From 74830d83eb09f440214b3dedb929677ebc0358a7 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 11 Apr 2018 08:34:15 +0200 Subject: ANON,SRP,NULL ciphersuites: when set do not negotiate TLS1.3 or later The reason is that these ciphersuites cannot be negotiated using TLS1.3. There is a different strategy followed for these. * NULL ciphersuites: they are not something normally enabled and used for debugging purposes mostly. When set both in client and server side only TLS1.2 can be used. * SRP ciphersuites: they are used on client side when the client is actually performing a username-password authentication with SRP. On server side we can have indeed a server support SRP and non-SRP. In that case we limit both on TLS1.2. That an unfortunate restriction, but is not a regression and IMHO these servers would most likely be phased out as very few would want to stick to TLS1.2 connections for SRP; or we may have an SRP update for TLS1.3 which could lift that limitation in the future. * ANON ciphersuites: they are used in certain client/server setups where very basic level of security is required, and in opportunistic encryption scenarios. There is a difference in the handling of these cases. In the case of Anon-only server/clients they provide the session with anonymous credentials structure; in the case of opportunistic encryption they provide both certificate and anonymous credentials. Thus we allow the protocol (TLS1.3) be in the priorities, but if we see no certificate or PSK credentials we disable TLS1.3 negotiation. Signed-off-by: Nikos Mavrogiannopoulos --- tests/srp.c | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'tests/srp.c') diff --git a/tests/srp.c b/tests/srp.c index 9143293f7e..78eed5b1b0 100644 --- a/tests/srp.c +++ b/tests/srp.c @@ -194,7 +194,7 @@ static void terminate(void) static void server(int fd, const char *prio) { - int ret; + int ret, kx; gnutls_session_t session; gnutls_srp_server_credentials_t s_srp_cred; gnutls_certificate_credentials_t s_x509_cred; @@ -250,6 +250,11 @@ static void server(int fd, const char *prio) gnutls_protocol_get_name (gnutls_protocol_get_version(session))); + kx = gnutls_kx_get(session); + if (kx != GNUTLS_KX_SRP && kx != GNUTLS_KX_SRP_RSA && + kx != GNUTLS_KX_SRP_DSS) + fail("server: unexpected key exchange: %s\n", gnutls_kx_get_name(kx)); + /* do not wait for the peer to close the connection. */ gnutls_bye(session, GNUTLS_SHUT_WR); @@ -340,18 +345,21 @@ void doit(void) fwrite(tpasswd_file, 1, strlen(tpasswd_file), fd); fclose(fd); - start("srp-1024", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test", "test", 0); - start("srp-1536", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test2", "test2", 0); - start("srp-2048", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test3", "test3", 0); - start("srp-3072", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test4", "test4", 0); - start("srp-4096", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test5", "test5", 0); - start("srp-8192", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test7", "test7", 0); - start("srp-other", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test9", "test9", GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + start("tls1.2 srp-1024", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test", "test", 0); + start("tls1.2 srp-1536", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test2", "test2", 0); + start("tls1.2 srp-2048", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test3", "test3", 0); + start("tls1.2 srp-3072", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test4", "test4", 0); + start("tls1.2 srp-4096", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test5", "test5", 0); + start("tls1.2 srp-8192", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test7", "test7", 0); + start("tls1.2 srp-other", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP", "test9", "test9", GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + + start("tls1.2 srp-rsa", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP-RSA", "test", "test", 0); - start("srp-rsa", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+SRP-RSA", "test", "test", 0); + /* check whether SRP works with TLS1.3 being prioritized */ + start("tls1.3 and srp-1024", "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1", "test", "test", 0); /* check whether SRP works with the default protocol set */ - start("srp-1024", "NORMAL:-KX-ALL:+SRP", "test", "test", 0); + start("default srp-1024", "NORMAL:-KX-ALL:+SRP", "test", "test", 0); remove("tpasswd"); remove("tpasswd.conf"); -- cgit v1.2.1