crypto: Implement TLS Pre-Shared Keys (PSK).

crypto-obj-$(CONFIG_AF_ALG) += hash-afalg.o

crypto-obj-y += tlscreds.o

crypto-obj-y += tlscredsanon.o

crypto-obj-y += tlscredspsk.o

crypto-obj-y += tlscredsx509.o

crypto-obj-y += tlssession.o

crypto-obj-y += secret.o

/*

 * QEMU crypto TLS Pre-Shared Keys (PSK) support

 *

 * Copyright (c) 2018 Red Hat, Inc.

 *

 * This library is free software; you can redistribute it and/or

 * modify it under the terms of the GNU Lesser General Public

 * License as published by the Free Software Foundation; either

 * version 2 of the License, or (at your option) any later version.

 *

 * This library is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

 * Lesser General Public License for more details.

 *

 * You should have received a copy of the GNU Lesser General Public

 * License along with this library; if not, see <http://www.gnu.org/licenses/>.

 *

 */

#include "qemu/osdep.h"

#include "crypto/tlscredspsk.h"

#include "tlscredspriv.h"

#include "qapi/error.h"

#include "qom/object_interfaces.h"

#include "trace.h"

#ifdef CONFIG_GNUTLS

static int

lookup_key(const char *pskfile, const char *username, gnutls_datum_t *key,

           Error **errp)

{

    const size_t ulen = strlen(username);

    GError *gerr = NULL;

    char *content = NULL;

    char **lines = NULL;

    size_t clen = 0, i;

    int ret = -1;

    if (!g_file_get_contents(pskfile, &content, &clen, &gerr)) {

        error_setg(errp, "Cannot read PSK file %s: %s",

                   pskfile, gerr->message);

        g_error_free(gerr);

        return -1;

    }

    lines = g_strsplit(content, "\n", -1);

    for (i = 0; lines[i] != NULL; ++i) {

        if (strncmp(lines[i], username, ulen) == 0 && lines[i][ulen] == ':') {

            key->data = (unsigned char *) g_strdup(&lines[i][ulen + 1]);

            key->size = strlen(lines[i]) - ulen - 1;

            ret = 0;

            goto out;

        }

    }

    error_setg(errp, "Username %s not found in PSK file %s",

               username, pskfile);

 out:

    free(content);

    g_strfreev(lines);

    return ret;

}

static int

qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,

                           Error **errp)

{

    char *pskfile = NULL, *dhparams = NULL;

    const char *username;

    int ret;

    int rv = -1;

    gnutls_datum_t key = { .data = NULL };

    trace_qcrypto_tls_creds_psk_load(creds,

            creds->parent_obj.dir ? creds->parent_obj.dir : "<nodir>");

    if (creds->parent_obj.endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {

        if (creds->username) {

            error_setg(errp, "username should not be set when endpoint=server");

            goto cleanup;

        }

        if (qcrypto_tls_creds_get_path(&creds->parent_obj,

                                       QCRYPTO_TLS_CREDS_DH_PARAMS,

                                       false, &dhparams, errp) < 0 ||

            qcrypto_tls_creds_get_path(&creds->parent_obj,

                                       QCRYPTO_TLS_CREDS_PSKFILE,

                                       true, &pskfile, errp) < 0) {

            goto cleanup;

        }

        ret = gnutls_psk_allocate_server_credentials(&creds->data.server);

        if (ret < 0) {

            error_setg(errp, "Cannot allocate credentials: %s",

                       gnutls_strerror(ret));

            goto cleanup;

        }

        if (qcrypto_tls_creds_get_dh_params_file(&creds->parent_obj, dhparams,

                                                 &creds->parent_obj.dh_params,

                                                 errp) < 0) {

            goto cleanup;

        }

        gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);

        gnutls_psk_set_server_dh_params(creds->data.server,

                                        creds->parent_obj.dh_params);

    } else {

        if (qcrypto_tls_creds_get_path(&creds->parent_obj,

                                       QCRYPTO_TLS_CREDS_PSKFILE,

                                       true, &pskfile, errp) < 0) {

            goto cleanup;

        }

        if (creds->username) {

            username = creds->username;

        } else {

            username = "qemu";

        }

        if (lookup_key(pskfile, username, &key, errp) != 0) {

            goto cleanup;

        }

        ret = gnutls_psk_allocate_client_credentials(&creds->data.client);

        if (ret < 0) {

            error_setg(errp, "Cannot allocate credentials: %s",

                       gnutls_strerror(ret));

            goto cleanup;

        }

        gnutls_psk_set_client_credentials(creds->data.client,

                                          username, &key, GNUTLS_PSK_KEY_HEX);

    }

    rv = 0;

 cleanup:

    g_free(key.data);

    g_free(pskfile);

    g_free(dhparams);

    return rv;

}

static void

qcrypto_tls_creds_psk_unload(QCryptoTLSCredsPSK *creds)

{

    if (creds->parent_obj.endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT) {

        if (creds->data.client) {

            gnutls_psk_free_client_credentials(creds->data.client);

            creds->data.client = NULL;

        }

    } else {

        if (creds->data.server) {

            gnutls_psk_free_server_credentials(creds->data.server);

            creds->data.server = NULL;

        }

    }

    if (creds->parent_obj.dh_params) {

        gnutls_dh_params_deinit(creds->parent_obj.dh_params);

        creds->parent_obj.dh_params = NULL;

    }

}

#else /* ! CONFIG_GNUTLS */

static void

qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds G_GNUC_UNUSED,

                           Error **errp)

{

    error_setg(errp, "TLS credentials support requires GNUTLS");

}

static void

qcrypto_tls_creds_psk_unload(QCryptoTLSCredsPSK *creds G_GNUC_UNUSED)

{

    /* nada */

}

#endif /* ! CONFIG_GNUTLS */

static void

qcrypto_tls_creds_psk_prop_set_loaded(Object *obj,

                                      bool value,

                                      Error **errp)

{

    QCryptoTLSCredsPSK *creds = QCRYPTO_TLS_CREDS_PSK(obj);

    if (value) {

        qcrypto_tls_creds_psk_load(creds, errp);

    } else {

        qcrypto_tls_creds_psk_unload(creds);

    }

}

#ifdef CONFIG_GNUTLS

static bool

qcrypto_tls_creds_psk_prop_get_loaded(Object *obj,

                                      Error **errp G_GNUC_UNUSED)

{

    QCryptoTLSCredsPSK *creds = QCRYPTO_TLS_CREDS_PSK(obj);

    if (creds->parent_obj.endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {

        return creds->data.server != NULL;

    } else {

        return creds->data.client != NULL;

    }

}

#else /* ! CONFIG_GNUTLS */

static bool

qcrypto_tls_creds_psk_prop_get_loaded(Object *obj G_GNUC_UNUSED,

                                      Error **errp G_GNUC_UNUSED)

{

    return false;

}

#endif /* ! CONFIG_GNUTLS */

static void

qcrypto_tls_creds_psk_complete(UserCreatable *uc, Error **errp)

{

    object_property_set_bool(OBJECT(uc), true, "loaded", errp);

}

static void

qcrypto_tls_creds_psk_finalize(Object *obj)

{

    QCryptoTLSCredsPSK *creds = QCRYPTO_TLS_CREDS_PSK(obj);

    qcrypto_tls_creds_psk_unload(creds);

}

static void

qcrypto_tls_creds_psk_prop_set_username(Object *obj,

                                        const char *value,

                                        Error **errp G_GNUC_UNUSED)

{

    QCryptoTLSCredsPSK *creds = QCRYPTO_TLS_CREDS_PSK(obj);

    creds->username = g_strdup(value);

}

static char *

qcrypto_tls_creds_psk_prop_get_username(Object *obj,

                                        Error **errp G_GNUC_UNUSED)

{

    QCryptoTLSCredsPSK *creds = QCRYPTO_TLS_CREDS_PSK(obj);

    return g_strdup(creds->username);

}

static void

qcrypto_tls_creds_psk_class_init(ObjectClass *oc, void *data)

{

    UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);

    ucc->complete = qcrypto_tls_creds_psk_complete;

    object_class_property_add_bool(oc, "loaded",

                                   qcrypto_tls_creds_psk_prop_get_loaded,

                                   qcrypto_tls_creds_psk_prop_set_loaded,

                                   NULL);

    object_class_property_add_str(oc, "username",

                                  qcrypto_tls_creds_psk_prop_get_username,

                                  qcrypto_tls_creds_psk_prop_set_username,

                                  NULL);

}

static const TypeInfo qcrypto_tls_creds_psk_info = {

    .parent = TYPE_QCRYPTO_TLS_CREDS,

    .name = TYPE_QCRYPTO_TLS_CREDS_PSK,

    .instance_size = sizeof(QCryptoTLSCredsPSK),

    .instance_finalize = qcrypto_tls_creds_psk_finalize,

    .class_size = sizeof(QCryptoTLSCredsPSKClass),

    .class_init = qcrypto_tls_creds_psk_class_init,

    .interfaces = (InterfaceInfo[]) {

        { TYPE_USER_CREATABLE },

        { }

    }

};

static void

qcrypto_tls_creds_psk_register_types(void)

{

    type_register_static(&qcrypto_tls_creds_psk_info);

}

type_init(qcrypto_tls_creds_psk_register_types);

#include "qemu/osdep.h"

#include "crypto/tlssession.h"

#include "crypto/tlscredsanon.h"

#include "crypto/tlscredspsk.h"

#include "crypto/tlscredsx509.h"

#include "qapi/error.h"

#include "qemu/acl.h"

    return session->readFunc(buf, len, session->opaque);

}

#define TLS_PRIORITY_ADDITIONAL_ANON "+ANON-DH"

#if GNUTLS_VERSION_MAJOR >= 3

#define TLS_ECDHE_PSK "+ECDHE-PSK:"

#else

#define TLS_ECDHE_PSK ""

#endif

#define TLS_PRIORITY_ADDITIONAL_PSK TLS_ECDHE_PSK "+DHE-PSK:+PSK"

QCryptoTLSSession *

qcrypto_tls_session_new(QCryptoTLSCreds *creds,

        char *prio;

        if (creds->priority != NULL) {

            prio = g_strdup_printf("%s:+ANON-DH", creds->priority);

            prio = g_strdup_printf("%s:%s",

                                   creds->priority,

                                   TLS_PRIORITY_ADDITIONAL_ANON);

        } else {

            prio = g_strdup(CONFIG_TLS_PRIORITY ":+ANON-DH");

            prio = g_strdup(CONFIG_TLS_PRIORITY ":"

                            TLS_PRIORITY_ADDITIONAL_ANON);

        }

        ret = gnutls_priority_set_direct(session->handle, prio, NULL);

                       gnutls_strerror(ret));

            goto error;

        }

    } else if (object_dynamic_cast(OBJECT(creds),

                                   TYPE_QCRYPTO_TLS_CREDS_PSK)) {

        QCryptoTLSCredsPSK *pcreds = QCRYPTO_TLS_CREDS_PSK(creds);

        char *prio;

        if (creds->priority != NULL) {

            prio = g_strdup_printf("%s:%s",

                                   creds->priority,

                                   TLS_PRIORITY_ADDITIONAL_PSK);

        } else {

            prio = g_strdup(CONFIG_TLS_PRIORITY ":"

                            TLS_PRIORITY_ADDITIONAL_PSK);

        }

        ret = gnutls_priority_set_direct(session->handle, prio, NULL);

        if (ret < 0) {

            error_setg(errp, "Unable to set TLS session priority %s: %s",

                       prio, gnutls_strerror(ret));

            g_free(prio);

            goto error;

        }

        g_free(prio);

        if (creds->endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {

            ret = gnutls_credentials_set(session->handle,

                                         GNUTLS_CRD_PSK,

                                         pcreds->data.server);

        } else {

            ret = gnutls_credentials_set(session->handle,

                                         GNUTLS_CRD_PSK,

                                         pcreds->data.client);

        }

        if (ret < 0) {

            error_setg(errp, "Cannot set session credentials: %s",

                       gnutls_strerror(ret));

            goto error;

        }

    } else if (object_dynamic_cast(OBJECT(creds),

                                   TYPE_QCRYPTO_TLS_CREDS_X509)) {

        QCryptoTLSCredsX509 *tcreds = QCRYPTO_TLS_CREDS_X509(creds);

                            TYPE_QCRYPTO_TLS_CREDS_ANON)) {

        trace_qcrypto_tls_session_check_creds(session, "nop");

        return 0;

    } else if (object_dynamic_cast(OBJECT(session->creds),

                            TYPE_QCRYPTO_TLS_CREDS_PSK)) {

        trace_qcrypto_tls_session_check_creds(session, "nop");

        return 0;

    } else if (object_dynamic_cast(OBJECT(session->creds),

                            TYPE_QCRYPTO_TLS_CREDS_X509)) {

        if (session->creds->verifyPeer) {

# crypto/tlscredsanon.c

qcrypto_tls_creds_anon_load(void *creds, const char *dir) "TLS creds anon load creds=%p dir=%s"

# crypto/tlscredspsk.c

qcrypto_tls_creds_psk_load(void *creds, const char *dir) "TLS creds psk load creds=%p dir=%s"

# crypto/tlscredsx509.c

qcrypto_tls_creds_x509_load(void *creds, const char *dir) "TLS creds x509 load creds=%p dir=%s"

qcrypto_tls_creds_x509_check_basic_constraints(void *creds, const char *file, int status) "TLS creds x509 check basic constraints creds=%p file=%s status=%d"

/*

 * QEMU crypto TLS Pre-Shared Key (PSK) support

 *

 * Copyright (c) 2018 Red Hat, Inc.

 *

 * This library is free software; you can redistribute it and/or

 * modify it under the terms of the GNU Lesser General Public

 * License as published by the Free Software Foundation; either

 * version 2 of the License, or (at your option) any later version.

 *

 * This library is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

 * Lesser General Public License for more details.

 *

 * You should have received a copy of the GNU Lesser General Public

 * License along with this library; if not, see <http://www.gnu.org/licenses/>.

 *

 */

#ifndef QCRYPTO_TLSCREDSPSK_H

#define QCRYPTO_TLSCREDSPSK_H

#include "crypto/tlscreds.h"

#define TYPE_QCRYPTO_TLS_CREDS_PSK "tls-creds-psk"

#define QCRYPTO_TLS_CREDS_PSK(obj)                  \

    OBJECT_CHECK(QCryptoTLSCredsPSK, (obj), TYPE_QCRYPTO_TLS_CREDS_PSK)

typedef struct QCryptoTLSCredsPSK QCryptoTLSCredsPSK;

typedef struct QCryptoTLSCredsPSKClass QCryptoTLSCredsPSKClass;

#define QCRYPTO_TLS_CREDS_PSKFILE "keys.psk"

/**

 * QCryptoTLSCredsPSK:

 *

 * The QCryptoTLSCredsPSK object provides a representation

 * of the Pre-Shared Key credential used to perform a TLS handshake.

 *

 * This is a user creatable object, which can be instantiated

 * via object_new_propv():

 *

 * <example>

 *   <title>Creating TLS-PSK credential objects in code</title>

 *   <programlisting>

 *   Object *obj;

 *   Error *err = NULL;

 *   obj = object_new_propv(TYPE_QCRYPTO_TLS_CREDS_PSK,

 *                          "tlscreds0",

 *                          &err,

 *                          "dir", "/path/to/dir",

 *                          "endpoint", "client",

 *                          NULL);

 *   </programlisting>

 * </example>

 *

 * Or via QMP:

 *

 * <example>

 *   <title>Creating TLS-PSK credential objects via QMP</title>

 *   <programlisting>

 *    {

 *       "execute": "object-add", "arguments": {

 *          "id": "tlscreds0",

 *          "qom-type": "tls-creds-psk",

 *          "props": {

 *             "dir": "/path/to/dir",

 *             "endpoint": "client"

 *          }

 *       }

 *    }

 *   </programlisting>

 * </example>

 *

 * Or via the CLI:

 *

 * <example>

 *   <title>Creating TLS-PSK credential objects via CLI</title>

 *   <programlisting>

 *  qemu-system-x86_64 --object tls-creds-psk,id=tlscreds0,\

 *          endpoint=client,dir=/path/to/dir[,username=qemu]

 *   </programlisting>

 * </example>

 *

 * The PSK file can be created and managed using psktool.

 */

struct QCryptoTLSCredsPSK {

    QCryptoTLSCreds parent_obj;

    char *username;

#ifdef CONFIG_GNUTLS

    union {

        gnutls_psk_server_credentials_t server;

        gnutls_psk_client_credentials_t client;

    } data;

#endif

};

struct QCryptoTLSCredsPSKClass {

    QCryptoTLSCredsClass parent_class;

};

#endif /* QCRYPTO_TLSCREDSPSK_H */