Commit Graph

3868 Commits

Author SHA1 Message Date
Dirk 36134e3040 Merge branch 'dcooper16-fix_x25519' into 2.9dev 2016-11-09 21:18:39 +01:00
Dirk fc3db43948 Merge branch 'fix_x25519' of https://github.com/dcooper16/testssl.sh into dcooper16-fix_x25519 2016-11-09 21:18:09 +01:00
David Cooper a97ca32568 Extend TLS ServerHello parsing (part 3)
This PR adds parsing of the Certificate message to `parse_tls_serverhello()`. If the caller requests that the "full" response be parsed, then the Certificate message is parsed, the server's certificate is placed in $HOSTCERT and the intermediate certificates are placed in  $TEMPDIR/intermediatecerts.pem. The certificates are also added to $TMPFILE, in a manner similar to the output of `$OPENSSL s_client` when the `-showcerts` option is used.
2016-11-09 13:41:36 -05:00
David Cooper 3a68e5b937 Find more extensions in run_server_defaults()
This PR uses `tls_sockets()` to determine whether a server supports certain extensions that may not be supported by `$OPENSSL`. At the moment it checks for max_fragment_length, client_certificate_url, truncated_hmac, ALPN, signed_certificate_timestamp, encrypt_then_mac, and extended_master_secret.

In https://github.com/dcooper16/testssl.sh/blob/extended_tls_sockets/testssl.sh, `run_server_defaults()` is re-written to use `tls_sockets()` instead of `$OPENSSL`, with just one call to `$OPENSSL s_client` to get the session ticket, which reduces the dependence on `$OPENSSL`, but this PR limits the number of calls to `tls_sockets()`, which is still slow.

Note: I included ALPN in the `tls_sockets()` ClientHello since a single call to `tls_sockets()` cannot test for both NPN and ALPN, and since support for NPN was added to OpenSSL before support for ALPN was added, I figured it was more likely that `determine_tls_extensions()` had already determined whether the server supported NPN.
2016-11-08 12:36:25 -05:00
David Cooper 64a96c8388 Curve X25519 fixes for 2.9dev
This PR fixes the same issues as were fixed in PR #513, but also makes two changes to `parse_tls_serverhello()`:

* It changes the number of bits for curve X25519 from 256 to 253 to match OpenSSL.

* It removes the "ECDH, " from the "Server Temp Key: " line in order to match OpenSSL's output.
2016-11-08 10:20:48 -05:00
David Cooper 43b35b8cc2 Curve X25519 fixes
This PR fixes two issues related to curve X25519.

First, while OpenSSL 1.1.0 supports curve X25519, it is not included in the output of `$OPENSSL ecparam -list_curves`. I tried several versions of OpenSSL (and one version of LibreSSL), and every version output either "Error with command" or "unknown option" in response to `$OPENSSL s_client -curves $curve` if it either did not support the `-curves` option or did not support `$curve`. (When the `-curve` option was supported with `$curve`, a "connect" error was output.)

The second issue is that the "Server Temp Key" line in the output of `s_client` is different for curve X25519. For other elliptic curves, the output is
```
Server Temp Key: ECDH, P-256, 256 bits
```
For X25519 it is:
```
Server Temp Key: X25519, 253 bits
```
So, `read_dhbits_from_file()` needs to allow for `$what_dh` being "X25519" rather than "ECDH" and `run_pfs()` needs to allow for the possibility that the curve name will be the first field rather than the second.
2016-11-08 10:10:14 -05:00
David Cooper facf34391f Merge branch '2.9dev' into run_allciphers_sockets 2016-11-08 08:43:24 -05:00
Dirk 9ea5cf8698 minor 2016-11-07 23:52:58 +01:00
Dirk e9edc5fb5a update 2016-11-07 21:05:21 +01:00
Dirk 4f99d9d658 update 2016-11-07 21:03:45 +01:00
David Cooper 66c855f54b Merge branch '2.9dev' into run_allciphers_sockets 2016-11-07 13:50:58 -05:00
Dirk a153b71598 fixing same openssl cipher names, see #379 2016-11-06 23:00:55 +01:00
Dirk db64ea6d61 add more test info to #503 2016-11-06 22:43:42 +01:00
Dirk f5f3218e69 update 2016-11-06 21:12:57 +01:00
Dirk Wetter 21a676c2f5 Merge pull request #511 from dcooper16/client_sim_dh_bits
Use ephemeral public key in client simulations
2016-11-06 20:56:39 +01:00
Dirk 711e460cae minor polish 2016-11-06 20:39:56 +01:00
Dirk Wetter 18c4164902 Merge pull request #507 from dcooper16/tls_sockets_extra_extensions
Allow caller to provide extra extensions to tls_sockets()
2016-11-06 20:25:04 +01:00
Dirk 65c03a99ba update 2016-11-05 15:02:00 +01:00
Dirk 72ac0734d1 tolower 2016-11-05 14:55:30 +01:00
Dirk dc871030b2 reordered help 2016-11-05 13:43:55 +01:00
Dirk d521dda570 Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev 2016-11-05 12:52:24 +01:00
Dirk Wetter 41e862b3ea Update Readme.md 2016-11-05 12:41:05 +01:00
Dirk Wetter b3967f1ed2 Update Readme.md 2016-11-05 12:39:05 +01:00
Dirk Wetter 4e40ab53ab Update Readme.md 2016-11-05 12:35:16 +01:00
Dirk 4fc387ed12 Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev 2016-11-05 12:27:09 +01:00
Dirk d698005313 tolower 2016-11-05 12:26:18 +01:00
David Cooper 342a4c9e70 Use tls_sockets() in run_allciphers()
The PR changes `run_allciphers()` to use `tls_sockets()` (and `sslv2_sockets()`)rather than `$OPENSSL` unless `$SSL_NATIVE` is set or `$STARTTLS` is non-empty. Using sockets allows `run_allciphers()` to test all ciphers, rather than just those supported by `$OPENSSL`.

Using sockets results in `run_allciphers()` running more slowly, partially since it is testing more ciphers, but mostly since `tls_sockets()` is currently slower than `$OPENSSL` (as noted in #413).
2016-11-04 15:45:07 -04:00
David Cooper db1709b389 Fix alignment in run_allciphers()
This commit makes no changes to the code, it just corrects the indentation.
2016-11-04 14:27:50 -04:00
David Cooper 765b1bdf5d Use ephemeral public key in client simulations
This PR makes similar changes to `run_client_simulation()` as were made to `tls_sockets()`, so that  `run_client_simulation()` retrieves the entire server response, even if it is split across multiple packets, and it has `parse_tls_serverhello()` extract information about the server's ephemeral public key, if present.

The PR also changes `run_client_simulation()` to use information about the ephemeral public key. It includes the length of the public key in the output and, if it is a DH public key, checks that the size is within the acceptable range (`${minDhBits[i]} <= dh_bits <= ${maxDhBits[i]}`).
2016-11-04 11:51:34 -04:00
David Cooper 875eefd4fc Merge branch '2.9dev' into tls_sockets_extra_extensions
Conflicts:
	testssl.sh
2016-11-04 09:15:28 -04:00
Dirk f18a398ce3 handle better missing ca_hashes.txt 2016-11-04 08:39:14 +01:00
Dirk e8d7e16a9d handle better missing ca_hashes.txt 2016-11-04 08:35:27 +01:00
Dirk Wetter cc6da260f8 Merge pull request #508 from dcooper16/parse_tls_serverhello2
Extend TLS ServerHello parsing (part 2)
2016-11-04 07:25:38 +01:00
Dirk Wetter 1d461307be Merge pull request #503 from AlGreed/2.9dev
new pretty JSON format + severity level filter
2016-11-04 07:22:25 +01:00
AlGreed ebc1f691b9 Merge remote-tracking branch 'drwetter/2.9dev' into 2.9dev 2016-11-04 03:05:37 +01:00
AlGreed 175ead6d2a Merge remote-tracking branch 'drwetter/2.9dev' into 2.9dev 2016-11-04 02:54:56 +01:00
David Cooper a6addba038 Extend TLS ServerHello parsing (part 2)
This PR adds initial parsing of the ServerKeyExchange message to `parse_tls_serverhello()`. For ephemeral DH keys, it extracts the length of the key. For ephemeral ECDH keys that are encoded using the named_curve option, it extracts the length of the key and the name of the curve.
2016-11-03 16:14:14 -04:00
David Cooper 31eba73b36 Merge branch '2.9dev' into tls_sockets_extra_extensions 2016-11-03 14:20:20 -04:00
Dirk Wetter 04544e8423 Merge pull request #506 from dcooper16/parse_tls_serverhello1
Extend TLS ServerHello parsing (part 1)
2016-11-03 17:57:15 +01:00
Dirk Wetter 702a9d6c6b Merge pull request #505 from dcooper16/fix_499
Fix #499
2016-11-03 17:51:41 +01:00
David Cooper ed4d29e0c5 Allow caller to provide extra extensions to tls_sockets()
This PR allows the caller to provide additional extensions to `tls_sockets()` to be included in the ClientHello. If the caller provides an extension that would have already been included in the ClientHello, then the caller's value for the extension is used rather than the default value.
2016-11-03 10:49:27 -04:00
David Cooper 98aaab5e12 Extend TLS ServerHello parsing (part 1)
This PR extended `parse_tls_serverhello()` in a few ways:

* If the "full" response is to be parsed, then additional checks are performed to verify that `$tls_hello_ascii` contains the entire response

* The extensions field is parsed and the list of extensions found is placed in `$TLS_EXTENSIONS` (if the "full" response is being parsed).

* Initial support for TLS 1.3 is added:

  - Accounts for differences between TLS 1.2 ServerHello and TLS 1.3 ServerHello (as outlined in PR #499).

  - Recognizes new alerts and handshake message types.

  - Allows for server response to include message fragments of type "application data"
2016-11-03 10:18:27 -04:00
David Cooper 24cc3ae73f Fix #499
I forgot that `parse_tls_serverhello()` is also called by `client_simulation_sockets()`. Since PR #499 changed the input to `parse_tls_serverhello()`, the change needs to be made in `client_simulation_sockets()` as well.
2016-11-03 10:02:45 -04:00
Dirk Wetter a91e45035b Update Readme.md 2016-11-03 13:44:10 +01:00
Dirk Wetter 181c998c7b Update Readme.md 2016-11-03 13:42:18 +01:00
Dirk 096d723767 revert 432163cca5 2016-11-03 13:36:55 +01:00
Dirk Wetter 82dbb23cab Merge pull request #499 from dcooper16/get_full_server_response
Add option to retrieve entire server response
2016-11-03 13:12:16 +01:00
David Cooper 80d9f418d0 Merge branch '2.9dev' into get_full_server_response 2016-10-31 08:57:34 -04:00
Dirk f1d609e008 putput polish 2016-10-29 15:38:07 +02:00
Dirk Wetter 63ec369f34 output polish 2016-10-29 15:37:30 +02:00