mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
Suite B: Add tls_suiteb=1 parameter for RSA 3k key case
This adds phase1 parameter tls_suiteb=1 into wpa_supplicant configuration to allow TLS library (only OpenSSL supported for now) to use Suite B 192-bit level rules with RSA when using >= 3k (3072) keys. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
5030d7d9fd
commit
60ed2f24eb
@ -97,6 +97,7 @@ struct tls_config {
|
|||||||
#define TLS_CONN_DISABLE_TLSv1_0 BIT(8)
|
#define TLS_CONN_DISABLE_TLSv1_0 BIT(8)
|
||||||
#define TLS_CONN_EXT_CERT_CHECK BIT(9)
|
#define TLS_CONN_EXT_CERT_CHECK BIT(9)
|
||||||
#define TLS_CONN_REQUIRE_OCSP_ALL BIT(10)
|
#define TLS_CONN_REQUIRE_OCSP_ALL BIT(10)
|
||||||
|
#define TLS_CONN_SUITEB BIT(11)
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* struct tls_connection_params - Parameters for TLS connection
|
* struct tls_connection_params - Parameters for TLS connection
|
||||||
|
@ -2257,7 +2257,7 @@ static int tls_connection_set_subject_match(struct tls_connection *conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static void tls_set_conn_flags(SSL *ssl, unsigned int flags)
|
static int tls_set_conn_flags(SSL *ssl, unsigned int flags)
|
||||||
{
|
{
|
||||||
#ifdef SSL_OP_NO_TICKET
|
#ifdef SSL_OP_NO_TICKET
|
||||||
if (flags & TLS_CONN_DISABLE_SESSION_TICKET)
|
if (flags & TLS_CONN_DISABLE_SESSION_TICKET)
|
||||||
@ -2284,6 +2284,45 @@ static void tls_set_conn_flags(SSL *ssl, unsigned int flags)
|
|||||||
else
|
else
|
||||||
SSL_clear_options(ssl, SSL_OP_NO_TLSv1_2);
|
SSL_clear_options(ssl, SSL_OP_NO_TLSv1_2);
|
||||||
#endif /* SSL_OP_NO_TLSv1_2 */
|
#endif /* SSL_OP_NO_TLSv1_2 */
|
||||||
|
#ifdef CONFIG_SUITEB
|
||||||
|
if (flags & TLS_CONN_SUITEB) {
|
||||||
|
EC_KEY *ecdh;
|
||||||
|
const char *ciphers =
|
||||||
|
"ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384";
|
||||||
|
|
||||||
|
if (SSL_set_cipher_list(ssl, ciphers) != 1) {
|
||||||
|
wpa_printf(MSG_INFO,
|
||||||
|
"OpenSSL: Failed to set Suite B ciphers");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SSL_set1_curves_list(ssl, "P-384") != 1) {
|
||||||
|
wpa_printf(MSG_INFO,
|
||||||
|
"OpenSSL: Failed to set Suite B curves");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
/* ECDSA+SHA384 if need to add EC support here */
|
||||||
|
if (SSL_set1_sigalgs_list(ssl, "RSA+SHA384") != 1) {
|
||||||
|
wpa_printf(MSG_INFO,
|
||||||
|
"OpenSSL: Failed to set Suite B sigalgs");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
ecdh = EC_KEY_new_by_curve_name(NID_secp384r1);
|
||||||
|
if (!ecdh || SSL_set_tmp_ecdh(ssl, ecdh) != 1) {
|
||||||
|
EC_KEY_free(ecdh);
|
||||||
|
wpa_printf(MSG_INFO,
|
||||||
|
"OpenSSL: Failed to set ECDH parameter");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
EC_KEY_free(ecdh);
|
||||||
|
|
||||||
|
SSL_set_options(ssl, SSL_OP_NO_TLSv1);
|
||||||
|
SSL_set_options(ssl, SSL_OP_NO_TLSv1_1);
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_SUITEB */
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -2307,7 +2346,8 @@ int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn,
|
|||||||
SSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL);
|
SSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
tls_set_conn_flags(conn->ssl, flags);
|
if (tls_set_conn_flags(conn->ssl, flags) < 0)
|
||||||
|
return -1;
|
||||||
conn->flags = flags;
|
conn->flags = flags;
|
||||||
|
|
||||||
SSL_set_accept_state(conn->ssl);
|
SSL_set_accept_state(conn->ssl);
|
||||||
@ -4111,7 +4151,8 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
tls_set_conn_flags(conn->ssl, params->flags);
|
if (tls_set_conn_flags(conn->ssl, params->flags) < 0)
|
||||||
|
return -1;
|
||||||
|
|
||||||
#ifdef OPENSSL_IS_BORINGSSL
|
#ifdef OPENSSL_IS_BORINGSSL
|
||||||
if (params->flags & TLS_CONN_REQUEST_OCSP) {
|
if (params->flags & TLS_CONN_REQUEST_OCSP) {
|
||||||
|
@ -84,6 +84,10 @@ static void eap_tls_params_flags(struct tls_connection_params *params,
|
|||||||
params->flags |= TLS_CONN_EXT_CERT_CHECK;
|
params->flags |= TLS_CONN_EXT_CERT_CHECK;
|
||||||
if (os_strstr(txt, "tls_ext_cert_check=0"))
|
if (os_strstr(txt, "tls_ext_cert_check=0"))
|
||||||
params->flags &= ~TLS_CONN_EXT_CERT_CHECK;
|
params->flags &= ~TLS_CONN_EXT_CERT_CHECK;
|
||||||
|
if (os_strstr(txt, "tls_suiteb=1"))
|
||||||
|
params->flags |= TLS_CONN_SUITEB;
|
||||||
|
if (os_strstr(txt, "tls_suiteb=0"))
|
||||||
|
params->flags &= ~TLS_CONN_SUITEB;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1164,6 +1164,9 @@ fast_reauth=1
|
|||||||
# chain when receiving CTRL-RSP-EXT_CERT_CHECK event from the control
|
# chain when receiving CTRL-RSP-EXT_CERT_CHECK event from the control
|
||||||
# interface and report the result of the validation with
|
# interface and report the result of the validation with
|
||||||
# CTRL-RSP_EXT_CERT_CHECK.
|
# CTRL-RSP_EXT_CERT_CHECK.
|
||||||
|
# tls_suiteb=0 - do not apply Suite B 192-bit constraints on TLS (default)
|
||||||
|
# tls_suiteb=1 - apply Suite B 192-bit constraints on TLS; this is used in
|
||||||
|
# particular when using Suite B with RSA keys of >= 3K (3072) bits
|
||||||
#
|
#
|
||||||
# Following certificate/private key fields are used in inner Phase2
|
# Following certificate/private key fields are used in inner Phase2
|
||||||
# authentication when using EAP-TTLS or EAP-PEAP.
|
# authentication when using EAP-TTLS or EAP-PEAP.
|
||||||
|
Loading…
Reference in New Issue
Block a user