Message ID | 20230308171850.267577-1-juliusz@wolfssl.com |
---|---|
State | Accepted |
Headers | show |
Series | [01/12] Print ciphersuites in wolfSSL | expand |
Hi, is there a timeline when someone will be able to review this patchset? Thanks. Sincerely Juliusz On 08/03/2023 18:18, Juliusz Sosinowicz wrote: > Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> > --- > src/crypto/tls_wolfssl.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c > index b4f1bbe7f..a02c92892 100644 > --- a/src/crypto/tls_wolfssl.c > +++ b/src/crypto/tls_wolfssl.c > @@ -284,6 +284,7 @@ void * tls_init(const struct tls_config *conf) > ciphers = conf->openssl_ciphers; > else > ciphers = "ALL"; > + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", ciphers); > if (wolfSSL_CTX_set_cipher_list(ssl_ctx, ciphers) != 1) { > wpa_printf(MSG_ERROR, > "wolfSSL: Failed to set cipher string '%s'", > @@ -1323,6 +1324,7 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, > return -1; > } > > + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", params->openssl_ciphers); > if (params->openssl_ciphers && > wolfSSL_set_cipher_list(conn->ssl, params->openssl_ciphers) != 1) { > wpa_printf(MSG_INFO, > @@ -1553,6 +1555,7 @@ int tls_global_set_params(void *tls_ctx, > return -1; > } > > + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", params->openssl_ciphers); > if (params->openssl_ciphers && > wolfSSL_CTX_set_cipher_list(tls_ctx, > params->openssl_ciphers) != 1) {
Thanks, applied the full series with some cleanup and fixes. The last patches in this series were quite inconvenient to review since there was a mix of refactoring and functional changes in the same patch and also cases where some FIPS cases were first removed and then re-added in a later patch in the same series. I ended up splitting those quite differently for the commit to make the real changes easier to understand. This broke the build with wolfSSL 5.2.0 which was the version I used when testing the functionality last time. I ended up adding a simple wrapper function based on the library version to try to work around that for now. I'm not sure whether 5.2.0 is considered supported anymore, so it might be fine to remove that wrapper if that is considered obsolete. In addition, I ran the full hwsim test case set with wolfSSL 5.5.4 on the STA side and OpenSSL on the AP and authentication server. The following test cases are failing likely due to some missing functionality. I did not look at the details, though. ap_wpa2_eap_fast_binary_pac ap_wpa2_eap_fast_binary_pac_errors ap_wpa2_eap_fast_cipher_suites ap_wpa2_eap_fast_eap_aka ap_wpa2_eap_fast_eap_sim ap_wpa2_eap_fast_gtc_auth_prov ap_wpa2_eap_fast_mschapv2_unauth_prov ap_wpa2_eap_fast_pac_file ap_wpa2_eap_fast_pac_lifetime ap_wpa2_eap_fast_pac_refresh ap_wpa2_eap_fast_pac_truncate ap_wpa2_eap_fast_prf_oom ap_wpa2_eap_fast_prov ap_wpa2_eap_fast_server_oom ap_wpa2_eap_fast_text_pac_errors ap_wpa2_eap_tls_ec_and_rsa ap_wpa2_eap_tls_intermediate_ca_ocsp ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked_sha1 ap_wpa2_eap_tls_rsa_and_ec ap_wpa2_eap_tls_versions ap_wpa2_eap_tls_versions_server ap_wpa2_eap_ttls_expired_cert ap_wpa2_eap_ttls_ignore_expired_cert ap_wpa2_eap_ttls_ocsp_revoked ap_wpa2_eap_ttls_ocsp_unknown ap_wpa2_eap_ttls_optional_ocsp_unknown ap_wpa2_eap_ttls_pap_check_cert_subject_neg dpp_peer_intro_failures dpp_pkex_hostapd_initiator eap_fast_proto_phase2 eap_fast_tlv_nak_oom eap_mschapv2_errors eap_proto_fast_errors eap_teap_tls_cs_sha1 eap_teap_tls_cs_sha256 eap_teap_tls_cs_sha384 fils_sk_pfs_25 openssl_ecdh_curves owe_invalid_assoc_resp sae_bignum_failure sae_no_ffc_by_default sae_password_ffc sae_pwe_failure sae_pwe_group_14 sae_pwe_group_15 sae_pwe_group_16 sae_pwe_group_23 sae_pwe_group_24 sae_pwe_group_25 sae_pwe_group_5 sae_reflection_attack_ffc sae_reflection_attack_ffc_internal sigma_dut_ap_cipher_ccmp_128 sigma_dut_ap_cipher_ccmp_256 sigma_dut_ap_cipher_ccmp_gcmp_1 sigma_dut_ap_cipher_ccmp_gcmp_2 sigma_dut_ap_cipher_gcmp_128 sigma_dut_ap_cipher_gcmp_256 sigma_dut_ap_cipher_gcmp_256_group_ccmp sigma_dut_ap_suite_b sigma_dut_eap_aka sigma_dut_eap_ttls sigma_dut_eap_ttls_uosc sigma_dut_eap_ttls_uosc_ca_mistrust sigma_dut_suite_b suite_b suite_b_192 suite_b_192_mic_failure suite_b_192_okc suite_b_192_pmkid_failure suite_b_192_pmksa_caching_roam suite_b_192_radius suite_b_192_rsa suite_b_192_rsa_dhe suite_b_192_rsa_ecdhe suite_b_192_rsa_insufficient_dh suite_b_192_rsa_insufficient_key suite_b_192_rsa_radius suite_b_192_rsa_tls_13 suite_b_mic_failure suite_b_pmkid_failure suite_b_radius
Thanks Jouni, Yes wolfSSL 5.2.0 is an older version of the library. Please use a newer release for future testing. I will make a note to take a look at the failing tests. Hopefully this is something that can be fixed with a few new functions. Sincerely Juliusz On 04/11/2023 18:01, Jouni Malinen wrote: > Thanks, applied the full series with some cleanup and fixes. The last > patches in this series were quite inconvenient to review since there was > a mix of refactoring and functional changes in the same patch and also > cases where some FIPS cases were first removed and then re-added in a > later patch in the same series. I ended up splitting those quite > differently for the commit to make the real changes easier to > understand. > > This broke the build with wolfSSL 5.2.0 which was the version I used > when testing the functionality last time. I ended up adding a simple > wrapper function based on the library version to try to work around that > for now. I'm not sure whether 5.2.0 is considered supported anymore, so > it might be fine to remove that wrapper if that is considered obsolete. > > In addition, I ran the full hwsim test case set with wolfSSL 5.5.4 on > the STA side and OpenSSL on the AP and authentication server. The > following test cases are failing likely due to some missing > functionality. I did not look at the details, though. > > ap_wpa2_eap_fast_binary_pac > ap_wpa2_eap_fast_binary_pac_errors > ap_wpa2_eap_fast_cipher_suites > ap_wpa2_eap_fast_eap_aka > ap_wpa2_eap_fast_eap_sim > ap_wpa2_eap_fast_gtc_auth_prov > ap_wpa2_eap_fast_mschapv2_unauth_prov > ap_wpa2_eap_fast_pac_file > ap_wpa2_eap_fast_pac_lifetime > ap_wpa2_eap_fast_pac_refresh > ap_wpa2_eap_fast_pac_truncate > ap_wpa2_eap_fast_prf_oom > ap_wpa2_eap_fast_prov > ap_wpa2_eap_fast_server_oom > ap_wpa2_eap_fast_text_pac_errors > ap_wpa2_eap_tls_ec_and_rsa > ap_wpa2_eap_tls_intermediate_ca_ocsp > ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked > ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked_sha1 > ap_wpa2_eap_tls_rsa_and_ec > ap_wpa2_eap_tls_versions > ap_wpa2_eap_tls_versions_server > ap_wpa2_eap_ttls_expired_cert > ap_wpa2_eap_ttls_ignore_expired_cert > ap_wpa2_eap_ttls_ocsp_revoked > ap_wpa2_eap_ttls_ocsp_unknown > ap_wpa2_eap_ttls_optional_ocsp_unknown > ap_wpa2_eap_ttls_pap_check_cert_subject_neg > dpp_peer_intro_failures > dpp_pkex_hostapd_initiator > eap_fast_proto_phase2 > eap_fast_tlv_nak_oom > eap_mschapv2_errors > eap_proto_fast_errors > eap_teap_tls_cs_sha1 > eap_teap_tls_cs_sha256 > eap_teap_tls_cs_sha384 > fils_sk_pfs_25 > openssl_ecdh_curves > owe_invalid_assoc_resp > sae_bignum_failure > sae_no_ffc_by_default > sae_password_ffc > sae_pwe_failure > sae_pwe_group_14 > sae_pwe_group_15 > sae_pwe_group_16 > sae_pwe_group_23 > sae_pwe_group_24 > sae_pwe_group_25 > sae_pwe_group_5 > sae_reflection_attack_ffc > sae_reflection_attack_ffc_internal > sigma_dut_ap_cipher_ccmp_128 > sigma_dut_ap_cipher_ccmp_256 > sigma_dut_ap_cipher_ccmp_gcmp_1 > sigma_dut_ap_cipher_ccmp_gcmp_2 > sigma_dut_ap_cipher_gcmp_128 > sigma_dut_ap_cipher_gcmp_256 > sigma_dut_ap_cipher_gcmp_256_group_ccmp > sigma_dut_ap_suite_b > sigma_dut_eap_aka > sigma_dut_eap_ttls > sigma_dut_eap_ttls_uosc > sigma_dut_eap_ttls_uosc_ca_mistrust > sigma_dut_suite_b > suite_b > suite_b_192 > suite_b_192_mic_failure > suite_b_192_okc > suite_b_192_pmkid_failure > suite_b_192_pmksa_caching_roam > suite_b_192_radius > suite_b_192_rsa > suite_b_192_rsa_dhe > suite_b_192_rsa_ecdhe > suite_b_192_rsa_insufficient_dh > suite_b_192_rsa_insufficient_key > suite_b_192_rsa_radius > suite_b_192_rsa_tls_13 > suite_b_mic_failure > suite_b_pmkid_failure > suite_b_radius >
Hi Jouni, its taken me a while but I was able to fix the failing tests. Fixing bugs and implementing new features. The large patchset I just sent passes all tests except the following: - ap_wpa2_eap_tls_ec_and_rsa - ap_wpa2_eap_tls_rsa_and_ec - wolfSSL does not support loading multiple certs into one object. This could be implemented by lazily loading the appropriate certificate by using wolfSSL_get_ciphersuite_info and wolfSSL_get_sigalg_info to determine the ciphersuite and sigalgs but this is still on the roadmap. - ap_wpa2_eap_ttls_optional_ocsp_unknown - wolfSSL does not support recovering from an OCSP error dynamically. - OCSP tests with sha256 - wolfSSL only works with sha-1 (although it can be changed to sha256 at compile time) signatures in OCSP responses. Being signature algorithm agnostic is in our backlog for a while now. The wolfSSL dev branch to use for testing is https://github.com/julek-wolfssl/wolfssl/tree/hostap. The wolfSSL configuration I used is: --enable-wpas --enable-wpas-dpp --enable-brainpool --with-eccminsz=192 --enable-tlsv10 --enable-oldtls 'CPPFLAGS=-DWOLFSSL_STATIC_RSA' Sincerely Juliusz On 04/11/2023 18:01, Jouni Malinen wrote: > Thanks, applied the full series with some cleanup and fixes. The last > patches in this series were quite inconvenient to review since there was > a mix of refactoring and functional changes in the same patch and also > cases where some FIPS cases were first removed and then re-added in a > later patch in the same series. I ended up splitting those quite > differently for the commit to make the real changes easier to > understand. > > This broke the build with wolfSSL 5.2.0 which was the version I used > when testing the functionality last time. I ended up adding a simple > wrapper function based on the library version to try to work around that > for now. I'm not sure whether 5.2.0 is considered supported anymore, so > it might be fine to remove that wrapper if that is considered obsolete. > > In addition, I ran the full hwsim test case set with wolfSSL 5.5.4 on > the STA side and OpenSSL on the AP and authentication server. The > following test cases are failing likely due to some missing > functionality. I did not look at the details, though. > > ap_wpa2_eap_fast_binary_pac > ap_wpa2_eap_fast_binary_pac_errors > ap_wpa2_eap_fast_cipher_suites > ap_wpa2_eap_fast_eap_aka > ap_wpa2_eap_fast_eap_sim > ap_wpa2_eap_fast_gtc_auth_prov > ap_wpa2_eap_fast_mschapv2_unauth_prov > ap_wpa2_eap_fast_pac_file > ap_wpa2_eap_fast_pac_lifetime > ap_wpa2_eap_fast_pac_refresh > ap_wpa2_eap_fast_pac_truncate > ap_wpa2_eap_fast_prf_oom > ap_wpa2_eap_fast_prov > ap_wpa2_eap_fast_server_oom > ap_wpa2_eap_fast_text_pac_errors > ap_wpa2_eap_tls_ec_and_rsa > ap_wpa2_eap_tls_intermediate_ca_ocsp > ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked > ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked_sha1 > ap_wpa2_eap_tls_rsa_and_ec > ap_wpa2_eap_tls_versions > ap_wpa2_eap_tls_versions_server > ap_wpa2_eap_ttls_expired_cert > ap_wpa2_eap_ttls_ignore_expired_cert > ap_wpa2_eap_ttls_ocsp_revoked > ap_wpa2_eap_ttls_ocsp_unknown > ap_wpa2_eap_ttls_optional_ocsp_unknown > ap_wpa2_eap_ttls_pap_check_cert_subject_neg > dpp_peer_intro_failures > dpp_pkex_hostapd_initiator > eap_fast_proto_phase2 > eap_fast_tlv_nak_oom > eap_mschapv2_errors > eap_proto_fast_errors > eap_teap_tls_cs_sha1 > eap_teap_tls_cs_sha256 > eap_teap_tls_cs_sha384 > fils_sk_pfs_25 > openssl_ecdh_curves > owe_invalid_assoc_resp > sae_bignum_failure > sae_no_ffc_by_default > sae_password_ffc > sae_pwe_failure > sae_pwe_group_14 > sae_pwe_group_15 > sae_pwe_group_16 > sae_pwe_group_23 > sae_pwe_group_24 > sae_pwe_group_25 > sae_pwe_group_5 > sae_reflection_attack_ffc > sae_reflection_attack_ffc_internal > sigma_dut_ap_cipher_ccmp_128 > sigma_dut_ap_cipher_ccmp_256 > sigma_dut_ap_cipher_ccmp_gcmp_1 > sigma_dut_ap_cipher_ccmp_gcmp_2 > sigma_dut_ap_cipher_gcmp_128 > sigma_dut_ap_cipher_gcmp_256 > sigma_dut_ap_cipher_gcmp_256_group_ccmp > sigma_dut_ap_suite_b > sigma_dut_eap_aka > sigma_dut_eap_ttls > sigma_dut_eap_ttls_uosc > sigma_dut_eap_ttls_uosc_ca_mistrust > sigma_dut_suite_b > suite_b > suite_b_192 > suite_b_192_mic_failure > suite_b_192_okc > suite_b_192_pmkid_failure > suite_b_192_pmksa_caching_roam > suite_b_192_radius > suite_b_192_rsa > suite_b_192_rsa_dhe > suite_b_192_rsa_ecdhe > suite_b_192_rsa_insufficient_dh > suite_b_192_rsa_insufficient_key > suite_b_192_rsa_radius > suite_b_192_rsa_tls_13 > suite_b_mic_failure > suite_b_pmkid_failure > suite_b_radius >
diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index b4f1bbe7f..a02c92892 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -284,6 +284,7 @@ void * tls_init(const struct tls_config *conf) ciphers = conf->openssl_ciphers; else ciphers = "ALL"; + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", ciphers); if (wolfSSL_CTX_set_cipher_list(ssl_ctx, ciphers) != 1) { wpa_printf(MSG_ERROR, "wolfSSL: Failed to set cipher string '%s'", @@ -1323,6 +1324,7 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, return -1; } + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", params->openssl_ciphers); if (params->openssl_ciphers && wolfSSL_set_cipher_list(conn->ssl, params->openssl_ciphers) != 1) { wpa_printf(MSG_INFO, @@ -1553,6 +1555,7 @@ int tls_global_set_params(void *tls_ctx, return -1; } + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", params->openssl_ciphers); if (params->openssl_ciphers && wolfSSL_CTX_set_cipher_list(tls_ctx, params->openssl_ciphers) != 1) {
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> --- src/crypto/tls_wolfssl.c | 3 +++ 1 file changed, 3 insertions(+)