passepartoutvpn
/
tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'prepare-tls-wrapping'

This commit is contained in:
Davide De Rosa 2018-10-19 16:11:50 +02:00
parent aae3765db0 66735ec118
commit 8a25cd8747
10 changed files with 307 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.jazzy.yaml
View File

@ -19,6 +19,7 @@ custom_categories:
- TunnelInterface
- PacketStream
- BidirectionalState
- StaticKey
- SessionProxy
- SessionProxyDelegate
- SessionReply

12
TunnelKit.xcodeproj/project.pbxproj
View File

@ -7,6 +7,8 @@
objects = {
/* Begin PBXBuildFile section */
0E041D092152E6FE0025FE3C /* SessionProxy+TLSWrap.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */; };
0E041D0A2152E6FE0025FE3C /* SessionProxy+TLSWrap.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */; };
0E07595F20EF6D1400F38FD8 /* CryptoCBC.m in Sources */ = {isa = PBXBuildFile; fileRef = 0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */; };
0E07596020EF6D1400F38FD8 /* CryptoCBC.m in Sources */ = {isa = PBXBuildFile; fileRef = 0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */; };
0E07596320EF733F00F38FD8 /* CryptoMacros.h in Headers */ = {isa = PBXBuildFile; fileRef = 0E07596120EF733F00F38FD8 /* CryptoMacros.h */; };
@ -78,6 +80,8 @@
0ECE352A212EB88E0040F253 /* CryptoContainer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0ECE3527212EB7770040F253 /* CryptoContainer.swift */; };
0ED9C8642138139000621BA3 /* SessionProxy+CompressionFraming.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0ED9C8632138139000621BA3 /* SessionProxy+CompressionFraming.swift */; };
0ED9C8652138139000621BA3 /* SessionProxy+CompressionFraming.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0ED9C8632138139000621BA3 /* SessionProxy+CompressionFraming.swift */; };
0EE3B3E421471C3A0027AB17 /* StaticKey.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0EE3B3E321471C3A0027AB17 /* StaticKey.swift */; };
0EE3B3E521471C3A0027AB17 /* StaticKey.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0EE3B3E321471C3A0027AB17 /* StaticKey.swift */; };
0EE7A79820F6296F00B42E6A /* PacketMacros.m in Sources */ = {isa = PBXBuildFile; fileRef = 0EE7A79720F6296F00B42E6A /* PacketMacros.m */; };
0EE7A79920F6296F00B42E6A /* PacketMacros.m in Sources */ = {isa = PBXBuildFile; fileRef = 0EE7A79720F6296F00B42E6A /* PacketMacros.m */; };
0EE7A7A120F664AC00B42E6A /* DataPathEncryptionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0EE7A7A020F664AB00B42E6A /* DataPathEncryptionTests.swift */; };
@ -186,6 +190,7 @@
/* End PBXContainerItemProxy section */
/* Begin PBXFileReference section */
0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "SessionProxy+TLSWrap.swift"; sourceTree = "<group>"; };
0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = CryptoCBC.m; sourceTree = "<group>"; };
0E07596120EF733F00F38FD8 /* CryptoMacros.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoMacros.h; sourceTree = "<group>"; };
0E07596A20EF79AB00F38FD8 /* Crypto.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Crypto.h; sourceTree = "<group>"; };
@ -239,6 +244,7 @@
0EC1BBA720D7D803007C4C7B /* ConnectionStrategy.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ConnectionStrategy.swift; sourceTree = "<group>"; };
0ECE3527212EB7770040F253 /* CryptoContainer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CryptoContainer.swift; sourceTree = "<group>"; };
0ED9C8632138139000621BA3 /* SessionProxy+CompressionFraming.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SessionProxy+CompressionFraming.swift"; sourceTree = "<group>"; };
0EE3B3E321471C3A0027AB17 /* StaticKey.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StaticKey.swift; sourceTree = "<group>"; };
0EE7A79420F61EDC00B42E6A /* PacketMacros.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PacketMacros.h; sourceTree = "<group>"; };
0EE7A79720F6296F00B42E6A /* PacketMacros.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = PacketMacros.m; sourceTree = "<group>"; };
0EE7A79D20F6488400B42E6A /* DataPathCrypto.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = DataPathCrypto.h; sourceTree = "<group>"; };
@ -481,6 +487,8 @@
0E749F5E2178885500BB2701 /* SessionProxy+PIA.swift */,
0E3E0F202108A8CC00B371C1 /* SessionProxy+PushReply.swift */,
0EFEB42B2006D3C800F81029 /* SessionProxy+SessionKey.swift */,
0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */,
0EE3B3E321471C3A0027AB17 /* StaticKey.swift */,
0EFEB4442006D3C800F81029 /* TLSBox.h */,
0EFEB4302006D3C800F81029 /* TLSBox.m */,
0EFEB42F2006D3C800F81029 /* TunnelInterface.swift */,
@ -879,6 +887,7 @@
0EFEB4AE2007625E00F81029 /* Keychain.swift in Sources */,
0E749F5F2178885500BB2701 /* SessionProxy+PIA.swift in Sources */,
0EBBF3002085196000E36B40 /* NWTCPConnectionState+Description.swift in Sources */,
0EE3B3E421471C3A0027AB17 /* StaticKey.swift in Sources */,
0EFEB4622006D3C800F81029 /* SecureRandom.swift in Sources */,
0EFEB45D2006D3C800F81029 /* CryptoBox.m in Sources */,
0EBBF2FA2085061600E36B40 /* NETCPInterface.swift in Sources */,
@ -904,6 +913,7 @@
0EFEB45B2006D3C800F81029 /* TLSBox.m in Sources */,
0EFEB4792006D3C800F81029 /* TunnelKitProvider+Interaction.swift in Sources */,
0EFEB4702006D3C800F81029 /* Allocation.m in Sources */,
0E041D092152E6FE0025FE3C /* SessionProxy+TLSWrap.swift in Sources */,
0EFEB4672006D3C800F81029 /* SessionProxy.swift in Sources */,
0ED9C8642138139000621BA3 /* SessionProxy+CompressionFraming.swift in Sources */,
0EFEB4722006D3C800F81029 /* ReplayProtector.m in Sources */,
@ -935,6 +945,7 @@
0EFEB4A02006D7F300F81029 /* ReplayProtector.m in Sources */,
0E749F602178885500BB2701 /* SessionProxy+PIA.swift in Sources */,
0EFEB4992006D7F300F81029 /* SessionProxy.swift in Sources */,
0EE3B3E521471C3A0027AB17 /* StaticKey.swift in Sources */,
0EBBF3012085196000E36B40 /* NWTCPConnectionState+Description.swift in Sources */,
0EFEB4962006D7F300F81029 /* ProtocolMacros.swift in Sources */,
0EFEB48A2006D7C400F81029 /* TunnelKitProvider.swift in Sources */,
@ -960,6 +971,7 @@
0EFEB4902006D7F300F81029 /* TunnelInterface.swift in Sources */,
0EFEB49E2006D7F300F81029 /* Allocation.m in Sources */,
0EFEB4B02007627700F81029 /* Keychain.swift in Sources */,
0E041D0A2152E6FE0025FE3C /* SessionProxy+TLSWrap.swift in Sources */,
0EFEB48E2006D7F300F81029 /* SessionProxy+SessionKey.swift in Sources */,
0ED9C8652138139000621BA3 /* SessionProxy+CompressionFraming.swift in Sources */,
0EFEB4AF2007627700F81029 /* InterfaceObserver.swift in Sources */,

27
TunnelKit/Sources/AppExtension/TunnelKitProvider+Configuration.swift
View File

@ -140,6 +140,9 @@ extension TunnelKitProvider {
/// Sets compression framing, disabled by default.
public var compressionFraming: SessionProxy.CompressionFraming
/// The optional TLS wrapping.
public var tlsWrap: SessionProxy.TLSWrap?
/// Sends periodical keep-alive packets (ping) if set. Useful with stateful firewalls.
public var keepAliveSeconds: Int?
@ -178,6 +181,7 @@ extension TunnelKitProvider {
clientKey = nil
mtu = 1500
compressionFraming = .disabled
tlsWrap = nil
keepAliveSeconds = nil
renegotiatesAfterSeconds = nil
usesPIAPatches = false
@ -234,6 +238,13 @@ extension TunnelKitProvider {
} else {
compressionFraming = .disabled
}
if let tlsWrapData = providerConfiguration[S.tlsWrap] as? Data {
do {
tlsWrap = try SessionProxy.TLSWrap.deserialized(tlsWrapData)
} catch {
throw ProviderError.configuration(field: "protocolConfiguration.providerConfiguration[\(S.tlsWrap)]")
}
}
keepAliveSeconds = providerConfiguration[S.keepAlive] as? Int
renegotiatesAfterSeconds = providerConfiguration[S.renegotiatesAfter] as? Int
usesPIAPatches = providerConfiguration[S.usesPIAPatches] as? Bool ?? false
@ -271,6 +282,7 @@ extension TunnelKitProvider {
clientKey: clientKey,
mtu: mtu,
compressionFraming: compressionFraming,
tlsWrap: tlsWrap,
keepAliveSeconds: keepAliveSeconds,
renegotiatesAfterSeconds: renegotiatesAfterSeconds,
usesPIAPatches: usesPIAPatches,
@ -306,6 +318,8 @@ extension TunnelKitProvider {
static let compressionFraming = "CompressionFraming"
static let tlsWrap = "TLSWrap"
static let keepAlive = "KeepAlive"
static let renegotiatesAfter = "RenegotiatesAfter"
@ -349,6 +363,9 @@ extension TunnelKitProvider {
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.compressionFraming`
public let compressionFraming: SessionProxy.CompressionFraming
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.tlsWrap`
public let tlsWrap: SessionProxy.TLSWrap?
/// - Seealso: `TunnelKitProvider.ConfigurationBuilder.keepAliveSeconds`
public let keepAliveSeconds: Int?
@ -433,6 +450,9 @@ extension TunnelKitProvider {
dict[S.resolvedAddresses] = resolvedAddresses
}
dict[S.compressionFraming] = compressionFraming.rawValue
if let tlsWrapData = tlsWrap?.serialized() {
dict[S.tlsWrap] = tlsWrapData
}
if let keepAliveSeconds = keepAliveSeconds {
dict[S.keepAlive] = keepAliveSeconds
}
@ -507,6 +527,11 @@ extension TunnelKitProvider {
} else {
log.info("\tRenegotiation: never")
}
if let tlsWrap = tlsWrap {
log.info("\tTLS wrapping: \(tlsWrap.strategy)")
} else {
log.info("\tTLS wrapping: disabled")
}
log.info("\tDebug: \(shouldDebug)")
}
}
@ -530,6 +555,7 @@ extension TunnelKitProvider.Configuration: Equatable {
builder.clientKey = clientKey
builder.mtu = mtu
builder.compressionFraming = compressionFraming
builder.tlsWrap = tlsWrap
builder.keepAliveSeconds = keepAliveSeconds
builder.renegotiatesAfterSeconds = renegotiatesAfterSeconds
builder.usesPIAPatches = usesPIAPatches
@ -552,6 +578,7 @@ extension TunnelKitProvider.Configuration: Equatable {
(lhs.compressionFraming == rhs.compressionFraming) &&
(lhs.keepAliveSeconds == rhs.keepAliveSeconds) &&
(lhs.renegotiatesAfterSeconds == rhs.renegotiatesAfterSeconds)
// XXX: tlsWrap not copied
)
}
}

1
TunnelKit/Sources/AppExtension/TunnelKitProvider.swift
View File

@ -228,6 +228,7 @@ open class TunnelKitProvider: NEPacketTunnelProvider {
sessionConfiguration.clientCertificatePath = clientCertificatePath
sessionConfiguration.clientKeyPath = clientKeyPath
sessionConfiguration.compressionFraming = cfg.compressionFraming
sessionConfiguration.tlsWrap = cfg.tlsWrap
if let keepAliveSeconds = cfg.keepAliveSeconds {
sessionConfiguration.keepAliveInterval = TimeInterval(keepAliveSeconds)
}

4
TunnelKit/Sources/Core/ControlPacket.h
View File

@ -52,8 +52,8 @@ NS_ASSUME_NONNULL_BEGIN
@property (nonatomic, strong, readonly) NSData *_Nullable payload;
@property (nonatomic, strong) NSDate *_Nullable sentDate;
- (NSInteger)capacity;
- (NSInteger)serializeTo:(uint8_t *)to;
//- (NSInteger)capacity;
//- (NSInteger)serializeTo:(uint8_t *)to;
- (NSData *)serialized;
@end

17
TunnelKit/Sources/Core/ControlPacket.m
View File

@ -75,13 +75,12 @@
return (self.packetId == UINT32_MAX);
}
- (NSInteger)capacity
- (NSInteger)rawCapacity
{
const BOOL isAck = self.isAck;
const NSUInteger ackLength = self.ackIds.count;
NSCAssert(!isAck || ackLength > 0, @"Ack packet must provide positive ackLength");
NSInteger n = PacketOpcodeLength + PacketSessionIdLength;
n += PacketAckLengthLength;
NSInteger n = PacketAckLengthLength;
if (ackLength > 0) {
n += ackLength * PacketIdLength + PacketSessionIdLength;
}
@ -93,10 +92,9 @@
}
// Ruby: send_ctrl
- (NSInteger)serializeTo:(uint8_t *)to
- (NSInteger)rawSerializeTo:(uint8_t *)to
{
uint8_t *ptr = to;
ptr += PacketHeaderSet(ptr, self.code, self.key, self.sessionId.bytes);
if (self.ackIds.count > 0) {
NSCParameterAssert(self.ackRemoteSessionId.length == PacketSessionIdLength);
*ptr = self.ackIds.count;
@ -124,10 +122,17 @@
return ptr - to;
}
- (NSInteger)capacity
{
return PacketOpcodeLength + PacketSessionIdLength + self.rawCapacity;
}
- (NSData *)serialized
{
NSMutableData *data = [[NSMutableData alloc] initWithLength:self.capacity];
[self serializeTo:data.mutableBytes];
uint8_t *ptr = data.mutableBytes;
ptr += PacketHeaderSet(ptr, self.code, self.key, self.sessionId.bytes);
[self rawSerializeTo:ptr];
return data;
}

8
TunnelKit/Sources/Core/SessionProxy+Configuration.swift
View File

@ -156,6 +156,9 @@ extension SessionProxy {
/// Sets compression framing, disabled by default.
public var compressionFraming: CompressionFraming
/// The optional TLS wrapping.
public var tlsWrap: TLSWrap?
/// Sends periodical keep-alive packets if set.
public var keepAliveInterval: TimeInterval?
@ -174,6 +177,7 @@ extension SessionProxy {
clientCertificatePath = nil
clientKeyPath = nil
compressionFraming = .disabled
tlsWrap = nil
keepAliveInterval = nil
renegotiatesAfter = nil
usesPIAPatches = false
@ -193,6 +197,7 @@ extension SessionProxy {
clientCertificatePath: clientCertificatePath,
clientKeyPath: clientKeyPath,
compressionFraming: compressionFraming,
tlsWrap: tlsWrap,
keepAliveInterval: keepAliveInterval,
renegotiatesAfter: renegotiatesAfter,
usesPIAPatches: usesPIAPatches
@ -224,6 +229,9 @@ extension SessionProxy {
/// - Seealso: `SessionProxy.ConfigurationBuilder.compressionFraming`
public let compressionFraming: CompressionFraming
/// - Seealso: `SessionProxy.ConfigurationBuilder.tlsWrap`
public var tlsWrap: TLSWrap?
/// - Seealso: `SessionProxy.ConfigurationBuilder.keepAliveInterval`
public let keepAliveInterval: TimeInterval?

60
TunnelKit/Sources/Core/SessionProxy+TLSWrap.swift Normal file
View File

@ -0,0 +1,60 @@
//
// SessionProxy+TLSWrap.swift
// TunnelKit
//
// Created by Davide De Rosa on 9/11/18.
// Copyright (c) 2018 Davide De Rosa. All rights reserved.
//
// https://github.com/keeshux
//
// This file is part of TunnelKit.
//
// TunnelKit is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// TunnelKit is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
//
import Foundation
extension SessionProxy {
/// Holds parameters for TLS wrapping.
public class TLSWrap: Codable {
/// The wrapping strategy.
public enum Strategy: String, Codable {
case none
}
/// The wrapping strategy.
public let strategy: Strategy
/// The static encryption key.
public let key: StaticKey
/// :nodoc:
public init(strategy: Strategy, key: StaticKey) {
self.strategy = strategy
self.key = key
}
/// :nodoc:
public static func deserialized(_ data: Data) throws -> SessionProxy.TLSWrap {
return try JSONDecoder().decode(SessionProxy.TLSWrap.self, from: data)
}
/// :nodoc:
public func serialized() -> Data? {
return try? JSONEncoder().encode(self)
}
}
}

11
TunnelKit/Sources/Core/SessionProxy.swift
View File

@ -173,7 +173,16 @@ public class SessionProxy {
lastPing = BidirectionalState(withResetValue: Date.distantPast)
isStopping = false
controlChannel = ControlChannel()
if let tlsWrap = configuration.tlsWrap {
// TODO: select strategy
switch tlsWrap.strategy {
default:
controlChannel = ControlChannel()
}
} else {
controlChannel = ControlChannel()
}
}
deinit {

175
TunnelKit/Sources/Core/StaticKey.swift Normal file
View File

@ -0,0 +1,175 @@
//
// StaticKey.swift
// TunnelKit
//
// Created by Davide De Rosa on 9/10/18.
// Copyright (c) 2018 Davide De Rosa. All rights reserved.
//
// https://github.com/keeshux
//
// This file is part of TunnelKit.
//
// TunnelKit is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// TunnelKit is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
//
import Foundation
import __TunnelKitNative
/// Represents an OpenVPN static key file (as generated with --genkey)
public class StaticKey: Codable {
enum CodingKeys: CodingKey {
case data
case dir
}
/// The key-direction field, usually 0 on servers and 1 on clients.
public enum Direction: Int, Codable {
/// Conventional server direction (implicit for tls-crypt).
case server = 0
/// Conventional client direction (implicit for tls-crypt).
case client = 1
}
private static let contentLength = 256 // 2048-bit
private static let keyCount = 4
private static let keyLength = StaticKey.contentLength / StaticKey.keyCount
private let secureData: ZeroingData
private let direction: Direction?
/// Returns the encryption key.
///
/// - Precondition: `direction` must be non-nil.
/// - Seealso: `SessionProxy.ConfigurationBuilder.tlsWrap`
public var cipherEncryptKey: ZeroingData {
guard let direction = direction else {
preconditionFailure()
}
switch direction {
case .server:
return key(at: 0)
case .client:
return key(at: 2)
}
}
/// Returns the decryption key.
///
/// - Precondition: `direction` must be non-nil.
/// - Seealso: `SessionProxy.ConfigurationBuilder.tlsWrap`
public var cipherDecryptKey: ZeroingData {
guard let direction = direction else {
preconditionFailure()
}
switch direction {
case .server:
return key(at: 2)
case .client:
return key(at: 0)
}
}
/// Returns the HMAC sending key.
///
/// - Seealso: `SessionProxy.ConfigurationBuilder.tlsWrap`
public var hmacSendKey: ZeroingData {
guard let direction = direction else {
return key(at: 1)
}
switch direction {
case .server:
return key(at: 1)
case .client:
return key(at: 3)
}
}
/// Returns the HMAC receiving key.
///
/// - Seealso: `SessionProxy.ConfigurationBuilder.tlsWrap`
public var hmacReceiveKey: ZeroingData {
guard let direction = direction else {
return key(at: 1)
}
switch direction {
case .server:
return key(at: 3)
case .client:
return key(at: 1)
}
}
/**
Initializes with data and direction.
- Parameter data: The key data.
- Parameter direction: The key direction, or bidirectional if nil. For tls-crypt behavior, must not be nil.
*/
public init(data: Data, direction: Direction?) {
precondition(data.count == StaticKey.contentLength)
secureData = Z(data)
self.direction = direction
}
/**
Initializes as bidirectional.
- Parameter biData: The key data.
*/
public convenience init(biData data: Data) {
self.init(data: data, direction: nil)
}
private func key(at: Int) -> ZeroingData {
let size = secureData.count / StaticKey.keyCount // 64 bytes each
assert(size == StaticKey.keyLength)
return secureData.withOffset(at * size, count: size)
}
/// :nodoc:
public static func deserialized(_ data: Data) throws -> StaticKey {
return try JSONDecoder().decode(StaticKey.self, from: data)
}
/// :nodoc:
public func serialized() -> Data? {
return try? JSONEncoder().encode(self)
}
// MARK: Codable
/// :nodoc:
public required init(from decoder: Decoder) throws {
let container = try decoder.container(keyedBy: CodingKeys.self)
secureData = Z(try container.decode(Data.self, forKey: .data))
direction = try container.decodeIfPresent(Direction.self, forKey: .dir)
}
/// :nodoc:
public func encode(to encoder: Encoder) throws {
var container = encoder.container(keyedBy: CodingKeys.self)
try container.encode(secureData.toData(), forKey: .data)
try container.encodeIfPresent(direction, forKey: .dir)
}
}