MbedTLS: Provide default list of configured ciphersuites
This commit is contained in:
parent
6df12e8169
commit
df51e80717
2 changed files with 109 additions and 15 deletions
|
@ -442,19 +442,18 @@ rb_setup_ssl_server(const char *const certfile, const char *keyfile,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
const int *rb_ciphersuites = newcfg->suites;
|
||||||
|
size_t suites_count = 0;
|
||||||
|
|
||||||
if(cipherlist != NULL)
|
if(cipherlist != NULL)
|
||||||
{
|
{
|
||||||
// The cipherlist is (const char *) -- we should not modify it
|
// The cipherlist is (const char *) -- we should not modify it
|
||||||
char *const cipherlist_dup = strdup(cipherlist);
|
char *const cipherlist_dup = strdup(cipherlist);
|
||||||
|
|
||||||
if(cipherlist_dup == NULL)
|
if(cipherlist_dup != NULL)
|
||||||
{
|
{
|
||||||
rb_lib_log("rb_setup_ssl_server: strdup: %s", strerror(errno));
|
|
||||||
rb_lib_log("rb_setup_ssl_server: will not configure ciphersuites!");
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
size_t suites_count = 0;
|
|
||||||
char *cipher_str = cipherlist_dup;
|
char *cipher_str = cipherlist_dup;
|
||||||
char *cipher_idx;
|
char *cipher_idx;
|
||||||
|
|
||||||
|
@ -489,18 +488,34 @@ rb_setup_ssl_server(const char *const certfile, const char *keyfile,
|
||||||
|
|
||||||
} while(cipher_idx && suites_count < RB_MAX_CIPHERSUITES);
|
} while(cipher_idx && suites_count < RB_MAX_CIPHERSUITES);
|
||||||
|
|
||||||
if(suites_count > 0)
|
if(suites_count == 0)
|
||||||
{
|
rb_lib_log("rb_setup_ssl_server: Ciphersuites provided, but could not parse any");
|
||||||
mbedtls_ssl_conf_ciphersuites(&newcfg->server_cfg, newcfg->suites);
|
|
||||||
mbedtls_ssl_conf_ciphersuites(&newcfg->client_cfg, newcfg->suites);
|
|
||||||
rb_lib_log("rb_setup_ssl_server: Configured %zu ciphersuites", suites_count);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
rb_lib_log("rb_setup_ssl_server: Passed a list of ciphersuites, but could not configure any");
|
|
||||||
|
|
||||||
free(cipherlist_dup);
|
free(cipherlist_dup);
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
rb_lib_log("rb_setup_ssl_server: strdup: %s", strerror(errno));
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
rb_lib_log("rb_setup_ssl_server: No ciphersuite list provided");
|
||||||
|
}
|
||||||
|
|
||||||
|
if(suites_count == 0)
|
||||||
|
{
|
||||||
|
rb_lib_log("rb_setup_ssl_server: Using default ciphersuites");
|
||||||
|
|
||||||
|
rb_ciphersuites = rb_mbedtls_ciphersuites;
|
||||||
|
suites_count = sizeof(rb_mbedtls_ciphersuites) / sizeof(rb_mbedtls_ciphersuites[0]);
|
||||||
|
}
|
||||||
|
|
||||||
|
mbedtls_ssl_conf_ciphersuites(&newcfg->server_cfg, rb_ciphersuites);
|
||||||
|
mbedtls_ssl_conf_ciphersuites(&newcfg->client_cfg, rb_ciphersuites);
|
||||||
|
rb_lib_log("rb_setup_ssl_server: Configured %zu ciphersuites", suites_count);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
rb_mbedtls_cfg_decref(rb_mbedtls_cfg);
|
rb_mbedtls_cfg_decref(rb_mbedtls_cfg);
|
||||||
rb_mbedtls_cfg = newcfg;
|
rb_mbedtls_cfg = newcfg;
|
||||||
|
|
|
@ -25,11 +25,90 @@
|
||||||
#ifndef RB_MBEDTLS_EMBEDDED_DATA_H
|
#ifndef RB_MBEDTLS_EMBEDDED_DATA_H
|
||||||
#define RB_MBEDTLS_EMBEDDED_DATA_H
|
#define RB_MBEDTLS_EMBEDDED_DATA_H
|
||||||
|
|
||||||
|
#include "mbedtls/ssl_ciphersuites.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Personalization string for CTR-DRBG initialization
|
* Personalization string for CTR-DRBG initialization
|
||||||
*/
|
*/
|
||||||
static const char rb_mbedtls_personal_str[] = "charybdis/librb personalization string";
|
static const char rb_mbedtls_personal_str[] = "charybdis/librb personalization string";
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default list of supported ciphersuites
|
||||||
|
* User can override with ssl_cipher_list option in ircd.conf
|
||||||
|
*
|
||||||
|
* Charybdis cannot have more than one certificate configured, which means that with
|
||||||
|
* the MbedTLS backend, it will ALWAYS be serving EITHER an RSA OR ECDSA certificate.
|
||||||
|
*
|
||||||
|
* This means we can order ciphersuites to place all ECDSA ones ahead of RSA ones,
|
||||||
|
* without weird interactions of cipher order, such as inadvertantly preferring an
|
||||||
|
* ECDSA ciphersuite with AES128-CBC-SHA over an RSA ciphersuite with
|
||||||
|
* AES256-GCM-SHA384.
|
||||||
|
*
|
||||||
|
* We also prefer all AEAD ciphersuites first, even if it results in using a 128-bit
|
||||||
|
* AEAD ciphersuite instead of a 256-bit CBC ciphersuite. This is due to the fact that
|
||||||
|
* ONLY the AEAD ciphersuites in TLS are cryptographically secure in practice; the ETM
|
||||||
|
* extension for CBC ciphersuites has not seen wide adoption. This choice can be
|
||||||
|
* revisited in future; please consult me first. -- amdj
|
||||||
|
*/
|
||||||
|
static const int rb_mbedtls_ciphersuites[] = {
|
||||||
|
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
||||||
|
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||||
|
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
||||||
|
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||||
|
|
||||||
|
MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
|
||||||
|
MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||||
|
|
||||||
|
0 // End of list
|
||||||
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* YES, this is a hardcoded CA certificate.
|
* YES, this is a hardcoded CA certificate.
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in a new issue