|
| 1 | +From b77175b8fdc694ecb93a5962f93e1bb816fe87a5 Mon Sep 17 00:00:00 2001 |
| 2 | +From: Juliusz Sosinowicz <juliusz@wolfssl.com> |
| 3 | +Date: Tue, 11 Feb 2025 13:47:33 +0100 |
| 4 | +Subject: [PATCH] wolfssl: update suiteb ciphersuites |
| 5 | + |
| 6 | +- For SUITEB128 the 128-bit strength ciphersuites should appears first in the list |
| 7 | +- Update RSA key strengths |
| 8 | +- Update ECC key strengths |
| 9 | +- Update tests to pass with wolfSSL. wolfSSL fails as soon as the key is being loaded if it doesn't match the minimum key strength requirements. |
| 10 | + |
| 11 | +Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> |
| 12 | +--- |
| 13 | + src/crypto/tls_wolfssl.c | 24 +++++++++++++++--------- |
| 14 | + tests/hwsim/test_suite_b.py | 28 ++++++++++++++++++++++++---- |
| 15 | + 2 files changed, 39 insertions(+), 13 deletions(-) |
| 16 | + |
| 17 | +diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c |
| 18 | +index 5de3c3398..3bf52d64e 100644 |
| 19 | +--- a/src/crypto/tls_wolfssl.c |
| 20 | ++++ b/src/crypto/tls_wolfssl.c |
| 21 | +@@ -248,16 +248,22 @@ static void wolfSSL_logging_cb(const int log_level, |
| 22 | + #define SUITEB_TLS13_192_CIPHERS "TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256" |
| 23 | + #define SUITEB_TLS_192_CIPHERS SUITEB_TLS13_192_CIPHERS ":" SUITEB_OLDTLS_192_CIPHERS |
| 24 | + |
| 25 | +-#define SUITEB_OLDTLS_128_CIPHERS SUITEB_OLDTLS_192_CIPHERS ":ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256" |
| 26 | +-#define SUITEB_TLS13_128_CIPHERS SUITEB_TLS13_192_CIPHERS ":TLS13-AES128-GCM-SHA256" |
| 27 | ++#define SUITEB_OLDTLS_128_CIPHERS "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:" SUITEB_OLDTLS_192_CIPHERS |
| 28 | ++#define SUITEB_TLS13_128_CIPHERS "TLS13-AES128-GCM-SHA256:" SUITEB_TLS13_192_CIPHERS |
| 29 | + #define SUITEB_TLS_128_CIPHERS SUITEB_TLS13_128_CIPHERS ":" SUITEB_OLDTLS_128_CIPHERS |
| 30 | + |
| 31 | + #define SUITEB_TLS_192_SIGALGS "ECDSA+SHA384:RSA-PSS+SHA384:RSA+SHA384" |
| 32 | +-#define SUITEB_TLS_128_SIGALGS SUITEB_TLS_192_SIGALGS ":ECDSA+SHA256:RSA-PSS+SHA256:RSA+SHA256" |
| 33 | ++#define SUITEB_TLS_128_SIGALGS "ECDSA+SHA256:RSA-PSS+SHA256:RSA+SHA256:" SUITEB_TLS_192_SIGALGS |
| 34 | + |
| 35 | + #define SUITEB_TLS_192_CURVES "P-384:P-521" |
| 36 | + #define SUITEB_TLS_128_CURVES "P-256:" SUITEB_TLS_192_CURVES |
| 37 | + |
| 38 | ++#define SUITEB_TLS_128_RSA_KEY_SZ 2048 |
| 39 | ++#define SUITEB_TLS_192_RSA_KEY_SZ 3072 |
| 40 | ++ |
| 41 | ++#define SUITEB_TLS_128_ECC_KEY_SZ 256 |
| 42 | ++#define SUITEB_TLS_192_ECC_KEY_SZ 384 |
| 43 | ++ |
| 44 | + static int handle_ciphersuites(WOLFSSL_CTX *ssl_ctx, WOLFSSL *ssl, |
| 45 | + const char *openssl_ciphers, unsigned int flags) |
| 46 | + { |
| 47 | +@@ -283,8 +289,8 @@ static int handle_ciphersuites(WOLFSSL_CTX *ssl_ctx, WOLFSSL *ssl, |
| 48 | + else |
| 49 | + ciphers = SUITEB_TLS_128_CIPHERS; |
| 50 | + sigalgs = SUITEB_TLS_128_SIGALGS; |
| 51 | +- key_sz = 2048; |
| 52 | +- ecc_key_sz = 224; |
| 53 | ++ key_sz = SUITEB_TLS_128_RSA_KEY_SZ; |
| 54 | ++ ecc_key_sz = SUITEB_TLS_128_ECC_KEY_SZ; |
| 55 | + curves = SUITEB_TLS_128_CURVES; |
| 56 | + } else if (os_strcmp(openssl_ciphers, "SUITEB192") == 0) { |
| 57 | + if (tls13only) |
| 58 | +@@ -294,8 +300,8 @@ static int handle_ciphersuites(WOLFSSL_CTX *ssl_ctx, WOLFSSL *ssl, |
| 59 | + else |
| 60 | + ciphers = SUITEB_TLS_192_CIPHERS; |
| 61 | + sigalgs = SUITEB_TLS_192_SIGALGS; |
| 62 | +- key_sz = 3072; |
| 63 | +- ecc_key_sz = 256; |
| 64 | ++ key_sz = SUITEB_TLS_192_RSA_KEY_SZ; |
| 65 | ++ ecc_key_sz = SUITEB_TLS_192_ECC_KEY_SZ; |
| 66 | + curves = SUITEB_TLS_192_CURVES; |
| 67 | + } else { |
| 68 | + ciphers = openssl_ciphers; |
| 69 | +@@ -308,8 +314,8 @@ static int handle_ciphersuites(WOLFSSL_CTX *ssl_ctx, WOLFSSL *ssl, |
| 70 | + else |
| 71 | + ciphers = SUITEB_TLS_192_CIPHERS; |
| 72 | + sigalgs = SUITEB_TLS_192_SIGALGS; |
| 73 | +- key_sz = 3072; |
| 74 | +- ecc_key_sz = 256; |
| 75 | ++ key_sz = SUITEB_TLS_192_RSA_KEY_SZ; |
| 76 | ++ ecc_key_sz = SUITEB_TLS_192_ECC_KEY_SZ; |
| 77 | + curves = SUITEB_TLS_192_CURVES; |
| 78 | + } |
| 79 | + |
| 80 | +diff --git a/tests/hwsim/test_suite_b.py b/tests/hwsim/test_suite_b.py |
| 81 | +index ddd1c2ee7..b176bb8e6 100644 |
| 82 | +--- a/tests/hwsim/test_suite_b.py |
| 83 | ++++ b/tests/hwsim/test_suite_b.py |
| 84 | +@@ -488,7 +488,16 @@ def test_suite_b_192_rsa_insufficient_key(dev, apdev): |
| 85 | + params["ca_cert"] = "auth_serv/ca.pem" |
| 86 | + params["server_cert"] = "auth_serv/server.pem" |
| 87 | + params["private_key"] = "auth_serv/server.key" |
| 88 | +- hapd = hostapd.add_ap(apdev[0], params) |
| 89 | ++ |
| 90 | ++ try: |
| 91 | ++ hapd = hostapd.add_ap(apdev[0], params) |
| 92 | ++ except Exception as e: |
| 93 | ++ hapd = hostapd.add_ap(apdev[0], suite_b_192_rsa_ap_params()) |
| 94 | ++ tls = hapd.request("GET tls_library") |
| 95 | ++ if tls.startswith("wolfSSL"): |
| 96 | ++ # wolfSSL fails immediately during key loading with too short key |
| 97 | ++ return |
| 98 | ++ raise |
| 99 | + |
| 100 | + dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192", |
| 101 | + ieee80211w="2", |
| 102 | +@@ -505,6 +514,8 @@ def test_suite_b_192_rsa_insufficient_key(dev, apdev): |
| 103 | + raise Exception("Certificate error not reported") |
| 104 | + if "reason=11" in ev and "err='Insufficient RSA modulus size'" in ev: |
| 105 | + return |
| 106 | ++ if "reason=11" in ev and "err='RSA key too small'" in ev: |
| 107 | ++ return |
| 108 | + if "reason=7" in ev and "err='certificate uses insecure algorithm'" in ev: |
| 109 | + return |
| 110 | + raise Exception("Unexpected error reason: " + ev) |
| 111 | +@@ -516,7 +527,15 @@ def test_suite_b_192_rsa_insufficient_dh(dev, apdev): |
| 112 | + params = suite_b_192_rsa_ap_params() |
| 113 | + params["tls_flags"] = "[SUITEB-NO-ECDH]" |
| 114 | + params["dh_file"] = "auth_serv/dh.conf" |
| 115 | +- hapd = hostapd.add_ap(apdev[0], params) |
| 116 | ++ try: |
| 117 | ++ hapd = hostapd.add_ap(apdev[0], params) |
| 118 | ++ except: |
| 119 | ++ hapd = hostapd.add_ap(apdev[0], suite_b_192_rsa_ap_params()) |
| 120 | ++ tls = hapd.request("GET tls_library") |
| 121 | ++ if tls.startswith("wolfSSL"): |
| 122 | ++ # wolfSSL fails immediately during key loading with too short key |
| 123 | ++ return |
| 124 | ++ raise |
| 125 | + |
| 126 | + dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192", |
| 127 | + ieee80211w="2", |
| 128 | +@@ -528,14 +547,15 @@ def test_suite_b_192_rsa_insufficient_dh(dev, apdev): |
| 129 | + pairwise="GCMP-256", group="GCMP-256", scan_freq="2412", |
| 130 | + wait_connect=False) |
| 131 | + ev = dev[0].wait_event(["CTRL-EVENT-EAP-STATUS status='local TLS alert'", |
| 132 | +- "CTRL-EVENT-CONNECTED"], |
| 133 | ++ "CTRL-EVENT-CONNECTED", "CTRL-EVENT-EAP-FAILURE"], |
| 134 | + timeout=10) |
| 135 | + dev[0].request("DISCONNECT") |
| 136 | + if ev is None: |
| 137 | + raise Exception("DH error not reported") |
| 138 | + if "CTRL-EVENT-CONNECTED" in ev: |
| 139 | + raise Exception("Unexpected connection") |
| 140 | +- if "insufficient security" not in ev and "internal error" not in ev: |
| 141 | ++ if "insufficient security" not in ev and "internal error" not in ev \ |
| 142 | ++ and "authentication failed" not in ev: |
| 143 | + raise Exception("Unexpected error reason: " + ev) |
| 144 | + |
| 145 | + def test_suite_b_192_rsa_radius(dev, apdev): |
| 146 | +-- |
| 147 | +2.43.0 |
| 148 | + |
0 commit comments