// Matrix Construct // // Copyright (C) Matrix Construct Developers, Authors & Contributors // Copyright (C) 2016-2018 Jason Volk // // Permission to use, copy, modify, and/or distribute this software for any // purpose with or without fee is hereby granted, provided that the above // copyright notice and this permission notice is present in all copies. The // full license for this software is available in the LICENSE file. namespace ircd::m { static bool keys_cache_get(const string_view &server, const string_view &key_id, const keys::closure &); static size_t keys_cache_set(const json::object &); void create_my_key(); static void create_my_key_hookfn(const m::event &, m::vm::eval &); static void init_my_ed25519(); static void init_my_tls_crt(); void init_my_keys(); extern conf::item keys_get_timeout; extern conf::item keys_query_timeout; extern conf::item ed25519_key_dir; extern conf::item tls_key_dir; extern m::hookfn create_my_key_hook; } ircd::mapi::header IRCD_MODULE { "Server keys" }; // // ircd/m/keys.h // bool IRCD_MODULE_EXPORT ircd::m::verify(const m::keys &keys, std::nothrow_t) noexcept try { return verify(keys, std::nothrow); } catch(const std::exception &e) { log::error { m::log, "key verification for '%s' failed :%s", json::get<"server_name"_>(keys, ""_sv), e.what() }; return false; } void IRCD_MODULE_EXPORT ircd::m::verify(const m::keys &keys) { const auto &valid_until_ts { at<"valid_until_ts"_>(keys) }; if(valid_until_ts < ircd::time()) throw ircd::error { "Key was valid until %s", timestr(valid_until_ts / 1000L) }; const json::object &verify_keys { at<"verify_keys"_>(keys) }; const string_view &key_id { begin(verify_keys)->first }; const json::object &key { begin(verify_keys)->second }; const ed25519::pk pk { [&key](auto &pk) { b64decode(pk, unquote(key.at("key"))); } }; const json::object &signatures { at<"signatures"_>(keys) }; const string_view &server_name { unquote(at<"server_name"_>(keys)) }; const json::object &server_signatures { signatures.at(server_name) }; const ed25519::sig sig{[&server_signatures, &key_id](auto &sig) { b64decode(sig, unquote(server_signatures.at(key_id))); }}; m::keys copy{keys}; at<"signatures"_>(copy) = string_view{}; thread_local char buf[4096]; const const_buffer preimage { json::stringify(mutable_buffer{buf}, copy) }; if(!pk.verify(preimage, sig)) throw m::error { http::UNAUTHORIZED, "M_INVALID_SIGNATURE", "Failed to verify signature for public key of '%s'", server_name }; } // // ircd::m::keys // decltype(ircd::m::keys_get_timeout) ircd::m::keys_query_timeout { { "name", "ircd.keys.query.timeout" }, { "default", 20000L } }; bool IRCD_MODULE_EXPORT ircd::m::keys::query(const string_view &query_server, const queries &queries, const closure_bool &closure) try { assert(!query_server.empty()); m::v1::key::opts opts; opts.remote = net::hostport{query_server}; opts.dynamic = true; const unique_buffer buf { 16_KiB }; m::v1::key::query request { queries, buf, std::move(opts) }; request.wait(milliseconds(keys_query_timeout)); const auto &code(request.get()); const json::array &response { request }; for(const json::object &key_ : response) try { const m::keys &key { key_ }; verify(key); log::debug { m::log, "Verified keys for '%s' from '%s'", at<"server_name"_>(key), query_server }; if(!closure(key_)) return false; } catch(const std::exception &e) { log::derror { "Failed to verify keys for '%s' from '%s' :%s", key_.get("server_name"), query_server, e.what() }; } return true; } catch(const ctx::timeout &e) { throw m::error { http::REQUEST_TIMEOUT, "M_TIMEOUT", "Failed to query keys from '%s' in time", query_server }; } decltype(ircd::m::keys_get_timeout) ircd::m::keys_get_timeout { { "name", "ircd.keys.get.timeout" }, { "default", 20000L } }; void IRCD_MODULE_EXPORT ircd::m::keys::get(const string_view &server_name, const string_view &key_id, const closure &closure) try { assert(!server_name.empty()); if(keys_cache_get(server_name, key_id, closure)) return; if(server_name == my_host()) throw m::NOT_FOUND { "keys for '%s' (that's myself) not found", server_name }; log::debug { m::log, "Keys for %s not cached; querying network...", server_name }; m::v1::key::opts opts; const unique_buffer buf { 16_KiB }; m::v1::key::keys request { server_name, buf, std::move(opts) }; request.wait(milliseconds(keys_get_timeout)); const auto &status(request.get()); const json::object &response { request }; const json::object &keys { response }; verify(m::keys(keys)); log::debug { m::log, "Verified keys from '%s'", server_name }; keys_cache_set(keys); closure(keys); } catch(const ctx::timeout &e) { throw m::error { http::REQUEST_TIMEOUT, "M_TIMEOUT", "Failed to fetch keys for '%s' in time", server_name }; } // // init // void IRCD_MODULE_EXPORT ircd::m::init_my_keys() { init_my_ed25519(); init_my_tls_crt(); } decltype(ircd::m::tls_key_dir) ircd::m::tls_key_dir { { "name", "ircd.keys.tls_key_dir" }, { "default", fs::cwd() } }; void ircd::m::init_my_tls_crt() { if(empty(m::self::origin)) throw error { "The m::self::origin must be set to init my ed25519 key." }; const std::string private_key_path_parts[] { std::string{tls_key_dir}, m::self::origin + ".crt.key", }; const std::string public_key_path_parts[] { std::string{tls_key_dir}, m::self::origin + ".crt.key.pub", }; const std::string dhparam_path_parts[] { std::string{tls_key_dir}, m::self::origin + ".crt.dh", }; const std::string certificate_path_parts[] { std::string{tls_key_dir}, m::self::origin + ".crt", }; const std::string private_key_file { fs::path_string(private_key_path_parts) }; const std::string public_key_file { fs::path_string(public_key_path_parts) }; const std::string cert_file { fs::path_string(certificate_path_parts) }; if(!fs::exists(private_key_file) && !ircd::write_avoid) { log::warning { "Failed to find certificate private key @ `%s'; creating...", private_key_file }; openssl::genrsa(private_key_file, public_key_file); } /* const std::string dhparam_file { fs::path(dhparam_path_parts) }; if(!fs::exists(dhparam_file)) { log::warning { "Failed to find dhparam file @ `%s'; creating; " "this will take about 2 to 5 minutes...", dhparam_file }; openssl::gendh(dhparam_file); } */ const json::object config{}; if(!fs::exists(cert_file) && !ircd::write_avoid) { const json::object &certificate { config.get("certificate") }; const json::object &self_ { certificate.get(m::self::origin) }; std::string subject { self_.get("subject") }; if(empty(subject)) subject = json::strung{json::members { { "CN", m::self::origin } }}; log::warning { "Failed to find SSL certificate @ `%s'; creating for '%s'...", cert_file, m::self::origin }; const unique_buffer buf { 1_MiB }; const json::strung opts{json::members { { "private_key_pem_path", private_key_file }, { "public_key_pem_path", public_key_file }, { "subject", subject }, }}; const auto cert { openssl::genX509_rsa(buf, opts) }; fs::overwrite(cert_file, cert); } const auto cert_pem { fs::read(cert_file) }; const unique_buffer der_buf { 8_KiB }; const auto cert_der { openssl::cert2d(der_buf, cert_pem) }; const fixed_buffer hash { sha256{cert_der} }; m::self::tls_cert_der_sha256_b64 = { b64encode_unpadded(hash) }; log::info { m::log, "Certificate `%s' :PEM %zu bytes; DER %zu bytes; sha256b64 %s", cert_file, cert_pem.size(), ircd::size(cert_der), m::self::tls_cert_der_sha256_b64 }; const unique_buffer print_buf { 8_KiB }; log::info { m::log, "Certificate `%s' :%s", cert_file, openssl::print_subject(print_buf, cert_pem) }; } decltype(ircd::m::ed25519_key_dir) ircd::m::ed25519_key_dir { { "name", "ircd.keys.ed25519_key_dir" }, { "default", fs::cwd() } }; void ircd::m::init_my_ed25519() { if(empty(m::self::origin)) throw error { "The m::self::origin must be set to init my ed25519 key." }; const std::string path_parts[] { std::string{ed25519_key_dir}, m::self::origin + ".ed25519", }; const std::string sk_file { ircd::string(fs::PATH_MAX_LEN, [&](const mutable_buffer &buf) { return fs::path(buf, path_parts); }) }; if(fs::exists(sk_file) || ircd::write_avoid) log::info { m::log, "Using ed25519 secret key @ `%s'", sk_file }; else log::notice { m::log, "Creating ed25519 secret key @ `%s'", sk_file }; m::self::secret_key = ed25519::sk { sk_file, &m::self::public_key }; m::self::public_key_b64 = b64encode_unpadded(m::self::public_key); const fixed_buffer hash { sha256{m::self::public_key} }; const auto public_key_hash_b58 { b58encode(hash) }; static const auto trunc_size{8}; m::self::public_key_id = fmt::snstringf { 32, "ed25519:%s", trunc(public_key_hash_b58, trunc_size) }; log::info { m::log, "Current key is '%s' and the public key is: %s", m::self::public_key_id, m::self::public_key_b64 }; } // // create_my_key // decltype(ircd::m::create_my_key_hook) ircd::m::create_my_key_hook { create_my_key_hookfn, { { "_site", "vm.effect" }, { "room_id", m::my_node.room_id() }, { "type", "m.room.create" }, } }; void ircd::m::create_my_key_hookfn(const m::event &, m::vm::eval &) { create_my_key(); } void IRCD_MODULE_EXPORT ircd::m::create_my_key() { const json::members verify_keys_ {{ string_view{m::self::public_key_id}, { { "key", m::self::public_key_b64 } } }}; const json::members tlsfps { { "sha256", m::self::tls_cert_der_sha256_b64 } }; const json::value tlsfp[1] { { tlsfps } }; m::keys my_key; json::get<"server_name"_>(my_key) = my_host(); json::get<"old_verify_keys"_>(my_key) = "{}"; //TODO: conf json::get<"valid_until_ts"_>(my_key) = ircd::time() + milliseconds(1000UL * 60 * 60 * 24 * 180).count(); const json::strung verify_keys{verify_keys_}; // must be on stack until my_keys serialized. json::get<"verify_keys"_>(my_key) = verify_keys; const json::strung tls_fingerprints{json::value{tlsfp, 1}}; // must be on stack until my_keys serialized. json::get<"tls_fingerprints"_>(my_key) = tls_fingerprints; const json::strung presig { my_key }; const ed25519::sig sig { m::self::secret_key.sign(const_buffer{presig}) }; char signature[256]; const json::strung signatures{json::members { { my_host(), { { string_view{m::self::public_key_id}, b64encode_unpadded(signature, sig) } }} }}; json::get<"signatures"_>(my_key) = signatures; keys_cache_set(json::strung{my_key}); } // // cache // size_t ircd::m::keys_cache_set(const json::object &keys) { const json::string &server_name { keys.at("server_name") }; const m::node::room node_room { server_name }; if(!exists(node_room.room_id)) create(node_room, m::me.user_id); const json::object &vks { keys.at("verify_keys") }; size_t ret{0}; for(const auto &member : vks) { if(ret > 16) return ret; const auto &key_id(unquote(member.first)); send(node_room, m::me.user_id, "ircd.key", key_id, keys); ++ret; } return ret; } bool ircd::m::keys_cache_get(const string_view &server_name, const string_view &key_id, const keys::closure &closure) { const m::node::room node_room { server_name }; const auto reclosure{[&closure] (const m::event &event) { closure(json::get<"content"_>(event)); }}; // Without a key_id we search for the most recent key; note this is not // the same as making a state_key="" query, as that would be an actual // ircd.key entry without an id (which shouldn't exist). return !key_id? node_room.get(std::nothrow, "ircd.key", reclosure): node_room.get(std::nothrow, "ircd.key", key_id, reclosure); } /////////////////////////////////////////////////////////////////////////////// // // (internal) ed25519 support sanity test // #ifdef RB_DEBUG #define TEST_ED25519 __attribute__((constructor)) #else #define TEST_ED25519 #endif namespace ircd { static void _test_ed25519() noexcept TEST_ED25519; } void ircd::_test_ed25519() noexcept { char seed_buf[ed25519::SEED_SZ + 10]; const auto seed { b64decode(seed_buf, "YJDBA9Xnr2sVqXD9Vj7XVUnmFZcZrlw8Md7kMW+3XA1") }; ed25519::pk pk; ed25519::sk sk{&pk, seed}; const auto SERVER_NAME {"domain"}; const auto KEY_ID {"ed25519:1"}; const auto test{[&] (const std::string &object) -> bool { const auto sig { sk.sign(const_buffer{object}) }; char sigb64_buf[128]; const auto sigb64 { b64encode_unpadded(sigb64_buf, sig) }; ed25519::sig unsig; const auto unsigb64 { b64decode(unsig, sigb64) }; return pk.verify(const_buffer{object}, unsig); }}; const bool tests[] { test(std::string{json::object { "{}" }}), test(json::strung(json::members { { "one", 1L }, { "two", "Two" } })), }; if(!std::all_of(begin(tests), end(tests), [](const bool &b) { return b; })) throw ircd::panic { "Seeded ed25519 test failed" }; }