From nobody Fri Apr 26 16:08:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+48184+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+48184+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1569555889; cv=none; d=zoho.com; s=zohoarc; b=VV3ErBY1FtXAhH8rZQcLBj9mHZmxN4tgwUEG/heSSqc0TLo55TWJQ73nMtmHxoH53m77xTSQNw+MY6X3yYO2COAxsOeD2Bqrc6UYiYy55sG6zE2cbvkimq6RjRQxdSH5GNXYl8FmIFPPeGMan3Ak9vXqw4DeWGviCztAn/JBOH8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1569555889; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=gLwp39F7tDRnV1CUUIY8UlR3lhXDH8G8zsLVJ45nKXA=; b=A2iYiwLyxMLm40LXG1LKJrzBblb3wH4HJdBzwJOrxf0v8mPC4WThRk0tQaUUDgyPgrnN4+zqA/GITwlatw04C0vdl08b6yzpxpIEG77TaoWSyDYgWoRLvRB7AXHRgFFtiyXdzk+4XA6TGyvYVC6WSQHxs89iPhSU50kaDzZPyYA= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+48184+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 156955588960383.34119039789425; Thu, 26 Sep 2019 20:44:49 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id Hv4wYY1788612xiZ6cO2kbZL; Thu, 26 Sep 2019 20:44:48 -0700 X-Received: from mga05.intel.com (mga05.intel.com []) by groups.io with SMTP; Thu, 26 Sep 2019 20:44:48 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2019 20:44:48 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,553,1559545200"; d="scan'208";a="204074800" X-Received: from jiaxinwu-mobl.ccr.corp.intel.com ([10.239.192.205]) by fmsmga001.fm.intel.com with ESMTP; 26 Sep 2019 20:44:47 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Wu Jiaxin Subject: [edk2-devel] [PATCH v1 1/4] MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost(CVE-2019-14553) Date: Fri, 27 Sep 2019 11:44:38 +0800 Message-Id: <20190927034441.3096-2-Jiaxin.wu@intel.com> In-Reply-To: <20190927034441.3096-1-Jiaxin.wu@intel.com> References: <20190927034441.3096-1-Jiaxin.wu@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiaxin.wu@intel.com X-Gm-Message-State: CJc6Ee3Ma7TPFgAePYoibXxVx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1569555888; bh=hGj8Leao76c8s/iPVYe2W0PSFeo41mteWB458bEBiQ8=; h=Cc:Date:From:Reply-To:Subject:To; b=iIuIRLm37wvfkm9CgxVL97zmahbfsj9k194ndTq/VBXpmxKw5oLK1mmDpECL5s+fVgW lThEtlrQWfr7iSQ7udwAY8TsGZYEjzpnT0qNUH0rzOoXxzACupo3wQWwaYXlifHXLHYa0 gUa6YWkOiH/gand9QeMgG4r1ogsH8fq6P2o= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D960 CVE: CVE-2019-14553 In the patch, we add the new data type named "EfiTlsVerifyHost" and the EFI_TLS_VERIFY_HOST_FLAG for the TLS protocol consumer (HTTP) to enable the host name check so as to avoid the potential Man-In-The-Middle attack. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wu Jiaxin Reviewed-by: Ye Ting Reviewed-by: Long Qin Reviewed-by: Fu Siyuan Acked-by: Laszlo Ersek Tested-by: Laszlo Ersek --- MdePkg/Include/Protocol/Tls.h | 68 +++++++++++++++++++++++++++++------ 1 file changed, 57 insertions(+), 11 deletions(-) diff --git a/MdePkg/Include/Protocol/Tls.h b/MdePkg/Include/Protocol/Tls.h index bf1b6727a1..af524ae2a6 100644 --- a/MdePkg/Include/Protocol/Tls.h +++ b/MdePkg/Include/Protocol/Tls.h @@ -39,14 +39,10 @@ typedef struct _EFI_TLS_PROTOCOL EFI_TLS_PROTOCOL; =20 /// /// EFI_TLS_SESSION_DATA_TYPE /// typedef enum { - /// - /// Session Configuration - /// - /// /// TLS session Version. The corresponding Data is of type EFI_TLS_VERSI= ON. /// EfiTlsVersion, /// @@ -84,15 +80,10 @@ typedef enum { /// /// TLS session data session state. /// The corresponding Data is of type EFI_TLS_SESSION_STATE. /// EfiTlsSessionState, - - /// - /// Session information - /// - /// /// TLS session data client random. /// The corresponding Data is of type EFI_TLS_RANDOM. /// EfiTlsClientRandom, @@ -104,13 +95,19 @@ typedef enum { /// /// TLS session data key material. /// The corresponding Data is of type EFI_TLS_MASTER_SECRET. /// EfiTlsKeyMaterial, + /// + /// TLS session hostname for validation which is used to verify whether = the name + /// within the peer certificate matches a given host name. + /// This parameter is invalid when EfiTlsVerifyMethod is EFI_TLS_VERIFY_= NONE. + /// The corresponding Data is of type EFI_TLS_VERIFY_HOST. + /// + EfiTlsVerifyHost, =20 EfiTlsSessionDataTypeMaximum - } EFI_TLS_SESSION_DATA_TYPE; =20 /// /// EFI_TLS_VERSION /// Note: The TLS version definition is from SSL3.0 to the latest TLS (e.g= . 1.2). @@ -176,19 +173,68 @@ typedef UINT32 EFI_TLS_VERIFY; /// The TLS/SSL handshake is immediately terminated with an alert message = containing /// the reason for the certificate verification failure. /// #define EFI_TLS_VERIFY_PEER 0x1 /// -/// TLS session will fail peer certificate is absent. +/// EFI_TLS_VERIFY_FAIL_IF_NO_PEER_CERT is only meaningful in the server m= ode. +/// TLS session will fail if client certificate is absent. /// #define EFI_TLS_VERIFY_FAIL_IF_NO_PEER_CERT 0x2 /// /// TLS session only verify client once, and doesn't request certificate d= uring /// re-negotiation. /// #define EFI_TLS_VERIFY_CLIENT_ONCE 0x4 =20 +/// +/// EFI_TLS_VERIFY_HOST_FLAG +/// +typedef UINT32 EFI_TLS_VERIFY_HOST_FLAG; +/// +/// There is no additional flags set for hostname validation. +/// Wildcards are supported and they match only in the left-most label. +/// +#define EFI_TLS_VERIFY_FLAG_NONE 0x00 +/// +/// Always check the Subject Distinguished Name (DN) in the peer certifica= te even if the +/// certificate contains Subject Alternative Name (SAN). +/// +#define EFI_TLS_VERIFY_FLAG_ALWAYS_CHECK_SUBJECT 0x01 +/// +/// Disable the match of all wildcards. +/// +#define EFI_TLS_VERIFY_FLAG_NO_WILDCARDS 0x02 +/// +/// Disable the "*" as wildcard in labels that have a prefix or suffix (e.= g. "www*" or "*www"). +/// +#define EFI_TLS_VERIFY_FLAG_NO_PARTIAL_WILDCARDS 0x04 +/// +/// Allow the "*" to match more than one labels. Otherwise, only matches a= single label. +/// +#define EFI_TLS_VERIFY_FLAG_MULTI_LABEL_WILDCARDS 0x08 +/// +/// Restrict to only match direct child sub-domains which start with ".". +/// For example, a name of ".example.com" would match "www.example.com" wi= th this flag, +/// but would not match "www.sub.example.com". +/// +#define EFI_TLS_VERIFY_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10 +/// +/// Never check the Subject Distinguished Name (DN) even there is no +/// Subject Alternative Name (SAN) in the certificate. +/// +#define EFI_TLS_VERIFY_FLAG_NEVER_CHECK_SUBJECT 0x20 + +/// +/// EFI_TLS_VERIFY_HOST +/// +#pragma pack (1) +typedef struct { + EFI_TLS_VERIFY_HOST_FLAG Flags; + CHAR8 *HostName; +} EFI_TLS_VERIFY_HOST; +#pragma pack () + /// /// EFI_TLS_RANDOM /// Note: The definition of EFI_TLS_RANDOM is from "RFC 5246 A.4.1. /// Hello Messages". /// --=20 2.17.1.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#48184): https://edk2.groups.io/g/devel/message/48184 Mute This Topic: https://groups.io/mt/34307579/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 16:08:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+48185+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+48185+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1569555890; cv=none; d=zoho.com; s=zohoarc; b=MemIxEAAeDYi8okViK2Y8SzbM5SpzlnTcY15cxfhha/AwczdLyJj2fIEuyndKZx3J6jpXv5ne8DzQkyD9qOr0hV9xnIq3nXWhH6/Wip/ddkXNsgTZg6J6b0nCVsDp6y9t5h8WoJJYzqCpPdtq3lh9yDzQMI0591HFW+OG1n1JB4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1569555890; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=QkvipLR0PKt5C9oHdTLYfDUqXbkw9TI/BRPXe/nHh7U=; b=bXHiVfPkEh6m6X65cG8eWEzZ+R4D6NlDZr8FgVjS46Lb2kiPWtwy/mVb9oOUgYPT56G9DdAhafSMrNqrMo1IoqHMDYctahOCeyWemaHNOCIvaa+u8+QlbnpWKwIPQGJAxXXSl6ZGzI/Y4i5JOoG99qgAbj2yWGZ0huWFxIXKUiI= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+48185+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1569555890219561.4226954262421; Thu, 26 Sep 2019 20:44:50 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id ku9JYY1788612xYoaTVTidbj; Thu, 26 Sep 2019 20:44:49 -0700 X-Received: from mga05.intel.com (mga05.intel.com []) by groups.io with SMTP; Thu, 26 Sep 2019 20:44:48 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2019 20:44:48 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,553,1559545200"; d="scan'208";a="204074804" X-Received: from jiaxinwu-mobl.ccr.corp.intel.com ([10.239.192.205]) by fmsmga001.fm.intel.com with ESMTP; 26 Sep 2019 20:44:48 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Wu Jiaxin Subject: [edk2-devel] [PATCH v1 2/4] CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost"(CVE-2019-14553) Date: Fri, 27 Sep 2019 11:44:39 +0800 Message-Id: <20190927034441.3096-3-Jiaxin.wu@intel.com> In-Reply-To: <20190927034441.3096-1-Jiaxin.wu@intel.com> References: <20190927034441.3096-1-Jiaxin.wu@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiaxin.wu@intel.com X-Gm-Message-State: 1ZI8limVzsKILdI2iYtTHp0ux1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1569555889; bh=rpdgo2M/JfsssGY7wl36koTmQdoogayL8NeVaivfNJc=; h=Cc:Date:From:Reply-To:Subject:To; b=VMUAY6wYno8iXzWr8u9yV35YKNcJcZXCNWaLbWfRgJP1q2cmVhJoXiGCgLmywCftKlo 6EUA5GuokDtZQxKOcO8R4hftYu29l8ikJbzzUglb5cTqb55MPWVNYo+j++I6nL/rIOEK5 p8Xst8NSYfgufe9Po8s2QHNuk+dVJ3yf6ds= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D960 CVE: CVE-2019-14553 In the patch, we add the new API "TlsSetVerifyHost" for the TLS protocol to set the specified host name that need to be verified. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wu Jiaxin Reviewed-by: Ye Ting Reviewed-by: Long Qin Reviewed-by: Fu Siyuan Acked-by: Laszlo Ersek Tested-by: Laszlo Ersek --- CryptoPkg/Include/Library/TlsLib.h | 20 +++++++++++++++ CryptoPkg/Library/TlsLib/TlsConfig.c | 38 +++++++++++++++++++++++++++- 2 files changed, 57 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Include/Library/TlsLib.h b/CryptoPkg/Include/Library= /TlsLib.h index 9875cb6e74..3af7d4bc09 100644 --- a/CryptoPkg/Include/Library/TlsLib.h +++ b/CryptoPkg/Include/Library/TlsLib.h @@ -394,10 +394,30 @@ EFIAPI TlsSetVerify ( IN VOID *Tls, IN UINT32 VerifyMode ); =20 +/** + Set the specified host name to be verified. + + @param[in] Tls Pointer to the TLS object. + @param[in] Flags The setting flags during the validation. + @param[in] HostName The specified host name to be verified. + + @retval EFI_SUCCESS The HostName setting was set successfully. + @retval EFI_INVALID_PARAMETER The parameter is invalid. + @retval EFI_ABORTED Invalid HostName setting. + +**/ +EFI_STATUS +EFIAPI +TlsSetVerifyHost ( + IN VOID *Tls, + IN UINT32 Flags, + IN CHAR8 *HostName + ); + /** Sets a TLS/SSL session ID to be used during TLS/SSL connect. =20 This function sets a session ID to be used when the TLS/SSL connection is to be established. diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLi= b/TlsConfig.c index 74b577d60e..2bf5aee7c0 100644 --- a/CryptoPkg/Library/TlsLib/TlsConfig.c +++ b/CryptoPkg/Library/TlsLib/TlsConfig.c @@ -1,9 +1,9 @@ /** @file SSL/TLS Configuration Library Wrapper Implementation over OpenSSL. =20 -Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.
(C) Copyright 2016 Hewlett Packard Enterprise Development LP
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 @@ -495,10 +495,46 @@ TlsSetVerify ( // Set peer certificate verification parameters with NULL callback. // SSL_set_verify (TlsConn->Ssl, VerifyMode, NULL); } =20 +/** + Set the specified host name to be verified. + + @param[in] Tls Pointer to the TLS object. + @param[in] Flags The setting flags during the validation. + @param[in] HostName The specified host name to be verified. + + @retval EFI_SUCCESS The HostName setting was set successfully. + @retval EFI_INVALID_PARAMETER The parameter is invalid. + @retval EFI_ABORTED Invalid HostName setting. + +**/ +EFI_STATUS +EFIAPI +TlsSetVerifyHost ( + IN VOID *Tls, + IN UINT32 Flags, + IN CHAR8 *HostName + ) +{ + TLS_CONNECTION *TlsConn; + + TlsConn =3D (TLS_CONNECTION *) Tls; + if (TlsConn =3D=3D NULL || TlsConn->Ssl =3D=3D NULL || HostName =3D=3D N= ULL) { + return EFI_INVALID_PARAMETER; + } + + SSL_set_hostflags(TlsConn->Ssl, Flags); + + if (SSL_set1_host(TlsConn->Ssl, HostName) =3D=3D 0) { + return EFI_ABORTED; + } + + return EFI_SUCCESS; +} + /** Sets a TLS/SSL session ID to be used during TLS/SSL connect. =20 This function sets a session ID to be used when the TLS/SSL connection is to be established. --=20 2.17.1.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#48185): https://edk2.groups.io/g/devel/message/48185 Mute This Topic: https://groups.io/mt/34307580/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 16:08:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+48186+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+48186+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1569555890; cv=none; d=zoho.com; s=zohoarc; b=IIdYnRrksvTB3AB0rvrCsYY2NaVSXIrl5DbxFkBIMhbyCdslztAAjGt6fqx5kNhw7y4zX09br616HfGtdKuMGSy2H+ZzWDK6vIByD8UUSmr/WAQSFfgGaJJZpJ1z/Rf1kg3nhnLOdeRK+y57fcRXN2GgkH0Qu2Wd9E0CGq7c+hA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1569555890; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=b+6BOjgUAlctxODPvI27PYTPpIKzGQcqeqlFKemCyxQ=; b=B22EozEvAWbWfq118aMlWPJbABoheWgPRCf+sKtYn6bP9jAx6jrvYFS9jtzH++EnDry8BB16+O008msXr9YByXAh5Oma9ETHS54c263rtzFdRGg6MxzMj2UM1N+8iBUwTIOfvGSY4Khm7wv5bb/wkMUwbn/zi25kS8rJWkOjbs8= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+48186+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1569555890597401.8989187338077; Thu, 26 Sep 2019 20:44:50 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id bh4uYY1788612xE3pw0U8qiQ; Thu, 26 Sep 2019 20:44:50 -0700 X-Received: from mga05.intel.com (mga05.intel.com []) by groups.io with SMTP; Thu, 26 Sep 2019 20:44:49 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2019 20:44:49 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,553,1559545200"; d="scan'208";a="204074807" X-Received: from jiaxinwu-mobl.ccr.corp.intel.com ([10.239.192.205]) by fmsmga001.fm.intel.com with ESMTP; 26 Sep 2019 20:44:48 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Wu Jiaxin Subject: [edk2-devel] [PATCH v1 3/4] NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe driver(CVE-2019-14553) Date: Fri, 27 Sep 2019 11:44:40 +0800 Message-Id: <20190927034441.3096-4-Jiaxin.wu@intel.com> In-Reply-To: <20190927034441.3096-1-Jiaxin.wu@intel.com> References: <20190927034441.3096-1-Jiaxin.wu@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiaxin.wu@intel.com X-Gm-Message-State: 5pdLwIA2B8wRR0jpj2ni7Kmsx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1569555890; bh=7QnFtSR2ZIlgBQLotPKNAqxEmQsYFuirf5TldXNqKLo=; h=Cc:Date:From:Reply-To:Subject:To; b=H9p+2U/r35x43ynLt5BXwQ6Krqk38Xsi/QY2SrZ0xQv9Hb74EDTqdSKF/Z/xeTh76GB H3o54zegE8b7izJp4ReJhAtkjRJVnC2Mdd5RTmeHVgpZxdwdd5SE1jRRYf6DhadMYrmoR PYYuM9nDWMCx3m+QvDyosMTkhuJcqDMi+Wk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D960 CVE: CVE-2019-14553 The new data type named "EfiTlsVerifyHost" and the EFI_TLS_VERIFY_HOST_FLAG are supported in TLS protocol. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wu Jiaxin Reviewed-by: Ye Ting Reviewed-by: Long Qin Reviewed-by: Fu Siyuan Acked-by: Laszlo Ersek Tested-by: Laszlo Ersek --- NetworkPkg/TlsDxe/TlsProtocol.c | 44 ++++++++++++++++++++++++++++++--- 1 file changed, 41 insertions(+), 3 deletions(-) diff --git a/NetworkPkg/TlsDxe/TlsProtocol.c b/NetworkPkg/TlsDxe/TlsProtoco= l.c index a7a993fc6f..001e5400d0 100644 --- a/NetworkPkg/TlsDxe/TlsProtocol.c +++ b/NetworkPkg/TlsDxe/TlsProtocol.c @@ -1,9 +1,9 @@ /** @file Implementation of EFI TLS Protocol Interfaces. =20 - Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
+ Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.
=20 SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 @@ -54,16 +54,20 @@ TlsSetSessionData ( EFI_STATUS Status; TLS_INSTANCE *Instance; UINT16 *CipherId; CONST EFI_TLS_CIPHER *TlsCipherList; UINTN CipherCount; + CONST EFI_TLS_VERIFY_HOST *TlsVerifyHost; + EFI_TLS_VERIFY VerifyMethod; + UINTN VerifyMethodSize; UINTN Index; =20 EFI_TPL OldTpl; =20 - Status =3D EFI_SUCCESS; - CipherId =3D NULL; + Status =3D EFI_SUCCESS; + CipherId =3D NULL; + VerifyMethodSize =3D sizeof (EFI_TLS_VERIFY); =20 if (This =3D=3D NULL || Data =3D=3D NULL || DataSize =3D=3D 0) { return EFI_INVALID_PARAMETER; } =20 @@ -146,10 +150,44 @@ TlsSetSessionData ( Status =3D EFI_INVALID_PARAMETER; goto ON_EXIT; } =20 TlsSetVerify (Instance->TlsConn, *((UINT32 *) Data)); + break; + case EfiTlsVerifyHost: + if (DataSize !=3D sizeof (EFI_TLS_VERIFY_HOST)) { + Status =3D EFI_INVALID_PARAMETER; + goto ON_EXIT; + } + + TlsVerifyHost =3D (CONST EFI_TLS_VERIFY_HOST *) Data; + + if ((TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_ALWAYS_CHECK_SUBJECT) = !=3D 0 && + (TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_NEVER_CHECK_SUBJECT) != =3D 0) { + Status =3D EFI_INVALID_PARAMETER; + goto ON_EXIT; + } + + if ((TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_NO_WILDCARDS) !=3D 0 && + ((TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_NO_PARTIAL_WILDCARDS)= !=3D 0 || + (TlsVerifyHost->Flags & EFI_TLS_VERIFY_FLAG_MULTI_LABEL_WILDCARDS= ) !=3D 0)) { + Status =3D EFI_INVALID_PARAMETER; + goto ON_EXIT; + } + + Status =3D This->GetSessionData (This, EfiTlsVerifyMethod, &VerifyMeth= od, &VerifyMethodSize); + if (EFI_ERROR (Status)) { + goto ON_EXIT; + } + + if ((VerifyMethod & EFI_TLS_VERIFY_PEER) =3D=3D 0) { + Status =3D EFI_INVALID_PARAMETER; + goto ON_EXIT; + } + + Status =3D TlsSetVerifyHost (Instance->TlsConn, TlsVerifyHost->Flags, = TlsVerifyHost->HostName); + break; case EfiTlsSessionID: if (DataSize !=3D sizeof (EFI_TLS_SESSION_ID)) { Status =3D EFI_INVALID_PARAMETER; goto ON_EXIT; --=20 2.17.1.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#48186): https://edk2.groups.io/g/devel/message/48186 Mute This Topic: https://groups.io/mt/34307581/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 16:08:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+48187+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+48187+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1569555891; cv=none; d=zoho.com; s=zohoarc; b=el1jCZa7Kr+XpNn6A+k6PBvEaABuYcH3yvn9x8BXWncieNAMR4j+Lnir6uXQOnRq/Mfowo3hzE0BGxS7vtAiYDDFMoSjPoWvEX6Bh6iQ2LwThpfwXlxJ7GjEbqnwSaUnXdFfrVdgVXaCXu3uIMRJLcBjRJoWycbuQzFaLqPZ8zk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1569555891; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=B5CYhdi8A/KvuiP8z8Z0z8velBG9xegYdSr/sL7Nc2I=; b=GlMfJQp+k2FvPNumQTMdqB54sjDTuJ1554XBT1vbrbS6kRV/pmF2KAmSt7d6qLq8tln1rbYryFmdKRna2nQy2++VTmUp8Xh5cTwjTQTgO/6Cp/WzTM9xs1V+/An6lx7JneB4q043Rm18HtSPmPiJTqF9Paxr+03uwKY6o49VJAE= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+48187+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1569555891465552.484290697088; Thu, 26 Sep 2019 20:44:51 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id mWnjYY1788612xlfd2KGUWd4; Thu, 26 Sep 2019 20:44:51 -0700 X-Received: from mga05.intel.com (mga05.intel.com []) by groups.io with SMTP; Thu, 26 Sep 2019 20:44:50 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2019 20:44:50 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,553,1559545200"; d="scan'208";a="204074810" X-Received: from jiaxinwu-mobl.ccr.corp.intel.com ([10.239.192.205]) by fmsmga001.fm.intel.com with ESMTP; 26 Sep 2019 20:44:49 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Wu Jiaxin Subject: [edk2-devel] [PATCH v1 4/4] NetworkPkg/HttpDxe: Set the HostName for the verification(CVE-2019-14553) Date: Fri, 27 Sep 2019 11:44:41 +0800 Message-Id: <20190927034441.3096-5-Jiaxin.wu@intel.com> In-Reply-To: <20190927034441.3096-1-Jiaxin.wu@intel.com> References: <20190927034441.3096-1-Jiaxin.wu@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jiaxin.wu@intel.com X-Gm-Message-State: mFX2wB9N3O5CArVinAHG2zbox1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1569555891; bh=lopvps660ZndrUz2rFtQoa9eyJJCKUugrluSdIgWW8E=; h=Cc:Date:From:Reply-To:Subject:To; b=HR4gmhmaBqnS7VZrAesGTlVjaM43/lwlftSbiKYOvdK70Q8aYdboo0AtvEkld13+9LN oGau2WBJS+mXmABxQXpiVcElznusoTzB4eVMysLRYz9SinixUci3fZwckyVUNCxfBz5ZN nVt2x5weiWIOZJWhOILiu36FWSXvUgt2Fj4= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D960 CVE: CVE-2019-14553 Set the HostName by consuming TLS protocol to enable the host name check so as to avoid the potential Man-In-The-Middle attack. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wu Jiaxin Reviewed-by: Ye Ting Reviewed-by: Long Qin Reviewed-by: Fu Siyuan Acked-by: Laszlo Ersek Tested-by: Laszlo Ersek --- NetworkPkg/HttpDxe/HttpProto.h | 1 + NetworkPkg/HttpDxe/HttpsSupport.c | 21 +++++++++++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpProto.h b/NetworkPkg/HttpDxe/HttpProto.h index 6e1f51748a..34308e016d 100644 --- a/NetworkPkg/HttpDxe/HttpProto.h +++ b/NetworkPkg/HttpDxe/HttpProto.h @@ -80,10 +80,11 @@ typedef struct { =20 typedef struct { EFI_TLS_VERSION Version; EFI_TLS_CONNECTION_END ConnectionEnd; EFI_TLS_VERIFY VerifyMethod; + EFI_TLS_VERIFY_HOST VerifyHost; EFI_TLS_SESSION_STATE SessionState; } TLS_CONFIG_DATA; =20 // // Callback data for HTTP_PARSER_CALLBACK() diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c b/NetworkPkg/HttpDxe/HttpsSu= pport.c index 988bbcbce7..5dfb13bd60 100644 --- a/NetworkPkg/HttpDxe/HttpsSupport.c +++ b/NetworkPkg/HttpDxe/HttpsSupport.c @@ -621,17 +621,20 @@ TlsConfigureSession ( EFI_STATUS Status; =20 // // TlsConfigData initialization // - HttpInstance->TlsConfigData.ConnectionEnd =3D EfiTlsClient; - HttpInstance->TlsConfigData.VerifyMethod =3D EFI_TLS_VERIFY_PEER; - HttpInstance->TlsConfigData.SessionState =3D EfiTlsSessionNotStarted; + HttpInstance->TlsConfigData.ConnectionEnd =3D EfiTlsClient; + HttpInstance->TlsConfigData.VerifyMethod =3D EFI_TLS_VERIFY_PEER; + HttpInstance->TlsConfigData.VerifyHost.Flags =3D EFI_TLS_VERIFY_FLAG_= NO_WILDCARDS; + HttpInstance->TlsConfigData.VerifyHost.HostName =3D HttpInstance->Remote= Host; + HttpInstance->TlsConfigData.SessionState =3D EfiTlsSessionNotStar= ted; =20 // // EfiTlsConnectionEnd, - // EfiTlsVerifyMethod + // EfiTlsVerifyMethod, + // EfiTlsVerifyHost, // EfiTlsSessionState // Status =3D HttpInstance->Tls->SetSessionData ( HttpInstance->Tls, EfiTlsConnectionEnd, @@ -650,10 +653,20 @@ TlsConfigureSession ( ); if (EFI_ERROR (Status)) { return Status; } =20 + Status =3D HttpInstance->Tls->SetSessionData ( + HttpInstance->Tls, + EfiTlsVerifyHost, + &HttpInstance->TlsConfigData.VerifyHost, + sizeof (EFI_TLS_VERIFY_HOST) + ); + if (EFI_ERROR (Status)) { + return Status; + } + Status =3D HttpInstance->Tls->SetSessionData ( HttpInstance->Tls, EfiTlsSessionState, &(HttpInstance->TlsConfigData.SessionState= ), sizeof (EFI_TLS_SESSION_STATE) --=20 2.17.1.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#48187): https://edk2.groups.io/g/devel/message/48187 Mute This Topic: https://groups.io/mt/34307582/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 26 16:08:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+49034+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+49034+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1571180925; cv=none; d=zoho.com; s=zohoarc; b=EbmjFNzHHlD9EAsYn+EWUu1cucQVutKMMe1E1eTdgCOjHxwKyUuSj9SFMnAOWKcnfhX5WRUyC+sntZgTCmV1gsfZM+H0U2BMt6LGWhHvdgz5q5xPimmoh8A7ZlriK+OKmLuzeErlCZeiySnk5XtA1Dr569t2038J28V5OpY4PPA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1571180925; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=gDi8p1oH5WNfw0T5PQLw7NoiGtiREoPmCLxtlqOtYhE=; b=juwiF2mvoMcoC9v9k3fvxsgZ73qn9f8CDn1MOk+2qiYo9FYTBTICDP0KirA864fqkvXvsv1wemAK8ftboOk9CLgZLMaFrNRpmuhoT2qG5LVWWFO5E3D+gkHGufxU5Edf176tfv7qoQuRAm3OKMexOqdh7hv8TlA4IqpX82dwXME= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+49034+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1571180925046404.60717199786825; Tue, 15 Oct 2019 16:08:45 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id aaaaYY1788612xaaaaaaaaaa; Tue, 15 Oct 2019 16:08:44 -0700 X-Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.groups.io with SMTP id smtpd.web10.2940.1571180923936483513 for ; Tue, 15 Oct 2019 16:08:44 -0700 X-Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 312133084499; Tue, 15 Oct 2019 23:08:43 +0000 (UTC) X-Received: from lacos-laptop-7.usersys.redhat.com (ovpn-117-240.ams2.redhat.com [10.36.117.240]) by smtp.corp.redhat.com (Postfix) with ESMTP id 24F5C5D6A9; Tue, 15 Oct 2019 23:08:40 +0000 (UTC) From: "Laszlo Ersek" To: edk2-devel-groups-io Cc: Bret Barkelew , David Woodhouse , Jian J Wang , Jiaxin Wu , Richard Levitte , Sivaraman Nainar Subject: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses Date: Wed, 16 Oct 2019 01:08:39 +0200 Message-Id: <20191015230839.27708-1-lersek@redhat.com> In-Reply-To: <20190927034441.3096-1-Jiaxin.wu@intel.com> References: <20190927034441.3096-1-Jiaxin.wu@intel.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Tue, 15 Oct 2019 23:08:43 +0000 (UTC) Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com X-Gm-Message-State: aaaaaaaaaaaaaaaaaaaaaaaax1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1571180924; bh=j+YF+cWHhl4poOk4Hb9chcH9d0Zjl3pUmkpDfO+0UVI=; h=Cc:Date:From:Reply-To:Subject:To; b=spbD+7ToRLpQ1gOU5cKCpZgO8+hmsSqbnuI0yzQyKT/M2AmfYICZrx+x+hcPi7nkdBk s1/QVpJDT7+1HaI5alGkFC8S2KE8qBUV1i/qtBqPb/smI5yHNOc877TriACgrlmeiMlWL 2jM+ziN5MvY1RCnbUuZ5f/aJSM6C9OxSBwc= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" SSL_set1_host() in TlsSetVerifyHost() ignores GEN_IP entries in the peer certificate's Subject Alternative Name (SAN) extension. This leads to the rejection of any valid peer certificate that matches the dot-decimal IPv4, or colon-hexadecimal IPv6, host part of an URL *only* through SAN/GEN_IP, and not through the Common Name. Based on David's guidance, replace SSL_set1_host() in TlsSetVerifyHost() with application specific data ("ExData") that is associated with the SSL object. Namely, pass the host part of the URL as "application specific data" into a new peer certificate verification callback. In the callback, first try to parse the host part of the URL as a numeric IP address, for certificate subject verification. If that parsing fails, fall back to interpreting the host part as a DNS hostname. Cc: Bret Barkelew Cc: David Woodhouse Cc: Jian J Wang Cc: Jiaxin Wu Cc: Richard Levitte Cc: Sivaraman Nainar Ref: http://mid.mail-archive.com/B4DE137BDB63634BAC03BD9DE765F197028B24CA23= @VENUS1.in.megatrends.com Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D960 Ref: https://edk2.groups.io/g/devel/message/42022 Suggested-by: David Woodhouse Signed-off-by: Laszlo Ersek Acked-by: Laszlo Ersek Reviewed-by: Fu Siyuan Reviewed-by: Long Qin Reviewed-by: Ye Ting Tested-by: Laszlo Ersek --- Notes: Unfortunately, there are two problems with this patch: =20 (1) X509_VERIFY_PARAM_set1_ip_asc() does not accept IPv4 addresses in dot-decimal notation (unless I messed up the code). My log file contains: =20 > TlsDxe:TlsCertVerify: verifying peer certificate with DNS hostname "1= 92.168.124.2" > TlsDxe:TlsCertVerify: peer certificate accepted =20 (2) X509_VERIFY_PARAM_set1_ip_asc() does accept IPv6 addresses. However, in that case, the server certificate that I had generated with "genkey" (where I entered the IPv6 address in the Common Name field) is rejected: =20 > TlsDxe:TlsCertVerify: verifying peer certificate with numerical IP ad= dress "fd33:eb1b:9b36::2" > TlsDxe:TlsCertVerify: peer certificate rejected > TlsDoHandshake SSL_HANDSHAKE_ERROR State=3D0x4 SSL_ERROR_SSL > TlsDoHandshake ERROR 0x1416F086=3DL14:F16F:R86 =20 If I do not apply the present patch on top of Jiaxin's v1 4/4 (at ), then the certificate is accepted fine. =20 Not sure how to address these. CryptoPkg/Library/TlsLib/TlsLib.inf | 1 + CryptoPkg/Library/TlsLib/InternalTlsLib.h | 33 +++ CryptoPkg/Library/TlsLib/TlsConfig.c | 17 +- CryptoPkg/Library/TlsLib/TlsExData.c | 301 ++++++++++++++++++++ CryptoPkg/Library/TlsLib/TlsInit.c | 35 ++- 5 files changed, 385 insertions(+), 2 deletions(-) diff --git a/CryptoPkg/Library/TlsLib/TlsLib.inf b/CryptoPkg/Library/TlsLib= /TlsLib.inf index 2f3ce695c33e..1f65eea516d4 100644 --- a/CryptoPkg/Library/TlsLib/TlsLib.inf +++ b/CryptoPkg/Library/TlsLib/TlsLib.inf @@ -24,12 +24,13 @@ [Defines] =20 [Sources] InternalTlsLib.h TlsInit.c TlsConfig.c TlsProcess.c + TlsExData.c =20 [Packages] MdePkg/MdePkg.dec CryptoPkg/CryptoPkg.dec =20 [LibraryClasses] diff --git a/CryptoPkg/Library/TlsLib/InternalTlsLib.h b/CryptoPkg/Library/= TlsLib/InternalTlsLib.h index ce7f4ced4a30..c8762befd31c 100644 --- a/CryptoPkg/Library/TlsLib/InternalTlsLib.h +++ b/CryptoPkg/Library/TlsLib/InternalTlsLib.h @@ -34,8 +34,41 @@ typedef struct { // // Memory BIO for the TLS/SSL Writing operations. // BIO *OutBio; } TLS_CONNECTION; =20 +// +// See the documentation for "mPeerSubjectNameKey", +// TlsPeerSubjectNameDuplicate(), TlsPeerSubjectNameFree(), and TlsCertVer= ify() +// in "TlsExData.c". +// +extern INT32 mPeerSubjectNameKey; + +INT32 +TlsPeerSubjectNameDuplicate ( + OUT CRYPTO_EX_DATA *DestinationExData, + IN CONST CRYPTO_EX_DATA *SourceExData, + IN OUT VOID *PeerSubjectNameAddress, + IN INT32 ExDataType, + IN long ArgLong, + IN VOID *ArgPtr + ); + +VOID +TlsPeerSubjectNameFree ( + IN VOID *ParentSsl, + IN VOID *PeerSubjectName OPTIONAL, + IN CRYPTO_EX_DATA *ExData, + IN INT32 ExDataType, + IN long ArgLong, + IN VOID *ArgPtr + ); + +INT32 +TlsCertVerify ( + IN X509_STORE_CTX *PeerCertificateChain, + IN VOID *Arg + ); + #endif =20 diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLi= b/TlsConfig.c index 2bf5aee7c093..114168dfb020 100644 --- a/CryptoPkg/Library/TlsLib/TlsConfig.c +++ b/CryptoPkg/Library/TlsLib/TlsConfig.c @@ -504,32 +504,47 @@ TlsSetVerify ( @param[in] Flags The setting flags during the validation. @param[in] HostName The specified host name to be verified. =20 @retval EFI_SUCCESS The HostName setting was set successfully. @retval EFI_INVALID_PARAMETER The parameter is invalid. @retval EFI_ABORTED Invalid HostName setting. + @retval EFI_OUT_OF_RESOURCES Memory allocation failure. =20 **/ EFI_STATUS EFIAPI TlsSetVerifyHost ( IN VOID *Tls, IN UINT32 Flags, IN CHAR8 *HostName ) { TLS_CONNECTION *TlsConn; + CHAR8 *PeerSubjectName; =20 TlsConn =3D (TLS_CONNECTION *) Tls; if (TlsConn =3D=3D NULL || TlsConn->Ssl =3D=3D NULL || HostName =3D=3D N= ULL) { return EFI_INVALID_PARAMETER; } =20 + PeerSubjectName =3D AllocateCopyPool ( + AsciiStrSize (HostName), + HostName + ); + if (PeerSubjectName =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + SSL_set_hostflags(TlsConn->Ssl, Flags); =20 - if (SSL_set1_host(TlsConn->Ssl, HostName) =3D=3D 0) { + if (SSL_set_ex_data ( + TlsConn->Ssl, + mPeerSubjectNameKey, + PeerSubjectName + ) =3D=3D 0) { + FreePool (PeerSubjectName); return EFI_ABORTED; } =20 return EFI_SUCCESS; } =20 diff --git a/CryptoPkg/Library/TlsLib/TlsExData.c b/CryptoPkg/Library/TlsLi= b/TlsExData.c new file mode 100644 index 000000000000..9671234f8416 --- /dev/null +++ b/CryptoPkg/Library/TlsLib/TlsExData.c @@ -0,0 +1,301 @@ +/** @file + OpenSSL callback functions for: + + - duplicating and freeing the Peer Subject Name strings that we associate + with SSL objects as application data ("ExData"), + + - verifying peer certificates against the Subject Name stings associated= with + SSL objects. + + Copyright (C) 2019, Red Hat, Inc. + + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include "InternalTlsLib.h" + +// +// We attach the Subject Name that we expect the peer certificate to match= to +// the SSL object as an application-specific datum. This type of +// application-specific data first needs to be registered with OpenSSL. The +// registration identifier is stored in the object below. +// +// We define the associated data type as (CHAR8*), pointing to a +// dynamically-allocated, NUL-terminated ASCII string. The string may cont= ain a +// DNS hostname, or an IPv4 address in dotted decimal notation, or an IPv6 +// address in colon-separated hexadecimal notation (without the surrounding +// brackets used in URLs). The condensed "::" notation is supported for IP= v6 +// addresses. +// +INT32 mPeerSubjectNameKey; + +/** + OpenSSL callback function for duplicating the Subject Name when its pare= nt + SSL object is duplicated. + + Because this function is an OpenSSL callback, it must not be declared EF= IAPI. + + @param[out] DestinationExData The ExData object in the new SSL + object. DestinationExData is the + dictionary in which + mPeerSubjectNameKey identifies th= e new + (duplicated) subject name. Ignore= d. + + @param[in] SourceExData The ExData object in the original= SSL + object. SourceExData is the dicti= onary + in which mPeerSubjectNameKey + identifies the subject name to + duplicate. Ignored. + + @param[in,out] PeerSubjectNameAddress On input, + *(VOID**)PeerSubjectNameAddress p= oints + to the Subject Name in SourceExDa= ta. + On output, + *(VOID**)PeerSubjectNameAddress p= oints + to the newly allocated copy of the + Subject Name, to be stored in + DestinationExData. On input, + PeerSubjectNameAddress must not be + NULL, but + *(VOID**)PeerSubjectNameAddress m= ay be + NULL. + + @param[in] ExDataType Equals mPeerSubjectNameKey. Ignor= ed. + + @param[in] ArgLong Zero; ignored. + + @param[in] ArgPtr NULL; ignored. + + @retval 0 Memory allocation failure. + + @retval 1 Successful duplication (including a NULL subject name, when + nothing is done). +**/ +INT32 +TlsPeerSubjectNameDuplicate ( + OUT CRYPTO_EX_DATA *DestinationExData, + IN CONST CRYPTO_EX_DATA *SourceExData, + IN OUT VOID *PeerSubjectNameAddress, + IN INT32 ExDataType, + IN long ArgLong, + IN VOID *ArgPtr + ) +{ + CHAR8 *PeerSubjectName; + CHAR8 *NewPeerSubjectName; + + // + // Assert that these input parameters match what we passed to + // SSL_get_ex_new_index() in TlsInitialize(). + // + ASSERT (ExDataType =3D=3D mPeerSubjectNameKey); + ASSERT (ArgLong =3D=3D 0); + ASSERT (ArgPtr =3D=3D NULL); + + // + // Further assert non-nullity for PeerSubjectNameAddress. + // + ASSERT (PeerSubjectNameAddress !=3D NULL); + + PeerSubjectName =3D *(VOID **)PeerSubjectNameAddress; + if (PeerSubjectName =3D=3D NULL) { + DEBUG ((DEBUG_VERBOSE, "%a:%a: nothing to copy\n", gEfiCallerBaseName, + __FUNCTION__)); + // + // Exit with success. + // + return 1; + } + + NewPeerSubjectName =3D AllocateCopyPool ( + AsciiStrSize (PeerSubjectName), + PeerSubjectName + ); + if (NewPeerSubjectName =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "%a:%a: failed to allocate memory\n", + gEfiCallerBaseName, __FUNCTION__)); + return 0; + } + + *(VOID **)PeerSubjectNameAddress =3D NewPeerSubjectName; + DEBUG ((DEBUG_VERBOSE, + "%a:%a: copied peer subject name \"%a\" from %p to %p\n", + gEfiCallerBaseName, __FUNCTION__, PeerSubjectName, (VOID *)PeerSubject= Name, + (VOID *)NewPeerSubjectName)); + return 1; +} + +/** + OpenSSL callback function for freeing the Subject Name when its parent S= SL + object is freed. + + Because this function is an OpenSSL callback, it must not be declared EF= IAPI. + + @param[in] ParentSsl The parent SSL object being freed. Ignored. + + @param[in] PeerSubjectName The subject name to release. May be NULL. + + @param[in] ExData The ExData object in ParentSsl. ExData is the + dictionary in which mPeerSubjectNameKey + identifies the subject name to release. Igno= red. + + @param[in] ExDataType Equals mPeerSubjectNameKey. Ignored. + + @param[in] ArgLong Zero; ignored. + + @param[in] ArgPtr NULL; ignored. +**/ +VOID +TlsPeerSubjectNameFree ( + IN VOID *ParentSsl, + IN VOID *PeerSubjectName OPTIONAL, + IN CRYPTO_EX_DATA *ExData, + IN INT32 ExDataType, + IN long ArgLong, + IN VOID *ArgPtr + ) +{ + // + // Assert that these input parameters match what we passed to + // SSL_get_ex_new_index() in TlsInitialize(). + // + ASSERT (ExDataType =3D=3D mPeerSubjectNameKey); + ASSERT (ArgLong =3D=3D 0); + ASSERT (ArgPtr =3D=3D NULL); + + if (PeerSubjectName =3D=3D NULL) { + return; + } + + DEBUG ((DEBUG_VERBOSE, "%a:%a: freeing peer subject name \"%a\" at %p\n", + gEfiCallerBaseName, __FUNCTION__, (CHAR8 *)PeerSubjectName, + PeerSubjectName)); + FreePool (PeerSubjectName); +} + +/** + OpenSSL callback function for discovering and verifying the X509 peer + certificate chain during SSL/TLS handshake. + + This function wraps the X509_verify_cert() OpenSSL function; it ensures = that + both DNS host names and numeric IPv4/IPv6 addresses are matched in peer + certificates as Subject Names. + + Because this function is an OpenSSL callback, it must not be declared EF= IAPI. + + @param[in] PeerCertificateChain The certificate chain of the peer to ve= rify. + The function checks whether + PeerCertificateChain matches the Peer + Subject Name that we've associated with= the + SSL object of the network connection. + + @param[in] Arg NULL; ignored. + + @retval 1 Verification success. + + @retval 0 Verification failure. +**/ +INT32 +TlsCertVerify ( + IN X509_STORE_CTX *PeerCertificateChain, + IN VOID *Arg + ) +{ + SSL *Ssl; + X509_VERIFY_PARAM *VerifyParams; + CHAR8 *SubjectName; + INT32 ParamStatus; + INT32 VerifyStatus; + + // + // Assert that these input parameters match what we passed to + // SSL_CTX_set_cert_verify_callback() in TlsCtxNew(). + // + ASSERT (Arg =3D=3D NULL); + + // + // Retrieve the SSL object associated with the network connection for wh= ich + // the peer certificate is being verified in the SSL/TLS handshake. + // + Ssl =3D X509_STORE_CTX_get_ex_data ( + PeerCertificateChain, + SSL_get_ex_data_X509_STORE_CTX_idx () + ); + if (Ssl =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "%a:%a: SSL object not found\n", gEfiCallerBaseNa= me, + __FUNCTION__)); + // + // Reject the certificate. + // + return 0; + } + + // + // Fetch the certificate verification parameters. + // + VerifyParams =3D X509_STORE_CTX_get0_param (PeerCertificateChain); + if (VerifyParams =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "%a:%a: verification parameters not found\n", + gEfiCallerBaseName, __FUNCTION__)); + return 0; + } + + // + // Retrieve the Peer Subject Name that we *may* have associated with the= SSL + // object in TlsSetVerifyHost(). + // + SubjectName =3D SSL_get_ex_data (Ssl, mPeerSubjectNameKey); + // + // If SubjectName is NULL or empty, explicitly clear the list of host na= mes + // in VerifyParams, and perform no name checks on the peer certificate. + // + // Otherwise, attempt to parse the Peer Subject Name as an IPv4 or IPv6 + // address. If this succeeds, then the parsed address is used for verify= ing + // the peer certificate. + // + // Otherwise, verify the peer certificate with SubjectName taken as a DNS + // hostname. + // + if (SubjectName =3D=3D NULL || SubjectName[0] =3D=3D '\0') { + ParamStatus =3D X509_VERIFY_PARAM_set1_host (VerifyParams, SubjectName= , 0); + + DEBUG ((DEBUG_WARN, "%a:%a: verifying peer certificate without subject= " + "name check (MITM risk)!\n", gEfiCallerBaseName, __FUNCTION__)); + } else { + ParamStatus =3D X509_VERIFY_PARAM_set1_ip_asc (VerifyParams, SubjectNa= me); + + if (ParamStatus =3D=3D 1) { + DEBUG ((DEBUG_VERBOSE, + "%a:%a: verifying peer certificate with numerical IP address \"%a\= "\n", + gEfiCallerBaseName, __FUNCTION__, SubjectName)); + } else { + ParamStatus =3D X509_VERIFY_PARAM_set1_host (VerifyParams, SubjectNa= me, 0); + + DEBUG ((DEBUG_VERBOSE, + "%a:%a: verifying peer certificate with DNS hostname \"%a\"\n", + gEfiCallerBaseName, __FUNCTION__, SubjectName)); + } + } + + if (ParamStatus =3D=3D 0) { + DEBUG ((DEBUG_ERROR, + "%a:%a: unexpected failure to set verification parameters\n", + gEfiCallerBaseName, __FUNCTION__)); + // + // Reject the certificate. + // + return 0; + } + + VerifyStatus =3D X509_verify_cert (PeerCertificateChain); + + if (VerifyStatus > 0) { + DEBUG ((DEBUG_VERBOSE, "%a:%a: peer certificate accepted\n", + gEfiCallerBaseName, __FUNCTION__)); + return 1; + } + + DEBUG ((DEBUG_ERROR, "%a:%a: peer certificate rejected\n", + gEfiCallerBaseName, __FUNCTION__)); + return 0; +} diff --git a/CryptoPkg/Library/TlsLib/TlsInit.c b/CryptoPkg/Library/TlsLib/= TlsInit.c index f9ad6f6b946c..c7918364a4c7 100644 --- a/CryptoPkg/Library/TlsLib/TlsInit.c +++ b/CryptoPkg/Library/TlsLib/TlsInit.c @@ -24,29 +24,53 @@ BOOLEAN EFIAPI TlsInitialize ( VOID ) { INTN Ret; + BOOLEAN RandomIsSeeded; =20 // // Performs initialization of crypto and ssl library, and loads required // algorithms. // Ret =3D OPENSSL_init_ssl ( OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL ); if (Ret !=3D 1) { return FALSE; } + // + // OPENSSL_init_ssl() cannot, and need not, be rolled back, if the rest = of + // this function fails. + // + + mPeerSubjectNameKey =3D SSL_get_ex_new_index ( + 0, // "argl": unneeded + NULL, // "argp": unneeded + NULL, // "new_func": unne= eded + TlsPeerSubjectNameDuplicate, // "dup_func" + TlsPeerSubjectNameFree // "free_func" + ); + if (mPeerSubjectNameKey =3D=3D -1) { + return FALSE; + } =20 // // Initialize the pseudorandom number generator. // - return RandomSeed (NULL, 0); + RandomIsSeeded =3D RandomSeed (NULL, 0); + if (!RandomIsSeeded) { + goto DeregisterPeerSubjectName; + } + return TRUE; + +DeregisterPeerSubjectName: + CRYPTO_free_ex_index (CRYPTO_EX_INDEX_SSL, mPeerSubjectNameKey); + return FALSE; } =20 /** Free an allocated SSL_CTX object. =20 @param[in] TlsCtx Pointer to the SSL_CTX object to be released. @@ -103,12 +127,21 @@ TlsCtxNew ( // // Treat as minimum accepted versions by setting the minimal bound. // Client can use higher TLS version if server supports it // SSL_CTX_set_min_proto_version (TlsCtx, ProtoVersion); =20 + // + // Set peer certificate verification procedure. + // + SSL_CTX_set_cert_verify_callback ( + TlsCtx, + TlsCertVerify, + NULL // "arg": unneeded + ); + return (VOID *) TlsCtx; } =20 /** Free an allocated TLS object. =20 --=20 2.19.1.3.g30247aa5d201 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#49034): https://edk2.groups.io/g/devel/message/49034 Mute This Topic: https://groups.io/mt/34551672/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-