ssl: RSA key exchange is considered broken do not support by default

author: Ingela Anderton Andin <[email protected]> 2018-01-04 11:52:05 +0100
committer: Ingela Anderton Andin <[email protected]> 2018-01-16 13:45:58 +0100
commit: df5280ac94110458381594cbc8dfa3fe31898622 (patch)
tree: 722137063f727e0a53663b82e8e7dd5c02e1712a /lib/ssl/src
parent: b4801ca7a48521b51e85e8013aad4570cb3ac25a (diff)
download: otp-df5280ac94110458381594cbc8dfa3fe31898622.tar.gz
otp-df5280ac94110458381594cbc8dfa3fe31898622.tar.bz2
otp-df5280ac94110458381594cbc8dfa3fe31898622.zip
2 files changed, 28 insertions, 15 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index cd59266f9b..dba8e5a311 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -38,7 +38,7 @@
 	 cipher_init/3, decipher/6, cipher/5, decipher_aead/6, cipher_aead/6,
 	 suite/1, suites/1, all_suites/1, 
 	 ec_keyed_suites/0, anonymous_suites/1, psk_suites/1, srp_suites/0,
-	 rc4_suites/1, des_suites/1, openssl_suite/1, openssl_suite_name/1, filter/2, filter_suites/1,
+	 rc4_suites/1, des_suites/1, rsa_suites/1, openssl_suite/1, openssl_suite_name/1, filter/2, filter_suites/1,
 	 hash_algorithm/1, sign_algorithm/1, is_acceptable_hash/2, is_fallback/1,
 	 random_bytes/1, calc_mac_hash/4,
          is_stream_ciphersuite/1]).
@@ -324,7 +324,8 @@ all_suites({3, _} = Version) ->
 	++ psk_suites(Version)
 	++ srp_suites()
         ++ rc4_suites(Version)
-        ++ des_suites(Version);
+        ++ des_suites(Version)
+        ++ rsa_suites(Version);
 all_suites(Version) ->
     dtls_v1:all_suites(Version).
 
@@ -373,7 +374,6 @@ anonymous_suites(N)  when N == 0;
 %%--------------------------------------------------------------------
 psk_suites({3, N}) ->
     psk_suites(N);
-
 psk_suites(N)
   when N >= 3 ->
     [
@@ -394,7 +394,6 @@ psk_suites(N)
      ?TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
      ?TLS_PSK_WITH_AES_128_CBC_SHA256
     ] ++ psk_suites(0);
-
 psk_suites(_) ->
 	[?TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
 	 ?TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
@@ -461,6 +460,29 @@ des_suites(_)->
      ?TLS_RSA_WITH_DES_CBC_SHA].
 
 %%--------------------------------------------------------------------
+-spec rsa_suites(Version::ssl_record:ssl_version() | integer()) -> [cipher_suite()].
+%%
+%% Description: Returns a list of the RSA key exchange 
+%% cipher suites, only supported if explicitly set by user. 
+%% Are not considered secure any more. 
+%%--------------------------------------------------------------------
+rsa_suites({3, 0}) ->
+    rsa_suites(0);
+rsa_suites({3, Minor}) ->
+    rsa_suites(Minor) ++ rsa_suites(0);
+rsa_suites(0) ->
+    [?TLS_RSA_WITH_AES_256_CBC_SHA,
+     ?TLS_RSA_WITH_AES_128_CBC_SHA,
+     ?TLS_RSA_WITH_3DES_EDE_CBC_SHA
+    ];  
+rsa_suites(N) when N =< 3 ->
+    [
+     ?TLS_RSA_WITH_AES_256_GCM_SHA384,
+     ?TLS_RSA_WITH_AES_256_CBC_SHA256,
+     ?TLS_RSA_WITH_AES_128_GCM_SHA256,
+     ?TLS_RSA_WITH_AES_128_CBC_SHA256
+    ].
+%%--------------------------------------------------------------------
 -spec suite_definition(cipher_suite()) -> erl_cipher_suite().
 %%
 %% Description: Return erlang cipher suite definition.
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl
index a8fe119bf8..af3f037477 100644
--- a/lib/ssl/src/tls_v1.erl
+++ b/lib/ssl/src/tls_v1.erl
@@ -202,7 +202,6 @@ suites(Minor) when Minor == 1; Minor == 2 ->
       ?TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
       ?TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
       ?TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
-      ?TLS_RSA_WITH_AES_256_CBC_SHA,
 
       ?TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
       ?TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
@@ -210,15 +209,13 @@ suites(Minor) when Minor == 1; Minor == 2 ->
       ?TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
       ?TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
       ?TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
-      ?TLS_RSA_WITH_AES_128_CBC_SHA,
 
       ?TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
       ?TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
       ?TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
       ?TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
       ?TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
-      ?TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
-      ?TLS_RSA_WITH_3DES_EDE_CBC_SHA
+      ?TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
     ];
 suites(3) ->
     [?TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
@@ -238,8 +235,6 @@ suites(3) ->
      ?TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
      ?TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
      ?TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
-     ?TLS_RSA_WITH_AES_256_GCM_SHA384,
-     ?TLS_RSA_WITH_AES_256_CBC_SHA256,
 
      ?TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
      ?TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
@@ -253,9 +248,7 @@ suites(3) ->
      ?TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
      ?TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
      ?TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
-     ?TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
-     ?TLS_RSA_WITH_AES_128_GCM_SHA256,
-     ?TLS_RSA_WITH_AES_128_CBC_SHA256
+     ?TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
 
      %% not supported
      %% ?TLS_DH_RSA_WITH_AES_256_GCM_SHA384,
@@ -264,8 +257,6 @@ suites(3) ->
      %% ?TLS_DH_DSS_WITH_AES_128_GCM_SHA256
     ] ++ suites(2).
 
-
-
 signature_algs({3, 3}, HashSigns) ->
     CryptoSupports =  crypto:supports(),
     Hashes = proplists:get_value(hashs, CryptoSupports),
author	Ingela Anderton Andin <[email protected]>	2018-01-04 11:52:05 +0100
committer	Ingela Anderton Andin <[email protected]>	2018-01-16 13:45:58 +0100
commit	df5280ac94110458381594cbc8dfa3fe31898622 (patch)
tree	722137063f727e0a53663b82e8e7dd5c02e1712a /lib/ssl/src
parent	b4801ca7a48521b51e85e8013aad4570cb3ac25a (diff)
download	otp-df5280ac94110458381594cbc8dfa3fe31898622.tar.gz otp-df5280ac94110458381594cbc8dfa3fe31898622.tar.bz2 otp-df5280ac94110458381594cbc8dfa3fe31898622.zip