Implement SslContextBuilder::set_private_key_method

Author: nox

boring/src/ssl/callbacks.rs

@@ -1,6 +1,13 @@
 #![forbid(unsafe_op_in_unsafe_fn)]
 
+use super::{
+    AlpnError, ClientHello, PrivateKeyMethod, PrivateKeyMethodError, SelectCertError, SniError,
+    Ssl, SslAlert, SslContext, SslContextRef, SslRef, SslSession, SslSessionRef,
+    SslSignatureAlgorithm, SESSION_CTX_INDEX,
+};
+use crate::error::ErrorStack;
 use crate::ffi;
+use crate::x509::{X509StoreContext, X509StoreContextRef};
 use foreign_types::ForeignType;
 use foreign_types::ForeignTypeRef;
 use libc::c_char;
@@ -12,19 +19,7 @@ use std::slice;
 use std::str;
 use std::sync::Arc;
 
-use crate::error::ErrorStack;
-use crate::ssl::AlpnError;
-use crate::ssl::{ClientHello, SelectCertError};
-use crate::ssl::{
-    SniError, Ssl, SslAlert, SslContext, SslContextRef, SslRef, SslSession, SslSessionRef,
-    SESSION_CTX_INDEX,
-};
-use crate::x509::{X509StoreContext, X509StoreContextRef};
-
-pub(super) unsafe extern "C" fn raw_verify<F>(
-    preverify_ok: c_int,
-    x509_ctx: *mut ffi::X509_STORE_CTX,
-) -> c_int
+pub extern "C" fn raw_verify<F>(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX) -> c_int
 where
     F: Fn(bool, &mut X509StoreContextRef) -> bool + 'static + Sync + Send,
 {
@@ -372,3 +367,93 @@ where
 
     callback(ssl, line);
 }
+
+pub(super) unsafe extern "C" fn raw_sign<M>(
+    ssl: *mut ffi::SSL,
+    out: *mut u8,
+    out_len: *mut usize,
+    max_out: usize,
+    signature_algorithm: u16,
+    in_: *const u8,
+    in_len: usize,
+) -> ffi::ssl_private_key_result_t
+where
+    M: PrivateKeyMethod,
+{
+    // SAFETY: boring provides valid inputs.
+    let input = unsafe { slice::from_raw_parts(in_, in_len) };
+
+    let signature_algorithm = SslSignatureAlgorithm(signature_algorithm);
+
+    let callback = |method: &M, ssl: &mut _, output: &mut _| {
+        method.sign(ssl, input, signature_algorithm, output)
+    };
+
+    // SAFETY: boring provides valid inputs.
+    unsafe { raw_private_key_callback(ssl, out, out_len, max_out, callback) }
+}
+
+pub(super) unsafe extern "C" fn raw_decrypt<M>(
+    ssl: *mut ffi::SSL,
+    out: *mut u8,
+    out_len: *mut usize,
+    max_out: usize,
+    in_: *const u8,
+    in_len: usize,
+) -> ffi::ssl_private_key_result_t
+where
+    M: PrivateKeyMethod,
+{
+    // SAFETY: boring provides valid inputs.
+    let input = unsafe { slice::from_raw_parts(in_, in_len) };
+
+    let callback = |method: &M, ssl: &mut _, output: &mut _| method.decrypt(ssl, input, output);
+
+    // SAFETY: boring provides valid inputs.
+    unsafe { raw_private_key_callback(ssl, out, out_len, max_out, callback) }
+}
+
+pub(super) unsafe extern "C" fn raw_complete<M>(
+    ssl: *mut ffi::SSL,
+    out: *mut u8,
+    out_len: *mut usize,
+    max_out: usize,
+) -> ffi::ssl_private_key_result_t
+where
+    M: PrivateKeyMethod,
+{
+    // SAFETY: boring provides valid inputs.
+    unsafe { raw_private_key_callback::<M>(ssl, out, out_len, max_out, M::complete) }
+}
+
+unsafe fn raw_private_key_callback<M>(
+    ssl: *mut ffi::SSL,
+    out: *mut u8,
+    out_len: *mut usize,
+    max_out: usize,
+    callback: impl FnOnce(&M, &mut SslRef, &mut [u8]) -> Result<usize, PrivateKeyMethodError>,
+) -> ffi::ssl_private_key_result_t
+where
+    M: PrivateKeyMethod,
+{
+    // SAFETY: boring provides valid inputs.
+    let ssl = unsafe { SslRef::from_ptr_mut(ssl) };
+    let output = unsafe { slice::from_raw_parts_mut(out, max_out) };
+    let out_len = unsafe { &mut *out_len };
+
+    let ssl_context = ssl.ssl_context().to_owned();
+    let method = ssl_context
+        .ex_data(SslContext::cached_ex_index::<M>())
+        .expect("BUG: private key method missing");
+
+    match callback(method, ssl, output) {
+        Ok(written) => {
+            assert!(written <= max_out);
+
+            *out_len = written;
+
+            ffi::ssl_private_key_result_t::ssl_private_key_success
+        }
+        Err(err) => err.0,
+    }
+}

boring/src/ssl/mod.rs

@@ -1391,6 +1391,31 @@ impl SslContextBuilder {
         }
     }
 
+    /// Configures a custom private key method on the context.
+    ///
+    /// See [`PrivateKeyMethod`] for more details.
+    ///
+    /// This corresponds to [`SSL_CTX_set_private_key_method`]
+    ///
+    /// [`SSL_CTX_set_private_key_method`]: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#SSL_CTX_set_private_key_method
+    pub fn set_private_key_method<M>(&mut self, method: M)
+    where
+        M: PrivateKeyMethod,
+    {
+        unsafe {
+            self.set_ex_data(SslContext::cached_ex_index::<M>(), method);
+
+            ffi::SSL_CTX_set_private_key_method(
+                self.as_ptr(),
+                &ffi::SSL_PRIVATE_KEY_METHOD {
+                    sign: Some(callbacks::raw_sign::<M>),
+                    decrypt: Some(callbacks::raw_decrypt::<M>),
+                    complete: Some(callbacks::raw_complete::<M>),
+                },
+            )
+        }
+    }
+
     /// Checks for consistency between the private key and certificate.
     ///
     /// This corresponds to [`SSL_CTX_check_private_key`].
@@ -3719,6 +3744,77 @@ bitflags! {
     }
 }
 
+/// Describes private key hooks. This is used to off-load signing operations to
+/// a custom, potentially asynchronous, backend. Metadata about the key such as
+/// the type and size are parsed out of the certificate.
+///
+/// Corresponds to [`ssl_private_key_method_st`].
+///
+/// [`ssl_private_key_method_st`]: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#ssl_private_key_method_st
+pub trait PrivateKeyMethod: Send + Sync + 'static {
+    /// Signs the message `input` using the specified signature algorithm.
+    ///
+    /// On success, it returns `Ok(written)` where `written` is the number of
+    /// bytes written into `output`. On failure, it returns
+    /// `Err(PrivateKeyMethodError::FAILURE)`. If the operation has not completed,
+    /// it returns `Err(PrivateKeyMethodError::RETRY)`.
+    ///
+    /// The caller should arrange for the high-level operation on `ssl` to be
+    /// retried when the operation is completed. This will result in a call to
+    /// [`Self::complete`].
+    fn sign(
+        &self,
+        ssl: &mut SslRef,
+        input: &[u8],
+        signature_algorithm: SslSignatureAlgorithm,
+        output: &mut [u8],
+    ) -> Result<usize, PrivateKeyMethodError>;
+
+    /// Decrypts `input`.
+    ///
+    /// On success, it returns `Ok(written)` where `written` is the number of
+    /// bytes written into `output`. On failure, it returns
+    /// `Err(PrivateKeyMethodError::FAILURE)`. If the operation has not completed,
+    /// it returns `Err(PrivateKeyMethodError::RETRY)`.
+    ///
+    /// The caller should arrange for the high-level operation on `ssl` to be
+    /// retried when the operation is completed. This will result in a call to
+    /// [`Self::complete`].
+    ///
+    /// This method only works with RSA keys and should perform a raw RSA
+    /// decryption operation with no padding.
+    // NOTE(nox): What does it mean that it is an error?
+    fn decrypt(
+        &self,
+        ssl: &mut SslRef,
+        input: &[u8],
+        output: &mut [u8],
+    ) -> Result<usize, PrivateKeyMethodError>;
+
+    /// Completes a pending operation.
+    ///
+    /// On success, it returns `Ok(written)` where `written` is the number of
+    /// bytes written into `output`. On failure, it returns
+    /// `Err(PrivateKeyMethodError::FAILURE)`. If the operation has not completed,
+    /// it returns `Err(PrivateKeyMethodError::RETRY)`.
+    ///
+    /// This method may be called arbitrarily many times before completion.
+    fn complete(&self, ssl: &mut SslRef, output: &mut [u8])
+        -> Result<usize, PrivateKeyMethodError>;
+}
+
+/// An error returned from a private key method.
+#[derive(Debug, Copy, Clone, PartialEq, Eq)]
+pub struct PrivateKeyMethodError(ffi::ssl_private_key_result_t);
+
+impl PrivateKeyMethodError {
+    /// A fatal error occured and the handshake should be terminated.
+    pub const FAILURE: Self = Self(ffi::ssl_private_key_result_t::ssl_private_key_failure);
+
+    /// The operation could not be completed and should be retried later.
+    pub const RETRY: Self = Self(ffi::ssl_private_key_result_t::ssl_private_key_retry);
+}
+
 use crate::ffi::{SSL_CTX_up_ref, SSL_SESSION_get_master_key, SSL_SESSION_up_ref, SSL_is_server};
 
 use crate::ffi::{DTLS_method, TLS_client_method, TLS_method, TLS_server_method};

boring/src/ssl/test/mod.rs

@@ -34,6 +34,7 @@ use crate::x509::store::X509StoreBuilder;
 use crate::x509::verify::X509CheckFlags;
 use crate::x509::{X509Name, X509StoreContext, X509VerifyResult, X509};
 
+mod private_key_method;
 mod server;
 
 static ROOT_CERT: &[u8] = include_bytes!("../../../test/root-ca.pem");
@@ -55,9 +56,7 @@ fn verify_untrusted() {
 #[test]
 fn verify_trusted() {
     let server = Server::builder().build();
-
-    let mut client = server.client();
-    client.ctx().set_ca_file("test/root-ca.pem").unwrap();
+    let client = server.client_with_root_ca();
 
     client.connect();
 }
@@ -109,9 +108,8 @@ fn verify_untrusted_callback_override_bad() {
 #[test]
 fn verify_trusted_callback_override_ok() {
     let server = Server::builder().build();
+    let mut client = server.client_with_root_ca();
 
-    let mut client = server.client();
-    client.ctx().set_ca_file("test/root-ca.pem").unwrap();
     client
         .ctx()
         .set_verify_callback(SslVerifyMode::PEER, |_, x509| {
@@ -125,11 +123,12 @@ fn verify_trusted_callback_override_ok() {
 #[test]
 fn verify_trusted_callback_override_bad() {
     let mut server = Server::builder();
+
     server.should_error();
+
     let server = server.build();
+    let mut client = server.client_with_root_ca();
 
-    let mut client = server.client();
-    client.ctx().set_ca_file("test/root-ca.pem").unwrap();
     client
         .ctx()
         .set_verify_callback(SslVerifyMode::PEER, |_, _| false);
@@ -155,9 +154,8 @@ fn verify_callback_load_certs() {
 #[test]
 fn verify_trusted_get_error_ok() {
     let server = Server::builder().build();
+    let mut client = server.client_with_root_ca();
 
-    let mut client = server.client();
-    client.ctx().set_ca_file("test/root-ca.pem").unwrap();
     client
         .ctx()
         .set_verify_callback(SslVerifyMode::PEER, |_, x509| {
@@ -697,9 +695,8 @@ fn add_extra_chain_cert() {
 #[test]
 fn verify_valid_hostname() {
     let server = Server::builder().build();
+    let mut client = server.client_with_root_ca();
 
-    let mut client = server.client();
-    client.ctx().set_ca_file("test/root-ca.pem").unwrap();
     client.ctx().set_verify(SslVerifyMode::PEER);
 
     let mut client = client.build().builder();
@@ -714,11 +711,12 @@ fn verify_valid_hostname() {
 #[test]
 fn verify_invalid_hostname() {
     let mut server = Server::builder();
+
     server.should_error();
+
     let server = server.build();
+    let mut client = server.client_with_root_ca();
 
-    let mut client = server.client();
-    client.ctx().set_ca_file("test/root-ca.pem").unwrap();
     client.ctx().set_verify(SslVerifyMode::PEER);
 
     let mut client = client.build().builder();