Commit graph

43 commits

Author SHA1 Message Date
Ali Mohammad Pur
e0465b8939 Revert "LibTLS+Everywhere: Switch to using WolfSSL"
This reverts commit 8bb610b97a.
Linking wolfSSL seems to cause more legal trouble than it's worth due to
it being GPLv2, so let's undo this for now.
2024-07-06 15:15:34 -06:00
Ali Mohammad Pur
8bb610b97a LibTLS+Everywhere: Switch to using WolfSSL
This commit replaces all TLS connection code with wolfssl.
The certificate parsing code has to remain for now, as wolfssl does not
seem to have any exposed API for that.
2024-07-06 22:15:19 +02:00
circl
9f7f6aa80c LibTLS: Remove key-logging debug feature
This attempted to save data into /home/anon even on Linux
2024-06-24 09:45:41 -06:00
Timothy Flynn
c23060e21b Userland: Avoid some now-unneeded explicit conversions to Bytes 2024-04-04 11:23:21 +02:00
Ali Mohammad Pur
0994aa91dc LibCrypto: Remove unused Crypto::PK::EMSA_PSS class
This is not used, and its implementation is not actually correct
regardless.
2024-03-16 01:17:02 -06:00
Michiel Visser
e785172290 LibTLS: Implement the extended_master_secret TLS extension 2023-11-27 09:37:25 +03:30
Michiel Visser
5ab64320b2 LibTLS: Compute the master secret in a single place
Before we were computing the master secret in the different
`build_*_pre_master_secret` methods, but this can be simplified to a
single call.
2023-11-27 09:37:25 +03:30
Michiel Visser
c548dca174 LibTLS: Add ECDSA support with the secp256r1 curve 2023-10-30 10:17:39 -06:00
stelar7
5853d9642a LibTLS: Move AlertDescription to Extensions.h
Also add missing values from the IANA registry
2023-04-14 12:32:04 +01:00
stelar7
c30ee1b89b LibTLS: Update HandshakeType value names to match IANA registry values 2023-04-14 12:32:04 +01:00
stelar7
611a235a52 LibTLS: Rename AlertLevel Critial to FATAL
This matches the wording used in the TLS RFC
2023-04-14 12:32:04 +01:00
stelar7
ca6b8bfe7f LibTLS: Rename Version to ProtocolVersion
This matches the wording used in the TLS RFC
Also define GREASE values as specified in RFC8701
2023-04-14 12:32:04 +01:00
stelar7
082e64e167 LibTLS: Rename MessageType to ContentType
This matches the wording used in the TLS RFC
2023-04-14 12:32:04 +01:00
stelar7
d527edf0ab LibTLS: Change Certificate parsing to use ErrorOr
Loads of changes that are tightly connected... :/
* Change lambdas to static functions
* Add spec docs to those functions
* Keep the current scope around as a parameter
* Add wrapping classes for some Certificate members
* Parse ec and ecdsa data from certificates
2023-04-06 09:57:31 +03:30
Timothy Flynn
15532df83d AK+Everywhere: Change AK::fill_with_random to accept a Bytes object
Rather than the very C-like API we currently have, accepting a void* and
a length, let's take a Bytes object instead. In almost all existing
cases, the compiler figures out the length.
2023-04-03 15:53:49 +02:00
Tim Schumacher
ecd1862859 AK: Rename Stream::write_entire_buffer to Stream::write_until_depleted
No functional changes.
2023-03-13 15:16:20 +00:00
Tim Schumacher
606a3982f3 LibCore: Move Stream-based file into the Core namespace 2023-02-13 00:50:07 +00:00
Timothy Flynn
0ddc2e1f50 LibCrypto+Everywhere: Rename *BigInteger::to_base to to_base_deprecated 2023-01-15 01:00:20 +00:00
Tim Schumacher
9a3e95785e LibCore: Propagate errors from Stream::*_entire_buffer 2022-12-12 14:16:42 +01:00
Tim Schumacher
6c7c5a6786 LibCore: Rename Stream::*_or_error to *_entire_buffer
All of our functions are `_or_error` (or are about to be), and maybe
making it less reminiscient of AK::Stream will make people use it more.
2022-12-12 14:16:42 +01:00
sin-ack
3f3f45580a Everywhere: Add sv suffix to strings relying on StringView(char const*)
Each of these strings would previously rely on StringView's char const*
constructor overload, which would call __builtin_strlen on the string.
Since we now have operator ""sv, we can replace these with much simpler
versions. This opens the door to being able to remove
StringView(char const*).

No functional changes.
2022-07-12 23:11:35 +02:00
Michiel Visser
331092d25a LibTLS: Add references to RFC5246 for the verify procedure 2022-04-17 10:10:19 +04:30
Michiel Visser
d78813d902 LibTLS: Simplify the way verify_chain is called
The `build_rsa_pre_master_secret` function originally called
`verify_chain_and_get_matching_certificate`, which verified the chain
and returned a certificate matching the specified hostname.

Since the first certificate in the chain should always be the one
matching with the hostname, we can simply use that one instead. This
means we can completely remove this method and just use `verify_chain`.

To make sure the hostname is still verified, `verify_chain` now also
checks that the first certificate in the chain matches the specified
hostname. If the hostname is empty, we currently fail the verification,
however this basically never happen, as the server name indication
extension is always used.
2022-04-17 10:10:19 +04:30
Michiel Visser
707b222913 LibTLS: Add certificate chain validation to DHE and ECDHE key exchange
The RSA key exchange was the only one actually verifying the validity of
the certificate chain supplied by the server. Now the DHE and ECDHE key
exchanges also check the certificate chain.
2022-04-17 10:10:19 +04:30
Idan Horowitz
086969277e Everywhere: Run clang-format 2022-04-01 21:24:45 +01:00
Michiel Visser
c1b041e761 LibCrypto+LibTLS: Generalize the elliptic curve interface
These changes generalize the interface with an elliptic curve
implementation. This allows LibTLS to support elliptic curves generally
without needing the specifics of elliptic curve implementations.

This should allow for easier addition of other elliptic curves.
2022-03-20 00:51:50 +03:30
stelar7
125a43e203 LibTLS: Add support for curve x448 2022-03-09 13:04:48 +03:30
Michiel Visser
7ab4337721 LibTLS: Add Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) support
This adds support for the Elliptic Curve Diffie-Hellman Ephemeral key
exchange, using the X25519 elliptic curve. This means that the
ECDHE_RSA_WITH_AES_128_GCM_SHA256 and ECDHE_RSA_WITH_AES_256_GCM_SHA384
cipher suites are now supported.

Currently, only the X25519 elliptic curve is supported in combination
with the uncompressed elliptic curve point format. However, since the
X25519 is the recommended curve, basically every server supports this.
Furthermore, the uncompressed point format is required by the TLS
specification, which means any server with EC support will support the
uncompressed format.

Like the implementation of the normal Diffie-Hellman Ephemeral key
exchange, this implementation does not currently validate the signature
of the public key sent by the server.
2022-02-18 15:41:41 +03:30
Ali Mohammad Pur
cb7becb067 LibTLS+RequestServer: Add an option to dump TLS keys to a log file
This file allows us to decrypt TLS messages in wireshark, which can help
immensely in debugging network stuff :^)
2022-02-09 21:23:25 +01:00
Sam Atkins
45cf40653a Everywhere: Convert ByteBuffer factory methods from Optional -> ErrorOr
Apologies for the enormous commit, but I don't see a way to split this
up nicely. In the vast majority of cases it's a simple change. A few
extra places can use TRY instead of manual error checking though. :^)
2022-01-24 22:36:09 +01:00
Andreas Kling
8b1108e485 Everywhere: Pass AK::StringView by value 2021-11-11 01:27:46 +01:00
Andreas Kling
a15ed8743d AK: Make ByteBuffer::try_* functions return ErrorOr<void>
Same as Vector, ByteBuffer now also signals allocation failure by
returning an ENOMEM Error instead of a bool, allowing us to use the
TRY() and MUST() patterns.
2021-11-10 21:58:58 +01:00
Nico Weber
de72332920 Libraries: Fix typos 2021-10-01 01:06:40 +01:00
Ali Mohammad Pur
97e97bccab Everywhere: Make ByteBuffer::{create_*,copy}() OOM-safe 2021-09-06 01:53:26 +02:00
Ali Mohammad Pur
3a9f00c59b Everywhere: Use OOM-safe ByteBuffer APIs where possible
If we can easily communicate failure, let's avoid asserting and report
failure instead.
2021-09-06 01:53:26 +02:00
Samuel Bowman
b288016bbc LibTLS: Implement the DHE_RSA key exchange algorithm
This adds two methods, handle_dhe_rsa_server_key_exchange and
build_dhe_rsa_pre_master_secret, to TLSv12 and a struct,
server_diffie_hellman_params, to Context, which are used to implement
the DHE_RSA key exchange algorithm. This grants us the benefits of
forward secrecy and access to sites which support DHE_RSA.

It is worth noting that the signature of the server provided
Diffie-Hellman parameters is not currently validated. This will need to
be addressed to prevent man-in-the-middle attacks.
2021-08-16 03:50:53 +04:30
Ali Mohammad Pur
7ac196974d Everywhere: Replace Vector<T*> with nonnull entries with Vector<T&> 2021-06-08 19:14:24 +02:00
Gunnar Beutner
5f18cf75c5 AK: Replace ByteBuffer::grow with resize()/ensure_capacity()
Previously ByteBuffer::grow() behaved like Vector<T>::resize().
However the function name was somewhat ambiguous - and so this patch
updates ByteBuffer to behave more like Vector<T> by replacing grow()
with resize() and adding an ensure_capacity() method.

This also lets the user change the buffer's capacity without affecting
the size which was not previously possible.

Additionally this patch makes the capacity() method public (again).
2021-05-31 14:49:00 +04:30
DexesTTP
cb4a0dec8a LibTLS: Use a more precise KeyExchangeAlgorithm enum
The old enumeration didn't allow discriminating the key exchange
algorithms used, but only allowed the handshake with the server. With
this new enumeration, we can know which key exchange algorithm we are
actually supposed to use :^)
2021-05-29 13:29:46 +04:30
DexesTTP
68f6796e72 LibTLS: Use RSA key exchange based on the cipher
After this, we aren't hardcoding RSA in everything we do anymore!
2021-05-19 09:18:45 +02:00
DexesTTP
9bb823a6ab LibTLS: Generate cipher variants based on the cipher
This is better than using the AEAD flag :^)
2021-05-19 09:18:45 +02:00
DexesTTP
2e9a4bb95c LibTLS: Replace cipher selection with a variant 2021-05-19 09:18:45 +02:00
DexesTTP
851e254e8f LibTLS: Rework method names and arrangement in cpp files
This commit only moves and renames methods. The code hasn't changed.
2021-05-19 09:18:45 +02:00
Renamed from Userland/Libraries/LibTLS/Exchange.cpp (Browse further)