From ce3ca541d83aedac70b6c251c149ed91e1fb843a Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Wed, 1 Apr 2020 14:09:29 -0600 Subject: caddytls: Update cipher suite names and curve names Now using IANA-compliant names and Go 1.14's CipherSuites() function so we don't have to maintain our own mapping of currently-secure cipher suites. --- caddyconfig/httpcaddyfile/builtins.go | 2 +- modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go | 6 +-- modules/caddytls/connpolicy.go | 5 +- modules/caddytls/values.go | 60 ++++++++++------------- 4 files changed, 33 insertions(+), 40 deletions(-) diff --git a/caddyconfig/httpcaddyfile/builtins.go b/caddyconfig/httpcaddyfile/builtins.go index 9fe52a7..26a421c 100644 --- a/caddyconfig/httpcaddyfile/builtins.go +++ b/caddyconfig/httpcaddyfile/builtins.go @@ -166,7 +166,7 @@ func parseTLS(h Helper) ([]ConfigValue, error) { case "ciphers": for h.NextArg() { - if _, ok := caddytls.SupportedCipherSuites[h.Val()]; !ok { + if !caddytls.CipherSuiteNameSupported(h.Val()) { return nil, h.Errf("Wrong cipher suite name or cipher suite not supported: '%s'", h.Val()) } cp.CipherSuites = append(cp.CipherSuites, h.Val()) diff --git a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go index cff6b39..915b8df 100644 --- a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go +++ b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go @@ -274,9 +274,9 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) { env["SSL_PROTOCOL"] = v } // and pass the cipher suite in a manner compatible with apache's mod_ssl - for k, v := range caddytls.SupportedCipherSuites { - if v == r.TLS.CipherSuite { - env["SSL_CIPHER"] = k + for _, cs := range caddytls.SupportedCipherSuites() { + if cs.ID == r.TLS.CipherSuite { + env["SSL_CIPHER"] = cs.Name break } } diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go index c821811..52ccdd9 100644 --- a/modules/caddytls/connpolicy.go +++ b/modules/caddytls/connpolicy.go @@ -214,7 +214,10 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error { // add all the cipher suites in order, without duplicates cipherSuitesAdded := make(map[uint16]struct{}) for _, csName := range p.CipherSuites { - csID := SupportedCipherSuites[csName] + csID := CipherSuiteID(csName) + if csID == 0 { + return fmt.Errorf("unsupported cipher suite: %s", csName) + } if _, ok := cipherSuitesAdded[csID]; !ok { cipherSuitesAdded[csID] = struct{}{} cfg.CipherSuites = append(cfg.CipherSuites, csID) diff --git a/modules/caddytls/values.go b/modules/caddytls/values.go index 40b0de0..f0944a3 100644 --- a/modules/caddytls/values.go +++ b/modules/caddytls/values.go @@ -23,35 +23,27 @@ import ( "github.com/klauspost/cpuid" ) -// SupportedCipherSuites is the unordered map of cipher suite -// string names to their definition in crypto/tls. All values -// should be IANA-reserved names. See -// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml -// Two of the cipher suite constants in the standard lib do not use the -// full IANA name, but we do; see: -// https://github.com/golang/go/issues/32061 and -// https://github.com/golang/go/issues/30325#issuecomment-512862374. -// TODO: might not be needed much longer: https://github.com/golang/go/issues/30325 -var SupportedCipherSuites = map[string]uint16{ - "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256": tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, - "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256": tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA": tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - "TLS_RSA_WITH_AES_128_GCM_SHA256": tls.TLS_RSA_WITH_AES_128_GCM_SHA256, - "TLS_RSA_WITH_AES_256_GCM_SHA384": tls.TLS_RSA_WITH_AES_256_GCM_SHA384, - "TLS_RSA_WITH_AES_256_CBC_SHA": tls.TLS_RSA_WITH_AES_256_CBC_SHA, - "TLS_RSA_WITH_AES_128_CBC_SHA256": tls.TLS_RSA_WITH_AES_128_CBC_SHA256, - "TLS_RSA_WITH_AES_128_CBC_SHA": tls.TLS_RSA_WITH_AES_128_CBC_SHA, - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - "TLS_RSA_WITH_3DES_EDE_CBC_SHA": tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, +// CipherSuiteNameSupported returns true if name is +// a supported cipher suite. +func CipherSuiteNameSupported(name string) bool { + return CipherSuiteID(name) != 0 +} + +// CipherSuiteID returns the ID of the cipher suite associated with +// the given name, or 0 if the name is not recognized/supported. +func CipherSuiteID(name string) uint16 { + for _, cs := range SupportedCipherSuites() { + if cs.Name == name { + return cs.ID + } + } + return 0 +} + +// SupportedCipherSuites returns a list of all the cipher suites +// Caddy supports. The list is NOT ordered by security preference. +func SupportedCipherSuites() []*tls.CipherSuite { + return tls.CipherSuites() } // defaultCipherSuites is the ordered list of all the cipher @@ -92,12 +84,10 @@ func getOptimalDefaultCipherSuites() []uint16 { // SupportedCurves is the unordered map of supported curves. // https://golang.org/pkg/crypto/tls/#CurveID var SupportedCurves = map[string]tls.CurveID{ - // TODO: Use IANA names, probably? see https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - // All named crypto/elliptic curves have secpXXXr1 IANA names. - "x25519": tls.X25519, // x25519, 29 - "p256": tls.CurveP256, // secp256r1, 23 - "p384": tls.CurveP384, // secp384r1, 24 - "p521": tls.CurveP521, // secp521r1, 25 + "x25519": tls.X25519, + "secp256r1": tls.CurveP256, + "secp384r1": tls.CurveP384, + "secp521r1": tls.CurveP521, } // supportedCertKeyTypes is all the key types that are supported -- cgit v1.2.3