Commit Graph

29 Commits

Author SHA1 Message Date
Jouni Malinen
8ba8c01d0c TLS: Report OCSP rejection cases when no valid response if found
This adds a CTRL-EVENT-EAP-TLS-CERT-ERROR and CTRL-EVENT-EAP-STATUS
messages with 'bad certificate status response' for cases where no valid
OCSP response was received, but the network profile requires OCSP to be
used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-17 11:47:38 +02:00
Jouni Malinen
d560288a44 TLS: Parse CertificateStatus message
This allows the internal TLS client implementation to accept
CertificateStatus message from the server when trying to use OCSP
stapling. The actual OCSPResponse is not yet processed in this commit,
but the CertificateStatus message is accepted to allow the TLS handshake
to continue.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-14 15:49:01 +02:00
Jouni Malinen
4303d531a8 TLS: Parse ServerHello extensions
This prints the received ServerHello extensions into the debug log and
allows handshake to continue even if such extensions are included.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-14 15:49:01 +02:00
Jouni Malinen
1adf262144 TLS: Add support for extKeyUsage X.509v3 extension
If the server/client certificate includes the extKeyUsage extension,
verify that the listed key purposes include either the
anyExtendedKeyUsage wildcard or id-kp-serverAuth/id-kp-clientAuth,
respectively.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 21:53:23 +02:00
Jouni Malinen
c5864dca5d TLS client: Add certificate chain validation failure callbacks
This adds more support for event_cb() calls for various server
certificate chain validation failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:32:52 +02:00
Jouni Malinen
896a97d712 TLS client: Add support for disabling TLS versions
The internal TLS client implementation in wpa_supplicant can now be used
with the phase2 parameters tls_disable_tlsv1_0=1, tls_disable_tlsv1_1=1,
and tls_disable_tlsv1_2=1 to disable the specified TLS version(s).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:03:11 +02:00
Jouni Malinen
0cbc22b2eb TLS client: Use TLS_CONN_* flags
This makes it simpler to add support for new TLS_CONN_* flags without
having to add a new configuration function for each flag.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 19:48:17 +02:00
Jouni Malinen
f2a6ad01a9 TLS client: Add support for server certificate probing
The internal TLS client implementation can now be used with
ca_cert="probe://" to probe the server certificate chain. This is also
adding the related CTRL-EVENT-EAP-TLS-CERT-ERROR and
CTRL-EVENT-EAP-PEER-CERT events.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 18:59:27 +02:00
Jouni Malinen
b115eebe01 TLS: Add TLS v1.2 signature algorithm support for SHA384 and SHA512
This extends the internal TLS client implementation to support signature
algorithms SHA384 and SHA512 in addition to the previously supported
SHA256.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 18:21:08 +02:00
Pali Rohár
fdc1614264 TLS client: Add support for validating server certificate hash
This commit adds support for "hash://server/sha256/cert_hash_in_hex"
scheme in ca_cert property for the internal TLS implementation.

Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
2015-11-29 11:45:59 +02:00
Pali Rohár
3665776e4e TLS client: Do not verify CA certificates when ca_cert is not specified
In documentation is written: "If ca_cert and ca_path are not included,
server certificate will not be verified". This is the case when
wpa_supplicant is compiled with OpenSSL library, but when using the
internal TLS implementation and some certificates in CA chain are in
unsupported format (e.g., use SHA384 or SHA512 hash functions) then
verification fails even if ca_cert property is not specified.

This commit changes behavior so that certificate verification in
internal TLS implementation is really skipped when ca_cert is not
specified.

Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
2015-11-29 11:39:25 +02:00
Jouni Malinen
76874379d3 TLS client: Check DH parameters using a local variable
Use a temporary, local variable to check the DH parameters received from
the server before assigning the length to the struct tlsv1_client
variables. This will hopefully make it easier for static analyzers to
figure out that there is bounds checking for the value. (CID 72699)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 17:48:34 +02:00
Jouni Malinen
e7b96ecdb3 TLS client: Make DH parameter parsing easier for static analyzers
The dh_p_len, dh_g_len, and dh_ys_len parameters were validated against
the received message structure, but that did not seem to be done in a
way that some static analyzers would understand this (CID 72699).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:04:00 +03:00
Jouni Malinen
2049a3c874 TLS: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:47 +03:00
Jouni Malinen
f5bbb2f284 TLS client: Reject RSA-DHE prime if it shorter than 768 bits
Such short primes cannot really be considered secure enough for
authentication purposes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-16 12:43:37 +02:00
Jouni Malinen
f3ef7a2640 TLS client: Send decrypt_error on verify_data validation error
Previously, this was silently dropped which left the connection waiting
for timeout. decrypt_error alert can be used here to avoid that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-09 18:21:13 +02:00
Jouni Malinen
129b9b991a TLS: Share a helper function for verifying Signature
This same design is used in both the server and the client roles in the
internal TLS implementation. Instead of duplicated implementation, use a
helper function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-09 17:11:58 +02:00
Jouni Malinen
6531963584 TLS: Use a helper function for calculating ServerKeyExchange hash
Instead of separate server and client side implementations, use a common
set of helper functions for calculating the ServerParams hash for
ServerKeyExchange.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-09 16:26:27 +02:00
Jouni Malinen
65074a2a7c TLS: Add support for DHE-RSA cipher suites
This extends the internal TLS implementation to support DHE-RSA
cipher suites in both server and client roles.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-09 15:43:50 +02:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
1622b331f6 TLS: Update file headers to include TLS v1.2 support
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 22:13:52 +02:00
Jouni Malinen
949b2e1f61 TLS: Add SHA256-based verify_data derivation for TLS v1.2
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 22:08:28 +02:00
Jouni Malinen
d0485a6208 TLS: Pass version to tls_prf() in preparation for new PRFs
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:35:11 +02:00
Jouni Malinen
ebe4e8f814 TLS: Add helper functions for version number handling
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:20:18 +02:00
Jouni Malinen
5c47af9a7a TLS: Add support for TLS v1.1 (RFC 4346) with internal TLS
This is disabled by defautl and can be enabled with CONFIG_TLSV11=y
build configuration parameter.
2011-09-25 17:24:46 +03:00
Jouni Malinen
235279e777 TLS: Add support for tls_disable_time_checks=1 in client mode
This phase1 parameter for TLS-based EAP methods was already supported
with GnuTLS and this commit extends that support for OpenSSL and the
internal TLS implementation.
2011-07-05 11:29:42 +03:00
Jouni Malinen
03da66bd59 Remove src/crypto from default include path
In addition, start ordering header file includes to be in more
consistent order: system header files, src/utils, src/*, same
directory as the *.c file.
2009-11-29 23:04:43 +02:00
Jouni Malinen
fa2ec7eb63 Silenced compiler warnings on size_t printf format and shadowed variables 2008-09-27 10:46:06 +03:00
Jouni Malinen
6fc6879bd5 Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00