opensslstreamadapter.cc revision 458ffd574bb14dfe61ad65d1b1fd09846e3b58cd
17ba0605dc97fb81bde8311510d27b3ccba170008Ceki Gulcu/* 27ba0605dc97fb81bde8311510d27b3ccba170008Ceki Gulcu * Copyright 2004 The WebRTC Project Authors. All rights reserved. 388c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu * 47ba0605dc97fb81bde8311510d27b3ccba170008Ceki Gulcu * Use of this source code is governed by a BSD-style license 588c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu * that can be found in the LICENSE file in the root of the source 688c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu * tree. An additional intellectual property rights grant can be found 788c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu * in the file PATENTS. All contributing project authors may 888c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu * be found in the AUTHORS file in the root of the source tree. 988c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu */ 1088c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 1188c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#if HAVE_CONFIG_H 127ba0605dc97fb81bde8311510d27b3ccba170008Ceki Gulcu#include "config.h" 1388c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#endif // HAVE_CONFIG_H 1488c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 157ba0605dc97fb81bde8311510d27b3ccba170008Ceki Gulcu#if HAVE_OPENSSL_SSL_H 1688c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 1788c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/opensslstreamadapter.h" 1888c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 1988c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include <openssl/bio.h> 2088c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include <openssl/crypto.h> 2188c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include <openssl/err.h> 2288c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include <openssl/rand.h> 237ba0605dc97fb81bde8311510d27b3ccba170008Ceki Gulcu#include <openssl/tls1.h> 2488c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include <openssl/x509v3.h> 2588c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 2688c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include <vector> 2788c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 2888c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/common.h" 2988c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/logging.h" 3088c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/safe_conversions.h" 3188c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/stream.h" 323c0ab3466b6fa6e915974c72558d64c570734700Ceki Gulcu#include "webrtc/base/openssl.h" 3388c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/openssladapter.h" 3488c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/openssldigest.h" 3588c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/opensslidentity.h" 3688c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/stringutils.h" 3788c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu#include "webrtc/base/thread.h" 3888c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 396dd2bd58cffc857d064d0e0ac3017d6aee924bb8Ceki Gulcunamespace rtc { 4088c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 416dd2bd58cffc857d064d0e0ac3017d6aee924bb8Ceki Gulcu#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) 429f10490a05f7344f4b3ef657e8991f5d51934e2fCeki Gulcu#define HAVE_DTLS_SRTP 436dd2bd58cffc857d064d0e0ac3017d6aee924bb8Ceki Gulcu#endif 449f10490a05f7344f4b3ef657e8991f5d51934e2fCeki Gulcu 456dd2bd58cffc857d064d0e0ac3017d6aee924bb8Ceki Gulcu#ifdef HAVE_DTLS_SRTP 4688c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu// SRTP cipher suite table. |internal_name| is used to construct a 4788c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu// colon-separated profile strings which is needed by 4888c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu// SSL_CTX_set_tlsext_use_srtp(). 4988c4c456766193e012eb890e2208473d99b91f83Ceki Gulcustruct SrtpCipherMapEntry { 5088c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu const char* internal_name; 5188c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu const int id; 5288c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu}; 5388c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu 5488c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu// This isn't elegant, but it's better than an external reference 5531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic SrtpCipherMapEntry SrtpCipherMap[] = { 5631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {"SRTP_AES128_CM_SHA1_80", SRTP_AES128_CM_SHA1_80}, 5731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {"SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32}, 5831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {nullptr, 0}}; 5931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif 6031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 6131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#ifndef OPENSSL_IS_BORINGSSL 6231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 6331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// Cipher name table. Maps internal OpenSSL cipher ids to the RFC name. 6431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustruct SslCipherMapEntry { 6531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu uint32_t openssl_id; 6631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu const char* rfc_name; 6731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu}; 6831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 6931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#define DEFINE_CIPHER_ENTRY_SSL3(name) {SSL3_CK_##name, "TLS_"#name} 7031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#define DEFINE_CIPHER_ENTRY_TLS1(name) {TLS1_CK_##name, "TLS_"#name} 7131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 7231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// There currently is no method available to get a RFC-compliant name for a 7331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// cipher suite from BoringSSL, so we need to define the mapping manually here. 7431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// This should go away once BoringSSL supports "SSL_CIPHER_standard_name" 7531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// (as available in OpenSSL if compiled with tracing enabled) or a similar 7631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// method. 7731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic const SslCipherMapEntry kSslCipherMap[] = { 7831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // TLS v1.0 ciphersuites from RFC2246. 7931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_SSL3(RSA_RC4_128_SHA), 8031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {SSL3_CK_RSA_DES_192_CBC3_SHA, 8131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_RSA_WITH_3DES_EDE_CBC_SHA"}, 8231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 8331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // AES ciphersuites from RFC3268. 8431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_RSA_WITH_AES_128_SHA, 8531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_RSA_WITH_AES_128_CBC_SHA"}, 8631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 8731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}, 8831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_RSA_WITH_AES_256_SHA, 8931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_RSA_WITH_AES_256_CBC_SHA"}, 9031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 9131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"}, 9231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 9331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // ECC ciphersuites from RFC4492. 9431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_RC4_128_SHA), 9531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 9631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"}, 9731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_128_CBC_SHA), 9831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_256_CBC_SHA), 9931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 10031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_RC4_128_SHA), 10131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 10231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 10331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_128_CBC_SHA), 10431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_256_CBC_SHA), 10531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 10631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // TLS v1.2 ciphersuites. 10731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_RSA_WITH_AES_128_SHA256, 10831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_RSA_WITH_AES_128_CBC_SHA256"}, 10931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_RSA_WITH_AES_256_SHA256, 11031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_RSA_WITH_AES_256_CBC_SHA256"}, 11131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 11231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"}, 11331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 11431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"}, 11531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 11631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // TLS v1.2 GCM ciphersuites from RFC5288. 11731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(RSA_WITH_AES_128_GCM_SHA256), 11831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(RSA_WITH_AES_256_GCM_SHA384), 11931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(DHE_RSA_WITH_AES_128_GCM_SHA256), 12031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(DHE_RSA_WITH_AES_256_GCM_SHA384), 12131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(DH_RSA_WITH_AES_128_GCM_SHA256), 12231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(DH_RSA_WITH_AES_256_GCM_SHA384), 12331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 12431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // ECDH HMAC based ciphersuites from RFC5289. 12531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 12631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"}, 12731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 12831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"}, 12931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 13031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"}, 13131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 13231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"}, 13331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 13431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // ECDH GCM based ciphersuites from RFC5289. 13531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), 13631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_256_GCM_SHA384), 13731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_128_GCM_SHA256), 13831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_256_GCM_SHA384), 13931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 14031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu {0, NULL} 14131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu}; 14231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif // #ifndef OPENSSL_IS_BORINGSSL 14331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 14431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#if defined(_MSC_VER) 14531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#pragma warning(push) 14631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#pragma warning(disable : 4309) 14731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#pragma warning(disable : 4310) 14831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif // defined(_MSC_VER) 14931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 15031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// Default cipher used between OpenSSL/BoringSSL stream adapters. 15131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// This needs to be updated when the default of the SSL library changes. 15231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// static_cast<uint16_t> causes build warnings on windows platform. 15331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int kDefaultSslCipher10 = 15431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA); 15531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int kDefaultSslEcCipher10 = 15631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA); 15731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#ifdef OPENSSL_IS_BORINGSSL 15831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int kDefaultSslCipher12 = 15931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256); 16031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int kDefaultSslEcCipher12 = 16131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256); 16231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable. 16331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// TODO(davidben): Switch to the standardized CHACHA20_POLY1305 variant when 16431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// available. 16531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int kDefaultSslCipher12NoAesGcm = 16631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD); 16731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int kDefaultSslEcCipher12NoAesGcm = 16831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD); 16931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#else // !OPENSSL_IS_BORINGSSL 17031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// OpenSSL sorts differently than BoringSSL, so the default cipher doesn't 17131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// change between TLS 1.0 and TLS 1.2 with the current setup. 17231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int kDefaultSslCipher12 = 17331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA); 17431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int kDefaultSslEcCipher12 = 17531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA); 17631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif 17731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 17831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#if defined(_MSC_VER) 17931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#pragma warning(pop) 18031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif // defined(_MSC_VER) 18131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 18231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu////////////////////////////////////////////////////////////////////// 18331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// StreamBIO 18431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu////////////////////////////////////////////////////////////////////// 18531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 18631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_write(BIO* h, const char* buf, int num); 18731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_read(BIO* h, char* buf, int size); 18831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_puts(BIO* h, const char* str); 18931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2); 19031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_new(BIO* h); 19131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_free(BIO* data); 19231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 19331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// TODO(davidben): This should be const once BoringSSL is assumed. 19431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic BIO_METHOD methods_stream = { 19531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu BIO_TYPE_BIO, 19631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu "stream", 19731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu stream_write, 19831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu stream_read, 19931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu stream_puts, 20031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 0, 20131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu stream_ctrl, 20231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu stream_new, 20331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu stream_free, 20431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu NULL, 20531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu}; 20631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 20731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic BIO_METHOD* BIO_s_stream() { return(&methods_stream); } 20831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 20931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic BIO* BIO_new_stream(StreamInterface* stream) { 21031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu BIO* ret = BIO_new(BIO_s_stream()); 21131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (ret == NULL) 21231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return NULL; 21331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ret->ptr = stream; 21431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return ret; 21531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 21631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 21731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// bio methods return 1 (or at least non-zero) on success and 0 on failure. 21831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 21931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_new(BIO* b) { 22031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu b->shutdown = 0; 22131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu b->init = 1; 22231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu b->num = 0; // 1 means end-of-stream 22331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu b->ptr = 0; 22431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return 1; 22531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 22631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 22731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_free(BIO* b) { 22831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (b == NULL) 22931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return 0; 23031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return 1; 23131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 23231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 23331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_read(BIO* b, char* out, int outl) { 23431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (!out) 23531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return -1; 23631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu StreamInterface* stream = static_cast<StreamInterface*>(b->ptr); 23731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu BIO_clear_retry_flags(b); 23831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu size_t read; 23931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu int error; 24031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu StreamResult result = stream->Read(out, outl, &read, &error); 24131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (result == SR_SUCCESS) { 24231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return checked_cast<int>(read); 24331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } else if (result == SR_EOS) { 24431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu b->num = 1; 24531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } else if (result == SR_BLOCK) { 24631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu BIO_set_retry_read(b); 24731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 24831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return -1; 24931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 25031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 25131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_write(BIO* b, const char* in, int inl) { 25231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (!in) 25331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return -1; 25431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu StreamInterface* stream = static_cast<StreamInterface*>(b->ptr); 25531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu BIO_clear_retry_flags(b); 25631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu size_t written; 25731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu int error; 25831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu StreamResult result = stream->Write(in, inl, &written, &error); 25931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (result == SR_SUCCESS) { 26031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return checked_cast<int>(written); 26131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } else if (result == SR_BLOCK) { 26231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu BIO_set_retry_write(b); 26331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 26431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return -1; 26531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 26631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 26731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic int stream_puts(BIO* b, const char* str) { 26831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return stream_write(b, str, checked_cast<int>(strlen(str))); 26931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 27031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 27131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustatic long stream_ctrl(BIO* b, int cmd, long num, void* ptr) { 27231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu RTC_UNUSED(num); 27331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu RTC_UNUSED(ptr); 27431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 27531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu switch (cmd) { 27631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case BIO_CTRL_RESET: 27731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return 0; 27831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case BIO_CTRL_EOF: 27931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return b->num; 28031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case BIO_CTRL_WPENDING: 28131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case BIO_CTRL_PENDING: 28231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return 0; 28331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case BIO_CTRL_FLUSH: 28431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return 1; 28531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case BIO_CTRL_DGRAM_QUERY_MTU: 28631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // openssl defaults to mtu=256 unless we return something here. 28731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // The handshake doesn't actually need to send packets above 1k, 28831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // so this seems like a sensible value that should work in most cases. 28931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // Webrtc uses the same value for video packets. 29031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return 1200; 29131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu default: 29231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return 0; 29331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 29431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 29531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 29631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu///////////////////////////////////////////////////////////////////////////// 29731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// OpenSSLStreamAdapter 29831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu///////////////////////////////////////////////////////////////////////////// 29931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 30031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki GulcuOpenSSLStreamAdapter::OpenSSLStreamAdapter(StreamInterface* stream) 30131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu : SSLStreamAdapter(stream), 30231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu state_(SSL_NONE), 30331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu role_(SSL_CLIENT), 30431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_read_needs_write_(false), 30531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_write_needs_read_(false), 30631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_(NULL), 30731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_ctx_(NULL), 30831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu custom_verification_succeeded_(false), 30931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_mode_(SSL_MODE_TLS), 31031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_max_version_(SSL_PROTOCOL_TLS_12) {} 31131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 31231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki GulcuOpenSSLStreamAdapter::~OpenSSLStreamAdapter() { 31331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu Cleanup(); 31431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 31531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 31631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcuvoid OpenSSLStreamAdapter::SetIdentity(SSLIdentity* identity) { 31731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(!identity_); 31831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu identity_.reset(static_cast<OpenSSLIdentity*>(identity)); 31931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 32031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 32131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcuvoid OpenSSLStreamAdapter::SetServerRole(SSLRole role) { 32231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu role_ = role; 32331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 32431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 32531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcubool OpenSSLStreamAdapter::GetPeerCertificate(SSLCertificate** cert) const { 32631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (!peer_certificate_) 32731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 32831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 32931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *cert = peer_certificate_->GetReference(); 33031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return true; 33131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 33231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 33331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcubool OpenSSLStreamAdapter::SetPeerCertificateDigest(const std::string 33431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu &digest_alg, 33531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu const unsigned char* 33631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu digest_val, 33731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu size_t digest_len) { 33831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(!peer_certificate_); 33931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(peer_certificate_digest_algorithm_.size() == 0); 34031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(ssl_server_name_.empty()); 34131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu size_t expected_len; 34231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 34331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (!OpenSSLDigest::GetDigestSize(digest_alg, &expected_len)) { 34431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu LOG(LS_WARNING) << "Unknown digest algorithm: " << digest_alg; 34531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 34631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 34731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (expected_len != digest_len) 34831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 34931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 35031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu peer_certificate_digest_value_.SetData(digest_val, digest_len); 35131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu peer_certificate_digest_algorithm_ = digest_alg; 35231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 35331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return true; 35431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 35531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 35631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcustd::string OpenSSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) { 35731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#ifdef OPENSSL_IS_BORINGSSL 35831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher_suite); 35931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (!ssl_cipher) { 36031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return std::string(); 36131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 36231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu char* cipher_name = SSL_CIPHER_get_rfc_name(ssl_cipher); 36331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu std::string rfc_name = std::string(cipher_name); 36431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu OPENSSL_free(cipher_name); 36531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return rfc_name; 36631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#else 36731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu for (const SslCipherMapEntry* entry = kSslCipherMap; entry->rfc_name; 36831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ++entry) { 36931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (cipher_suite == static_cast<int>(entry->openssl_id)) { 37031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return entry->rfc_name; 37131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 37231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 37331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return std::string(); 37431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif 37531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 37631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 37731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcubool OpenSSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) { 37831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (state_ != SSL_CONNECTED) 37931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 38031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 38131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu const SSL_CIPHER* current_cipher = SSL_get_current_cipher(ssl_); 38231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (current_cipher == NULL) { 38331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 38431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 38531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 38631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *cipher_suite = static_cast<uint16_t>(SSL_CIPHER_get_id(current_cipher)); 38731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return true; 38831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 38931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 39031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// Key Extractor interface 39131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcubool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label, 39231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu const uint8_t* context, 39331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu size_t context_len, 39431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu bool use_context, 39531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu uint8_t* result, 39631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu size_t result_len) { 39731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#ifdef HAVE_DTLS_SRTP 39831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu int i; 39931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 40031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(), 40131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu label.length(), const_cast<uint8_t*>(context), 40231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu context_len, use_context); 40331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 40431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (i != 1) 40531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 40631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 40731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return true; 40831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#else 40931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 41031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif 41131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 41231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 41331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcubool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites( 41431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu const std::vector<int>& ciphers) { 41531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#ifdef HAVE_DTLS_SRTP 41631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu std::string internal_ciphers; 41731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 41831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (state_ != SSL_NONE) 41931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 42031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 42131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu for (std::vector<int>::const_iterator cipher = ciphers.begin(); 42231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu cipher != ciphers.end(); ++cipher) { 42331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu bool found = false; 42431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu for (SrtpCipherMapEntry* entry = SrtpCipherMap; entry->internal_name; 42531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ++entry) { 42631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (*cipher == entry->id) { 42731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu found = true; 42831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (!internal_ciphers.empty()) 42931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu internal_ciphers += ":"; 43031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu internal_ciphers += entry->internal_name; 43131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu break; 43231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 43331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 43431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 43531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (!found) { 43631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu LOG(LS_ERROR) << "Could not find cipher: " << *cipher; 43731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 43831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 43931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 44031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 44131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (internal_ciphers.empty()) 44231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 44331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 44431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu srtp_ciphers_ = internal_ciphers; 44531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return true; 44631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#else 44731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 44831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif 44931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 45031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 45131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcubool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { 45231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#ifdef HAVE_DTLS_SRTP 45331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(state_ == SSL_CONNECTED); 45431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (state_ != SSL_CONNECTED) 45531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 45631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 45731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu const SRTP_PROTECTION_PROFILE *srtp_profile = 45831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu SSL_get_selected_srtp_profile(ssl_); 45931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 46031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (!srtp_profile) 46131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 46231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 46331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *crypto_suite = srtp_profile->id; 46431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(!SrtpCryptoSuiteToName(*crypto_suite).empty()); 46531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return true; 46631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#else 46731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return false; 46831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu#endif 46931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 47031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 47131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcuint OpenSSLStreamAdapter::StartSSLWithServer(const char* server_name) { 47231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(server_name != NULL && server_name[0] != '\0'); 47331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_server_name_ = server_name; 47431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return StartSSL(); 47531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 47631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 47731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcuint OpenSSLStreamAdapter::StartSSLWithPeer() { 47831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(ssl_server_name_.empty()); 47931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // It is permitted to specify peer_certificate_ only later. 48031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return StartSSL(); 48131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 48231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 48331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcuvoid OpenSSLStreamAdapter::SetMode(SSLMode mode) { 48431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(state_ == SSL_NONE); 48531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_mode_ = mode; 48631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 48731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 48831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcuvoid OpenSSLStreamAdapter::SetMaxProtocolVersion(SSLProtocolVersion version) { 48931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(ssl_ctx_ == NULL); 49031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_max_version_ = version; 49131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 49231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 49331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// 49431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// StreamInterface Implementation 49531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu// 49631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 49731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki GulcuStreamResult OpenSSLStreamAdapter::Write(const void* data, size_t data_len, 49831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu size_t* written, int* error) { 49931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Write(" << data_len << ")"; 50031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 50131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu switch (state_) { 50231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_NONE: 50331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // pass-through in clear text 50431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return StreamAdapterInterface::Write(data, data_len, written, error); 50531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 50631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_WAIT: 50731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_CONNECTING: 50831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_BLOCK; 50931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 51031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_CONNECTED: 51131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu break; 51231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 51331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_ERROR: 51431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_CLOSED: 51531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu default: 51631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (error) 51731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *error = ssl_error_code_; 51831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_ERROR; 51931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 52031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 52131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // OpenSSL will return an error if we try to write zero bytes 52231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (data_len == 0) { 52331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (written) 52431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *written = 0; 52531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_SUCCESS; 52631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 52731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 52831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_write_needs_read_ = false; 52931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 53031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu int code = SSL_write(ssl_, data, checked_cast<int>(data_len)); 53131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu int ssl_error = SSL_get_error(ssl_, code); 53231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu switch (ssl_error) { 53331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_ERROR_NONE: 53431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu LOG(LS_VERBOSE) << " -- success"; 53531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(0 < code && static_cast<unsigned>(code) <= data_len); 53631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (written) 53731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *written = code; 53831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_SUCCESS; 53931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_ERROR_WANT_READ: 54031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu LOG(LS_VERBOSE) << " -- error want read"; 54131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_write_needs_read_ = true; 54231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_BLOCK; 54331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_ERROR_WANT_WRITE: 54431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu LOG(LS_VERBOSE) << " -- error want write"; 54531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_BLOCK; 54631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 54731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_ERROR_ZERO_RETURN: 54831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu default: 54931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu Error("SSL_write", (ssl_error ? ssl_error : -1), false); 55031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (error) 55131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *error = ssl_error_code_; 55231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_ERROR; 55331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 55431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // not reached 55531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu} 55631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 55731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki GulcuStreamResult OpenSSLStreamAdapter::Read(void* data, size_t data_len, 55831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu size_t* read, int* error) { 55931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Read(" << data_len << ")"; 56031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu switch (state_) { 56131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_NONE: 56231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // pass-through in clear text 56331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return StreamAdapterInterface::Read(data, data_len, read, error); 56431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 56531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_WAIT: 56631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_CONNECTING: 56731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_BLOCK; 56831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 56931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_CONNECTED: 57031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu break; 57131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 57231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_CLOSED: 57331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_EOS; 57431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 57531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_ERROR: 57631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu default: 57731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (error) 57831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *error = ssl_error_code_; 57931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_ERROR; 58031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 58131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 58231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu // Don't trust OpenSSL with zero byte reads 58331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (data_len == 0) { 58431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu if (read) 58531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu *read = 0; 58631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu return SR_SUCCESS; 58731212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu } 58831212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 58931212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ssl_read_needs_write_ = false; 59031212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu 59131212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu int code = SSL_read(ssl_, data, checked_cast<int>(data_len)); 59231212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu int ssl_error = SSL_get_error(ssl_, code); 59331212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu switch (ssl_error) { 59431212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu case SSL_ERROR_NONE: 59531212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu LOG(LS_VERBOSE) << " -- success"; 59631212435723e2dfd5d6716d1f6a7b0e66a1e6b38Ceki Gulcu ASSERT(0 < code && static_cast<unsigned>(code) <= data_len); 59788c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu if (read) 59888c4c456766193e012eb890e2208473d99b91f83Ceki Gulcu *read = code; 599 600 if (ssl_mode_ == SSL_MODE_DTLS) { 601 // Enforce atomic reads -- this is a short read 602 unsigned int pending = SSL_pending(ssl_); 603 604 if (pending) { 605 LOG(LS_INFO) << " -- short DTLS read. flushing"; 606 FlushInput(pending); 607 if (error) 608 *error = SSE_MSG_TRUNC; 609 return SR_ERROR; 610 } 611 } 612 return SR_SUCCESS; 613 case SSL_ERROR_WANT_READ: 614 LOG(LS_VERBOSE) << " -- error want read"; 615 return SR_BLOCK; 616 case SSL_ERROR_WANT_WRITE: 617 LOG(LS_VERBOSE) << " -- error want write"; 618 ssl_read_needs_write_ = true; 619 return SR_BLOCK; 620 case SSL_ERROR_ZERO_RETURN: 621 LOG(LS_VERBOSE) << " -- remote side closed"; 622 return SR_EOS; 623 break; 624 default: 625 LOG(LS_VERBOSE) << " -- error " << code; 626 Error("SSL_read", (ssl_error ? ssl_error : -1), false); 627 if (error) 628 *error = ssl_error_code_; 629 return SR_ERROR; 630 } 631 // not reached 632} 633 634void OpenSSLStreamAdapter::FlushInput(unsigned int left) { 635 unsigned char buf[2048]; 636 637 while (left) { 638 // This should always succeed 639 int toread = (sizeof(buf) < left) ? sizeof(buf) : left; 640 int code = SSL_read(ssl_, buf, toread); 641 642 int ssl_error = SSL_get_error(ssl_, code); 643 ASSERT(ssl_error == SSL_ERROR_NONE); 644 645 if (ssl_error != SSL_ERROR_NONE) { 646 LOG(LS_VERBOSE) << " -- error " << code; 647 Error("SSL_read", (ssl_error ? ssl_error : -1), false); 648 return; 649 } 650 651 LOG(LS_VERBOSE) << " -- flushed " << code << " bytes"; 652 left -= code; 653 } 654} 655 656void OpenSSLStreamAdapter::Close() { 657 Cleanup(); 658 ASSERT(state_ == SSL_CLOSED || state_ == SSL_ERROR); 659 StreamAdapterInterface::Close(); 660} 661 662StreamState OpenSSLStreamAdapter::GetState() const { 663 switch (state_) { 664 case SSL_WAIT: 665 case SSL_CONNECTING: 666 return SS_OPENING; 667 case SSL_CONNECTED: 668 return SS_OPEN; 669 default: 670 return SS_CLOSED; 671 }; 672 // not reached 673} 674 675void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream, int events, 676 int err) { 677 int events_to_signal = 0; 678 int signal_error = 0; 679 ASSERT(stream == this->stream()); 680 if ((events & SE_OPEN)) { 681 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent SE_OPEN"; 682 if (state_ != SSL_WAIT) { 683 ASSERT(state_ == SSL_NONE); 684 events_to_signal |= SE_OPEN; 685 } else { 686 state_ = SSL_CONNECTING; 687 if (int err = BeginSSL()) { 688 Error("BeginSSL", err, true); 689 return; 690 } 691 } 692 } 693 if ((events & (SE_READ|SE_WRITE))) { 694 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent" 695 << ((events & SE_READ) ? " SE_READ" : "") 696 << ((events & SE_WRITE) ? " SE_WRITE" : ""); 697 if (state_ == SSL_NONE) { 698 events_to_signal |= events & (SE_READ|SE_WRITE); 699 } else if (state_ == SSL_CONNECTING) { 700 if (int err = ContinueSSL()) { 701 Error("ContinueSSL", err, true); 702 return; 703 } 704 } else if (state_ == SSL_CONNECTED) { 705 if (((events & SE_READ) && ssl_write_needs_read_) || 706 (events & SE_WRITE)) { 707 LOG(LS_VERBOSE) << " -- onStreamWriteable"; 708 events_to_signal |= SE_WRITE; 709 } 710 if (((events & SE_WRITE) && ssl_read_needs_write_) || 711 (events & SE_READ)) { 712 LOG(LS_VERBOSE) << " -- onStreamReadable"; 713 events_to_signal |= SE_READ; 714 } 715 } 716 } 717 if ((events & SE_CLOSE)) { 718 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent(SE_CLOSE, " << err << ")"; 719 Cleanup(); 720 events_to_signal |= SE_CLOSE; 721 // SE_CLOSE is the only event that uses the final parameter to OnEvent(). 722 ASSERT(signal_error == 0); 723 signal_error = err; 724 } 725 if (events_to_signal) 726 StreamAdapterInterface::OnEvent(stream, events_to_signal, signal_error); 727} 728 729int OpenSSLStreamAdapter::StartSSL() { 730 ASSERT(state_ == SSL_NONE); 731 732 if (StreamAdapterInterface::GetState() != SS_OPEN) { 733 state_ = SSL_WAIT; 734 return 0; 735 } 736 737 state_ = SSL_CONNECTING; 738 if (int err = BeginSSL()) { 739 Error("BeginSSL", err, false); 740 return err; 741 } 742 743 return 0; 744} 745 746int OpenSSLStreamAdapter::BeginSSL() { 747 ASSERT(state_ == SSL_CONNECTING); 748 // The underlying stream has open. If we are in peer-to-peer mode 749 // then a peer certificate must have been specified by now. 750 ASSERT(!ssl_server_name_.empty() || 751 !peer_certificate_digest_algorithm_.empty()); 752 LOG(LS_INFO) << "BeginSSL: " 753 << (!ssl_server_name_.empty() ? ssl_server_name_ : 754 "with peer"); 755 756 BIO* bio = NULL; 757 758 // First set up the context 759 ASSERT(ssl_ctx_ == NULL); 760 ssl_ctx_ = SetupSSLContext(); 761 if (!ssl_ctx_) 762 return -1; 763 764 bio = BIO_new_stream(static_cast<StreamInterface*>(stream())); 765 if (!bio) 766 return -1; 767 768 ssl_ = SSL_new(ssl_ctx_); 769 if (!ssl_) { 770 BIO_free(bio); 771 return -1; 772 } 773 774 SSL_set_app_data(ssl_, this); 775 776 SSL_set_bio(ssl_, bio, bio); // the SSL object owns the bio now. 777#ifndef OPENSSL_IS_BORINGSSL 778 if (ssl_mode_ == SSL_MODE_DTLS) { 779 // Enable read-ahead for DTLS so whole packets are read from internal BIO 780 // before parsing. This is done internally by BoringSSL for DTLS. 781 SSL_set_read_ahead(ssl_, 1); 782 } 783#endif 784 785 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE | 786 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); 787 788 // Specify an ECDH group for ECDHE ciphers, otherwise they cannot be 789 // negotiated when acting as the server. Use NIST's P-256 which is commonly 790 // supported. 791 EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); 792 if (ecdh == NULL) 793 return -1; 794 SSL_set_options(ssl_, SSL_OP_SINGLE_ECDH_USE); 795 SSL_set_tmp_ecdh(ssl_, ecdh); 796 EC_KEY_free(ecdh); 797 798 // Do the connect 799 return ContinueSSL(); 800} 801 802int OpenSSLStreamAdapter::ContinueSSL() { 803 LOG(LS_VERBOSE) << "ContinueSSL"; 804 ASSERT(state_ == SSL_CONNECTING); 805 806 // Clear the DTLS timer 807 Thread::Current()->Clear(this, MSG_TIMEOUT); 808 809 int code = (role_ == SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_); 810 int ssl_error; 811 switch (ssl_error = SSL_get_error(ssl_, code)) { 812 case SSL_ERROR_NONE: 813 LOG(LS_VERBOSE) << " -- success"; 814 815 if (!SSLPostConnectionCheck(ssl_, ssl_server_name_.c_str(), NULL, 816 peer_certificate_digest_algorithm_)) { 817 LOG(LS_ERROR) << "TLS post connection check failed"; 818 return -1; 819 } 820 821 state_ = SSL_CONNECTED; 822 StreamAdapterInterface::OnEvent(stream(), SE_OPEN|SE_READ|SE_WRITE, 0); 823 break; 824 825 case SSL_ERROR_WANT_READ: { 826 LOG(LS_VERBOSE) << " -- error want read"; 827 struct timeval timeout; 828 if (DTLSv1_get_timeout(ssl_, &timeout)) { 829 int delay = timeout.tv_sec * 1000 + timeout.tv_usec/1000; 830 831 Thread::Current()->PostDelayed(delay, this, MSG_TIMEOUT, 0); 832 } 833 } 834 break; 835 836 case SSL_ERROR_WANT_WRITE: 837 LOG(LS_VERBOSE) << " -- error want write"; 838 break; 839 840 case SSL_ERROR_ZERO_RETURN: 841 default: 842 LOG(LS_VERBOSE) << " -- error " << code; 843 return (ssl_error != 0) ? ssl_error : -1; 844 } 845 846 return 0; 847} 848 849void OpenSSLStreamAdapter::Error(const char* context, int err, bool signal) { 850 LOG(LS_WARNING) << "OpenSSLStreamAdapter::Error(" 851 << context << ", " << err << ")"; 852 state_ = SSL_ERROR; 853 ssl_error_code_ = err; 854 Cleanup(); 855 if (signal) 856 StreamAdapterInterface::OnEvent(stream(), SE_CLOSE, err); 857} 858 859void OpenSSLStreamAdapter::Cleanup() { 860 LOG(LS_INFO) << "Cleanup"; 861 862 if (state_ != SSL_ERROR) { 863 state_ = SSL_CLOSED; 864 ssl_error_code_ = 0; 865 } 866 867 if (ssl_) { 868 int ret = SSL_shutdown(ssl_); 869 if (ret < 0) { 870 LOG(LS_WARNING) << "SSL_shutdown failed, error = " 871 << SSL_get_error(ssl_, ret); 872 } 873 874 SSL_free(ssl_); 875 ssl_ = NULL; 876 } 877 if (ssl_ctx_) { 878 SSL_CTX_free(ssl_ctx_); 879 ssl_ctx_ = NULL; 880 } 881 identity_.reset(); 882 peer_certificate_.reset(); 883 884 // Clear the DTLS timer 885 Thread::Current()->Clear(this, MSG_TIMEOUT); 886} 887 888 889void OpenSSLStreamAdapter::OnMessage(Message* msg) { 890 // Process our own messages and then pass others to the superclass 891 if (MSG_TIMEOUT == msg->message_id) { 892 LOG(LS_INFO) << "DTLS timeout expired"; 893 DTLSv1_handle_timeout(ssl_); 894 ContinueSSL(); 895 } else { 896 StreamInterface::OnMessage(msg); 897 } 898} 899 900SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() { 901 SSL_CTX *ctx = NULL; 902 903#ifdef OPENSSL_IS_BORINGSSL 904 ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? 905 DTLS_method() : TLS_method()); 906 // Version limiting for BoringSSL will be done below. 907#else 908 const SSL_METHOD* method; 909 switch (ssl_max_version_) { 910 case SSL_PROTOCOL_TLS_10: 911 case SSL_PROTOCOL_TLS_11: 912 // OpenSSL doesn't support setting min/max versions, so we always use 913 // (D)TLS 1.0 if a max. version below the max. available is requested. 914 if (ssl_mode_ == SSL_MODE_DTLS) { 915 if (role_ == SSL_CLIENT) { 916 method = DTLSv1_client_method(); 917 } else { 918 method = DTLSv1_server_method(); 919 } 920 } else { 921 if (role_ == SSL_CLIENT) { 922 method = TLSv1_client_method(); 923 } else { 924 method = TLSv1_server_method(); 925 } 926 } 927 break; 928 case SSL_PROTOCOL_TLS_12: 929 default: 930 if (ssl_mode_ == SSL_MODE_DTLS) { 931#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) 932 // DTLS 1.2 only available starting from OpenSSL 1.0.2 933 if (role_ == SSL_CLIENT) { 934 method = DTLS_client_method(); 935 } else { 936 method = DTLS_server_method(); 937 } 938#else 939 if (role_ == SSL_CLIENT) { 940 method = DTLSv1_client_method(); 941 } else { 942 method = DTLSv1_server_method(); 943 } 944#endif 945 } else { 946#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) 947 // New API only available starting from OpenSSL 1.1.0 948 if (role_ == SSL_CLIENT) { 949 method = TLS_client_method(); 950 } else { 951 method = TLS_server_method(); 952 } 953#else 954 if (role_ == SSL_CLIENT) { 955 method = SSLv23_client_method(); 956 } else { 957 method = SSLv23_server_method(); 958 } 959#endif 960 } 961 break; 962 } 963 ctx = SSL_CTX_new(method); 964#endif // OPENSSL_IS_BORINGSSL 965 966 if (ctx == NULL) 967 return NULL; 968 969#ifdef OPENSSL_IS_BORINGSSL 970 SSL_CTX_set_min_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? 971 DTLS1_VERSION : TLS1_VERSION); 972 switch (ssl_max_version_) { 973 case SSL_PROTOCOL_TLS_10: 974 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? 975 DTLS1_VERSION : TLS1_VERSION); 976 break; 977 case SSL_PROTOCOL_TLS_11: 978 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? 979 DTLS1_VERSION : TLS1_1_VERSION); 980 break; 981 case SSL_PROTOCOL_TLS_12: 982 default: 983 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? 984 DTLS1_2_VERSION : TLS1_2_VERSION); 985 break; 986 } 987#endif 988 989 if (identity_ && !identity_->ConfigureIdentity(ctx)) { 990 SSL_CTX_free(ctx); 991 return NULL; 992 } 993 994#if !defined(NDEBUG) 995 SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback); 996#endif 997 998 int mode = SSL_VERIFY_PEER; 999 if (client_auth_enabled()) { 1000 // Require a certificate from the client. 1001 // Note: Normally this is always true in production, but it may be disabled 1002 // for testing purposes (e.g. SSLAdapter unit tests). 1003 mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT; 1004 } 1005 1006 SSL_CTX_set_verify(ctx, mode, SSLVerifyCallback); 1007 SSL_CTX_set_verify_depth(ctx, 4); 1008 // Select list of available ciphers. Note that !SHA256 and !SHA384 only 1009 // remove HMAC-SHA256 and HMAC-SHA384 cipher suites, not GCM cipher suites 1010 // with SHA256 or SHA384 as the handshake hash. 1011 // This matches the list of SSLClientSocketOpenSSL in Chromium. 1012 SSL_CTX_set_cipher_list(ctx, 1013 "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK"); 1014 1015#ifdef HAVE_DTLS_SRTP 1016 if (!srtp_ciphers_.empty()) { 1017 if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) { 1018 SSL_CTX_free(ctx); 1019 return NULL; 1020 } 1021 } 1022#endif 1023 1024 return ctx; 1025} 1026 1027int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) { 1028 // Get our SSL structure from the store 1029 SSL* ssl = reinterpret_cast<SSL*>(X509_STORE_CTX_get_ex_data( 1030 store, 1031 SSL_get_ex_data_X509_STORE_CTX_idx())); 1032 OpenSSLStreamAdapter* stream = 1033 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl)); 1034 1035 if (stream->peer_certificate_digest_algorithm_.empty()) { 1036 return 0; 1037 } 1038 X509* cert = X509_STORE_CTX_get_current_cert(store); 1039 int depth = X509_STORE_CTX_get_error_depth(store); 1040 1041 // For now We ignore the parent certificates and verify the leaf against 1042 // the digest. 1043 // 1044 // TODO(jiayl): Verify the chain is a proper chain and report the chain to 1045 // |stream->peer_certificate_|. 1046 if (depth > 0) { 1047 LOG(LS_INFO) << "Ignored chained certificate at depth " << depth; 1048 return 1; 1049 } 1050 1051 unsigned char digest[EVP_MAX_MD_SIZE]; 1052 size_t digest_length; 1053 if (!OpenSSLCertificate::ComputeDigest( 1054 cert, 1055 stream->peer_certificate_digest_algorithm_, 1056 digest, sizeof(digest), 1057 &digest_length)) { 1058 LOG(LS_WARNING) << "Failed to compute peer cert digest."; 1059 return 0; 1060 } 1061 1062 Buffer computed_digest(digest, digest_length); 1063 if (computed_digest != stream->peer_certificate_digest_value_) { 1064 LOG(LS_WARNING) << "Rejected peer certificate due to mismatched digest."; 1065 return 0; 1066 } 1067 // Ignore any verification error if the digest matches, since there is no 1068 // value in checking the validity of a self-signed cert issued by untrusted 1069 // sources. 1070 LOG(LS_INFO) << "Accepted peer certificate."; 1071 1072 // Record the peer's certificate. 1073 stream->peer_certificate_.reset(new OpenSSLCertificate(cert)); 1074 return 1; 1075} 1076 1077// This code is taken from the "Network Security with OpenSSL" 1078// sample in chapter 5 1079bool OpenSSLStreamAdapter::SSLPostConnectionCheck(SSL* ssl, 1080 const char* server_name, 1081 const X509* peer_cert, 1082 const std::string 1083 &peer_digest) { 1084 ASSERT(server_name != NULL); 1085 bool ok; 1086 if (server_name[0] != '\0') { // traditional mode 1087 ok = OpenSSLAdapter::VerifyServerName(ssl, server_name, ignore_bad_cert()); 1088 1089 if (ok) { 1090 ok = (SSL_get_verify_result(ssl) == X509_V_OK || 1091 custom_verification_succeeded_); 1092 } 1093 } else { // peer-to-peer mode 1094 ASSERT((peer_cert != NULL) || (!peer_digest.empty())); 1095 // no server name validation 1096 ok = true; 1097 } 1098 1099 if (!ok && ignore_bad_cert()) { 1100 LOG(LS_ERROR) << "SSL_get_verify_result(ssl) = " 1101 << SSL_get_verify_result(ssl); 1102 LOG(LS_INFO) << "Other TLS post connection checks failed."; 1103 ok = true; 1104 } 1105 1106 return ok; 1107} 1108 1109bool OpenSSLStreamAdapter::HaveDtls() { 1110 return true; 1111} 1112 1113bool OpenSSLStreamAdapter::HaveDtlsSrtp() { 1114#ifdef HAVE_DTLS_SRTP 1115 return true; 1116#else 1117 return false; 1118#endif 1119} 1120 1121bool OpenSSLStreamAdapter::HaveExporter() { 1122#ifdef HAVE_DTLS_SRTP 1123 return true; 1124#else 1125 return false; 1126#endif 1127} 1128 1129int OpenSSLStreamAdapter::GetDefaultSslCipherForTest(SSLProtocolVersion version, 1130 KeyType key_type) { 1131 if (key_type == KT_RSA) { 1132 switch (version) { 1133 case SSL_PROTOCOL_TLS_10: 1134 case SSL_PROTOCOL_TLS_11: 1135 return kDefaultSslCipher10; 1136 case SSL_PROTOCOL_TLS_12: 1137 default: 1138#ifdef OPENSSL_IS_BORINGSSL 1139 if (EVP_has_aes_hardware()) { 1140 return kDefaultSslCipher12; 1141 } else { 1142 return kDefaultSslCipher12NoAesGcm; 1143 } 1144#else // !OPENSSL_IS_BORINGSSL 1145 return kDefaultSslCipher12; 1146#endif 1147 } 1148 } else if (key_type == KT_ECDSA) { 1149 switch (version) { 1150 case SSL_PROTOCOL_TLS_10: 1151 case SSL_PROTOCOL_TLS_11: 1152 return kDefaultSslEcCipher10; 1153 case SSL_PROTOCOL_TLS_12: 1154 default: 1155#ifdef OPENSSL_IS_BORINGSSL 1156 if (EVP_has_aes_hardware()) { 1157 return kDefaultSslEcCipher12; 1158 } else { 1159 return kDefaultSslEcCipher12NoAesGcm; 1160 } 1161#else // !OPENSSL_IS_BORINGSSL 1162 return kDefaultSslEcCipher12; 1163#endif 1164 } 1165 } else { 1166 RTC_NOTREACHED(); 1167 return kDefaultSslEcCipher12; 1168 } 1169} 1170 1171} // namespace rtc 1172 1173#endif // HAVE_OPENSSL_SSL_H 1174