CDRIVER-6045 Support TLS v1.3 in Secure Channel

Author: Julia-Garland

src/libmongoc/src/mongoc/mongoc-stream-tls-secure-channel-private.h

@@ -24,11 +24,17 @@
 
 #include <bson/bson.h>
 
+#include <subauth.h> // For SCH_CREDENTIALS
+
 /* Its mandatory to indicate to Windows who is compiling the code */
 #define SECURITY_WIN32
+#define SCHANNEL_USE_BLACKLISTS 1 // For SCH_CREDENTIALS
 #include <schannel.h>
 #include <security.h>
 
+#ifdef SCH_CREDENTIALS_VERSION
+#define HAVE_SCH_CREDENTIALS
+#endif
 
 BSON_BEGIN_DECLS
 
@@ -43,6 +49,9 @@ typedef enum {
    ssl_connect_done
 } ssl_connect_state;
 
+/* enum for underlying type cred field in mongoc_secure_channel_cred */
+typedef enum { schannel_cred, sch_credentials } schannel_credential_type;
+
 /* Structs to store Schannel handles */
 typedef struct {
    CredHandle cred_handle;
@@ -52,7 +61,8 @@ typedef struct {
 // `mongoc_secure_channel_cred` may be shared on multiple connections.
 typedef struct _mongoc_secure_channel_cred {
    PCCERT_CONTEXT cert; /* Owning. Optional client cert. */
-   SCHANNEL_CRED cred;  // TODO: switch to SCH_CREDENTIALS to support TLS v1.3
+   schannel_credential_type cred_type;
+   void *cred; /* Underlying type is specified by schannel_credential_type. */
 } mongoc_secure_channel_cred;
 
 typedef struct {

src/libmongoc/src/mongoc/mongoc-stream-tls-secure-channel.c

@@ -62,18 +62,22 @@
 #include <mongoc/mongoc-stream-tls-private.h>
 #include <mongoc/mongoc-stream-tls-secure-channel-private.h>
 #include <mongoc/mongoc-trace-private.h>
+#include <mongoc/mongoc-util-private.h>
 
 #include <mongoc/mongoc-log.h>
 #include <mongoc/mongoc-ssl.h>
 #include <mongoc/mongoc-stream-tls.h>
 
 #include <bson/bson.h>
 
+#include <subauth.h>
+
 #undef MONGOC_LOG_DOMAIN
 #define MONGOC_LOG_DOMAIN "stream-tls-secure-channel"
 
 
 #define SECURITY_WIN32
+#define SCHANNEL_USE_BLACKLISTS 1
 #include <schannel.h>
 #include <schnlsp.h>
 #include <security.h>
@@ -87,6 +91,9 @@
 #define SP_PROT_TLS1_2_CLIENT 0x00000800
 #endif
 
+#ifndef SP_PROT_TLS1_3_CLIENT
+#define SP_PROT_TLS1_3_CLIENT 0x00002000
+#endif
 
 static void
 _mongoc_stream_tls_secure_channel_destroy(mongoc_stream_t *stream)
@@ -841,40 +848,96 @@ _mongoc_stream_tls_secure_channel_should_retry(mongoc_stream_t *stream)
    RETURN(mongoc_stream_should_retry(tls->base_stream));
 }
 
-mongoc_secure_channel_cred *
-mongoc_secure_channel_cred_new(const mongoc_ssl_opt_t *opt)
+static DWORD
+get_cred_flags(const mongoc_ssl_opt_t *opt)
 {
-   BSON_ASSERT_PARAM(opt);
-   mongoc_secure_channel_cred *cred = bson_malloc0(sizeof(mongoc_secure_channel_cred));
+   DWORD dwFlags;
 
-   cred->cred.dwVersion = SCHANNEL_CRED_VERSION;
-
-/* SCHANNEL_CRED:
- * SCH_USE_STRONG_CRYPTO is not available in VS2010
- *   https://msdn.microsoft.com/en-us/library/windows/desktop/aa379810.aspx */
+   /* SCH_USE_STRONG_CRYPTO is not available in VS2010
+    *   https://msdn.microsoft.com/en-us/library/windows/desktop/aa379810.aspx */
 #ifdef SCH_USE_STRONG_CRYPTO
-   cred->cred.dwFlags = SCH_USE_STRONG_CRYPTO;
+   dwFlags = SCH_USE_STRONG_CRYPTO;
 #endif
 
    /* By default, enable soft failing.
     * A certificate with no revocation check is a soft failure. */
-   cred->cred.dwFlags |= SCH_CRED_IGNORE_NO_REVOCATION_CHECK;
+   dwFlags |= SCH_CRED_IGNORE_NO_REVOCATION_CHECK;
    /* An offline OCSP responder / CRL distribution list is a soft failure. */
-   cred->cred.dwFlags |= SCH_CRED_IGNORE_REVOCATION_OFFLINE;
+   dwFlags |= SCH_CRED_IGNORE_REVOCATION_OFFLINE;
    if (opt->weak_cert_validation) {
-      cred->cred.dwFlags |= SCH_CRED_MANUAL_CRED_VALIDATION;
+      dwFlags |= SCH_CRED_MANUAL_CRED_VALIDATION;
       TRACE("%s", "disabled server certificate checks");
    } else {
-      cred->cred.dwFlags |= SCH_CRED_AUTO_CRED_VALIDATION;
+      dwFlags |= SCH_CRED_AUTO_CRED_VALIDATION;
       if (!_mongoc_ssl_opts_disable_certificate_revocation_check(opt)) {
-         cred->cred.dwFlags |= SCH_CRED_REVOCATION_CHECK_CHAIN;
+         dwFlags |= SCH_CRED_REVOCATION_CHECK_CHAIN;
          TRACE("%s", "enabled server certificate revocation checks");
       }
       TRACE("%s", "enabled server certificate checks");
    }
 
    if (opt->allow_invalid_hostname) {
-      cred->cred.dwFlags |= SCH_CRED_NO_SERVERNAME_CHECK;
+      dwFlags |= SCH_CRED_NO_SERVERNAME_CHECK;
+   }
+
+   return dwFlags;
+}
+
+#ifdef HAVE_SCH_CREDENTIALS
+
+void *
+_mongoc_secure_channel_sch_credentials_new(const mongoc_ssl_opt_t *opt, PCCERT_CONTEXT *cert, DWORD enabled_protocols)
+{
+   SCH_CREDENTIALS *cred = bson_malloc0(sizeof(SCH_CREDENTIALS));
+
+   cred->dwVersion = SCH_CREDENTIALS_VERSION;
+   cred->dwFlags = get_cred_flags(opt);
+
+   if (*cert) {
+      cred->cCreds = 1;
+      cred->paCred = cert;
+   }
+
+   cred->cTlsParameters = 1;
+   cred->pTlsParameters = bson_malloc0(sizeof(TLS_PARAMETERS));
+   cred->pTlsParameters->grbitDisabledProtocols = (DWORD)~enabled_protocols;
+
+   return (void *)cred;
+}
+
+#endif
+
+void *
+_mongoc_secure_channel_schannel_cred_new(const mongoc_ssl_opt_t *opt, PCCERT_CONTEXT *cert, DWORD enabled_protocols)
+{
+   SCHANNEL_CRED *cred = bson_malloc0(sizeof(SCHANNEL_CRED));
+
+   cred->dwVersion = SCHANNEL_CRED_VERSION;
+   cred->dwFlags = get_cred_flags(opt);
+
+   if (*cert) {
+      cred->cCreds = 1;
+      cred->paCred = cert;
+   }
+
+   cred->grbitEnabledProtocols = enabled_protocols;
+
+   return (void *)cred;
+}
+
+mongoc_secure_channel_cred *
+mongoc_secure_channel_cred_new(const mongoc_ssl_opt_t *opt)
+{
+   BSON_ASSERT_PARAM(opt);
+   mongoc_secure_channel_cred *cred = bson_malloc0(sizeof(mongoc_secure_channel_cred));
+
+   DWORD enabled_protocols = SP_PROT_TLS1_1_CLIENT | SP_PROT_TLS1_2_CLIENT;
+
+   /* TLS 1.3 is supported on Windows Server 2022 and newer.
+    * Schannel will not negotiate TLS 1.3 when SCHANNEL_CRED is used. */
+   if (_mongoc_verify_windows_version(10, 0, 20348, false)) {
+      // TODO - enable TLS 1.3 once renegotiation is supported.
+      // enabled_protocols |= SP_PROT_TLS1_3_CLIENT;
    }
 
    if (opt->ca_file) {
@@ -887,14 +950,22 @@ mongoc_secure_channel_cred_new(const mongoc_ssl_opt_t *opt)
 
    if (opt->pem_file) {
       cred->cert = mongoc_secure_channel_setup_certificate(opt);
+   }
 
-      if (cred->cert) {
-         cred->cred.cCreds = 1;
-         cred->cred.paCred = &cred->cert;
-      }
+#ifdef HAVE_SCH_CREDENTIALS
+   // SCH_CREDENTIALS is supported in Windows 10 1809 / Server 1809 and later
+   if (_mongoc_verify_windows_version(10, 0, 17763, false)) {
+      cred->cred = _mongoc_secure_channel_sch_credentials_new(opt, &cred->cert, enabled_protocols);
+      cred->cred_type = sch_credentials;
+   } else {
+      cred->cred = _mongoc_secure_channel_schannel_cred_new(opt, &cred->cert, enabled_protocols);
+      cred->cred_type = schannel_cred;
    }
+#else
+   cred->cred = _mongoc_secure_channel_schannel_cred_new(opt, &cred->cert, enabled_protocols);
+   cred->cred_type = schannel_cred;
+#endif
 
-   cred->cred.grbitEnabledProtocols = SP_PROT_TLS1_1_CLIENT | SP_PROT_TLS1_2_CLIENT;
    return cred;
 }
 
@@ -906,6 +977,13 @@ mongoc_secure_channel_cred_deleter(void *cred_void)
       return;
    }
    CertFreeCertificateContext(cred->cert);
+#ifdef HAVE_SCH_CREDENTIALS
+   if (cred->cred_type == sch_credentials) {
+      SCH_CREDENTIALS *sch_cred = (SCH_CREDENTIALS *)cred->cred;
+      bson_free(sch_cred->pTlsParameters);
+   }
+#endif
+   bson_free(cred->cred);
    bson_free(cred);
 }
 
@@ -982,7 +1060,7 @@ mongoc_stream_tls_secure_channel_new_with_creds(mongoc_stream_t *base_stream,
                                           UNISP_NAME,           /* security package */
                                           SECPKG_CRED_OUTBOUND, /* we are preparing outbound connection */
                                           NULL,                 /*  Optional logon */
-                                          &cred->cred,          /* TLS "configuration", "auth data" */
+                                          cred->cred,           /* TLS "configuration", "auth data" */
                                           NULL,                 /* unused */
                                           NULL,                 /* unused */
                                           &secure_channel->cred_handle->cred_handle, /* credential OUT param */

src/libmongoc/src/mongoc/mongoc-util-private.h

@@ -255,6 +255,17 @@ typedef struct {
    uint64_t value;
 } mcd_optional_u64_t;
 
+#ifdef _WIN32
+
+/**
+ * Returns true if the Windows version is greater than or equal to the required
+ * desktop or server version.
+ */
+bool
+_mongoc_verify_windows_version(DWORD major_version, DWORD minor_version, DWORD build_number, bool strictly_equal);
+
+#endif
+
 BSON_END_DECLS
 
 #endif /* MONGOC_UTIL_PRIVATE_H */

src/libmongoc/src/mongoc/mongoc-util.c

@@ -39,6 +39,13 @@
 #include <mlib/loop.h>
 #include <mlib/time_point.h>
 
+#ifdef _WIN32
+#include <winbase.h>
+#include <winnt.h>
+
+#include <windows.h>
+#endif
+
 #include <string.h>
 
 /**
@@ -1025,3 +1032,62 @@ bin_to_hex(const uint8_t *bin, size_t bin_len)
 
    return out;
 }
+
+#ifdef _WIN32
+
+typedef NTSTATUS(APIENTRY *RTLVERIFYVERSIONINFO_FN)(PRTL_OSVERSIONINFOEXW VersionInfo,
+                                                    ULONG TypeMask,
+                                                    ULONGLONG ConditionMask);
+
+bool
+_mongoc_verify_windows_version(DWORD major_version, DWORD minor_version, DWORD build_number, bool strictly_equal)
+{
+   static RTLVERIFYVERSIONINFO_FN pRtlVerifyVersionInfo;
+   OSVERSIONINFOEXW osvi;
+   bool matched;
+   BYTE op = VER_GREATER_EQUAL;
+
+   if (strictly_equal) {
+      op = VER_EQUAL;
+   }
+
+   /* Windows version functions may not return the correct version for
+   later Windows versions unless the application is so manifested. Try
+   to use the more accurate kernel function RtlVerifyVersionInfo */
+   pRtlVerifyVersionInfo = (RTLVERIFYVERSIONINFO_FN)GetProcAddress(GetModuleHandleA("ntdll"), "RtlVerifyVersionInfo");
+
+   ZeroMemory(&osvi, sizeof(OSVERSIONINFOEXW));
+   osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEXW);
+   osvi.dwMajorVersion = major_version;
+   osvi.dwMinorVersion = minor_version;
+
+   ULONGLONG mask = 0;
+   VER_SET_CONDITION(mask, VER_MAJORVERSION, op);
+   VER_SET_CONDITION(mask, VER_MINORVERSION, op);
+
+   if (pRtlVerifyVersionInfo) {
+      matched = (pRtlVerifyVersionInfo(&osvi, VER_MAJORVERSION | VER_MINORVERSION, mask) == 0);
+   } else {
+      matched = (VerifyVersionInfoW(&osvi, VER_MAJORVERSION | VER_MINORVERSION, mask) != 0);
+   }
+
+   // Compare build number separately if major and minor versions are equal
+   if (build_number && matched && _mongoc_verify_windows_version(major_version, minor_version, 0, true)) {
+      ZeroMemory(&osvi, sizeof(OSVERSIONINFOEXW));
+      osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEXW);
+      osvi.dwBuildNumber = build_number;
+
+      mask = 0;
+      VER_SET_CONDITION(mask, VER_BUILDNUMBER, op);
+
+      if (pRtlVerifyVersionInfo) {
+         matched = (pRtlVerifyVersionInfo(&osvi, VER_BUILDNUMBER, mask) == 0);
+      } else {
+         matched = (VerifyVersionInfoW(&osvi, VER_BUILDNUMBER, mask) != 0);
+      }
+   }
+
+   return matched;
+}
+
+#endif

src/libmongoc/tests/test-mongoc-secure-channel.c

@@ -96,11 +96,22 @@ test_secure_channel_shared_creds_stream(void *unused)
       mongoc_shared_ptr_reset_null(&cred_ptr);
    }
 
-   // Test with bad SCHANNEL_CRED to exercise error path:
+   // Test with bad SCHANNEL CREDENTIALS to exercise error path:
    {
       mongoc_secure_channel_cred *cred = mongoc_secure_channel_cred_new(&ssl_opt);
       mongoc_shared_ptr cred_ptr = mongoc_shared_ptr_create(cred, mongoc_secure_channel_cred_deleter);
-      cred->cred.dwVersion = 0; // Invalid version.
+#ifdef HAVE_SCH_CREDENTIALS
+      if (cred->cred_type == sch_credentials) {
+         SCH_CREDENTIALS *sch_cred = (SCH_CREDENTIALS *)cred->cred;
+         sch_cred->dwVersion = 0; // Invalid version.
+      } else {
+         SCHANNEL_CRED *sch_cred = (SCHANNEL_CRED *)cred->cred;
+         sch_cred->dwVersion = 0;
+      }
+#else
+      SCHANNEL_CRED *sch_cred = (SCHANNEL_CRED *)cred->cred;
+      sch_cred->dwVersion = 0;
+#endif
       capture_logs(true);
       mongoc_stream_t *stream = connect_with_secure_channel_cred(&ssl_opt, cred_ptr, &error);
       ASSERT(!stream);