diff options
| author | Jack Lloyd <[email protected]> | 2020-11-21 15:34:10 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2020-11-21 15:34:10 -0500 |
| commit | f3a75fb9bd940be85e7dd83e357d9c37de2cc9f8 (patch) | |
| tree | 2b296fb3003d62d94bd747c509f4dbcb4b823269 | |
| parent | 454c7c04385a47d511cf8999ccff2746afbab06b (diff) | |
| parent | 229ca380488330f672793de00a74cc40c0f7f6e3 (diff) | |
Merge GH #2505 Remove support for DSA in TLS
| -rw-r--r-- | doc/deprecated.rst | 2 | ||||
| -rw-r--r-- | src/lib/tls/tls_algos.cpp | 37 | ||||
| -rw-r--r-- | src/lib/tls/tls_algos.h | 6 | ||||
| -rw-r--r-- | src/lib/tls/tls_ciphersuite.cpp | 8 | ||||
| -rw-r--r-- | src/lib/tls/tls_handshake_state.cpp | 1 | ||||
| -rw-r--r-- | src/lib/tls/tls_policy.cpp | 10 | ||||
| -rw-r--r-- | src/lib/tls/tls_policy.h | 6 | ||||
| -rw-r--r-- | src/lib/tls/tls_server.cpp | 1 | ||||
| -rw-r--r-- | src/lib/tls/tls_suite_info.cpp | 21 | ||||
| -rwxr-xr-x | src/scripts/tls_suite_info.py | 5 | ||||
| -rw-r--r-- | src/tests/test_tls.cpp | 1 | ||||
| -rw-r--r-- | src/tests/unit_tls.cpp | 90 | ||||
| -rw-r--r-- | src/tests/unit_tls_policy.cpp | 32 |
13 files changed, 10 insertions, 210 deletions
diff --git a/doc/deprecated.rst b/doc/deprecated.rst index 30efbf266..0d16e5f9a 100644 --- a/doc/deprecated.rst +++ b/doc/deprecated.rst @@ -26,8 +26,6 @@ in a future major release: - Support for TLSv1.0/v1.1 and DTLS v1.0 -- All support for DSA ciphersuites/certificates - - Support for point compression in TLS. This is supported in v1.2 but removed in v1.3. For simplicity it will be removed in v1.2 also. diff --git a/src/lib/tls/tls_algos.cpp b/src/lib/tls/tls_algos.cpp index 3d5ddacef..5c383807b 100644 --- a/src/lib/tls/tls_algos.cpp +++ b/src/lib/tls/tls_algos.cpp @@ -86,8 +86,6 @@ std::string auth_method_to_string(Auth_Method method) { case Auth_Method::RSA: return "RSA"; - case Auth_Method::DSA: - return "DSA"; case Auth_Method::ECDSA: return "ECDSA"; case Auth_Method::IMPLICIT: @@ -101,8 +99,6 @@ Auth_Method auth_method_from_string(const std::string& str) { if(str == "RSA") return Auth_Method::RSA; - if(str == "DSA") - return Auth_Method::DSA; if(str == "ECDSA") return Auth_Method::ECDSA; if(str == "IMPLICIT") @@ -188,24 +184,20 @@ std::string hash_function_of_scheme(Signature_Scheme scheme) { switch(scheme) { - case Signature_Scheme::DSA_SHA1: case Signature_Scheme::ECDSA_SHA1: case Signature_Scheme::RSA_PKCS1_SHA1: return "SHA-1"; - case Signature_Scheme::DSA_SHA256: case Signature_Scheme::ECDSA_SHA256: case Signature_Scheme::RSA_PKCS1_SHA256: case Signature_Scheme::RSA_PSS_SHA256: return "SHA-256"; - case Signature_Scheme::DSA_SHA384: case Signature_Scheme::ECDSA_SHA384: case Signature_Scheme::RSA_PKCS1_SHA384: case Signature_Scheme::RSA_PSS_SHA384: return "SHA-384"; - case Signature_Scheme::DSA_SHA512: case Signature_Scheme::ECDSA_SHA512: case Signature_Scheme::RSA_PKCS1_SHA512: case Signature_Scheme::RSA_PSS_SHA512: @@ -243,13 +235,8 @@ const std::vector<Signature_Scheme>& all_signature_schemes() Signature_Scheme::ECDSA_SHA512, Signature_Scheme::ECDSA_SHA256, - Signature_Scheme::DSA_SHA384, - Signature_Scheme::DSA_SHA512, - Signature_Scheme::DSA_SHA256, - Signature_Scheme::RSA_PKCS1_SHA1, Signature_Scheme::ECDSA_SHA1, - Signature_Scheme::DSA_SHA1, }; return all_schemes; @@ -267,11 +254,6 @@ bool signature_scheme_is_known(Signature_Scheme scheme) case Signature_Scheme::RSA_PSS_SHA384: case Signature_Scheme::RSA_PSS_SHA512: - case Signature_Scheme::DSA_SHA1: - case Signature_Scheme::DSA_SHA256: - case Signature_Scheme::DSA_SHA384: - case Signature_Scheme::DSA_SHA512: - case Signature_Scheme::ECDSA_SHA1: case Signature_Scheme::ECDSA_SHA256: case Signature_Scheme::ECDSA_SHA384: @@ -297,12 +279,6 @@ std::string signature_algorithm_of_scheme(Signature_Scheme scheme) case Signature_Scheme::RSA_PSS_SHA512: return "RSA"; - case Signature_Scheme::DSA_SHA1: - case Signature_Scheme::DSA_SHA256: - case Signature_Scheme::DSA_SHA384: - case Signature_Scheme::DSA_SHA512: - return "DSA"; - case Signature_Scheme::ECDSA_SHA1: case Signature_Scheme::ECDSA_SHA256: case Signature_Scheme::ECDSA_SHA384: @@ -335,15 +311,6 @@ std::string sig_scheme_to_string(Signature_Scheme scheme) case Signature_Scheme::RSA_PKCS1_SHA512: return "RSA_PKCS1_SHA512"; - case Signature_Scheme::DSA_SHA1: - return "DSA_SHA1"; - case Signature_Scheme::DSA_SHA256: - return "DSA_SHA256"; - case Signature_Scheme::DSA_SHA384: - return "DSA_SHA384"; - case Signature_Scheme::DSA_SHA512: - return "DSA_SHA512"; - case Signature_Scheme::ECDSA_SHA1: return "ECDSA_SHA1"; case Signature_Scheme::ECDSA_SHA256: @@ -385,16 +352,12 @@ std::string padding_string_for_scheme(Signature_Scheme scheme) case Signature_Scheme::RSA_PKCS1_SHA512: return "EMSA_PKCS1(SHA-512)"; - case Signature_Scheme::DSA_SHA1: case Signature_Scheme::ECDSA_SHA1: return "EMSA1(SHA-1)"; - case Signature_Scheme::DSA_SHA256: case Signature_Scheme::ECDSA_SHA256: return "EMSA1(SHA-256)"; - case Signature_Scheme::DSA_SHA384: case Signature_Scheme::ECDSA_SHA384: return "EMSA1(SHA-384)"; - case Signature_Scheme::DSA_SHA512: case Signature_Scheme::ECDSA_SHA512: return "EMSA1(SHA-512)"; diff --git a/src/lib/tls/tls_algos.h b/src/lib/tls/tls_algos.h index 325bdf5a3..0d3a02304 100644 --- a/src/lib/tls/tls_algos.h +++ b/src/lib/tls/tls_algos.h @@ -69,7 +69,6 @@ enum class Nonce_Format { // TODO this should include hash etc as in TLS v1.3 enum class Auth_Method { RSA, - DSA, ECDSA, // These are placed outside the encodable range @@ -90,11 +89,6 @@ enum class Signature_Scheme : uint16_t { RSA_PKCS1_SHA384 = 0x0501, RSA_PKCS1_SHA512 = 0x0601, - DSA_SHA1 = 0x0202, - DSA_SHA256 = 0x0402, - DSA_SHA384 = 0x0502, - DSA_SHA512 = 0x0602, - ECDSA_SHA1 = 0x0203, ECDSA_SHA256 = 0x0403, ECDSA_SHA384 = 0x0503, diff --git a/src/lib/tls/tls_ciphersuite.cpp b/src/lib/tls/tls_ciphersuite.cpp index e5db300bf..738be110b 100644 --- a/src/lib/tls/tls_ciphersuite.cpp +++ b/src/lib/tls/tls_ciphersuite.cpp @@ -224,13 +224,7 @@ bool Ciphersuite::is_usable() const #endif } - if(auth_method() == Auth_Method::DSA) - { -#if !defined(BOTAN_HAS_DSA) - return false; -#endif - } - else if(auth_method() == Auth_Method::ECDSA) + if(auth_method() == Auth_Method::ECDSA) { #if !defined(BOTAN_HAS_ECDSA) return false; diff --git a/src/lib/tls/tls_handshake_state.cpp b/src/lib/tls/tls_handshake_state.cpp index 9c9390a22..7c1264511 100644 --- a/src/lib/tls/tls_handshake_state.cpp +++ b/src/lib/tls/tls_handshake_state.cpp @@ -415,7 +415,6 @@ Handshake_State::choose_sig_format(const Private_Key& key, // Implicit SHA-1 requested.push_back(Signature_Scheme::RSA_PKCS1_SHA1); requested.push_back(Signature_Scheme::ECDSA_SHA1); - requested.push_back(Signature_Scheme::DSA_SHA1); } for(Signature_Scheme scheme : allowed) diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp index 8716fbb15..a63c73101 100644 --- a/src/lib/tls/tls_policy.cpp +++ b/src/lib/tls/tls_policy.cpp @@ -221,12 +221,6 @@ size_t Policy::minimum_rsa_bits() const return 2048; } -size_t Policy::minimum_dsa_group_size() const - { - // FIPS 186-3 - return 2048; - } - void Policy::check_peer_key_acceptable(const Public_Key& public_key) const { const std::string algo_name = public_key.algo_name(); @@ -242,10 +236,6 @@ void Policy::check_peer_key_acceptable(const Public_Key& public_key) const { expected_keylength = minimum_dh_group_size(); } - else if(algo_name == "DSA") - { - expected_keylength = minimum_dsa_group_size(); - } else if(algo_name == "ECDH" || algo_name == "Curve25519") { expected_keylength = minimum_ecdh_group_size(); diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h index 4fbbd7545..c0f618e0f 100644 --- a/src/lib/tls/tls_policy.h +++ b/src/lib/tls/tls_policy.h @@ -196,11 +196,6 @@ class BOTAN_PUBLIC_API(2,0) Policy virtual size_t minimum_rsa_bits() const; /** - * Minimum DSA group size, default 2048 bits - */ - virtual size_t minimum_dsa_group_size() const; - - /** * Throw an exception if you don't like the peer's key. * Default impl checks the key size against minimum_rsa_bits, minimum_ecdsa_group_size, * or minimum_ecdh_group_size depending on the key's type. @@ -464,7 +459,6 @@ class BOTAN_PUBLIC_API(2,0) BSI_TR_02102_2 : public Policy size_t minimum_rsa_bits() const override { return 2000; } size_t minimum_dh_group_size() const override { return 2000; } - size_t minimum_dsa_group_size() const override { return 2000; } size_t minimum_ecdh_group_size() const override { return 250; } size_t minimum_ecdsa_group_size() const override { return 250; } diff --git a/src/lib/tls/tls_server.cpp b/src/lib/tls/tls_server.cpp index 62fdd2d90..3fd4565fd 100644 --- a/src/lib/tls/tls_server.cpp +++ b/src/lib/tls/tls_server.cpp @@ -224,7 +224,6 @@ uint16_t choose_ciphersuite( // If empty, then implicit SHA-1 (TLS v1.2 rules) client_sig_methods.push_back(Signature_Scheme::RSA_PKCS1_SHA1); client_sig_methods.push_back(Signature_Scheme::ECDSA_SHA1); - client_sig_methods.push_back(Signature_Scheme::DSA_SHA1); } bool we_support_some_hash_by_client = false; diff --git a/src/lib/tls/tls_suite_info.cpp b/src/lib/tls/tls_suite_info.cpp index 31105fbd3..4c49f72ad 100644 --- a/src/lib/tls/tls_suite_info.cpp +++ b/src/lib/tls/tls_suite_info.cpp @@ -3,7 +3,7 @@ * * This file was automatically generated from the IANA assignments * (tls-parameters.txt sha256 6412d7a966151d409d463681e5427e706cd9066f13d34ca7a89f8cc2f7dff4b2) -* by ./src/scripts/tls_suite_info.py on 2020-11-16 +* by ./src/scripts/tls_suite_info.py on 2020-11-17 * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -18,25 +18,18 @@ const std::vector<Ciphersuite>& Ciphersuite::all_known_ciphersuites() // Note that this list of ciphersuites is ordered by id! static const std::vector<Ciphersuite> g_ciphersuite_list = { Ciphersuite(0x000A, "RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0x0013, "DHE_DSS_WITH_3DES_EDE_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0016, "DHE_RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x002F, "RSA_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0x0032, "DHE_DSS_WITH_AES_128_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0033, "DHE_RSA_WITH_AES_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0035, "RSA_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0x0038, "DHE_DSS_WITH_AES_256_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0039, "DHE_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x003C, "RSA_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x003D, "RSA_WITH_AES_256_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), - Ciphersuite(0x0040, "DHE_DSS_WITH_AES_128_CBC_SHA256", Auth_Method::DSA, Kex_Algo::DH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x0041, "RSA_WITH_CAMELLIA_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0x0044, "DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "Camellia-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0045, "DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "Camellia-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0067, "DHE_RSA_WITH_AES_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), - Ciphersuite(0x006A, "DHE_DSS_WITH_AES_256_CBC_SHA256", Auth_Method::DSA, Kex_Algo::DH, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x006B, "DHE_RSA_WITH_AES_256_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x0084, "RSA_WITH_CAMELLIA_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0x0087, "DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "Camellia-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0088, "DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "Camellia-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x008B, "PSK_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x008C, "PSK_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), @@ -45,14 +38,11 @@ const std::vector<Ciphersuite>& Ciphersuite::all_known_ciphersuites() Ciphersuite(0x0090, "DHE_PSK_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0091, "DHE_PSK_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x0096, "RSA_WITH_SEED_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "SEED", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0x0099, "DHE_DSS_WITH_SEED_CBC_SHA", Auth_Method::DSA, Kex_Algo::DH, "SEED", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x009A, "DHE_RSA_WITH_SEED_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "SEED", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0x009C, "RSA_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0x009D, "RSA_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0x009E, "DHE_RSA_WITH_AES_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0x009F, "DHE_RSA_WITH_AES_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), - Ciphersuite(0x00A2, "DHE_DSS_WITH_AES_128_GCM_SHA256", Auth_Method::DSA, Kex_Algo::DH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), - Ciphersuite(0x00A3, "DHE_DSS_WITH_AES_256_GCM_SHA384", Auth_Method::DSA, Kex_Algo::DH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0x00A8, "PSK_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0x00A9, "PSK_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0x00AA, "DHE_PSK_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), @@ -62,10 +52,8 @@ const std::vector<Ciphersuite>& Ciphersuite::all_known_ciphersuites() Ciphersuite(0x00B2, "DHE_PSK_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x00B3, "DHE_PSK_WITH_AES_256_CBC_SHA384", Auth_Method::IMPLICIT, Kex_Algo::DHE_PSK, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE), Ciphersuite(0x00BA, "RSA_WITH_CAMELLIA_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), - Ciphersuite(0x00BD, "DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", Auth_Method::DSA, Kex_Algo::DH, "Camellia-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x00BE, "DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "Camellia-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x00C0, "RSA_WITH_CAMELLIA_256_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), - Ciphersuite(0x00C3, "DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", Auth_Method::DSA, Kex_Algo::DH, "Camellia-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x00C4, "DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "Camellia-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0x16B7, "CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::RSA, Kex_Algo::CECPQ1, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12), Ciphersuite(0x16B8, "CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::ECDSA, Kex_Algo::CECPQ1, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12), @@ -79,13 +67,10 @@ const std::vector<Ciphersuite>& Ciphersuite::all_known_ciphersuites() Ciphersuite(0xC014, "ECDHE_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0xC01A, "SRP_SHA_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::SRP_SHA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0xC01B, "SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::RSA, Kex_Algo::SRP_SHA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0xC01C, "SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", Auth_Method::DSA, Kex_Algo::SRP_SHA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0xC01D, "SRP_SHA_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::SRP_SHA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0xC01E, "SRP_SHA_RSA_WITH_AES_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::SRP_SHA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0xC01F, "SRP_SHA_DSS_WITH_AES_128_CBC_SHA", Auth_Method::DSA, Kex_Algo::SRP_SHA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0xC020, "SRP_SHA_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::SRP_SHA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0xC021, "SRP_SHA_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::SRP_SHA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), - Ciphersuite(0xC022, "SRP_SHA_DSS_WITH_AES_256_CBC_SHA", Auth_Method::DSA, Kex_Algo::SRP_SHA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE), Ciphersuite(0xC023, "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), Ciphersuite(0xC024, "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE), Ciphersuite(0xC027, "ECDHE_RSA_WITH_AES_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE), @@ -103,8 +88,6 @@ const std::vector<Ciphersuite>& Ciphersuite::all_known_ciphersuites() Ciphersuite(0xC051, "RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC052, "DHE_RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC053, "DHE_RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), - Ciphersuite(0xC056, "DHE_DSS_WITH_ARIA_128_GCM_SHA256", Auth_Method::DSA, Kex_Algo::DH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), - Ciphersuite(0xC057, "DHE_DSS_WITH_ARIA_256_GCM_SHA384", Auth_Method::DSA, Kex_Algo::DH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC05C, "ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC05D, "ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC060, "ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), @@ -121,8 +104,6 @@ const std::vector<Ciphersuite>& Ciphersuite::all_known_ciphersuites() Ciphersuite(0xC07B, "RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC07C, "DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC07D, "DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), - Ciphersuite(0xC080, "DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::DSA, Kex_Algo::DH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), - Ciphersuite(0xC081, "DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::DSA, Kex_Algo::DH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC086, "ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC087, "ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4), Ciphersuite(0xC08A, "ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4), diff --git a/src/scripts/tls_suite_info.py b/src/scripts/tls_suite_info.py index 8b7b15e62..3e3c40307 100755 --- a/src/scripts/tls_suite_info.py +++ b/src/scripts/tls_suite_info.py @@ -194,7 +194,7 @@ def main(args = None): if args is None: args = sys.argv - weak_crypto = ['EXPORT', 'RC2', 'IDEA', 'RC4', '_DES_', 'WITH_NULL', 'GOST', '_anon_'] + weak_crypto = ['EXPORT', 'RC2', 'IDEA', 'RC4', '_DES_', 'WITH_NULL', 'GOST', '_anon_', '_DSS_'] static_dh = ['ECDH_ECDSA', 'ECDH_RSA', 'DH_DSS', 'DH_RSA'] # not supported protocol_goop = ['SCSV', 'KRB5'] maybe_someday = ['RSA_PSK', 'ECCPWD'] @@ -212,7 +212,8 @@ def main(args = None): contents = '' for line in open_input(args): - line = line.decode('utf8') + if not isinstance(line, str): + line = line.decode('utf8') contents += line match = ciphersuite_re.match(line) if match: diff --git a/src/tests/test_tls.cpp b/src/tests/test_tls.cpp index 8e55bd928..454388d0a 100644 --- a/src/tests/test_tls.cpp +++ b/src/tests/test_tls.cpp @@ -442,7 +442,6 @@ class Test_TLS_Algo_Strings : public Test const std::vector<Botan::TLS::Auth_Method> auth_methods({ Botan::TLS::Auth_Method::RSA, - Botan::TLS::Auth_Method::DSA, Botan::TLS::Auth_Method::ECDSA, Botan::TLS::Auth_Method::IMPLICIT, }); diff --git a/src/tests/unit_tls.cpp b/src/tests/unit_tls.cpp index 4dd291d01..8ecd305e9 100644 --- a/src/tests/unit_tls.cpp +++ b/src/tests/unit_tls.cpp @@ -28,10 +28,6 @@ #include <botan/x509_ca.h> #include <botan/x509self.h> - #if defined(BOTAN_HAS_DSA) - #include <botan/dsa.h> - #endif - #if defined(BOTAN_HAS_SRP6) #include <botan/srp6.h> #endif @@ -58,21 +54,13 @@ class Credentials_Manager_Test final : public Botan::Credentials_Manager const Botan::X509_Certificate& ecdsa_cert, Botan::Private_Key* ecdsa_key, const Botan::X509_Certificate& ecdsa_ca, - const Botan::X509_CRL& ecdsa_crl, - const Botan::X509_Certificate* dsa_cert, - Botan::Private_Key* dsa_key, - const Botan::X509_Certificate* dsa_ca, - Botan::X509_CRL* dsa_crl) : + const Botan::X509_CRL& ecdsa_crl) : m_rsa_cert(rsa_cert), m_rsa_ca(rsa_ca), m_rsa_key(rsa_key), m_ecdsa_cert(ecdsa_cert), m_ecdsa_ca(ecdsa_ca), - m_ecdsa_key(ecdsa_key), - m_dsa_cert(dsa_cert), - m_dsa_ca(dsa_ca), - m_dsa_key(dsa_key), - m_dsa_crl(dsa_crl) + m_ecdsa_key(ecdsa_key) { std::unique_ptr<Botan::Certificate_Store_In_Memory> store(new Botan::Certificate_Store_In_Memory); store->add_certificate(m_rsa_ca); @@ -80,15 +68,6 @@ class Credentials_Manager_Test final : public Botan::Credentials_Manager store->add_crl(rsa_crl); store->add_crl(ecdsa_crl); - if(m_dsa_ca != nullptr) - { - store->add_certificate(*m_dsa_ca); - } - if(m_dsa_crl != nullptr) - { - store->add_crl(*m_dsa_crl); - } - m_stores.push_back(std::move(store)); m_provides_client_certs = with_client_certs; } @@ -111,6 +90,7 @@ class Credentials_Manager_Test final : public Botan::Credentials_Manager const std::string& type, const std::string& context) override { + BOTAN_UNUSED(context); std::vector<Botan::X509_Certificate> chain; if(m_acceptable_cas.empty()) @@ -132,20 +112,6 @@ class Credentials_Manager_Test final : public Botan::Credentials_Manager chain.push_back(m_ecdsa_ca); break; } -#if defined(BOTAN_HAS_DSA) - else if(key_type == "DSA") - { - if(m_dsa_cert == nullptr || m_dsa_ca == nullptr) - { - throw Test_Error("No DSA certificates set for " + type + "/" + context); - } - chain.push_back(*m_dsa_cert); - chain.push_back(*m_dsa_ca); - break; - } -#else - BOTAN_UNUSED(context); -#endif } } @@ -164,10 +130,6 @@ class Credentials_Manager_Test final : public Botan::Credentials_Manager { return m_ecdsa_key.get(); } - if(crt == *m_dsa_cert) - { - return m_dsa_key.get(); - } return nullptr; } @@ -207,9 +169,6 @@ class Credentials_Manager_Test final : public Botan::Credentials_Manager Botan::X509_Certificate m_ecdsa_cert, m_ecdsa_ca; std::unique_ptr<Botan::Private_Key> m_ecdsa_key; - std::unique_ptr<const Botan::X509_Certificate> m_dsa_cert, m_dsa_ca; - std::unique_ptr<Botan::Private_Key> m_dsa_key; - std::unique_ptr<Botan::X509_CRL> m_dsa_crl; std::vector<std::unique_ptr<Botan::Certificate_Store>> m_stores; bool m_provides_client_certs; std::vector<Botan::X509_DN> m_acceptable_cas; @@ -270,33 +229,10 @@ create_creds(Botan::RandomNumberGenerator& rng, std::unique_ptr<Botan::X509_Certificate> dsa_srv_cert; std::unique_ptr<Botan::X509_Certificate> dsa_ca_cert; -#if defined(BOTAN_HAS_DSA) - const Botan::DL_Group dsa_params("dsa/jce/1024"); - - dsa_ca_key.reset(new Botan::DSA_PrivateKey(rng, dsa_params)); - dsa_srv_key.reset(new Botan::DSA_PrivateKey(rng, dsa_params)); - - Botan::X509_Cert_Options dsa_ca_opts("DSA Test CA/VT"); - dsa_ca_opts.CA_key(1); - - dsa_ca_cert.reset(new Botan::X509_Certificate( - Botan::X509::create_self_signed_cert(dsa_ca_opts, *dsa_ca_key, "SHA-256", rng))); - - const Botan::PKCS10_Request dsa_req = - Botan::X509::create_cert_req(server_opts, *dsa_srv_key, "SHA-256", rng); - - Botan::X509_CA dsa_ca(*dsa_ca_cert, *dsa_ca_key, "SHA-256", rng); - dsa_srv_cert.reset(new Botan::X509_Certificate( - dsa_ca.sign_request(dsa_req, rng, start_time, end_time))); - - dsa_crl.reset(new Botan::X509_CRL(dsa_ca.new_crl(rng))); -#endif - Credentials_Manager_Test* cmt = new Credentials_Manager_Test( with_client_certs, rsa_srv_cert, rsa_srv_key.release(), rsa_ca_cert, rsa_crl, - ecdsa_srv_cert, ecdsa_srv_key.release(), ecdsa_ca_cert, ecdsa_crl, - dsa_srv_cert.release(), dsa_srv_key.release(), dsa_ca_cert.release(), dsa_crl.release()); + ecdsa_srv_cert, ecdsa_srv_key.release(), ecdsa_ca_cert, ecdsa_crl); return cmt; } @@ -722,7 +658,7 @@ void TLS_Handshake_Test::go() std::vector<Botan::X509_DN> acceptable_CAs = test_creds.get_acceptable_cas(); - m_results.test_gte("client got CA list", acceptable_CAs.size(), 2); // DSA is optional + m_results.test_eq("client got CA list", acceptable_CAs.size(), 2); // RSA + ECDSA for(const Botan::X509_DN& dn : acceptable_CAs) { @@ -781,11 +717,6 @@ class Test_Policy final : public Botan::TLS::Text_Policy return 1024; } - size_t minimum_dsa_group_size() const override - { - return 1024; - } - size_t minimum_signature_strength() const override { return 80; @@ -977,17 +908,6 @@ class TLS_Unit_Tests final : public Test test_modern_versions("AES-128 DH", results, *client_ses, *server_ses, *creds, "DH", "AES-128", "SHA-256"); -#if defined(BOTAN_HAS_DSA) - if(Test::run_long_tests()) - { - test_modern_versions("AES-128 DSA", results, *client_ses, *server_ses, *creds, "DH", "AES-128", "SHA-256", - { { "signature_methods", "DSA" } }); - - test_modern_versions("AES-128/GCM DSA", results, *client_ses, *server_ses, *creds, "DH", "AES-128/GCM", "AEAD", - { { "signature_methods", "DSA" } }); - } -#endif - #if defined(BOTAN_HAS_SRP6) std::unique_ptr<Botan::Credentials_Manager> srp6_creds(create_srp6_creds(rng)); test_all_versions("SRP6 AES", results, *client_ses, *server_ses, *srp6_creds, "SRP_SHA", "AES-128", "SHA-1", "false"); diff --git a/src/tests/unit_tls_policy.cpp b/src/tests/unit_tls_policy.cpp index 99a971508..460e9f637 100644 --- a/src/tests/unit_tls_policy.cpp +++ b/src/tests/unit_tls_policy.cpp @@ -29,10 +29,6 @@ #include <botan/dh.h> #endif -#if defined(BOTAN_HAS_DSA) - #include <botan/dsa.h> -#endif - namespace Botan_Tests { namespace { @@ -49,7 +45,6 @@ class TLS_Policy_Unit_Tests final : public Test results.push_back(test_peer_key_acceptable_ecdh()); results.push_back(test_peer_key_acceptable_ecdsa()); results.push_back(test_peer_key_acceptable_dh()); - results.push_back(test_peer_key_acceptable_dsa()); return results; } @@ -154,33 +149,6 @@ class TLS_Policy_Unit_Tests final : public Test return result; } - Test::Result test_peer_key_acceptable_dsa() - { - Test::Result result("TLS Policy DSA key verification"); -#if defined(BOTAN_HAS_DSA) - const Botan::DL_Group grp_1024("modp/ietf/1024"); - std::unique_ptr<Botan::Private_Key> dsa_1024(new Botan::DSA_PrivateKey(Test::rng(), grp_1024)); - - Botan::TLS::Policy policy; - try - { - policy.check_peer_key_acceptable(*dsa_1024); - result.test_failure("Incorrectly accepting short bit DSA keys"); - } - catch(Botan::TLS::TLS_Exception&) - { - result.test_success("Correctly rejecting short bit DSA keys"); - } - - const Botan::DL_Group grp_2048("modp/ietf/2048"); - std::unique_ptr<Botan::Private_Key> dsa_2048(new Botan::DSA_PrivateKey(Test::rng(), grp_2048)); - policy.check_peer_key_acceptable(*dsa_2048); - result.test_success("Correctly accepting 2048 bit DSA keys"); -#endif - return result; - } - - }; BOTAN_REGISTER_TEST("tls", "tls_policy", TLS_Policy_Unit_Tests); |