Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switch to BearSSL #14

Open
13 of 15 tasks
michaelforney opened this issue Apr 14, 2020 · 9 comments
Open
13 of 15 tasks

Switch to BearSSL #14

michaelforney opened this issue Apr 14, 2020 · 9 comments

Comments

@michaelforney
Copy link
Collaborator

michaelforney commented Apr 14, 2020
edited
Loading

We should try to use BearSSL whenever possible.

To do:

  • nginx
    OpenSSL code is mostly contained in one file. It seems possible, but difficult to port to libtls.
  • python
    Used by hashlib and ssl modules. hashlib has already ported. _ssl.c is over 6000 lines, though possibly could be ported to libtls.

Done:

  • catgirl
    Using libtls-bearssl.
  • curl
    Upstream in 7.68.0.
  • ffmpeg
    Using libtls-bearssl.
  • hostap
    Patched to use BearSSL digests and HMAC.
  • libfido2
    Ported to use BearSSL crypto. EdDSA is disabled for now until BearSSL has an implementation.
  • msmtp
    libtls support added upstream by @noocsharp.
  • openntpd
    Using libtls-bearssl.
  • openssh
    Ported to BearSSL (mostly). DH key exchange methods are not yet implemented.
  • pounce
    Using libtls-bearssl.
  • rsync
    Added an MD4 fallback.
  • tinyemu
    Patched to use BearSSL HMAC-SHA256 and AES-CBC.
  • transmission
    Patched to use BearSSL SHA1 and PRNG. Added an RC4 fallback.
  • acme-client
    Using libtls-bearssl, libx509cert, and BearSSL.
@noocsharp
Copy link
Contributor

If there's still interest, I have ported msmtp to libtls, and have been using it for a few days without any problems. I did not implement fingerprint based certificate verification (although it is possible, at least with SHA256), as it is deprecated and due to be removed in the next major version anyway.
Support won't make it way upstream any time soon, but my branch is available here: https://git.nihaljere.xyz/msmtp/log.html

@michaelforney
Copy link
Collaborator Author

If there's still interest, I have ported msmtp to libtls, and have been using it for a few days without any problems.

That's great!

I did not implement fingerprint based certificate verification (although it is possible, at least with SHA256), as it is deprecated and due to be removed in the next major version anyway.

Do you have a reference for that? I can see that SHA1 fingerprint is deprecated, but I don't see anything about SHA256.

Support won't make it way upstream any time soon, but my branch is available here: https://git.nihaljere.xyz/msmtp/log.html

I will take a look, thanks. On first glance it looks like good work.

@michaelforney
Copy link
Collaborator Author 

memcpy(&tci->sha256_fingerprint, sha256_fingerprint, 32);

I don't think this is quite right. According to https://man.openbsd.org/tls_conn_version.3, the format of tls_peer_cert_hash is a string SHA256:hex-fingerprint. So I think we just need to verify the prefix, and then decode the hex string into binary.

@noocsharp
Copy link
Contributor

noocsharp commented Nov 14, 2020
edited
Loading

I did not implement fingerprint based certificate verification (although it is possible, at least with SHA256), as it is deprecated and due to be removed in the next major version anyway.

Do you have a reference for that? I can see that SHA1 fingerprint is deprecated, but I don't see anything about SHA256.

There is a comment near the beginning of tlsw_check_cert that implies so. I sent an email to the Martin Lambers (the maintainer) for clarification, and you are right, only SHA1 is deprecated. I'll try to implement fingeprint verification sometime soon.

memcpy(&tci->sha256_fingerprint, sha256_fingerprint, 32);

I don't think this is quite right. According to https://man.openbsd.org/tls_conn_version.3, the format of tls_peer_cert_hash is a string SHA256:hex-fingerprint. So I think we just need to verify the prefix, and then decode the hex string into binary.

I totally missed this, thanks for pointing it out.

@noocsharp
Copy link
Contributor

Sorry for the delay in responding, but I have fixed the issue above (and a number of other ones), and libtls support is now present upstream.

@michaelforney
Copy link
Collaborator Author

Thanks so much for submitting this upstream. I just updated the msmtp version to latest git with libtls-bearssl and it seems to be working well.

Only three left to go!

@shua
Copy link

shua commented Jun 2, 2022
edited
Loading

I've banged out a proof of concept integration of libtls for nginx at https://github.com/shua/nginx/tree/tls . Is there still interest in this? Currently the code is very much a hacky addon, but I could spend more time on it to make it fit a little better and maybe upstream would accept 🤷

@tsklxiv
Copy link

tsklxiv commented Aug 14, 2022

Not related to this but what is the catgirl library? Have never heard of it before.

@thanhminhmr
Copy link

thanhminhmr commented Aug 14, 2022
edited
Loading

It is an IRC client.

@hovercats hovercats mentioned this issue May 16, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@michaelforney @shua @noocsharp @thanhminhmr @tsklxiv