aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <lloyd@randombit.net>2015-05-15 02:33:57 +0000
committerlloyd <lloyd@randombit.net>2015-05-15 02:33:57 +0000
commit12eea2e817528e7d1a85e5e80b360eead6e5d206 (patch)
tree3ec765c23a0a573933da8f53d63d63b8b2e71c74 /src
parent99506e5ba968d30d4015bc72bea8f515bfee8287 (diff)
Remove RC4 (and all support for stream ciphers) from TLS
Diffstat (limited to 'src')
-rw-r--r--src/lib/tls/tls_record.cpp22
-rw-r--r--src/lib/tls/tls_record.h4
-rw-r--r--src/lib/tls/tls_suite_info.cpp29
-rwxr-xr-xsrc/scripts/tls_suite_info.py8
4 files changed, 9 insertions, 54 deletions
diff --git a/src/lib/tls/tls_record.cpp b/src/lib/tls/tls_record.cpp
index 6ccb31165..fb8079bdc 100644
--- a/src/lib/tls/tls_record.cpp
+++ b/src/lib/tls/tls_record.cpp
@@ -1,6 +1,6 @@
/*
* TLS Record Handling
-* (C) 2012,2013,2014 Jack Lloyd
+* (C) 2012,2013,2014,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -73,11 +73,6 @@ Connection_Cipher_State::Connection_Cipher_State(Protocol_Version version,
if(version.supports_explicit_cbc_ivs())
m_iv_size = m_block_size;
}
- else if(StreamCipher* sc = get_stream_cipher(cipher_algo))
- {
- m_stream_cipher.reset(sc);
- m_stream_cipher->set_key(cipher_key);
- }
else
throw Invalid_Argument("Unknown TLS cipher " + cipher_algo);
@@ -236,11 +231,7 @@ void write_record(secure_vector<byte>& output,
BOTAN_ASSERT_EQUAL(buf_size + header_size, output.size(),
"Output buffer is sized properly");
- if(StreamCipher* sc = cs->stream_cipher())
- {
- sc->cipher1(&output[header_size], buf_size);
- }
- else if(BlockCipher* bc = cs->block_cipher())
+ if(BlockCipher* bc = cs->block_cipher())
{
secure_vector<byte>& cbc_state = cs->cbc_state();
@@ -388,17 +379,12 @@ void decrypt_record(secure_vector<byte>& output,
}
else
{
- // GenericBlockCipher / GenericStreamCipher case
+ // GenericBlockCipher case
volatile bool padding_bad = false;
size_t pad_size = 0;
- if(StreamCipher* sc = cs.stream_cipher())
- {
- sc->cipher1(record_contents, record_len);
- // no padding to check or remove
- }
- else if(BlockCipher* bc = cs.block_cipher())
+ if(BlockCipher* bc = cs.block_cipher())
{
cbc_decrypt_record(record_contents, record_len, cs, *bc);
diff --git a/src/lib/tls/tls_record.h b/src/lib/tls/tls_record.h
index 46f87a9af..d7aa82e71 100644
--- a/src/lib/tls/tls_record.h
+++ b/src/lib/tls/tls_record.h
@@ -12,7 +12,6 @@
#include <botan/tls_version.h>
#include <botan/aead.h>
#include <botan/block_cipher.h>
-#include <botan/stream_cipher.h>
#include <botan/mac.h>
#include <vector>
#include <chrono>
@@ -53,8 +52,6 @@ class Connection_Cipher_State
BlockCipher* block_cipher() { return m_block_cipher.get(); }
- StreamCipher* stream_cipher() { return m_stream_cipher.get(); }
-
MessageAuthenticationCode* mac() { return m_mac.get(); }
secure_vector<byte>& cbc_state() { return m_block_cipher_cbc_state; }
@@ -82,7 +79,6 @@ class Connection_Cipher_State
std::chrono::system_clock::time_point m_start_time;
std::unique_ptr<BlockCipher> m_block_cipher;
secure_vector<byte> m_block_cipher_cbc_state;
- std::unique_ptr<StreamCipher> m_stream_cipher;
std::unique_ptr<MessageAuthenticationCode> m_mac;
std::unique_ptr<AEAD_Mode> m_aead;
diff --git a/src/lib/tls/tls_suite_info.cpp b/src/lib/tls/tls_suite_info.cpp
index 02d277173..cb5c1d4c5 100644
--- a/src/lib/tls/tls_suite_info.cpp
+++ b/src/lib/tls/tls_suite_info.cpp
@@ -3,7 +3,7 @@
*
* This file was automatically generated from the IANA assignments
* (tls-parameters.txt hash 4bc98b6f75ad5b63952b5f457fa7adbfef60f095)
-* by ./src/scripts/tls_suite_info.py on 2015-01-30
+* by ./src/scripts/tls_suite_info.py on 2015-05-11
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -108,9 +108,6 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xC091: // DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
return Ciphersuite(0xC091, "", "DHE_PSK", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0x008E: // DHE_PSK_WITH_RC4_128_SHA
- return Ciphersuite(0x008E, "", "DHE_PSK", "RC4", 16, 0, 0, "SHA-1", 20);
-
case 0x0016: // DHE_RSA_WITH_3DES_EDE_CBC_SHA
return Ciphersuite(0x0016, "RSA", "DH", "3DES", 24, 8, 0, "SHA-1", 20);
@@ -213,9 +210,6 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xC085: // DH_anon_WITH_CAMELLIA_256_GCM_SHA384
return Ciphersuite(0xC085, "", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0x0018: // DH_anon_WITH_RC4_128_MD5
- return Ciphersuite(0x0018, "", "DH", "RC4", 16, 0, 0, "MD5", 16);
-
case 0x009B: // DH_anon_WITH_SEED_CBC_SHA
return Ciphersuite(0x009B, "", "DH", "SEED", 16, 16, 0, "SHA-1", 20);
@@ -273,9 +267,6 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xCC14: // ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
return Ciphersuite(0xCC14, "ECDSA", "ECDH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");
- case 0xC007: // ECDHE_ECDSA_WITH_RC4_128_SHA
- return Ciphersuite(0xC007, "ECDSA", "ECDH", "RC4", 16, 0, 0, "SHA-1", 20);
-
case 0xC034: // ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
return Ciphersuite(0xC034, "", "ECDHE_PSK", "3DES", 24, 8, 0, "SHA-1", 20);
@@ -303,9 +294,6 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xC09B: // ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
return Ciphersuite(0xC09B, "", "ECDHE_PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);
- case 0xC033: // ECDHE_PSK_WITH_RC4_128_SHA
- return Ciphersuite(0xC033, "", "ECDHE_PSK", "RC4", 16, 0, 0, "SHA-1", 20);
-
case 0xC012: // ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
return Ciphersuite(0xC012, "RSA", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);
@@ -348,9 +336,6 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xCC13: // ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
return Ciphersuite(0xCC13, "RSA", "ECDH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");
- case 0xC011: // ECDHE_RSA_WITH_RC4_128_SHA
- return Ciphersuite(0xC011, "RSA", "ECDH", "RC4", 16, 0, 0, "SHA-1", 20);
-
case 0xC017: // ECDH_anon_WITH_3DES_EDE_CBC_SHA
return Ciphersuite(0xC017, "", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);
@@ -360,9 +345,6 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xC019: // ECDH_anon_WITH_AES_256_CBC_SHA
return Ciphersuite(0xC019, "", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0xC016: // ECDH_anon_WITH_RC4_128_SHA
- return Ciphersuite(0xC016, "", "ECDH", "RC4", 16, 0, 0, "SHA-1", 20);
-
case 0xC0AA: // PSK_DHE_WITH_AES_128_CCM_8
return Ciphersuite(0xC0AA, "", "DHE_PSK", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
@@ -420,9 +402,6 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xC08F: // PSK_WITH_CAMELLIA_256_GCM_SHA384
return Ciphersuite(0xC08F, "", "PSK", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0x008A: // PSK_WITH_RC4_128_SHA
- return Ciphersuite(0x008A, "", "PSK", "RC4", 16, 0, 0, "SHA-1", 20);
-
case 0x000A: // RSA_WITH_3DES_EDE_CBC_SHA
return Ciphersuite(0x000A, "RSA", "RSA", "3DES", 24, 8, 0, "SHA-1", 20);
@@ -474,12 +453,6 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xC07B: // RSA_WITH_CAMELLIA_256_GCM_SHA384
return Ciphersuite(0xC07B, "RSA", "RSA", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0x0004: // RSA_WITH_RC4_128_MD5
- return Ciphersuite(0x0004, "RSA", "RSA", "RC4", 16, 0, 0, "MD5", 16);
-
- case 0x0005: // RSA_WITH_RC4_128_SHA
- return Ciphersuite(0x0005, "RSA", "RSA", "RC4", 16, 0, 0, "SHA-1", 20);
-
case 0x0096: // RSA_WITH_SEED_CBC_SHA
return Ciphersuite(0x0096, "RSA", "RSA", "SEED", 16, 16, 0, "SHA-1", 20);
diff --git a/src/scripts/tls_suite_info.py b/src/scripts/tls_suite_info.py
index c9044084f..8589ddeec 100755
--- a/src/scripts/tls_suite_info.py
+++ b/src/scripts/tls_suite_info.py
@@ -200,7 +200,7 @@ def main(args = None):
if args is None:
args = sys.argv
- weak_crypto = ['EXPORT', 'RC2', 'IDEA', '_DES_', 'WITH_NULL']
+ weak_crypto = ['EXPORT', 'RC2', 'IDEA', 'RC4', '_DES_', 'WITH_NULL']
static_dh = ['ECDH_ECDSA', 'ECDH_RSA', 'DH_DSS', 'DH_RSA'] # not supported
protocol_goop = ['SCSV', 'KRB5']
maybe_someday = ['ARIA', 'RSA_PSK']
@@ -245,14 +245,14 @@ def main(args = None):
# From http://tools.ietf.org/html/draft-ietf-tls-56-bit-ciphersuites-01
define_custom_ciphersuite('DHE_DSS_WITH_RC4_128_SHA', '0066')
- if options.with_chacha and False:
+ if options.with_chacha:
# Google servers - draft-agl-tls-chacha20poly1305-04
define_custom_ciphersuite('ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'CC13')
define_custom_ciphersuite('ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256', 'CC14')
define_custom_ciphersuite('DHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'CC15')
- if options.with_chacha:
- # Provisional IETF ChaCha suites:
+ if options.with_chacha and False:
+ # Provisional IETF ChaCha suites
define_custom_ciphersuite('RSA_WITH_CHACHA20_POLY1305_SHA256', 'CD30')
define_custom_ciphersuite('ECDSA_RSA_WITH_CHACHA20_POLY1305_SHA256', 'CD31')
define_custom_ciphersuite('ECDSA_ECDSA_WITH_CHACHA20_POLY1305_SHA256', 'CD32')