From 50b09267d0e8423d798bdfb9b7b2c7865f682a21 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Mon, 18 Apr 2022 11:42:47 -0400 Subject: [PATCH] Try more ciphers determine_optimal_sockets_params() makes two attempts to send a TLS 1.2 ClientHello, with each attempt trying 127 ciphers. However, this leaves 97 ciphers from etc/cipher-mapping.txt that are not tried, most of which use ARIA or CAMELLIA. This commit adds a third attempt a send a ClientHello that offers these 97 remaining ciphers. This helps to ensure that support for TLS 1.2 is detected and that later calls to tls_sockets() work, even if the server only supports the ARIA/CAMELLIA ciphers that are not included in TLS12_CIPHER or TLS12_CIPHER_2ND_TRY. --- etc/tls_data.txt | 16 ++++++++++++++++ testssl.sh | 31 +++++++++++++++++++++++++++---- 2 files changed, 43 insertions(+), 4 deletions(-) diff --git a/etc/tls_data.txt b/etc/tls_data.txt index 898aa2d..e987361 100644 --- a/etc/tls_data.txt +++ b/etc/tls_data.txt @@ -45,6 +45,22 @@ c0,1c, c0,1b, c0,1a, c0,17, 00,1b, 00,93, 00,8b, 00,1f, c0,3b, c0,3a, c0,39, 00,b9, 00,b8, 00,b5, 00,b4, 00,2e, 00,2d, 00,b1, 00,b0, 00,2c, 00,3b, 00,02, 00,01, 00,ff" +# 97 less common ciphers for TLS 1.2 and SPDY/NPN HTTP2/ALPN +readonly TLS12_CIPHER_3RD_TRY=" +c0,3d, c0,3f, c0,41, c0,43, c0,45, c0,47, c0,49, c0,4b, +c0,4d, c0,4f, c0,51, c0,53, c0,55, c0,57, c0,59, c0,5b, +c0,5d, c0,5f, c0,61, c0,63, c0,65, c0,67, c0,69, c0,6b, +c0,6d, c0,6f, c0,71, c0,7b, c0,7d, c0,7f, c0,81, c0,83, +c0,85, c0,87, c0,89, c0,8b, c0,8d, c0,8f, c0,91, c0,93, +16,b7, 16,b8, 16,b9, 16,ba, c0,3c, c0,3e, c0,40, c0,42, +c0,44, c0,46, c0,48, c0,4a, c0,4c, c0,4e, c0,50, c0,52, +c0,54, c0,56, c0,58, c0,5a, c0,5c, c0,5e, c0,60, c0,62, +c0,64, c0,66, c0,68, c0,6a, c0,6c, c0,6e, c0,70, c0,7a, +c0,7c, c0,7e, c0,80, c0,82, c0,84, c0,86, c0,88, c0,8a, +c0,8c, c0,8e, c0,90, c0,92, fe,ff, ff,e0, 00,1e, 00,22, +fe,fe, ff,e1, 00,27, 00,26, 00,2a, 00,29, 00,28, 00,2b, +ff,87, 00,ff" + # 76 standard cipher + 4x GOST for SSLv3, TLS 1, TLS 1.1 readonly TLS_CIPHER=" c0,14, c0,0a, c0,22, c0,21, c0,20, 00,39, 00,38, 00,37, diff --git a/testssl.sh b/testssl.sh index 173943c..cca9650 100755 --- a/testssl.sh +++ b/testssl.sh @@ -21090,7 +21090,7 @@ sclient_auth() { # This information can be used by determine_optimal_proto() to help distinguish between a server # that is not TLS/SSL enabled and one that is not compatible with the version of OpenSSL being used. determine_optimal_sockets_params() { - local -i ret1=1 ret2=1 + local -i ret1=1 ret2=1 ret3=1 local i proto cipher_offered local all_failed=true @@ -21159,8 +21159,6 @@ determine_optimal_sockets_params() { add_proto_offered tls1_2 yes TLS12_CIPHER="$TLS12_CIPHER_2ND_TRY" all_failed=false - else - add_proto_offered tls1_2 no fi if [[ $ret2 -eq 2 ]]; then case $DETECTED_TLS_VERSION in @@ -21172,7 +21170,32 @@ determine_optimal_sockets_params() { all_failed=false fi fi - if [[ $ret1 -eq 0 ]] || [[ $ret2 -eq 0 ]]; then + # Try a third time with cipher suites not in $TLS12_CIPHER or + # $TLS12_CIPHER_2ND_TRY. If using these cipher suites results in a + # successful connection, then change $TLS12_CIPHER to these + # cipher suites so that later tests will use this list of cipher + # suites. + if [[ $ret1 -ne 0 ]] && [[ $ret2 -ne 0 ]]; then + tls_sockets "03" "$TLS12_CIPHER_3RD_TRY" + ret3=$? + if [[ $ret3 -eq 0 ]]; then + add_proto_offered tls1_2 yes + TLS12_CIPHER="$TLS12_CIPHER_3RD_TRY" + all_failed=false + else + add_proto_offered tls1_2 no + fi + if [[ $ret3 -eq 2 ]]; then + case $DETECTED_TLS_VERSION in + 0302) add_proto_offered tls1_1 yes ;; + 0301) add_proto_offered tls1 yes ;; + 0300) add_proto_offered ssl3 yes ;; + esac + [[ $ret1 -ne 2 ]] && [[ $ret2 -ne 2 ]] && TLS12_CIPHER="$TLS12_CIPHER_3RD_TRY" + all_failed=false + fi + fi + if [[ $ret1 -eq 0 ]] || [[ $ret2 -eq 0 ]] || [[ $ret3 -eq 0 ]]; then cipher_offered="$(get_cipher "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")" if [[ "$cipher_offered" == TLS_* ]] || [[ "$cipher_offered" == SSL_* ]]; then cipher_offered="$(rfc2hexcode "$cipher_offered")"