diff options
author | lloyd <[email protected]> | 2012-04-02 17:03:04 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-04-02 17:03:04 +0000 |
commit | 0b7fb2651b187097e9c89e37e2672ff28830371a (patch) | |
tree | 72a3866681bd2299d1651a66e05f9ec374cf80d8 | |
parent | 7f0df78e77eedaf299a8dcbea2d10290b99d3521 (diff) |
Add anonymous DH/ECDH ciphersuites to the cipher list. Interop checked
against OpenSSL.
One big issue that needs to be resolved is that with these
ciphersuites available to be negotiated, we want to make sure they
only are used when the application/user expects them to. Problem is
that PSK and SRP are "anonymous" but authenticated via the shared
secret. We need to be able to distinguish these on a policy
level. Otherwise a MITM could simply offer anon DH, which would be
somewhat unfortunate. A client could detect this in the handshake
callback, but might not.
In the short term to ensure this doesn't occur, disable both anon DH
and PSK/SRP in the default policy.
-rw-r--r-- | src/tls/tls_policy.cpp | 7 | ||||
-rw-r--r-- | src/tls/tls_suite_info.cpp | 73 |
2 files changed, 62 insertions, 18 deletions
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index 59f3ce50c..a2c0d01f8 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -23,7 +23,8 @@ std::vector<std::string> Policy::allowed_ciphers() const allowed.push_back("AES-128"); allowed.push_back("3DES"); allowed.push_back("ARC4"); - // Note that Camellia and SEED are not included by default + //allowed.push_back("Camellia"); + //allowed.push_back("SEED"); return allowed; } @@ -37,7 +38,7 @@ std::vector<std::string> Policy::allowed_hashes() const allowed.push_back("SHA-256"); allowed.push_back("SHA-224"); allowed.push_back("SHA-1"); - // Note that MD5 is not included by default + //allowed.push_back("MD5"); return allowed; } @@ -64,7 +65,7 @@ std::vector<std::string> Policy::allowed_signature_methods() const allowed.push_back("ECDSA"); allowed.push_back("RSA"); allowed.push_back("DSA"); - allowed.push_back(""); + //allowed.push_back(""); return allowed; } diff --git a/src/tls/tls_suite_info.cpp b/src/tls/tls_suite_info.cpp index 12cf818b2..0b76842af 100644 --- a/src/tls/tls_suite_info.cpp +++ b/src/tls/tls_suite_info.cpp @@ -13,13 +13,12 @@ namespace TLS { Ciphersuite Ciphersuite::by_id(u16bit suite) { + // Automatically generated by a Python script from the IANA values + switch(suite) { - - // Automatically generated by a Python script from the IANA values - case 0x0013: // DHE_DSS_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("DSA", "DH", "SHA-1", "TripleDES", 24); + return Ciphersuite("DSA", "DH", "SHA-1", "3DES", 24); case 0x0032: // DHE_DSS_WITH_AES_128_CBC_SHA return Ciphersuite("DSA", "DH", "SHA-1", "AES-128", 16); @@ -52,7 +51,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("DSA", "DH", "SHA-1", "SEED", 16); case 0x008F: // DHE_PSK_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("", "DHE_PSK", "SHA-1", "TripleDES", 24); + return Ciphersuite("", "DHE_PSK", "SHA-1", "3DES", 24); case 0x0090: // DHE_PSK_WITH_AES_128_CBC_SHA return Ciphersuite("", "DHE_PSK", "SHA-1", "AES-128", 16); @@ -76,7 +75,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("", "DHE_PSK", "SHA-1", "ARC4", 16); case 0x0016: // DHE_RSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("RSA", "DH", "SHA-1", "TripleDES", 24); + return Ciphersuite("RSA", "DH", "SHA-1", "3DES", 24); case 0x0033: // DHE_RSA_WITH_AES_128_CBC_SHA return Ciphersuite("RSA", "DH", "SHA-1", "AES-128", 16); @@ -105,8 +104,41 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) case 0x009A: // DHE_RSA_WITH_SEED_CBC_SHA return Ciphersuite("RSA", "DH", "SHA-1", "SEED", 16); + case 0x001B: // DH_anon_WITH_3DES_EDE_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "3DES", 24); + + case 0x0034: // DH_anon_WITH_AES_128_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "AES-128", 16); + + case 0x006C: // DH_anon_WITH_AES_128_CBC_SHA256 + return Ciphersuite("", "DH", "SHA-256", "AES-128", 16); + + case 0x003A: // DH_anon_WITH_AES_256_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "AES-256", 32); + + case 0x006D: // DH_anon_WITH_AES_256_CBC_SHA256 + return Ciphersuite("", "DH", "SHA-256", "AES-256", 32); + + case 0x0046: // DH_anon_WITH_CAMELLIA_128_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "Camellia", 16); + + case 0x00BF: // DH_anon_WITH_CAMELLIA_128_CBC_SHA256 + return Ciphersuite("", "DH", "SHA-256", "Camellia", 16); + + case 0x0089: // DH_anon_WITH_CAMELLIA_256_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "Camellia", 32); + + case 0x00C5: // DH_anon_WITH_CAMELLIA_256_CBC_SHA256 + return Ciphersuite("", "DH", "SHA-256", "Camellia", 32); + + case 0x0018: // DH_anon_WITH_RC4_128_MD5 + return Ciphersuite("", "DH", "MD5", "ARC4", 16); + + case 0x009B: // DH_anon_WITH_SEED_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "SEED", 16); + case 0xC008: // ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("ECDSA", "ECDH", "SHA-1", "TripleDES", 24); + return Ciphersuite("ECDSA", "ECDH", "SHA-1", "3DES", 24); case 0xC009: // ECDHE_ECDSA_WITH_AES_128_CBC_SHA return Ciphersuite("ECDSA", "ECDH", "SHA-1", "AES-128", 16); @@ -130,7 +162,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("ECDSA", "ECDH", "SHA-1", "ARC4", 16); case 0xC034: // ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("", "ECDHE_PSK", "SHA-1", "TripleDES", 24); + return Ciphersuite("", "ECDHE_PSK", "SHA-1", "3DES", 24); case 0xC035: // ECDHE_PSK_WITH_AES_128_CBC_SHA return Ciphersuite("", "ECDHE_PSK", "SHA-1", "AES-128", 16); @@ -154,7 +186,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("", "ECDHE_PSK", "SHA-1", "ARC4", 16); case 0xC012: // ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("RSA", "ECDH", "SHA-1", "TripleDES", 24); + return Ciphersuite("RSA", "ECDH", "SHA-1", "3DES", 24); case 0xC013: // ECDHE_RSA_WITH_AES_128_CBC_SHA return Ciphersuite("RSA", "ECDH", "SHA-1", "AES-128", 16); @@ -177,8 +209,20 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) case 0xC011: // ECDHE_RSA_WITH_RC4_128_SHA return Ciphersuite("RSA", "ECDH", "SHA-1", "ARC4", 16); + case 0xC017: // ECDH_anon_WITH_3DES_EDE_CBC_SHA + return Ciphersuite("", "ECDH", "SHA-1", "3DES", 24); + + case 0xC018: // ECDH_anon_WITH_AES_128_CBC_SHA + return Ciphersuite("", "ECDH", "SHA-1", "AES-128", 16); + + case 0xC019: // ECDH_anon_WITH_AES_256_CBC_SHA + return Ciphersuite("", "ECDH", "SHA-1", "AES-256", 32); + + case 0xC016: // ECDH_anon_WITH_RC4_128_SHA + return Ciphersuite("", "ECDH", "SHA-1", "ARC4", 16); + case 0x008B: // PSK_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("", "PSK", "SHA-1", "TripleDES", 24); + return Ciphersuite("", "PSK", "SHA-1", "3DES", 24); case 0x008C: // PSK_WITH_AES_128_CBC_SHA return Ciphersuite("", "PSK", "SHA-1", "AES-128", 16); @@ -202,7 +246,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("", "PSK", "SHA-1", "ARC4", 16); case 0x000A: // RSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("RSA", "RSA", "SHA-1", "TripleDES", 24); + return Ciphersuite("RSA", "RSA", "SHA-1", "3DES", 24); case 0x002F: // RSA_WITH_AES_128_CBC_SHA return Ciphersuite("RSA", "RSA", "SHA-1", "AES-128", 16); @@ -238,7 +282,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("RSA", "RSA", "SHA-1", "SEED", 16); case 0xC01C: // SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("DSA", "SRP_SHA", "SHA-1", "TripleDES", 24); + return Ciphersuite("DSA", "SRP_SHA", "SHA-1", "3DES", 24); case 0xC01F: // SRP_SHA_DSS_WITH_AES_128_CBC_SHA return Ciphersuite("DSA", "SRP_SHA", "SHA-1", "AES-128", 16); @@ -247,7 +291,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("DSA", "SRP_SHA", "SHA-1", "AES-256", 32); case 0xC01B: // SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("RSA", "SRP_SHA", "SHA-1", "TripleDES", 24); + return Ciphersuite("RSA", "SRP_SHA", "SHA-1", "3DES", 24); case 0xC01E: // SRP_SHA_RSA_WITH_AES_128_CBC_SHA return Ciphersuite("RSA", "SRP_SHA", "SHA-1", "AES-128", 16); @@ -256,14 +300,13 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("RSA", "SRP_SHA", "SHA-1", "AES-256", 32); case 0xC01A: // SRP_SHA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("", "SRP_SHA", "SHA-1", "TripleDES", 24); + return Ciphersuite("", "SRP_SHA", "SHA-1", "3DES", 24); case 0xC01D: // SRP_SHA_WITH_AES_128_CBC_SHA return Ciphersuite("", "SRP_SHA", "SHA-1", "AES-128", 16); case 0xC020: // SRP_SHA_WITH_AES_256_CBC_SHA return Ciphersuite("", "SRP_SHA", "SHA-1", "AES-256", 32); - } return Ciphersuite(); // some unknown ciphersuite |