From c433cdf92349afae66c703bdacedf987f423605e Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos <nmav@redhat.com> Date: Tue, 12 Jun 2018 14:31:40 +0200 Subject: [PATCH] hmac-sha384 and sha256 ciphersuites were removed from defaults These ciphersuites are deprecated since the introduction of AEAD ciphersuites, and are only necessary for compatibility with older servers. Since older servers already support hmac-sha1 there is no reason to keep these ciphersuites enabled by default, as they increase our attack surface. Relates #456 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> --- lib/priority.c | 8 -------- tests/dtls1-2-mtu-check.c | 2 +- tests/priorities.c | 12 ++++++------ 3 files changed, 7 insertions(+), 15 deletions(-) diff --git a/lib/priority.c b/lib/priority.c index 15d7073ed3..7ce44c7cf4 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -417,8 +417,6 @@ static const int* sign_priority_secure192 = _sign_priority_secure192; static const int mac_priority_normal_default[] = { GNUTLS_MAC_SHA1, - GNUTLS_MAC_SHA256, - GNUTLS_MAC_SHA384, GNUTLS_MAC_AEAD, GNUTLS_MAC_MD5, 0 @@ -426,8 +424,6 @@ static const int mac_priority_normal_default[] = { static const int mac_priority_normal_fips[] = { GNUTLS_MAC_SHA1, - GNUTLS_MAC_SHA256, - GNUTLS_MAC_SHA384, GNUTLS_MAC_AEAD, 0 }; @@ -461,16 +457,12 @@ static const int* mac_priority_suiteb = _mac_priority_suiteb; static const int _mac_priority_secure128[] = { GNUTLS_MAC_SHA1, - GNUTLS_MAC_SHA256, - GNUTLS_MAC_SHA384, GNUTLS_MAC_AEAD, 0 }; static const int* mac_priority_secure128 = _mac_priority_secure128; static const int _mac_priority_secure192[] = { - GNUTLS_MAC_SHA256, - GNUTLS_MAC_SHA384, GNUTLS_MAC_AEAD, 0 }; diff --git a/tests/dtls1-2-mtu-check.c b/tests/dtls1-2-mtu-check.c index 66dd045cd3..47cac926a1 100644 --- a/tests/dtls1-2-mtu-check.c +++ b/tests/dtls1-2-mtu-check.c @@ -79,7 +79,7 @@ static void dtls_mtu_try(const char *name, const char *client_prio, serverx509cred); assert(gnutls_priority_set_direct(server, - "NORMAL:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519", + "NORMAL:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SHA256", NULL) >= 0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); diff --git a/tests/priorities.c b/tests/priorities.c index fc658898ff..0c423b5bae 100644 --- a/tests/priorities.c +++ b/tests/priorities.c @@ -93,23 +93,23 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers, unsi void doit(void) { - const int normal = 57; - const int null = 5; - const int sec128 = 53; + const int normal = 41; + const int null = 4; + const int sec128 = 37; #ifdef ENABLE_FIPS140 exit(77); #endif - try_prio("PFS", 42, 12, __LINE__); + try_prio("PFS", 30, 12, __LINE__); try_prio("NORMAL", normal, 12, __LINE__); try_prio("NORMAL:-MAC-ALL:+MD5:+MAC-ALL", normal, 12, __LINE__); try_prio("NORMAL:+CIPHER-ALL", normal, 12, __LINE__); /* all (except null) */ try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1, __LINE__); /* null */ try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal + null, 13, __LINE__); /* should be null + all */ - try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 8, 1, __LINE__); /* should be null + all */ + try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 4, 1, __LINE__); /* should be null + all */ try_prio("PERFORMANCE", normal, 12, __LINE__); - try_prio("SECURE256", 22, 6, __LINE__); + try_prio("SECURE256", 14, 6, __LINE__); try_prio("SECURE128", sec128, 11, __LINE__); try_prio("SECURE128:+SECURE256", sec128, 11, __LINE__); /* should be the same as SECURE128 */ try_prio("SECURE128:+SECURE256:+NORMAL", normal, 12, __LINE__); /* should be the same as NORMAL */ -- 2.18.1