diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-06-06 09:25:20 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-06-12 09:31:03 +0200 |
commit | 62248b6adf0c11d469b04b4bf58aa97deff5a813 (patch) | |
tree | 0c17eae21180e9525b8a38facd6c73ae4ffdd38d | |
parent | 70ebf53b9e19596660b27c3522e8596a31fab4b7 (diff) | |
download | gnutls-62248b6adf0c11d469b04b4bf58aa97deff5a813.tar.gz |
priorities: hmac-sha256 ciphersuites were removed from defaults
These ciphersuites are deprecated since the introduction of AEAD
ciphersuites, and are only necessary for compatibility with older
servers. Since older servers already support hmac-sha1 there is
no reason to keep these ciphersuites enabled by default, as they
increase our attack surface.
Relates #456
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | lib/priority.c | 4 | ||||
-rw-r--r-- | tests/dtls1-2-mtu-check.c | 2 | ||||
-rw-r--r-- | tests/priorities.c | 18 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh | 4 |
5 files changed, 13 insertions, 17 deletions
@@ -25,7 +25,7 @@ See the end for copying conditions. with an anonymous credentials structure. ** Provide a uniform cipher list across different protocols; the CAMELLIA ciphers - as well as ciphers utilizing HMAC-SHA384 have been removed from the default + as well as ciphers utilizing HMAC-SHA384 and SHA256 have been removed from the default priority strings. ** libgnutls: Introduced low-level function to assist applications attempting client diff --git a/lib/priority.c b/lib/priority.c index 0dc39f362c..1ebd6b4695 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -455,14 +455,12 @@ static const int* sign_priority_secure192 = _sign_priority_secure192; static const int mac_priority_normal_default[] = { GNUTLS_MAC_SHA1, - GNUTLS_MAC_SHA256, GNUTLS_MAC_AEAD, 0 }; static const int mac_priority_normal_fips[] = { GNUTLS_MAC_SHA1, - GNUTLS_MAC_SHA256, GNUTLS_MAC_AEAD, 0 }; @@ -496,14 +494,12 @@ static const int* mac_priority_suiteb = _mac_priority_suiteb; static const int _mac_priority_secure128[] = { GNUTLS_MAC_SHA1, - GNUTLS_MAC_SHA256, GNUTLS_MAC_AEAD, 0 }; static const int* mac_priority_secure128 = _mac_priority_secure128; static const int _mac_priority_secure192[] = { - GNUTLS_MAC_SHA256, GNUTLS_MAC_AEAD, 0 }; diff --git a/tests/dtls1-2-mtu-check.c b/tests/dtls1-2-mtu-check.c index 707fa32e37..460aa9442b 100644 --- a/tests/dtls1-2-mtu-check.c +++ b/tests/dtls1-2-mtu-check.c @@ -79,7 +79,7 @@ static void dtls_mtu_try(const char *name, const char *client_prio, serverx509cred); assert(gnutls_priority_set_direct(server, - "NORMAL:+ANON-ECDH:+ANON-DH:+3DES-CBC:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519", + "NORMAL:+ANON-ECDH:+ANON-DH:+3DES-CBC:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+SHA256:+CURVE-X25519", NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); diff --git a/tests/priorities.c b/tests/priorities.c index 1f85d7966f..3cbde6e566 100644 --- a/tests/priorities.c +++ b/tests/priorities.c @@ -113,19 +113,19 @@ try_prio_err(const char *prio, int err) void doit(void) { - const int null = 4; - int sec128_cs = 31; - int sec256_cs = 12; - int normal_cs = 31; + const int null = 3; + int sec128_cs = 25; + int sec256_cs = 10; + int normal_cs = 25; int normal_ciphers = 7; - int pfs_cs = 23; + int pfs_cs = 19; if (gnutls_fips140_mode_enabled()) { - normal_cs = 28; + normal_cs = 22; normal_ciphers = 6; pfs_cs = 22; - sec256_cs = 9; - sec128_cs = 28; + sec256_cs = 7; + sec128_cs = 22; } try_prio("NORMAL", normal_cs, normal_ciphers, __LINE__); @@ -136,7 +136,7 @@ void doit(void) try_prio("NORMAL:+CIPHER-ALL", normal_cs, 7, __LINE__); /* all (except null) */ try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1, __LINE__); /* null */ try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal_cs + null, 8, __LINE__); /* should be null + all */ - try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 8, 1, __LINE__); /* should be null + all */ + try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 4, 1, __LINE__); /* should be null + all */ } try_prio("PERFORMANCE", normal_cs, normal_ciphers, __LINE__); diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh index 62d75344f7..b4b7c10883 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh @@ -49,10 +49,10 @@ wait_for_free_port $PORT retval=0 -PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:+VERS-SSL3.0" +PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:+VERS-SSL3.0:+SHA256" ${CLI} --list --priority "${PRIORITY}" >/dev/null 2>&1 if test $? != 0;then - PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:+VERS-SSL3.0" + PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:+VERS-SSL3.0:+SHA256" fi TLS_PY=./tlslite-ng/scripts/tls.py |