From 34399332354b5cbc742200ef11aa33f199ba6755 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Wed, 29 May 2019 23:11:46 -0600 Subject: Implement session ticket keys; default STEK module with rotation --- modules/caddytls/tls.go | 109 +++++------------------------------------------- 1 file changed, 11 insertions(+), 98 deletions(-) (limited to 'modules/caddytls/tls.go') diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go index 29ca88e..6a9c97e 100644 --- a/modules/caddytls/tls.go +++ b/modules/caddytls/tls.go @@ -2,14 +2,12 @@ package caddytls import ( "crypto/tls" - "crypto/x509" "encoding/json" "fmt" "net/http" "bitbucket.org/lightcodelabs/caddy2" "github.com/go-acme/lego/challenge" - "github.com/klauspost/cpuid" "github.com/mholt/certmagic" ) @@ -22,8 +20,9 @@ func init() { // TLS represents a process-wide TLS configuration. type TLS struct { - Certificates map[string]json.RawMessage `json:"certificates"` - Automation AutomationConfig `json:"automation"` + Certificates map[string]json.RawMessage `json:"certificates,omitempty"` + Automation AutomationConfig `json:"automation,omitempty"` + SessionTickets SessionTicketService `json:"session_tickets,omitempty"` certificateLoaders []CertificateLoader certCache *certmagic.Cache @@ -44,6 +43,7 @@ func (t *TLS) Provision(ctx caddy2.Context) error { }, }) + // automation/management policies for i, ap := range t.Automation.Policies { val, err := ctx.LoadModuleInline("module", "tls.management", ap.Management) if err != nil { @@ -65,6 +65,12 @@ func (t *TLS) Provision(ctx caddy2.Context) error { t.certificateLoaders = append(t.certificateLoaders, val.(CertificateLoader)) } + // session ticket ephemeral keys (STEK) service and provider + err := t.SessionTickets.provision(ctx) + if err != nil { + return fmt.Errorf("provisioning session tickets configuration: %v", err) + } + return nil } @@ -110,6 +116,7 @@ func (t *TLS) Stop() error { // TODO: ensure locks are cleaned up too... maybe in certmagic though t.certCache.Stop() } + t.SessionTickets.stop() return nil } @@ -230,98 +237,4 @@ type ManagerMaker interface { newManager(interactive bool) (certmagic.Manager, error) } -// supportedCipherSuites is the unordered map of cipher suite -// string names to their definition in crypto/tls. -// TODO: might not be needed much longer, see: -// https://github.com/golang/go/issues/30325 -var supportedCipherSuites = map[string]uint16{ - "ECDHE_ECDSA_AES256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - "ECDHE_RSA_AES256_GCM_SHA384": tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - "ECDHE_ECDSA_AES128_GCM_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - "ECDHE_RSA_AES128_GCM_SHA256": tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - "ECDHE_ECDSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, - "ECDHE_RSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, - "ECDHE_RSA_AES256_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - "ECDHE_RSA_AES128_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - "ECDHE_ECDSA_AES256_CBC_SHA": tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - "ECDHE_ECDSA_AES128_CBC_SHA": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - "RSA_AES256_CBC_SHA": tls.TLS_RSA_WITH_AES_256_CBC_SHA, - "RSA_AES128_CBC_SHA": tls.TLS_RSA_WITH_AES_128_CBC_SHA, - "ECDHE_RSA_3DES_EDE_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - "RSA_3DES_EDE_CBC_SHA": tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, -} - -// defaultCipherSuites is the ordered list of all the cipher -// suites we want to support by default, assuming AES-NI -// (hardware acceleration for AES). -var defaultCipherSuitesWithAESNI = []uint16{ - tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, - tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, -} - -// defaultCipherSuites is the ordered list of all the cipher -// suites we want to support by default, assuming lack of -// AES-NI (NO hardware acceleration for AES). -var defaultCipherSuitesWithoutAESNI = []uint16{ - tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, - tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, - tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, -} - -// getOptimalDefaultCipherSuites returns an appropriate cipher -// suite to use depending on the hardware support for AES. -// -// See https://github.com/mholt/caddy/issues/1674 -func getOptimalDefaultCipherSuites() []uint16 { - if cpuid.CPU.AesNi() { - return defaultCipherSuitesWithAESNI - } - return defaultCipherSuitesWithoutAESNI -} - -// supportedCurves is the unordered map of supported curves. -// https://golang.org/pkg/crypto/tls/#CurveID -var supportedCurves = map[string]tls.CurveID{ - "X25519": tls.X25519, - "P256": tls.CurveP256, - "P384": tls.CurveP384, - "P521": tls.CurveP521, -} - -// defaultCurves is the list of only the curves we want to use -// by default, in descending order of preference. -// -// This list should only include curves which are fast by design -// (e.g. X25519) and those for which an optimized assembly -// implementation exists (e.g. P256). The latter ones can be -// found here: -// https://github.com/golang/go/tree/master/src/crypto/elliptic -var defaultCurves = []tls.CurveID{ - tls.X25519, - tls.CurveP256, -} - -// supportedProtocols is a map of supported protocols. -// HTTP/2 only supports TLS 1.2 and higher. -var supportedProtocols = map[string]uint16{ - "tls1.0": tls.VersionTLS10, - "tls1.1": tls.VersionTLS11, - "tls1.2": tls.VersionTLS12, - "tls1.3": tls.VersionTLS13, -} - -// publicKeyAlgorithms is the map of supported public key algorithms. -var publicKeyAlgorithms = map[string]x509.PublicKeyAlgorithm{ - "rsa": x509.RSA, - "dsa": x509.DSA, - "ecdsa": x509.ECDSA, -} - const automateKey = "automate" -- cgit v1.2.3