-
Notifications
You must be signed in to change notification settings - Fork 1
/
client_auth.go
116 lines (107 loc) · 3.5 KB
/
client_auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
// Copyright 2020 The Outline Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package doh
import (
"crypto"
"crypto/ecdsa"
"crypto/tls"
"crypto/x509"
"errors"
"io"
"github.com/eycorsican/go-tun2socks/common/log"
)
// ClientAuth interface for providing TLS certificates and signatures.
type ClientAuth interface {
// GetClientCertificate returns the client certificate (if any).
// May block as the first call may cause certificates to load.
// Returns a DER encoded X.509 client certificate.
GetClientCertificate() []byte
// GetIntermediateCertificate returns the chaining certificate (if any).
// It does not block or cause certificates to load.
// Returns a DER encoded X.509 certificate.
GetIntermediateCertificate() []byte
// Request a signature on a digest.
Sign(digest []byte) []byte
}
// clientAuthWrapper manages certificate loading and usage during TLS handshakes.
// Implements crypto.Signer.
type clientAuthWrapper struct {
signer ClientAuth
}
// GetClientCertificate returns the client certificate chain as a tls.Certificate.
// Returns an empty Certificate on failure, permitting the handshake to
// continue without authentication.
// Implements tls.Config GetClientCertificate().
func (ca *clientAuthWrapper) GetClientCertificate(
info *tls.CertificateRequestInfo) (*tls.Certificate, error) {
if ca.signer == nil {
log.Warnf("Client certificate requested but not supported")
return &tls.Certificate{}, nil
}
cert := ca.signer.GetClientCertificate()
if cert == nil {
log.Warnf("Unable to fetch client certificate")
return &tls.Certificate{}, nil
}
chain := [][]byte{cert}
intermediate := ca.signer.GetIntermediateCertificate()
if intermediate != nil {
chain = append(chain, intermediate)
}
leaf, err := x509.ParseCertificate(cert)
if err != nil {
log.Warnf("Unable to parse client certificate: %v", err)
return &tls.Certificate{}, nil
}
_, isECDSA := leaf.PublicKey.(*ecdsa.PublicKey)
if !isECDSA {
// RSA-PSS and RSA-SSA both need explicit signature generation support.
log.Warnf("Only ECDSA client certificates are supported")
return &tls.Certificate{}, nil
}
return &tls.Certificate{
Certificate: chain,
PrivateKey: ca,
Leaf: leaf,
}, nil
}
// Public returns the public key for the client certificate.
func (ca *clientAuthWrapper) Public() crypto.PublicKey {
if ca.signer == nil {
return nil
}
cert := ca.signer.GetClientCertificate()
leaf, err := x509.ParseCertificate(cert)
if err != nil {
log.Warnf("Unable to parse client certificate: %v", err)
return nil
}
return leaf.PublicKey
}
// Sign a digest.
func (ca *clientAuthWrapper) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) {
if ca.signer == nil {
return nil, errors.New("no client certificate")
}
signature := ca.signer.Sign(digest)
if signature == nil {
return nil, errors.New("failed to create signature")
}
return signature, nil
}
func newClientAuthWrapper(signer ClientAuth) clientAuthWrapper {
return clientAuthWrapper{
signer: signer,
}
}