Do not allow SHA256/SHA384 ciphersuites in < TLS 1.2

2024-11-26 23:55:43 +01:00 · 2013-09-23 17:30:26 +02:00 · 2013-09-23 17:30:26 +02:00 · 915ee19887
commit 915ee19887
parent 43f9799ce6
3 changed files with 47 additions and 1 deletions
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@ -1134,6 +1134,7 @@ int ssl_parse_finished( ssl_context *ssl );
 int ssl_write_finished( ssl_context *ssl );

 void ssl_optimize_checksum( ssl_context *ssl, int ciphersuite );
+int ssl_get_ciphersuite_min_version( const int ciphersuite_id );

 #ifdef __cplusplus
 }
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -647,7 +647,8 @@ static int ssl_parse_client_hello( ssl_context *ssl )
        for( j = 0, p = buf + 41 + sess_len; j < ciph_len;
            j += 2, p += 2 )
        {
-            if( p[0] == 0 && p[1] == ssl->ciphersuites[ssl->minor_ver][i] )
+            if( p[0] == 0 && p[1] == ssl->ciphersuites[ssl->minor_ver][i] &&
+                ssl_get_ciphersuite_min_version( p[1] ) <= ssl->minor_ver )
                goto have_ciphersuite;
        }
    }
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -3521,6 +3521,50 @@ int ssl_get_ciphersuite_id( const char *ciphersuite_name )
    return( 0 );
 }

+int ssl_get_ciphersuite_min_version( const int ciphersuite_id )
+{
+    switch( ciphersuite_id )
+    {
+        case TLS_RSA_WITH_RC4_128_MD5:
+        case TLS_RSA_WITH_RC4_128_SHA:
+        case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
+        case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+        case TLS_RSA_WITH_AES_128_CBC_SHA:
+        case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
+        case TLS_RSA_WITH_AES_256_CBC_SHA:
+        case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
+        case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
+        case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
+        case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
+        case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
+        case TLS_RSA_WITH_NULL_MD5:
+        case TLS_RSA_WITH_NULL_SHA:
+        case TLS_RSA_WITH_DES_CBC_SHA:
+        case TLS_DHE_RSA_WITH_DES_CBC_SHA:
+            return SSL_MINOR_VERSION_0;
+
+        case TLS_RSA_WITH_AES_128_CBC_SHA256:
+        case TLS_RSA_WITH_AES_256_CBC_SHA256:
+        case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+        case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+        case TLS_RSA_WITH_AES_128_GCM_SHA256:
+        case TLS_RSA_WITH_AES_256_GCM_SHA384:
+        case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+        case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
+        case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+        case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+        case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+        case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+        case TLS_RSA_WITH_NULL_SHA256:
+            return SSL_MINOR_VERSION_3;
+
+        default:
+            break;
+    }
+
+    return SSL_MINOR_VERSION_0;
+}
+
 const char *ssl_get_ciphersuite( const ssl_context *ssl )
 {
    if( ssl == NULL || ssl->session == NULL )