Commit 95dc4cc1 authored by Jannik Hoelling's avatar Jannik Hoelling
Browse files

bearssl swap SNI to callback

parent fedcabb4
#include "server.h"
/*#define CHECK(x) x; \
err = br_ssl_engine_last_error(&sc.eng); \
if(err != BR_ERR_OK ) { \
fprintf(stderr, "SSL ERROR: %d\n", err);\
}*/
#define CHECK(x) x;
const char *servername = "tls-server";
int main(int argc, char *argv[]) {
// Disable buffering on stdout so docker output is shown
setbuf(stdout, NULL);
const char *alpn = "http/1.1";
const char *servername = "tls-server";
const char *port = "4433";
int wrong_certificate = 0;
/* Get commandline arguments */
......@@ -82,17 +77,32 @@ int main(int argc, char *argv[]) {
br_ssl_server_init_full_rsa(&sc, CHAIN, CHAIN_LEN, &RSA);
}
/* from bearssl-0.6/src/ssl/br_ssl_server_set_single_rsa.c
normally gets called by br_ssl_server_init_full_rsa that then calls br_ssl_server_set_single_rsa
change policy handler to a custom one
sr_choose overrides the method that processes the ClientHello and chooses certificates, cipher suited etc.
*/
static const br_ssl_server_policy_class sr_policy_vtable = {
sizeof(br_ssl_server_policy_rsa_context),
sr_choose,
sr_do_keyx,
sr_do_sign};
(&sc)->chain_handler.single_rsa.vtable = &sr_policy_vtable;
(&sc)->policy_vtable = &(&sc)->chain_handler.single_rsa.vtable;
/* Set TLS 1.2 */
br_ssl_engine_set_versions(&sc.eng, BR_TLS12, BR_TLS12);
/*
* Set the I/O buffer to the provided array. We
* allocated a buffer large enough for full-duplex
* behaviour with all allowed sizes of SSL records,
* hence we set the last argument to 1 (which means
* "split the buffer into separate input and output
* areas").
*/
* Set the I/O buffer to the provided array. We
* allocated a buffer large enough for full-duplex
* behaviour with all allowed sizes of SSL records,
* hence we set the last argument to 1 (which means
* "split the buffer into separate input and output
* areas").
*/
br_ssl_engine_set_buffer(&sc.eng, iobuf, sizeof iobuf, 1);
/* set ALPN */
......@@ -103,27 +113,16 @@ int main(int argc, char *argv[]) {
br_ssl_engine_add_flags(&sc.eng, BR_OPT_FAIL_ON_ALPN_MISMATCH);
/*
* Reset the server context, for a new handshake.
*/
* Reset the server context, for a new handshake.
*/
br_ssl_server_reset(&sc);
/*
* Initialise the simplified I/O wrapper context.
*/
* Initialise the simplified I/O wrapper context.
*/
br_sslio_init(&ioc, &sc.eng, sock_read, &cfd, sock_write, &cfd);
br_sslio_flush(&ioc);
// SNI
const char *servername_received = br_ssl_engine_get_server_name(&sc.eng);
if (strcmp(servername, servername_received) != 0) {
fprintf(stderr, "Invalid SNI received: %s\n", servername_received);
br_sslio_close(&ioc);
close(cfd);
continue;
} else {
printf("SNI received: %s\n", servername_received);
}
for (;;) {
// get message from client
int rlen = br_sslio_read(&ioc, tmp, sizeof tmp);
......
......@@ -34,8 +34,144 @@
#include <sys/types.h>
#include <unistd.h>
#include "bearssl.h"
/* from bearssl-0.6/src/ssl/ssl_hashes.c */
int br_ssl_choose_hash(unsigned bf) {
static const unsigned char pref[] = {
br_sha256_ID, br_sha384_ID, br_sha512_ID,
br_sha224_ID, br_sha1_ID};
size_t u;
for (u = 0; u < sizeof pref; u++) {
int x;
x = pref[u];
if ((bf >> x) & 1) {
return x;
}
}
return 0;
}
/* from bearssl-0.6/src/ssl/br_ssl_server_set_single_rsa.c */
static int
sr_choose(const br_ssl_server_policy_class **pctx,
const br_ssl_server_context *cc,
br_ssl_server_choices *choices) {
br_ssl_server_policy_rsa_context *pc;
const br_suite_translated *st;
size_t u, st_num;
unsigned hash_id;
int fh;
/* verify SNI extension */
const char *servername_received = br_ssl_engine_get_server_name(&cc->eng);
if (strcmp("tls-server", servername_received) != 0) {
fprintf(stderr, "\n Invalid SNI received: %s\n", servername_received);
return 0;
} else {
printf("\n SNI received: %s\n", servername_received);
}
//printf("workign fine %s \n", name);
pc = (br_ssl_server_policy_rsa_context *)pctx;
st = br_ssl_server_get_client_suites(cc, &st_num);
if (cc->eng.session.version < BR_TLS12) {
hash_id = 0;
fh = 1;
} else {
hash_id = br_ssl_choose_hash(
br_ssl_server_get_client_hashes(cc));
fh = (hash_id != 0);
}
choices->chain = pc->chain;
choices->chain_len = pc->chain_len;
for (u = 0; u < st_num; u++) {
unsigned tt;
tt = st[u][1];
switch (tt >> 12) {
case BR_SSLKEYX_RSA:
if ((pc->allowed_usages & BR_KEYTYPE_KEYX) != 0) {
choices->cipher_suite = st[u][0];
return 1;
}
break;
case BR_SSLKEYX_ECDHE_RSA:
if ((pc->allowed_usages & BR_KEYTYPE_SIGN) != 0 && fh) {
choices->cipher_suite = st[u][0];
choices->algo_id = hash_id + 0xFF00;
return 1;
}
break;
}
}
return 0;
}
static uint32_t
sr_do_keyx(const br_ssl_server_policy_class **pctx,
unsigned char *data, size_t *len) {
br_ssl_server_policy_rsa_context *pc;
pc = (br_ssl_server_policy_rsa_context *)pctx;
return br_rsa_ssl_decrypt(pc->irsacore, pc->sk, data, *len);
}
/*
* OID for hash functions in RSA signatures.
*/
static const unsigned char HASH_OID_SHA1[] = {
0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A};
static const unsigned char HASH_OID_SHA224[] = {
0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04};
static const unsigned char HASH_OID_SHA256[] = {
0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01};
static const unsigned char HASH_OID_SHA384[] = {
0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02};
static const unsigned char HASH_OID_SHA512[] = {
0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03};
static const unsigned char *HASH_OID[] = {
HASH_OID_SHA1,
HASH_OID_SHA224,
HASH_OID_SHA256,
HASH_OID_SHA384,
HASH_OID_SHA512};
static size_t
sr_do_sign(const br_ssl_server_policy_class **pctx,
unsigned algo_id, unsigned char *data, size_t hv_len, size_t len) {
br_ssl_server_policy_rsa_context *pc;
unsigned char hv[64];
size_t sig_len;
const unsigned char *hash_oid;
pc = (br_ssl_server_policy_rsa_context *)pctx;
memcpy(hv, data, hv_len);
algo_id &= 0xFF;
if (algo_id == 0) {
hash_oid = NULL;
} else if (algo_id >= 2 && algo_id <= 6) {
hash_oid = HASH_OID[algo_id - 2];
} else {
return 0;
}
sig_len = (pc->sk->n_bitlen + 7) >> 3;
if (len < sig_len) {
return 0;
}
return pc->irsasign(hash_oid, hv, hv_len, pc->sk, data) ? sig_len : 0;
}
/*
brssl chain tls-server-chain.crt
brssl skey -C tls-server.key
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment