diff --git a/.gitignore b/.gitignore index 5a3dcc33..56f13f34 100644 --- a/.gitignore +++ b/.gitignore @@ -115,6 +115,8 @@ android/wolfssljni-ndk-sample/proguard-project.txt /tls/server-tls-uart /tls/server-tls-verifycallback /tls/server-tls-writedup +/tls/client-tls13-certauth-clienthello +/tls/server-tls13-certauth-clienthello /tls/client-ech /tls/client-ech-local /tls/server-ech-local diff --git a/tls/README.md b/tls/README.md index 3ec2889e..b47a1e2b 100644 --- a/tls/README.md +++ b/tls/README.md @@ -1413,6 +1413,35 @@ Execute them like so: ./server-tls-posthsauth 127.0.0.1 ``` +## TLS Example with certificate_authorities extension in ClientHello message + +See `client-tls13-certauth-clienthello.c` and `server-tls13-certauth-clienthello.c`. These applications show how to use the TLS 1.3 [certificate_authorities](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.4) extension to let the client send the names of its supported certificate authorities inside the ClientHello message, so that the server can perform certificate selection based on them. This can be useful in scenarios where the server has multiple certificates issued by separate CAs. + +To use this example, you must enable full OpenSSL compatibility. Build and install wolfSSL like so: + +``` +$ ./autogen.sh +$ ./configure --enable-opensslall +$ make +$ sudo make install +``` + +Then build the examples as follows: + +``` +make client-tls13-certauth-clienthello server-tls13-certauth-clienthello +``` + +Execute them like so: + +``` +./server-tls13-certauth-clienthello +``` + +``` +./client-tls13-certauth-clienthello 127.0.0.1 +``` + ## Support Please contact wolfSSL at support@wolfssl.com with any questions, bug fixes, diff --git a/tls/client-tls13-certauth-clienthello.c b/tls/client-tls13-certauth-clienthello.c new file mode 100644 index 00000000..e269d857 --- /dev/null +++ b/tls/client-tls13-certauth-clienthello.c @@ -0,0 +1,223 @@ +/* client-tls13-certauth-clienthello.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* This example showcases the usage of the TLS 1.3 certificate_authorities + * extension in the ClientHello message, to indicate to the server which + * certificate authorities the client supports, guiding certificate selection. + * + * Example wolfSSL config for this example: ./configure --enable-opensslall + */ + +/* the usual suspects */ +#include +#include +#include + +/* socket includes */ +#include +#include +#include +#include + +/* wolfSSL */ +#ifndef WOLFSSL_USER_SETTINGS + #include +#endif +#include +#include +#include + +#define DEFAULT_PORT 11111 + +#define CERT_FILE "../certs/client-cert.pem" +#define KEY_FILE "../certs/client-key.pem" +#define CA_FILE "../certs/ca-cert.pem" + +int main(int argc, char** argv) +{ + int ret = 0; +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(WOLFSSL_NO_CA_NAMES) && !defined(NO_CERTS) && \ + defined(WOLFSSL_TLS13) && (defined(OPENSSL_EXTRA) || \ + defined(OPENSSL_EXTRA_X509_SMALL)) && (defined(OPENSSL_ALL) || \ + defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)) + + int sockfd = SOCKET_INVALID; + struct sockaddr_in servAddr; + char buff[256]; + size_t len; + + /* declare wolfSSL objects */ + WOLFSSL_CTX* ctx = NULL; + WOLFSSL* ssl = NULL; + + /* Declare CA name object */ + WOLF_STACK_OF(WOLFSSL_X509_NAME)* caName = NULL; + + /* Check for proper calling convention */ + if (argc != 2) { + printf("usage: %s \n", argv[0]); + return 0; + } + + /* Create a socket that uses an internet IPv4 address, + * Sets the socket to be stream based (TCP), + * 0 means choose the default protocol. */ + if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { + fprintf(stderr, "ERROR: failed to create the socket\n"); + ret = -1; goto exit; + } + + /* Initialize the server address struct with zeros */ + memset(&servAddr, 0, sizeof(servAddr)); + + /* Fill in the server address */ + servAddr.sin_family = AF_INET; /* using IPv4 */ + servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */ + + /* Get the server IPv4 address from the command line call */ + if (inet_pton(AF_INET, argv[1], &servAddr.sin_addr) != 1) { + fprintf(stderr, "ERROR: invalid address\n"); + ret = -1; goto exit; + } + + /* Connect to the server */ + if ((ret = connect(sockfd, (struct sockaddr*) &servAddr, sizeof(servAddr))) + == -1) { + fprintf(stderr, "ERROR: failed to connect\n"); + goto exit; + } + + /*---------------------------------*/ + /* Start of wolfSSL initialization and configuration */ + /*---------------------------------*/ + + /* Initialize wolfSSL */ + if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: Failed to initialize the library\n"); + goto exit; + } + + /* Create and initialize WOLFSSL_CTX */ + if ((ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())) == NULL) { + fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; goto exit; + } + + /* Load client certificate into WOLFSSL_CTX */ + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) + != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", + CERT_FILE); + goto exit; + } + + /* Load client key into WOLFSSL_CTX */ + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) + != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", + KEY_FILE); + goto exit; + } + + /* Load CA certificate into WOLFSSL_CTX */ + if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CA_FILE, NULL)) + != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", + CA_FILE); + goto exit; + } + + /* Load the CA certificate name to send in certificate_authorities extension + */ + if ((caName = wolfSSL_load_client_CA_file(CA_FILE)) == NULL) { + fprintf(stderr, "ERROR: failed to load CA name from %s, please check " + "the file.\n", CA_FILE); + goto exit; + } + + /* Set CA name to send in certificate_authorities extension */ + wolfSSL_CTX_set0_CA_list(ctx, caName); + + /* Create a WOLFSSL object */ + if ((ssl = wolfSSL_new(ctx)) == NULL) { + fprintf(stderr, "ERROR: failed to create WOLFSSL object\n"); + ret = -1; goto exit; + } + + /* Attach wolfSSL to the socket */ + if ((ret = wolfSSL_set_fd(ssl, sockfd)) != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: Failed to set the file descriptor\n"); + goto exit; + } + + /* Connect to wolfSSL on the server side */ + if ((ret = wolfSSL_connect(ssl)) != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to connect to wolfSSL\n"); + goto exit; + } + + /* Get a message for the server from stdin */ + printf("Message for server: "); + memset(buff, 0, sizeof(buff)); + if (fgets(buff, sizeof(buff), stdin) == NULL) { + fprintf(stderr, "ERROR: failed to get message for server\n"); + ret = -1; goto exit; + } + len = strnlen(buff, sizeof(buff)); + + /* Send the message to the server */ + if ((ret = wolfSSL_write(ssl, buff, len)) != len) { + fprintf(stderr, "ERROR: failed to write entire message\n"); + fprintf(stderr, "%d bytes of %d bytes were sent", ret, (int) len); + goto exit; + } + + /* Read the server data into our buff array */ + memset(buff, 0, sizeof(buff)); + if ((ret = wolfSSL_read(ssl, buff, sizeof(buff)-1)) < 0) { + fprintf(stderr, "ERROR: failed to read\n"); + goto exit; + } + + /* Print to stdout any data the server sends */ + printf("Server: %s\n", buff); + + /* Return reporting a success */ + ret = 0; + +exit: + /* Cleanup and return */ + if (sockfd != SOCKET_INVALID) + close(sockfd); /* Close the connection to the server */ + if (ssl) + wolfSSL_free(ssl); /* Free the wolfSSL object */ + if (ctx) + wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */ + wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */ +#else + printf("Example requires specific wolfSSL features\n"); +#endif + (void)argc; + (void)argv; + + return ret; +} diff --git a/tls/server-tls13-certauth-clienthello.c b/tls/server-tls13-certauth-clienthello.c new file mode 100644 index 00000000..77b37168 --- /dev/null +++ b/tls/server-tls13-certauth-clienthello.c @@ -0,0 +1,342 @@ +/* server-tls13-certauth-clienthello.c + * + * Copyright (C) 2006-2025 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* This example showcases the usage of the TLS 1.3 certificate_authorities + * extension in the ClientHello message, to indicate to the server which + * certificate authorities the client supports, guiding certificate selection. + * + * Example wolfSSL config for this example: ./configure --enable-opensslall + */ + +/* the usual suspects */ +#include +#include +#include + +/* socket includes */ +#include +#include +#include +#include + +#define HAVE_SIGNAL +#ifdef HAVE_SIGNAL +#include /* signal */ +#endif + +/* wolfSSL */ +#ifndef WOLFSSL_USER_SETTINGS + #include +#endif +#include +#include +#include + +#define DEFAULT_PORT 11111 + +#define CERT_FILE "../certs/server-cert.pem" +#define KEY_FILE "../certs/server-key.pem" +#define CA_FILE "../certs/client-cert.pem" + +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(WOLFSSL_NO_CA_NAMES) && !defined(NO_CERTS) && \ + defined(WOLFSSL_TLS13) && (defined(OPENSSL_EXTRA) || \ + defined(OPENSSL_EXTRA_X509_SMALL)) && (defined(OPENSSL_ALL) || \ + defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)) + +static int mSockfd = SOCKET_INVALID; +static int mConnd = SOCKET_INVALID; +static volatile int mShutdown = 0; + +#ifdef HAVE_SIGNAL +static void sig_handler(const int sig) +{ + fprintf(stderr, "SIGINT handled = %d.\n", sig); + + mShutdown = 1; + if (mConnd != SOCKET_INVALID) { + close(mConnd); /* Close the connection to the client */ + mConnd = SOCKET_INVALID; + } + if (mSockfd != SOCKET_INVALID) { + close(mSockfd); /* Close the socket listening for clients */ + mSockfd = SOCKET_INVALID; + } +} +#endif + +static int cert_setup_callback(WOLFSSL *ssl, void *_arg) { + /* Retrieve the CA names sent by the client */ + WOLF_STACK_OF(WOLFSSL_X509_NAME)* names = wolfSSL_get0_peer_CA_list(ssl); + + char *certFileName = NULL; + char *keyFileName = NULL; + + if (names) { + /* Client sent CA names: read them and try to load a matching + * certificate */ + int i; + int num = wolfSSL_sk_X509_NAME_num(names); + + printf("CA certificate names received:\n"); + for (i = 0; i < num; i++) { + WOLFSSL_X509_NAME* name = wolfSSL_sk_X509_NAME_value(names, i); + char* buf = wolfSSL_X509_NAME_oneline(name, NULL, 0); + printf("\t%s\n", buf); + + if (certFileName != NULL && keyFileName != NULL) { + /* Certificate already found */ + continue; + } + + /* Servers with multiple certificates issued by separate CAs might + * want to check them all and load one issued by a CA that the + * client supports. */ + if (strcmp(buf, "/C=US/ST=Montana/L=Bozeman/O=Sawtooth" + "/OU=Consulting/CN=www.wolfssl.com" + "/emailAddress=info@wolfssl.com") == 0) { + certFileName = CERT_FILE; + keyFileName = KEY_FILE; + } + + free(buf); + } + + if (certFileName == NULL || keyFileName == NULL) { + fprintf(stderr, "ERROR: CA names sent by client do not match any " + "available certificates\n"); + return 0; + } + } + else { + /* Client sent no CA names, fall back to default */ + certFileName = CERT_FILE; + keyFileName = KEY_FILE; + } + if (wolfSSL_use_certificate_file(ssl, certFileName, SSL_FILETYPE_PEM) != + WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", + certFileName); + return 0; + } + if (wolfSSL_use_PrivateKey_file(ssl, keyFileName, SSL_FILETYPE_PEM) != + WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", + keyFileName); + return 0; + } + return 1; +} +#endif + +int main(int argc, char** argv) +{ + int ret = 0; +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(WOLFSSL_NO_CA_NAMES) && !defined(NO_CERTS) && \ + defined(WOLFSSL_TLS13) && (defined(OPENSSL_EXTRA) || \ + defined(OPENSSL_EXTRA_X509_SMALL)) && (defined(OPENSSL_ALL) || \ + defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)) + + struct sockaddr_in servAddr; + struct sockaddr_in clientAddr; + socklen_t size = sizeof(clientAddr); + char buff[256]; + size_t len; + const char* reply = "I hear ya fa shizzle!\n"; + int on; + + /* declare wolfSSL objects */ + WOLFSSL_CTX* ctx = NULL; + WOLFSSL* ssl = NULL; + +#ifdef HAVE_SIGNAL + signal(SIGINT, sig_handler); +#endif + + /* Initialize the server address struct with zeros */ + memset(&servAddr, 0, sizeof(servAddr)); + + /* Fill in the server address */ + servAddr.sin_family = AF_INET; /* using IPv4 */ + servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */ + servAddr.sin_addr.s_addr = INADDR_ANY; /* from anywhere */ + + + /* Create a socket that uses an internet IPv4 address, + * Sets the socket to be stream based (TCP), + * 0 means choose the default protocol. */ + if ((mSockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { + fprintf(stderr, "ERROR: failed to create the socket\n"); + goto exit; + } + + /* make sure server is setup for reuse addr/port */ + on = 1; + setsockopt(mSockfd, SOL_SOCKET, SO_REUSEADDR, + (char*)&on, (socklen_t)sizeof(on)); +#ifdef SO_REUSEPORT + setsockopt(mSockfd, SOL_SOCKET, SO_REUSEPORT, + (char*)&on, (socklen_t)sizeof(on)); +#endif + + /* Bind the server socket to our port */ + if (bind(mSockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) { + fprintf(stderr, "ERROR: failed to bind\n"); + goto exit; + } + + /* Listen for a new connection, allow 5 pending connections */ + if (listen(mSockfd, 5) == -1) { + fprintf(stderr, "ERROR: failed to listen\n"); + goto exit; + } + + /*---------------------------------*/ + /* Start of wolfSSL initialization and configuration */ + /*---------------------------------*/ + + /* Initialize wolfSSL */ + if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: Failed to initialize the library\n"); + goto exit; + } + + /* Create and initialize WOLFSSL_CTX */ + if ((ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())) == NULL) { + fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + goto exit; + } + + /* Require mutual authentication */ + wolfSSL_CTX_set_verify(ctx, + WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); + + /* Do not load the server's key and certificate in advance. Instead set a + * callback so that they can be selected on demand based on CA names + * received from client. + */ + wolfSSL_CTX_set_cert_cb(ctx, cert_setup_callback, NULL); + + /* Load client certificate as "trusted" into WOLFSSL_CTX */ + if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CA_FILE, NULL)) + != WOLFSSL_SUCCESS) { + fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", + CA_FILE); + goto exit; + } + + /* Continue to accept clients until mShutdown is issued */ + while (!mShutdown) { + printf("Waiting for a connection...\n"); + + /* Accept client connections */ + if ((mConnd = accept(mSockfd, (struct sockaddr*)&clientAddr, &size)) + == -1) { + fprintf(stderr, "ERROR: failed to accept the connection\n\n"); + ret = -1; goto exit; + } + + /* Create a WOLFSSL object */ + if ((ssl = wolfSSL_new(ctx)) == NULL) { + fprintf(stderr, "ERROR: failed to create WOLFSSL object\n"); + ret = -1; goto exit; + } + + /* Attach wolfSSL to the socket */ + wolfSSL_set_fd(ssl, mConnd); + + /* Establish TLS connection */ + if ((ret = wolfSSL_accept(ssl)) != WOLFSSL_SUCCESS) { + fprintf(stderr, "wolfSSL_accept error = %d\n", + wolfSSL_get_error(ssl, ret)); + goto exit; + } + + printf("Client connected successfully\n"); + + /* Read the client data into our buff array */ + memset(buff, 0, sizeof(buff)); + if ((ret = wolfSSL_read(ssl, buff, sizeof(buff)-1)) < 0) { + fprintf(stderr, "ERROR: failed to read\n"); + goto exit; + } + + /* Print to stdout any data the client sends */ + printf("Client: %s\n", buff); + + /* Check for server shutdown command */ + if (strncmp(buff, "shutdown", 8) == 0) { + printf("Shutdown command issued!\n"); + mShutdown = 1; + } + + /* Write our reply into buff */ + memset(buff, 0, sizeof(buff)); + memcpy(buff, reply, strlen(reply)); + len = strnlen(buff, sizeof(buff)); + + /* Reply back to the client */ + if ((ret = wolfSSL_write(ssl, buff, len)) != len) { + fprintf(stderr, "ERROR: failed to write\n"); + goto exit; + } + + /* Cleanup after this connection */ + wolfSSL_shutdown(ssl); + if (ssl) { + wolfSSL_free(ssl); /* Free the wolfSSL object */ + ssl = NULL; + } + if (mConnd != SOCKET_INVALID) { + close(mConnd); /* Close the connection to the client */ + mConnd = SOCKET_INVALID; + } + } + + printf("Shutdown complete\n"); + +exit: + /* Cleanup and return */ + if (ssl) + wolfSSL_free(ssl); /* Free the wolfSSL object */ + if (mConnd != SOCKET_INVALID) { + close(mConnd); /* Close the connection to the client */ + mConnd = SOCKET_INVALID; + } + if (mSockfd != SOCKET_INVALID) { + close(mSockfd); /* Close the socket listening for clients */ + mSockfd = SOCKET_INVALID; + } + if (ctx) + wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */ + wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */ + +#else + printf("Example requires specific wolfSSL features\n"); +#endif /* WOLFSSL_TLS13 */ + + (void)argc; + (void)argv; + + return ret; +}