Google Git
Sign in
webrtc / src / / 5ed4da7222372cf59e5525bb3b59a90c0d4fa2ff / . / rtc_base / openssl_stream_adapter.cc
blob: 9fd8c8f3953e3bde0e863755cf6dc01588df84ef [file] [log] [blame]
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1/*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]11#include "rtc_base/openssl_stream_adapter.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]12
13#include <openssl/bio.h>
14#include <openssl/crypto.h>
15#include <openssl/err.h>
16#include <openssl/rand.h>
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36[diff] [blame]17#include <openssl/tls1.h>
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]18#include <openssl/x509v3.h>
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]19
20#include "absl/strings/string_view.h"
torbjorngaad67802016-04-07 15:55:28[diff] [blame]21#ifndef OPENSSL_IS_BORINGSSL
22#include <openssl/dtls1.h>
ssarohabbfed522016-12-12 02:42:07[diff] [blame]23#include <openssl/ssl.h>
torbjorngaad67802016-04-07 15:55:28[diff] [blame]24#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]25
Guido Urdaneta14bba6e2020-09-25 14:00:51[diff] [blame]26#include <atomic>
jbauch555604a2016-04-26 10:13:22[diff] [blame]27#include <memory>
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]28#include <utility>
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]29#include <vector>
30
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]31#include "api/array_view.h"
Mirko Bonadei92ea95e2017-09-15 04:47:31[diff] [blame]32#include "rtc_base/checks.h"
33#include "rtc_base/logging.h"
Karl Wiberge40468b2017-11-22 09:42:26[diff] [blame]34#include "rtc_base/numerics/safe_conversions.h"
Mirko Bonadei92ea95e2017-09-15 04:47:31[diff] [blame]35#include "rtc_base/openssl.h"
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]36#include "rtc_base/openssl_adapter.h"
37#include "rtc_base/openssl_digest.h"
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]38#ifdef OPENSSL_IS_BORINGSSL
39#include "rtc_base/boringssl_identity.h"
40#else
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]41#include "rtc_base/openssl_identity.h"
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]42#endif
43#include "rtc_base/openssl_utility.h"
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]44#include "rtc_base/ssl_certificate.h"
Mirko Bonadei92ea95e2017-09-15 04:47:31[diff] [blame]45#include "rtc_base/stream.h"
Philipp Hancke117e6922022-06-17 12:14:55[diff] [blame]46#include "rtc_base/string_encode.h"
Mirko Bonadei92ea95e2017-09-15 04:47:31[diff] [blame]47#include "rtc_base/thread.h"
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]48#include "rtc_base/time_utils.h"
Harald Alvestrand13799132020-03-09 18:39:36[diff] [blame]49#include "system_wrappers/include/field_trial.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]50
Jiawei Oua9c94d52018-01-31 07:05:07[diff] [blame]51#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
52#error "webrtc requires at least OpenSSL version 1.1.0, to support DTLS-SRTP"
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]53#endif
54
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]55// Defines for the TLS Cipher Suite Map.
56#define DEFINE_CIPHER_ENTRY_SSL3(name) \
57 { SSL3_CK_##name, "TLS_" #name }
58#define DEFINE_CIPHER_ENTRY_TLS1(name) \
59 { TLS1_CK_##name, "TLS_" #name }
60
61namespace rtc {
62namespace {
Danil Chapovalov5286dcf2022-07-18 15:04:56[diff] [blame]63using ::webrtc::SafeTask;
Artem Titov96e3b992021-07-26 14:03:14[diff] [blame]64// SRTP cipher suite table. `internal_name` is used to construct a
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]65// colon-separated profile strings which is needed by
66// SSL_CTX_set_tlsext_use_srtp().
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]67struct SrtpCipherMapEntry {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]68 const char* internal_name;
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]69 const int id;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]70};
71
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]72// Cipher name table. Maps internal OpenSSL cipher ids to the RFC name.
73struct SslCipherMapEntry {
74 uint32_t openssl_id;
75 const char* rfc_name;
76};
77
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]78// This isn't elegant, but it's better than an external reference
79constexpr SrtpCipherMapEntry kSrtpCipherMap[] = {
Mirko Bonadei7750d802021-07-26 15:27:42[diff] [blame]80 {"SRTP_AES128_CM_SHA1_80", kSrtpAes128CmSha1_80},
81 {"SRTP_AES128_CM_SHA1_32", kSrtpAes128CmSha1_32},
82 {"SRTP_AEAD_AES_128_GCM", kSrtpAeadAes128Gcm},
83 {"SRTP_AEAD_AES_256_GCM", kSrtpAeadAes256Gcm}};
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]84
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]85#ifndef OPENSSL_IS_BORINGSSL
David Benjamin3c1f05d2017-12-01 22:28:03[diff] [blame]86// The "SSL_CIPHER_standard_name" function is only available in OpenSSL when
87// compiled with tracing, so we need to define the mapping manually here.
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]88constexpr SslCipherMapEntry kSslCipherMap[] = {
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]89 // TLS v1.0 ciphersuites from RFC2246.
90 DEFINE_CIPHER_ENTRY_SSL3(RSA_RC4_128_SHA),
91 {SSL3_CK_RSA_DES_192_CBC3_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"},
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]92
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]93 // AES ciphersuites from RFC3268.
94 {TLS1_CK_RSA_WITH_AES_128_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA"},
95 {TLS1_CK_DHE_RSA_WITH_AES_128_SHA, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"},
96 {TLS1_CK_RSA_WITH_AES_256_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA"},
97 {TLS1_CK_DHE_RSA_WITH_AES_256_SHA, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"},
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]98
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]99 // ECC ciphersuites from RFC4492.
100 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_RC4_128_SHA),
101 {TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
102 "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"},
103 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_128_CBC_SHA),
104 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_256_CBC_SHA),
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]105
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]106 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_RC4_128_SHA),
107 {TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
108 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"},
109 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_128_CBC_SHA),
110 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_256_CBC_SHA),
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]111
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]112 // TLS v1.2 ciphersuites.
113 {TLS1_CK_RSA_WITH_AES_128_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256"},
114 {TLS1_CK_RSA_WITH_AES_256_SHA256, "TLS_RSA_WITH_AES_256_CBC_SHA256"},
115 {TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
116 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"},
117 {TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
118 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"},
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]119
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]120 // TLS v1.2 GCM ciphersuites from RFC5288.
121 DEFINE_CIPHER_ENTRY_TLS1(RSA_WITH_AES_128_GCM_SHA256),
122 DEFINE_CIPHER_ENTRY_TLS1(RSA_WITH_AES_256_GCM_SHA384),
123 DEFINE_CIPHER_ENTRY_TLS1(DHE_RSA_WITH_AES_128_GCM_SHA256),
124 DEFINE_CIPHER_ENTRY_TLS1(DHE_RSA_WITH_AES_256_GCM_SHA384),
125 DEFINE_CIPHER_ENTRY_TLS1(DH_RSA_WITH_AES_128_GCM_SHA256),
126 DEFINE_CIPHER_ENTRY_TLS1(DH_RSA_WITH_AES_256_GCM_SHA384),
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]127
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]128 // ECDH HMAC based ciphersuites from RFC5289.
129 {TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
130 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"},
131 {TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
132 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"},
133 {TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
134 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"},
135 {TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
136 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"},
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]137
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]138 // ECDH GCM based ciphersuites from RFC5289.
139 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256),
140 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_256_GCM_SHA384),
141 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_128_GCM_SHA256),
142 DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_256_GCM_SHA384),
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]143
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]144 {0, nullptr}};
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]145#endif // #ifndef OPENSSL_IS_BORINGSSL
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36[diff] [blame]146
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]147#ifdef OPENSSL_IS_BORINGSSL
148// Enabled by EnableTimeCallbackForTesting. Should never be set in production
149// code.
150bool g_use_time_callback_for_testing = false;
151// Not used in production code. Actual time should be relative to Jan 1, 1970.
152void TimeCallbackForTesting(const SSL* ssl, struct timeval* out_clock) {
153 int64_t time = TimeNanos();
154 out_clock->tv_sec = time / kNumNanosecsPerSec;
155 out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec;
156}
157#endif
Guo-wei Shieh456696a2015-10-01 04:48:54[diff] [blame]158
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]159} // namespace
Guo-wei Shieh456696a2015-10-01 04:48:54[diff] [blame]160
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]161//////////////////////////////////////////////////////////////////////
162// StreamBIO
163//////////////////////////////////////////////////////////////////////
164
165static int stream_write(BIO* h, const char* buf, int num);
166static int stream_read(BIO* h, char* buf, int size);
167static int stream_puts(BIO* h, const char* str);
168static long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2);
169static int stream_new(BIO* h);
170static int stream_free(BIO* data);
171
Jiawei Oueb0df082018-02-02 22:51:18[diff] [blame]172static BIO_METHOD* BIO_stream_method() {
173 static BIO_METHOD* method = [] {
174 BIO_METHOD* method = BIO_meth_new(BIO_TYPE_BIO, "stream");
175 BIO_meth_set_write(method, stream_write);
176 BIO_meth_set_read(method, stream_read);
177 BIO_meth_set_puts(method, stream_puts);
178 BIO_meth_set_ctrl(method, stream_ctrl);
179 BIO_meth_set_create(method, stream_new);
180 BIO_meth_set_destroy(method, stream_free);
181 return method;
182 }();
183 return method;
184}
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]185
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]186static BIO* BIO_new_stream(StreamInterface* stream) {
Jiawei Oueb0df082018-02-02 22:51:18[diff] [blame]187 BIO* ret = BIO_new(BIO_stream_method());
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]188 if (ret == nullptr) {
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]189 return nullptr;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]190 }
Jiawei Oueb0df082018-02-02 22:51:18[diff] [blame]191 BIO_set_data(ret, stream);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]192 return ret;
193}
194
195// bio methods return 1 (or at least non-zero) on success and 0 on failure.
196
197static int stream_new(BIO* b) {
Jiawei Oueb0df082018-02-02 22:51:18[diff] [blame]198 BIO_set_shutdown(b, 0);
199 BIO_set_init(b, 1);
200 BIO_set_data(b, 0);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]201 return 1;
202}
203
204static int stream_free(BIO* b) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]205 if (b == nullptr) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]206 return 0;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]207 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]208 return 1;
209}
210
211static int stream_read(BIO* b, char* out, int outl) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]212 if (!out) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]213 return -1;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]214 }
Jiawei Oueb0df082018-02-02 22:51:18[diff] [blame]215 StreamInterface* stream = static_cast<StreamInterface*>(BIO_get_data(b));
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]216 BIO_clear_retry_flags(b);
217 size_t read;
218 int error;
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]219 StreamResult result = stream->Read(
220 rtc::MakeArrayView(reinterpret_cast<uint8_t*>(out), outl), read, error);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]221 if (result == SR_SUCCESS) {
henrike@webrtc.orgd89b69a2014-11-06 17:23:09[diff] [blame]222 return checked_cast<int>(read);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]223 } else if (result == SR_BLOCK) {
224 BIO_set_retry_read(b);
225 }
226 return -1;
227}
228
229static int stream_write(BIO* b, const char* in, int inl) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]230 if (!in) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]231 return -1;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]232 }
Jiawei Oueb0df082018-02-02 22:51:18[diff] [blame]233 StreamInterface* stream = static_cast<StreamInterface*>(BIO_get_data(b));
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]234 BIO_clear_retry_flags(b);
235 size_t written;
236 int error;
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]237 StreamResult result = stream->Write(
238 rtc::MakeArrayView(reinterpret_cast<const uint8_t*>(in), inl), written,
239 error);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]240 if (result == SR_SUCCESS) {
henrike@webrtc.orgd89b69a2014-11-06 17:23:09[diff] [blame]241 return checked_cast<int>(written);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]242 } else if (result == SR_BLOCK) {
243 BIO_set_retry_write(b);
244 }
245 return -1;
246}
247
248static int stream_puts(BIO* b, const char* str) {
henrike@webrtc.orgd89b69a2014-11-06 17:23:09[diff] [blame]249 return stream_write(b, str, checked_cast<int>(strlen(str)));
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]250}
251
252static long stream_ctrl(BIO* b, int cmd, long num, void* ptr) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]253 switch (cmd) {
254 case BIO_CTRL_RESET:
255 return 0;
Jiawei Ou018dd6e2018-01-30 20:13:48[diff] [blame]256 case BIO_CTRL_EOF: {
257 StreamInterface* stream = static_cast<StreamInterface*>(ptr);
258 // 1 means end-of-stream.
259 return (stream->GetState() == SS_CLOSED) ? 1 : 0;
260 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]261 case BIO_CTRL_WPENDING:
262 case BIO_CTRL_PENDING:
263 return 0;
264 case BIO_CTRL_FLUSH:
265 return 1;
Henrik Lundinf4baca52015-06-10 07:45:58[diff] [blame]266 case BIO_CTRL_DGRAM_QUERY_MTU:
267 // openssl defaults to mtu=256 unless we return something here.
268 // The handshake doesn't actually need to send packets above 1k,
269 // so this seems like a sensible value that should work in most cases.
270 // Webrtc uses the same value for video packets.
271 return 1200;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]272 default:
273 return 0;
274 }
275}
276
277/////////////////////////////////////////////////////////////////////////////
278// OpenSSLStreamAdapter
279/////////////////////////////////////////////////////////////////////////////
280
Guido Urdaneta14bba6e2020-09-25 14:00:51[diff] [blame]281static std::atomic<bool> g_use_legacy_tls_protocols_override(false);
282static std::atomic<bool> g_allow_legacy_tls_protocols(false);
283
284void SetAllowLegacyTLSProtocols(const absl::optional<bool>& allow) {
285 g_use_legacy_tls_protocols_override.store(allow.has_value());
286 if (allow.has_value())
287 g_allow_legacy_tls_protocols.store(allow.value());
288}
289
290bool ShouldAllowLegacyTLSProtocols() {
291 return g_use_legacy_tls_protocols_override.load()
292 ? g_allow_legacy_tls_protocols.load()
Guido Urdanetaae2e8642020-10-26 08:55:26[diff] [blame]293 : webrtc::field_trial::IsEnabled("WebRTC-LegacyTlsProtocols");
Guido Urdaneta14bba6e2020-09-25 14:00:51[diff] [blame]294}
295
Harald Alvestrand8515d5a2020-03-20 21:51:32[diff] [blame]296OpenSSLStreamAdapter::OpenSSLStreamAdapter(
297 std::unique_ptr<StreamInterface> stream)
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]298 : stream_(std::move(stream)),
Tommi04482982020-10-05 12:43:53[diff] [blame]299 owner_(rtc::Thread::Current()),
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]300 state_(SSL_NONE),
301 role_(SSL_CLIENT),
Guo-wei Shieha7446d22016-01-11 23:27:03[diff] [blame]302 ssl_read_needs_write_(false),
303 ssl_write_needs_read_(false),
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]304 ssl_(nullptr),
305 ssl_ctx_(nullptr),
Joachim Bauch831c5582015-05-20 10:48:41[diff] [blame]306 ssl_mode_(SSL_MODE_TLS),
Harald Alvestrand13799132020-03-09 18:39:36[diff] [blame]307 ssl_max_version_(SSL_PROTOCOL_TLS_12),
308 // Default is to support legacy TLS protocols.
309 // This will be changed to default non-support in M82 or M83.
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]310 support_legacy_tls_protocols_flag_(ShouldAllowLegacyTLSProtocols()) {
311 stream_->SignalEvent.connect(this, &OpenSSLStreamAdapter::OnEvent);
312}
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]313
314OpenSSLStreamAdapter::~OpenSSLStreamAdapter() {
Tommi04482982020-10-05 12:43:53[diff] [blame]315 timeout_task_.Stop();
deadbeef89824f62016-09-30 18:55:43[diff] [blame]316 Cleanup(0);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]317}
318
Harald Alvestrand8515d5a2020-03-20 21:51:32[diff] [blame]319void OpenSSLStreamAdapter::SetIdentity(std::unique_ptr<SSLIdentity> identity) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]320 RTC_DCHECK(!identity_);
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]321#ifdef OPENSSL_IS_BORINGSSL
322 identity_.reset(static_cast<BoringSSLIdentity*>(identity.release()));
323#else
Harald Alvestrand8515d5a2020-03-20 21:51:32[diff] [blame]324 identity_.reset(static_cast<OpenSSLIdentity*>(identity.release()));
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]325#endif
Harald Alvestrand8515d5a2020-03-20 21:51:32[diff] [blame]326}
327
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]328SSLIdentity* OpenSSLStreamAdapter::GetIdentityForTesting() const {
Harald Alvestrand8515d5a2020-03-20 21:51:32[diff] [blame]329 return identity_.get();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]330}
331
332void OpenSSLStreamAdapter::SetServerRole(SSLRole role) {
333 role_ = role;
334}
335
deadbeef89824f62016-09-30 18:55:43[diff] [blame]336bool OpenSSLStreamAdapter::SetPeerCertificateDigest(
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]337 absl::string_view digest_alg,
deadbeef89824f62016-09-30 18:55:43[diff] [blame]338 const unsigned char* digest_val,
339 size_t digest_len,
340 SSLPeerCertificateDigestError* error) {
341 RTC_DCHECK(!peer_certificate_verified_);
Benjamin Wright5d355542018-10-27 00:57:00[diff] [blame]342 RTC_DCHECK(!HasPeerCertificateDigest());
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]343 size_t expected_len;
deadbeef89824f62016-09-30 18:55:43[diff] [blame]344 if (error) {
345 *error = SSLPeerCertificateDigestError::NONE;
346 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]347
348 if (!OpenSSLDigest::GetDigestSize(digest_alg, &expected_len)) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]349 RTC_LOG(LS_WARNING) << "Unknown digest algorithm: " << digest_alg;
deadbeef89824f62016-09-30 18:55:43[diff] [blame]350 if (error) {
351 *error = SSLPeerCertificateDigestError::UNKNOWN_ALGORITHM;
352 }
deadbeef81f6f4f2016-09-20 00:20:52[diff] [blame]353 return false;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]354 }
deadbeef89824f62016-09-30 18:55:43[diff] [blame]355 if (expected_len != digest_len) {
356 if (error) {
357 *error = SSLPeerCertificateDigestError::INVALID_LENGTH;
358 }
deadbeef81f6f4f2016-09-20 00:20:52[diff] [blame]359 return false;
deadbeef89824f62016-09-30 18:55:43[diff] [blame]360 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]361
362 peer_certificate_digest_value_.SetData(digest_val, digest_len);
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]363 peer_certificate_digest_algorithm_ = std::string(digest_alg);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]364
Taylor Brandstetterc3928662018-02-23 21:04:51[diff] [blame]365 if (!peer_cert_chain_) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]366 // Normal case, where the digest is set before we obtain the certificate
367 // from the handshake.
368 return true;
369 }
370
371 if (!VerifyPeerCertificate()) {
372 Error("SetPeerCertificateDigest", -1, SSL_AD_BAD_CERTIFICATE, false);
373 if (error) {
374 *error = SSLPeerCertificateDigestError::VERIFICATION_FAILED;
375 }
376 return false;
377 }
378
379 if (state_ == SSL_CONNECTED) {
380 // Post the event asynchronously to unwind the stack. The caller
381 // of ContinueSSL may be the same object listening for these
382 // events and may not be prepared for reentrancy.
383 PostEvent(SE_OPEN | SE_READ | SE_WRITE, 0);
384 }
385
deadbeef81f6f4f2016-09-20 00:20:52[diff] [blame]386 return true;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]387}
388
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]389std::string OpenSSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]390#ifdef OPENSSL_IS_BORINGSSL
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]391 const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher_suite);
Guo-wei Shieh456696a2015-10-01 04:48:54[diff] [blame]392 if (!ssl_cipher) {
393 return std::string();
394 }
David Benjamina8f73762017-09-28 19:49:42[diff] [blame]395 return SSL_CIPHER_standard_name(ssl_cipher);
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]396#else
Joachim Reiersene457e432022-10-21 19:08:22[diff] [blame]397 const int openssl_cipher_id = 0x03000000L | cipher_suite;
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]398 for (const SslCipherMapEntry* entry = kSslCipherMap; entry->rfc_name;
399 ++entry) {
Joachim Reiersene457e432022-10-21 19:08:22[diff] [blame]400 if (openssl_cipher_id == static_cast<int>(entry->openssl_id)) {
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]401 return entry->rfc_name;
402 }
403 }
404 return std::string();
405#endif
Guo-wei Shieh456696a2015-10-01 04:48:54[diff] [blame]406}
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36[diff] [blame]407
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]408bool OpenSSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]409 if (state_ != SSL_CONNECTED) {
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36[diff] [blame]410 return false;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]411 }
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36[diff] [blame]412
413 const SSL_CIPHER* current_cipher = SSL_get_current_cipher(ssl_);
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]414 if (current_cipher == nullptr) {
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36[diff] [blame]415 return false;
416 }
417
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]418 *cipher_suite = static_cast<uint16_t>(SSL_CIPHER_get_id(current_cipher));
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36[diff] [blame]419 return true;
420}
421
Harald Alvestrand5cb78072019-10-28 08:51:17[diff] [blame]422SSLProtocolVersion OpenSSLStreamAdapter::GetSslVersion() const {
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]423 if (state_ != SSL_CONNECTED) {
Harald Alvestrand5cb78072019-10-28 08:51:17[diff] [blame]424 return SSL_PROTOCOL_NOT_GIVEN;
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]425 }
torbjorng43166b82016-03-11 08:06:47[diff] [blame]426
427 int ssl_version = SSL_version(ssl_);
428 if (ssl_mode_ == SSL_MODE_DTLS) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]429 if (ssl_version == DTLS1_VERSION) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]430 return SSL_PROTOCOL_DTLS_10;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]431 } else if (ssl_version == DTLS1_2_VERSION) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]432 return SSL_PROTOCOL_DTLS_12;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]433 }
torbjorng43166b82016-03-11 08:06:47[diff] [blame]434 } else {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]435 if (ssl_version == TLS1_VERSION) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]436 return SSL_PROTOCOL_TLS_10;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]437 } else if (ssl_version == TLS1_1_VERSION) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]438 return SSL_PROTOCOL_TLS_11;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]439 } else if (ssl_version == TLS1_2_VERSION) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]440 return SSL_PROTOCOL_TLS_12;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]441 }
torbjorng43166b82016-03-11 08:06:47[diff] [blame]442 }
443
Harald Alvestrand5cb78072019-10-28 08:51:17[diff] [blame]444 return SSL_PROTOCOL_NOT_GIVEN;
445}
446
447bool OpenSSLStreamAdapter::GetSslVersionBytes(int* version) const {
448 if (state_ != SSL_CONNECTED) {
449 return false;
450 }
451 *version = SSL_version(ssl_);
452 return true;
torbjorng43166b82016-03-11 08:06:47[diff] [blame]453}
454
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]455// Key Extractor interface
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]456bool OpenSSLStreamAdapter::ExportKeyingMaterial(absl::string_view label,
Peter Boström0c4e06b2015-10-07 10:23:21[diff] [blame]457 const uint8_t* context,
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]458 size_t context_len,
459 bool use_context,
Peter Boström0c4e06b2015-10-07 10:23:21[diff] [blame]460 uint8_t* result,
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]461 size_t result_len) {
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]462 if (SSL_export_keying_material(ssl_, result, result_len, label.data(),
463 label.length(), context, context_len,
464 use_context) != 1) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]465 return false;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]466 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]467 return true;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]468}
469
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]470bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites(
471 const std::vector<int>& ciphers) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]472 if (state_ != SSL_NONE) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]473 return false;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]474 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]475
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]476 std::string internal_ciphers;
477 for (const int cipher : ciphers) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]478 bool found = false;
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]479 for (const auto& entry : kSrtpCipherMap) {
480 if (cipher == entry.id) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]481 found = true;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]482 if (!internal_ciphers.empty()) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]483 internal_ciphers += ":";
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]484 }
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]485 internal_ciphers += entry.internal_name;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]486 break;
487 }
488 }
489
490 if (!found) {
Benjamin Wright8e98c602019-03-01 01:25:01[diff] [blame]491 RTC_LOG(LS_ERROR) << "Could not find cipher: " << cipher;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]492 return false;
493 }
494 }
495
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]496 if (internal_ciphers.empty()) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]497 return false;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]498 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]499
500 srtp_ciphers_ = internal_ciphers;
501 return true;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]502}
503
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]504bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]505 RTC_DCHECK(state_ == SSL_CONNECTED);
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]506 if (state_ != SSL_CONNECTED) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]507 return false;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]508 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]509
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]510 const SRTP_PROTECTION_PROFILE* srtp_profile =
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]511 SSL_get_selected_srtp_profile(ssl_);
512
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]513 if (!srtp_profile) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]514 return false;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]515 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]516
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]517 *crypto_suite = srtp_profile->id;
deadbeef89824f62016-09-30 18:55:43[diff] [blame]518 RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty());
Guo-wei Shieh521ed7b2015-11-19 03:41:53[diff] [blame]519 return true;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]520}
521
deadbeef89824f62016-09-30 18:55:43[diff] [blame]522bool OpenSSLStreamAdapter::IsTlsConnected() {
523 return state_ == SSL_CONNECTED;
524}
525
Taylor Brandstetterc8762a82016-08-11 19:01:49[diff] [blame]526int OpenSSLStreamAdapter::StartSSL() {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]527 // Don't allow StartSSL to be called twice.
deadbeef89824f62016-09-30 18:55:43[diff] [blame]528 if (state_ != SSL_NONE) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]529 return -1;
530 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]531
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]532 if (stream_->GetState() != SS_OPEN) {
Taylor Brandstetterc8762a82016-08-11 19:01:49[diff] [blame]533 state_ = SSL_WAIT;
534 return 0;
535 }
536
537 state_ = SSL_CONNECTING;
538 if (int err = BeginSSL()) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]539 Error("BeginSSL", err, 0, false);
Taylor Brandstetterc8762a82016-08-11 19:01:49[diff] [blame]540 return err;
541 }
542
543 return 0;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]544}
545
546void OpenSSLStreamAdapter::SetMode(SSLMode mode) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]547 RTC_DCHECK(state_ == SSL_NONE);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]548 ssl_mode_ = mode;
549}
550
Joachim Bauch831c5582015-05-20 10:48:41[diff] [blame]551void OpenSSLStreamAdapter::SetMaxProtocolVersion(SSLProtocolVersion version) {
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]552 RTC_DCHECK(ssl_ctx_ == nullptr);
Joachim Bauch831c5582015-05-20 10:48:41[diff] [blame]553 ssl_max_version_ = version;
554}
555
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]556void OpenSSLStreamAdapter::SetInitialRetransmissionTimeout(int timeout_ms) {
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]557 RTC_DCHECK(ssl_ctx_ == nullptr);
skvladd0309122017-02-03 01:18:37[diff] [blame]558 dtls_handshake_timeout_ms_ = timeout_ms;
559}
560
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]561//
562// StreamInterface Implementation
563//
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]564StreamResult OpenSSLStreamAdapter::Write(rtc::ArrayView<const uint8_t> data,
565 size_t& written,
566 int& error) {
567 RTC_DLOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Write(" << data.size() << ")";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]568
569 switch (state_) {
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]570 case SSL_NONE:
571 // pass-through in clear text
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]572 return stream_->Write(data, written, error);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]573
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]574 case SSL_WAIT:
575 case SSL_CONNECTING:
deadbeef89824f62016-09-30 18:55:43[diff] [blame]576 return SR_BLOCK;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]577
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]578 case SSL_CONNECTED:
Benjamin Wright5d355542018-10-27 00:57:00[diff] [blame]579 if (WaitingToVerifyPeerCertificate()) {
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]580 return SR_BLOCK;
581 }
582 break;
583
584 case SSL_ERROR:
585 case SSL_CLOSED:
586 default:
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]587 error = ssl_error_code_;
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]588 return SR_ERROR;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]589 }
590
591 // OpenSSL will return an error if we try to write zero bytes
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]592 if (data.size() == 0) {
593 written = 0;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]594 return SR_SUCCESS;
595 }
596
597 ssl_write_needs_read_ = false;
598
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]599 int code = SSL_write(ssl_, data.data(), checked_cast<int>(data.size()));
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]600 int ssl_error = SSL_get_error(ssl_, code);
601 switch (ssl_error) {
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]602 case SSL_ERROR_NONE:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]603 RTC_DLOG(LS_VERBOSE) << " -- success";
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]604 RTC_DCHECK_GT(code, 0);
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]605 RTC_DCHECK_LE(code, data.size());
606 written = code;
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]607 return SR_SUCCESS;
608 case SSL_ERROR_WANT_READ:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]609 RTC_DLOG(LS_VERBOSE) << " -- error want read";
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]610 ssl_write_needs_read_ = true;
611 return SR_BLOCK;
612 case SSL_ERROR_WANT_WRITE:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]613 RTC_DLOG(LS_VERBOSE) << " -- error want write";
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]614 return SR_BLOCK;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]615
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]616 case SSL_ERROR_ZERO_RETURN:
617 default:
618 Error("SSL_write", (ssl_error ? ssl_error : -1), 0, false);
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]619 error = ssl_error_code_;
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]620 return SR_ERROR;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]621 }
622 // not reached
623}
624
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]625StreamResult OpenSSLStreamAdapter::Read(rtc::ArrayView<uint8_t> data,
626 size_t& read,
627 int& error) {
628 RTC_DLOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Read(" << data.size() << ")";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]629 switch (state_) {
630 case SSL_NONE:
631 // pass-through in clear text
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]632 return stream_->Read(data, read, error);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]633 case SSL_WAIT:
634 case SSL_CONNECTING:
635 return SR_BLOCK;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]636 case SSL_CONNECTED:
Benjamin Wright5d355542018-10-27 00:57:00[diff] [blame]637 if (WaitingToVerifyPeerCertificate()) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]638 return SR_BLOCK;
639 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]640 break;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]641 case SSL_CLOSED:
642 return SR_EOS;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]643 case SSL_ERROR:
644 default:
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]645 error = ssl_error_code_;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]646 return SR_ERROR;
647 }
648
649 // Don't trust OpenSSL with zero byte reads
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]650 if (data.size() == 0) {
651 read = 0;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]652 return SR_SUCCESS;
653 }
654
655 ssl_read_needs_write_ = false;
656
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]657 const int code = SSL_read(ssl_, data.data(), checked_cast<int>(data.size()));
Benjamin Wrightf54e30b2019-02-27 01:33:50[diff] [blame]658 const int ssl_error = SSL_get_error(ssl_, code);
659
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]660 switch (ssl_error) {
661 case SSL_ERROR_NONE:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]662 RTC_DLOG(LS_VERBOSE) << " -- success";
kwibergee89e782017-08-10 00:22:01[diff] [blame]663 RTC_DCHECK_GT(code, 0);
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]664 RTC_DCHECK_LE(code, data.size());
665 read = code;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]666
667 if (ssl_mode_ == SSL_MODE_DTLS) {
668 // Enforce atomic reads -- this is a short read
669 unsigned int pending = SSL_pending(ssl_);
670
671 if (pending) {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]672 RTC_DLOG(LS_INFO) << " -- short DTLS read. flushing";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]673 FlushInput(pending);
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]674 error = SSE_MSG_TRUNC;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]675 return SR_ERROR;
676 }
677 }
678 return SR_SUCCESS;
679 case SSL_ERROR_WANT_READ:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]680 RTC_DLOG(LS_VERBOSE) << " -- error want read";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]681 return SR_BLOCK;
682 case SSL_ERROR_WANT_WRITE:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]683 RTC_DLOG(LS_VERBOSE) << " -- error want write";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]684 ssl_read_needs_write_ = true;
685 return SR_BLOCK;
686 case SSL_ERROR_ZERO_RETURN:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]687 RTC_DLOG(LS_VERBOSE) << " -- remote side closed";
deadbeef89824f62016-09-30 18:55:43[diff] [blame]688 Close();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]689 return SR_EOS;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]690 default:
deadbeef89824f62016-09-30 18:55:43[diff] [blame]691 Error("SSL_read", (ssl_error ? ssl_error : -1), 0, false);
Harald Alvestrand11840ce2022-11-10 10:50:50[diff] [blame]692 error = ssl_error_code_;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]693 return SR_ERROR;
694 }
695 // not reached
696}
697
698void OpenSSLStreamAdapter::FlushInput(unsigned int left) {
699 unsigned char buf[2048];
700
701 while (left) {
702 // This should always succeed
Benjamin Wrightf54e30b2019-02-27 01:33:50[diff] [blame]703 const int toread = (sizeof(buf) < left) ? sizeof(buf) : left;
704 const int code = SSL_read(ssl_, buf, toread);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]705
Benjamin Wrightf54e30b2019-02-27 01:33:50[diff] [blame]706 const int ssl_error = SSL_get_error(ssl_, code);
deadbeef89824f62016-09-30 18:55:43[diff] [blame]707 RTC_DCHECK(ssl_error == SSL_ERROR_NONE);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]708
709 if (ssl_error != SSL_ERROR_NONE) {
Jonas Olssonaddc3802018-02-01 08:53:06[diff] [blame]710 RTC_DLOG(LS_VERBOSE) << " -- error " << code;
deadbeef89824f62016-09-30 18:55:43[diff] [blame]711 Error("SSL_read", (ssl_error ? ssl_error : -1), 0, false);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]712 return;
713 }
714
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]715 RTC_DLOG(LS_VERBOSE) << " -- flushed " << code << " bytes";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]716 left -= code;
717 }
718}
719
720void OpenSSLStreamAdapter::Close() {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]721 Cleanup(0);
722 RTC_DCHECK(state_ == SSL_CLOSED || state_ == SSL_ERROR);
723 // When we're closed at SSL layer, also close the stream level which
724 // performs necessary clean up. Otherwise, a new incoming packet after
725 // this could overflow the stream buffer.
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]726 stream_->Close();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]727}
728
729StreamState OpenSSLStreamAdapter::GetState() const {
730 switch (state_) {
731 case SSL_WAIT:
732 case SSL_CONNECTING:
733 return SS_OPENING;
734 case SSL_CONNECTED:
Benjamin Wright5d355542018-10-27 00:57:00[diff] [blame]735 if (WaitingToVerifyPeerCertificate()) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]736 return SS_OPENING;
737 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]738 return SS_OPEN;
739 default:
740 return SS_CLOSED;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]741 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]742 // not reached
743}
744
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]745void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream,
746 int events,
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]747 int err) {
748 int events_to_signal = 0;
749 int signal_error = 0;
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]750 RTC_DCHECK(stream == stream_.get());
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]751
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]752 if ((events & SE_OPEN)) {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]753 RTC_DLOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent SE_OPEN";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]754 if (state_ != SSL_WAIT) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]755 RTC_DCHECK(state_ == SSL_NONE);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]756 events_to_signal |= SE_OPEN;
757 } else {
758 state_ = SSL_CONNECTING;
759 if (int err = BeginSSL()) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]760 Error("BeginSSL", err, 0, true);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]761 return;
762 }
763 }
764 }
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]765
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]766 if ((events & (SE_READ | SE_WRITE))) {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]767 RTC_DLOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent"
768 << ((events & SE_READ) ? " SE_READ" : "")
769 << ((events & SE_WRITE) ? " SE_WRITE" : "");
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]770 if (state_ == SSL_NONE) {
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]771 events_to_signal |= events & (SE_READ | SE_WRITE);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]772 } else if (state_ == SSL_CONNECTING) {
773 if (int err = ContinueSSL()) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]774 Error("ContinueSSL", err, 0, true);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]775 return;
776 }
777 } else if (state_ == SSL_CONNECTED) {
778 if (((events & SE_READ) && ssl_write_needs_read_) ||
779 (events & SE_WRITE)) {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]780 RTC_DLOG(LS_VERBOSE) << " -- onStreamWriteable";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]781 events_to_signal |= SE_WRITE;
782 }
783 if (((events & SE_WRITE) && ssl_read_needs_write_) ||
784 (events & SE_READ)) {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]785 RTC_DLOG(LS_VERBOSE) << " -- onStreamReadable";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]786 events_to_signal |= SE_READ;
787 }
788 }
789 }
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]790
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]791 if ((events & SE_CLOSE)) {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]792 RTC_DLOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent(SE_CLOSE, " << err
793 << ")";
deadbeef89824f62016-09-30 18:55:43[diff] [blame]794 Cleanup(0);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]795 events_to_signal |= SE_CLOSE;
796 // SE_CLOSE is the only event that uses the final parameter to OnEvent().
deadbeef89824f62016-09-30 18:55:43[diff] [blame]797 RTC_DCHECK(signal_error == 0);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]798 signal_error = err;
799 }
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]800
801 if (events_to_signal) {
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]802 // Note that the adapter presents itself as the origin of the stream events,
803 // since users of the adapter may not recognize the adapted object.
804 SignalEvent(this, events_to_signal, signal_error);
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]805 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]806}
807
Tommi04482982020-10-05 12:43:53[diff] [blame]808void OpenSSLStreamAdapter::PostEvent(int events, int err) {
Danil Chapovalov5286dcf2022-07-18 15:04:56[diff] [blame]809 owner_->PostTask(SafeTask(task_safety_.flag(), [this, events, err]() {
810 SignalEvent(this, events, err);
811 }));
Tommi04482982020-10-05 12:43:53[diff] [blame]812}
813
814void OpenSSLStreamAdapter::SetTimeout(int delay_ms) {
815 // We need to accept 0 delay here as well as >0 delay, because
816 // DTLSv1_get_timeout seems to frequently return 0 ms.
817 RTC_DCHECK_GE(delay_ms, 0);
818 RTC_DCHECK(!timeout_task_.Running());
819
820 timeout_task_ = webrtc::RepeatingTaskHandle::DelayedStart(
821 owner_, webrtc::TimeDelta::Millis(delay_ms),
822 [flag = task_safety_.flag(), this]() {
823 if (flag->alive()) {
824 RTC_DLOG(LS_INFO) << "DTLS timeout expired";
825 timeout_task_.Stop();
Jonas Oreland808f4942021-06-16 11:42:20[diff] [blame]826 int res = DTLSv1_handle_timeout(ssl_);
827 if (res > 0) {
828 RTC_LOG(LS_INFO) << "DTLS retransmission";
829 } else if (res < 0) {
830 RTC_LOG(LS_INFO) << "DTLSv1_handle_timeout() return -1";
Philipp Hancke9c83d9d2022-04-28 17:01:28[diff] [blame]831 Error("DTLSv1_handle_timeout", res, -1, true);
832 return webrtc::TimeDelta::PlusInfinity();
Jonas Oreland808f4942021-06-16 11:42:20[diff] [blame]833 }
Tommi04482982020-10-05 12:43:53[diff] [blame]834 ContinueSSL();
835 } else {
Artem Titovd3251962021-11-15 15:57:07[diff] [blame]836 RTC_DCHECK_NOTREACHED();
Tommi04482982020-10-05 12:43:53[diff] [blame]837 }
838 // This callback will never run again (stopped above).
839 return webrtc::TimeDelta::PlusInfinity();
840 });
841}
842
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]843int OpenSSLStreamAdapter::BeginSSL() {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]844 RTC_DCHECK(state_ == SSL_CONNECTING);
Taylor Brandstetterc8762a82016-08-11 19:01:49[diff] [blame]845 // The underlying stream has opened.
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]846 RTC_DLOG(LS_INFO) << "BeginSSL with peer.";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]847
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]848 BIO* bio = nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]849
Taylor Brandstetterc8762a82016-08-11 19:01:49[diff] [blame]850 // First set up the context.
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]851 RTC_DCHECK(ssl_ctx_ == nullptr);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]852 ssl_ctx_ = SetupSSLContext();
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]853 if (!ssl_ctx_) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]854 return -1;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]855 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]856
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]857 bio = BIO_new_stream(stream_.get());
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]858 if (!bio) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]859 return -1;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]860 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]861
862 ssl_ = SSL_new(ssl_ctx_);
863 if (!ssl_) {
864 BIO_free(bio);
865 return -1;
866 }
867
868 SSL_set_app_data(ssl_, this);
869
870 SSL_set_bio(ssl_, bio, bio); // the SSL object owns the bio now.
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]871 if (ssl_mode_ == SSL_MODE_DTLS) {
Taylor Brandstetter4f0dfbd2016-06-16 00:15:23[diff] [blame]872#ifdef OPENSSL_IS_BORINGSSL
skvladd0309122017-02-03 01:18:37[diff] [blame]873 DTLSv1_set_initial_timeout_duration(ssl_, dtls_handshake_timeout_ms_);
Taylor Brandstetter4f0dfbd2016-06-16 00:15:23[diff] [blame]874#else
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]875 // Enable read-ahead for DTLS so whole packets are read from internal BIO
876 // before parsing. This is done internally by BoringSSL for DTLS.
877 SSL_set_read_ahead(ssl_, 1);
philipel49c08692016-05-24 08:49:43[diff] [blame]878#endif
Taylor Brandstetter4f0dfbd2016-06-16 00:15:23[diff] [blame]879 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]880
881 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE |
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]882 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]883
884 // Do the connect
885 return ContinueSSL();
886}
887
888int OpenSSLStreamAdapter::ContinueSSL() {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]889 RTC_DLOG(LS_VERBOSE) << "ContinueSSL";
deadbeef89824f62016-09-30 18:55:43[diff] [blame]890 RTC_DCHECK(state_ == SSL_CONNECTING);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]891
892 // Clear the DTLS timer
Tommi04482982020-10-05 12:43:53[diff] [blame]893 timeout_task_.Stop();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]894
Benjamin Wrightf54e30b2019-02-27 01:33:50[diff] [blame]895 const int code = (role_ == SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_);
896 const int ssl_error = SSL_get_error(ssl_, code);
897
898 switch (ssl_error) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]899 case SSL_ERROR_NONE:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]900 RTC_DLOG(LS_VERBOSE) << " -- success";
deadbeef89824f62016-09-30 18:55:43[diff] [blame]901 // By this point, OpenSSL should have given us a certificate, or errored
902 // out if one was missing.
Benjamin Wrightb19b4972018-10-25 17:46:49[diff] [blame]903 RTC_DCHECK(peer_cert_chain_ || !GetClientAuthEnabled());
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]904
905 state_ = SSL_CONNECTED;
Benjamin Wright5d355542018-10-27 00:57:00[diff] [blame]906 if (!WaitingToVerifyPeerCertificate()) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]907 // We have everything we need to start the connection, so signal
908 // SE_OPEN. If we need a client certificate fingerprint and don't have
909 // it yet, we'll instead signal SE_OPEN in SetPeerCertificateDigest.
910 //
Taylor Brandstetterfe69a742016-10-01 00:34:32[diff] [blame]911 // TODO(deadbeef): Post this event asynchronously to unwind the stack.
912 // The caller of ContinueSSL may be the same object listening for these
913 // events and may not be prepared for reentrancy.
914 // PostEvent(SE_OPEN | SE_READ | SE_WRITE, 0);
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]915 SignalEvent(this, SE_OPEN | SE_READ | SE_WRITE, 0);
deadbeef89824f62016-09-30 18:55:43[diff] [blame]916 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]917 break;
918
919 case SSL_ERROR_WANT_READ: {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]920 RTC_DLOG(LS_VERBOSE) << " -- error want read";
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]921 struct timeval timeout;
922 if (DTLSv1_get_timeout(ssl_, &timeout)) {
923 int delay = timeout.tv_sec * 1000 + timeout.tv_usec / 1000;
Tommi04482982020-10-05 12:43:53[diff] [blame]924 SetTimeout(delay);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]925 }
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]926 } break;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]927
928 case SSL_ERROR_WANT_WRITE:
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]929 RTC_DLOG(LS_VERBOSE) << " -- error want write";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]930 break;
931
932 case SSL_ERROR_ZERO_RETURN:
933 default:
zhihuangd82eee02016-08-26 18:25:05[diff] [blame]934 SSLHandshakeError ssl_handshake_err = SSLHandshakeError::UNKNOWN;
935 int err_code = ERR_peek_last_error();
936 if (err_code != 0 && ERR_GET_REASON(err_code) == SSL_R_NO_SHARED_CIPHER) {
937 ssl_handshake_err = SSLHandshakeError::INCOMPATIBLE_CIPHERSUITE;
938 }
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]939 RTC_DLOG(LS_VERBOSE) << " -- error " << code << ", " << err_code << ", "
940 << ERR_GET_REASON(err_code);
Sam Zackrissonb298f742020-10-06 11:40:30[diff] [blame]941 SignalSSLHandshakeError(ssl_handshake_err);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]942 return (ssl_error != 0) ? ssl_error : -1;
943 }
944
945 return 0;
946}
947
Ali Tofigh2ab914c2022-04-13 10:55:15[diff] [blame]948void OpenSSLStreamAdapter::Error(absl::string_view context,
deadbeef89824f62016-09-30 18:55:43[diff] [blame]949 int err,
950 uint8_t alert,
951 bool signal) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]952 RTC_LOG(LS_WARNING) << "OpenSSLStreamAdapter::Error(" << context << ", "
953 << err << ", " << static_cast<int>(alert) << ")";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]954 state_ = SSL_ERROR;
955 ssl_error_code_ = err;
deadbeef89824f62016-09-30 18:55:43[diff] [blame]956 Cleanup(alert);
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]957 if (signal) {
Niels Möller0131a4d2021-04-16 07:16:21[diff] [blame]958 SignalEvent(this, SE_CLOSE, err);
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]959 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]960}
961
deadbeef89824f62016-09-30 18:55:43[diff] [blame]962void OpenSSLStreamAdapter::Cleanup(uint8_t alert) {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]963 RTC_DLOG(LS_INFO) << "Cleanup";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]964
965 if (state_ != SSL_ERROR) {
966 state_ = SSL_CLOSED;
967 ssl_error_code_ = 0;
968 }
969
970 if (ssl_) {
deadbeef89824f62016-09-30 18:55:43[diff] [blame]971 int ret;
972// SSL_send_fatal_alert is only available in BoringSSL.
973#ifdef OPENSSL_IS_BORINGSSL
974 if (alert) {
975 ret = SSL_send_fatal_alert(ssl_, alert);
976 if (ret < 0) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]977 RTC_LOG(LS_WARNING) << "SSL_send_fatal_alert failed, error = "
978 << SSL_get_error(ssl_, ret);
deadbeef89824f62016-09-30 18:55:43[diff] [blame]979 }
980 } else {
981#endif
982 ret = SSL_shutdown(ssl_);
983 if (ret < 0) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]984 RTC_LOG(LS_WARNING)
985 << "SSL_shutdown failed, error = " << SSL_get_error(ssl_, ret);
deadbeef89824f62016-09-30 18:55:43[diff] [blame]986 }
987#ifdef OPENSSL_IS_BORINGSSL
jiayl@webrtc.orgf1d751c2014-09-25 16:38:46[diff] [blame]988 }
deadbeef89824f62016-09-30 18:55:43[diff] [blame]989#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]990 SSL_free(ssl_);
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]991 ssl_ = nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]992 }
993 if (ssl_ctx_) {
994 SSL_CTX_free(ssl_ctx_);
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]995 ssl_ctx_ = nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]996 }
997 identity_.reset();
Taylor Brandstetterc3928662018-02-23 21:04:51[diff] [blame]998 peer_cert_chain_.reset();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]999
1000 // Clear the DTLS timer
Tommi04482982020-10-05 12:43:53[diff] [blame]1001 timeout_task_.Stop();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1002}
1003
1004SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]1005#ifdef OPENSSL_IS_BORINGSSL
1006 // If X509 objects aren't used, we can use these methods to avoid
1007 // linking the sizable crypto/x509 code, using CRYPTO_BUFFER instead.
1008 SSL_CTX* ctx =
1009 SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? DTLS_with_buffers_method()
1010 : TLS_with_buffers_method());
1011#else
David Benjamin170a4b32019-01-30 15:46:16[diff] [blame]1012 SSL_CTX* ctx =
1013 SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? DTLS_method() : TLS_method());
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]1014#endif
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1015 if (ctx == nullptr) {
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]1016 return nullptr;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1017 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1018
Harald Alvestrand13799132020-03-09 18:39:36[diff] [blame]1019 if (support_legacy_tls_protocols_flag_) {
1020 // TODO(https://bugs.webrtc.org/10261): Completely remove this branch in
1021 // M84.
1022 SSL_CTX_set_min_proto_version(
1023 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_VERSION);
1024 switch (ssl_max_version_) {
1025 case SSL_PROTOCOL_TLS_10:
1026 SSL_CTX_set_max_proto_version(
1027 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_VERSION);
1028 break;
1029 case SSL_PROTOCOL_TLS_11:
1030 SSL_CTX_set_max_proto_version(
1031 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_1_VERSION);
1032 break;
1033 case SSL_PROTOCOL_TLS_12:
1034 default:
1035 SSL_CTX_set_max_proto_version(
1036 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION);
1037 break;
1038 }
1039 } else {
1040 // TODO(https://bugs.webrtc.org/10261): Make this the default in M84.
1041 SSL_CTX_set_min_proto_version(
1042 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION);
1043 SSL_CTX_set_max_proto_version(
1044 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION);
Joachim Bauch831c5582015-05-20 10:48:41[diff] [blame]1045 }
Harald Alvestrand13799132020-03-09 18:39:36[diff] [blame]1046
David Benjamin170a4b32019-01-30 15:46:16[diff] [blame]1047#ifdef OPENSSL_IS_BORINGSSL
1048 // SSL_CTX_set_current_time_cb is only supported in BoringSSL.
deadbeef6cf94a02016-11-29 01:38:34[diff] [blame]1049 if (g_use_time_callback_for_testing) {
1050 SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting);
1051 }
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]1052 SSL_CTX_set0_buffer_pool(ctx, openssl::GetBufferPool());
Torbjorn Granlund9adc91d2016-03-24 13:05:06[diff] [blame]1053#endif
Joachim Bauch831c5582015-05-20 10:48:41[diff] [blame]1054
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1055 if (identity_ && !identity_->ConfigureIdentity(ctx)) {
1056 SSL_CTX_free(ctx);
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]1057 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1058 }
1059
tfarinaa41ab932015-10-30 23:08:48[diff] [blame]1060#if !defined(NDEBUG)
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1061 SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback);
1062#endif
1063
tkchin@webrtc.orgc569a492014-09-23 05:56:44[diff] [blame]1064 int mode = SSL_VERIFY_PEER;
Benjamin Wrightb19b4972018-10-25 17:46:49[diff] [blame]1065 if (GetClientAuthEnabled()) {
tkchin@webrtc.orgc569a492014-09-23 05:56:44[diff] [blame]1066 // Require a certificate from the client.
1067 // Note: Normally this is always true in production, but it may be disabled
1068 // for testing purposes (e.g. SSLAdapter unit tests).
1069 mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
1070 }
1071
David Benjamindc246562017-09-29 16:14:08[diff] [blame]1072 // Configure a custom certificate verification callback to check the peer
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]1073 // certificate digest.
1074#ifdef OPENSSL_IS_BORINGSSL
1075 // Use CRYPTO_BUFFER version of the callback if building with BoringSSL.
1076 SSL_CTX_set_custom_verify(ctx, mode, SSLVerifyCallback);
1077#else
1078 // Note the second argument to SSL_CTX_set_verify is to override individual
1079 // errors in the default verification logic, which is not what we want here.
David Benjamindc246562017-09-29 16:14:08[diff] [blame]1080 SSL_CTX_set_verify(ctx, mode, nullptr);
1081 SSL_CTX_set_cert_verify_callback(ctx, SSLVerifyCallback, nullptr);
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]1082#endif
David Benjamindc246562017-09-29 16:14:08[diff] [blame]1083
Joachim Bauch831c5582015-05-20 10:48:41[diff] [blame]1084 // Select list of available ciphers. Note that !SHA256 and !SHA384 only
1085 // remove HMAC-SHA256 and HMAC-SHA384 cipher suites, not GCM cipher suites
1086 // with SHA256 or SHA384 as the handshake hash.
David Benjamin7a46cc52021-08-17 20:56:20[diff] [blame]1087 // This matches the list of SSLClientSocketImpl in Chromium.
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]1088 SSL_CTX_set_cipher_list(
David Benjamin7a46cc52021-08-17 20:56:20[diff] [blame]1089 ctx,
1090 "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK:!3DES");
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1091
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1092 if (!srtp_ciphers_.empty()) {
1093 if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) {
1094 SSL_CTX_free(ctx);
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]1095 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1096 }
1097 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1098
1099 return ctx;
1100}
1101
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1102bool OpenSSLStreamAdapter::VerifyPeerCertificate() {
Benjamin Wright5d355542018-10-27 00:57:00[diff] [blame]1103 if (!HasPeerCertificateDigest() || !peer_cert_chain_ ||
Taylor Brandstetterc3928662018-02-23 21:04:51[diff] [blame]1104 !peer_cert_chain_->GetSize()) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]1105 RTC_LOG(LS_WARNING) << "Missing digest or peer certificate.";
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1106 return false;
1107 }
deadbeef81f6f4f2016-09-20 00:20:52[diff] [blame]1108
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1109 unsigned char digest[EVP_MAX_MD_SIZE];
1110 size_t digest_length;
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]1111 if (!peer_cert_chain_->Get(0).ComputeDigest(
1112 peer_certificate_digest_algorithm_, digest, sizeof(digest),
1113 &digest_length)) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]1114 RTC_LOG(LS_WARNING) << "Failed to compute peer cert digest.";
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1115 return false;
1116 }
1117
1118 Buffer computed_digest(digest, digest_length);
1119 if (computed_digest != peer_certificate_digest_value_) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]1120 RTC_LOG(LS_WARNING)
Philipp Hancke117e6922022-06-17 12:14:55[diff] [blame]1121 << "Rejected peer certificate due to mismatched digest using "
1122 << peer_certificate_digest_algorithm_ << ". Expected "
1123 << rtc::hex_encode_with_delimiter(peer_certificate_digest_value_, ':')
1124 << " got " << rtc::hex_encode_with_delimiter(computed_digest, ':');
jbauchf8f457b2017-03-10 00:24:57[diff] [blame]1125 return false;
deadbeef81f6f4f2016-09-20 00:20:52[diff] [blame]1126 }
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1127 // Ignore any verification error if the digest matches, since there is no
1128 // value in checking the validity of a self-signed cert issued by untrusted
1129 // sources.
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]1130 RTC_DLOG(LS_INFO) << "Accepted peer certificate.";
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1131 peer_certificate_verified_ = true;
1132 return true;
1133}
1134
Jian Cui0a8798b2017-11-17 00:58:02[diff] [blame]1135std::unique_ptr<SSLCertChain> OpenSSLStreamAdapter::GetPeerSSLCertChain()
1136 const {
Steve Antonf25303e2018-10-16 22:23:31[diff] [blame]1137 return peer_cert_chain_ ? peer_cert_chain_->Clone() : nullptr;
Jian Cui0a8798b2017-11-17 00:58:02[diff] [blame]1138}
1139
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]1140#ifdef OPENSSL_IS_BORINGSSL
1141enum ssl_verify_result_t OpenSSLStreamAdapter::SSLVerifyCallback(
1142 SSL* ssl,
1143 uint8_t* out_alert) {
1144 // Get our OpenSSLStreamAdapter from the context.
1145 OpenSSLStreamAdapter* stream =
1146 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl));
1147 const STACK_OF(CRYPTO_BUFFER)* chain = SSL_get0_peer_certificates(ssl);
1148 // Creates certificate chain.
1149 std::vector<std::unique_ptr<SSLCertificate>> cert_chain;
1150 for (CRYPTO_BUFFER* cert : chain) {
1151 cert_chain.emplace_back(new BoringSSLCertificate(bssl::UpRef(cert)));
1152 }
1153 stream->peer_cert_chain_.reset(new SSLCertChain(std::move(cert_chain)));
1154
1155 // If the peer certificate digest isn't known yet, we'll wait to verify
1156 // until it's known, and for now just return a success status.
1157 if (stream->peer_certificate_digest_algorithm_.empty()) {
1158 RTC_LOG(LS_INFO) << "Waiting to verify certificate until digest is known.";
1159 // TODO(deadbeef): Use ssl_verify_retry?
1160 return ssl_verify_ok;
1161 }
1162
1163 if (!stream->VerifyPeerCertificate()) {
1164 return ssl_verify_invalid;
1165 }
1166
1167 return ssl_verify_ok;
1168}
1169#else // OPENSSL_IS_BORINGSSL
David Benjamindc246562017-09-29 16:14:08[diff] [blame]1170int OpenSSLStreamAdapter::SSLVerifyCallback(X509_STORE_CTX* store, void* arg) {
1171 // Get our SSL structure and OpenSSLStreamAdapter from the store.
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1172 SSL* ssl = reinterpret_cast<SSL*>(
1173 X509_STORE_CTX_get_ex_data(store, SSL_get_ex_data_X509_STORE_CTX_idx()));
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1174 OpenSSLStreamAdapter* stream =
1175 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl));
henrike@webrtc.org4e5f65a2014-06-05 20:40:11[diff] [blame]1176
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1177 // Record the peer's certificate.
Jiawei Ou9d4e8402018-05-23 22:44:20[diff] [blame]1178 X509* cert = X509_STORE_CTX_get0_cert(store);
Taylor Brandstetterc3928662018-02-23 21:04:51[diff] [blame]1179 stream->peer_cert_chain_.reset(
Mirko Bonadei317a1f02019-09-17 15:06:18[diff] [blame]1180 new SSLCertChain(std::make_unique<OpenSSLCertificate>(cert)));
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1181
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1182 // If the peer certificate digest isn't known yet, we'll wait to verify
1183 // until it's known, and for now just return a success status.
1184 if (stream->peer_certificate_digest_algorithm_.empty()) {
Tomas Gunnarssond48ff452020-10-02 16:28:46[diff] [blame]1185 RTC_DLOG(LS_INFO) << "Waiting to verify certificate until digest is known.";
deadbeef89824f62016-09-30 18:55:43[diff] [blame]1186 return 1;
1187 }
1188
David Benjamindc246562017-09-29 16:14:08[diff] [blame]1189 if (!stream->VerifyPeerCertificate()) {
1190 X509_STORE_CTX_set_error(store, X509_V_ERR_CERT_REJECTED);
1191 return 0;
1192 }
1193
1194 return 1;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1195}
Taylor Brandstetter165c6182020-12-11 00:23:03[diff] [blame]1196#endif // !OPENSSL_IS_BORINGSSL
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1197
Taylor Brandstetter4f0dfbd2016-06-16 00:15:23[diff] [blame]1198bool OpenSSLStreamAdapter::IsBoringSsl() {
1199#ifdef OPENSSL_IS_BORINGSSL
1200 return true;
1201#else
1202 return false;
1203#endif
1204}
1205
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1206#define CDEF(X) \
1207 { static_cast<uint16_t>(TLS1_CK_##X & 0xffff), "TLS_" #X }
1208
1209struct cipher_list {
1210 uint16_t cipher;
1211 const char* cipher_str;
1212};
1213
1214// TODO(torbjorng): Perhaps add more cipher suites to these lists.
1215static const cipher_list OK_RSA_ciphers[] = {
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]1216 CDEF(ECDHE_RSA_WITH_AES_128_CBC_SHA),
1217 CDEF(ECDHE_RSA_WITH_AES_256_CBC_SHA),
1218 CDEF(ECDHE_RSA_WITH_AES_128_GCM_SHA256),
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1219#ifdef TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA256
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]1220 CDEF(ECDHE_RSA_WITH_AES_256_GCM_SHA256),
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1221#endif
torbjorngaad67802016-04-07 15:55:28[diff] [blame]1222#ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]1223 CDEF(ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256),
torbjorngaad67802016-04-07 15:55:28[diff] [blame]1224#endif
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1225};
1226
1227static const cipher_list OK_ECDSA_ciphers[] = {
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]1228 CDEF(ECDHE_ECDSA_WITH_AES_128_CBC_SHA),
1229 CDEF(ECDHE_ECDSA_WITH_AES_256_CBC_SHA),
1230 CDEF(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256),
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1231#ifdef TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]1232 CDEF(ECDHE_ECDSA_WITH_AES_256_GCM_SHA256),
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1233#endif
torbjorngaad67802016-04-07 15:55:28[diff] [blame]1234#ifdef TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]1235 CDEF(ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256),
torbjorngaad67802016-04-07 15:55:28[diff] [blame]1236#endif
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1237};
1238#undef CDEF
1239
1240bool OpenSSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) {
Torbjorn Granlundb6d4ec42015-08-17 12:08:59[diff] [blame]1241 if (key_type == KT_RSA) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1242 for (const cipher_list& c : OK_RSA_ciphers) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1243 if (cipher == c.cipher) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1244 return true;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1245 }
Torbjorn Granlundb6d4ec42015-08-17 12:08:59[diff] [blame]1246 }
Joachim Bauch831c5582015-05-20 10:48:41[diff] [blame]1247 }
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1248
1249 if (key_type == KT_ECDSA) {
1250 for (const cipher_list& c : OK_ECDSA_ciphers) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1251 if (cipher == c.cipher) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1252 return true;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1253 }
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1254 }
1255 }
1256
1257 return false;
1258}
1259
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]1260bool OpenSSLStreamAdapter::IsAcceptableCipher(absl::string_view cipher,
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1261 KeyType key_type) {
1262 if (key_type == KT_RSA) {
1263 for (const cipher_list& c : OK_RSA_ciphers) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1264 if (cipher == c.cipher_str) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1265 return true;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1266 }
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1267 }
1268 }
1269
1270 if (key_type == KT_ECDSA) {
1271 for (const cipher_list& c : OK_ECDSA_ciphers) {
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1272 if (cipher == c.cipher_str) {
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1273 return true;
Benjamin Wrightd4d5f8a2018-10-15 18:19:39[diff] [blame]1274 }
torbjorng43166b82016-03-11 08:06:47[diff] [blame]1275 }
1276 }
1277
1278 return false;
pthatcher@webrtc.org3ee4fe52015-02-11 22:34:36[diff] [blame]1279}
1280
Benjamin Wrightb19b4972018-10-25 17:46:49[diff] [blame]1281void OpenSSLStreamAdapter::EnableTimeCallbackForTesting() {
Joachim Reiersen637bed52019-04-25 17:41:35[diff] [blame]1282#ifdef OPENSSL_IS_BORINGSSL
deadbeef6cf94a02016-11-29 01:38:34[diff] [blame]1283 g_use_time_callback_for_testing = true;
Joachim Reiersen637bed52019-04-25 17:41:35[diff] [blame]1284#endif
deadbeef6cf94a02016-11-29 01:38:34[diff] [blame]1285}
1286
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1287} // namespace rtc