constellation/coordinator/atls/atls.go
Daniel Weiße 869448c3e1 Add mutual aTLS support (#176)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-05-24 16:33:44 +02:00

289 lines
9.4 KiB
Go

package atls
import (
"bytes"
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/sha256"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/base64"
"errors"
"time"
"github.com/edgelesssys/constellation/coordinator/config"
"github.com/edgelesssys/constellation/coordinator/oid"
"github.com/edgelesssys/constellation/coordinator/util"
)
// CreateAttestationServerTLSConfig creates a tls.Config object with a self-signed certificate and an embedded attestation document.
// Pass a list of validators to enable mutual aTLS.
func CreateAttestationServerTLSConfig(issuer Issuer, validators []Validator) (*tls.Config, error) {
if issuer == nil {
return nil, errors.New("unable to create aTLS server configuration without quote issuer")
}
getConfigForClient, err := getATLSConfigForClientFunc(issuer, validators)
if err != nil {
return nil, err
}
return &tls.Config{
GetConfigForClient: getConfigForClient,
}, nil
}
// CreateAttestationClientTLSConfig creates a tls.Config object that verifies a certificate with an embedded attestation document.
// If no validators are set, the server's attestation document will not be verified.
// If issuers is nil, the client will be unable to perform mutual aTLS.
func CreateAttestationClientTLSConfig(issuer Issuer, validators []Validator) (*tls.Config, error) {
nonce, err := util.GenerateRandomBytes(config.RNGLengthDefault)
if err != nil {
return nil, err
}
clientConn := &clientConnection{
issuer: issuer,
validators: validators,
clientNonce: nonce,
}
return &tls.Config{
VerifyPeerCertificate: clientConn.verify,
GetClientCertificate: clientConn.getCertificate, // use custom certificate for mutual aTLS connections
InsecureSkipVerify: true, // disable default verification because we use our own verify func
ServerName: base64.StdEncoding.EncodeToString(nonce), // abuse ServerName as a channel to transmit the nonce
MinVersion: tls.VersionTLS12,
}, nil
}
type Issuer interface {
oid.Getter
Issue(userData []byte, nonce []byte) (quote []byte, err error)
}
type Validator interface {
oid.Getter
Validate(attDoc []byte, nonce []byte) ([]byte, error)
}
// getATLSConfigForClientFunc returns a config setup function that is called once for every client connecting to the server.
// This allows for different server configuration for every client.
// In aTLS this is used to generate unique nonces for every client and embed them in the server's certificate.
func getATLSConfigForClientFunc(issuer Issuer, validators []Validator) (func(*tls.ClientHelloInfo) (*tls.Config, error), error) {
// generate key for the server
priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
return nil, err
}
// this function will be called once for every client
return func(chi *tls.ClientHelloInfo) (*tls.Config, error) {
// generate nonce for this connection
nonce, err := util.GenerateRandomBytes(config.RNGLengthDefault)
if err != nil {
return nil, err
}
serverConn := &serverConnection{
privKey: priv,
issuer: issuer,
validators: validators,
nonce: nonce,
}
clientAuth := tls.NoClientCert
// enable mutual aTLS if any validators are set
if len(validators) > 0 {
clientAuth = tls.RequireAnyClientCert // validity of certificate will be checked by our custom verify function
}
return &tls.Config{
ClientAuth: clientAuth,
VerifyPeerCertificate: serverConn.verify,
GetCertificate: serverConn.getCertificate,
MinVersion: tls.VersionTLS12,
}, nil
}, nil
}
// getCertificate creates a client or server certificate for aTLS connections.
// The certificate uses certificate extensions to embed an attestation document generated using remoteNonce.
// If localNonce is set, it is also embedded as a certificate extension.
func getCertificate(issuer Issuer, priv, pub any, remoteNonce, localNonce []byte) (*tls.Certificate, error) {
serialNumber, err := util.GenerateCertificateSerialNumber()
if err != nil {
return nil, err
}
hash, err := hashPublicKey(pub)
if err != nil {
return nil, err
}
// create attestation document using the nonce send by the remote party
attDoc, err := issuer.Issue(hash, remoteNonce)
if err != nil {
return nil, err
}
extensions := []pkix.Extension{{Id: issuer.OID(), Value: attDoc}}
// embed locally generated nonce in certificate
if len(localNonce) > 0 {
extensions = append(extensions, pkix.Extension{Id: oid.ATLSNonce, Value: localNonce})
}
// create certificate that includes the attestation document and the server nonce as extension
now := time.Now()
template := &x509.Certificate{
SerialNumber: serialNumber,
Subject: pkix.Name{CommonName: "Constellation"},
NotBefore: now.Add(-2 * time.Hour),
NotAfter: now.Add(2 * time.Hour),
ExtraExtensions: extensions,
}
cert, err := x509.CreateCertificate(rand.Reader, template, template, pub, priv)
if err != nil {
return nil, err
}
return &tls.Certificate{Certificate: [][]byte{cert}, PrivateKey: priv}, nil
}
// processCertificate parses the certificate and verifies it.
// If successful returns the certificate and its hashed public key, an error otherwise.
func processCertificate(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) (*x509.Certificate, []byte, error) {
// parse certificate
if len(rawCerts) == 0 {
return nil, nil, errors.New("rawCerts is empty")
}
cert, err := x509.ParseCertificate(rawCerts[0])
if err != nil {
return nil, nil, err
}
// verify self-signed certificate
roots := x509.NewCertPool()
roots.AddCert(cert)
_, err = cert.Verify(x509.VerifyOptions{Roots: roots})
if err != nil {
return nil, nil, err
}
// hash of certificates public key is used as userData in the embedded attestation document
hash, err := hashPublicKey(cert.PublicKey)
return cert, hash, err
}
// verifyEmbeddedReport verifies an aTLS certificate by validating the attestation document embedded in the TLS certificate.
func verifyEmbeddedReport(validators []Validator, cert *x509.Certificate, hash, nonce []byte) error {
for _, ex := range cert.Extensions {
for _, validator := range validators {
if ex.Id.Equal(validator.OID()) {
userData, err := validator.Validate(ex.Value, nonce)
if err != nil {
return err
}
if !bytes.Equal(userData, hash) {
return errors.New("certificate hash does not match user data")
}
return nil
}
}
}
return errors.New("certificate does not contain attestation document")
}
func hashPublicKey(pub any) ([]byte, error) {
pubBytes, err := x509.MarshalPKIXPublicKey(pub)
if err != nil {
return nil, err
}
result := sha256.Sum256(pubBytes)
return result[:], nil
}
// clientConnection holds state for client to server connections.
type clientConnection struct {
issuer Issuer
validators []Validator
clientNonce []byte
serverNonce []byte
}
// verify the validity of an aTLS server certificate.
func (c *clientConnection) verify(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
cert, hash, err := processCertificate(rawCerts, verifiedChains)
if err != nil {
return err
}
// get nonce send by server from cert extensions and save to connection state
for _, ex := range cert.Extensions {
if ex.Id.Equal(oid.ATLSNonce) {
c.serverNonce = ex.Value
}
}
// don't perform verification of attestation document if no validators are set
if len(c.validators) == 0 {
return nil
}
return verifyEmbeddedReport(c.validators, cert, hash, c.clientNonce)
}
// getCertificate generates a client certificate for mutual aTLS connections.
func (c *clientConnection) getCertificate(*tls.CertificateRequestInfo) (*tls.Certificate, error) {
if c.issuer == nil {
return nil, errors.New("unable to create certificate: no quote issuer available")
}
// generate and hash key
priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
return nil, err
}
// create aTLS certificate using the server's nonce as read by clientConnection.verify
// we do not pass a nonce because
// 1. we already received a certificate from the server
// 2. we transmitted the client nonce as our server name in our client-hello message
return getCertificate(c.issuer, priv, &priv.PublicKey, c.serverNonce, nil)
}
// serverConnection holds state for server to client connections.
type serverConnection struct {
issuer Issuer
validators []Validator
privKey *ecdsa.PrivateKey
nonce []byte
}
// verify the validity of a clients aTLS certificate.
// Only needed for mutual aTLS.
func (c *serverConnection) verify(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
cert, hash, err := processCertificate(rawCerts, verifiedChains)
if err != nil {
return err
}
return verifyEmbeddedReport(c.validators, cert, hash, c.nonce)
}
// getCertificate generates a client certificate for aTLS connections.
// Can be used for mutual as well as basic aTLS.
func (c *serverConnection) getCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error) {
// abuse ServerName as a channel to receive the nonce
clientNonce, err := base64.StdEncoding.DecodeString(chi.ServerName)
if err != nil {
return nil, err
}
// create aTLS certificate using the nonce as extracted from the client-hello message
// we also embed the nonce generated for this connection in case of mutual aTLS
return getCertificate(c.issuer, c.privKey, &c.privKey.PublicKey, clientNonce, c.nonce)
}