Commit Graph

1330 Commits

Author SHA1 Message Date
David Cooper 96caa6c302 Merge branch 'no_pkey' of https://github.com/dcooper16/testssl.sh into no_pkey 2016-11-15 14:53:33 -05:00
David Cooper 8ad9e45acf OpenSSL 0.9.8 does not support the pkey command
The `tls_sockets()` and `sslv2_sockets()` use `get_pub_key_size()` to extract the size of the server's public key if the full response is being processed, and `get_pub_key_size()` uses `$OPENSSL pkey` to extract the server's public key from the certificate. However, OpenSSL 0.9.8 does not support the "pkey" command. This PR changes `get_pub_key_size()` to suppress the error message displayed by OpenSSL when the "pkey" command is not supported.
2016-11-15 11:32:30 -05:00
Dirk 08384920a9 Cipher mapping externalized by using David's extended mapping. Also implemented warnings
and fallback to openssl if this file cannot be found and thus sockets can't be used
2016-11-15 15:20:48 +01:00
Dirk e8ce1fcb74 emphasize that we're using sockets in run_allciphers -- unless otherwise requested 2016-11-15 13:09:41 +01:00
Dirk d4ed7466ce introducing --fast for the impatient 2016-11-15 12:59:07 +01:00
Dirk Wetter 37933d6fa1 Merge pull request #512 from dcooper16/run_allciphers_sockets
Use tls_sockets() in run_allciphers()
2016-11-15 12:54:15 +01:00
Dirk Wetter cb53723dff Merge pull request #515 from dcooper16/find_more_extensions
Find more extensions in run_server_defaults()
2016-11-15 10:24:00 +01:00
Dirk Wetter 1d995428e1 Merge pull request #517 from dcooper16/parse_tls_serverhello3
Extend TLS ServerHello parsing (part 3)
2016-11-15 08:17:48 +01:00
David Cooper 1a042d5dba Merge branch '2.9dev' into parse_tls_serverhello3 2016-11-09 17:29:20 -05:00
David Cooper 28e4984f8a Merge branch '2.9dev' into find_more_extensions 2016-11-09 17:28:32 -05:00
David Cooper 7ff9f13b12 Merge branch '2.9dev' into run_allciphers_sockets 2016-11-09 17:27:00 -05:00
Dirk Wetter 83d2bb0241 Merge pull request #514 from dcooper16/fix_x25519_2.9dev
Curve X25519 fixes for 2.9dev
2016-11-09 21:29:29 +01:00
Dirk 36134e3040 Merge branch 'dcooper16-fix_x25519' into 2.9dev 2016-11-09 21:18:39 +01:00
Dirk fc3db43948 Merge branch 'fix_x25519' of https://github.com/dcooper16/testssl.sh into dcooper16-fix_x25519 2016-11-09 21:18:09 +01:00
David Cooper a97ca32568 Extend TLS ServerHello parsing (part 3)
This PR adds parsing of the Certificate message to `parse_tls_serverhello()`. If the caller requests that the "full" response be parsed, then the Certificate message is parsed, the server's certificate is placed in $HOSTCERT and the intermediate certificates are placed in  $TEMPDIR/intermediatecerts.pem. The certificates are also added to $TMPFILE, in a manner similar to the output of `$OPENSSL s_client` when the `-showcerts` option is used.
2016-11-09 13:41:36 -05:00
David Cooper 3a68e5b937 Find more extensions in run_server_defaults()
This PR uses `tls_sockets()` to determine whether a server supports certain extensions that may not be supported by `$OPENSSL`. At the moment it checks for max_fragment_length, client_certificate_url, truncated_hmac, ALPN, signed_certificate_timestamp, encrypt_then_mac, and extended_master_secret.

In https://github.com/dcooper16/testssl.sh/blob/extended_tls_sockets/testssl.sh, `run_server_defaults()` is re-written to use `tls_sockets()` instead of `$OPENSSL`, with just one call to `$OPENSSL s_client` to get the session ticket, which reduces the dependence on `$OPENSSL`, but this PR limits the number of calls to `tls_sockets()`, which is still slow.

Note: I included ALPN in the `tls_sockets()` ClientHello since a single call to `tls_sockets()` cannot test for both NPN and ALPN, and since support for NPN was added to OpenSSL before support for ALPN was added, I figured it was more likely that `determine_tls_extensions()` had already determined whether the server supported NPN.
2016-11-08 12:36:25 -05:00
David Cooper 64a96c8388 Curve X25519 fixes for 2.9dev
This PR fixes the same issues as were fixed in PR #513, but also makes two changes to `parse_tls_serverhello()`:

* It changes the number of bits for curve X25519 from 256 to 253 to match OpenSSL.

* It removes the "ECDH, " from the "Server Temp Key: " line in order to match OpenSSL's output.
2016-11-08 10:20:48 -05:00
David Cooper 43b35b8cc2 Curve X25519 fixes
This PR fixes two issues related to curve X25519.

First, while OpenSSL 1.1.0 supports curve X25519, it is not included in the output of `$OPENSSL ecparam -list_curves`. I tried several versions of OpenSSL (and one version of LibreSSL), and every version output either "Error with command" or "unknown option" in response to `$OPENSSL s_client -curves $curve` if it either did not support the `-curves` option or did not support `$curve`. (When the `-curve` option was supported with `$curve`, a "connect" error was output.)

The second issue is that the "Server Temp Key" line in the output of `s_client` is different for curve X25519. For other elliptic curves, the output is
```
Server Temp Key: ECDH, P-256, 256 bits
```
For X25519 it is:
```
Server Temp Key: X25519, 253 bits
```
So, `read_dhbits_from_file()` needs to allow for `$what_dh` being "X25519" rather than "ECDH" and `run_pfs()` needs to allow for the possibility that the curve name will be the first field rather than the second.
2016-11-08 10:10:14 -05:00
David Cooper facf34391f Merge branch '2.9dev' into run_allciphers_sockets 2016-11-08 08:43:24 -05:00
Dirk 9ea5cf8698 minor 2016-11-07 23:52:58 +01:00
Dirk e9edc5fb5a update 2016-11-07 21:05:21 +01:00
Dirk 4f99d9d658 update 2016-11-07 21:03:45 +01:00
David Cooper 66c855f54b Merge branch '2.9dev' into run_allciphers_sockets 2016-11-07 13:50:58 -05:00
Dirk a153b71598 fixing same openssl cipher names, see #379 2016-11-06 23:00:55 +01:00
Dirk db64ea6d61 add more test info to #503 2016-11-06 22:43:42 +01:00
Dirk f5f3218e69 update 2016-11-06 21:12:57 +01:00
Dirk Wetter 21a676c2f5 Merge pull request #511 from dcooper16/client_sim_dh_bits
Use ephemeral public key in client simulations
2016-11-06 20:56:39 +01:00
Dirk 711e460cae minor polish 2016-11-06 20:39:56 +01:00
Dirk Wetter 18c4164902 Merge pull request #507 from dcooper16/tls_sockets_extra_extensions
Allow caller to provide extra extensions to tls_sockets()
2016-11-06 20:25:04 +01:00
Dirk 65c03a99ba update 2016-11-05 15:02:00 +01:00
Dirk 72ac0734d1 tolower 2016-11-05 14:55:30 +01:00
Dirk dc871030b2 reordered help 2016-11-05 13:43:55 +01:00
Dirk d521dda570 Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev 2016-11-05 12:52:24 +01:00
Dirk Wetter 41e862b3ea Update Readme.md 2016-11-05 12:41:05 +01:00
Dirk Wetter b3967f1ed2 Update Readme.md 2016-11-05 12:39:05 +01:00
Dirk Wetter 4e40ab53ab Update Readme.md 2016-11-05 12:35:16 +01:00
Dirk 4fc387ed12 Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev 2016-11-05 12:27:09 +01:00
Dirk d698005313 tolower 2016-11-05 12:26:18 +01:00
David Cooper 342a4c9e70 Use tls_sockets() in run_allciphers()
The PR changes `run_allciphers()` to use `tls_sockets()` (and `sslv2_sockets()`)rather than `$OPENSSL` unless `$SSL_NATIVE` is set or `$STARTTLS` is non-empty. Using sockets allows `run_allciphers()` to test all ciphers, rather than just those supported by `$OPENSSL`.

Using sockets results in `run_allciphers()` running more slowly, partially since it is testing more ciphers, but mostly since `tls_sockets()` is currently slower than `$OPENSSL` (as noted in #413).
2016-11-04 15:45:07 -04:00
David Cooper db1709b389 Fix alignment in run_allciphers()
This commit makes no changes to the code, it just corrects the indentation.
2016-11-04 14:27:50 -04:00
David Cooper 765b1bdf5d Use ephemeral public key in client simulations
This PR makes similar changes to `run_client_simulation()` as were made to `tls_sockets()`, so that  `run_client_simulation()` retrieves the entire server response, even if it is split across multiple packets, and it has `parse_tls_serverhello()` extract information about the server's ephemeral public key, if present.

The PR also changes `run_client_simulation()` to use information about the ephemeral public key. It includes the length of the public key in the output and, if it is a DH public key, checks that the size is within the acceptable range (`${minDhBits[i]} <= dh_bits <= ${maxDhBits[i]}`).
2016-11-04 11:51:34 -04:00
David Cooper 875eefd4fc Merge branch '2.9dev' into tls_sockets_extra_extensions
Conflicts:
	testssl.sh
2016-11-04 09:15:28 -04:00
Dirk f18a398ce3 handle better missing ca_hashes.txt 2016-11-04 08:39:14 +01:00
Dirk e8d7e16a9d handle better missing ca_hashes.txt 2016-11-04 08:35:27 +01:00
Dirk Wetter cc6da260f8 Merge pull request #508 from dcooper16/parse_tls_serverhello2
Extend TLS ServerHello parsing (part 2)
2016-11-04 07:25:38 +01:00
Dirk Wetter 1d461307be Merge pull request #503 from AlGreed/2.9dev
new pretty JSON format + severity level filter
2016-11-04 07:22:25 +01:00
AlGreed ebc1f691b9 Merge remote-tracking branch 'drwetter/2.9dev' into 2.9dev 2016-11-04 03:05:37 +01:00
AlGreed 175ead6d2a Merge remote-tracking branch 'drwetter/2.9dev' into 2.9dev 2016-11-04 02:54:56 +01:00
David Cooper a6addba038 Extend TLS ServerHello parsing (part 2)
This PR adds initial parsing of the ServerKeyExchange message to `parse_tls_serverhello()`. For ephemeral DH keys, it extracts the length of the key. For ephemeral ECDH keys that are encoded using the named_curve option, it extracts the length of the key and the name of the curve.
2016-11-03 16:14:14 -04:00
David Cooper 31eba73b36 Merge branch '2.9dev' into tls_sockets_extra_extensions 2016-11-03 14:20:20 -04:00