Branch: Tag:

2014-07-19

2014-07-19 09:31:55 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Session: Improve interoperation with GnuTLS.

GnuTLS doesn't like certificates for SHA256 signing being used with
suites (in TLS 1.1 and earlier) using SHA1. We now filter such certs.

153:   //! The set of ecc_curves supported by the peer.   protected int(0..1) is_supported_cert(CertificatePair cp,    int ke_mask, +  int h_max,    ProtocolVersion version,    array(int) ecc_curves)   {
176:    }    } else {    if (!(ke_mask & cp->ke_mask)) return 0; +  +  // GNU-TLS doesn't like eg SHA being used with SHA256 certs. +  Crypto.Hash hash = HASH_lookup[cp->sign_algs[0][0]]; +  if (!hash) return 0; +  if (hash->digest_size() > h_max) return 0;    }      #if constant(Crypto.ECC.Curve)
214:    KeyExchangeType ke = [int(0..0)|KeyExchangeType]suite_info[0];    if (!(ke_mask & (1<<ke))) return 0;    -  if ((version < PROTOCOL_TLS_1_2) && (sizeof(suite_info) >= 4)) { +  if (version < PROTOCOL_TLS_1_2) { +  if (sizeof(suite_info) >= 4) {    // AEAD protocols are not supported prior to TLS 1.2.    // Variant cipher-suite dependent prfs are not supported prior to TLS 1.2.    return 0;    } -  +  // FIXME: Check hash size >= cert hash size. +  }       if ((version >= PROTOCOL_TLS_1_1) &&    (< CIPHER_null, CIPHER_rc4_40, CIPHER_rc2_40, CIPHER_des40 >)
263:       SSL3_DEBUG_MSG("Candidate certificates: %O\n", certs);    -  // Find the set of key exchange algorithms supported by the client. +  // Find the set of key exchange and hash algorithms supported by the client.    int ke_mask = 0; -  +  int h_max = 0;    foreach(cipher_suites, int suite) {    if (CIPHER_SUITES[suite]) {    ke_mask |= 1 << [int](CIPHER_SUITES[suite][0]); -  +  Crypto.Hash hash = HASH_lookup[CIPHER_SUITES[suite][2]]; +  if (hash && (hash->digest_size() > h_max)) { +  h_max = hash->digest_size();    }    } -  +  }       // Filter any certs that the client doesn't support.    certs = [array(CertificatePair)] -  filter(certs, is_supported_cert, ke_mask, version, ecc_curves); +  filter(certs, is_supported_cert, ke_mask, h_max, version, ecc_curves);       SSL3_DEBUG_MSG("Client supported certificates: %O\n", certs);