From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <thomas.palmer@hpe.com>
Received: from g9t5009.houston.hpe.com (g9t5009.houston.hpe.com [15.241.48.73])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 652BE1A1E66
 for <edk2-devel@lists.01.org>; Thu,  8 Sep 2016 12:15:54 -0700 (PDT)
Received: from arm-build-server.us.rdlabs.hpecorp.net
 (arm-build-server.us.rdlabs.hpecorp.net [16.84.24.54])
 by g9t5009.houston.hpe.com (Postfix) with ESMTP id C40074C;
 Thu,  8 Sep 2016 19:15:53 +0000 (UTC)
From: Thomas Palmer <thomas.palmer@hpe.com>
To: edk2-devel@lists.01.org
Cc: jiaxin.wu@intel.com, joseph.shifflett@hpe.com,
 Thomas Palmer <thomas.palmer@hpe.com>
Date: Thu,  8 Sep 2016 14:15:47 -0500
Message-Id: <1473362148-7445-2-git-send-email-thomas.palmer@hpe.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1473362148-7445-1-git-send-email-thomas.palmer@hpe.com>
References: <1473362148-7445-1-git-send-email-thomas.palmer@hpe.com>
Subject: [PATCH v2 1/2] [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: TLS Ver negotiate
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Sep 2016 19:15:54 -0000

The TLS protocol allows for clients and servers to negotiate which
version of TLS to use.  Newer versions are deemed safer, so when
they are available the client and server should opt to use them.

The EDK2 TLS code today only allows TLSv1.0 for TLS communication,
regardless of the target server's capabilities. In order to use the
newer protocols, we'll update the EDK2 TlsLib.c code to allow for
TLS version negotiation when a new TLS object is created. The TLS
version specified in TlsCtxNew will be the minimum version accepted.

Because EDK2 is not yet using OpenSSL 1.1, we use SSL_set_options to
simulate SSL_CTX_set_min_proto_version.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer <thomas.palmer@hpe.com>
---
 CryptoPkg/Library/TlsLib/TlsLib.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/TlsLib/TlsLib.c b/CryptoPkg/Library/TlsLib/TlsLib.c
index aa08595..32bd165 100644
--- a/CryptoPkg/Library/TlsLib/TlsLib.c
+++ b/CryptoPkg/Library/TlsLib/TlsLib.c
@@ -195,26 +195,38 @@ TlsCtxNew (
 
   ProtoVersion = (MajorVer << 8) | MinorVer;
 
-  TlsCtx = NULL;
+  TlsCtx = SSL_CTX_new (SSLv23_client_method ());
+  if (TlsCtx == NULL) {
+    return NULL;
+  }
+
+  //
+  // Ensure SSLv3 is disabled
+  //
+  SSL_CTX_set_options (TlsCtx, SSL_OP_NO_SSLv3);
 
+  //
+  // Treat as minimum accepted versions.  Client can use higher
+  // TLS version if server supports it
+  //
   switch (ProtoVersion) {
   case TLS1_VERSION:
     //
     // TLS 1.0
     //
-    TlsCtx = SSL_CTX_new (TLSv1_method ());
     break;
   case TLS1_1_VERSION:
     //
     // TLS 1.1
     //
-    TlsCtx = SSL_CTX_new (TLSv1_1_method ());
+    SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1);
     break;
   case TLS1_2_VERSION:
     //
     // TLS 1.2
     //
-    TlsCtx = SSL_CTX_new (TLSv1_2_method ());
+    SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1);
+    SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1_1);
     break;
   default:
     //
-- 
2.7.4