Closed NattyNarwhal closed 6 years ago
How's My SSL gives us:
{
"given_cipher_suites": [
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_3DES_EDE_CBC_SHA"
],
"ephemeral_keys_supported": true,
"session_ticket_supported": true,
"tls_compression_supported": false,
"unknown_cipher_suite_supported": false,
"beast_vuln": false,
"able_to_detect_n_minus_one_splitting": false,
"insecure_cipher_suites": {},
"tls_version": "TLS 1.2",
"rating": "Probably Okay"
}
My guess is it could be a broken ciphersuite; I think what'd need to happen is the unpacking of the state machine (our BT is from the failure point, it seems) and the determination of what cipher suite successful connections use vs. unsuccessful.
may be a problem with prime256v1
, from toying with ciphersuites; I had noticed that external/boringssl/crypto/ec/p256-64.c
was allegedly patched for BE, though the definitions are seemingly incorrect for SLES. Fix it, doesn't seem to change anything though?
If you guessed external/boringssl/crypto/ec/p256-64.c
, you'd be a winner:
calvin@wellnix:~/mono> mono/btls/build-shared/boringssl/crypto/ec/ec_test
Incorrect public key: b07cd1b3af3a31c374c07707f0df543c3878fb8da22c1d831ce39904efd9c633 aaef88d4811a86c97b6106d2ba6bdea800eaa5cd18999b0d873466d69ef05edf
failed
calvin@wellnix:~/mono> mono/btls/build-shared/boringssl/crypto/ecdsa/ecdsa_test
testing ECDSA_sign(), ECDSA_verify(), ECDSA_do_sign(), and ECDSA_do_verify() with some internal curves:
secp224r1: ............. ok
secp256r1: ... failed
ECDSA test failed
Shipping a workaround by disabling 64-bit optimized code for that cipher. Slower, but works until it's fixed.
Sites like
github.com
orapi.nuget.org
don't work. Maybe it's an endianness issue?gdb output: