CipherState}; -cipher(?RC4, CipherState, Mac, Fragment, _Version) -> -    State0 = case CipherState#cipher_state.state of -                 undefined -> crypto:stream_init(rc4, CipherState#cipher_state.key); -                 S -> S -             end, +cipher(?RC4, CipherState = #cipher_state{state = State0}, Mac, Fragment, _Version) ->      GenStreamCipherList = [Fragment, Mac],      {State1, T} = crypto:stream_encrypt(State0, GenStreamCipherList),      {T, CipherState#cipher_state{state = State1}}; @@ -112,13 +126,40 @@ cipher(?'3DES', CipherState, Mac, Fragment, Version) ->      block_cipher(fun(<<K1:8/binary, K2:8/binary, K3:8/binary>>, IV, T) ->  			 crypto:block_encrypt(des3_cbc, [K1, K2, K3], IV, T)  		 end, block_size(des_cbc), CipherState, Mac, Fragment, Version); -cipher(?AES, CipherState, Mac, Fragment, Version) -> +cipher(?AES_CBC, CipherState, Mac, Fragment, Version) ->      block_cipher(fun(Key, IV, T) when byte_size(Key) =:= 16 ->  			 crypto:block_encrypt(aes_cbc128, Key, IV, T);  		    (Key, IV, T) when byte_size(Key) =:= 32 ->  			 crypto:block_encrypt(aes_cbc256, Key, IV, T)  		 end, block_size(aes_128_cbc), CipherState, Mac, Fragment, Version). +%%-------------------------------------------------------------------- +-spec cipher_aead(cipher_enum(), #cipher_state{}, integer(), binary(), iodata(), ssl_record:ssl_version()) -> +		    {binary(), #cipher_state{}}. +%% +%% Description: Encrypts the data and protects associated data (AAD) using chipher +%% described by cipher_enum() and updating the cipher state +%% Use for suites that use authenticated encryption with associated data (AEAD) +%%------------------------------------------------------------------- +cipher_aead(?AES_GCM, CipherState, SeqNo, AAD, Fragment, Version) -> +    aead_cipher(aes_gcm, CipherState, SeqNo, AAD, Fragment, Version); +cipher_aead(?CHACHA20_POLY1305, CipherState, SeqNo, AAD, Fragment, Version) -> +    aead_cipher(chacha20_poly1305, CipherState, SeqNo, AAD, Fragment, Version). + +aead_cipher(chacha20_poly1305, #cipher_state{key=Key} = CipherState, SeqNo, AAD0, Fragment, _Version) -> +    CipherLen = erlang:iolist_size(Fragment), +    AAD = <<AAD0/binary, ?UINT16(CipherLen)>>, +    Nonce = <<SeqNo:64/integer>>, +    {Content, CipherTag} = crypto:block_encrypt(chacha20_poly1305, Key, Nonce, {AAD, Fragment}), +    {<<Content/binary, CipherTag/binary>>, CipherState}; +aead_cipher(Type, #cipher_state{key=Key, iv = IV0, nonce = Nonce} = CipherState, _SeqNo, AAD0, Fragment, _Version) -> +    CipherLen = erlang:iolist_size(Fragment), +    AAD = <<AAD0/binary, ?UINT16(CipherLen)>>, +    <<Salt:4/bytes, _/binary>> = IV0, +    IV = <<Salt/binary, Nonce:64/integer>>, +    {Content, CipherTag} = crypto:block_encrypt(Type, Key, IV, {AAD, Fragment}), +    {<<Nonce:64/integer, Content/binary, CipherTag/binary>>, CipherState#cipher_state{nonce = Nonce + 1}}. +  build_cipher_block(BlockSz, Mac, Fragment) ->      TotSz = byte_size(Mac) + erlang:iolist_size(Fragment) + 1,      {PaddingLength, Padding} = get_padding(TotSz, BlockSz), @@ -148,14 +189,12 @@ block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV} = CS0,  %%  %% Description: Decrypts the data and the MAC using cipher described  %% by cipher_enum() and updating the cipher state. +%% Used for "MAC then Cipher" suites where first the data is decrypted +%% and the an HMAC of the decrypted data is checked  %%-------------------------------------------------------------------  decipher(?NULL, _HashSz, CipherState, Fragment, _, _) ->      {Fragment, <<>>, CipherState}; -decipher(?RC4, HashSz, CipherState, Fragment, _, _) -> -    State0 = case CipherState#cipher_state.state of -		 undefined -> crypto:stream_init(rc4, CipherState#cipher_state.key); -                 S -> S -             end, +decipher(?RC4, HashSz, CipherState = #cipher_state{state = State0}, Fragment, _, _) ->      try crypto:stream_decrypt(State0, Fragment) of  	{State, Text} ->  	    GSC = generic_stream_cipher_from_bin(Text, HashSz), @@ -179,13 +218,26 @@ decipher(?'3DES', HashSz, CipherState, Fragment, Version, PaddingCheck) ->      block_decipher(fun(<<K1:8/binary, K2:8/binary, K3:8/binary>>, IV, T) ->  			   crypto:block_decrypt(des3_cbc, [K1, K2, K3], IV, T)  		   end, CipherState, HashSz, Fragment, Version, PaddingCheck); -decipher(?AES, HashSz, CipherState, Fragment, Version, PaddingCheck) -> +decipher(?AES_CBC, HashSz, CipherState, Fragment, Version, PaddingCheck) ->      block_decipher(fun(Key, IV, T) when byte_size(Key) =:= 16 ->  			   crypto:block_decrypt(aes_cbc128, Key, IV, T);  		      (Key, IV, T) when byte_size(Key) =:= 32 ->  			   crypto:block_decrypt(aes_cbc256, Key, IV, T)  		   end, CipherState, HashSz, Fragment, Version, PaddingCheck). +%%-------------------------------------------------------------------- +-spec decipher_aead(cipher_enum(),  #cipher_state{}, integer(), binary(), binary(), ssl_record:ssl_version()) -> +			   {binary(), binary(), #cipher_state{}} | #alert{}. +%% +%% Description: Decrypts the data and checks the associated data (AAD) MAC using +%% cipher described by cipher_enum() and updating the cipher state. +%% Use for suites that use authenticated encryption with associated data (AEAD) +%%------------------------------------------------------------------- +decipher_aead(?AES_GCM, CipherState, SeqNo, AAD, Fragment, Version) -> +    aead_decipher(aes_gcm, CipherState, SeqNo, AAD, Fragment, Version); +decipher_aead(?CHACHA20_POLY1305, CipherState, SeqNo, AAD, Fragment, Version) -> +    aead_decipher(chacha20_poly1305, CipherState, SeqNo, AAD, Fragment, Version). +  block_decipher(Fun, #cipher_state{key=Key, iv=IV} = CipherState0,   	       HashSz, Fragment, Version, PaddingCheck) ->      try  @@ -215,6 +267,35 @@ block_decipher(Fun, #cipher_state{key=Key, iv=IV} = CipherState0,  	    %% bad_record_mac alert to hide the specific type of the error."  	    ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)      end. + +aead_ciphertext_to_state(chacha20_poly1305, SeqNo, _IV, AAD0, Fragment, _Version) -> +    CipherLen = size(Fragment) - 16, +    <<CipherText:CipherLen/bytes, CipherTag:16/bytes>> = Fragment, +    AAD = <<AAD0/binary, ?UINT16(CipherLen)>>, +    Nonce = <<SeqNo:64/integer>>, +    {Nonce, AAD, CipherText, CipherTag}; +aead_ciphertext_to_state(_, _SeqNo, <<Salt:4/bytes, _/binary>>, AAD0, Fragment, _Version) -> +    CipherLen = size(Fragment) - 24, +    <<ExplicitNonce:8/bytes, CipherText:CipherLen/bytes,  CipherTag:16/bytes>> = Fragment, +    AAD = <<AAD0/binary, ?UINT16(CipherLen)>>, +    Nonce = <<Salt/binary, ExplicitNonce/binary>>, +    {Nonce, AAD, CipherText, CipherTag}. + +aead_decipher(Type, #cipher_state{key = Key, iv = IV} = CipherState, +	      SeqNo, AAD0, Fragment, Version) -> +    try +	{Nonce, AAD, CipherText, CipherTag} = aead_ciphertext_to_state(Type, SeqNo, IV, AAD0, Fragment, Version), +	case crypto:block_decrypt(Type, Key, Nonce, {AAD, CipherText, CipherTag}) of +	    Content when is_binary(Content) -> +		{Content, CipherState}; +	    _ -> +		?ALERT_REC(?FATAL, ?BAD_RECORD_MAC) +	end +    catch +	_:_ -> +	    ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC) +    end. +  %%--------------------------------------------------------------------  -spec suites(ssl_record:ssl_version()) -> [cipher_suite()].  %% @@ -227,16 +308,27 @@ suites({3, N}) ->  all_suites(Version) ->      suites(Version) -	++ ssl_cipher:anonymous_suites() -	++ ssl_cipher:psk_suites(Version) -	++ ssl_cipher:srp_suites(). +	++ anonymous_suites(Version) +	++ psk_suites(Version) +	++ srp_suites() +        ++ rc4_suites(Version).  %%-------------------------------------------------------------------- --spec anonymous_suites() -> [cipher_suite()]. +-spec anonymous_suites(ssl_record:ssl_version() | integer()) -> [cipher_suite()].  %%  %% Description: Returns a list of the anonymous cipher suites, only supported  %% if explicitly set by user. Intended only for testing.  %%-------------------------------------------------------------------- -anonymous_suites() -> + +anonymous_suites({3, N}) -> +    anonymous_suites(N); + +anonymous_suites(N) +  when N >= 3 -> +    [?TLS_DH_anon_WITH_AES_128_GCM_SHA256, +     ?TLS_DH_anon_WITH_AES_256_GCM_SHA384 +    ] ++ anonymous_suites(0); + +anonymous_suites(_) ->      [?TLS_DH_anon_WITH_RC4_128_MD5,       ?TLS_DH_anon_WITH_DES_CBC_SHA,       ?TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, @@ -260,13 +352,20 @@ psk_suites({3, N}) ->  psk_suites(N)    when N >= 3 -> -    psk_suites(0) ++ -	[?TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, -	 ?TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, -	 ?TLS_PSK_WITH_AES_256_CBC_SHA384, -	 ?TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, -	 ?TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, -	 ?TLS_PSK_WITH_AES_128_CBC_SHA256]; +    [ +     ?TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, +     ?TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, +     ?TLS_PSK_WITH_AES_256_GCM_SHA384, +     ?TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, +     ?TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, +     ?TLS_PSK_WITH_AES_256_CBC_SHA384, +     ?TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, +     ?TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, +     ?TLS_PSK_WITH_AES_128_GCM_SHA256, +     ?TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, +     ?TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, +     ?TLS_PSK_WITH_AES_128_CBC_SHA256 +    ] ++ psk_suites(0);  psk_suites(_) ->  	[?TLS_DHE_PSK_WITH_AES_256_CBC_SHA, @@ -298,6 +397,24 @@ srp_suites() ->       ?TLS_SRP_SHA_WITH_AES_256_CBC_SHA,       ?TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,       ?TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA]. +%%-------------------------------------------------------------------- +-spec rc4_suites(Version::ssl_record:ssl_version()) -> [cipher_suite()]. +%% +%% Description: Returns a list of the RSA|(ECDH/RSA)| (ECDH/ECDSA)  +%% with RC4 cipher suites, only supported if explicitly set by user.  +%% Are not considered secure any more. Other RC4 suites already +%% belonged to the user configured only category. +%%-------------------------------------------------------------------- +rc4_suites({3, 0}) -> +    [?TLS_RSA_WITH_RC4_128_SHA, +     ?TLS_RSA_WITH_RC4_128_MD5]; +rc4_suites({3, N}) when N =< 3 -> +    [?TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, +     ?TLS_ECDHE_RSA_WITH_RC4_128_SHA, +     ?TLS_RSA_WITH_RC4_128_SHA, +     ?TLS_RSA_WITH_RC4_128_MD5, +     ?TLS_ECDH_ECDSA_WITH_RC4_128_SHA, +     ?TLS_ECDH_RSA_WITH_RC4_128_SHA].  %%--------------------------------------------------------------------  -spec suite_definition(cipher_suite()) -> int_cipher_suite(). @@ -418,6 +535,19 @@ suite_definition(?TLS_RSA_PSK_WITH_AES_256_CBC_SHA) ->  %%% TLS 1.2 PSK Cipher Suites RFC 5487 +suite_definition(?TLS_PSK_WITH_AES_128_GCM_SHA256) -> +    {psk, aes_128_gcm, null, sha256}; +suite_definition(?TLS_PSK_WITH_AES_256_GCM_SHA384) -> +    {psk, aes_256_gcm, null, sha384}; +suite_definition(?TLS_DHE_PSK_WITH_AES_128_GCM_SHA256) -> +    {dhe_psk, aes_128_gcm, null, sha256}; +suite_definition(?TLS_DHE_PSK_WITH_AES_256_GCM_SHA384) -> +    {dhe_psk, aes_256_gcm, null, sha384}; +suite_definition(?TLS_RSA_PSK_WITH_AES_128_GCM_SHA256) -> +    {rsa_psk, aes_128_gcm, null, sha256}; +suite_definition(?TLS_RSA_PSK_WITH_AES_256_GCM_SHA384) -> +    {rsa_psk, aes_256_gcm, null, sha384}; +  suite_definition(?TLS_PSK_WITH_AES_128_CBC_SHA256) ->      {psk, aes_128_cbc, sha256, default_prf};  suite_definition(?TLS_PSK_WITH_AES_256_CBC_SHA384) -> @@ -537,7 +667,59 @@ suite_definition(?TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) ->  suite_definition(?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256) ->      {ecdh_rsa, aes_128_cbc, sha256, sha256};  suite_definition(?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384) -> -    {ecdh_rsa, aes_256_cbc, sha384, sha384}. +    {ecdh_rsa, aes_256_cbc, sha384, sha384}; + +%% RFC 5288 AES-GCM Cipher Suites +suite_definition(?TLS_RSA_WITH_AES_128_GCM_SHA256) -> +    {rsa, aes_128_gcm, null, sha256}; +suite_definition(?TLS_RSA_WITH_AES_256_GCM_SHA384) -> +    {rsa, aes_256_gcm, null, sha384}; +suite_definition(?TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) -> +    {dhe_rsa, aes_128_gcm, null, sha256}; +suite_definition(?TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) -> +    {dhe_rsa, aes_256_gcm, null, sha384}; +suite_definition(?TLS_DH_RSA_WITH_AES_128_GCM_SHA256) -> +    {dh_rsa, aes_128_gcm, null, sha256}; +suite_definition(?TLS_DH_RSA_WITH_AES_256_GCM_SHA384) -> +    {dh_rsa, aes_256_gcm, null, sha384}; +suite_definition(?TLS_DHE_DSS_WITH_AES_128_GCM_SHA256) -> +    {dhe_dss, aes_128_gcm, null, sha256}; +suite_definition(?TLS_DHE_DSS_WITH_AES_256_GCM_SHA384) -> +    {dhe_dss, aes_256_gcm, null, sha384}; +suite_definition(?TLS_DH_DSS_WITH_AES_128_GCM_SHA256) -> +    {dh_dss, aes_128_gcm, null, sha256}; +suite_definition(?TLS_DH_DSS_WITH_AES_256_GCM_SHA384) -> +    {dh_dss, aes_256_gcm, null, sha384}; +suite_definition(?TLS_DH_anon_WITH_AES_128_GCM_SHA256) -> +    {dh_anon, aes_128_gcm, null, sha256}; +suite_definition(?TLS_DH_anon_WITH_AES_256_GCM_SHA384) -> +    {dh_anon, aes_256_gcm, null, sha384}; + +%% RFC 5289 ECC AES-GCM Cipher Suites +suite_definition(?TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) -> +    {ecdhe_ecdsa, aes_128_gcm, null, sha256}; +suite_definition(?TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) -> +    {ecdhe_ecdsa, aes_256_gcm, null, sha384}; +suite_definition(?TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256) -> +    {ecdh_ecdsa, aes_128_gcm, null, sha256}; +suite_definition(?TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384) -> +    {ecdh_ecdsa, aes_256_gcm, null, sha384}; +suite_definition(?TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) -> +    {ecdhe_rsa, aes_128_gcm, null, sha256}; +suite_definition(?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) -> +    {ecdhe_rsa, aes_256_gcm, null, sha384}; +suite_definition(?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256) -> +    {ecdh_rsa, aes_128_gcm, null, sha256}; +suite_definition(?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384) -> +    {ecdh_rsa, aes_256_gcm, null, sha384}; + +%% draft-agl-tls-chacha20poly1305-04 Chacha20/Poly1305 Suites +suite_definition(?TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) -> +    {ecdhe_rsa, chacha20_poly1305, null, sha256}; +suite_definition(?TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256) -> +    {ecdhe_ecdsa, chacha20_poly1305, null, sha256}; +suite_definition(?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) -> +    {dhe_rsa, chacha20_poly1305, null, sha256}.  %%--------------------------------------------------------------------  -spec suite(erl_cipher_suite()) -> cipher_suite(). @@ -641,6 +823,19 @@ suite({rsa_psk, aes_256_cbc,sha}) ->  %%% TLS 1.2 PSK Cipher Suites RFC 5487 +suite({psk, aes_128_gcm, null}) -> +    ?TLS_PSK_WITH_AES_128_GCM_SHA256; +suite({psk, aes_256_gcm, null}) -> +    ?TLS_PSK_WITH_AES_256_GCM_SHA384; +suite({dhe_psk, aes_128_gcm, null}) -> +    ?TLS_DHE_PSK_WITH_AES_128_GCM_SHA256; +suite({dhe_psk, aes_256_gcm, null}) -> +    ?TLS_DHE_PSK_WITH_AES_256_GCM_SHA384; +suite({rsa_psk, aes_128_gcm, null}) -> +    ?TLS_RSA_PSK_WITH_AES_128_GCM_SHA256; +suite({rsa_psk, aes_256_gcm, null}) -> +    ?TLS_RSA_PSK_WITH_AES_256_GCM_SHA384; +  suite({psk, aes_128_cbc, sha256}) ->      ?TLS_PSK_WITH_AES_128_CBC_SHA256;  suite({psk, aes_256_cbc, sha384}) -> @@ -760,7 +955,60 @@ suite({ecdhe_rsa, aes_256_cbc, sha384}) ->  suite({ecdh_rsa, aes_128_cbc, sha256}) ->      ?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256;  suite({ecdh_rsa, aes_256_cbc, sha384}) -> -    ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384. +    ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384; + +%% RFC 5288 AES-GCM Cipher Suites +suite({rsa, aes_128_gcm, null}) -> +    ?TLS_RSA_WITH_AES_128_GCM_SHA256; +suite({rsa, aes_256_gcm, null}) -> +    ?TLS_RSA_WITH_AES_256_GCM_SHA384; +suite({dhe_rsa, aes_128_gcm, null}) -> +    ?TLS_DHE_RSA_WITH_AES_128_GCM_SHA256; +suite({dhe_rsa, aes_256_gcm, null}) -> +    ?TLS_DHE_RSA_WITH_AES_256_GCM_SHA384; +suite({dh_rsa, aes_128_gcm, null}) -> +    ?TLS_DH_RSA_WITH_AES_128_GCM_SHA256; +suite({dh_rsa, aes_256_gcm, null}) -> +    ?TLS_DH_RSA_WITH_AES_256_GCM_SHA384; +suite({dhe_dss, aes_128_gcm, null}) -> +    ?TLS_DHE_DSS_WITH_AES_128_GCM_SHA256; +suite({dhe_dss, aes_256_gcm, null}) -> +    ?TLS_DHE_DSS_WITH_AES_256_GCM_SHA384; +suite({dh_dss, aes_128_gcm, null}) -> +    ?TLS_DH_DSS_WITH_AES_128_GCM_SHA256; +suite({dh_dss, aes_256_gcm, null}) -> +    ?TLS_DH_DSS_WITH_AES_256_GCM_SHA384; +suite({dh_anon, aes_128_gcm, null}) -> +    ?TLS_DH_anon_WITH_AES_128_GCM_SHA256; +suite({dh_anon, aes_256_gcm, null}) -> +    ?TLS_DH_anon_WITH_AES_256_GCM_SHA384; + +%% RFC 5289 ECC AES-GCM Cipher Suites +suite({ecdhe_ecdsa, aes_128_gcm, null}) -> +    ?TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256; +suite({ecdhe_ecdsa, aes_256_gcm, null}) -> +    ?TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384; +suite({ecdh_ecdsa, aes_128_gcm, null}) -> +    ?TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256; +suite({ecdh_ecdsa, aes_256_gcm, null}) -> +    ?TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384; +suite({ecdhe_rsa, aes_128_gcm, null}) -> +    ?TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256; +suite({ecdhe_rsa, aes_256_gcm, null}) -> +    ?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384; +suite({ecdh_rsa, aes_128_gcm, null}) -> +    ?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256; +suite({ecdh_rsa, aes_256_gcm, null}) -> +    ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384; + + +%% draft-agl-tls-chacha20poly1305-04 Chacha20/Poly1305 Suites +suite({ecdhe_rsa, chacha20_poly1305, null}) -> +    ?TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256; +suite({ecdhe_ecdsa, chacha20_poly1305, null}) -> +    ?TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256; +suite({dhe_rsa, chacha20_poly1305, null}) -> +    ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256.  %%--------------------------------------------------------------------  -spec openssl_suite(openssl_cipher_suite()) -> cipher_suite(). @@ -875,7 +1123,47 @@ openssl_suite("ECDHE-RSA-AES256-SHA384") ->  openssl_suite("ECDH-RSA-AES128-SHA256") ->      ?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256;  openssl_suite("ECDH-RSA-AES256-SHA384") -> -    ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384. +    ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384; + +%% RFC 5288 AES-GCM Cipher Suites +openssl_suite("AES128-GCM-SHA256") -> +    ?TLS_RSA_WITH_AES_128_GCM_SHA256; +openssl_suite("AES256-GCM-SHA384") -> +    ?TLS_RSA_WITH_AES_256_GCM_SHA384; +openssl_suite("DHE-RSA-AES128-GCM-SHA256") -> +    ?TLS_DHE_RSA_WITH_AES_128_GCM_SHA256; +openssl_suite("DHE-RSA-AES256-GCM-SHA384") -> +    ?TLS_DHE_RSA_WITH_AES_256_GCM_SHA384; +openssl_suite("DH-RSA-AES128-GCM-SHA256") -> +    ?TLS_DH_RSA_WITH_AES_128_GCM_SHA256; +openssl_suite("DH-RSA-AES256-GCM-SHA384") -> +    ?TLS_DH_RSA_WITH_AES_256_GCM_SHA384; +openssl_suite("DHE-DSS-AES128-GCM-SHA256") -> +    ?TLS_DHE_DSS_WITH_AES_128_GCM_SHA256; +openssl_suite("DHE-DSS-AES256-GCM-SHA384") -> +    ?TLS_DHE_DSS_WITH_AES_256_GCM_SHA384; +openssl_suite("DH-DSS-AES128-GCM-SHA256") -> +    ?TLS_DH_DSS_WITH_AES_128_GCM_SHA256; +openssl_suite("DH-DSS-AES256-GCM-SHA384") -> +    ?TLS_DH_DSS_WITH_AES_256_GCM_SHA384; + +%% RFC 5289 ECC AES-GCM Cipher Suites +openssl_suite("ECDHE-ECDSA-AES128-GCM-SHA256") -> +    ?TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256; +openssl_suite("ECDHE-ECDSA-AES256-GCM-SHA384") -> +    ?TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384; +openssl_suite("ECDH-ECDSA-AES128-GCM-SHA256") -> +    ?TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256; +openssl_suite("ECDH-ECDSA-AES256-GCM-SHA384") -> +    ?TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384; +openssl_suite("ECDHE-RSA-AES128-GCM-SHA256") -> +    ?TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256; +openssl_suite("ECDHE-RSA-AES256-GCM-SHA384") -> +    ?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384; +openssl_suite("ECDH-RSA-AES128-GCM-SHA256") -> +    ?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256; +openssl_suite("ECDH-RSA-AES256-GCM-SHA384") -> +    ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384.  %%--------------------------------------------------------------------  -spec openssl_suite_name(cipher_suite()) -> openssl_cipher_suite(). @@ -1012,6 +1300,46 @@ openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256) ->  openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384) ->      "ECDH-RSA-AES256-SHA384"; +%% RFC 5288 AES-GCM Cipher Suites +openssl_suite_name(?TLS_RSA_WITH_AES_128_GCM_SHA256) -> +    "AES128-GCM-SHA256"; +openssl_suite_name(?TLS_RSA_WITH_AES_256_GCM_SHA384) -> +    "AES256-GCM-SHA384"; +openssl_suite_name(?TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) -> +    "DHE-RSA-AES128-GCM-SHA256"; +openssl_suite_name(?TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) -> +    "DHE-RSA-AES256-GCM-SHA384"; +openssl_suite_name(?TLS_DH_RSA_WITH_AES_128_GCM_SHA256) -> +    "DH-RSA-AES128-GCM-SHA256"; +openssl_suite_name(?TLS_DH_RSA_WITH_AES_256_GCM_SHA384) -> +    "DH-RSA-AES256-GCM-SHA384"; +openssl_suite_name(?TLS_DHE_DSS_WITH_AES_128_GCM_SHA256) -> +    "DHE-DSS-AES128-GCM-SHA256"; +openssl_suite_name(?TLS_DHE_DSS_WITH_AES_256_GCM_SHA384) -> +    "DHE-DSS-AES256-GCM-SHA384"; +openssl_suite_name(?TLS_DH_DSS_WITH_AES_128_GCM_SHA256) -> +    "DH-DSS-AES128-GCM-SHA256"; +openssl_suite_name(?TLS_DH_DSS_WITH_AES_256_GCM_SHA384) -> +    "DH-DSS-AES256-GCM-SHA384"; + +%% RFC 5289 ECC AES-GCM Cipher Suites +openssl_suite_name(?TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) -> +    "ECDHE-ECDSA-AES128-GCM-SHA256"; +openssl_suite_name(?TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) -> +    "ECDHE-ECDSA-AES256-GCM-SHA384"; +openssl_suite_name(?TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256) -> +    "ECDH-ECDSA-AES128-GCM-SHA256"; +openssl_suite_name(?TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384) -> +    "ECDH-ECDSA-AES256-GCM-SHA384"; +openssl_suite_name(?TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) -> +    "ECDHE-RSA-AES128-GCM-SHA256"; +openssl_suite_name(?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) -> +    "ECDHE-RSA-AES256-GCM-SHA384"; +openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256) -> +    "ECDH-RSA-AES128-GCM-SHA256"; +openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384) -> +    "ECDH-RSA-AES256-GCM-SHA384"; +  %% No oppenssl name  openssl_suite_name(Cipher) ->      suite_definition(Cipher). @@ -1095,6 +1423,13 @@ is_acceptable_keyexchange(KeyExchange, Algos)  is_acceptable_keyexchange(_, _) ->      true. +is_acceptable_cipher(Cipher, Algos) +  when Cipher == aes_128_gcm; +       Cipher == aes_256_gcm -> +    proplists:get_bool(aes_gcm, Algos); +is_acceptable_cipher(Cipher, Algos) +  when Cipher == chacha20_poly1305 -> +    proplists:get_bool(Cipher, Algos);  is_acceptable_cipher(_, _) ->      true. @@ -1125,7 +1460,12 @@ bulk_cipher_algorithm('3des_ede_cbc') ->      ?'3DES';  bulk_cipher_algorithm(Cipher) when Cipher == aes_128_cbc;  				   Cipher == aes_256_cbc -> -    ?AES. +    ?AES_CBC; +bulk_cipher_algorithm(Cipher) when Cipher == aes_128_gcm; +				   Cipher == aes_256_gcm -> +    ?AES_GCM; +bulk_cipher_algorithm(chacha20_poly1305) -> +    ?CHACHA20_POLY1305.  type(Cipher) when Cipher == null;  		  Cipher == rc4_128 -> @@ -1135,7 +1475,11 @@ type(Cipher) when Cipher == des_cbc;  		  Cipher == '3des_ede_cbc';  		  Cipher == aes_128_cbc;  		  Cipher == aes_256_cbc -> -    ?BLOCK. +    ?BLOCK; +type(Cipher) when Cipher == aes_128_gcm; +		  Cipher == aes_256_gcm; +		  Cipher == chacha20_poly1305 -> +    ?AEAD.  key_material(null) ->      0; @@ -1148,6 +1492,12 @@ key_material('3des_ede_cbc') ->  key_material(aes_128_cbc) ->      16;  key_material(aes_256_cbc) -> +    32; +key_material(aes_128_gcm) -> +    16; +key_material(aes_256_gcm) -> +    32; +key_material(chacha20_poly1305) ->      32.  expanded_key_material(null) -> @@ -1159,7 +1509,10 @@ expanded_key_material(Cipher) when Cipher == des_cbc ->  expanded_key_material('3des_ede_cbc') ->      24;  expanded_key_material(Cipher) when Cipher == aes_128_cbc; - 				   Cipher == aes_256_cbc -> +				   Cipher == aes_256_cbc; +				   Cipher == aes_128_gcm; +				   Cipher == aes_256_gcm; +				   Cipher == chacha20_poly1305 ->      unknown.   @@ -1168,16 +1521,25 @@ effective_key_bits(null) ->  effective_key_bits(des_cbc) ->      56;  effective_key_bits(Cipher) when Cipher == rc4_128; -				Cipher == aes_128_cbc -> +				Cipher == aes_128_cbc; +				Cipher == aes_128_gcm ->      128;  effective_key_bits('3des_ede_cbc') ->      168; -effective_key_bits(aes_256_cbc) -> +effective_key_bits(Cipher) when Cipher == aes_256_cbc; +				Cipher == aes_256_gcm; +				Cipher == chacha20_poly1305 ->      256.  iv_size(Cipher) when Cipher == null; -		     Cipher == rc4_128 -> +		     Cipher == rc4_128; +		     Cipher == chacha20_poly1305->      0; + +iv_size(Cipher) when Cipher == aes_128_gcm; +		     Cipher == aes_256_gcm -> +    4; +  iv_size(Cipher) ->      block_size(Cipher). @@ -1186,7 +1548,10 @@ block_size(Cipher) when Cipher == des_cbc;      8;  block_size(Cipher) when Cipher == aes_128_cbc; -			Cipher == aes_256_cbc -> +			Cipher == aes_256_cbc; +			Cipher == aes_128_gcm; +			Cipher == aes_256_gcm; +			Cipher == chacha20_poly1305 ->      16.  prf_algorithm(default_prf, {3, N}) when N >= 3 -> @@ -1209,7 +1574,9 @@ hash_algorithm(?SHA) -> sha;  hash_algorithm(?SHA224) -> sha224;  hash_algorithm(?SHA256) -> sha256;  hash_algorithm(?SHA384) -> sha384; -hash_algorithm(?SHA512) -> sha512. +hash_algorithm(?SHA512) -> sha512; +hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 7) and (Other =< 223)) -> unassigned; +hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other.  sign_algorithm(anon)  -> ?ANON;  sign_algorithm(rsa)   -> ?RSA; @@ -1218,7 +1585,9 @@ sign_algorithm(ecdsa) -> ?ECDSA;  sign_algorithm(?ANON) -> anon;  sign_algorithm(?RSA) -> rsa;  sign_algorithm(?DSA) -> dsa; -sign_algorithm(?ECDSA) -> ecdsa. +sign_algorithm(?ECDSA) -> ecdsa; +sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 4) and (Other =< 223)) -> unassigned; +sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other.  hash_size(null) ->      0; @@ -1342,10 +1711,15 @@ dhe_rsa_suites() ->       ?TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,       ?TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,       ?TLS_DHE_RSA_WITH_AES_128_CBC_SHA, -     ?TLS_DHE_RSA_WITH_DES_CBC_SHA]. +     ?TLS_DHE_RSA_WITH_DES_CBC_SHA, +     ?TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, +     ?TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, +     ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256].  psk_rsa_suites() -> -    [?TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, +    [?TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, +     ?TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, +     ?TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,       ?TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,       ?TLS_RSA_PSK_WITH_AES_256_CBC_SHA,       ?TLS_RSA_PSK_WITH_AES_128_CBC_SHA, @@ -1365,7 +1739,9 @@ rsa_suites() ->       ?TLS_RSA_WITH_AES_128_CBC_SHA,       ?TLS_RSA_WITH_RC4_128_SHA,       ?TLS_RSA_WITH_RC4_128_MD5, -     ?TLS_RSA_WITH_DES_CBC_SHA]. +     ?TLS_RSA_WITH_DES_CBC_SHA, +     ?TLS_RSA_WITH_AES_128_GCM_SHA256, +     ?TLS_RSA_WITH_AES_256_GCM_SHA384].  ecdh_rsa_suites() ->      [?TLS_ECDH_RSA_WITH_NULL_SHA, @@ -1374,7 +1750,9 @@ ecdh_rsa_suites() ->       ?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,       ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,       ?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, -     ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384]. +     ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, +     ?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, +     ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384].  ecdhe_rsa_suites() ->      [?TLS_ECDHE_RSA_WITH_NULL_SHA, @@ -1383,7 +1761,10 @@ ecdhe_rsa_suites() ->       ?TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,       ?TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,       ?TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, -     ?TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]. +     ?TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, +     ?TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, +     ?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, +     ?TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256].  dsa_signed_suites() ->      dhe_dss_suites() ++ srp_dss_suites(). @@ -1394,7 +1775,9 @@ dhe_dss_suites()  ->       ?TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,       ?TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,       ?TLS_DHE_DSS_WITH_AES_128_CBC_SHA, -     ?TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA]. +     ?TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, +     ?TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, +     ?TLS_DHE_DSS_WITH_AES_256_GCM_SHA384].  srp_dss_suites() ->      [?TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, @@ -1418,7 +1801,9 @@ ecdh_ecdsa_suites() ->       ?TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,       ?TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,       ?TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, -     ?TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384]. +     ?TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, +     ?TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, +     ?TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384].  ecdhe_ecdsa_suites() ->      [?TLS_ECDHE_ECDSA_WITH_NULL_SHA, @@ -1427,7 +1812,10 @@ ecdhe_ecdsa_suites() ->       ?TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,       ?TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,       ?TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, -     ?TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384]. +     ?TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, +     ?TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, +     ?TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, +     ?TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256].  filter_keyuse(OtpCert, Ciphers, Suites, SignSuites) ->      TBSCert = OtpCert#'OTPCertificate'.tbsCertificate,  diff --git a/lib/ssl/src/ssl_cipher.hrl b/lib/ssl/src/ssl_cipher.hrl index 3e50563f0a..8e8f3d9c67 100644 --- a/lib/ssl/src/ssl_cipher.hrl +++ b/lib/ssl/src/ssl_cipher.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -46,7 +47,8 @@  -record(cipher_state, {  	  iv,  	  key, -	  state +	  state, +	  nonce  	 }).  %%% TLS_NULL_WITH_NULL_NULL is specified and is the initial state of a @@ -399,6 +401,24 @@  %%% TLS 1.2 PSK Cipher Suites RFC 5487 +%%      TLS_PSK_WITH_AES_128_GCM_SHA256       = {0x00,0xA8}; +-define(TLS_PSK_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#A8)>>). + +%%      TLS_PSK_WITH_AES_256_GCM_SHA384       = {0x00,0xA9}; +-define(TLS_PSK_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#A9)>>). + +%%      TLS_DHE_PSK_WITH_AES_128_GCM_SHA256   = {0x00,0xAA}; +-define(TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#AA)>>). + +%%      TLS_DHE_PSK_WITH_AES_256_GCM_SHA384   = {0x00,0xAB}; +-define(TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#AB)>>). + +%%      TLS_RSA_PSK_WITH_AES_128_GCM_SHA256   = {0x00,0xAC}; +-define(TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#AC)>>). + +%%      TLS_RSA_PSK_WITH_AES_256_GCM_SHA384   = {0x00,0xAD}; +-define(TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#AD)>>). +  %%      TLS_PSK_WITH_AES_128_CBC_SHA256       = {0x00,0xAE};  -define(TLS_PSK_WITH_AES_128_CBC_SHA256, <<?BYTE(16#00), ?BYTE(16#AE)>>). @@ -464,4 +484,79 @@  %%      TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA  = { 0xC0,0x22 };  -define(TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#22)>>). +%%% AES-GCM Cipher Suites RFC 5288 + +%%      TLS_RSA_WITH_AES_128_GCM_SHA256     = {0x00,0x9C} +-define(TLS_RSA_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#9C)>>). + +%%      TLS_RSA_WITH_AES_256_GCM_SHA384     = {0x00,0x9D} +-define(TLS_RSA_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#9D)>>). + +%%      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = {0x00,0x9E} +-define(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#9E)>>). + +%%      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = {0x00,0x9F} +-define(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#9F)>>). + +%%      TLS_DH_RSA_WITH_AES_128_GCM_SHA256  = {0x00,0xA0} +-define(TLS_DH_RSA_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#A0)>>). + +%%      TLS_DH_RSA_WITH_AES_256_GCM_SHA384  = {0x00,0xA1} +-define(TLS_DH_RSA_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#A1)>>). + +%%      TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = {0x00,0xA2} +-define(TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#A2)>>). + +%%      TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = {0x00,0xA3} +-define(TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#A3)>>). + +%%      TLS_DH_DSS_WITH_AES_128_GCM_SHA256  = {0x00,0xA4} +-define(TLS_DH_DSS_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#A4)>>). + +%%      TLS_DH_DSS_WITH_AES_256_GCM_SHA384  = {0x00,0xA5} +-define(TLS_DH_DSS_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#A5)>>). + +%%      TLS_DH_anon_WITH_AES_128_GCM_SHA256 = {0x00,0xA6} +-define(TLS_DH_anon_WITH_AES_128_GCM_SHA256, <<?BYTE(16#00), ?BYTE(16#A6)>>). + +%%      TLS_DH_anon_WITH_AES_256_GCM_SHA384 = {0x00,0xA7} +-define(TLS_DH_anon_WITH_AES_256_GCM_SHA384, <<?BYTE(16#00), ?BYTE(16#A7)>>). + +%%% ECC AES-GCM Cipher Suites RFC 5289 + +%%      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256  = {0xC0,0x2B}; +-define(TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, <<?BYTE(16#C0), ?BYTE(16#2B)>>). + +%%      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  = {0xC0,0x2C}; +-define(TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, <<?BYTE(16#C0), ?BYTE(16#2C)>>). + +%%      TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256   = {0xC0,0x2D}; +-define(TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, <<?BYTE(16#C0), ?BYTE(16#2D)>>). + +%%      TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384   = {0xC0,0x2E}; +-define(TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, <<?BYTE(16#C0), ?BYTE(16#2E)>>). + +%%      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256    = {0xC0,0x2F}; +-define(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, <<?BYTE(16#C0), ?BYTE(16#2F)>>). + +%%      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    = {0xC0,0x30}; +-define(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, <<?BYTE(16#C0), ?BYTE(16#30)>>). + +%%      TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256     = {0xC0,0x31}; +-define(TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, <<?BYTE(16#C0), ?BYTE(16#31)>>). + +%%      TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384     = {0xC0,0x32}; +-define(TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, <<?BYTE(16#C0), ?BYTE(16#32)>>). + +%%% Chacha20/Poly1305 Suites draft-agl-tls-chacha20poly1305-04 + +%%      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   = {0xcc, 0x13} +-define(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, <<?BYTE(16#CC), ?BYTE(16#13)>>). + +%%      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = {0xcc, 0x14} +-define(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, <<?BYTE(16#CC), ?BYTE(16#14)>>). + +%%      TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256     = {0xcc, 0x15} +-define(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, <<?BYTE(16#CC), ?BYTE(16#15)>>). +  -endif. % -ifdef(ssl_cipher). diff --git a/lib/ssl/src/ssl_config.erl b/lib/ssl/src/ssl_config.erl index 545b8aa0f6..0652d029c3 100644 --- a/lib/ssl/src/ssl_config.erl +++ b/lib/ssl/src/ssl_config.erl @@ -1,18 +1,19 @@  %%  %% %CopyrightBegin%  %% -%% Copyright Ericsson AB 2007-2013. All Rights Reserved. +%% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -31,13 +32,13 @@ init(SslOpts, Role) ->      init_manager_name(SslOpts#ssl_options.erl_dist), -    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, OwnCert}  +    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, CRLDbHandle, OwnCert}   	= init_certificates(SslOpts, Role),      PrivateKey =  	init_private_key(PemCacheHandle, SslOpts#ssl_options.key, SslOpts#ssl_options.keyfile,  			 SslOpts#ssl_options.password, Role),      DHParams = init_diffie_hellman(PemCacheHandle, SslOpts#ssl_options.dh, SslOpts#ssl_options.dhfile, Role), -    {ok, CertDbRef, CertDbHandle, FileRefHandle, CacheHandle, OwnCert, PrivateKey, DHParams}. +    {ok, CertDbRef, CertDbHandle, FileRefHandle, CacheHandle, CRLDbHandle, OwnCert, PrivateKey, DHParams}.  init_manager_name(false) ->      put(ssl_manager, ssl_manager:manager_name(normal)); @@ -46,9 +47,11 @@ init_manager_name(true) ->  init_certificates(#ssl_options{cacerts = CaCerts,  			       cacertfile = CACertFile, -			       certfile = CertFile, -			       cert = Cert}, Role) -> -    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle} = +			       certfile = CertFile,			    +			       cert = Cert, +			       crl_cache = CRLCache +			      }, Role) -> +    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, CRLDbInfo} =  	try   	    Certs = case CaCerts of  			undefined -> @@ -56,39 +59,40 @@ init_certificates(#ssl_options{cacerts = CaCerts,  			_ ->  			    {der, CaCerts}  		    end, -	    {ok, _, _, _, _, _} = ssl_manager:connection_init(Certs, Role) +	    {ok, _, _, _, _, _, _} = ssl_manager:connection_init(Certs, Role, CRLCache)  	catch  	    _:Reason ->  		file_error(CACertFile, {cacertfile, Reason})  	end,      init_certificates(Cert, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle,  -		      CacheHandle, CertFile, Role). +		      CacheHandle, CRLDbInfo, CertFile, Role). -init_certificates(undefined, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, <<>>, _) -> -    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, undefined}; +init_certificates(undefined, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle,  +		  CRLDbInfo, <<>>, _) -> +    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, CRLDbInfo, undefined};  init_certificates(undefined, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle,  -		  CacheHandle, CertFile, client) -> +		  CacheHandle, CRLDbInfo, CertFile, client) ->      try   	%% Ignoring potential proxy-certificates see:   	%% http://dev.globus.org/wiki/Security/ProxyFileFormat  	[OwnCert|_] = ssl_certificate:file_to_certificats(CertFile, PemCacheHandle), -	{ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, OwnCert} +	{ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, CRLDbInfo, OwnCert}      catch _Error:_Reason  -> -	    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, undefined} +	    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheHandle, CRLDbInfo, undefined}      end;  init_certificates(undefined, CertDbRef, CertDbHandle, FileRefHandle,  -		  PemCacheHandle, CacheRef, CertFile, server) -> +		  PemCacheHandle, CacheRef, CRLDbInfo, CertFile, server) ->      try  	[OwnCert|_] = ssl_certificate:file_to_certificats(CertFile, PemCacheHandle), -	{ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheRef, OwnCert} +	{ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheRef, CRLDbInfo, OwnCert}      catch  	_:Reason ->  	    file_error(CertFile, {certfile, Reason})	          end; -init_certificates(Cert, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheRef, _, _) -> -    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheRef, Cert}. +init_certificates(Cert, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheRef, CRLDbInfo, _, _) -> +    {ok, CertDbRef, CertDbHandle, FileRefHandle, PemCacheHandle, CacheRef, CRLDbInfo, Cert}.  init_private_key(_, undefined, <<>>, _Password, _Client) ->      undefined; diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index b6059eac58..f8afbdb41d 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1,18 +1,19 @@  %%  %% %CopyrightBegin%  %% -%% Copyright Ericsson AB 2013-2014. All Rights Reserved. +%% Copyright Ericsson AB 2013-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -40,12 +41,13 @@  	 socket_control/4, socket_control/5]).  %% User Events  --export([send/2, recv/3, close/1, shutdown/2, -	 new_user/2, get_opts/2, set_opts/2, info/1, session_info/1,  -	 peer_certificate/1, renegotiation/1, negotiated_next_protocol/1, prf/5	 +-export([send/2, recv/3, close/2, shutdown/2, +	 new_user/2, get_opts/2, set_opts/2, session_info/1,  +	 peer_certificate/1, renegotiation/1, negotiated_protocol/1, prf/5, +	 connection_information/1  	]). --export([handle_session/6]). +-export([handle_session/7]).  %% SSL FSM state functions   -export([hello/3, abbreviated/3, certify/3, cipher/3, connection/3]). @@ -161,18 +163,27 @@ recv(Pid, Length, Timeout) ->      sync_send_all_state_event(Pid, {recv, Length, Timeout}).  %%-------------------------------------------------------------------- --spec close(pid()) -> ok | {error, reason()}.   +-spec connection_information(pid()) -> {ok, list()} | {error, reason()}. +%% +%% Description: Get the SNI hostname +%%-------------------------------------------------------------------- +connection_information(Pid) when is_pid(Pid) -> +    sync_send_all_state_event(Pid, connection_information). + +%%-------------------------------------------------------------------- +-spec close(pid(), {close, Timeout::integer() |  +				    {NewController::pid(), Timeout::integer()}}) ->  +		   ok | {ok, port()} | {error, reason()}.    %%  %% Description:  Close an ssl connection  %%-------------------------------------------------------------------- -close(ConnectionPid) -> -    case sync_send_all_state_event(ConnectionPid, close) of +close(ConnectionPid, How) -> +    case sync_send_all_state_event(ConnectionPid, How) of  	{error, closed} ->  	    ok;  	Other ->  	    Other      end. -  %%--------------------------------------------------------------------  -spec shutdown(pid(), atom()) -> ok | {error, reason()}.    %% @@ -191,12 +202,12 @@ new_user(ConnectionPid, User) ->      sync_send_all_state_event(ConnectionPid, {new_user, User}).  %%-------------------------------------------------------------------- --spec negotiated_next_protocol(pid()) -> {ok, binary()} | {error, reason()}. +-spec negotiated_protocol(pid()) -> {ok, binary()} | {error, reason()}.  %%  %% Description:  Returns the negotiated protocol  %%-------------------------------------------------------------------- -negotiated_next_protocol(ConnectionPid) -> -    sync_send_all_state_event(ConnectionPid, negotiated_next_protocol). +negotiated_protocol(ConnectionPid) -> +    sync_send_all_state_event(ConnectionPid, negotiated_protocol).  %%--------------------------------------------------------------------  -spec get_opts(pid(), list()) -> {ok, list()} | {error, reason()}.     @@ -214,14 +225,6 @@ set_opts(ConnectionPid, Options) ->      sync_send_all_state_event(ConnectionPid, {set_opts, Options}).  %%-------------------------------------------------------------------- --spec info(pid()) ->  {ok, {atom(), tuple()}} | {error, reason()}.  -%% -%% Description:  Returns ssl protocol and cipher used for the connection -%%-------------------------------------------------------------------- -info(ConnectionPid) -> -    sync_send_all_state_event(ConnectionPid, info).  - -%%--------------------------------------------------------------------  -spec session_info(pid()) -> {ok, list()} | {error, reason()}.   %%  %% Description:  Returns info about the ssl session @@ -258,27 +261,26 @@ prf(ConnectionPid, Secret, Label, Seed, WantedLength) ->  handle_session(#server_hello{cipher_suite = CipherSuite,  			     compression_method = Compression},  -	       Version, NewId, ConnectionStates, NextProtocol,  +	       Version, NewId, ConnectionStates, ProtoExt, Protocol0,  	       #state{session = #session{session_id = OldId}, -		      negotiated_version = ReqVersion} = State0) -> +		      negotiated_version = ReqVersion, +			  negotiated_protocol = CurrentProtocol} = State0) ->      {KeyAlgorithm, _, _, _} =  	ssl_cipher:suite_definition(CipherSuite),      PremasterSecret = make_premaster_secret(ReqVersion, KeyAlgorithm), -     -    NewNextProtocol = case NextProtocol of -			  undefined -> -			      State0#state.next_protocol; -			  _ -> -			      NextProtocol -		      end, -     + +	{ExpectNPN, Protocol} = case Protocol0 of +		undefined -> {false, CurrentProtocol}; +		_ -> {ProtoExt =:= npn, Protocol0} +	end, +      State = State0#state{key_algorithm = KeyAlgorithm,  				 negotiated_version = Version,  			 connection_states = ConnectionStates,  			 premaster_secret = PremasterSecret, -			 expecting_next_protocol_negotiation = NextProtocol =/= undefined, -			 next_protocol = NewNextProtocol}, +			 expecting_next_protocol_negotiation = ExpectNPN, +			 negotiated_protocol = Protocol},      case ssl_session:is_new(OldId, NewId) of  	true -> @@ -371,7 +373,7 @@ abbreviated(#finished{verify_data = Data} = Finished,  abbreviated(#next_protocol{selected_protocol = SelectedProtocol},  	    #state{role = server, expecting_next_protocol_negotiation = true} = State0,  	    Connection) -> -    {Record, State} = Connection:next_record(State0#state{next_protocol = SelectedProtocol}), +    {Record, State} = Connection:next_record(State0#state{negotiated_protocol = SelectedProtocol}),      Connection:next_state(abbreviated, abbreviated, Record, State#state{expecting_next_protocol_negotiation = false});  abbreviated(timeout, State, _) -> @@ -411,11 +413,15 @@ certify(#certificate{} = Cert,  	       role = Role,  	       cert_db = CertDbHandle,  	       cert_db_ref = CertDbRef, +	       crl_db = CRLDbInfo,  	       ssl_options = Opts} = State, Connection) -> -    case ssl_handshake:certify(Cert, CertDbHandle, CertDbRef, Opts#ssl_options.depth, +    case ssl_handshake:certify(Cert, CertDbHandle, CertDbRef,  +			       Opts#ssl_options.depth,  			       Opts#ssl_options.verify,  			       Opts#ssl_options.verify_fun,  			       Opts#ssl_options.partial_chain, +			       Opts#ssl_options.crl_check, +			       CRLDbInfo,		         			       Role) of          {PeerCert, PublicKeyInfo} ->  	    handle_peer_cert(Role, PeerCert, PublicKeyInfo, @@ -589,7 +595,7 @@ cipher(#certificate_verify{signature = Signature, hashsign_algorithm = CertHashS  %% client must send a next protocol message if we are expecting it  cipher(#finished{}, #state{role = server, expecting_next_protocol_negotiation = true, -			   next_protocol = undefined, negotiated_version = Version} = State0, +			   negotiated_protocol = undefined, negotiated_version = Version} = State0,         Connection) ->      Connection:handle_own_alert(?ALERT_REC(?FATAL,?UNEXPECTED_MESSAGE), Version, cipher, State0); @@ -619,7 +625,7 @@ cipher(#finished{verify_data = Data} = Finished,  cipher(#next_protocol{selected_protocol = SelectedProtocol},         #state{role = server, expecting_next_protocol_negotiation = true,  	      expecting_finished = true} = State0, Connection) -> -    {Record, State} = Connection:next_record(State0#state{next_protocol = SelectedProtocol}), +    {Record, State} = Connection:next_record(State0#state{negotiated_protocol = SelectedProtocol}),      Connection:next_state(cipher, cipher, Record, State#state{expecting_next_protocol_negotiation = false});  cipher(timeout, State, _) -> @@ -701,12 +707,12 @@ handle_sync_event({start, Timeout}, StartFrom, StateName,  #state{role = Role, s  	    {stop, normal, {error, Error}, State0}      end;	 -handle_sync_event(close, _, StateName, #state{protocol_cb = Connection} = State) -> -    %% Run terminate before returning -    %% so that the reuseaddr inet-option will work -    %% as intended. -    (catch Connection:terminate(user_close, StateName, State)), -    {stop, normal, ok, State#state{terminated = true}}; +handle_sync_event({close, _} = Close, _, StateName, #state{protocol_cb = Connection} = State) -> +    %% Run terminate before returning so that the reuseaddr +    %% inet-option and possible downgrade will work as intended. +    Result = Connection:terminate(Close, StateName, State), +    {stop, normal, Result, State#state{terminated = true}}; +  handle_sync_event({shutdown, How0}, _, StateName,  		  #state{transport_cb = Transport,  			 negotiated_version = Version, @@ -755,10 +761,10 @@ handle_sync_event({get_opts, OptTags}, _From, StateName,  			 socket_options = SockOpts} = State) ->      OptsReply = get_socket_opts(Transport, Socket, OptTags, SockOpts, []),      {reply, OptsReply, StateName, State, get_timeout(State)}; -handle_sync_event(negotiated_next_protocol, _From, StateName, #state{next_protocol = undefined} = State) -> -    {reply, {error, next_protocol_not_negotiated}, StateName, State, get_timeout(State)}; -handle_sync_event(negotiated_next_protocol, _From, StateName, #state{next_protocol = NextProtocol} = State) -> -    {reply, {ok, NextProtocol}, StateName, State, get_timeout(State)}; +handle_sync_event(negotiated_protocol, _From, StateName, #state{negotiated_protocol = undefined} = State) -> +    {reply, {error, protocol_not_negotiated}, StateName, State, get_timeout(State)}; +handle_sync_event(negotiated_protocol, _From, StateName, #state{negotiated_protocol = SelectedProtocol} = State) -> +    {reply, {ok, SelectedProtocol}, StateName, State, get_timeout(State)};  handle_sync_event({set_opts, Opts0}, _From, StateName0,   		  #state{socket_options = Opts1,   			 protocol_cb = Connection, @@ -826,13 +832,6 @@ handle_sync_event({prf, Secret, Label, Seed, WantedLength}, _, StateName,  		error:Reason -> {error, Reason}  	    end,      {reply, Reply, StateName, State, get_timeout(State)}; -handle_sync_event(info, _, StateName,  -		  #state{negotiated_version = Version, -			 session = #session{cipher_suite = Suite}} = State) -> -     -    AtomVersion = tls_record:protocol_version(Version), -    {reply, {ok, {AtomVersion, ssl:suite_definition(Suite)}}, -     StateName, State, get_timeout(State)};  handle_sync_event(session_info, _, StateName,   		  #state{session = #session{session_id = Id,  					    cipher_suite = Suite}} = State) -> @@ -842,7 +841,10 @@ handle_sync_event(session_info, _, StateName,  handle_sync_event(peer_certificate, _, StateName,   		  #state{session = #session{peer_certificate = Cert}}   		  = State) -> -    {reply, {ok, Cert}, StateName, State, get_timeout(State)}. +    {reply, {ok, Cert}, StateName, State, get_timeout(State)}; +handle_sync_event(connection_information, _, StateName, #state{sni_hostname = SNIHostname, session = #session{cipher_suite = CipherSuite}, negotiated_version = Version} = State) -> +    {reply, {ok, [{protocol, tls_record:protocol_version(Version)}, {cipher_suite, ssl:suite_definition(CipherSuite)}, {sni_hostname, SNIHostname}]}, StateName, State, get_timeout(State)}. +  handle_info({ErrorTag, Socket, econnaborted}, StateName,    	    #state{socket = Socket, transport_cb = Transport, @@ -900,41 +902,46 @@ terminate(_, _, #state{terminated = true}) ->      %% we want to guarantee that Transport:close has been called      %% when ssl:close/1 returns.      ok; -terminate({shutdown, transport_closed}, StateName, #state{send_queue = SendQueue, -							  renegotiation = Renegotiate} = State) -> -    handle_unrecv_data(StateName, State), +terminate({shutdown, transport_closed} = Reason,  +	  _StateName, #state{send_queue = SendQueue, protocol_cb = Connection, +			     socket = Socket, transport_cb = Transport, +			     renegotiation = Renegotiate} = State) ->      handle_trusted_certs_db(State),      notify_senders(SendQueue), -    notify_renegotiater(Renegotiate); - -terminate({shutdown, own_alert}, _StateName, #state{send_queue = SendQueue, -				      renegotiation = Renegotiate} = State) -> +    notify_renegotiater(Renegotiate), +    Connection:close(Reason, Socket, Transport, undefined, undefined); +terminate({shutdown, own_alert}, _StateName, #state{send_queue = SendQueue, protocol_cb = Connection, +						    socket = Socket, transport_cb = Transport, +						    renegotiation = Renegotiate} = State) ->      handle_trusted_certs_db(State),      notify_senders(SendQueue), -    notify_renegotiater(Renegotiate); +    notify_renegotiater(Renegotiate), +    case application:get_env(ssl, alert_timeout) of +	{ok, Timeout} when is_integer(Timeout) -> +	    Connection:close({timeout, Timeout}, Socket, Transport, undefined, undefined); +	_ -> +	    Connection:close({timeout, ?DEFAULT_TIMEOUT}, Socket, Transport, undefined, undefined) +    end;  terminate(Reason, connection, #state{negotiated_version = Version,  				     protocol_cb = Connection, -				     connection_states = ConnectionStates,  +				     connection_states = ConnectionStates0,  +				     ssl_options = #ssl_options{padding_check = Check},  				     transport_cb = Transport, socket = Socket,   				     send_queue = SendQueue, renegotiation = Renegotiate} = State) ->      handle_trusted_certs_db(State),      notify_senders(SendQueue),      notify_renegotiater(Renegotiate), -    BinAlert = terminate_alert(Reason, Version, ConnectionStates), +    {BinAlert, ConnectionStates} = terminate_alert(Reason, Version, ConnectionStates0),      Transport:send(Socket, BinAlert), -    case Connection of -	tls_connection -> -	    tls_connection:workaround_transport_delivery_problems(Socket, Transport); -	_ -> -	    ok -    end; -terminate(_Reason, _StateName, #state{transport_cb = Transport, +    Connection:close(Reason, Socket, Transport, ConnectionStates, Check); + +terminate(Reason, _StateName, #state{transport_cb = Transport, protocol_cb = Connection,  				      socket = Socket, send_queue = SendQueue,  				      renegotiation = Renegotiate} = State) ->      handle_trusted_certs_db(State),      notify_senders(SendQueue),      notify_renegotiater(Renegotiate), -    Transport:close(Socket). +    Connection:close(Reason, Socket, Transport, undefined, undefined).  format_status(normal, [_, State]) ->      [{data, [{"StateData", State}]}];   @@ -964,7 +971,7 @@ format_status(terminate, [_, State]) ->  %%% Internal functions  %%--------------------------------------------------------------------  ssl_config(Opts, Role, State) -> -    {ok, Ref, CertDbHandle, FileRefHandle, CacheHandle, OwnCert, Key, DHParams} =  +    {ok, Ref, CertDbHandle, FileRefHandle, CacheHandle, CRLDbInfo, OwnCert, Key, DHParams} =   	ssl_config:init(Opts, Role),       Handshake = ssl_handshake:init_handshake_history(),      TimeStamp = calendar:datetime_to_gregorian_seconds({date(), time()}), @@ -975,6 +982,7 @@ ssl_config(Opts, Role, State) ->  		file_ref_db = FileRefHandle,  		cert_db_ref = Ref,  		cert_db = CertDbHandle, +		crl_db = CRLDbInfo,  		session_cache = CacheHandle,  		private_key = Key,  		diffie_hellman_params = DHParams, @@ -1479,11 +1487,11 @@ finalize_handshake(State0, StateName, Connection) ->  next_protocol(#state{role = server} = State, _) ->      State; -next_protocol(#state{next_protocol = undefined} = State, _) -> +next_protocol(#state{negotiated_protocol = undefined} = State, _) ->      State;  next_protocol(#state{expecting_next_protocol_negotiation = false} = State, _) ->      State; -next_protocol(#state{next_protocol = NextProtocol} = State0, Connection) -> +next_protocol(#state{negotiated_protocol = NextProtocol} = State0, Connection) ->      NextProtocolMessage = ssl_handshake:next_protocol(NextProtocol),      Connection:send_handshake(NextProtocolMessage, State0). @@ -1756,30 +1764,17 @@ get_timeout(#state{ssl_options=#ssl_options{hibernate_after = undefined}}) ->  get_timeout(#state{ssl_options=#ssl_options{hibernate_after = HibernateAfter}}) ->      HibernateAfter. -terminate_alert(Reason, Version, ConnectionStates) when Reason == normal; -							Reason == user_close -> -    {BinAlert, _} = ssl_alert:encode(?ALERT_REC(?WARNING, ?CLOSE_NOTIFY), -				 Version, ConnectionStates), -    BinAlert; -terminate_alert({shutdown, _}, Version, ConnectionStates) -> -    {BinAlert, _} = ssl_alert:encode(?ALERT_REC(?WARNING, ?CLOSE_NOTIFY), -				 Version, ConnectionStates), -    BinAlert; +terminate_alert(normal, Version, ConnectionStates)  -> +    ssl_alert:encode(?ALERT_REC(?WARNING, ?CLOSE_NOTIFY), +		     Version, ConnectionStates); +terminate_alert({Reason, _}, Version, ConnectionStates) when Reason == close; +							     Reason == shutdown -> +    ssl_alert:encode(?ALERT_REC(?WARNING, ?CLOSE_NOTIFY), +		     Version, ConnectionStates);  terminate_alert(_, Version, ConnectionStates) -> -    {BinAlert, _} = ssl_alert:encode(?ALERT_REC(?FATAL, ?INTERNAL_ERROR), -				 Version, ConnectionStates), -    BinAlert. - -handle_unrecv_data(StateName, #state{socket = Socket, transport_cb = Transport, -				     protocol_cb = Connection} = State) -> -    ssl_socket:setopts(Transport, Socket, [{active, false}]), -    case Transport:recv(Socket, 0, 0) of -	{error, closed} -> -	    ok; -	{ok, Data} -> -	    Connection:handle_close_alert(Data, StateName, State) -    end. +    ssl_alert:encode(?ALERT_REC(?FATAL, ?INTERNAL_ERROR), +		     Version, ConnectionStates).  handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>, cacerts = []}}) ->      %% No trusted certs specified diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl index b9a1ef3a84..9a58f2b8f7 100644 --- a/lib/ssl/src/ssl_connection.hrl +++ b/lib/ssl/src/ssl_connection.hrl @@ -1,19 +1,19 @@ -  %%  %% %CopyrightBegin%  %% -%% Copyright Ericsson AB 2013-2014. All Rights Reserved. +%% Copyright Ericsson AB 2013-2015. All Rights Reserved. +%% +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%%     http://www.apache.org/licenses/LICENSE-2.0  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -53,6 +53,7 @@            session               :: #session{} | secret_printout(),  	  session_cache         :: db_handle(),  	  session_cache_cb      :: atom(), +	  crl_db                :: term(),             negotiated_version    :: ssl_record:ssl_version(),            client_certificate_requested = false :: boolean(),  	  key_algorithm         :: ssl_cipher:key_algo(), @@ -78,9 +79,10 @@  	  allow_renegotiate = true                    ::boolean(),            expecting_next_protocol_negotiation = false ::boolean(),  	  expecting_finished =                  false ::boolean(), -          next_protocol = undefined                   :: undefined | binary(), +          negotiated_protocol = undefined             :: undefined | binary(),  	  client_ecc,          % {Curves, PointFmt} -	  tracker              :: pid() %% Tracker process for listen socket +	  tracker              :: pid(), %% Tracker process for listen socket +	  sni_hostname = undefined  	 }).  -define(DEFAULT_DIFFIE_HELLMAN_PARAMS, diff --git a/lib/ssl/src/ssl_crl.erl b/lib/ssl/src/ssl_crl.erl new file mode 100644 index 0000000000..faf5007b16 --- /dev/null +++ b/lib/ssl/src/ssl_crl.erl @@ -0,0 +1,81 @@ +%% +%% %CopyrightBegin% +%% +%% Copyright Ericsson AB 2015-2015. All Rights Reserved. +%% +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License. +%% +%% %CopyrightEnd% + +%---------------------------------------------------------------------- +%% Purpose: CRL handling  +%%---------------------------------------------------------------------- + +-module(ssl_crl). + +-include("ssl_alert.hrl"). +-include("ssl_internal.hrl"). +-include_lib("public_key/include/public_key.hrl").  + +-export([trusted_cert_and_path/3]). + +trusted_cert_and_path(CRL, {SerialNumber, Issuer},{Db, DbRef} = DbHandle) ->  +    case ssl_pkix_db:lookup_trusted_cert(Db, DbRef, SerialNumber, Issuer) of +	undefined -> +	    trusted_cert_and_path(CRL, issuer_not_found, DbHandle); +	{ok, {_, OtpCert}}  -> +	    {ok, Root, Chain} = ssl_certificate:certificate_chain(OtpCert, Db, DbRef), +	    {ok, Root,  lists:reverse(Chain)} +    end; + +trusted_cert_and_path(CRL, issuer_not_found, {Db, DbRef} = DbHandle) ->  +    try find_issuer(CRL, DbHandle) of +	OtpCert -> +	    {ok, Root, Chain} = ssl_certificate:certificate_chain(OtpCert, Db, DbRef), +	    {ok, Root, lists:reverse(Chain)} +    catch +	throw:_ -> +	    {error, issuer_not_found} +    end. + +find_issuer(CRL, {Db,_}) -> +    Issuer = public_key:pkix_normalize_name(public_key:pkix_crl_issuer(CRL)), +    IsIssuerFun = +	fun({_Key, {_Der,ErlCertCandidate}}, Acc) -> +		verify_crl_issuer(CRL, ErlCertCandidate, Issuer, Acc); +	   (_, Acc) -> +		Acc +	end, +     +    try ssl_pkix_db:foldl(IsIssuerFun, issuer_not_found, Db) of +	issuer_not_found -> +	    {error, issuer_not_found} +    catch  +	{ok, IssuerCert}  -> +	    IssuerCert +    end. + + +verify_crl_issuer(CRL, ErlCertCandidate, Issuer, NotIssuer) -> +    TBSCert =  ErlCertCandidate#'OTPCertificate'.tbsCertificate, +    case public_key:pkix_normalize_name(TBSCert#'OTPTBSCertificate'.subject) of +	Issuer -> +	    case public_key:pkix_crl_verify(CRL, ErlCertCandidate) of +		true -> +		    throw({ok, ErlCertCandidate}); +		false -> +		    NotIssuer +	    end; +	_ -> +	    NotIssuer +    end. diff --git a/lib/ssl/src/ssl_crl_cache.erl b/lib/ssl/src/ssl_crl_cache.erl new file mode 100644 index 0000000000..60e7427737 --- /dev/null +++ b/lib/ssl/src/ssl_crl_cache.erl @@ -0,0 +1,180 @@ +%% +%% %CopyrightBegin% +%% +%% Copyright Ericsson AB 2015-2015. All Rights Reserved. +%% +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License. +%% +%% %CopyrightEnd% + +%---------------------------------------------------------------------- +%% Purpose: Simple default CRL cache  +%%---------------------------------------------------------------------- + +-module(ssl_crl_cache). + +-include("ssl_internal.hrl"). +-include_lib("public_key/include/public_key.hrl").  + +-behaviour(ssl_crl_cache_api). + +-export([lookup/2, select/2, fresh_crl/2]). +-export([insert/1, insert/2, delete/1]). + +%%==================================================================== +%% Cache callback API +%%==================================================================== + +lookup(#'DistributionPoint'{distributionPoint = {fullName, Names}}, +       CRLDbInfo) -> +    get_crls(Names, CRLDbInfo); +lookup(_,_) -> +    not_available. + +select(Issuer, {{_Cache, Mapping},_}) -> +    case ssl_pkix_db:lookup(Issuer, Mapping) of +	undefined -> +	    []; +	CRLs -> +	    CRLs +    end. + +fresh_crl(#'DistributionPoint'{distributionPoint = {fullName, Names}}, CRL) -> +    case get_crls(Names, undefined) of +	not_available -> +	    CRL; +	[NewCRL] -> +	    NewCRL +    end. + +%%==================================================================== +%% API  +%%==================================================================== + +insert(CRLs) -> +    insert(?NO_DIST_POINT, CRLs). + +insert(URI, {file, File}) when is_list(URI) ->				      +    case file:read_file(File) of +	{ok, PemBin} -> +	    PemEntries = public_key:pem_decode(PemBin), +	    CRLs = [ CRL || {'CertificateList', CRL, not_encrypted}  +				<- PemEntries], +	    do_insert(URI, CRLs); +	Error -> +	    Error +    end; +insert(URI, {der, CRLs}) ->	 +    do_insert(URI, CRLs). + +delete({file, File}) -> +    case file:read_file(File) of +	{ok, PemBin} -> +	    PemEntries = public_key:pem_decode(PemBin), +	    CRLs = [ CRL || {'CertificateList', CRL, not_encrypted}  +				<- PemEntries], +	    ssl_manager:delete_crls({?NO_DIST_POINT, CRLs}); +	Error -> +	    Error +    end; +delete({der, CRLs}) ->	 +    ssl_manager:delete_crls({?NO_DIST_POINT, CRLs}); + +delete(URI) -> +    case http_uri:parse(URI) of +	{ok, {http, _, _ , _, Path,_}} ->  +	    ssl_manager:delete_crls(string:strip(Path, left, $/)); +	_ -> +	    {error, {only_http_distribution_points_supported, URI}} +    end. + +%%-------------------------------------------------------------------- +%%% Internal functions +%%-------------------------------------------------------------------- +do_insert(URI, CRLs) -> +    case http_uri:parse(URI) of +	{ok, {http, _, _ , _, Path,_}} ->  +	    ssl_manager:insert_crls(string:strip(Path, left, $/), CRLs); +	_ -> +	    {error, {only_http_distribution_points_supported, URI}} +    end. + +get_crls([], _) -> +    not_available; +get_crls([{uniformResourceIdentifier, "http"++_ = URL} | Rest],  +	 CRLDbInfo) -> +    case cache_lookup(URL, CRLDbInfo) of +	[] -> +	   handle_http(URL, Rest, CRLDbInfo); +	CRLs -> +	    CRLs +    end; +get_crls([ _| Rest], CRLDbInfo) -> +    %% unsupported CRL location +    get_crls(Rest, CRLDbInfo). + +http_lookup(URL, Rest, CRLDbInfo, Timeout) -> +    case application:ensure_started(inets) of +	ok -> +	    http_get(URL, Rest, CRLDbInfo, Timeout);   +	_ -> +	    get_crls(Rest, CRLDbInfo) +    end. + +http_get(URL, Rest, CRLDbInfo, Timeout) -> +    case httpc:request(get, {URL, [{"connection", "close"}]},  +		       [{timeout, Timeout}], [{body_format, binary}]) of +        {ok, {_Status, _Headers, Body}} -> +            case Body of +                <<"-----BEGIN", _/binary>> -> +                    Pem = public_key:pem_decode(Body), +		    lists:filtermap(fun({'CertificateList',  +					 CRL, not_encrypted}) -> +					    {true, CRL}; +				       (_) -> +					    false +				    end, Pem); +		_ -> +		    try public_key:der_decode('CertificateList', Body) of +			_ -> +			    [Body] +		    catch +			_:_ -> +			    get_crls(Rest, CRLDbInfo) +		    end    +	    end; +        {error, _Reason} -> +            get_crls(Rest, CRLDbInfo) +    end. + +cache_lookup(_, undefined) -> +    []; +cache_lookup(URL, {{Cache, _}, _}) -> +    {ok, {_, _, _ , _, Path,_}} = http_uri:parse(URL),  +    case ssl_pkix_db:lookup(string:strip(Path, left, $/), Cache) of +	undefined -> +	    []; +	CRLs -> +	    CRLs +    end. + +handle_http(URI, Rest, {_,  [{http, Timeout}]} = CRLDbInfo) -> +    CRLs = http_lookup(URI, Rest, CRLDbInfo, Timeout), +    %% Uncomment to improve performance, but need to  +    %% implement cache limit and or cleaning to prevent  +    %% DoS attack possibilities +    %%insert(URI, {der, CRLs}), +    CRLs; +handle_http(_, Rest, CRLDbInfo) -> +    get_crls(Rest, CRLDbInfo). + diff --git a/lib/ssl/src/ssl_crl_cache_api.erl b/lib/ssl/src/ssl_crl_cache_api.erl new file mode 100644 index 0000000000..d7b31f280e --- /dev/null +++ b/lib/ssl/src/ssl_crl_cache_api.erl @@ -0,0 +1,31 @@ +%% +%% %CopyrightBegin% +%% +%% Copyright Ericsson AB 2015-2015. All Rights Reserved. +%% +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License. +%% +%% %CopyrightEnd% +%% + +%% + +-module(ssl_crl_cache_api). + +-include_lib("public_key/include/public_key.hrl").  + +-type db_handle() :: term().  + +-callback lookup(#'DistributionPoint'{}, db_handle()) -> not_available | [public_key:der_encoded()]. +-callback select(term(), db_handle()) ->  [public_key:der_encoded()]. +-callback fresh_crl(#'DistributionPoint'{}, public_key:der_encoded()) -> public_key:der_encoded(). diff --git a/lib/ssl/src/ssl_dist_sup.erl b/lib/ssl/src/ssl_dist_sup.erl index 0c7fc77db7..435ad27a44 100644 --- a/lib/ssl/src/ssl_dist_sup.erl +++ b/lib/ssl/src/ssl_dist_sup.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2011-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl index 29b64f7a81..e9e140836b 100644 --- a/lib/ssl/src/ssl_handshake.erl +++ b/lib/ssl/src/ssl_handshake.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd% @@ -49,7 +50,7 @@  	 finished/5,  next_protocol/1]).  %% Handle handshake messages --export([certify/8, client_certificate_verify/6, certificate_verify/6, verify_signature/5, +-export([certify/10, client_certificate_verify/6, certificate_verify/6, verify_signature/5,  	 master_secret/5, server_key_exchange_hash/2, verify_connection/6,  	 init_handshake_history/0, update_handshake_history/2, verify_server_key/5  	]). @@ -136,6 +137,7 @@ client_hello_extensions(Host, Version, CipherSuites, SslOpts, ConnectionStates,         hash_signs = advertised_hash_signs(Version),         ec_point_formats = EcPointFormats,         elliptic_curves = EllipticCurves, +       alpn = encode_alpn(SslOpts#ssl_options.alpn_advertised_protocols, Renegotiation),         next_protocol_negotiation =  	   encode_client_protocol_negotiation(SslOpts#ssl_options.next_protocol_selector,  					      Renegotiation), @@ -149,7 +151,7 @@ client_hello_extensions(Host, Version, CipherSuites, SslOpts, ConnectionStates,  certificate(OwnCert, CertDbHandle, CertDbRef, client) ->      Chain =  	case ssl_certificate:certificate_chain(OwnCert, CertDbHandle, CertDbRef) of -	    {ok, CertChain} -> +	    {ok, _,  CertChain} ->  		CertChain;  	    {error, _} ->  		%% If no suitable certificate is available, the client @@ -161,7 +163,7 @@ certificate(OwnCert, CertDbHandle, CertDbRef, client) ->  certificate(OwnCert, CertDbHandle, CertDbRef, server) ->      case ssl_certificate:certificate_chain(OwnCert, CertDbHandle, CertDbRef) of -	{ok, Chain} -> +	{ok, _, Chain} ->  	    #certificate{asn1_certificates = Chain};  	{error, _} ->  	    ?ALERT_REC(?FATAL, ?INTERNAL_ERROR) @@ -242,7 +244,7 @@ key_exchange(client, _Version, {dh, PublicKey}) ->  		dh_public = PublicKey}  	       }; -key_exchange(client, _Version, {ecdh, #'ECPrivateKey'{publicKey = {0, ECPublicKey}}}) -> +key_exchange(client, _Version, {ecdh, #'ECPrivateKey'{publicKey =  ECPublicKey}}) ->      #client_key_exchange{  	      exchange_keys = #client_ec_diffie_hellman_public{  		dh_public = ECPublicKey} @@ -283,7 +285,7 @@ key_exchange(server, Version, {dh, {PublicKey, _},      enc_server_key_exchange(Version, ServerDHParams, HashSign,  			    ClientRandom, ServerRandom, PrivateKey); -key_exchange(server, Version, {ecdh,  #'ECPrivateKey'{publicKey =  {0, ECPublicKey}, +key_exchange(server, Version, {ecdh,  #'ECPrivateKey'{publicKey =  ECPublicKey,  						      parameters = ECCurve}, HashSign,  			       ClientRandom, ServerRandom, PrivateKey}) ->      ServerECParams = #server_ecdh_params{curve = ECCurve, public = ECPublicKey}, @@ -383,49 +385,24 @@ verify_signature(_Version, Hash, {HashAlgo, ecdsa}, Signature,  %%--------------------------------------------------------------------  -spec certify(#certificate{}, db_handle(), certdb_ref(), integer() | nolimit, -	      verify_peer | verify_none, {fun(), term}, fun(), +	      verify_peer | verify_none, {fun(), term}, fun(), term(), term(),  	      client | server) ->  {der_cert(), public_key_info()} | #alert{}.  %%  %% Description: Handles a certificate handshake message  %%--------------------------------------------------------------------  certify(#certificate{asn1_certificates = ASN1Certs}, CertDbHandle, CertDbRef, -	MaxPathLen, _Verify, VerifyFunAndState, PartialChain, Role) -> +	MaxPathLen, _Verify, ValidationFunAndState0, PartialChain, CRLCheck, CRLDbHandle, Role) ->      [PeerCert | _] = ASN1Certs, - -    ValidationFunAndState = -	case VerifyFunAndState of -	    undefined -> -		{fun(OtpCert, ExtensionOrVerifyResult, SslState) -> -			 ssl_certificate:validate_extension(OtpCert, -							    ExtensionOrVerifyResult, SslState) -		 end, Role}; -	    {Fun, UserState0} -> -		{fun(OtpCert, {extension, _} = Extension, {SslState, UserState}) -> -			 case ssl_certificate:validate_extension(OtpCert, -								 Extension, -								 SslState) of -			     {valid, NewSslState} -> -				 {valid, {NewSslState, UserState}}; -			     {fail, Reason} -> -				 apply_user_fun(Fun, OtpCert, Reason, UserState, -						SslState); -			     {unknown, _} -> -				 apply_user_fun(Fun, OtpCert, -						Extension, UserState, SslState) -			 end; -		    (OtpCert, VerifyResult, {SslState, UserState}) -> -			 apply_user_fun(Fun, OtpCert, VerifyResult, UserState, -					SslState) -		 end, {Role, UserState0}} -	end, +         +    ValidationFunAndState = validation_fun_and_state(ValidationFunAndState0, Role,  +						     CertDbHandle, CertDbRef,  CRLCheck, CRLDbHandle),      try -	{TrustedErlCert, CertPath}  = +	{TrustedCert, CertPath}  =  	    ssl_certificate:trusted_cert_and_path(ASN1Certs, CertDbHandle, CertDbRef, PartialChain), -	case public_key:pkix_path_validation(TrustedErlCert, -					      CertPath, -					     [{max_path_length, -					       MaxPathLen}, +	case public_key:pkix_path_validation(TrustedCert, +					     CertPath, +					     [{max_path_length, MaxPathLen},  					      {verify_fun, ValidationFunAndState}]) of  	    {ok, {PublicKeyInfo,_}} ->  		{PeerCert, PublicKeyInfo}; @@ -604,11 +581,10 @@ prf({3,_N}, Secret, Label, Seed, WantedLength) ->  %%--------------------------------------------------------------------  select_hashsign(_, undefined, _Version) ->      {null, anon}; -select_hashsign(undefined,  Cert, Version) -> -    #'OTPCertificate'{tbsCertificate = TBSCert} = public_key:pkix_decode_cert(Cert, otp), -    #'OTPSubjectPublicKeyInfo'{algorithm = {_,Algo, _}} = TBSCert#'OTPTBSCertificate'.subjectPublicKeyInfo, -    select_hashsign_algs(undefined, Algo, Version); -select_hashsign(#hash_sign_algos{hash_sign_algos = HashSigns}, Cert, Version) -> +%% The signature_algorithms extension was introduced with TLS 1.2. Ignore it if we have +%% negotiated a lower version. +select_hashsign(#hash_sign_algos{hash_sign_algos = HashSigns}, Cert, {Major, Minor} = Version) +  when Major >= 3 andalso Minor >= 3 ->      #'OTPCertificate'{tbsCertificate = TBSCert} =public_key:pkix_decode_cert(Cert, otp),      #'OTPSubjectPublicKeyInfo'{algorithm = {_,Algo, _}} = TBSCert#'OTPTBSCertificate'.subjectPublicKeyInfo,      DefaultHashSign = {_, Sign} = select_hashsign_algs(undefined, Algo, Version), @@ -626,7 +602,11 @@ select_hashsign(#hash_sign_algos{hash_sign_algos = HashSigns}, Cert, Version) ->  	    DefaultHashSign;  	[HashSign| _] ->  	    HashSign -    end. +    end; +select_hashsign(_, Cert, Version) -> +    #'OTPCertificate'{tbsCertificate = TBSCert} = public_key:pkix_decode_cert(Cert, otp), +    #'OTPSubjectPublicKeyInfo'{algorithm = {_,Algo, _}} = TBSCert#'OTPTBSCertificate'.subjectPublicKeyInfo, +    select_hashsign_algs(undefined, Algo, Version).  %%--------------------------------------------------------------------  -spec select_hashsign_algs(#hash_sign_algos{}| undefined, oid(), ssl_record:ssl_version()) -> @@ -791,6 +771,11 @@ encode_hello_extensions([], Acc) ->      Size = byte_size(Acc),      <<?UINT16(Size), Acc/binary>>; +encode_hello_extensions([#alpn{extension_data = ExtensionData} | Rest], Acc) -> +	Len = byte_size(ExtensionData), +    ExtLen = Len + 2, +	encode_hello_extensions(Rest, <<?UINT16(?ALPN_EXT), ?UINT16(ExtLen), ?UINT16(Len), +					ExtensionData/binary, Acc/binary>>);  encode_hello_extensions([#next_protocol_negotiation{extension_data = ExtensionData} | Rest], Acc) ->      Len = byte_size(ExtensionData),      encode_hello_extensions(Rest, <<?UINT16(?NEXTPROTONEG_EXT), ?UINT16(Len), @@ -889,6 +874,25 @@ decode_client_key(ClientKey, Type, Version) ->  decode_server_key(ServerKey, Type, Version) ->      dec_server_key(ServerKey, key_exchange_alg(Type), Version). +%% +%% Description: Encode and decode functions for ALPN extension data. +%%-------------------------------------------------------------------- + +%% While the RFC opens the door to allow ALPN during renegotiation, in practice +%% this does not work and it is recommended to ignore any ALPN extension during +%% renegotiation, as done here. +encode_alpn(_, true) -> +    undefined; +encode_alpn(undefined, _) -> +    undefined; +encode_alpn(Protocols, _) -> +    #alpn{extension_data = lists:foldl(fun encode_protocol/2, <<>>, Protocols)}. + +decode_alpn(undefined) -> +    undefined; +decode_alpn(#alpn{extension_data=Data}) -> +    decode_protocols(Data, []). +  encode_client_protocol_negotiation(undefined, _) ->      undefined;  encode_client_protocol_negotiation(_, false) -> @@ -1151,8 +1155,10 @@ handle_client_hello_extensions(RecordCB, Random, ClientCipherSuites,  			       #hello_extensions{renegotiation_info = Info,  						 srp = SRP,  						 ec_point_formats = ECCFormat, +                         alpn = ALPN,  						 next_protocol_negotiation = NextProtocolNegotiation}, Version, -			       #ssl_options{secure_renegotiate = SecureRenegotation} = Opts, +			       #ssl_options{secure_renegotiate = SecureRenegotation, +                                            alpn_preferred_protocols = ALPNPreferredProtocols} = Opts,  			       #session{cipher_suite = NegotiatedCipherSuite,  					compression_method = Compression} = Session0,  			       ConnectionStates0, Renegotiation) -> @@ -1161,19 +1167,34 @@ handle_client_hello_extensions(RecordCB, Random, ClientCipherSuites,  						      Random, NegotiatedCipherSuite,   						      ClientCipherSuites, Compression,  						      ConnectionStates0, Renegotiation, SecureRenegotation), -    ProtocolsToAdvertise = handle_next_protocol_extension(NextProtocolNegotiation, Renegotiation, Opts), -    +      ServerHelloExtensions =  #hello_extensions{  				renegotiation_info = renegotiation_info(RecordCB, server,  									ConnectionStates, Renegotiation), -				ec_point_formats = server_ecc_extension(Version, ECCFormat), -				next_protocol_negotiation = -				    encode_protocols_advertised_on_server(ProtocolsToAdvertise) +				ec_point_formats = server_ecc_extension(Version, ECCFormat)  			       }, -    {Session, ConnectionStates, ServerHelloExtensions}. + +    %% If we receive an ALPN extension and have ALPN configured for this connection, +    %% we handle it. Otherwise we check for the NPN extension. +    if +        ALPN =/= undefined, ALPNPreferredProtocols =/= undefined -> +			case handle_alpn_extension(ALPNPreferredProtocols, decode_alpn(ALPN)) of +                #alert{} = Alert -> +                    Alert; +                Protocol -> +                    {Session, ConnectionStates, Protocol, +                        ServerHelloExtensions#hello_extensions{alpn=encode_alpn([Protocol], Renegotiation)}} +            end; +        true -> +            ProtocolsToAdvertise = handle_next_protocol_extension(NextProtocolNegotiation, Renegotiation, Opts), +            {Session, ConnectionStates, undefined, +				ServerHelloExtensions#hello_extensions{next_protocol_negotiation= +                	encode_protocols_advertised_on_server(ProtocolsToAdvertise)}} +    end.  handle_server_hello_extensions(RecordCB, Random, CipherSuite, Compression,  			       #hello_extensions{renegotiation_info = Info, +                                                 alpn = ALPN,  						 next_protocol_negotiation = NextProtocolNegotiation}, Version,  			       #ssl_options{secure_renegotiate = SecureRenegotation,  					    next_protocol_selector = NextProtoSelector}, @@ -1182,11 +1203,23 @@ handle_server_hello_extensions(RecordCB, Random, CipherSuite, Compression,  						      CipherSuite, undefined,  						      Compression, ConnectionStates0,  						      Renegotiation, SecureRenegotation), -    case handle_next_protocol(NextProtocolNegotiation, NextProtoSelector, Renegotiation) of -	#alert{} = Alert -> -	    Alert; -	Protocol -> -	    {ConnectionStates, Protocol} + +    %% If we receive an ALPN extension then this is the protocol selected, +    %% otherwise handle the NPN extension. +    case decode_alpn(ALPN) of +        %% ServerHello contains exactly one protocol: the one selected. +        %% We also ignore the ALPN extension during renegotiation (see encode_alpn/2). +        [Protocol] when not Renegotiation -> +            {ConnectionStates, alpn, Protocol}; +        undefined -> +            case handle_next_protocol(NextProtocolNegotiation, NextProtoSelector, Renegotiation) of +                #alert{} = Alert -> +                    Alert; +                Protocol -> +                    {ConnectionStates, npn, Protocol} +            end; +        _ -> %% {error, _Reason} or a list of 0/2+ protocols. +            ?ALERT_REC(?FATAL, ?HANDSHAKE_FAILURE)      end.  select_version(RecordCB, ClientVersion, Versions) -> @@ -1294,10 +1327,11 @@ hello_extensions_list(#hello_extensions{renegotiation_info = RenegotiationInfo,  					hash_signs = HashSigns,  					ec_point_formats = EcPointFormats,  					elliptic_curves = EllipticCurves, +                                        alpn = ALPN,  					next_protocol_negotiation = NextProtocolNegotiation,  					sni = Sni}) ->      [Ext || Ext <- [RenegotiationInfo, SRP, HashSigns, -		    EcPointFormats, EllipticCurves, NextProtocolNegotiation, Sni], Ext =/= undefined]. +		    EcPointFormats, EllipticCurves, ALPN, NextProtocolNegotiation, Sni], Ext =/= undefined].  srp_user(#ssl_options{srp_identity = {UserName, _}}) ->      #srp{username = UserName}; @@ -1376,15 +1410,66 @@ sni1(Hostname) ->  %%--------------------------------------------------------------------  %%% Internal functions  %%-------------------------------------------------------------------- +validation_fun_and_state({Fun, UserState0}, Role,  CertDbHandle, CertDbRef, CRLCheck, CRLDbHandle) -> +    {fun(OtpCert, {extension, _} = Extension, {SslState, UserState}) -> +	     case ssl_certificate:validate(OtpCert, +					   Extension, +					   SslState) of +		 {valid, NewSslState} -> +		     {valid, {NewSslState, UserState}}; +		 {fail, Reason} -> +		     apply_user_fun(Fun, OtpCert, Reason, UserState, +				    SslState); +		 {unknown, _} -> +		     apply_user_fun(Fun, OtpCert, +				    Extension, UserState, SslState) +	     end; +	(OtpCert, VerifyResult, {SslState, UserState}) -> +	     apply_user_fun(Fun, OtpCert, VerifyResult, UserState, +			    SslState) +     end, {{Role, CertDbHandle, CertDbRef, CRLCheck, CRLDbHandle}, UserState0}}; +validation_fun_and_state(undefined, Role, CertDbHandle, CertDbRef, CRLCheck, CRLDbHandle) -> +    {fun(OtpCert, {extension, _} = Extension, SslState) -> +	     ssl_certificate:validate(OtpCert, +				      Extension, +				      SslState); +	(OtpCert, VerifyResult, SslState) when (VerifyResult == valid) or (VerifyResult == valid_peer) ->  +	     case crl_check(OtpCert, CRLCheck, CertDbHandle, CertDbRef, CRLDbHandle, VerifyResult) of +		 valid -> +		     {VerifyResult, SslState}; +		 Reason -> +		     {fail, Reason} +	     end; +	(OtpCert, VerifyResult, SslState) -> +	     ssl_certificate:validate(OtpCert, +				      VerifyResult, +				      SslState) +     end, {Role, CertDbHandle, CertDbRef, CRLCheck, CRLDbHandle}}. + +apply_user_fun(Fun, OtpCert, VerifyResult, UserState0,  +	       {_, CertDbHandle, CertDbRef, CRLCheck, CRLDbHandle} = SslState) when +      (VerifyResult == valid) or (VerifyResult == valid_peer) -> +    case Fun(OtpCert, VerifyResult, UserState0) of +	{Valid, UserState} when (Valid == valid) or (Valid == valid_peer) -> +	    case crl_check(OtpCert, CRLCheck, CertDbHandle, CertDbRef, CRLDbHandle, VerifyResult) of +		valid -> +		    {Valid, {SslState, UserState}}; +		Result -> +		    apply_user_fun(Fun, OtpCert, Result, UserState, SslState) +	    end; +	{fail, _} = Fail -> +	    Fail +    end;  apply_user_fun(Fun, OtpCert, ExtensionOrError, UserState0, SslState) ->      case Fun(OtpCert, ExtensionOrError, UserState0) of -	{valid, UserState} -> -	    {valid, {SslState, UserState}}; +	{Valid, UserState} when (Valid == valid) or (Valid == valid_peer)-> +	    {Valid, {SslState, UserState}};  	{fail, _} = Fail ->  	    Fail;  	{unknown, UserState} ->  	    {unknown, {SslState, UserState}}      end. +  path_validation_alert({bad_cert, cert_expired}) ->      ?ALERT_REC(?FATAL, ?CERTIFICATE_EXPIRED);  path_validation_alert({bad_cert, invalid_issuer}) -> @@ -1395,8 +1480,10 @@ path_validation_alert({bad_cert, name_not_permitted}) ->      ?ALERT_REC(?FATAL, ?BAD_CERTIFICATE);  path_validation_alert({bad_cert, unknown_critical_extension}) ->      ?ALERT_REC(?FATAL, ?UNSUPPORTED_CERTIFICATE); -path_validation_alert({bad_cert, cert_revoked}) -> +path_validation_alert({bad_cert, {revoked, _}}) ->      ?ALERT_REC(?FATAL, ?CERTIFICATE_REVOKED); +path_validation_alert({bad_cert, revocation_status_undetermined}) -> +    ?ALERT_REC(?FATAL, ?BAD_CERTIFICATE);  path_validation_alert({bad_cert, selfsigned_peer}) ->      ?ALERT_REC(?FATAL, ?BAD_CERTIFICATE);  path_validation_alert({bad_cert, unknown_ca}) -> @@ -1437,6 +1524,7 @@ calc_finished({3, N}, Role, PrfAlgo, MasterSecret, Handshake) ->  master_secret(_RecordCB, Version, MasterSecret,  	      #security_parameters{ +		 bulk_cipher_algorithm = BCA,  		 client_random = ClientRandom,  		 server_random = ServerRandom,  		 hash_size = HashSize, @@ -1455,8 +1543,8 @@ master_secret(_RecordCB, Version, MasterSecret,  	ssl_record:set_mac_secret(ClientWriteMacSecret, ServerWriteMacSecret,  				  Role, ConnStates1), -    ClientCipherState = #cipher_state{iv = ClientIV, key = ClientWriteKey}, -    ServerCipherState = #cipher_state{iv = ServerIV, key = ServerWriteKey}, +    ClientCipherState = ssl_cipher:cipher_init(BCA, ClientIV, ClientWriteKey), +    ServerCipherState = ssl_cipher:cipher_init(BCA, ServerIV, ServerWriteKey),      {MasterSecret,       ssl_record:set_pending_cipher_state(ConnStates2, ClientCipherState,  					 ServerCipherState, Role)}. @@ -1681,6 +1769,10 @@ dec_server_key_signature(_, _, _) ->  dec_hello_extensions(<<>>, Acc) ->      Acc; +dec_hello_extensions(<<?UINT16(?ALPN_EXT), ?UINT16(ExtLen), ?UINT16(Len), ExtensionData:Len/binary, Rest/binary>>, Acc) +        when Len + 2 =:= ExtLen -> +    ALPN = #alpn{extension_data = ExtensionData}, +    dec_hello_extensions(Rest, Acc#hello_extensions{alpn = ALPN});  dec_hello_extensions(<<?UINT16(?NEXTPROTONEG_EXT), ?UINT16(Len), ExtensionData:Len/binary, Rest/binary>>, Acc) ->      NextP = #next_protocol_negotiation{extension_data = ExtensionData},      dec_hello_extensions(Rest, Acc#hello_extensions{next_protocol_negotiation = NextP}); @@ -1761,18 +1853,19 @@ dec_sni(<<?BYTE(_), ?UINT16(Len), _:Len, Rest/binary>>) -> dec_sni(Rest);  dec_sni(_) -> undefined.  decode_next_protocols({next_protocol_negotiation, Protocols}) -> -    decode_next_protocols(Protocols, []). -decode_next_protocols(<<>>, Acc) -> +    decode_protocols(Protocols, []). + +decode_protocols(<<>>, Acc) ->      lists:reverse(Acc); -decode_next_protocols(<<?BYTE(Len), Protocol:Len/binary, Rest/binary>>, Acc) -> +decode_protocols(<<?BYTE(Len), Protocol:Len/binary, Rest/binary>>, Acc) ->      case Len of          0 -> -            {error, invalid_next_protocols}; +            {error, invalid_protocols};          _ -> -            decode_next_protocols(Rest, [Protocol|Acc]) +            decode_protocols(Rest, [Protocol|Acc])      end; -decode_next_protocols(_Bytes, _Acc) -> -    {error, invalid_next_protocols}. +decode_protocols(_Bytes, _Acc) -> +    {error, invalid_protocols}.  %% encode/decode stream of certificate data to/from list of certificate data  certs_to_list(ASN1Certs) -> @@ -1826,6 +1919,17 @@ key_exchange_alg(_) ->  %%-------------Extension handling -------------------------------- +%% Receive protocols, choose one from the list, return it. +handle_alpn_extension(_, {error, _Reason}) -> +    ?ALERT_REC(?FATAL, ?HANDSHAKE_FAILURE); +handle_alpn_extension([], _) -> +	?ALERT_REC(?FATAL, ?NO_APPLICATION_PROTOCOL); +handle_alpn_extension([ServerProtocol|Tail], ClientProtocols) -> +	case lists:member(ServerProtocol, ClientProtocols) of +		true -> ServerProtocol; +		false -> handle_alpn_extension(Tail, ClientProtocols) +	end. +  handle_next_protocol(undefined,  		     _NextProtocolSelector, _Renegotiating) ->      undefined; @@ -1955,3 +2059,70 @@ handle_psk_identity(_PSKIdentity, LookupFun)      error;  handle_psk_identity(PSKIdentity, {Fun, UserState}) ->      Fun(psk, PSKIdentity, UserState). + +crl_check(_, false, _,_,_, _) -> +    valid; +crl_check(_, peer, _, _,_, valid) -> %% Do not check CAs with this option. +    valid; +crl_check(OtpCert, Check, CertDbHandle, CertDbRef, {Callback, CRLDbHandle}, _) -> +    Options = [{issuer_fun, {fun(_DP, CRL, Issuer, DBInfo) -> +				     ssl_crl:trusted_cert_and_path(CRL, Issuer, DBInfo) +			     end, {CertDbHandle, CertDbRef}}},  +	       {update_crl, fun(DP, CRL) -> Callback:fresh_crl(DP, CRL) end} +	      ], +    case dps_and_crls(OtpCert, Callback, CRLDbHandle, ext) of +	no_dps -> +	    case dps_and_crls(OtpCert, Callback, CRLDbHandle, same_issuer) of +		[] -> +		    valid; %% No relevant CRL existed +		DpsAndCRls -> +		    crl_check_same_issuer(OtpCert, Check, DpsAndCRls, Options)		 +	    end; +	DpsAndCRLs ->  %% This DP list may be empty if relevant CRLs existed  +	    %% but could not be retrived, will result in {bad_cert, revocation_status_undetermined} +	    case public_key:pkix_crls_validate(OtpCert, DpsAndCRLs, Options) of +		{bad_cert, revocation_status_undetermined} -> +		    crl_check_same_issuer(OtpCert, Check, dps_and_crls(OtpCert, Callback,  +								       CRLDbHandle, same_issuer), Options); +		Other -> +		    Other +	    end +    end. + +crl_check_same_issuer(OtpCert, best_effort, Dps, Options) ->		 +    case public_key:pkix_crls_validate(OtpCert, Dps, Options) of  +	{bad_cert, revocation_status_undetermined}  -> +	    valid; +	Other -> +	    Other +    end; +crl_check_same_issuer(OtpCert, _, Dps, Options) ->     +    public_key:pkix_crls_validate(OtpCert, Dps, Options). + +dps_and_crls(OtpCert, Callback, CRLDbHandle, ext) -> +	case public_key:pkix_dist_points(OtpCert) of +	    [] -> +		no_dps; +	    DistPoints -> +		distpoints_lookup(DistPoints, Callback, CRLDbHandle)  +	end; +     +dps_and_crls(OtpCert, Callback, CRLDbHandle, same_issuer) ->     +    DP = #'DistributionPoint'{distributionPoint = {fullName, GenNames}} =  +	public_key:pkix_dist_point(OtpCert), +    CRLs = lists:flatmap(fun({directoryName, Issuer}) ->  +				 Callback:select(Issuer, CRLDbHandle); +			    (_) -> +				 [] +			 end, GenNames), +    [{DP, {CRL, public_key:der_decode('CertificateList', CRL)}} ||  CRL <- CRLs]. + +distpoints_lookup([], _, _) -> +    []; +distpoints_lookup([DistPoint | Rest], Callback, CRLDbHandle) -> +    case Callback:lookup(DistPoint, CRLDbHandle) of +	not_available -> +	    distpoints_lookup(Rest, Callback, CRLDbHandle); +	CRLs -> +	    [{DistPoint, {CRL, public_key:der_decode('CertificateList', CRL)}} ||  CRL <- CRLs] +    end.	 diff --git a/lib/ssl/src/ssl_handshake.hrl b/lib/ssl/src/ssl_handshake.hrl index 80284faef0..58b4d5a23d 100644 --- a/lib/ssl/src/ssl_handshake.hrl +++ b/lib/ssl/src/ssl_handshake.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -95,6 +96,7 @@  -record(hello_extensions, {  	  renegotiation_info,  	  hash_signs,          % supported combinations of hashes/signature algos +          alpn,  	  next_protocol_negotiation = undefined, % [binary()]  	  srp,  	  ec_point_formats, @@ -301,6 +303,14 @@  	 }).  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% Application-Layer Protocol Negotiation  RFC 7301 +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +-define(ALPN_EXT, 16). + +-record(alpn, {extension_data}). + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %% Next Protocol Negotiation  %% (http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-02)  %% (http://technotes.googlecode.com/git/nextprotoneg.html) diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl index 88105cac5a..3851b2bc6e 100644 --- a/lib/ssl/src/ssl_internal.hrl +++ b/lib/ssl/src/ssl_internal.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -61,14 +62,19 @@  -define(CDR_HDR_SIZE, 12).  -define(DEFAULT_TIMEOUT, 5000). +-define(NO_DIST_POINT, "http://dummy/no_distribution_point"). +-define(NO_DIST_POINT_PATH, "dummy/no_distribution_point").  %% Common enumerate values in for SSL-protocols   -define(NULL, 0).  -define(TRUE, 0).  -define(FALSE, 1). --define(ALL_SUPPORTED_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1, sslv3]). --define(MIN_SUPPORTED_VERSIONS, ['tlsv1.1', tlsv1, sslv3]). +%% sslv3 is considered insecure due to lack of padding check (Poodle attack) +%% Keep as interop with legacy software but do not support as default  +-define(ALL_AVAILABLE_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1, sslv3]). +-define(ALL_SUPPORTED_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1]). +-define(MIN_SUPPORTED_VERSIONS, ['tlsv1.1', tlsv1]).  -define(ALL_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2', dtlsv1]).  -define(MIN_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2', dtlsv1]). @@ -105,21 +111,28 @@  	  reuse_sessions       :: boolean(),  	  renegotiate_at,  	  secure_renegotiate, +	  client_renegotiation,  	  %% undefined if not hibernating, or number of ms of  	  %% inactivity after which ssl_connection will go into  	  %% hibernation  	  hibernate_after      :: boolean(),  	  %% This option should only be set to true by inet_tls_dist  	  erl_dist = false     :: boolean(), -	  next_protocols_advertised = undefined, %% [binary()], +          alpn_advertised_protocols = undefined :: [binary()] | undefined , +          alpn_preferred_protocols = undefined  :: [binary()] | undefined, +	  next_protocols_advertised = undefined :: [binary()] | undefined,  	  next_protocol_selector = undefined,  %% fun([binary()]) -> binary())  	  log_alert             :: boolean(),  	  server_name_indication = undefined, +	  sni_hosts  :: [{inet:hostname(), [tuple()]}], +	  sni_fun :: function() | undefined,  	  %% Should the server prefer its own cipher order over the one provided by  	  %% the client? -	  honor_cipher_order = false, -	  padding_check = true, -	  fallback = false +	  honor_cipher_order = false :: boolean(), +	  padding_check = true       :: boolean(), +	  fallback = false           :: boolean(), +	  crl_check                  :: boolean() | peer | best_effort,  +	  crl_cache  	  }).  -record(socket_options, diff --git a/lib/ssl/src/ssl_listen_tracker_sup.erl b/lib/ssl/src/ssl_listen_tracker_sup.erl index 29f40e846d..f9a0ba331e 100644 --- a/lib/ssl/src/ssl_listen_tracker_sup.erl +++ b/lib/ssl/src/ssl_listen_tracker_sup.erl @@ -3,16 +3,17 @@  %%   %% Copyright Ericsson AB 2014-2014. All Rights Reserved.  %%  -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%%  -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%   %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl_manager.erl b/lib/ssl/src/ssl_manager.erl index c4f1f7f193..2e05ba5aa5 100644 --- a/lib/ssl/src/ssl_manager.erl +++ b/lib/ssl/src/ssl_manager.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -26,10 +27,11 @@  %% Internal application API  -export([start_link/1, start_link_dist/1, -	 connection_init/2, cache_pem_file/2, +	 connection_init/3, cache_pem_file/2,  	 lookup_trusted_cert/4,  	 new_session_id/1, clean_cert_db/2,  	 register_session/2, register_session/3, invalidate_session/2, +	 insert_crls/2, insert_crls/3, delete_crls/1, delete_crls/2,   	 invalidate_session/3, invalidate_pem/1, clear_pem_cache/0, manager_name/1]).  % Spawn export @@ -44,7 +46,8 @@  -include_lib("kernel/include/file.hrl").  -record(state, { -	  session_cache, +	  session_cache_client, +	  session_cache_server,  	  session_cache_cb,  	  session_lifetime,  	  certificate_db, @@ -99,19 +102,21 @@ start_link_dist(Opts) ->      gen_server:start_link({local, DistMangerName}, ?MODULE, [DistMangerName, Opts], []).  %%-------------------------------------------------------------------- --spec connection_init(binary()| {der, list()}, client | server) -> -			     {ok, certdb_ref(), db_handle(), db_handle(), db_handle(), db_handle()}. +-spec connection_init(binary()| {der, list()}, client | server,  +		      {Cb :: atom(), Handle:: term()}) -> +			     {ok, certdb_ref(), db_handle(), db_handle(),  +			      db_handle(), db_handle(), CRLInfo::term()}.  %%			       %% Description: Do necessary initializations for a new connection.  %%-------------------------------------------------------------------- -connection_init({der, _} = Trustedcerts, Role) -> -    call({connection_init, Trustedcerts, Role}); +connection_init({der, _} = Trustedcerts, Role, CRLCache) -> +    call({connection_init, Trustedcerts, Role, CRLCache}); -connection_init(<<>> = Trustedcerts, Role) -> -    call({connection_init, Trustedcerts, Role}); +connection_init(<<>> = Trustedcerts, Role, CRLCache) -> +    call({connection_init, Trustedcerts, Role, CRLCache}); -connection_init(Trustedcerts, Role) -> -    call({connection_init, Trustedcerts, Role}). +connection_init(Trustedcerts, Role, CRLCache) -> +    call({connection_init, Trustedcerts, Role, CRLCache}).  %%--------------------------------------------------------------------  -spec cache_pem_file(binary(), term()) -> {ok, term()} | {error, reason()}. @@ -123,7 +128,7 @@ cache_pem_file(File, DbHandle) ->  	[{Content,_}] ->  	    {ok, Content};  	[Content] -> -	   {ok, Content}; +	    {ok, Content};  	undefined ->  	    call({cache_pem, File})      end. @@ -192,11 +197,28 @@ invalidate_session(Host, Port, Session) ->  invalidate_session(Port, Session) ->      cast({invalidate_session, Port, Session}). -  -spec invalidate_pem(File::binary()) -> ok.  invalidate_pem(File) ->      cast({invalidate_pem, File}). +insert_crls(Path, CRLs)-> +    insert_crls(Path, CRLs, normal). +insert_crls(?NO_DIST_POINT_PATH = Path, CRLs, ManagerType)-> +    put(ssl_manager, manager_name(ManagerType)), +    cast({insert_crls, Path, CRLs}); +insert_crls(Path, CRLs, ManagerType)-> +    put(ssl_manager, manager_name(ManagerType)), +    call({insert_crls, Path, CRLs}). + +delete_crls(Path)-> +    delete_crls(Path, normal). +delete_crls(?NO_DIST_POINT_PATH = Path, ManagerType)-> +    put(ssl_manager, manager_name(ManagerType)), +    cast({delete_crls, Path}); +delete_crls(Path, ManagerType)-> +    put(ssl_manager, manager_name(ManagerType)), +    call({delete_crls, Path}). +  %%====================================================================  %% gen_server callbacks  %%==================================================================== @@ -215,13 +237,17 @@ init([Name, Opts]) ->      SessionLifeTime =    	proplists:get_value(session_lifetime, Opts, ?'24H_in_sec'),      CertDb = ssl_pkix_db:create(), -    SessionCache = CacheCb:init(proplists:get_value(session_cb_init_args, Opts, [])), +    ClientSessionCache = CacheCb:init([{role, client} |  +				       proplists:get_value(session_cb_init_args, Opts, [])]), +    ServerSessionCache = CacheCb:init([{role, server} |  +				       proplists:get_value(session_cb_init_args, Opts, [])]),      Timer = erlang:send_after(SessionLifeTime * 1000 + 5000,   			      self(), validate_sessions),      Interval = pem_check_interval(),      erlang:send_after(Interval, self(), clear_pem_cache),      {ok, #state{certificate_db = CertDb, -		session_cache = SessionCache, +		session_cache_client = ClientSessionCache, +		session_cache_server = ServerSessionCache,  		session_cache_cb = CacheCb,  		session_lifetime = SessionLifeTime,  		session_validation_timer = Timer, @@ -240,32 +266,38 @@ init([Name, Opts]) ->  %%  %% Description: Handling call messages  %%-------------------------------------------------------------------- -handle_call({{connection_init, <<>>, _Role}, _Pid}, _From, -	    #state{certificate_db = [CertDb, FileRefDb, PemChace], -		   session_cache = Cache} = State) -> -    Result = {ok, make_ref(),CertDb, FileRefDb, PemChace, Cache}, -    {reply, Result, State}; - -handle_call({{connection_init, Trustedcerts, _Role}, Pid}, _From, -	    #state{certificate_db = [CertDb, FileRefDb, PemChace] = Db, -		   session_cache = Cache} = State) -> -    Result =  -	try -	    {ok, Ref} = ssl_pkix_db:add_trusted_certs(Pid, Trustedcerts, Db), -	    {ok, Ref, CertDb, FileRefDb, PemChace, Cache} -	catch -	    _:Reason -> -		{error, Reason} -	end, -    {reply, Result, State}; - -handle_call({{new_session_id,Port}, _}, +handle_call({{connection_init, <<>>, Role, {CRLCb, UserCRLDb}}, _Pid}, _From, +	    #state{certificate_db = [CertDb, FileRefDb, PemChace | _] = Db} = State) -> +    Ref = make_ref(),  +    Result = {ok, Ref, CertDb, FileRefDb, PemChace, session_cache(Role, State), {CRLCb, crl_db_info(Db, UserCRLDb)}}, +    {reply, Result, State#state{certificate_db = Db}}; + +handle_call({{connection_init, Trustedcerts, Role, {CRLCb, UserCRLDb}}, Pid}, _From, +	    #state{certificate_db = [CertDb, FileRefDb, PemChace | _] = Db} = State) -> +    case add_trusted_certs(Pid, Trustedcerts, Db) of +	{ok, Ref} -> +	    {reply, {ok, Ref, CertDb, FileRefDb, PemChace, session_cache(Role, State),  +		     {CRLCb, crl_db_info(Db, UserCRLDb)}}, State}; +	{error, _} = Error -> +	    {reply, Error, State} +    end; + +handle_call({{insert_crls, Path, CRLs}, _}, _From,    +	    #state{certificate_db = Db} = State) -> +    ssl_pkix_db:add_crls(Db, Path, CRLs), +    {reply, ok, State}; + +handle_call({{delete_crls, CRLsOrPath}, _}, _From,    +	    #state{certificate_db = Db} = State) -> +    ssl_pkix_db:remove_crls(Db, CRLsOrPath), +    {reply, ok, State}; + +handle_call({{new_session_id, Port}, _},  	    _, #state{session_cache_cb = CacheCb, -		      session_cache = Cache} = State) -> +		      session_cache_server = Cache} = State) ->      Id = new_id(Port, ?GEN_UNIQUE_ID_MAX_TRIES, Cache, CacheCb),      {reply, Id, State}; -  handle_call({{cache_pem,File}, _Pid}, _,  	    #state{certificate_db = Db} = State) ->      try ssl_pkix_db:cache_pem_file(File, Db) of @@ -275,7 +307,7 @@ handle_call({{cache_pem,File}, _Pid}, _,  	_:Reason ->  	    {reply, {error, Reason}, State}      end; -handle_call({unconditionally_clear_pem_cache, _},_, #state{certificate_db = [_,_,PemChace]} = State) -> +handle_call({unconditionally_clear_pem_cache, _},_, #state{certificate_db = [_,_,PemChace | _]} = State) ->      ssl_pkix_db:clear(PemChace),      {reply, ok,  State}. @@ -288,16 +320,22 @@ handle_call({unconditionally_clear_pem_cache, _},_, #state{certificate_db = [_,_  %% Description: Handling cast messages  %%--------------------------------------------------------------------  handle_cast({register_session, Host, Port, Session},  -	    #state{session_cache = Cache, +	    #state{session_cache_client = Cache,  		   session_cache_cb = CacheCb} = State) ->      TimeStamp = calendar:datetime_to_gregorian_seconds({date(), time()}),      NewSession = Session#session{time_stamp = TimeStamp}, -    CacheCb:update(Cache, {{Host, Port},  -		   NewSession#session.session_id}, NewSession), +     +    case CacheCb:select_session(Cache, {Host, Port}) of +	no_session -> +	    CacheCb:update(Cache, {{Host, Port},  +				   NewSession#session.session_id}, NewSession); +	Sessions -> +	    register_unique_session(Sessions, NewSession, CacheCb, Cache, {Host, Port}) +    end,      {noreply, State};  handle_cast({register_session, Port, Session},   -	    #state{session_cache = Cache, +	    #state{session_cache_server = Cache,  		   session_cache_cb = CacheCb} = State) ->          TimeStamp = calendar:datetime_to_gregorian_seconds({date(), time()}),      NewSession = Session#session{time_stamp = TimeStamp}, @@ -306,17 +344,28 @@ handle_cast({register_session, Port, Session},  handle_cast({invalidate_session, Host, Port,  	     #session{session_id = ID} = Session}, -	    #state{session_cache = Cache, +	    #state{session_cache_client = Cache,  		   session_cache_cb = CacheCb} = State) ->      invalidate_session(Cache, CacheCb, {{Host, Port}, ID}, Session, State);  handle_cast({invalidate_session, Port, #session{session_id = ID} = Session}, -	    #state{session_cache = Cache, +	    #state{session_cache_server = Cache,  		   session_cache_cb = CacheCb} = State) ->      invalidate_session(Cache, CacheCb, {Port, ID}, Session, State); + +handle_cast({insert_crls, Path, CRLs},    +	    #state{certificate_db = Db} = State) -> +    ssl_pkix_db:add_crls(Db, Path, CRLs), +    {noreply, State}; + +handle_cast({delete_crls, CRLsOrPath},    +	    #state{certificate_db = Db} = State) -> +    ssl_pkix_db:remove_crls(Db, CRLsOrPath), +    {noreply, State}; +  handle_cast({invalidate_pem, File}, -	    #state{certificate_db = [_, _, PemCache]} = State) -> +	    #state{certificate_db = [_, _, PemCache | _]} = State) ->      ssl_pkix_db:remove(File, PemCache),      {noreply, State}. @@ -329,21 +378,23 @@ handle_cast({invalidate_pem, File},  %% Description: Handling all non call/cast messages  %%-------------------------------------------------------------------  handle_info(validate_sessions, #state{session_cache_cb = CacheCb, -				      session_cache = Cache, +				      session_cache_client = ClientCache, +				      session_cache_server = ServerCache,  				      session_lifetime = LifeTime  				     } = State) ->      Timer = erlang:send_after(?SESSION_VALIDATION_INTERVAL,   			      self(), validate_sessions), -    start_session_validator(Cache, CacheCb, LifeTime), +    start_session_validator(ClientCache, CacheCb, LifeTime), +    start_session_validator(ServerCache, CacheCb, LifeTime),      {noreply, State#state{session_validation_timer = Timer}}; -handle_info({delayed_clean_session, Key}, #state{session_cache = Cache, -                   session_cache_cb = CacheCb -                   } = State) -> + +handle_info({delayed_clean_session, Key, Cache}, #state{session_cache_cb = CacheCb +						       } = State) ->      CacheCb:delete(Cache, Key),      {noreply, State}; -handle_info(clear_pem_cache, #state{certificate_db = [_,_,PemChace], +handle_info(clear_pem_cache, #state{certificate_db = [_,_,PemChace | _],  				    clear_pem_cache = Interval,  				    last_pem_check = CheckPoint} = State) ->      NewCheckPoint = os:timestamp(), @@ -351,9 +402,8 @@ handle_info(clear_pem_cache, #state{certificate_db = [_,_,PemChace],      erlang:send_after(Interval, self(), clear_pem_cache),      {noreply, State#state{last_pem_check = NewCheckPoint}}; -  handle_info({clean_cert_db, Ref, File}, -	    #state{certificate_db = [CertDb,RefDb, PemCache]} = State) -> +	    #state{certificate_db = [CertDb,RefDb, PemCache | _]} = State) ->      case ssl_pkix_db:lookup(Ref, RefDb) of  	undefined -> %% Alredy cleaned @@ -380,12 +430,14 @@ handle_info(_Info, State) ->  %% The return value is ignored.  %%--------------------------------------------------------------------  terminate(_Reason, #state{certificate_db = Db, -			  session_cache = SessionCache, +			  session_cache_client = ClientSessionCache, +			  session_cache_server = ServerSessionCache,  			  session_cache_cb = CacheCb,  			  session_validation_timer = Timer}) ->      erlang:cancel_timer(Timer),      ssl_pkix_db:remove(Db), -    CacheCb:terminate(SessionCache), +    catch CacheCb:terminate(ClientSessionCache), +    catch CacheCb:terminate(ServerSessionCache),      ok.  %%-------------------------------------------------------------------- @@ -458,7 +510,7 @@ invalidate_session(Cache, CacheCb, Key, Session, #state{last_delay_timer = LastT  	    %% up the session data but new connections should not get to use this session.  	    CacheCb:update(Cache, Key, Session#session{is_resumable = false}),  	    TRef = -		erlang:send_after(delay_time(), self(), {delayed_clean_session, Key}), +		erlang:send_after(delay_time(), self(), {delayed_clean_session, Key, Cache}),  	    {noreply, State#state{last_delay_timer = last_delay_timer(Key, TRef, LastTimer)}}      end. @@ -507,6 +559,37 @@ clean_cert_db(Ref, CertDb, RefDb, PemCache, File) ->  	    ok      end. +%% Do not let dumb clients create a gigantic session table +%% for itself creating big delays at connection time.  +register_unique_session(Sessions, Session, CacheCb, Cache, PartialKey) -> +    case exists_equivalent(Session , Sessions) of +	true -> +	    ok; +	false -> +	    CacheCb:update(Cache, {PartialKey,  +				   Session#session.session_id}, Session) +    end. + +exists_equivalent(_, []) -> +    false; +exists_equivalent(#session{ +		     peer_certificate = PeerCert, +		     own_certificate = OwnCert, +		     compression_method = Compress, +		     cipher_suite = CipherSuite, +		     srp_username = SRP, +		     ecc = ECC} ,  +		  [#session{ +		      peer_certificate = PeerCert, +		      own_certificate = OwnCert, +		      compression_method = Compress, +		      cipher_suite = CipherSuite, +		      srp_username = SRP, +		      ecc = ECC} | _]) -> +    true; +exists_equivalent(Session, [ _ | Rest]) -> +    exists_equivalent(Session, Rest). +  start_pem_cache_validator(PemCache, CheckPoint) ->      spawn_link(?MODULE, init_pem_cache_validator,   	       [[get(ssl_manager), PemCache, CheckPoint]]). @@ -542,3 +625,21 @@ is_before_checkpoint(Time, CheckPoint) ->      calendar:datetime_to_gregorian_seconds(calendar:now_to_datetime(CheckPoint)) -      calendar:datetime_to_gregorian_seconds(Time) > 0. +add_trusted_certs(Pid, Trustedcerts, Db) -> +    try +	ssl_pkix_db:add_trusted_certs(Pid, Trustedcerts, Db) 	     +    catch +	_:Reason -> +	    {error, Reason} +    end. + +session_cache(client, #state{session_cache_client = Cache}) -> +    Cache; +session_cache(server, #state{session_cache_server = Cache}) -> +    Cache. + +crl_db_info([_,_,_,Local], {internal, Info}) -> +    {Local, Info}; +crl_db_info(_, UserCRLDb) -> +    UserCRLDb. + diff --git a/lib/ssl/src/ssl_pkix_db.erl b/lib/ssl/src/ssl_pkix_db.erl index 8531445ba4..b16903d7c7 100644 --- a/lib/ssl/src/ssl_pkix_db.erl +++ b/lib/ssl/src/ssl_pkix_db.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -27,9 +28,9 @@  -include_lib("public_key/include/public_key.hrl").  -include_lib("kernel/include/file.hrl"). --export([create/0, remove/1, add_trusted_certs/3,  +-export([create/0, add_crls/3, remove_crls/2, remove/1, add_trusted_certs/3,   	 remove_trusted_certs/2, insert/3, remove/2, clear/1, db_size/1, -	 ref_count/3, lookup_trusted_cert/4, foldl/3, +	 ref_count/3, lookup_trusted_cert/4, foldl/3, select_cert_by_issuer/2,  	 lookup_cached_pem/2, cache_pem_file/2, cache_pem_file/3,  	 lookup/2]). @@ -51,16 +52,24 @@ create() ->       ets:new(ssl_otp_cacertificate_db, [set, public]),       %% Let connection processes call ref_count/3 directly       ets:new(ssl_otp_ca_file_ref, [set, public]), -     ets:new(ssl_otp_pem_cache, [set, protected]) +     ets:new(ssl_otp_pem_cache, [set, protected]), +     %% Default cache +     {ets:new(ssl_otp_crl_cache, [set, protected]), +      ets:new(ssl_otp_crl_issuer_mapping, [bag, protected])}      ].  %%-------------------------------------------------------------------- --spec remove([db_handle()]) -> ok. +-spec remove([db_handle()]) -> ok.   %%  %% Description: Removes database db    %%--------------------------------------------------------------------  remove(Dbs) -> -    lists:foreach(fun(Db) -> +    lists:foreach(fun({Db0, Db1})  -> +			  true = ets:delete(Db0), +			  true = ets:delete(Db1); +		     (undefined) ->  +			  ok; +		     (Db) ->  			  true = ets:delete(Db)  		  end, Dbs). @@ -81,7 +90,7 @@ lookup_trusted_cert(DbHandle, Ref, SerialNumber, Issuer) ->  	    {ok, Certs}      end. -lookup_cached_pem([_, _, PemChache], File) -> +lookup_cached_pem([_, _, PemChache | _], File) ->      lookup_cached_pem(PemChache, File);  lookup_cached_pem(PemChache, File) ->      lookup(File, PemChache). @@ -94,12 +103,12 @@ lookup_cached_pem(PemChache, File) ->  %% runtime database. Returns Ref that should be handed to lookup_trusted_cert  %% together with the cert serialnumber and issuer.  %%-------------------------------------------------------------------- -add_trusted_certs(_Pid, {der, DerList}, [CerDb, _,_]) -> +add_trusted_certs(_Pid, {der, DerList}, [CertDb, _,_ | _]) ->      NewRef = make_ref(), -    add_certs_from_der(DerList, NewRef, CerDb), +    add_certs_from_der(DerList, NewRef, CertDb),      {ok, NewRef}; -add_trusted_certs(_Pid, File, [CertsDb, RefDb, PemChache] = Db) -> +add_trusted_certs(_Pid, File, [CertsDb, RefDb, PemChache | _] = Db) ->      case lookup_cached_pem(Db, File) of  	[{_Content, Ref}] ->  	    ref_count(Ref, RefDb, 1), @@ -118,14 +127,15 @@ add_trusted_certs(_Pid, File, [CertsDb, RefDb, PemChache] = Db) ->  %% Description: Cache file as binary in DB  %%--------------------------------------------------------------------  -spec cache_pem_file(binary(), [db_handle()]) -> {ok, term()}. -cache_pem_file(File, [_CertsDb, _RefDb, PemChache]) -> +cache_pem_file(File, [_CertsDb, _RefDb, PemChache | _]) ->      {ok, PemBin} = file:read_file(File),      Content = public_key:pem_decode(PemBin),      insert(File, Content, PemChache),      {ok, Content}. +  -spec cache_pem_file(reference(), binary(), [db_handle()]) -> {ok, term()}. -cache_pem_file(Ref, File, [_CertsDb, _RefDb, PemChache]) -> +cache_pem_file(Ref, File, [_CertsDb, _RefDb, PemChache| _]) ->      {ok, PemBin} = file:read_file(File),      Content = public_key:pem_decode(PemBin),      insert(File, {Content, Ref}, PemChache), @@ -149,6 +159,15 @@ remove(Key, Db) ->      ok.  %%-------------------------------------------------------------------- +-spec remove(term(), term(), db_handle()) -> ok. +%% +%% Description: Removes an element in a <Db>. +%%-------------------------------------------------------------------- +remove(Key, Data, Db) -> +    ets:delete_object(Db, {Key, Data}), +    ok. + +%%--------------------------------------------------------------------  -spec lookup(term(), db_handle()) -> [term()] | undefined.  %%  %% Description: Looks up an element in a <Db>. @@ -175,6 +194,10 @@ lookup(Key, Db) ->  foldl(Fun, Acc0, Cache) ->      ets:foldl(Fun, Acc0, Cache). + +select_cert_by_issuer(Cache, Issuer) ->     +    ets:select(Cache, [{{{'_','_', Issuer},{'_', '$1'}},[],['$$']}]). +  %%--------------------------------------------------------------------  -spec ref_count(term(), db_handle(), integer()) -> integer().  %% @@ -244,9 +267,39 @@ add_certs(Cert, Ref, CertsDb) ->  	    error_logger:info_report(Report)      end. -new_trusted_cert_entry(File, [CertsDb, RefDb, _] = Db) -> +new_trusted_cert_entry(File, [CertsDb, RefDb, _ | _] = Db) ->      Ref = make_ref(),      update_counter(Ref, 1, RefDb),      {ok, Content} = cache_pem_file(Ref, File, Db),      add_certs_from_pem(Content, Ref, CertsDb),      {ok, Ref}. + +add_crls([_,_,_, {_, Mapping} | _], ?NO_DIST_POINT, CRLs) -> +    [add_crls(CRL, Mapping) || CRL <- CRLs]; +add_crls([_,_,_, {Cache, Mapping} | _], Path, CRLs) -> +    insert(Path, CRLs, Cache),  +    [add_crls(CRL, Mapping) || CRL <- CRLs]. + +add_crls(CRL, Mapping) -> +    insert(crl_issuer(CRL), CRL, Mapping). + +remove_crls([_,_,_, {_, Mapping} | _], {?NO_DIST_POINT, CRLs}) -> +    [rm_crls(CRL, Mapping) || CRL <- CRLs]; +	 +remove_crls([_,_,_, {Cache, Mapping} | _], Path) -> +    case lookup(Path, Cache) of +	undefined -> +	    ok; +	CRLs -> +	    remove(Path, Cache), +	    [rm_crls(CRL, Mapping) || CRL <- CRLs] +    end. + +rm_crls(CRL, Mapping) -> +   remove(crl_issuer(CRL), CRL, Mapping).  + +crl_issuer(DerCRL) -> +    CRL = public_key:der_decode('CertificateList', DerCRL), +    TBSCRL = CRL#'CertificateList'.tbsCertList, +    TBSCRL#'TBSCertList'.issuer. + diff --git a/lib/ssl/src/ssl_record.erl b/lib/ssl/src/ssl_record.erl index 025a46bf65..75cfecdf5e 100644 --- a/lib/ssl/src/ssl_record.erl +++ b/lib/ssl/src/ssl_record.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd% @@ -48,7 +49,8 @@  -export([compress/3, uncompress/3, compressions/0]).  %% Payload encryption/decryption --export([cipher/4, decipher/4, is_correct_mac/2]). +-export([cipher/4, decipher/4, is_correct_mac/2, +	 cipher_aead/4, decipher_aead/4]).  -export_type([ssl_version/0, ssl_atom_version/0]). @@ -376,6 +378,23 @@ cipher(Version, Fragment,      {CipherFragment, CipherS1} =  	ssl_cipher:cipher(BulkCipherAlgo, CipherS0, MacHash, Fragment, Version),      {CipherFragment,  WriteState0#connection_state{cipher_state = CipherS1}}. +%%-------------------------------------------------------------------- +-spec cipher_aead(ssl_version(), iodata(), #connection_state{}, MacHash::binary()) -> +			 {CipherFragment::binary(), #connection_state{}}. +%% +%% Description: Payload encryption +%%-------------------------------------------------------------------- +cipher_aead(Version, Fragment, +       #connection_state{cipher_state = CipherS0, +			 sequence_number = SeqNo, +			 security_parameters= +			     #security_parameters{bulk_cipher_algorithm = +						      BulkCipherAlgo} +			} = WriteState0, AAD) -> + +    {CipherFragment, CipherS1} = +	ssl_cipher:cipher_aead(BulkCipherAlgo, CipherS0, SeqNo, AAD, Fragment, Version), +    {CipherFragment,  WriteState0#connection_state{cipher_state = CipherS1}}.  %%--------------------------------------------------------------------  -spec decipher(ssl_version(), binary(), #connection_state{}, boolean()) -> {binary(), binary(), #connection_state{}} | #alert{}. @@ -397,6 +416,25 @@ decipher(Version, CipherFragment,  	    Alert      end.  %%-------------------------------------------------------------------- +-spec decipher_aead(ssl_version(), binary(), #connection_state{}, binary()) -> {binary(), binary(), #connection_state{}} | #alert{}. +%% +%% Description: Payload decryption +%%-------------------------------------------------------------------- +decipher_aead(Version, CipherFragment, +	 #connection_state{sequence_number = SeqNo, +			   security_parameters = +			       #security_parameters{bulk_cipher_algorithm = +							BulkCipherAlgo}, +			   cipher_state = CipherS0 +			  } = ReadState, AAD) -> +    case ssl_cipher:decipher_aead(BulkCipherAlgo, CipherS0, SeqNo, AAD, CipherFragment, Version) of +	{PlainFragment, CipherS1} -> +	    CS1 = ReadState#connection_state{cipher_state = CipherS1}, +	    {PlainFragment, CS1}; +	#alert{} = Alert -> +	    Alert +    end. +%%--------------------------------------------------------------------  %%% Internal functions  %%--------------------------------------------------------------------  empty_connection_state(ConnectionEnd) -> diff --git a/lib/ssl/src/ssl_record.hrl b/lib/ssl/src/ssl_record.hrl index 6aab35d6da..af77378f44 100644 --- a/lib/ssl/src/ssl_record.hrl +++ b/lib/ssl/src/ssl_record.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -90,11 +91,14 @@  -define('3DES', 4).  -define(DES40, 5).  -define(IDEA, 6). --define(AES, 7).  +-define(AES_CBC, 7). +-define(AES_GCM, 8). +-define(CHACHA20_POLY1305, 9).  %% CipherType  -define(STREAM, 0).  -define(BLOCK, 1). +-define(AEAD, 2).  %% IsExportable  %-define(TRUE, 0).  %% Already defined by ssl_internal.hrl diff --git a/lib/ssl/src/ssl_session.erl b/lib/ssl/src/ssl_session.erl index a24b2d9444..0d6cc93a20 100644 --- a/lib/ssl/src/ssl_session.erl +++ b/lib/ssl/src/ssl_session.erl @@ -3,16 +3,17 @@  %%   %% Copyright Ericsson AB 2007-2012. All Rights Reserved.  %%  -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%%  -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%   %% %CopyrightEnd%  %% @@ -99,14 +100,14 @@ select_session([], _, _) ->      no_session;  select_session(Sessions, #ssl_options{ciphers = Ciphers}, OwnCert) ->      IsNotResumable = -	fun([_Id, Session]) -> +	fun(Session) ->  		not (resumable(Session#session.is_resumable) andalso  		     lists:member(Session#session.cipher_suite, Ciphers)  		     andalso (OwnCert == Session#session.own_certificate))   	end,      case lists:dropwhile(IsNotResumable, Sessions) of  	[] ->   no_session; -	[[Id, _]|_] -> Id +	[Session | _] -> Session#session.session_id      end.  is_resumable(_, _, #ssl_options{reuse_sessions = false}, _, _, _, _) -> diff --git a/lib/ssl/src/ssl_session_cache.erl b/lib/ssl/src/ssl_session_cache.erl index 5c6ee3c54c..cfc48cd935 100644 --- a/lib/ssl/src/ssl_session_cache.erl +++ b/lib/ssl/src/ssl_session_cache.erl @@ -1,18 +1,19 @@  %%  %% %CopyrightBegin%  %% -%% Copyright Ericsson AB 2008-2012. All Rights Reserved. +%% Copyright Ericsson AB 2008-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -31,8 +32,8 @@  %%--------------------------------------------------------------------  %% Description: Return table reference. Called by ssl_manager process.   %%-------------------------------------------------------------------- -init(_) -> -    ets:new(cache_name(), [ordered_set, protected]). +init(Options) -> +    ets:new(cache_name(proplists:get_value(role, Options)), [ordered_set, protected]).  %%--------------------------------------------------------------------  %% Description: Handles cache table at termination of ssl manager.  @@ -82,10 +83,10 @@ foldl(Fun, Acc0, Cache) ->  %%--------------------------------------------------------------------  select_session(Cache, PartialKey) ->          ets:select(Cache,  -	       [{{{PartialKey,'$1'}, '$2'},[],['$$']}]). +	       [{{{PartialKey,'_'}, '$1'},[],['$1']}]).  %%--------------------------------------------------------------------  %%% Internal functions  %%-------------------------------------------------------------------- -cache_name() -> -    ssl_otp_session_cache. +cache_name(Name) -> +    list_to_atom(atom_to_list(Name) ++ "_ssl_otp_session_cache"). diff --git a/lib/ssl/src/ssl_session_cache_api.erl b/lib/ssl/src/ssl_session_cache_api.erl index f2b22b0f1b..536b52c44b 100644 --- a/lib/ssl/src/ssl_session_cache_api.erl +++ b/lib/ssl/src/ssl_session_cache_api.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2008-2011. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl_socket.erl b/lib/ssl/src/ssl_socket.erl index 55eb569b20..a5487bfb5c 100644 --- a/lib/ssl/src/ssl_socket.erl +++ b/lib/ssl/src/ssl_socket.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 1998-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl_srp.hrl b/lib/ssl/src/ssl_srp.hrl index af56a91194..f543866085 100644 --- a/lib/ssl/src/ssl_srp.hrl +++ b/lib/ssl/src/ssl_srp.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2013. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl_sup.erl b/lib/ssl/src/ssl_sup.erl index 7cccf8d5a5..950a6e0944 100644 --- a/lib/ssl/src/ssl_sup.erl +++ b/lib/ssl/src/ssl_sup.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 1998-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl_tls_dist_proxy.erl b/lib/ssl/src/ssl_tls_dist_proxy.erl index a22af6b960..273d3b5521 100644 --- a/lib/ssl/src/ssl_tls_dist_proxy.erl +++ b/lib/ssl/src/ssl_tls_dist_proxy.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2011-2013. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -227,7 +228,10 @@ loop_conn_setup(World, Erts) ->  	{tcp_closed, Erts} ->  	    ssl:close(World);  	{ssl_closed,  World} -> -	    gen_tcp:close(Erts) +	    gen_tcp:close(Erts); +	{ssl_error, World, _} -> + +	    ssl:close(World)      end.  loop_conn(World, Erts) -> @@ -241,7 +245,9 @@ loop_conn(World, Erts) ->  	{tcp_closed, Erts} ->  	    ssl:close(World);  	{ssl_closed,  World} -> -	    gen_tcp:close(Erts) +	    gen_tcp:close(Erts); +	{ssl_error, World, _} -> +	    ssl:close(World)      end.  get_ssl_options(Type) -> diff --git a/lib/ssl/src/ssl_v2.erl b/lib/ssl/src/ssl_v2.erl index 07876366f1..1764da5c63 100644 --- a/lib/ssl/src/ssl_v2.erl +++ b/lib/ssl/src/ssl_v2.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2013. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/ssl_v3.erl b/lib/ssl/src/ssl_v3.erl index 68f7f5dee2..5e043624a7 100644 --- a/lib/ssl/src/ssl_v3.erl +++ b/lib/ssl/src/ssl_v3.erl @@ -1,18 +1,19 @@  %%  %% %CopyrightBegin%  %% -%% Copyright Ericsson AB 2007-2014. All Rights Reserved. +%% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -143,9 +144,6 @@ suites() ->        ?TLS_DHE_RSA_WITH_AES_128_CBC_SHA,        ?TLS_DHE_DSS_WITH_AES_128_CBC_SHA,        ?TLS_RSA_WITH_AES_128_CBC_SHA, -      %%?TLS_RSA_WITH_IDEA_CBC_SHA, -      ?TLS_RSA_WITH_RC4_128_SHA, -      ?TLS_RSA_WITH_RC4_128_MD5,        ?TLS_RSA_WITH_DES_CBC_SHA       ]. diff --git a/lib/ssl/src/tls.erl b/lib/ssl/src/tls.erl index c829129250..d4cb8788bf 100644 --- a/lib/ssl/src/tls.erl +++ b/lib/ssl/src/tls.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 1999-2013. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl index 77d3aa7889..a468c131ce 100644 --- a/lib/ssl/src/tls_connection.erl +++ b/lib/ssl/src/tls_connection.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -53,7 +54,7 @@  %% Alert and close handling  -export([send_alert/2, handle_own_alert/4, handle_close_alert/3,  	 handle_normal_shutdown/3, handle_unexpected_message/3, -	 workaround_transport_delivery_problems/2, alert_user/6, alert_user/9 +	 close/5, alert_user/6, alert_user/9  	]).  %% Data handling @@ -167,9 +168,10 @@ hello(start, #state{host = Host, port = Port, role = client,  				       Cache, CacheCb, Renegotiation, Cert),      Version = Hello#client_hello.client_version, +    HelloVersion = tls_record:lowest_protocol_version(SslOpts#ssl_options.versions),      Handshake0 = ssl_handshake:init_handshake_history(),      {BinMsg, ConnectionStates, Handshake} = -        encode_handshake(Hello, Version, ConnectionStates0, Handshake0), +        encode_handshake(Hello,  HelloVersion, ConnectionStates0, Handshake0),      Transport:send(Socket, BinMsg),      State1 = State0#state{connection_states = ConnectionStates,  			  negotiated_version = Version, %% Requested version @@ -188,19 +190,27 @@ hello(Hello = #client_hello{client_version = ClientVersion,  		     renegotiation = {Renegotiation, _},  		     session_cache = Cache,  		     session_cache_cb = CacheCb, +		     negotiated_protocol = CurrentProtocol,  		     ssl_options = SslOpts}) ->      case tls_handshake:hello(Hello, SslOpts, {Port, Session0, Cache, CacheCb,  					      ConnectionStates0, Cert}, Renegotiation) of +        #alert{} = Alert -> +            handle_own_alert(Alert, ClientVersion, hello, State);          {Version, {Type, Session}, -	 ConnectionStates, ServerHelloExt} -> +	 ConnectionStates, Protocol0, ServerHelloExt} -> + +	    Protocol = case Protocol0 of +		undefined -> CurrentProtocol; +		_ -> Protocol0 +	    end, +              HashSign = ssl_handshake:select_hashsign(HashSigns, Cert, Version),              ssl_connection:hello({common_client_hello, Type, ServerHelloExt, HashSign},  				 State#state{connection_states  = ConnectionStates,  					     negotiated_version = Version,  					     session = Session, -					     client_ecc = {EllipticCurves, EcPointFormats}}, ?MODULE); -        #alert{} = Alert -> -            handle_own_alert(Alert, ClientVersion, hello, State) +					     client_ecc = {EllipticCurves, EcPointFormats}, +					     negotiated_protocol = Protocol}, ?MODULE)      end;  hello(Hello,        #state{connection_states = ConnectionStates0, @@ -211,9 +221,9 @@ hello(Hello,      case tls_handshake:hello(Hello, SslOptions, ConnectionStates0, Renegotiation) of  	#alert{} = Alert ->  	    handle_own_alert(Alert, ReqVersion, hello, State); -	{Version, NewId, ConnectionStates, NextProtocol} -> +	{Version, NewId, ConnectionStates, ProtoExt, Protocol} ->  	    ssl_connection:handle_session(Hello,  -					  Version, NewId, ConnectionStates, NextProtocol, State) +					  Version, NewId, ConnectionStates, ProtoExt, Protocol, State)      end;  hello(Msg, State) -> @@ -384,12 +394,30 @@ initial_state(Role, Host, Port, Socket, {SSLOptions, SocketOptions, Tracker}, Us  	   user_data_buffer = <<>>,  	   session_cache_cb = SessionCacheCb,  	   renegotiation = {false, first}, +	   allow_renegotiate = SSLOptions#ssl_options.client_renegotiation,  	   start_or_recv_from = undefined,  	   send_queue = queue:new(),  	   protocol_cb = ?MODULE,  	   tracker = Tracker  	  }. + +update_ssl_options_from_sni(OrigSSLOptions, SNIHostname) -> +    SSLOption =  +	case OrigSSLOptions#ssl_options.sni_fun of +	    undefined -> +		proplists:get_value(SNIHostname,  +				    OrigSSLOptions#ssl_options.sni_hosts); +	    SNIFun -> +		SNIFun(SNIHostname) +	end, +    case SSLOption of +        undefined -> +            undefined; +        _ -> +            ssl:handle_options(SSLOption, OrigSSLOptions) +    end. +  next_state(Current,_, #alert{} = Alert, #state{negotiated_version = Version} = State) ->      handle_own_alert(Alert, Version, Current, State); @@ -418,15 +446,17 @@ next_state(Current, Next, #ssl_tls{type = ?HANDSHAKE, fragment = Data},     		%% This message should not be included in handshake     		%% message hashes. Already in negotiation so it will be ignored!     		?MODULE:SName(Packet, State); -	   ({#client_hello{} = Packet, Raw}, {next_state, connection = SName, State}) -> +	   ({#client_hello{} = Packet, Raw}, {next_state, connection = SName, HState0}) -> +		HState = handle_sni_extension(Packet, HState0),  		Version = Packet#client_hello.client_version,  		Hs0 = ssl_handshake:init_handshake_history(),  		Hs1 = ssl_handshake:update_handshake_history(Hs0, Raw), -		?MODULE:SName(Packet, State#state{tls_handshake_history=Hs1, -   						  renegotiation = {true, peer}}); -	   ({Packet, Raw}, {next_state, SName, State = #state{tls_handshake_history=Hs0}}) -> +		?MODULE:SName(Packet, HState#state{tls_handshake_history=Hs1, +						   renegotiation = {true, peer}}); +	   ({Packet, Raw}, {next_state, SName, HState0 = #state{tls_handshake_history=Hs0}}) -> +		HState = handle_sni_extension(Packet, HState0),  		Hs1 = ssl_handshake:update_handshake_history(Hs0, Raw), -		?MODULE:SName(Packet, State#state{tls_handshake_history=Hs1}); +		?MODULE:SName(Packet, HState#state{tls_handshake_history=Hs1});     	   (_, StopState) -> StopState     	end,      try @@ -895,8 +925,7 @@ handle_own_alert(Alert, Version, StateName,      try %% Try to tell the other side  	{BinMsg, _} =  	ssl_alert:encode(Alert, Version, ConnectionStates), -	Transport:send(Socket, BinMsg), -	workaround_transport_delivery_problems(Socket, Transport) +	Transport:send(Socket, BinMsg)      catch _:_ ->  %% Can crash if we are in a uninitialized state  	    ignore      end, @@ -948,21 +977,57 @@ invalidate_session(client, Host, Port, Session) ->  invalidate_session(server, _, Port, Session) ->      ssl_manager:invalidate_session(Port, Session). -workaround_transport_delivery_problems(Socket, gen_tcp = Transport) -> +%% User downgrades connection +%% When downgrading an TLS connection to a transport connection +%% we must recive the close message before releasing the  +%% transport socket. +close({close, {Pid, Timeout}}, Socket, Transport, ConnectionStates, Check) when is_pid(Pid) ->  +    ssl_socket:setopts(Transport, Socket, [{active, false}, {packet, ssl_tls}]), +    case Transport:recv(Socket, 0, Timeout) of +	{ok, {ssl_tls, Socket, ?ALERT, Version,  Fragment}} -> +	    case tls_record:decode_cipher_text(#ssl_tls{type = ?ALERT, +							version = Version, +							fragment = Fragment +						       }, ConnectionStates, Check) of +		{#ssl_tls{fragment = Plain}, _} -> +		    [Alert| _] = decode_alerts(Plain), +		    downgrade(Alert, Transport, Socket, Pid) +	    end; +	{error, timeout} -> +	    {error, timeout}; +	_ -> +	    {error, no_tls_close} +    end; +%% User closes or recursive call! +close({close, Timeout}, Socket, Transport = gen_tcp, _,_) -> +    ssl_socket:setopts(Transport, Socket, [{active, false}]), +    Transport:shutdown(Socket, write), +    _ = Transport:recv(Socket, 0, Timeout), +    ok; +%% Peer closed socket +close({shutdown, transport_closed}, Socket, Transport = gen_tcp, ConnectionStates, Check) -> +    close({close, 0}, Socket, Transport, ConnectionStates, Check); +%% We generate fatal alert +close({shutdown, own_alert}, Socket, Transport = gen_tcp, ConnectionStates, Check) ->      %% Standard trick to try to make sure all      %% data sent to the tcp port is really delivered to the      %% peer application before tcp port is closed so that the peer will      %% get the correct TLS alert message and not only a transport close. -    ssl_socket:setopts(Transport, Socket, [{active, false}]), -    Transport:shutdown(Socket, write), -    %% Will return when other side has closed or after 30 s +    %% Will return when other side has closed or after timout millisec      %% e.g. we do not want to hang if something goes wrong      %% with the network but we want to maximise the odds that      %% peer application gets all data sent on the tcp connection. -    Transport:recv(Socket, 0, 30000); -workaround_transport_delivery_problems(Socket, Transport) -> +    close({close, ?DEFAULT_TIMEOUT}, Socket, Transport, ConnectionStates, Check); +%% Other +close(_, Socket, Transport, _,_) ->       Transport:close(Socket). - +downgrade(#alert{description = ?CLOSE_NOTIFY}, Transport, Socket, Pid) -> +    ssl_socket:setopts(Transport, Socket, [{active, false}, {packet, 0}, {mode, binary}]), +    Transport:controlling_process(Socket, Pid), +    {ok, Socket}; +downgrade(_, _,_,_) -> +    {error, no_tls_close}. +	         convert_state(#state{ssl_options = Options} = State, up, "5.3.5", "5.3.6") ->      State#state{ssl_options = convert_options_partial_chain(Options, up)};  convert_state(#state{ssl_options = Options} = State, down, "5.3.6", "5.3.5") -> @@ -973,3 +1038,32 @@ convert_options_partial_chain(Options, up) ->      list_to_tuple(Head ++ [{partial_chain, fun(_) -> unknown_ca end}] ++ Tail);  convert_options_partial_chain(Options, down) ->      list_to_tuple(proplists:delete(partial_chain, tuple_to_list(Options))). + +handle_sni_extension(#client_hello{extensions = HelloExtensions}, State0) -> +    case HelloExtensions#hello_extensions.sni of +	undefined -> +	    State0; +	#sni{hostname = Hostname} -> +	    NewOptions = update_ssl_options_from_sni(State0#state.ssl_options, Hostname), +	    case NewOptions of +		undefined -> +		    State0; +		_ -> +		    {ok, Ref, CertDbHandle, FileRefHandle, CacheHandle, CRLDbHandle, OwnCert, Key, DHParams} =  +			ssl_config:init(NewOptions, State0#state.role), +		    State0#state{ +		      session = State0#state.session#session{own_certificate = OwnCert}, +		      file_ref_db = FileRefHandle, +		      cert_db_ref = Ref, +		      cert_db = CertDbHandle, +		      crl_db = CRLDbHandle, +		      session_cache = CacheHandle, +		      private_key = Key, +		      diffie_hellman_params = DHParams, +		      ssl_options = NewOptions, +		      sni_hostname = Hostname +		     } +	    end +    end; +handle_sni_extension(_, State0) -> +    State0. diff --git a/lib/ssl/src/tls_connection.hrl b/lib/ssl/src/tls_connection.hrl index 2beecbb84d..3a416401d8 100644 --- a/lib/ssl/src/tls_connection.hrl +++ b/lib/ssl/src/tls_connection.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2013. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/tls_connection_sup.erl b/lib/ssl/src/tls_connection_sup.erl index 7a637c212a..34579a8803 100644 --- a/lib/ssl/src/tls_connection_sup.erl +++ b/lib/ssl/src/tls_connection_sup.erl @@ -3,16 +3,17 @@  %%   %% Copyright Ericsson AB 2007-2014. All Rights Reserved.  %%  -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%%  -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%   %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/tls_handshake.erl b/lib/ssl/src/tls_handshake.erl index b0b6d5a8e3..0a6cb9f92d 100644 --- a/lib/ssl/src/tls_handshake.erl +++ b/lib/ssl/src/tls_handshake.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -78,12 +79,14 @@ client_hello(Host, Port, ConnectionStates,  %%--------------------------------------------------------------------  -spec hello(#server_hello{} | #client_hello{}, #ssl_options{},  	    #connection_states{} | {inet:port_number(), #session{}, db_handle(), -				    atom(), #connection_states{}, binary() | undefined}, +				    atom(), #connection_states{},  +				    binary() | undefined},  	    boolean()) -> -		   {tls_record:tls_version(), session_id(), #connection_states{}, binary() | undefined}| -		   {tls_record:tls_version(), {resumed | new, #session{}}, #connection_states{}, -		    [binary()] | undefined, -		    [ssl_handshake:oid()] | undefined, [ssl_handshake:oid()] | undefined} | +		   {tls_record:tls_version(), session_id(),  +		    #connection_states{}, alpn | npn, binary() | undefined}| +		   {tls_record:tls_version(), {resumed | new, #session{}},  +		    #connection_states{}, binary() | undefined,  +		    #hello_extensions{}} |  		   #alert{}.  %%  %% Description: Handles a recieved hello message @@ -246,8 +249,10 @@ handle_client_hello_extensions(Version, Type, Random, CipherSuites,      try ssl_handshake:handle_client_hello_extensions(tls_record, Random, CipherSuites,  						     HelloExt, Version, SslOpts,  						     Session0, ConnectionStates0, Renegotiation) of -	{Session, ConnectionStates, ServerHelloExt} -> -	    {Version, {Type, Session}, ConnectionStates, ServerHelloExt} +	#alert{} = Alert -> +	    Alert; +	{Session, ConnectionStates, Protocol, ServerHelloExt} -> +	    {Version, {Type, Session}, ConnectionStates, Protocol, ServerHelloExt}      catch throw:Alert ->  	    Alert      end. @@ -260,7 +265,7 @@ handle_server_hello_extensions(Version, SessionId, Random, CipherSuite,  						      SslOpt, ConnectionStates0, Renegotiation) of  	#alert{} = Alert ->  	    Alert; -	{ConnectionStates, Protocol} -> -	    {Version, SessionId, ConnectionStates, Protocol} +	{ConnectionStates, ProtoExt, Protocol} -> +	    {Version, SessionId, ConnectionStates, ProtoExt, Protocol}      end. diff --git a/lib/ssl/src/tls_handshake.hrl b/lib/ssl/src/tls_handshake.hrl index 1646e5b6f2..5867f9f9ff 100644 --- a/lib/ssl/src/tls_handshake.hrl +++ b/lib/ssl/src/tls_handshake.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2014. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl index 168b2c8fd3..1e266ed424 100644 --- a/lib/ssl/src/tls_record.erl +++ b/lib/ssl/src/tls_record.erl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -40,8 +41,9 @@  -export([encode_plain_text/4]).  %% Protocol version handling --export([protocol_version/1, lowest_protocol_version/2, -	 highest_protocol_version/1, is_higher/2, supported_protocol_versions/0, +-export([protocol_version/1,  lowest_protocol_version/1, lowest_protocol_version/2, +	 highest_protocol_version/1, highest_protocol_version/2, +	 is_higher/2, supported_protocol_versions/0,  	 is_acceptable_version/1, is_acceptable_version/2]).  -export_type([tls_version/0, tls_atom_version/0]). @@ -132,6 +134,23 @@ encode_plain_text(Type, Version, Data,  					    sequence_number = Seq,  					    compression_state=CompS0,  					    security_parameters= +						#security_parameters{ +						   cipher_type = ?AEAD, +						   compression_algorithm=CompAlg} +					   }= WriteState0} = ConnectionStates) -> +    {Comp, CompS1} = ssl_record:compress(CompAlg, Data, CompS0), +    WriteState1 = WriteState0#connection_state{compression_state = CompS1}, +    AAD = calc_aad(Type, Version, WriteState1), +    {CipherFragment, WriteState} = ssl_record:cipher_aead(Version, Comp, WriteState1, AAD), +    CipherText = encode_tls_cipher_text(Type, Version, CipherFragment), +    {CipherText, ConnectionStates#connection_states{current_write = WriteState#connection_state{sequence_number = Seq +1}}}; + +encode_plain_text(Type, Version, Data, +		  #connection_states{current_write = +					 #connection_state{ +					    sequence_number = Seq, +					    compression_state=CompS0, +					    security_parameters=  						#security_parameters{compression_algorithm=CompAlg}  					   }= WriteState0} = ConnectionStates) ->      {Comp, CompS1} = ssl_record:compress(CompAlg, Data, CompS0), @@ -154,14 +173,39 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version,  					     compression_state = CompressionS0,  					     sequence_number = Seq,  					     security_parameters= -						 #security_parameters{compression_algorithm = CompressAlg} +						 #security_parameters{ +						    cipher_type = ?AEAD, +						    compression_algorithm=CompAlg} +					    } = ReadState0} = ConnnectionStates0, _) -> +    AAD = calc_aad(Type, Version, ReadState0), +    case ssl_record:decipher_aead(Version, CipherFragment, ReadState0, AAD) of +	{PlainFragment, ReadState1} -> +	    {Plain, CompressionS1} = ssl_record:uncompress(CompAlg, +							   PlainFragment, CompressionS0), +	    ConnnectionStates = ConnnectionStates0#connection_states{ +				  current_read = ReadState1#connection_state{ +						   sequence_number = Seq + 1, +						   compression_state = CompressionS1}}, +	    {CipherText#ssl_tls{fragment = Plain}, ConnnectionStates}; +	#alert{} = Alert -> +	    Alert +    end; + +decode_cipher_text(#ssl_tls{type = Type, version = Version, +			    fragment = CipherFragment} = CipherText, +		   #connection_states{current_read = +					  #connection_state{ +					     compression_state = CompressionS0, +					     sequence_number = Seq, +					     security_parameters= +						 #security_parameters{compression_algorithm=CompAlg}  					    } = ReadState0} = ConnnectionStates0, PaddingCheck) ->      case ssl_record:decipher(Version, CipherFragment, ReadState0, PaddingCheck) of  	{PlainFragment, Mac, ReadState1} ->  	    MacHash = calc_mac_hash(Type, Version, PlainFragment, ReadState1),  	    case ssl_record:is_correct_mac(Mac, MacHash) of  		true -> -		    {Plain, CompressionS1} = ssl_record:uncompress(CompressAlg, +		    {Plain, CompressionS1} = ssl_record:uncompress(CompAlg,  								   PlainFragment, CompressionS0),  		    ConnnectionStates = ConnnectionStates0#connection_states{  					  current_read = ReadState1#connection_state{ @@ -214,6 +258,18 @@ lowest_protocol_version(Version = {M,_},      Version;  lowest_protocol_version(_,Version) ->      Version. + +%%-------------------------------------------------------------------- +-spec lowest_protocol_version([tls_version()]) -> tls_version(). +%%      +%% Description: Lowest protocol version present in a list +%%-------------------------------------------------------------------- +lowest_protocol_version([]) -> +    lowest_protocol_version(); +lowest_protocol_version(Versions) -> +    [Ver | Vers] = Versions, +    lowest_list_protocol_version(Ver, Vers). +  %%--------------------------------------------------------------------  -spec highest_protocol_version([tls_version()]) -> tls_version().  %%      @@ -223,19 +279,29 @@ highest_protocol_version([]) ->      highest_protocol_version();  highest_protocol_version(Versions) ->      [Ver | Vers] = Versions, -    highest_protocol_version(Ver, Vers). +    highest_list_protocol_version(Ver, Vers). -highest_protocol_version(Version, []) -> +%%-------------------------------------------------------------------- +-spec highest_protocol_version(tls_version(), tls_version()) -> tls_version(). +%%      +%% Description: Highest protocol version of two given versions  +%%-------------------------------------------------------------------- +highest_protocol_version(Version = {M, N}, {M, O})   when N > O -> +    Version; +highest_protocol_version({M, _},  +			Version = {M, _}) ->      Version; -highest_protocol_version(Version = {N, M}, [{N, O} | Rest])   when M > O -> -    highest_protocol_version(Version, Rest); -highest_protocol_version({M, _}, [Version = {M, _} | Rest]) -> -    highest_protocol_version(Version, Rest); -highest_protocol_version(Version = {M,_}, [{N,_} | Rest])  when M > N -> -    highest_protocol_version(Version, Rest); -highest_protocol_version(_, [Version | Rest]) -> -    highest_protocol_version(Version, Rest). +highest_protocol_version(Version = {M,_},  +			{N, _}) when M > N -> +    Version; +highest_protocol_version(_,Version) -> +    Version. +%%-------------------------------------------------------------------- +-spec is_higher(V1 :: tls_version(), V2::tls_version()) -> tls_version(). +%%      +%% Description: Is V1 > V2 +%%--------------------------------------------------------------------  is_higher({M, N}, {M, O}) when N > O ->      true;  is_higher({M, _}, {N, _}) when M > N -> @@ -276,8 +342,17 @@ supported_protocol_versions([]) ->      Vsns;  supported_protocol_versions([_|_] = Vsns) -> -    Vsns. - +    case sufficient_tlsv1_2_crypto_support() of +	true ->  +	    Vsns; +	false -> +	    case Vsns -- ['tlsv1.2'] of +		[] -> +		    ?MIN_SUPPORTED_VERSIONS; +		NewVsns -> +		    NewVsns +	    end +    end.  %%--------------------------------------------------------------------  %%       %% Description: ssl version 2 is not acceptable security risks are too big. @@ -300,6 +375,17 @@ is_acceptable_version(_,_) ->  %%--------------------------------------------------------------------  %%% Internal functions  %%-------------------------------------------------------------------- + +lowest_list_protocol_version(Ver, []) -> +    Ver; +lowest_list_protocol_version(Ver1,  [Ver2 | Rest]) -> +    lowest_list_protocol_version(lowest_protocol_version(Ver1, Ver2), Rest). + +highest_list_protocol_version(Ver, []) -> +    Ver; +highest_list_protocol_version(Ver1,  [Ver2 | Rest]) -> +    highest_list_protocol_version(highest_protocol_version(Ver1, Ver2), Rest). +  encode_tls_cipher_text(Type, {MajVer, MinVer}, Fragment) ->      Length = erlang:iolist_size(Fragment),      [<<?BYTE(Type), ?BYTE(MajVer), ?BYTE(MinVer), ?UINT16(Length)>>, Fragment]. @@ -318,6 +404,10 @@ mac_hash({3, N} = Version, MacAlg, MacSecret, SeqNo, Type, Length, Fragment)  highest_protocol_version() ->      highest_protocol_version(supported_protocol_versions()). +lowest_protocol_version() -> +    lowest_protocol_version(supported_protocol_versions()). + +  sufficient_tlsv1_2_crypto_support() ->      CryptoSupport = crypto:supports(),      proplists:get_bool(sha256, proplists:get_value(hashs, CryptoSupport)). @@ -331,3 +421,7 @@ calc_mac_hash(Type, Version,      mac_hash(Version, SecPars#security_parameters.mac_algorithm,  	     MacSecret, SeqNo, Type,  	     Length, PlainFragment). + +calc_aad(Type, {MajVer, MinVer}, +	 #connection_state{sequence_number = SeqNo}) -> +    <<SeqNo:64/integer, ?BYTE(Type), ?BYTE(MajVer), ?BYTE(MinVer)>>. diff --git a/lib/ssl/src/tls_record.hrl b/lib/ssl/src/tls_record.hrl index 30d7343074..3c5cdd3f7a 100644 --- a/lib/ssl/src/tls_record.hrl +++ b/lib/ssl/src/tls_record.hrl @@ -3,16 +3,17 @@  %%  %% Copyright Ericsson AB 2013-2013. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. -%% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl index 7a5f9c1b38..71e5f349dd 100644 --- a/lib/ssl/src/tls_v1.erl +++ b/lib/ssl/src/tls_v1.erl @@ -1,18 +1,19 @@  %%  %% %CopyrightBegin%  %% -%% Copyright Ericsson AB 2007-2014. All Rights Reserved. +%% Copyright Ericsson AB 2007-2015. All Rights Reserved.  %% -%% The contents of this file are subject to the Erlang Public License, -%% Version 1.1, (the "License"); you may not use this file except in -%% compliance with the License. You should have received a copy of the -%% Erlang Public License along with this software. If not, it can be -%% retrieved online at http://www.erlang.org/. +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at  %% -%% Software distributed under the License is distributed on an "AS IS" -%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -%% the License for the specific language governing rights and limitations -%% under the License. +%%     http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License.  %%  %% %CopyrightEnd%  %% @@ -208,38 +209,55 @@ suites(Minor) when Minor == 1; Minor == 2 ->        ?TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,        ?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,        ?TLS_RSA_WITH_AES_128_CBC_SHA, - -      ?TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, -      ?TLS_ECDHE_RSA_WITH_RC4_128_SHA, -      ?TLS_RSA_WITH_RC4_128_SHA, -      ?TLS_RSA_WITH_RC4_128_MD5,        ?TLS_DHE_RSA_WITH_DES_CBC_SHA, -      ?TLS_ECDH_ECDSA_WITH_RC4_128_SHA, -      ?TLS_ECDH_RSA_WITH_RC4_128_SHA, -        ?TLS_RSA_WITH_DES_CBC_SHA      ];  suites(3) ->      [ +     ?TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, +     ?TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + +     ?TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, +     ?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,       ?TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,       ?TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, +     ?TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, +     ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,       ?TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,       ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, +     ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, +     ?TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, +     ?TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,       ?TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,       ?TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, +     ?TLS_RSA_WITH_AES_256_GCM_SHA384,       ?TLS_RSA_WITH_AES_256_CBC_SHA256, +     ?TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, +     ?TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,       ?TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,       ?TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, +     ?TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, +     ?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,       ?TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,       ?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, +     ?TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, +     ?TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,       ?TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,       ?TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, +     ?TLS_RSA_WITH_AES_128_GCM_SHA256,       ?TLS_RSA_WITH_AES_128_CBC_SHA256 + +     %% not supported +     %% ?TLS_DH_RSA_WITH_AES_256_GCM_SHA384, +     %% ?TLS_DH_DSS_WITH_AES_256_GCM_SHA384, +     %% ?TLS_DH_RSA_WITH_AES_128_GCM_SHA256, +     %% ?TLS_DH_DSS_WITH_AES_128_GCM_SHA256      ] ++ suites(2). +  %%--------------------------------------------------------------------  %%% Internal functions  %%-------------------------------------------------------------------- | 
