summaryrefslogtreecommitdiff
path: root/src/openvpn/ssl_mbedtls.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/openvpn/ssl_mbedtls.c')
-rw-r--r--src/openvpn/ssl_mbedtls.c70
1 files changed, 64 insertions, 6 deletions
diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
index 861d936..74b4726 100644
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -5,8 +5,8 @@
* packet encryption, packet authentication, and
* packet compression.
*
- * Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net>
- * Copyright (C) 2010-2017 Fox Crypto B.V. <openvpn@fox-it.com>
+ * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
+ * Copyright (C) 2010-2018 Fox Crypto B.V. <openvpn@fox-it.com>
* Copyright (C) 2006-2010, Brainspark B.V.
*
* This program is free software; you can redistribute it and/or modify
@@ -60,7 +60,34 @@
#include <mbedtls/oid.h>
#include <mbedtls/pem.h>
-#include <mbedtls/sha256.h>
+
+static const mbedtls_x509_crt_profile openvpn_x509_crt_profile_legacy =
+{
+ /* Hashes from SHA-1 and above */
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
+ 0xFFFFFFF, /* Any PK alg */
+ 0xFFFFFFF, /* Any curve */
+ 1024, /* RSA-1024 and larger */
+};
+
+static const mbedtls_x509_crt_profile openvpn_x509_crt_profile_preferred =
+{
+ /* SHA-2 and above */
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
+ 0xFFFFFFF, /* Any PK alg */
+ 0xFFFFFFF, /* Any curve */
+ 2048, /* RSA-2048 and larger */
+};
+
+#define openvpn_x509_crt_profile_suiteb mbedtls_x509_crt_profile_suiteb;
void
tls_init_lib(void)
@@ -178,9 +205,10 @@ key_state_export_keying_material(struct key_state_ssl *ssl,
{
}
-void
+bool
tls_ctx_set_options(struct tls_root_ctx *ctx, unsigned int ssl_flags)
{
+ return true;
}
static const char *
@@ -251,6 +279,27 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
}
void
+tls_ctx_set_cert_profile(struct tls_root_ctx *ctx, const char *profile)
+{
+ if (!profile || 0 == strcmp(profile, "legacy"))
+ {
+ ctx->cert_profile = openvpn_x509_crt_profile_legacy;
+ }
+ else if (0 == strcmp(profile, "preferred"))
+ {
+ ctx->cert_profile = openvpn_x509_crt_profile_preferred;
+ }
+ else if (0 == strcmp(profile, "suiteb"))
+ {
+ ctx->cert_profile = openvpn_x509_crt_profile_suiteb;
+ }
+ else
+ {
+ msg (M_FATAL, "ERROR: Invalid cert profile: %s", profile);
+ }
+}
+
+void
tls_ctx_check_cert_time(const struct tls_root_ctx *ctx)
{
ASSERT(ctx);
@@ -801,9 +850,14 @@ tls_ctx_personalise_random(struct tls_root_ctx *ctx)
if (NULL != ctx->crt_chain)
{
+ const md_kt_t *sha256_kt = md_kt_get("SHA256");
mbedtls_x509_crt *cert = ctx->crt_chain;
- mbedtls_sha256(cert->tbs.p, cert->tbs.len, sha256_hash, false);
+ if (0 != md_full(sha256_kt, cert->tbs.p, cert->tbs.len, sha256_hash))
+ {
+ msg(M_WARN, "WARNING: failed to personalise random");
+ }
+
if (0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash)))
{
mbedtls_ctr_drbg_update(cd_ctx, sha256_hash, 32);
@@ -917,6 +971,8 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl,
mbedtls_ssl_conf_rng(&ks_ssl->ssl_config, mbedtls_ctr_drbg_random,
rand_ctx_get());
+ mbedtls_ssl_conf_cert_profile(&ks_ssl->ssl_config, &ssl_ctx->cert_profile);
+
if (ssl_ctx->allowed_ciphers)
{
mbedtls_ssl_conf_ciphersuites(&ks_ssl->ssl_config, ssl_ctx->allowed_ciphers);
@@ -1271,12 +1327,14 @@ print_details(struct key_state_ssl *ks_ssl, const char *prefix)
}
void
-show_available_tls_ciphers(const char *cipher_list)
+show_available_tls_ciphers(const char *cipher_list,
+ const char *tls_cert_profile)
{
struct tls_root_ctx tls_ctx;
const int *ciphers = mbedtls_ssl_list_ciphersuites();
tls_ctx_server_new(&tls_ctx);
+ tls_ctx_set_cert_profile(&tls_ctx, tls_cert_profile);
tls_ctx_restrict_ciphers(&tls_ctx, cipher_list);
if (tls_ctx.allowed_ciphers)