From 5324d411da32d754a9658ff3eb5c1e59960d2bd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 26 Jun 2015 18:20:34 +0200 Subject: [PATCH] Up min size of DHM params to 1024 bits --- ChangeLog | 10 ++++++++++ include/polarssl/config.h | 1 + include/polarssl/ssl.h | 1 + library/ssl_cli.c | 3 ++- tests/compat.sh | 2 +- 5 files changed, 15 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1ff0658dc..d2328b640 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,15 @@ PolarSSL ChangeLog += Version 1.2.15 released 2015-mm-dd + +Security + * Increase the minimum size of Diffie-Hellman parameters accepted by the + lient to 1024 bits, to protect against Logjam attack. + +Changes + * Add SSL_MIN_DHM_BYTES configuration parameter in config.h to choose the + minimum size of Diffie-Hellman parameters accepted by the client. + = Version 1.2.14 released 2015-06-26 Security diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 10b4fb1d0..3a18f8a26 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -1017,6 +1017,7 @@ // SSL options // #define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ +#define SSL_MIN_DHM_BYTES 128 /**< Min size of the Diffie-Hellman prime */ // X509 options // diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 14ec0fdc3..e6cc2adb1 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -130,6 +130,7 @@ */ #if !defined(POLARSSL_CONFIG_OPTIONS) #define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ +#define SSL_MIN_DHM_BYTES 128 /**< Min size of the Diffie-Hellman prime */ #endif /* !POLARSSL_CONFIG_OPTIONS */ /* diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 0817ea7b3..db9e17955 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -778,7 +778,8 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } - if( ssl->handshake->dhm_ctx.len < 64 || ssl->handshake->dhm_ctx.len > 512 ) + if( ssl->handshake->dhm_ctx.len < SSL_MIN_DHM_BYTES || + ssl->handshake->dhm_ctx.len > 512 ) { SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); diff --git a/tests/compat.sh b/tests/compat.sh index be1d7202b..b7170ffd1 100644 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -12,7 +12,7 @@ if [ "X$VERIFY" = "XYES" ]; then P_SERVER_ARGS="auth_mode=required crt_file=data_files/server1.crt key_file=data_files/server1.key ca_file=data_files/test-ca.crt" P_CLIENT_ARGS="crt_file=data_files/server2.crt key_file=data_files/server2.key ca_file=data_files/test-ca.crt" - O_SERVER_ARGS="-verify 10 -CAfile data_files/test-ca.crt -cert data_files/server1.crt -key data_files/server1.key" + O_SERVER_ARGS="-verify 10 -CAfile data_files/test-ca.crt -cert data_files/server1.crt -key data_files/server1.key -dhparam data_files/dhparams.pem" O_CLIENT_ARGS="-cert data_files/server2.crt -key data_files/server2.key -CAfile data_files/test-ca.crt" fi