Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / native / cdf6cbc6595a675c01e112833d074eb0e22d037c / . / libs / binder / RpcTransportTls.cpp
blob: 7f810b17ba667221d86b18bffb981f0375692679 [file] [log] [blame]
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]1/*
2 * Copyright (C) 2021 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#define LOG_TAG "RpcTransportTls"
18#include <log/log.h>
19
20#include <poll.h>
21
22#include <openssl/bn.h>
23#include <openssl/ssl.h>
24
Yifan Hongbb24eea2021-09-17 18:21:56 -0700[diff] [blame]25#include <binder/RpcTlsUtils.h>
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]26#include <binder/RpcTransportTls.h>
27
28#include "FdTrigger.h"
29#include "RpcState.h"
Yifan Hong18ac9472021-09-09 19:55:38 -0700[diff] [blame]30#include "Utils.h"
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]31
32#define SHOULD_LOG_TLS_DETAIL false
33
34#if SHOULD_LOG_TLS_DETAIL
35#define LOG_TLS_DETAIL(...) ALOGI(__VA_ARGS__)
36#else
37#define LOG_TLS_DETAIL(...) ALOGV(__VA_ARGS__) // for type checking
38#endif
39
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]40using android::base::ErrnoError;
41using android::base::Error;
42using android::base::Result;
43
44namespace android {
45namespace {
46
Yifan Hongd17353c2021-06-24 21:56:38 -0700[diff] [blame]47// Implement BIO for socket that ignores SIGPIPE.
48int socketNew(BIO* bio) {
49 BIO_set_data(bio, reinterpret_cast<void*>(-1));
50 BIO_set_init(bio, 0);
51 return 1;
52}
53int socketFree(BIO* bio) {
54 LOG_ALWAYS_FATAL_IF(bio == nullptr);
55 return 1;
56}
57int socketRead(BIO* bio, char* buf, int size) {
58 android::base::borrowed_fd fd(static_cast<int>(reinterpret_cast<intptr_t>(BIO_get_data(bio))));
59 int ret = TEMP_FAILURE_RETRY(::recv(fd.get(), buf, size, MSG_NOSIGNAL));
60 BIO_clear_retry_flags(bio);
61 if (errno == EAGAIN || errno == EWOULDBLOCK) {
62 BIO_set_retry_read(bio);
63 }
64 return ret;
65}
66
67int socketWrite(BIO* bio, const char* buf, int size) {
68 android::base::borrowed_fd fd(static_cast<int>(reinterpret_cast<intptr_t>(BIO_get_data(bio))));
69 int ret = TEMP_FAILURE_RETRY(::send(fd.get(), buf, size, MSG_NOSIGNAL));
70 BIO_clear_retry_flags(bio);
71 if (errno == EAGAIN || errno == EWOULDBLOCK) {
72 BIO_set_retry_write(bio);
73 }
74 return ret;
75}
76
77long socketCtrl(BIO* bio, int cmd, long num, void*) { // NOLINT
78 android::base::borrowed_fd fd(static_cast<int>(reinterpret_cast<intptr_t>(BIO_get_data(bio))));
79 if (cmd == BIO_CTRL_FLUSH) return 1;
80 LOG_ALWAYS_FATAL("sockCtrl(fd=%d, %d, %ld)", fd.get(), cmd, num);
81 return 0;
82}
83
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]84bssl::UniquePtr<BIO> newSocketBio(android::base::borrowed_fd fd) {
Yifan Hongd17353c2021-06-24 21:56:38 -0700[diff] [blame]85 static const BIO_METHOD* gMethods = ([] {
86 auto methods = BIO_meth_new(BIO_get_new_index(), "socket_no_signal");
87 LOG_ALWAYS_FATAL_IF(0 == BIO_meth_set_write(methods, socketWrite), "BIO_meth_set_write");
88 LOG_ALWAYS_FATAL_IF(0 == BIO_meth_set_read(methods, socketRead), "BIO_meth_set_read");
89 LOG_ALWAYS_FATAL_IF(0 == BIO_meth_set_ctrl(methods, socketCtrl), "BIO_meth_set_ctrl");
90 LOG_ALWAYS_FATAL_IF(0 == BIO_meth_set_create(methods, socketNew), "BIO_meth_set_create");
91 LOG_ALWAYS_FATAL_IF(0 == BIO_meth_set_destroy(methods, socketFree), "BIO_meth_set_destroy");
92 return methods;
93 })();
94 bssl::UniquePtr<BIO> ret(BIO_new(gMethods));
95 if (ret == nullptr) return nullptr;
96 BIO_set_data(ret.get(), reinterpret_cast<void*>(fd.get()));
97 BIO_set_init(ret.get(), 1);
98 return ret;
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]99}
100
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]101[[maybe_unused]] void sslDebugLog(const SSL* ssl, int type, int value) {
102 switch (type) {
103 case SSL_CB_HANDSHAKE_START:
104 LOG_TLS_DETAIL("Handshake started.");
105 break;
106 case SSL_CB_HANDSHAKE_DONE:
107 LOG_TLS_DETAIL("Handshake done.");
108 break;
109 case SSL_CB_ACCEPT_LOOP:
110 LOG_TLS_DETAIL("Handshake progress: %s", SSL_state_string_long(ssl));
111 break;
112 default:
113 LOG_TLS_DETAIL("SSL Debug Log: type = %d, value = %d", type, value);
114 break;
115 }
116}
117
Yifan Hong87a379c2021-08-12 18:53:24 -0700[diff] [blame]118// Helper class to ErrorQueue::toString
119class ErrorQueueString {
120public:
121 static std::string toString() {
122 ErrorQueueString thiz;
123 ERR_print_errors_cb(staticCallback, &thiz);
124 return thiz.mSs.str();
125 }
126
127private:
128 static int staticCallback(const char* str, size_t len, void* ctx) {
129 return reinterpret_cast<ErrorQueueString*>(ctx)->callback(str, len);
130 }
131 int callback(const char* str, size_t len) {
132 if (len == 0) return 1; // continue
133 // ERR_print_errors_cb place a new line at the end, but it doesn't say so in the API.
134 if (str[len - 1] == '\n') len -= 1;
135 if (!mIsFirst) {
136 mSs << '\n';
137 }
138 mSs << std::string_view(str, len);
139 mIsFirst = false;
140 return 1; // continue
141 }
142 std::stringstream mSs;
143 bool mIsFirst = true;
144};
145
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]146// Handles libssl's error queue.
147//
148// Call into any of its member functions to ensure the error queue is properly handled or cleared.
149// If the error queue is not handled or cleared, the destructor will abort.
150class ErrorQueue {
151public:
152 ~ErrorQueue() { LOG_ALWAYS_FATAL_IF(!mHandled); }
153
154 // Clear the error queue.
155 void clear() {
156 ERR_clear_error();
157 mHandled = true;
158 }
159
160 // Stores the error queue in |ssl| into a string, then clears the error queue.
161 std::string toString() {
Yifan Hong87a379c2021-08-12 18:53:24 -0700[diff] [blame]162 auto ret = ErrorQueueString::toString();
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]163 // Though ERR_print_errors_cb should have cleared it, it is okay to clear again.
164 clear();
Yifan Hong87a379c2021-08-12 18:53:24 -0700[diff] [blame]165 return ret;
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]166 }
167
168 // |sslError| should be from Ssl::getError().
169 // If |sslError| is WANT_READ / WANT_WRITE, poll for POLLIN / POLLOUT respectively. Otherwise
170 // return error. Also return error if |fdTrigger| is triggered before or during poll().
171 status_t pollForSslError(android::base::borrowed_fd fd, int sslError, FdTrigger* fdTrigger,
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]172 const char* fnString, int additionalEvent,
173 const std::function<status_t()>& altPoll) {
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]174 switch (sslError) {
175 case SSL_ERROR_WANT_READ:
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]176 return handlePoll(POLLIN | additionalEvent, fd, fdTrigger, fnString, altPoll);
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]177 case SSL_ERROR_WANT_WRITE:
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]178 return handlePoll(POLLOUT | additionalEvent, fd, fdTrigger, fnString, altPoll);
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]179 case SSL_ERROR_SYSCALL: {
180 auto queue = toString();
181 LOG_TLS_DETAIL("%s(): %s. Treating as DEAD_OBJECT. Error queue: %s", fnString,
182 SSL_error_description(sslError), queue.c_str());
183 return DEAD_OBJECT;
184 }
185 default: {
186 auto queue = toString();
187 ALOGE("%s(): %s. Error queue: %s", fnString, SSL_error_description(sslError),
188 queue.c_str());
189 return UNKNOWN_ERROR;
190 }
191 }
192 }
193
194private:
195 bool mHandled = false;
196
197 status_t handlePoll(int event, android::base::borrowed_fd fd, FdTrigger* fdTrigger,
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]198 const char* fnString, const std::function<status_t()>& altPoll) {
199 status_t ret;
200 if (altPoll) {
201 ret = altPoll();
202 if (fdTrigger->isTriggered()) ret = DEAD_OBJECT;
203 } else {
204 ret = fdTrigger->triggerablePoll(fd, event);
205 }
206
Steven Morelandc591b472021-09-16 13:56:11 -0700[diff] [blame]207 if (ret != OK && ret != DEAD_OBJECT) {
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]208 ALOGE("poll error while after %s(): %s", fnString, statusToString(ret).c_str());
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]209 }
210 clear();
211 return ret;
212 }
213};
214
215// Helper to call a function, with its return value instantiable.
216template <typename Fn, typename... Args>
217struct FuncCaller {
218 struct Monostate {};
219 static constexpr bool sIsVoid = std::is_void_v<std::invoke_result_t<Fn, Args...>>;
220 using Result = std::conditional_t<sIsVoid, Monostate, std::invoke_result_t<Fn, Args...>>;
221 static inline Result call(Fn fn, Args&&... args) {
222 if constexpr (std::is_void_v<std::invoke_result_t<Fn, Args...>>) {
223 std::invoke(fn, std::forward<Args>(args)...);
224 return {};
225 } else {
226 return std::invoke(fn, std::forward<Args>(args)...);
227 }
228 }
229};
230
231// Helper to Ssl::call(). Returns the result to the SSL_* function as well as an ErrorQueue object.
232template <typename Fn, typename... Args>
233struct SslCaller {
234 using RawCaller = FuncCaller<Fn, SSL*, Args...>;
235 struct ResultAndErrorQueue {
236 typename RawCaller::Result result;
237 ErrorQueue errorQueue;
238 };
239 static inline ResultAndErrorQueue call(Fn fn, SSL* ssl, Args&&... args) {
240 LOG_ALWAYS_FATAL_IF(ssl == nullptr);
241 auto result = RawCaller::call(fn, std::forward<SSL*>(ssl), std::forward<Args>(args)...);
242 return ResultAndErrorQueue{std::move(result), ErrorQueue()};
243 }
244};
245
246// A wrapper over bssl::UniquePtr<SSL>. This class ensures that all SSL_* functions are called
247// through call(), which returns an ErrorQueue object that requires the caller to either handle
248// or clear it.
249// Example:
250// auto [ret, errorQueue] = ssl.call(SSL_read, buf, size);
251// if (ret >= 0) errorQueue.clear();
252// else ALOGE("%s", errorQueue.toString().c_str());
253class Ssl {
254public:
255 explicit Ssl(bssl::UniquePtr<SSL> ssl) : mSsl(std::move(ssl)) {
256 LOG_ALWAYS_FATAL_IF(mSsl == nullptr);
257 }
258
259 template <typename Fn, typename... Args>
260 inline typename SslCaller<Fn, Args...>::ResultAndErrorQueue call(Fn fn, Args&&... args) {
261 return SslCaller<Fn, Args...>::call(fn, mSsl.get(), std::forward<Args>(args)...);
262 }
263
264 int getError(int ret) {
265 LOG_ALWAYS_FATAL_IF(mSsl == nullptr);
266 return SSL_get_error(mSsl.get(), ret);
267 }
268
269private:
270 bssl::UniquePtr<SSL> mSsl;
271};
272
273class RpcTransportTls : public RpcTransport {
274public:
275 RpcTransportTls(android::base::unique_fd socket, Ssl ssl)
276 : mSocket(std::move(socket)), mSsl(std::move(ssl)) {}
277 Result<size_t> peek(void* buf, size_t size) override;
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]278 status_t interruptableWriteFully(FdTrigger* fdTrigger, const void* data, size_t size,
279 const std::function<status_t()>& altPoll) override;
280 status_t interruptableReadFully(FdTrigger* fdTrigger, void* data, size_t size,
281 const std::function<status_t()>& altPoll) override;
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]282
283private:
284 android::base::unique_fd mSocket;
285 Ssl mSsl;
286};
287
288// Error code is errno.
289Result<size_t> RpcTransportTls::peek(void* buf, size_t size) {
290 size_t todo = std::min<size_t>(size, std::numeric_limits<int>::max());
291 auto [ret, errorQueue] = mSsl.call(SSL_peek, buf, static_cast<int>(todo));
292 if (ret < 0) {
293 int err = mSsl.getError(ret);
294 if (err == SSL_ERROR_WANT_WRITE || err == SSL_ERROR_WANT_READ) {
295 // Seen EAGAIN / EWOULDBLOCK on recv(2) / send(2).
296 // Like RpcTransportRaw::peek(), don't handle it here.
297 return Error(EWOULDBLOCK) << "SSL_peek(): " << errorQueue.toString();
298 }
299 return Error() << "SSL_peek(): " << errorQueue.toString();
300 }
301 errorQueue.clear();
302 LOG_TLS_DETAIL("TLS: Peeked %d bytes!", ret);
303 return ret;
304}
305
306status_t RpcTransportTls::interruptableWriteFully(FdTrigger* fdTrigger, const void* data,
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]307 size_t size,
308 const std::function<status_t()>& altPoll) {
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]309 auto buffer = reinterpret_cast<const uint8_t*>(data);
310 const uint8_t* end = buffer + size;
311
312 MAYBE_WAIT_IN_FLAKE_MODE;
313
Yifan Hong15fff8c2021-08-10 15:07:56 -0700[diff] [blame]314 // Before doing any I/O, check trigger once. This ensures the trigger is checked at least
315 // once. The trigger is also checked via triggerablePoll() after every SSL_write().
Steven Morelandc591b472021-09-16 13:56:11 -0700[diff] [blame]316 if (fdTrigger->isTriggered()) return DEAD_OBJECT;
Yifan Hong15fff8c2021-08-10 15:07:56 -0700[diff] [blame]317
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]318 while (buffer < end) {
319 size_t todo = std::min<size_t>(end - buffer, std::numeric_limits<int>::max());
320 auto [writeSize, errorQueue] = mSsl.call(SSL_write, buffer, todo);
321 if (writeSize > 0) {
322 buffer += writeSize;
323 errorQueue.clear();
324 continue;
325 }
326 // SSL_write() should never return 0 unless BIO_write were to return 0.
327 int sslError = mSsl.getError(writeSize);
328 // TODO(b/195788248): BIO should contain the FdTrigger, and send(2) / recv(2) should be
329 // triggerablePoll()-ed. Then additionalEvent is no longer necessary.
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]330 status_t pollStatus = errorQueue.pollForSslError(mSocket.get(), sslError, fdTrigger,
331 "SSL_write", POLLIN, altPoll);
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]332 if (pollStatus != OK) return pollStatus;
333 // Do not advance buffer. Try SSL_write() again.
334 }
335 LOG_TLS_DETAIL("TLS: Sent %zu bytes!", size);
336 return OK;
337}
338
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]339status_t RpcTransportTls::interruptableReadFully(FdTrigger* fdTrigger, void* data, size_t size,
340 const std::function<status_t()>& altPoll) {
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]341 auto buffer = reinterpret_cast<uint8_t*>(data);
342 uint8_t* end = buffer + size;
343
344 MAYBE_WAIT_IN_FLAKE_MODE;
345
Yifan Hong15fff8c2021-08-10 15:07:56 -0700[diff] [blame]346 // Before doing any I/O, check trigger once. This ensures the trigger is checked at least
347 // once. The trigger is also checked via triggerablePoll() after every SSL_write().
Steven Morelandc591b472021-09-16 13:56:11 -0700[diff] [blame]348 if (fdTrigger->isTriggered()) return DEAD_OBJECT;
Yifan Hong15fff8c2021-08-10 15:07:56 -0700[diff] [blame]349
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]350 while (buffer < end) {
351 size_t todo = std::min<size_t>(end - buffer, std::numeric_limits<int>::max());
352 auto [readSize, errorQueue] = mSsl.call(SSL_read, buffer, todo);
353 if (readSize > 0) {
354 buffer += readSize;
355 errorQueue.clear();
356 continue;
357 }
358 if (readSize == 0) {
359 // SSL_read() only returns 0 on EOF.
360 errorQueue.clear();
361 return DEAD_OBJECT;
362 }
363 int sslError = mSsl.getError(readSize);
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]364 status_t pollStatus = errorQueue.pollForSslError(mSocket.get(), sslError, fdTrigger,
365 "SSL_read", 0, altPoll);
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]366 if (pollStatus != OK) return pollStatus;
367 // Do not advance buffer. Try SSL_read() again.
368 }
369 LOG_TLS_DETAIL("TLS: Received %zu bytes!", size);
370 return OK;
371}
372
373// For |ssl|, set internal FD to |fd|, and do handshake. Handshake is triggerable by |fdTrigger|.
374bool setFdAndDoHandshake(Ssl* ssl, android::base::borrowed_fd fd, FdTrigger* fdTrigger) {
375 bssl::UniquePtr<BIO> bio = newSocketBio(fd);
376 TEST_AND_RETURN(false, bio != nullptr);
377 auto [_, errorQueue] = ssl->call(SSL_set_bio, bio.get(), bio.get());
378 (void)bio.release(); // SSL_set_bio takes ownership.
379 errorQueue.clear();
380
381 MAYBE_WAIT_IN_FLAKE_MODE;
382
383 while (true) {
384 auto [ret, errorQueue] = ssl->call(SSL_do_handshake);
385 if (ret > 0) {
386 errorQueue.clear();
387 return true;
388 }
389 if (ret == 0) {
390 // SSL_do_handshake() only returns 0 on EOF.
391 ALOGE("SSL_do_handshake(): EOF: %s", errorQueue.toString().c_str());
392 return false;
393 }
394 int sslError = ssl->getError(ret);
395 status_t pollStatus =
Steven Moreland43921d52021-09-27 17:15:56 -0700[diff] [blame]396 errorQueue.pollForSslError(fd, sslError, fdTrigger, "SSL_do_handshake", 0, {});
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]397 if (pollStatus != OK) return false;
398 }
399}
400
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]401class RpcTransportCtxTls : public RpcTransportCtx {
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]402public:
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]403 template <typename Impl,
404 typename = std::enable_if_t<std::is_base_of_v<RpcTransportCtxTls, Impl>>>
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]405 static std::unique_ptr<RpcTransportCtxTls> create(
Yifan Hongffdaf952021-09-17 18:08:38 -0700[diff] [blame]406 std::shared_ptr<RpcCertificateVerifier> verifier, RpcAuth* auth);
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]407 std::unique_ptr<RpcTransport> newTransport(android::base::unique_fd fd,
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]408 FdTrigger* fdTrigger) const override;
Yifan Hong9734cfc2021-09-13 16:14:09 -0700[diff] [blame]409 std::vector<uint8_t> getCertificate(RpcCertificateFormat) const override;
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]410
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]411protected:
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]412 static ssl_verify_result_t sslCustomVerify(SSL* ssl, uint8_t* outAlert);
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]413 virtual void preHandshake(Ssl* ssl) const = 0;
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]414 bssl::UniquePtr<SSL_CTX> mCtx;
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]415 std::shared_ptr<RpcCertificateVerifier> mCertVerifier;
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]416};
417
Yifan Hong9734cfc2021-09-13 16:14:09 -0700[diff] [blame]418std::vector<uint8_t> RpcTransportCtxTls::getCertificate(RpcCertificateFormat format) const {
Yifan Hong1deca4b2021-09-10 16:16:44 -0700[diff] [blame]419 X509* x509 = SSL_CTX_get0_certificate(mCtx.get()); // does not own
420 return serializeCertificate(x509, format);
Yifan Hong588d59c2021-08-16 17:13:58 -0700[diff] [blame]421}
422
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]423// Verify by comparing the leaf of peer certificate with every certificate in
424// mTrustedPeerCertificates. Does not support certificate chains.
425ssl_verify_result_t RpcTransportCtxTls::sslCustomVerify(SSL* ssl, uint8_t* outAlert) {
426 LOG_ALWAYS_FATAL_IF(outAlert == nullptr);
427 const char* logPrefix = SSL_is_server(ssl) ? "Server" : "Client";
428
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]429 auto ctx = SSL_get_SSL_CTX(ssl); // Does not set error queue
430 LOG_ALWAYS_FATAL_IF(ctx == nullptr);
431 // void* -> RpcTransportCtxTls*
432 auto rpcTransportCtxTls = reinterpret_cast<RpcTransportCtxTls*>(SSL_CTX_get_app_data(ctx));
433 LOG_ALWAYS_FATAL_IF(rpcTransportCtxTls == nullptr);
434
Yifan Hongb160f8c2021-09-17 22:59:11 -0700[diff] [blame]435 status_t verifyStatus = rpcTransportCtxTls->mCertVerifier->verify(ssl, outAlert);
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]436 if (verifyStatus == OK) {
437 return ssl_verify_ok;
438 }
439 LOG_TLS_DETAIL("%s: Failed to verify client: status = %s, alert = %s", logPrefix,
440 statusToString(verifyStatus).c_str(), SSL_alert_desc_string_long(*outAlert));
441 return ssl_verify_invalid;
442}
443
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]444// Common implementation for creating server and client contexts. The child class, |Impl|, is
445// provided as a template argument so that this function can initialize an |Impl| object.
446template <typename Impl, typename>
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]447std::unique_ptr<RpcTransportCtxTls> RpcTransportCtxTls::create(
Yifan Hongffdaf952021-09-17 18:08:38 -0700[diff] [blame]448 std::shared_ptr<RpcCertificateVerifier> verifier, RpcAuth* auth) {
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]449 bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
450 TEST_AND_RETURN(nullptr, ctx != nullptr);
451
Yifan Hongffdaf952021-09-17 18:08:38 -0700[diff] [blame]452 if (status_t authStatus = auth->configure(ctx.get()); authStatus != OK) {
453 ALOGE("%s: Failed to configure auth info: %s", __PRETTY_FUNCTION__,
454 statusToString(authStatus).c_str());
455 return nullptr;
456 };
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]457
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]458 // Enable two-way authentication by setting SSL_VERIFY_FAIL_IF_NO_PEER_CERT on server.
459 // Client ignores SSL_VERIFY_FAIL_IF_NO_PEER_CERT flag.
460 SSL_CTX_set_custom_verify(ctx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
461 sslCustomVerify);
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]462
463 // Require at least TLS 1.3
464 TEST_AND_RETURN(nullptr, SSL_CTX_set_min_proto_version(ctx.get(), TLS1_3_VERSION));
465
466 if constexpr (SHOULD_LOG_TLS_DETAIL) { // NOLINT
467 SSL_CTX_set_info_callback(ctx.get(), sslDebugLog);
468 }
469
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]470 auto ret = std::make_unique<Impl>();
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]471 // RpcTransportCtxTls* -> void*
472 TEST_AND_RETURN(nullptr, SSL_CTX_set_app_data(ctx.get(), reinterpret_cast<void*>(ret.get())));
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]473 ret->mCtx = std::move(ctx);
Yifan Hong180c2da2021-09-09 15:36:30 -0700[diff] [blame]474 ret->mCertVerifier = std::move(verifier);
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]475 return ret;
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]476}
477
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]478std::unique_ptr<RpcTransport> RpcTransportCtxTls::newTransport(android::base::unique_fd fd,
479 FdTrigger* fdTrigger) const {
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]480 bssl::UniquePtr<SSL> ssl(SSL_new(mCtx.get()));
481 TEST_AND_RETURN(nullptr, ssl != nullptr);
482 Ssl wrapped(std::move(ssl));
483
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]484 preHandshake(&wrapped);
485 TEST_AND_RETURN(nullptr, setFdAndDoHandshake(&wrapped, fd, fdTrigger));
486 return std::make_unique<RpcTransportTls>(std::move(fd), std::move(wrapped));
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]487}
488
Yifan Hong1af48582021-08-16 17:13:30 -0700[diff] [blame]489class RpcTransportCtxTlsServer : public RpcTransportCtxTls {
490protected:
491 void preHandshake(Ssl* ssl) const override {
492 ssl->call(SSL_set_accept_state).errorQueue.clear();
493 }
494};
495
496class RpcTransportCtxTlsClient : public RpcTransportCtxTls {
497protected:
498 void preHandshake(Ssl* ssl) const override {
499 ssl->call(SSL_set_connect_state).errorQueue.clear();
500 }
501};
502
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]503} // namespace
504
505std::unique_ptr<RpcTransportCtx> RpcTransportCtxFactoryTls::newServerCtx() const {
Yifan Hongffdaf952021-09-17 18:08:38 -0700[diff] [blame]506 return android::RpcTransportCtxTls::create<RpcTransportCtxTlsServer>(mCertVerifier,
507 mAuth.get());
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]508}
509
510std::unique_ptr<RpcTransportCtx> RpcTransportCtxFactoryTls::newClientCtx() const {
Yifan Hongffdaf952021-09-17 18:08:38 -0700[diff] [blame]511 return android::RpcTransportCtxTls::create<RpcTransportCtxTlsClient>(mCertVerifier,
512 mAuth.get());
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]513}
514
515const char* RpcTransportCtxFactoryTls::toCString() const {
516 return "tls";
517}
518
Yifan Hong13c90062021-09-09 14:59:53 -0700[diff] [blame]519std::unique_ptr<RpcTransportCtxFactory> RpcTransportCtxFactoryTls::make(
Yifan Hongffdaf952021-09-17 18:08:38 -0700[diff] [blame]520 std::shared_ptr<RpcCertificateVerifier> verifier, std::unique_ptr<RpcAuth> auth) {
Yifan Hong13c90062021-09-09 14:59:53 -0700[diff] [blame]521 if (verifier == nullptr) {
522 ALOGE("%s: Must provide a certificate verifier", __PRETTY_FUNCTION__);
523 return nullptr;
524 }
Yifan Hongffdaf952021-09-17 18:08:38 -0700[diff] [blame]525 if (auth == nullptr) {
526 ALOGE("%s: Must provide an auth provider", __PRETTY_FUNCTION__);
527 return nullptr;
528 }
Yifan Hong13c90062021-09-09 14:59:53 -0700[diff] [blame]529 return std::unique_ptr<RpcTransportCtxFactoryTls>(
Yifan Hongffdaf952021-09-17 18:08:38 -0700[diff] [blame]530 new RpcTransportCtxFactoryTls(std::move(verifier), std::move(auth)));
Yifan Honge8212f22021-06-28 15:49:08 -0700[diff] [blame]531}
532
533} // namespace android