1 /**
2 * Credentials Manager
3 * 
4 * Copyright:
5 * (C) 2011,2012 Jack Lloyd
6 * (C) 2014-2015 Etienne Cimon
7 *
8 * License:
9 * Botan is released under the Simplified BSD License (see LICENSE.md)
10 */
11 module botan.tls.credentials_manager;
12 
13 import botan.constants;
14 static if (BOTAN_HAS_TLS):
15 import botan.cert.x509.x509cert;
16 import botan.cert.x509.certstor;
17 import botan.math.bigint.bigint;
18 import botan.pubkey.pk_keys;
19 import botan.algo_base.symkey;
20 import botan.tls.credentials_manager;
21 import botan.cert.x509.x509path;
22 import botan.utils.types;
23 import botan.pubkey.algo.ecdsa;
24 
25 /**
26 * Interface for a credentials manager.
27 *
28 * A type is a fairly static value that represents the general nature
29 * of the transaction occuring. Currently used values are "tls-client"
30 * and "tls-server". Context represents a hostname, email address,
31 * username, or other identifier.
32 */
33 abstract class TLSCredentialsManager
34 {
35 public:
36 
37     /**
38     * Return a list of the certificates of CAs that we trust in this
39     * type/context.
40     *
41     * Params:
42     *  type = specifies the type of operation occuring
43     *
44     *  context = specifies a context relative to type. For instance
45     *          for type "tls-client", context specifies the servers name.
46     */
47     abstract Vector!CertificateStore 
48         trustedCertificateAuthorities(in string type, in string context)
49     {
50         return Vector!CertificateStore();
51     }
52 
53     /**
54     * Check the certificate chain is valid up to a trusted root, and
55     * optionally (if hostname != "") that the hostname given is
56     * consistent with the leaf certificate.
57     *
58     * This function should throw new an exception derived from
59     * $(D Exception) with an informative what() result if the
60     * certificate chain cannot be verified.
61 
62     * Params:
63     *  type = specifies the type of operation occuring
64     *  purported_hostname = specifies the purported hostname
65     *  cert_chain = specifies a certificate chain leading to a
66     *          trusted root CA certificate.
67     */
68     abstract void verifyCertificateChain(in string type,
69                                          in string purported_hostname,
70                                          const ref Vector!X509Certificate cert_chain)
71     {
72 		if (cert_chain.empty)
73             throw new InvalidArgument("Certificate chain was empty");
74         
75         auto trusted_CAs = trustedCertificateAuthorities(type, purported_hostname);
76         
77         PathValidationRestrictions restrictions;
78         
79         auto result = x509PathValidate(cert_chain,
80                                        restrictions,
81                                        trusted_CAs);
82         
83         if (!result.successfulValidation())
84             throw new Exception("Certificate validation failure: " ~ result.resultString());
85         
86         if (!certInSomeStore(trusted_CAs, result.trustRoot()))
87             throw new Exception("Certificate chain roots in unknown/untrusted CA");
88         
89         if (purported_hostname != "" && !cert_chain[0].matchesDnsName(purported_hostname))
90             throw new Exception("Certificate did not match hostname");
91     }
92 
93     /**
94     * Return a cert chain we can use, ordered from leaf to root,
95     * or else an empty vector.
96     *
97     * It is assumed that the caller can get the private key of the
98     * leaf with privateKeyFor
99     *
100     * Params:
101     *  cert_key_types = specifies the key types desired ("RSA",
102     *                              "DSA", "ECDSA", etc), or empty if there
103     *                              is no preference by the caller.
104     *
105     *  type = specifies the type of operation occuring
106     *
107     *  context = specifies a context relative to type.
108     */
109     abstract Vector!X509Certificate certChain(const ref Vector!string cert_key_types,
110                                               in string type,
111                                               in string context)
112     {
113         return Vector!X509Certificate();
114     }
115 
116     /// ditto
117     final Vector!X509Certificate certChain(T : string[])(auto ref T cert_key_types, in string type, in string context)
118     {
119         return certChain(Vector!string(cert_key_types), type, context);
120     }
121 
122     /**
123     * Return a cert chain we can use, ordered from leaf to root,
124     * or else an empty vector.
125     *
126     * It is assumed that the caller can get the private key of the
127     * leaf with privateKeyFor
128     *
129     * Params:
130     *  cert_key_type = specifies the type of key requested
131     *                             ("RSA", "DSA", "ECDSA", etc)
132     *
133     *  type = specifies the type of operation occuring
134     *
135     *  context = specifies a context relative to type.
136     */
137     abstract Vector!X509Certificate certChainSingleType(in string cert_key_type,
138                                                         in string type,
139                                                         in string context)
140     {
141         Vector!string cert_types;
142         cert_types.pushBack(cert_key_type);
143         return certChain(cert_types, type, context);
144     }
145 
146     /**
147     * 
148     * Params: 
149     *  cert = as returned by cert_chain
150     *  type = specifies the type of operation occuring
151     *  context = specifies a context relative to type.
152     * 
153     * Returns: private key associated with this certificate if we should
154     *            use it with this context. 
155     * 
156     * Notes: this object should retain ownership of the returned key;
157     *         it should not be deleted by the caller.
158     */
159     abstract PrivateKey privateKeyFor(in X509Certificate cert, in string type, in string context)
160     {
161         return null;
162     }
163 
164     /**
165     * Params:
166     *  type = specifies the type of operation occuring
167     *  context = specifies a context relative to type.
168     * Returns: true if we should attempt SRP authentication
169     */
170     abstract bool attemptSrp(in string type, in string context)
171     {
172         return false;
173     }
174 
175     /**
176     * Params:
177     *  type = specifies the type of operation occuring
178     *  context = specifies a context relative to type.
179     * Returns: identifier for client-side SRP auth, if available
180                  for this type/context. Should return empty string
181                  if password auth not desired/available.
182     */
183     abstract string srpIdentifier(in string type, in string context)
184     {
185         return "";
186     }
187 
188     /**
189     * Params:
190     *  type = specifies the type of operation occuring
191     *  context = specifies a context relative to type.
192     *  identifier = specifies what identifier we want the
193     *          password for. This will be a value previously returned
194     *          by srp_identifier.
195     * Returns: password for client-side SRP auth, if available
196                  for this identifier/type/context.
197     */
198     abstract string srpPassword(in string type,
199                                  in string context,
200                                  in string identifier)
201     {
202         return "";
203     }
204 
205     /**
206     * Retrieve SRP verifier parameters
207     */
208     abstract bool srpVerifier(in string type,
209                               in string context,
210                               in string identifier,
211                               ref string group_name,
212                               ref BigInt verifier,
213                               ref Vector!ubyte salt,
214                               bool generate_fake_on_unknown)
215     {
216         return false;
217     }
218 
219     /**
220     * Params:
221     *  type = specifies the type of operation occuring
222     *  context = specifies a context relative to type.
223     * Returns: the PSK identity hint for this type/context
224     */
225     abstract string pskIdentityHint(in string type, in string context)
226     {
227         return "";
228     }
229 
230     /**
231     * Params:
232     *  type = specifies the type of operation occuring
233     *  context = specifies a context relative to type.
234     *  identity_hint = was passed by the server (but may be empty)
235     * Returns: the PSK identity we want to use
236     */
237     abstract string pskIdentity(in string type, in string context, in string identity_hint)
238     {
239         return "";
240     }
241 
242 	/// Override and return true to signal PSK usage
243 	abstract bool hasPsk() {
244 		return false;
245 	}
246         
247     /// In TLSClient, identifies this machine with the server
248     PrivateKey channelPrivateKey(string hostname)
249     {
250         import botan.rng.auto_rng;
251         static ECDSAPrivateKey[string] pkey_saved;
252         if (hostname !in pkey_saved) {
253             auto rng = scoped!AutoSeededRNG();
254             pkey_saved[hostname] = ECDSAPrivateKey(rng, ECGroup("secp256r1"));
255         }
256         return *pkey_saved[hostname];
257     }
258 
259     /**
260     * Params:
261     *  type = specifies the type of operation occuring
262     *  context = specifies a context relative to type.
263     *  identity = is a PSK identity previously returned by
264                 psk_identity for the same type and context.
265     * Returns: the PSK used for identity, or throw new an exception if no
266     * key exists
267     */
268     abstract SymmetricKey psk(in string type, in string context, in string identity)
269     {
270         throw new InternalError("No PSK set for identity " ~ identity);
271     }
272 }
273 
274 bool certInSomeStore(const ref Vector!CertificateStore trusted_CAs, in X509Certificate trust_root)
275 {
276     foreach (const ref CertificateStore CAs; trusted_CAs[])
277         if (CAs.certificateKnown(trust_root))
278             return true;
279     return false;
280 }