1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207
use crate::cipher_suite::*; use crate::crypto::*; use crate::error::*; use crate::extension::extension_use_srtp::SrtpProtectionProfile; use crate::handshaker::VerifyPeerCertificateFn; use crate::signature_hash_algorithm::SignatureScheme; use tokio::time::Duration; use std::sync::Arc; // Config is used to configure a DTLS client or server. // After a Config is passed to a DTLS function it must not be modified. #[derive(Clone)] pub struct Config { // Certificates contains certificate chain to present to the other side of the connection. // Server MUST set this if psk is non-nil // client SHOULD sets this so CertificateRequests can be handled if psk is non-nil pub(crate) certificates: Vec<Certificate>, // cipher_suites is a list of supported cipher suites. // If cipher_suites is nil, a default list is used pub(crate) cipher_suites: Vec<CipherSuiteId>, // SignatureSchemes contains the signature and hash schemes that the peer requests to verify. pub(crate) signature_schemes: Vec<SignatureScheme>, // srtp_protection_profiles are the supported protection profiles // Clients will send this via use_srtp and assert that the server properly responds // Servers will assert that clients send one of these profiles and will respond as needed pub(crate) srtp_protection_profiles: Vec<SrtpProtectionProfile>, // client_auth determines the server's policy for // TLS Client Authentication. The default is NoClientCert. pub(crate) client_auth: ClientAuthType, // RequireExtendedMasterSecret determines if the "Extended Master Secret" extension // should be disabled, requested, or required (default requested). pub(crate) extended_master_secret: ExtendedMasterSecretType, // flight_interval controls how often we send outbound handshake messages // defaults to time.Second pub(crate) flight_interval: Duration, // psk sets the pre-shared key used by this DTLS connection // If psk is non-nil only psk cipher_suites will be used pub(crate) psk: Option<PskCallback>, pub(crate) psk_identity_hint: Option<Vec<u8>>, // insecure_skip_verify controls whether a client verifies the // server's certificate chain and host name. // If insecure_skip_verify is true, TLS accepts any certificate // presented by the server and any host name in that certificate. // In this mode, TLS is susceptible to man-in-the-middle attacks. // This should be used only for testing. pub(crate) insecure_skip_verify: bool, // insecure_hashes allows the use of hashing algorithms that are known // to be vulnerable. pub(crate) insecure_hashes: bool, // VerifyPeerCertificate, if not nil, is called after normal // certificate verification by either a client or server. It // receives the certificate provided by the peer and also a flag // that tells if normal verification has succeeded. If it returns a // non-nil error, the handshake is aborted and that error results. // // If normal verification fails then the handshake will abort before // considering this callback. If normal verification is disabled by // setting insecure_skip_verify, or (for a server) when client_auth is // RequestClientCert or RequireAnyClientCert, then this callback will // be considered but the verifiedChains will always be nil. pub(crate) verify_peer_certificate: Option<VerifyPeerCertificateFn>, // RootCAs defines the set of root certificate authorities // that one peer uses when verifying the other peer's certificates. // If RootCAs is nil, TLS uses the host's root CA set. // Used by Client to verify server's certificate pub(crate) roots_cas: rustls::RootCertStore, // client_cas defines the set of root certificate authorities // that servers use if required to verify a client certificate // by the policy in client_auth. // Used by Server to verify client's certificate pub(crate) client_cert_verifier: Option<Arc<dyn rustls::ClientCertVerifier>>, // server_name is used to verify the hostname on the returned // certificates unless insecure_skip_verify is given. pub(crate) server_name: String, //TODO: LoggerFactory logging.LoggerFactory // ConnectContextMaker is a function to make a context used in Dial(), // Client(), Server(), and Accept(). If nil, the default ConnectContextMaker // is used. It can be implemented as following. // // func ConnectContextMaker() (context.Context, func()) { // return context.WithTimeout(context.Background(), 30*time.Second) // } //TODO: ConnectContextMaker func() (context.Context, func()) // mtu is the length at which handshake messages will be fragmented to // fit within the maximum transmission unit (default is 1200 bytes) pub(crate) mtu: usize, // replay_protection_window is the size of the replay attack protection window. // Duplication of the sequence number is checked in this window size. // Packet with sequence number older than this value compared to the latest // accepted packet will be discarded. (default is 64) pub(crate) replay_protection_window: usize, } impl Default for Config { fn default() -> Self { Config { certificates: vec![], cipher_suites: vec![], signature_schemes: vec![], srtp_protection_profiles: vec![], client_auth: ClientAuthType::default(), extended_master_secret: ExtendedMasterSecretType::default(), flight_interval: Duration::default(), psk: None, psk_identity_hint: None, insecure_skip_verify: false, insecure_hashes: false, verify_peer_certificate: None, roots_cas: rustls::RootCertStore::empty(), client_cert_verifier: None, server_name: String::default(), mtu: 0, replay_protection_window: 0, } } } pub(crate) const DEFAULT_MTU: usize = 1200; // bytes // PSKCallback is called once we have the remote's psk_identity_hint. // If the remote provided none it will be nil pub(crate) type PskCallback = fn(&[u8]) -> Result<Vec<u8>, Error>; // ClientAuthType declares the policy the server will follow for // TLS Client Authentication. #[derive(Copy, Clone, PartialEq)] pub(crate) enum ClientAuthType { NoClientCert = 0, RequestClientCert = 1, RequireAnyClientCert = 2, VerifyClientCertIfGiven = 3, RequireAndVerifyClientCert = 4, } impl Default for ClientAuthType { fn default() -> Self { ClientAuthType::NoClientCert } } // ExtendedMasterSecretType declares the policy the client and server // will follow for the Extended Master Secret extension #[derive(PartialEq, Copy, Clone)] pub(crate) enum ExtendedMasterSecretType { Request = 0, Require = 1, Disable = 2, } impl Default for ExtendedMasterSecretType { fn default() -> Self { ExtendedMasterSecretType::Request } } pub(crate) fn validate_config(is_client: bool, config: &Config) -> Result<(), Error> { if is_client && config.psk.is_some() && config.psk_identity_hint.is_none() { return Err(Error::ErrPskAndIdentityMustBeSetForClient); } if !is_client && config.psk.is_none() && config.certificates.is_empty() { return Err(Error::ErrServerMustHaveCertificate); } if !config.certificates.is_empty() && config.psk.is_some() { return Err(Error::ErrPskAndCertificate); } if config.psk_identity_hint.is_some() && config.psk.is_none() { return Err(Error::ErrIdentityNoPsk); } for cert in &config.certificates { match cert.private_key.kind { CryptoPrivateKeyKind::Ed25519(_) => {} CryptoPrivateKeyKind::Ecdsa256(_) => {} _ => return Err(Error::ErrInvalidPrivateKey), } } parse_cipher_suites( &config.cipher_suites, config.psk.is_none(), config.psk.is_some(), )?; Ok(()) }