Respect jdk.tls.namedGroups when using native SSL implementation (#11660)

Motivation:

When using the JDK implementation for SSL its possible to adjust the used named groups. We should allow to do this as well and also select some default groups that will reduce the number of roundtrips.

Modifications:

- Upgrade netty-tcnative so we can set the curves
- Respect jdk.tls.namedGroups
- Use default groups of "P-256", "P-384", "X25519" so its compatible with what the JDK versions < 13 support as well.

Result:

Be able to set the used groups

Co-authored-by: Nitesh Kant <nitesh_kant@apple.com>
This commit is contained in:
Norman Maurer 2021-09-09 14:36:12 +02:00
parent dcf1e12556
commit ebd3f8b4fb
4 changed files with 106 additions and 1 deletions

View File

@ -0,0 +1,50 @@
/*
* Copyright 2021 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package io.netty.handler.ssl;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
/**
* Convert java naming to OpenSSL naming if possible and if not return the original name.
*/
final class GroupsConverter {
private static final Map<String, String> mappings;
static {
// See https://tools.ietf.org/search/rfc4492#appendix-A and https://www.java.com/en/configure_crypto.html
Map<String, String> map = new HashMap<String, String>();
map.put("secp224r1", "P-224");
map.put("prime256v1", "P-256");
map.put("secp256r1", "P-256");
map.put("secp384r1", "P-384");
map.put("secp521r1", "P-521");
map.put("x25519", "X25519");
mappings = Collections.unmodifiableMap(map);
}
static String toOpenSsl(String key) {
String mapping = mappings.get(key);
if (mapping == null) {
return key;
}
return mapping;
}
private GroupsConverter() { }
}

View File

@ -38,6 +38,7 @@ import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.HashSet; import java.util.HashSet;
import java.util.LinkedHashSet; import java.util.LinkedHashSet;
@ -66,6 +67,12 @@ public final class OpenSsl {
static final Set<String> SUPPORTED_PROTOCOLS_SET; static final Set<String> SUPPORTED_PROTOCOLS_SET;
static final String[] EXTRA_SUPPORTED_TLS_1_3_CIPHERS; static final String[] EXTRA_SUPPORTED_TLS_1_3_CIPHERS;
static final String EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING; static final String EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING;
static final String[] NAMED_GROUPS;
// Use default that is supported in java 11 and earlier and also in OpenSSL / BoringSSL.
// See https://github.com/netty/netty-tcnative/issues/567
// See https://www.java.com/en/configure_crypto.html for ordering
private static final String[] DEFAULT_NAMED_GROUPS = { "x25519", "secp256r1", "secp384r1", "secp521r1" };
// self-signed certificate for netty.io and the matching private-key // self-signed certificate for netty.io and the matching private-key
private static final String CERT = "-----BEGIN CERTIFICATE-----\n" + private static final String CERT = "-----BEGIN CERTIFICATE-----\n" +
@ -180,6 +187,11 @@ public final class OpenSsl {
boolean supportsKeyManagerFactory = false; boolean supportsKeyManagerFactory = false;
boolean useKeyManagerFactory = false; boolean useKeyManagerFactory = false;
boolean tlsv13Supported = false; boolean tlsv13Supported = false;
String[] namedGroups = DEFAULT_NAMED_GROUPS;
String[] defaultConvertedNamedGroups = new String[namedGroups.length];
for (int i = 0; i < namedGroups.length; i++) {
defaultConvertedNamedGroups[i] = GroupsConverter.toOpenSsl(namedGroups[i]);
}
IS_BORINGSSL = "BoringSSL".equals(versionString()); IS_BORINGSSL = "BoringSSL".equals(versionString());
if (IS_BORINGSSL) { if (IS_BORINGSSL) {
@ -289,12 +301,51 @@ public final class OpenSsl {
SSL.freePrivateKey(key); SSL.freePrivateKey(key);
} }
} }
String groups = SystemPropertyUtil.get("jdk.tls.namedGroups", null);
if (groups != null) {
String[] nGroups = groups.split(",");
Set<String> supportedNamedGroups = new LinkedHashSet<String>(nGroups.length);
Set<String> supportedConvertedNamedGroups = new LinkedHashSet<String>(nGroups.length);
Set<String> unsupportedNamedGroups = new LinkedHashSet<String>();
for (String namedGroup : nGroups) {
String converted = GroupsConverter.toOpenSsl(namedGroup);
if (SSLContext.setCurvesList(sslCtx, converted)) {
supportedConvertedNamedGroups.add(converted);
supportedNamedGroups.add(namedGroup);
} else {
unsupportedNamedGroups.add(namedGroup);
}
}
if (supportedNamedGroups.isEmpty()) {
namedGroups = defaultConvertedNamedGroups;
logger.info("All configured namedGroups are not supported: {}. Use default: {}.",
Arrays.toString(unsupportedNamedGroups.toArray(EmptyArrays.EMPTY_STRINGS)),
Arrays.toString(DEFAULT_NAMED_GROUPS));
} else {
String[] groupArray = supportedNamedGroups.toArray(EmptyArrays.EMPTY_STRINGS);
if (unsupportedNamedGroups.isEmpty()) {
logger.info("Using configured namedGroups -D 'jdk.tls.namedGroup': {} ",
Arrays.toString(groupArray));
} else {
logger.info("Using supported configured namedGroups: {}. Unsupported namedGroups: {}. ",
Arrays.toString(groupArray),
Arrays.toString(unsupportedNamedGroups.toArray(EmptyArrays.EMPTY_STRINGS)));
}
namedGroups = supportedConvertedNamedGroups.toArray(EmptyArrays.EMPTY_STRINGS);
}
} else {
namedGroups = defaultConvertedNamedGroups;
}
} finally { } finally {
SSLContext.free(sslCtx); SSLContext.free(sslCtx);
} }
} catch (Exception e) { } catch (Exception e) {
logger.warn("Failed to get the list of available OpenSSL cipher suites.", e); logger.warn("Failed to get the list of available OpenSSL cipher suites.", e);
} }
NAMED_GROUPS = namedGroups;
AVAILABLE_OPENSSL_CIPHER_SUITES = Collections.unmodifiableSet(availableOpenSslCipherSuites); AVAILABLE_OPENSSL_CIPHER_SUITES = Collections.unmodifiableSet(availableOpenSslCipherSuites);
final Set<String> availableJavaCipherSuites = new LinkedHashSet<>( final Set<String> availableJavaCipherSuites = new LinkedHashSet<>(
AVAILABLE_OPENSSL_CIPHER_SUITES.size() * 2); AVAILABLE_OPENSSL_CIPHER_SUITES.size() * 2);
@ -373,6 +424,7 @@ public final class OpenSsl {
IS_BORINGSSL = false; IS_BORINGSSL = false;
EXTRA_SUPPORTED_TLS_1_3_CIPHERS = EmptyArrays.EMPTY_STRINGS; EXTRA_SUPPORTED_TLS_1_3_CIPHERS = EmptyArrays.EMPTY_STRINGS;
EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING = StringUtil.EMPTY_STRING; EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING = StringUtil.EMPTY_STRING;
NAMED_GROUPS = DEFAULT_NAMED_GROUPS;
} }
} }

View File

@ -116,6 +116,7 @@ public abstract class ReferenceCountedOpenSslContext extends SslContext implemen
// https://mail.openjdk.java.net/pipermail/security-dev/2021-March/024758.html // https://mail.openjdk.java.net/pipermail/security-dev/2021-March/024758.html
static final boolean CLIENT_ENABLE_SESSION_CACHE = static final boolean CLIENT_ENABLE_SESSION_CACHE =
SystemPropertyUtil.getBoolean("io.netty.handler.ssl.openssl.sessionCacheClient", false); SystemPropertyUtil.getBoolean("io.netty.handler.ssl.openssl.sessionCacheClient", false);
/** /**
* The OpenSSL SSL_CTX object. * The OpenSSL SSL_CTX object.
* *
@ -383,6 +384,8 @@ public abstract class ReferenceCountedOpenSslContext extends SslContext implemen
if (asyncPrivateKeyMethod != null) { if (asyncPrivateKeyMethod != null) {
SSLContext.setPrivateKeyMethod(ctx, new AsyncPrivateKeyMethod(engineMap, asyncPrivateKeyMethod)); SSLContext.setPrivateKeyMethod(ctx, new AsyncPrivateKeyMethod(engineMap, asyncPrivateKeyMethod));
} }
// Set the curves.
SSLContext.setCurvesList(ctx, OpenSsl.NAMED_GROUPS);
success = true; success = true;
} finally { } finally {
if (!success) { if (!success) {

View File

@ -468,7 +468,7 @@
<!-- keep in sync with PlatformDependent#ALLOWED_LINUX_OS_CLASSIFIERS --> <!-- keep in sync with PlatformDependent#ALLOWED_LINUX_OS_CLASSIFIERS -->
<os.detection.classifierWithLikes>fedora,suse,arch</os.detection.classifierWithLikes> <os.detection.classifierWithLikes>fedora,suse,arch</os.detection.classifierWithLikes>
<tcnative.artifactId>netty-tcnative</tcnative.artifactId> <tcnative.artifactId>netty-tcnative</tcnative.artifactId>
<tcnative.version>2.0.41.Final</tcnative.version> <tcnative.version>2.0.42.Final</tcnative.version>
<tcnative.classifier>${os.detected.classifier}</tcnative.classifier> <tcnative.classifier>${os.detected.classifier}</tcnative.classifier>
<conscrypt.groupId>org.conscrypt</conscrypt.groupId> <conscrypt.groupId>org.conscrypt</conscrypt.groupId>
<conscrypt.artifactId>conscrypt-openjdk-uber</conscrypt.artifactId> <conscrypt.artifactId>conscrypt-openjdk-uber</conscrypt.artifactId>