jtlayton
commented
1 year ago I think we may be able to call gnutls_priority_cipher_list(3) and then iterate over that list to validate that each cipher we want to enable is part of it.
Closed jtlayton closed 1 year ago
jtlayton
commented
1 year ago I think we may be able to call gnutls_priority_cipher_list(3) and then iterate over that list to validate that each cipher we want to enable is part of it.
jtlayton
commented
1 year ago This example may also be relevant: https://www.gnutls.org/manual/gnutls.html#Listing-the-ciphersuites-in-a-priority-string
chucklever
commented
1 year ago Note that tlshd uses the priorities string to control aspects of a PSK handshake that are not relevant for x.509 handshakes. Thus for now, a priorities string must be constructed for each kernel handshake request, since authentication type is one of the handshake parameters.
chucklever
commented
1 year ago Issue is addressed in ktls-utils-0.9. Thanks for your patch!
Petr Pisar mentioned this in the Fedora package review:
FIX: The daemon does not respect distribution-wide crypto policies. It enables algorithms in tlshd_make_priorities_string() based on what Linux supported at build time of this package. Ideally the daemon should consult crypto policy <https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/> and only enable a disjunction of what Linux offers and what user-space crypto policy mandates. Please contact <[security@lists.fedoraproject.org](mailto:security@lists.fedoraproject.org)> for help. There is a possibility that Linux already does that in other way. Please get a crypto review from the security team on that mailing list.Basically we need to only enable ciphers tlshd_make_priorities_string that are supported by the local (runtime) crypto policy.