diff options
29 files changed, 65 insertions, 413 deletions
diff --git a/src/build-data/policy/bsi.txt b/src/build-data/policy/bsi.txt index 525d966c0..88ddb4489 100644 --- a/src/build-data/policy/bsi.txt +++ b/src/build-data/policy/bsi.txt @@ -174,7 +174,4 @@ x919_mac # misc bcrypt -# tls -tls_10 - </prohibited> diff --git a/src/build-data/policy/nist.txt b/src/build-data/policy/nist.txt index 724a3f242..0ae05feb8 100644 --- a/src/build-data/policy/nist.txt +++ b/src/build-data/policy/nist.txt @@ -173,7 +173,6 @@ x919_mac bcrypt # tls -tls_10 tls_cbc </prohibited> diff --git a/src/cli/timing_tests.cpp b/src/cli/timing_tests.cpp index a9904ae2e..0e3cac4f5 100644 --- a/src/cli/timing_tests.cpp +++ b/src/cli/timing_tests.cpp @@ -206,7 +206,7 @@ class Lucky13_Timing_Test final : public Timing_Test , m_mac_keylen(mac_keylen) , m_dec(Botan::BlockCipher::create_or_throw("AES-128"), Botan::MessageAuthenticationCode::create_or_throw("HMAC(" + m_mac_algo + ")"), - 16, m_mac_keylen, Botan::TLS::Protocol_Version::TLS_V11, false) {} + 16, m_mac_keylen, Botan::TLS::Protocol_Version::TLS_V12, false) {} std::vector<uint8_t> prepare_input(const std::string& input) override; ticks measure_critical_function(const std::vector<uint8_t>& input) override; diff --git a/src/cli/tls_client.cpp b/src/cli/tls_client.cpp index eee97a4c0..be5f7dfcd 100644 --- a/src/cli/tls_client.cpp +++ b/src/cli/tls_client.cpp @@ -29,37 +29,11 @@ namespace Botan_CLI { -class CLI_Policy final : public Botan::TLS::Policy - { - public: - - CLI_Policy(Botan::TLS::Protocol_Version req_version) : m_version(req_version) {} - - std::vector<std::string> allowed_ciphers() const override - { - // Allow CBC mode only in versions which don't support AEADs - if(m_version.supports_aead_modes() == false) - { - return { "AES-256", "AES-128" }; - } - - return Botan::TLS::Policy::allowed_ciphers(); - } - - bool allow_tls10() const override { return m_version == Botan::TLS::Protocol_Version::TLS_V10; } - bool allow_tls11() const override { return m_version == Botan::TLS::Protocol_Version::TLS_V11; } - bool allow_tls12() const override { return m_version == Botan::TLS::Protocol_Version::TLS_V12; } - - private: - Botan::TLS::Protocol_Version m_version; - }; - class TLS_Client final : public Command, public Botan::TLS::Callbacks { public: TLS_Client() : Command("tls_client host --port=443 --print-certs --policy=default " - "--tls1.0 --tls1.1 --tls1.2 " "--skip-system-cert-store --trusted-cas= " "--session-db= --session-db-pass= --next-protocols= --type=tcp") { @@ -124,25 +98,7 @@ class TLS_Client final : public Command, public Botan::TLS::Callbacks Botan::TLS::Protocol_Version version = use_tcp ? Botan::TLS::Protocol_Version::TLS_V12 : Botan::TLS::Protocol_Version::DTLS_V12; - if(flag_set("tls1.0")) - { - version = Botan::TLS::Protocol_Version::TLS_V10; - if(!policy) - policy.reset(new CLI_Policy(version)); - } - else if(flag_set("tls1.1")) - { - version = Botan::TLS::Protocol_Version::TLS_V11; - if(!policy) - policy.reset(new CLI_Policy(version)); - } - else if(flag_set("tls1.2")) - { - version = Botan::TLS::Protocol_Version::TLS_V12; - if(!policy) - policy.reset(new CLI_Policy(version)); - } - else if(!policy) + if(!policy) { policy.reset(new Botan::TLS::Policy); } diff --git a/src/cli/tls_helpers.h b/src/cli/tls_helpers.h index c973d685d..48a856c1a 100644 --- a/src/cli/tls_helpers.h +++ b/src/cli/tls_helpers.h @@ -190,8 +190,6 @@ class TLS_All_Policy final : public Botan::TLS::Policy return { "ECDSA", "RSA", "DSA", "IMPLICIT" }; } - bool allow_tls10() const override { return true; } - bool allow_tls11() const override { return true; } bool allow_tls12() const override { return true; } }; diff --git a/src/cli/tls_utils.cpp b/src/cli/tls_utils.cpp index 698c625e1..a36f2c2df 100644 --- a/src/cli/tls_utils.cpp +++ b/src/cli/tls_utils.cpp @@ -31,22 +31,10 @@ class TLS_Ciphersuites final : public Command { return Botan::TLS::Protocol_Version::TLS_V12; } - else if(str == "tls1.1" || str == "TLS1.1" || str == "TLS-1.1") - { - return Botan::TLS::Protocol_Version::TLS_V11; - } - else if(str == "tls1.0" || str == "TLS1.1" || str == "TLS-1.1") - { - return Botan::TLS::Protocol_Version::TLS_V10; - } if(str == "dtls1.2" || str == "DTLS1.2" || str == "DTLS-1.2") { return Botan::TLS::Protocol_Version::DTLS_V12; } - else if(str == "dtls1.0" || str == "DTLS1.0" || str == "DTLS-1.0") - { - return Botan::TLS::Protocol_Version::DTLS_V10; - } else { throw CLI_Error("Unknown TLS version '" + str + "'"); diff --git a/src/lib/tls/info.txt b/src/lib/tls/info.txt index 18f811f25..3ed102e9c 100644 --- a/src/lib/tls/info.txt +++ b/src/lib/tls/info.txt @@ -1,5 +1,5 @@ <defines> -TLS -> 20191210 +TLS -> 20201128 </defines> <header:public> diff --git a/src/lib/tls/msg_cert_req.cpp b/src/lib/tls/msg_cert_req.cpp index a80fbf2b9..ea9ae3711 100644 --- a/src/lib/tls/msg_cert_req.cpp +++ b/src/lib/tls/msg_cert_req.cpp @@ -54,24 +54,18 @@ uint8_t cert_type_name_to_code(const std::string& name) Certificate_Req::Certificate_Req(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, - const std::vector<X509_DN>& ca_certs, - Protocol_Version version) : + const std::vector<X509_DN>& ca_certs) : m_names(ca_certs), m_cert_key_types({ "RSA", "ECDSA", "DSA" }) { - if(version.supports_negotiable_signature_algorithms()) - { - m_schemes = policy.acceptable_signature_schemes(); - } - + m_schemes = policy.acceptable_signature_schemes(); hash.update(io.send(*this)); } /** * Deserialize a Certificate Request message */ -Certificate_Req::Certificate_Req(const std::vector<uint8_t>& buf, - Protocol_Version version) +Certificate_Req::Certificate_Req(const std::vector<uint8_t>& buf) { if(buf.size() < 4) throw Decoding_Error("Certificate_Req: Bad certificate request"); @@ -90,17 +84,14 @@ Certificate_Req::Certificate_Req(const std::vector<uint8_t>& buf, m_cert_key_types.emplace_back(cert_type_name); } - if(version.supports_negotiable_signature_algorithms()) - { - const std::vector<uint8_t> algs = reader.get_range_vector<uint8_t>(2, 2, 65534); + const std::vector<uint8_t> algs = reader.get_range_vector<uint8_t>(2, 2, 65534); - if(algs.size() % 2 != 0) - throw Decoding_Error("Bad length for signature IDs in certificate request"); + if(algs.size() % 2 != 0) + throw Decoding_Error("Bad length for signature IDs in certificate request"); - for(size_t i = 0; i != algs.size(); i += 2) - { - m_schemes.push_back(static_cast<Signature_Scheme>(make_uint16(algs[i], algs[i+1]))); - } + for(size_t i = 0; i != algs.size(); i += 2) + { + m_schemes.push_back(static_cast<Signature_Scheme>(make_uint16(algs[i], algs[i+1]))); } const uint16_t purported_size = reader.get_uint16_t(); diff --git a/src/lib/tls/msg_cert_verify.cpp b/src/lib/tls/msg_cert_verify.cpp index 711566bd0..6fff19b59 100644 --- a/src/lib/tls/msg_cert_verify.cpp +++ b/src/lib/tls/msg_cert_verify.cpp @@ -40,16 +40,11 @@ Certificate_Verify::Certificate_Verify(Handshake_IO& io, /* * Deserialize a Certificate Verify message */ -Certificate_Verify::Certificate_Verify(const std::vector<uint8_t>& buf, - Protocol_Version version) +Certificate_Verify::Certificate_Verify(const std::vector<uint8_t>& buf) { TLS_Data_Reader reader("CertificateVerify", buf); - if(version.supports_negotiable_signature_algorithms()) - { - m_scheme = static_cast<Signature_Scheme>(reader.get_uint16_t()); - } - + m_scheme = static_cast<Signature_Scheme>(reader.get_uint16_t()); m_signature = reader.get_range<uint8_t>(2, 0, 65535); reader.assert_done(); } diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp index dfc5df6f7..33fc8b72c 100644 --- a/src/lib/tls/msg_client_hello.cpp +++ b/src/lib/tls/msg_client_hello.cpp @@ -119,8 +119,7 @@ Client_Hello::Client_Hello(Handshake_IO& io, if(reneg_info.empty() && !next_protocols.empty()) m_extensions.add(new Application_Layer_Protocol_Notification(next_protocols)); - if(m_version.supports_negotiable_signature_algorithms()) - m_extensions.add(new Signature_Algorithms(policy.acceptable_signature_schemes())); + m_extensions.add(new Signature_Algorithms(policy.acceptable_signature_schemes())); if(m_version.is_datagram_protocol()) m_extensions.add(new SRTP_Protection_Profiles(policy.srtp_profiles())); @@ -192,8 +191,7 @@ Client_Hello::Client_Hello(Handshake_IO& io, if(session.supports_encrypt_then_mac()) m_extensions.add(new Encrypt_then_MAC); - if(m_version.supports_negotiable_signature_algorithms()) - m_extensions.add(new Signature_Algorithms(policy.acceptable_signature_schemes())); + m_extensions.add(new Signature_Algorithms(policy.acceptable_signature_schemes())); if(reneg_info.empty() && !next_protocols.empty()) m_extensions.add(new Application_Layer_Protocol_Notification(next_protocols)); diff --git a/src/lib/tls/msg_hello_verify.cpp b/src/lib/tls/msg_hello_verify.cpp index bc93af9d6..3e9360cc7 100644 --- a/src/lib/tls/msg_hello_verify.cpp +++ b/src/lib/tls/msg_hello_verify.cpp @@ -19,8 +19,7 @@ Hello_Verify_Request::Hello_Verify_Request(const std::vector<uint8_t>& buf) Protocol_Version version(buf[0], buf[1]); - if(version != Protocol_Version::DTLS_V10 && - version != Protocol_Version::DTLS_V12) + if(!version.is_datagram_protocol()) { throw Decoding_Error("Unknown version from server in hello verify request"); } @@ -54,7 +53,7 @@ std::vector<uint8_t> Hello_Verify_Request::serialize() const negotiated (RFC 6347, section 4.2.1) */ - Protocol_Version format_version(Protocol_Version::DTLS_V10); + Protocol_Version format_version(254, 255); // DTLS 1.0 std::vector<uint8_t> bits; bits.push_back(format_version.major_version()); diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp index 651fd14f8..527352e78 100644 --- a/src/lib/tls/msg_server_hello.cpp +++ b/src/lib/tls/msg_server_hello.cpp @@ -30,20 +30,8 @@ make_server_hello_random(RandomNumberGenerator& rng, Protocol_Version offered_version, const Policy& policy) { + BOTAN_UNUSED(offered_version, policy); auto random = make_hello_random(rng, policy); - - if((offered_version == Protocol_Version::TLS_V10 || - offered_version == Protocol_Version::TLS_V11) && - policy.allow_tls12()) - { - store_be(DOWNGRADE_TLS11, &random[24]); - } - - if(offered_version == Protocol_Version::DTLS_V10 && policy.allow_dtls12()) - { - store_be(DOWNGRADE_TLS11, &random[24]); - } - return random; } diff --git a/src/lib/tls/msg_server_kex.cpp b/src/lib/tls/msg_server_kex.cpp index 9aac7df7b..f0f481066 100644 --- a/src/lib/tls/msg_server_kex.cpp +++ b/src/lib/tls/msg_server_kex.cpp @@ -217,11 +217,7 @@ Server_Key_Exchange::Server_Key_Exchange(const std::vector<uint8_t>& buf, if(auth_method != Auth_Method::IMPLICIT) { - if(version.supports_negotiable_signature_algorithms()) - { - m_scheme = static_cast<Signature_Scheme>(reader.get_uint16_t()); - } - + m_scheme = static_cast<Signature_Scheme>(reader.get_uint16_t()); m_signature = reader.get_range<uint8_t>(2, 0, 65535); } diff --git a/src/lib/tls/tls_10/info.txt b/src/lib/tls/tls_10/info.txt deleted file mode 100644 index f85a19992..000000000 --- a/src/lib/tls/tls_10/info.txt +++ /dev/null @@ -1,10 +0,0 @@ -<defines> -TLS_V10 -> 20191109 -</defines> - -<requires> -md5 -sha1 -par_hash -tls_cbc -</requires> diff --git a/src/lib/tls/tls_cbc/tls_cbc.cpp b/src/lib/tls/tls_cbc/tls_cbc.cpp index f8e4e9af4..d2270e3b0 100644 --- a/src/lib/tls/tls_cbc/tls_cbc.cpp +++ b/src/lib/tls/tls_cbc/tls_cbc.cpp @@ -40,7 +40,7 @@ TLS_CBC_HMAC_AEAD_Mode::TLS_CBC_HMAC_AEAD_Mode(Cipher_Dir dir, m_tag_size = mac->output_length(); m_block_size = cipher->block_size(); - m_iv_size = version.supports_explicit_cbc_ivs() ? m_block_size : 0; + m_iv_size = m_block_size; m_is_datagram = version.is_datagram_protocol(); diff --git a/src/lib/tls/tls_channel.cpp b/src/lib/tls/tls_channel.cpp index f6198a1c2..3dce68a3a 100644 --- a/src/lib/tls/tls_channel.cpp +++ b/src/lib/tls/tls_channel.cpp @@ -559,31 +559,13 @@ void Channel::send_record_array(uint16_t epoch, uint8_t type, const uint8_t inpu auto cipher_state = write_cipher_state_epoch(epoch); - if(type == APPLICATION_DATA && m_active_state->version().supports_explicit_cbc_ivs() == false) + while(length) { - while(length) - { - write_record(cipher_state.get(), epoch, type, input, 1); - input += 1; - length -= 1; - - const size_t sending = std::min<size_t>(length, MAX_PLAINTEXT_SIZE); - write_record(cipher_state.get(), epoch, type, input, sending); + const size_t sending = std::min<size_t>(length, MAX_PLAINTEXT_SIZE); + write_record(cipher_state.get(), epoch, type, input, sending); - input += sending; - length -= sending; - } - } - else - { - while(length) - { - const size_t sending = std::min<size_t>(length, MAX_PLAINTEXT_SIZE); - write_record(cipher_state.get(), epoch, type, input, sending); - - input += sending; - length -= sending; - } + input += sending; + length -= sending; } } diff --git a/src/lib/tls/tls_ciphersuite.cpp b/src/lib/tls/tls_ciphersuite.cpp index cab63bf5c..3e72848e0 100644 --- a/src/lib/tls/tls_ciphersuite.cpp +++ b/src/lib/tls/tls_ciphersuite.cpp @@ -39,19 +39,11 @@ size_t Ciphersuite::nonce_bytes_from_handshake() const size_t Ciphersuite::nonce_bytes_from_record(Protocol_Version version) const { + BOTAN_UNUSED(version); switch(m_nonce_format) { case Nonce_Format::CBC_MODE: - { - if(version.supports_explicit_cbc_ivs()) - { - return cipher_algo() == "3DES" ? 8 : 16; - } - else - { - return 0; - } - } + return cipher_algo() == "3DES" ? 8 : 16; case Nonce_Format::AEAD_IMPLICIT_4: return 8; case Nonce_Format::AEAD_XOR_12: @@ -82,13 +74,7 @@ bool Ciphersuite::ecc_ciphersuite() const bool Ciphersuite::usable_in_version(Protocol_Version version) const { - if(!version.supports_aead_modes()) - { - // Old versions do not support AEAD, or any MAC but SHA-1 - if(mac_algo() != "SHA-1") - return false; - } - + BOTAN_UNUSED(version); return true; } diff --git a/src/lib/tls/tls_client.cpp b/src/lib/tls/tls_client.cpp index 7ce9952e6..59a092867 100644 --- a/src/lib/tls/tls_client.cpp +++ b/src/lib/tls/tls_client.cpp @@ -558,7 +558,7 @@ void Client::process_handshake_msg(const Handshake_State* active_state, else if(type == CERTIFICATE_REQUEST) { state.set_expected_next(SERVER_HELLO_DONE); - state.cert_req(new Certificate_Req(contents, state.version())); + state.cert_req(new Certificate_Req(contents)); } else if(type == SERVER_HELLO_DONE) { diff --git a/src/lib/tls/tls_extensions.cpp b/src/lib/tls/tls_extensions.cpp index ce067d7c0..645c036ea 100644 --- a/src/lib/tls/tls_extensions.cpp +++ b/src/lib/tls/tls_extensions.cpp @@ -581,21 +581,11 @@ Supported_Versions::Supported_Versions(Protocol_Version offer, const Policy& pol { if(offer >= Protocol_Version::DTLS_V12 && policy.allow_dtls12()) m_versions.push_back(Protocol_Version::DTLS_V12); -#if defined(BOTAN_HAS_TLS_V10) - if(offer >= Protocol_Version::DTLS_V10 && policy.allow_dtls10()) - m_versions.push_back(Protocol_Version::DTLS_V10); -#endif } else { if(offer >= Protocol_Version::TLS_V12 && policy.allow_tls12()) m_versions.push_back(Protocol_Version::TLS_V12); -#if defined(BOTAN_HAS_TLS_V10) - if(offer >= Protocol_Version::TLS_V11 && policy.allow_tls11()) - m_versions.push_back(Protocol_Version::TLS_V11); - if(offer >= Protocol_Version::TLS_V10 && policy.allow_tls10()) - m_versions.push_back(Protocol_Version::TLS_V10); -#endif } } diff --git a/src/lib/tls/tls_handshake_hash.cpp b/src/lib/tls/tls_handshake_hash.cpp index a48251d06..ee0e5e4e9 100644 --- a/src/lib/tls/tls_handshake_hash.cpp +++ b/src/lib/tls/tls_handshake_hash.cpp @@ -19,9 +19,7 @@ secure_vector<uint8_t> Handshake_Hash::final(Protocol_Version version, const std::string& mac_algo) const { std::string hash_algo = mac_algo; - if(!version.supports_ciphersuite_specific_prf()) - hash_algo = "Parallel(MD5,SHA-160)"; - else if(mac_algo == "MD5" || mac_algo == "SHA-1") + if(mac_algo == "MD5" || mac_algo == "SHA-1") hash_algo = "SHA-256"; std::unique_ptr<HashFunction> hash(HashFunction::create_or_throw(hash_algo)); diff --git a/src/lib/tls/tls_handshake_io.cpp b/src/lib/tls/tls_handshake_io.cpp index 58aa785b1..28a3254b9 100644 --- a/src/lib/tls/tls_handshake_io.cpp +++ b/src/lib/tls/tls_handshake_io.cpp @@ -44,7 +44,7 @@ uint64_t steady_clock_ms() Protocol_Version Stream_Handshake_IO::initial_record_version() const { - return Protocol_Version::TLS_V10; + return Protocol_Version::TLS_V12; } void Stream_Handshake_IO::add_record(const uint8_t record[], @@ -136,7 +136,7 @@ std::vector<uint8_t> Stream_Handshake_IO::send(const Handshake_Message& msg) Protocol_Version Datagram_Handshake_IO::initial_record_version() const { - return Protocol_Version::DTLS_V10; + return Protocol_Version::DTLS_V12; } void Datagram_Handshake_IO::retransmit_last_flight() diff --git a/src/lib/tls/tls_handshake_state.cpp b/src/lib/tls/tls_handshake_state.cpp index 1129dc58f..3d80c8d91 100644 --- a/src/lib/tls/tls_handshake_state.cpp +++ b/src/lib/tls/tls_handshake_state.cpp @@ -369,18 +369,12 @@ std::vector<uint8_t> Handshake_State::session_ticket() const KDF* Handshake_State::protocol_specific_prf() const { - if(version().supports_ciphersuite_specific_prf()) - { - const std::string prf_algo = ciphersuite().prf_algo(); - - if(prf_algo == "MD5" || prf_algo == "SHA-1") - return get_kdf("TLS-12-PRF(SHA-256)"); + const std::string prf_algo = ciphersuite().prf_algo(); - return get_kdf("TLS-12-PRF(" + prf_algo + ")"); - } + if(prf_algo == "MD5" || prf_algo == "SHA-1") + return get_kdf("TLS-12-PRF(SHA-256)"); - // Old PRF used in TLS v1.0, v1.1 and DTLS v1.0 - return get_kdf("TLS-PRF"); + return get_kdf("TLS-12-PRF(" + prf_algo + ")"); } std::pair<std::string, Signature_Format> @@ -391,8 +385,6 @@ Handshake_State::choose_sig_format(const Private_Key& key, { const std::string sig_algo = key.algo_name(); - if(this->version().supports_negotiable_signature_algorithms()) - { const std::vector<Signature_Scheme> allowed = policy.allowed_signature_schemes(); std::vector<Signature_Scheme> requested = @@ -431,20 +423,6 @@ Handshake_State::choose_sig_format(const Private_Key& key, { return std::make_pair(padding_string_for_scheme(chosen_scheme), DER_SEQUENCE); } - } - else - { - if(sig_algo == "RSA") - { - const std::string padding = "PKCS1v15(Parallel(MD5,SHA-160))"; - return std::make_pair(padding, IEEE_1363); - } - else if(sig_algo == "DSA" || sig_algo == "ECDSA") - { - const std::string padding = "EMSA1(SHA-1)"; - return std::make_pair(padding, DER_SEQUENCE); - } - } throw Invalid_Argument(sig_algo + " is invalid/unknown for TLS signatures"); } @@ -485,30 +463,6 @@ Handshake_State::parse_sig_format(const Public_Key& key, "Rejecting " + key_type + " signature"); } - if(this->version().supports_negotiable_signature_algorithms() == false) - { - if(scheme != Signature_Scheme::NONE) - throw Decoding_Error("Counterparty sent hash/sig IDs with old version"); - - /* - There is no check on the acceptability of a v1.0/v1.1 hash type, - since it's implicit with use of the protocol - */ - - if(key_type == "RSA") - { - const std::string padding = "PKCS1v15(Parallel(MD5,SHA-160))"; - return std::make_pair(padding, IEEE_1363); - } - else if(key_type == "DSA" || key_type == "ECDSA") - { - const std::string padding = "EMSA1(SHA-1)"; - return std::make_pair(padding, DER_SEQUENCE); - } - else - throw Invalid_Argument(key_type + " is invalid/unknown for TLS signatures"); - } - if(scheme == Signature_Scheme::NONE) throw Decoding_Error("Counterparty did not send hash/sig IDS"); diff --git a/src/lib/tls/tls_messages.h b/src/lib/tls/tls_messages.h index 82b8b593c..08c3682f7 100644 --- a/src/lib/tls/tls_messages.h +++ b/src/lib/tls/tls_messages.h @@ -429,11 +429,9 @@ class BOTAN_UNSTABLE_API Certificate_Req final : public Handshake_Message Certificate_Req(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, - const std::vector<X509_DN>& allowed_cas, - Protocol_Version version); + const std::vector<X509_DN>& allowed_cas); - Certificate_Req(const std::vector<uint8_t>& buf, - Protocol_Version version); + Certificate_Req(const std::vector<uint8_t>& buf); private: std::vector<uint8_t> serialize() const override; @@ -467,8 +465,7 @@ class BOTAN_UNSTABLE_API Certificate_Verify final : public Handshake_Message RandomNumberGenerator& rng, const Private_Key* key); - Certificate_Verify(const std::vector<uint8_t>& buf, - Protocol_Version version); + Certificate_Verify(const std::vector<uint8_t>& buf); private: std::vector<uint8_t> serialize() const override; diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp index f54b65aa9..cf9cc249b 100644 --- a/src/lib/tls/tls_policy.cpp +++ b/src/lib/tls/tls_policy.cpp @@ -270,17 +270,6 @@ bool Policy::acceptable_protocol_version(Protocol_Version version) const if(version == Protocol_Version::DTLS_V12 && allow_dtls12()) return true; -#if defined(BOTAN_HAS_TLS_V10) - - if(version == Protocol_Version::TLS_V11 && allow_tls11()) - return true; - if(version == Protocol_Version::TLS_V10 && allow_tls10()) - return true; - if(version == Protocol_Version::DTLS_V10 && allow_dtls10()) - return true; - -#endif - return false; } @@ -290,22 +279,12 @@ Protocol_Version Policy::latest_supported_version(bool datagram) const { if(acceptable_protocol_version(Protocol_Version::DTLS_V12)) return Protocol_Version::DTLS_V12; -#if defined(BOTAN_HAS_TLS_V10) - if(acceptable_protocol_version(Protocol_Version::DTLS_V10)) - return Protocol_Version::DTLS_V10; -#endif throw Invalid_State("Policy forbids all available DTLS version"); } else { if(acceptable_protocol_version(Protocol_Version::TLS_V12)) return Protocol_Version::TLS_V12; -#if defined(BOTAN_HAS_TLS_V10) - if(acceptable_protocol_version(Protocol_Version::TLS_V11)) - return Protocol_Version::TLS_V11; - if(acceptable_protocol_version(Protocol_Version::TLS_V10)) - return Protocol_Version::TLS_V10; -#endif throw Invalid_State("Policy forbids all available TLS version"); } } @@ -319,10 +298,7 @@ bool Policy::acceptable_ciphersuite(const Ciphersuite& ciphersuite) const bool Policy::allow_client_initiated_renegotiation() const { return false; } bool Policy::allow_server_initiated_renegotiation() const { return false; } bool Policy::allow_insecure_renegotiation() const { return false; } -bool Policy::allow_tls10() const { return false; } -bool Policy::allow_tls11() const { return false; } bool Policy::allow_tls12() const { return true; } -bool Policy::allow_dtls10() const { return false; } bool Policy::allow_dtls12() const { return true; } bool Policy::include_time_in_hello_random() const { return true; } bool Policy::hide_unknown_users() const { return false; } @@ -534,10 +510,7 @@ void print_bool(std::ostream& o, void Policy::print(std::ostream& o) const { - print_bool(o, "allow_tls10", allow_tls10()); - print_bool(o, "allow_tls11", allow_tls11()); print_bool(o, "allow_tls12", allow_tls12()); - print_bool(o, "allow_dtls10", allow_dtls10()); print_bool(o, "allow_dtls12", allow_dtls12()); print_vec(o, "ciphers", allowed_ciphers()); print_vec(o, "macs", allowed_macs()); @@ -587,10 +560,7 @@ std::vector<std::string> Strict_Policy::allowed_key_exchange_methods() const return { "CECPQ1", "ECDH" }; } -bool Strict_Policy::allow_tls10() const { return false; } -bool Strict_Policy::allow_tls11() const { return false; } bool Strict_Policy::allow_tls12() const { return true; } -bool Strict_Policy::allow_dtls10() const { return false; } bool Strict_Policy::allow_dtls12() const { return true; } } diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h index b53c08bb6..bfe067650 100644 --- a/src/lib/tls/tls_policy.h +++ b/src/lib/tls/tls_policy.h @@ -138,26 +138,11 @@ class BOTAN_PUBLIC_API(2,0) Policy virtual bool only_resume_with_exact_version() const; /** - * Allow TLS v1.0 - */ - virtual bool allow_tls10() const; - - /** - * Allow TLS v1.1 - */ - virtual bool allow_tls11() const; - - /** * Allow TLS v1.2 */ virtual bool allow_tls12() const; /** - * Allow DTLS v1.0 - */ - virtual bool allow_dtls10() const; - - /** * Allow DTLS v1.2 */ virtual bool allow_dtls12() const; @@ -371,10 +356,7 @@ class BOTAN_PUBLIC_API(2,0) NSA_Suite_B_128 : public Policy size_t minimum_signature_strength() const override { return 128; } - bool allow_tls10() const override { return false; } - bool allow_tls11() const override { return false; } bool allow_tls12() const override { return true; } - bool allow_dtls10() const override { return false; } bool allow_dtls12() const override { return false; } }; @@ -404,10 +386,7 @@ class BOTAN_PUBLIC_API(2,7) NSA_Suite_B_192 : public Policy size_t minimum_signature_strength() const override { return 192; } - bool allow_tls10() const override { return false; } - bool allow_tls11() const override { return false; } bool allow_tls12() const override { return true; } - bool allow_dtls10() const override { return false; } bool allow_dtls12() const override { return false; } }; @@ -467,10 +446,7 @@ class BOTAN_PUBLIC_API(2,0) BSI_TR_02102_2 : public Policy size_t minimum_ecdh_group_size() const override { return 250; } size_t minimum_ecdsa_group_size() const override { return 250; } - bool allow_tls10() const override { return false; } - bool allow_tls11() const override { return false; } bool allow_tls12() const override { return true; } - bool allow_dtls10() const override { return false; } bool allow_dtls12() const override { return false; } }; @@ -483,10 +459,7 @@ class BOTAN_PUBLIC_API(2,0) Datagram_Policy : public Policy std::vector<std::string> allowed_macs() const override { return std::vector<std::string>({"AEAD"}); } - bool allow_tls10() const override { return false; } - bool allow_tls11() const override { return false; } bool allow_tls12() const override { return false; } - bool allow_dtls10() const override { return false; } bool allow_dtls12() const override { return true; } }; @@ -508,10 +481,7 @@ class BOTAN_PUBLIC_API(2,0) Strict_Policy : public Policy std::vector<std::string> allowed_key_exchange_methods() const override; - bool allow_tls10() const override; - bool allow_tls11() const override; bool allow_tls12() const override; - bool allow_dtls10() const override; bool allow_dtls12() const override; }; @@ -533,14 +503,8 @@ class BOTAN_PUBLIC_API(2,0) Text_Policy : public Policy bool use_ecc_point_compression() const override; - bool allow_tls10() const override; - - bool allow_tls11() const override; - bool allow_tls12() const override; - bool allow_dtls10() const override; - bool allow_dtls12() const override; bool allow_insecure_renegotiation() const override; diff --git a/src/lib/tls/tls_server.cpp b/src/lib/tls/tls_server.cpp index 27832e779..60ee19172 100644 --- a/src/lib/tls/tls_server.cpp +++ b/src/lib/tls/tls_server.cpp @@ -200,43 +200,35 @@ uint16_t choose_ciphersuite( continue; } - if(version.supports_negotiable_signature_algorithms()) - { - const std::vector<Signature_Scheme> client_sig_methods = - client_hello.signature_schemes(); + const std::vector<Signature_Scheme> allowed = + policy.allowed_signature_schemes(); - /* - If the vector is empty (eg because the client did not send the - extension), then the loop will fail to find a match and we will - reject with a handshake failure. + std::vector<Signature_Scheme> client_sig_methods = + client_hello.signature_schemes(); - The TLS v1.2 logic said that a client not sending the extension implicitly - supported SHA-1 but with draft-ietf-tls-md5-sha1-deprecate instead we - are removing support for SHA-1 signatures entirely. + /* + Contrary to the wording of draft-ietf-tls-md5-sha1-deprecate we do + not enforce that clients do not offer support SHA-1 or MD5 + signatures; we just ignore it. + */ + bool we_support_some_hash_by_client = false; - Contrary to the wording of draft-ietf-tls-md5-sha1-deprecate we do - not enforce that clients do not offer support SHA-1 or MD5 - signatures; we just ignore it. - */ - bool we_support_some_hash_by_client = false; + for(Signature_Scheme scheme : client_sig_methods) + { + if(signature_scheme_is_known(scheme) == false) + continue; - for(Signature_Scheme scheme : client_sig_methods) + if(signature_algorithm_of_scheme(scheme) == suite.sig_algo() && + policy.allowed_signature_hash(hash_function_of_scheme(scheme))) { - if(signature_scheme_is_known(scheme) == false) - continue; - - if(signature_algorithm_of_scheme(scheme) == suite.sig_algo() && - policy.allowed_signature_hash(hash_function_of_scheme(scheme))) - { - we_support_some_hash_by_client = true; - } + we_support_some_hash_by_client = true; } + } - if(we_support_some_hash_by_client == false) - { - throw TLS_Exception(Alert::HANDSHAKE_FAILURE, - "Policy does not accept any hash function supported by client"); - } + if(we_support_some_hash_by_client == false) + { + throw TLS_Exception(Alert::HANDSHAKE_FAILURE, + "Policy does not accept any hash function supported by client"); } } @@ -343,22 +335,12 @@ Protocol_Version select_version(const Botan::TLS::Policy& policy, { if(policy.allow_dtls12() && value_exists(supported_versions, Protocol_Version(Protocol_Version::DTLS_V12))) return Protocol_Version::DTLS_V12; -#if defined(BOTAN_HAS_TLS_V10) - if(policy.allow_dtls10() && value_exists(supported_versions, Protocol_Version(Protocol_Version::DTLS_V10))) - return Protocol_Version::DTLS_V10; -#endif throw TLS_Exception(Alert::PROTOCOL_VERSION, "No shared DTLS version"); } else { if(policy.allow_tls12() && value_exists(supported_versions, Protocol_Version(Protocol_Version::TLS_V12))) return Protocol_Version::TLS_V12; -#if defined(BOTAN_HAS_TLS_V10) - if(policy.allow_tls11() && value_exists(supported_versions, Protocol_Version(Protocol_Version::TLS_V11))) - return Protocol_Version::TLS_V11; - if(policy.allow_tls10() && value_exists(supported_versions, Protocol_Version(Protocol_Version::TLS_V10))) - return Protocol_Version::TLS_V10; -#endif throw TLS_Exception(Alert::PROTOCOL_VERSION, "No shared TLS version"); } } @@ -601,7 +583,7 @@ void Server::process_certificate_verify_msg(Server_Handshake_State& pending_stat Handshake_Type type, const std::vector<uint8_t>& contents) { - pending_state.client_verify(new Certificate_Verify(contents, pending_state.version())); + pending_state.client_verify(new Certificate_Verify(contents)); const std::vector<X509_Certificate>& client_certs = pending_state.client_certs()->cert_chain(); @@ -956,8 +938,7 @@ void Server::session_create(Server_Handshake_State& pending_state, new Certificate_Req(pending_state.handshake_io(), pending_state.hash(), policy(), - client_auth_CAs, - pending_state.version())); + client_auth_CAs)); /* SSLv3 allowed clients to skip the Certificate message entirely diff --git a/src/lib/tls/tls_text_policy.cpp b/src/lib/tls/tls_text_policy.cpp index d04879a1b..b1b3de13c 100644 --- a/src/lib/tls/tls_text_policy.cpp +++ b/src/lib/tls/tls_text_policy.cpp @@ -45,26 +45,11 @@ bool Text_Policy::use_ecc_point_compression() const return get_bool("use_ecc_point_compression", Policy::use_ecc_point_compression()); } -bool Text_Policy::allow_tls10() const - { - return get_bool("allow_tls10", Policy::allow_tls10()); - } - -bool Text_Policy::allow_tls11() const - { - return get_bool("allow_tls11", Policy::allow_tls11()); - } - bool Text_Policy::allow_tls12() const { return get_bool("allow_tls12", Policy::allow_tls12()); } -bool Text_Policy::allow_dtls10() const - { - return get_bool("allow_dtls10", Policy::allow_dtls10()); - } - bool Text_Policy::allow_dtls12() const { return get_bool("allow_dtls12", Policy::allow_dtls12()); diff --git a/src/lib/tls/tls_version.cpp b/src/lib/tls/tls_version.cpp index ecbe94897..40a9a83cf 100644 --- a/src/lib/tls/tls_version.cpp +++ b/src/lib/tls/tls_version.cpp @@ -50,39 +50,10 @@ bool Protocol_Version::operator>(const Protocol_Version& other) const bool Protocol_Version::known_version() const { - return (m_version == Protocol_Version::TLS_V10 || - m_version == Protocol_Version::TLS_V11 || - m_version == Protocol_Version::TLS_V12 || - m_version == Protocol_Version::DTLS_V10 || + return (m_version == Protocol_Version::TLS_V12 || m_version == Protocol_Version::DTLS_V12); } -bool Protocol_Version::supports_negotiable_signature_algorithms() const - { - return (m_version != Protocol_Version::TLS_V10 && - m_version != Protocol_Version::TLS_V11 && - m_version != Protocol_Version::DTLS_V10); - } - -bool Protocol_Version::supports_explicit_cbc_ivs() const - { - return (m_version != Protocol_Version::TLS_V10); - } - -bool Protocol_Version::supports_ciphersuite_specific_prf() const - { - return (m_version != Protocol_Version::TLS_V10 && - m_version != Protocol_Version::TLS_V11 && - m_version != Protocol_Version::DTLS_V10); - } - -bool Protocol_Version::supports_aead_modes() const - { - return (m_version != Protocol_Version::TLS_V10 && - m_version != Protocol_Version::TLS_V11 && - m_version != Protocol_Version::DTLS_V10); - } - } } diff --git a/src/lib/tls/tls_version.h b/src/lib/tls/tls_version.h index 18e2c0f65..e116819a6 100644 --- a/src/lib/tls/tls_version.h +++ b/src/lib/tls/tls_version.h @@ -22,11 +22,7 @@ class BOTAN_PUBLIC_API(2,0) Protocol_Version final { public: enum Version_Code { - TLS_V10 = 0x0301, - TLS_V11 = 0x0302, TLS_V12 = 0x0303, - - DTLS_V10 = 0xFEFF, DTLS_V12 = 0xFEFD }; @@ -99,23 +95,6 @@ class BOTAN_PUBLIC_API(2,0) Protocol_Version final bool is_datagram_protocol() const; /** - * @return true if this version supports negotiable signature algorithms - */ - bool supports_negotiable_signature_algorithms() const; - - /** - * @return true if this version uses explicit IVs for block ciphers - */ - bool supports_explicit_cbc_ivs() const; - - /** - * @return true if this version uses a ciphersuite specific PRF - */ - bool supports_ciphersuite_specific_prf() const; - - bool supports_aead_modes() const; - - /** * @return if this version is equal to other */ bool operator==(const Protocol_Version& other) const |