Merge 2665265 into bdaf35b

rustls-mio/Cargo.toml

@@ -9,13 +9,13 @@ publish = false
 
 [features]
 default = ["logging"]
-logging = ["log"]
+logging = ["log", "rustls/logging"]
 dangerous_configuration = ["rustls/dangerous_configuration"]
 quic = ["rustls/quic"]
 
 [dependencies]
 log = { version = "0.4.4", optional = true }
-rustls = { path = "../rustls" }
+rustls = { path = "../rustls", features = ["builtin_verifier"], default_features = false }
 sct = "0.6"
 webpki = "0.21.0"
 

rustls/Cargo.toml

@@ -19,10 +19,11 @@ sct = "0.6.0"
 webpki = "0.21.0"
 
 [features]
-default = ["logging"]
+default = ["logging", "builtin_verifier"]
 logging = ["log"]
 dangerous_configuration = []
 quic = []
+builtin_verifier = []
 
 [dev-dependencies]
 env_logger = "0.7.1"
@@ -34,20 +35,23 @@ criterion = "0.3.0"
 [[example]]
 name = "bogo_shim"
 path = "examples/internal/bogo_shim.rs"
-required-features = ["dangerous_configuration", "quic"]
+required-features = ["dangerous_configuration", "quic", "builtin_verifier"]
 
 [[example]]
 name = "trytls_shim"
 path = "examples/internal/trytls_shim.rs"
+required-features = ["builtin_verifier"]
 
 [[example]]
 name = "bench"
 path = "examples/internal/bench.rs"
+required-features = ["builtin_verifier"]
 
 [[bench]]
 name = "benchmarks"
 path = "tests/benchmarks.rs"
 harness = false
+required-features = ["builtin_verifier"]
 
 [package.metadata.docs.rs]
 all-features = true

rustls/src/client/mod.rs

@@ -1,8 +1,12 @@
 use crate::msgs::enums::CipherSuite;
 use crate::msgs::enums::{AlertDescription, HandshakeType};
 use crate::session::{Session, SessionCommon};
-use crate::keylog::{KeyLog, NoKeyLog};
-use crate::suites::{SupportedCipherSuite, ALL_CIPHERSUITES};
+use crate::keylog::KeyLog;
+#[cfg(feature = "builtin_verifier")]
+use crate::keylog::NoKeyLog;
+use crate::suites::SupportedCipherSuite;
+#[cfg(feature = "builtin_verifier")]
+use crate::suites::ALL_CIPHERSUITES;
 use crate::msgs::handshake::CertificatePayload;
 use crate::msgs::enums::SignatureScheme;
 use crate::msgs::enums::{ContentType, ProtocolVersion};
@@ -138,6 +142,7 @@ pub struct ClientConfig {
     pub enable_early_data: bool,
 }
 
+#[cfg(feature = "builtin_verifier")]
 impl Default for ClientConfig {
     fn default() -> Self { Self::new() }
 }
@@ -148,6 +153,7 @@ impl ClientConfig {
     ///
     /// The default session persistence provider stores up to 32
     /// items in memory.
+    #[cfg(feature = "builtin_verifier")]
     pub fn new() -> ClientConfig {
         ClientConfig {
             ciphersuites: ALL_CIPHERSUITES.to_vec(),
@@ -166,6 +172,31 @@ impl ClientConfig {
         }
     }
 
+    /// Make a `ClientConfig` with a default set of ciphersuites,
+    /// no root certificates, no ALPN protocols, no client auth,
+    /// and the provided server certificate verifier.
+    ///
+    /// The default session persistence provider stores up to 32
+    /// items in memory.
+    #[cfg(feature = "dangerous_configuration")]
+    pub fn with_server_verifier<T: crate::ServerCertVerifier + 'static>(verifier: T) -> ClientConfig {
+        ClientConfig {
+            ciphersuites: ALL_CIPHERSUITES.to_vec(),
+            root_store: anchors::RootCertStore::empty(),
+            alpn_protocols: Vec::new(),
+            session_persistence: handy::ClientSessionMemoryCache::new(32),
+            mtu: None,
+            client_auth_cert_resolver: Arc::new(handy::FailResolveClientCert {}),
+            enable_tickets: true,
+            versions: vec![ProtocolVersion::TLSv1_3, ProtocolVersion::TLSv1_2],
+            ct_logs: None,
+            enable_sni: true,
+            verifier: Arc::new(verifier),
+            key_log: Arc::new(NoKeyLog {}),
+            enable_early_data: false,
+        }
+    }
+
     #[doc(hidden)]
     /// We support a given TLS version if it's quoted in the configured
     /// versions *and* at least one ciphersuite for this version is

rustls/src/client/tls12.rs

@@ -503,9 +503,10 @@ impl hs::State for ExpectServerDone {
                 return Err(TLSError::PeerMisbehavedError(error_message));
             }
 
-            verify::verify_signed_struct(&message,
-                                         &st.server_cert.cert_chain[0],
-                                         sig)
+            verify::verify_tls12_signature(&message,
+                                          &st.server_cert.cert_chain[0],
+                                          sig.scheme,
+                                          &sig.sig.0)
                 .map_err(|err| hs::send_cert_error_alert(sess, err))?
         };
         sess.server_cert_chain = st.server_cert.take_chain();

rustls/src/client/tls13.rs

@@ -585,8 +585,7 @@ impl hs::State for ExpectCertificateVerify {
             return Err(TLSError::NoCertificatesPresented);
         }
 
-        let certv = sess.config
-            .get_verifier()
+        let certv = sess.config.get_verifier()
             .verify_server_cert(&sess.config.root_store,
                                 &self.server_cert.cert_chain,
                                 self.handshake.dns_name.as_ref(),
@@ -595,10 +594,11 @@ impl hs::State for ExpectCertificateVerify {
 
         // 2. Verify their signature on the handshake.
         let handshake_hash = self.handshake.transcript.get_current_hash();
-        let sigv = verify::verify_tls13(&self.server_cert.cert_chain[0],
+        let sigv = verify::verify_tls13_client(&self.server_cert.cert_chain[0],
                                         cert_verify,
                                         &handshake_hash,
-                                        b"TLS 1.3, server CertificateVerify\x00")
+                                        b"TLS 1.3, server CertificateVerify\x00",
+                                        sess.config.get_verifier())
             .map_err(|err| send_cert_error_alert(sess, err))?;
 
         // 3. Verify any included SCTs.

rustls/src/lib.rs

@@ -89,6 +89,7 @@
 //! and use it for all connections made by that process.
 //!
 //! ```
+//! # #[cfg(feature = "builtin_verifier")]
 //! let mut config = rustls::ClientConfig::new();
 //! ```
 //!
@@ -107,10 +108,12 @@
 //! # use rustls;
 //! # use webpki;
 //! # use std::sync::Arc;
+//! # #[cfg(feature = "builtin_verifier")] {
 //! # let mut config = rustls::ClientConfig::new();
 //! let rc_config = Arc::new(config);
 //! let example_com = webpki::DNSNameRef::try_from_ascii_str("example.com").unwrap();
 //! let mut client = rustls::ClientSession::new(&rc_config, example_com);
+//! # }
 //! ```
 //!
 //! Now you should do appropriate IO for the `client` object.  If `client.wants_read()` yields
@@ -275,8 +278,13 @@ pub use crate::server::{ServerConfig, ServerSession};
 pub use crate::server::handy::ResolvesServerCertUsingSNI;
 pub use crate::server::{ResolvesServerCert,ProducesTickets,ClientHello};
 pub use crate::ticketer::Ticketer;
-pub use crate::verify::{NoClientAuth, AllowAnyAuthenticatedClient,
-                 AllowAnyAnonymousOrAuthenticatedClient};
+pub use crate::verify::NoClientAuth;
+#[cfg(feature = "builtin_verifier")]
+pub use crate::verify::{
+    AllowAnyAuthenticatedClient,
+    AllowAnyAnonymousOrAuthenticatedClient,
+    HandshakeSignatureValid,
+};
 pub use crate::suites::{ALL_CIPHERSUITES, BulkAlgorithm, SupportedCipherSuite};
 pub use crate::key::{Certificate, PrivateKey};
 pub use crate::keylog::{KeyLog, NoKeyLog, KeyLogFile};
@@ -302,10 +310,12 @@ mod quic {
 #[cfg(feature = "dangerous_configuration")]
 #[cfg_attr(docsrs, doc(cfg(feature = "dangerous_configuration")))]
 pub use crate::verify::{ServerCertVerifier, ServerCertVerified,
-    ClientCertVerifier, ClientCertVerified, WebPKIVerifier};
+    ClientCertVerifier, ClientCertVerified};
+#[cfg(all(feature = "dangerous_configuration", feature = "builtin_verifier"))]
+pub use crate::verify::WebPKIVerifier;
 #[cfg(feature = "dangerous_configuration")]
 #[cfg_attr(docsrs, doc(cfg(feature = "dangerous_configuration")))]
 pub use crate::client::danger::DangerousClientConfig;
 
 /// This is the rustls manual.
-pub mod manual;
+pub mod manual;

rustls/src/prf.rs

@@ -33,7 +33,8 @@ fn p(out: &mut [u8], hashalg: &'static digest::Algorithm, secret: &[u8], seed: &
     while offs < out.len() {
         // P_hash[i] = HMAC_hash(secret, A(i) + seed)
         let p_term = concat_sign(&hmac_key, current_a.as_ref(), seed);
-        offs += out[offs..].as_mut().write(p_term.as_ref()).unwrap();
+        let mut odd: &mut [u8] = out[offs..].as_mut();
+        offs += odd.write(p_term.as_ref()).unwrap();
 
         // A(i+1) = HMAC_hash(secret, A(i))
         current_a = hmac::sign(&hmac_key, current_a.as_ref());

rustls/src/server/tls12.rs

@@ -183,7 +183,7 @@ impl hs::State for ExpectCertificateVerify {
             let handshake_msgs = self.handshake.transcript.take_handshake_buf();
             let certs = &self.client_cert.cert_chain;
 
-            verify::verify_signed_struct(&handshake_msgs, &certs[0], sig)
+            verify::verify_tls12_signature(&handshake_msgs, &certs[0], sig.scheme, &sig.sig.0)
         };
 
         if let Err(e) = rc {

rustls/src/server/tls13.rs

@@ -713,10 +713,11 @@ impl hs::State for ExpectCertificateVerify {
             self.handshake.transcript.abandon_client_auth();
             let certs = &self.client_cert.cert_chain;
 
-            verify::verify_tls13(&certs[0],
-                                 sig,
-                                 &handshake_hash,
-                                 b"TLS 1.3, client CertificateVerify\x00")
+            verify::verify_tls13_server(&certs[0],
+                                        sig,
+                                        &handshake_hash,
+                                        b"TLS 1.3, client CertificateVerify\x00",
+                                        sess.config.get_verifier())
         };
 
         if let Err(e) = rc {