[PATCH 1/2] tls: remove support for RC4 cipher suites

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ard Biesheuvel <ardb@kernel.org>
To: ell@lists.01.org
Subject: [PATCH 1/2] tls: remove support for RC4 cipher suites
Date: Mon, 03 Aug 2020 12:54:48 +0200	[thread overview]
Message-ID: <20200803105449.124714-2-ardb@kernel.org> (raw)
In-Reply-To: <20200803105449.124714-1-ardb@kernel.org>

[-- Attachment #1: Type: text/plain, Size: 3512 bytes --]

The RC4 based TLS suites rely on a quirky kernel implementation (the
ecb(arc4) skcipher), are not covered by any tests, and RFC 7465, which
was issued in 2015, explicitly forbids the use of RC4 in TLS under any
circumstances.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 ell/tls-suites.c | 41 ++------------------
 unit/test-tls.c  |  3 +-
 2 files changed, 4 insertions(+), 40 deletions(-)

diff --git a/ell/tls-suites.c b/ell/tls-suites.c
index 91bc2cfe2622..7ec49a86c9ab 100644
--- a/ell/tls-suites.c
+++ b/ell/tls-suites.c
@@ -1096,11 +1096,7 @@ static struct tls_key_exchange_algorithm tls_dhe = {
 	.free_params = tls_free_dhe_params,
 };
 
-static struct tls_bulk_encryption_algorithm tls_rc4 = {
-	.cipher_type = TLS_CIPHER_STREAM,
-	.l_id = L_CIPHER_ARC4,
-	.key_length = 16,
-}, tls_aes128 = {
+static struct tls_bulk_encryption_algorithm tls_aes128 = {
 	.cipher_type = TLS_CIPHER_BLOCK,
 	.l_id = L_CIPHER_AES_CBC,
 	.key_length = 16,
@@ -1134,11 +1130,7 @@ static struct tls_bulk_encryption_algorithm tls_rc4 = {
 	.auth_tag_length = 16,
 };
 
-static struct tls_mac_algorithm tls_md5 = {
-	.id = 1,
-	.hmac_type = L_CHECKSUM_MD5,
-	.mac_length = 16,
-}, tls_sha = {
+static struct tls_mac_algorithm tls_sha = {
 	.id = 2,
 	.hmac_type = L_CHECKSUM_SHA1,
 	.mac_length = 20,
@@ -1152,23 +1144,7 @@ static struct tls_mac_algorithm tls_md5 = {
 	.mac_length = 48,
 };
 
-static struct tls_cipher_suite tls_rsa_with_rc4_128_md5 = {
-	.id = { 0x00, 0x04 },
-	.name = "TLS_RSA_WITH_RC4_128_MD5",
-	.verify_data_length = 12,
-	.encryption = &tls_rc4,
-	.mac = &tls_md5,
-	.signature = &tls_rsa_signature,
-	.key_xchg = &tls_rsa_key_xchg,
-}, tls_rsa_with_rc4_128_sha = {
-	.id = { 0x00, 0x05 },
-	.name = "TLS_RSA_WITH_RC4_128_SHA",
-	.verify_data_length = 12,
-	.encryption = &tls_rc4,
-	.mac = &tls_sha,
-	.signature = &tls_rsa_signature,
-	.key_xchg = &tls_rsa_key_xchg,
-}, tls_rsa_with_3des_ede_cbc_sha = {
+static struct tls_cipher_suite tls_rsa_with_3des_ede_cbc_sha = {
 	.id = { 0x00, 0x0a },
 	.name = "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
 	.verify_data_length = 12,
@@ -1278,14 +1254,6 @@ static struct tls_cipher_suite tls_rsa_with_rc4_128_md5 = {
 	.prf_hmac = L_CHECKSUM_SHA384,
 	.signature = &tls_rsa_signature,
 	.key_xchg = &tls_dhe,
-}, tls_ecdhe_rsa_with_rc4_128_sha = {
-	.id = { 0xc0, 0x11 },
-	.name = "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
-	.verify_data_length = 12,
-	.encryption = &tls_rc4,
-	.mac = &tls_sha,
-	.signature = &tls_rsa_signature,
-	.key_xchg = &tls_ecdhe,
 }, tls_ecdhe_rsa_with_3des_ede_cbc_sha = {
 	.id = { 0xc0, 0x12 },
 	.name = "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
@@ -1366,8 +1334,5 @@ struct tls_cipher_suite *tls_cipher_suite_pref[] = {
 	&tls_ecdhe_rsa_with_3des_ede_cbc_sha,
 	&tls_dhe_rsa_with_3des_ede_cbc_sha,
 	&tls_rsa_with_3des_ede_cbc_sha,
-	&tls_ecdhe_rsa_with_rc4_128_sha,
-	&tls_rsa_with_rc4_128_sha,
-	&tls_rsa_with_rc4_128_md5,
 	NULL,
 };
diff --git a/unit/test-tls.c b/unit/test-tls.c
index 89dcb9ad3215..9503f6b0a493 100644
--- a/unit/test-tls.c
+++ b/unit/test-tls.c
@@ -956,8 +956,7 @@ int main(int argc, char *argv[])
 	}
 
 	if (!l_cipher_is_supported(L_CIPHER_DES3_EDE_CBC) ||
-			!l_cipher_is_supported(L_CIPHER_AES_CBC) ||
-			!l_cipher_is_supported(L_CIPHER_ARC4)) {
+			!l_cipher_is_supported(L_CIPHER_AES_CBC)) {
 		printf("Needed ciphers missing, "
 				"skipping TLS connection tests...\n");
 		goto done;
-- 
2.20.1

next prev parent reply	other threads:[~2020-08-03 10:54 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-03 10:54 [PATCH 0/2] drop RC4 support Ard Biesheuvel
2020-08-03 10:54 ` Ard Biesheuvel [this message]
2020-08-03 10:54 ` [PATCH 2/2] cipher: remove obsolete arc4 support Ard Biesheuvel
2020-08-03 21:48 ` [PATCH 0/2] drop RC4 support Denis Kenzior

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:91bc2cfe262 dfblob:7ec49a86c9a dfblob:89dcb9ad321
dfblob:9503f6b0a49 )
 OR (
bs:"[PATCH 1/2] tls: remove support for RC4 cipher suites" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200803105449.124714-2-ardb@kernel.org \
    --to=ardb@kernel.org \
    --cc=ell@lists.01.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.