diff options
author | lloyd <[email protected]> | 2012-01-25 01:30:42 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-01-25 01:30:42 +0000 |
commit | 2e228d51c23ff2633d520fe6b6c05a2b093bccee (patch) | |
tree | 5727eefdc267ad94d22e28d3604e849c71faf14a | |
parent | f4874a59ade430938992b00ad5f8939f38003d93 (diff) |
Go back to choosing the ciphersuite based on the server's preferences.
The client can constrain their offering if they want to.
Add identifiers for PSK suites (not implemented)
Rename hide_unknown_srp_users to hide_unknown_users as it can be used
for PSK as well.
-rw-r--r-- | src/tls/tls_ciphersuite.cpp | 20 | ||||
-rw-r--r-- | src/tls/tls_magic.h | 25 | ||||
-rw-r--r-- | src/tls/tls_policy.cpp | 22 | ||||
-rw-r--r-- | src/tls/tls_policy.h | 12 | ||||
-rw-r--r-- | src/tls/tls_server.cpp | 3 |
5 files changed, 57 insertions, 25 deletions
diff --git a/src/tls/tls_ciphersuite.cpp b/src/tls/tls_ciphersuite.cpp index ffd1c7810..8653b0841 100644 --- a/src/tls/tls_ciphersuite.cpp +++ b/src/tls/tls_ciphersuite.cpp @@ -129,6 +129,26 @@ Ciphersuite Ciphersuite::lookup_ciphersuite(u16bit suite) case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: return Ciphersuite("ECDSA", "ECDH", "SHA-1", "3DES", 24); +#if 0 + case TLS_PSK_WITH_RC4_128_SHA: + return Ciphersuite("", "PSK", "SHA-1", "ARC4", 16); + case TLS_PSK_WITH_3DES_EDE_CBC_SHA: + return Ciphersuite("", "PSK", "SHA-1", "3DES", 24); + case TLS_PSK_WITH_AES_128_CBC_SHA: + return Ciphersuite("", "PSK", "SHA-1", "AES-128", 16); + case TLS_PSK_WITH_AES_256_CBC_SHA: + return Ciphersuite("", "PSK", "SHA-1", "AES-256", 32); + + case TLS_DHE_PSK_WITH_RC4_128_SHA: + return Ciphersuite("", "DHE_PSK", "SHA-1", "ARC4", 16); + case TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: + return Ciphersuite("", "DHE_PSK", "SHA-1", "3DES", 24); + case TLS_DHE_PSK_WITH_AES_128_CBC_SHA: + return Ciphersuite("", "DHE_PSK", "SHA-1", "AES-128", 16); + case TLS_DHE_PSK_WITH_AES_256_CBC_SHA: + return Ciphersuite("", "DHE_PSK", "SHA-1", "AES-256", 32); +#endif + // SRP/RSA ciphersuites case TLS_SRP_SHA_RSA_WITH_AES_128_SHA: diff --git a/src/tls/tls_magic.h b/src/tls/tls_magic.h index c238f1324..e6a055b57 100644 --- a/src/tls/tls_magic.h +++ b/src/tls/tls_magic.h @@ -121,13 +121,6 @@ enum Ciphersuite_Code { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B, TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A, - TLS_SRP_SHA_RSA_WITH_3DES_EDE_SHA = 0xC01B, - TLS_SRP_SHA_DSS_WITH_3DES_EDE_SHA = 0xC01C, - TLS_SRP_SHA_RSA_WITH_AES_128_SHA = 0xC01E, - TLS_SRP_SHA_DSS_WITH_AES_128_SHA = 0xC01F, - TLS_SRP_SHA_RSA_WITH_AES_256_SHA = 0xC021, - TLS_SRP_SHA_DSS_WITH_AES_256_SHA = 0xC022, - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009, @@ -142,6 +135,24 @@ enum Ciphersuite_Code { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028, + TLS_PSK_WITH_RC4_128_SHA = 0x008A, + TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B, + TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C, + TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D, + + TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E, + TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F, + TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090, + TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091, + + TLS_SRP_SHA_DSS_WITH_3DES_EDE_SHA = 0xC01C, + TLS_SRP_SHA_DSS_WITH_AES_128_SHA = 0xC01F, + TLS_SRP_SHA_DSS_WITH_AES_256_SHA = 0xC022, + + TLS_SRP_SHA_RSA_WITH_3DES_EDE_SHA = 0xC01B, + TLS_SRP_SHA_RSA_WITH_AES_128_SHA = 0xC01E, + TLS_SRP_SHA_RSA_WITH_AES_256_SHA = 0xC021, + /* signalling values that cannot be negotiated */ TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF }; diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index 38dd21a55..ea3e4f144 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -47,6 +47,8 @@ std::vector<std::string> Policy::allowed_key_exchange_methods() const std::vector<std::string> allowed; //allowed.push_back("SRP"); + //allowed.push_back("DH_PSK"); + //allowed.push_back("PSK"); allowed.push_back("ECDH"); allowed.push_back("DH"); allowed.push_back(""); // means RSA via server cert @@ -223,29 +225,23 @@ u16bit Policy::choose_suite(const std::vector<u16bit>& client_suites, bool have_shared_ecc_curve, bool have_srp) const { - for(size_t i = 0; i != client_suites.size(); ++i) + std::vector<u16bit> ciphersuites = ciphersuite_list(have_srp); + + for(size_t i = 0; i != ciphersuites.size(); ++i) { - const u16bit suite_id = client_suites[i]; + const u16bit suite_id = ciphersuites[i]; Ciphersuite suite = Ciphersuite::lookup_ciphersuite(suite_id); - if(suite.cipher_keylen() == 0) - continue; // not a ciphersuite we know - if(!have_shared_ecc_curve) { if(suite.kex_algo() == "ECDH" || suite.sig_algo() == "ECDSA") continue; } - if(suite.kex_algo() == "SRP") - { - if(have_srp) - return suite_id; - else - continue; - } + if(!value_exists(available_cert_types, suite.sig_algo())) + continue; - if(value_exists(available_cert_types, suite.sig_algo())) + if(value_exists(client_suites, suite_id)) return suite_id; } diff --git a/src/tls/tls_policy.h b/src/tls/tls_policy.h index 3a926949a..cd00331a5 100644 --- a/src/tls/tls_policy.h +++ b/src/tls/tls_policy.h @@ -85,12 +85,14 @@ class BOTAN_DLL Policy virtual DL_Group dh_group() const { return DL_Group("modp/ietf/1536"); } /** - * If this function returns false, unknown SRP identifiers will be rejected - * with an unknown_psk_identifier alert. Otherwise, a false identifier value - * will be used, causing the login to fail without revealing that the username - * does not exist on this system. + * If this function returns false, unknown SRP/PSK identifiers + * will be rejected with an unknown_psk_identifier alert as soon + * as the non-existence is identified. Otherwise, a false + * identifier value will be used and the protocol allowed to + * proceed, causing the login to eventually fail without + * revealing that the username does not exist on this system. */ - virtual bool hide_unknown_srp_users() const { return false; } + virtual bool hide_unknown_users() const { return false; } /** * @return the minimum version that we are willing to negotiate diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index 8aff79793..b4a5ee5bc 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -9,6 +9,7 @@ #include <botan/internal/tls_handshake_state.h> #include <botan/internal/tls_messages.h> #include <botan/internal/stl_util.h> +#include <botan/internal/assert.h> #include <botan/dh.h> #include <botan/ecdh.h> #include <memory> @@ -262,6 +263,8 @@ void Server::process_handshake_msg(Handshake_Type type, if(sig_algo != "") { + BOTAN_ASSERT(!cert_chains[sig_algo].empty(), "Chose the wrong cert type"); + state->server_certs = new Certificate(writer, state->hash, cert_chains[sig_algo]); |