From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: jiaxin.wu@intel.com) Received: from mga05.intel.com (mga05.intel.com []) by groups.io with SMTP; Thu, 26 Sep 2019 20:44:48 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2019 20:44:48 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,553,1559545200"; d="scan'208";a="204074800" Received: from jiaxinwu-mobl.ccr.corp.intel.com ([10.239.192.205]) by fmsmga001.fm.intel.com with ESMTP; 26 Sep 2019 20:44:47 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Wu Jiaxin Subject: [PATCH v1 1/4] MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost(CVE-2019-14553) Date: Fri, 27 Sep 2019 11:44:38 +0800 Message-Id: <20190927034441.3096-2-Jiaxin.wu@intel.com> X-Mailer: git-send-email 2.17.1.windows.2 In-Reply-To: <20190927034441.3096-1-Jiaxin.wu@intel.com> References: <20190927034441.3096-1-Jiaxin.wu@intel.com> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960 CVE: CVE-2019-14553 In the patch, we add the new data type named "EfiTlsVerifyHost" and the EFI_TLS_VERIFY_HOST_FLAG for the TLS protocol consumer (HTTP) to enable the host name check so as to avoid the potential Man-In-The-Middle attack. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wu Jiaxin Reviewed-by: Ye Ting Reviewed-by: Long Qin Reviewed-by: Fu Siyuan Acked-by: Laszlo Ersek --- MdePkg/Include/Protocol/Tls.h | 68 +++++++++++++++++++++++++++++------ 1 file changed, 57 insertions(+), 11 deletions(-) diff --git a/MdePkg/Include/Protocol/Tls.h b/MdePkg/Include/Protocol/Tls.h index bf1b6727a1..af524ae2a6 100644 --- a/MdePkg/Include/Protocol/Tls.h +++ b/MdePkg/Include/Protocol/Tls.h @@ -39,14 +39,10 @@ typedef struct _EFI_TLS_PROTOCOL EFI_TLS_PROTOCOL; /// /// EFI_TLS_SESSION_DATA_TYPE /// typedef enum { - /// - /// Session Configuration - /// - /// /// TLS session Version. The corresponding Data is of type EFI_TLS_VERSION. /// EfiTlsVersion, /// @@ -84,15 +80,10 @@ typedef enum { /// /// TLS session data session state. /// The corresponding Data is of type EFI_TLS_SESSION_STATE. /// EfiTlsSessionState, - - /// - /// Session information - /// - /// /// TLS session data client random. /// The corresponding Data is of type EFI_TLS_RANDOM. /// EfiTlsClientRandom, @@ -104,13 +95,19 @@ typedef enum { /// /// TLS session data key material. /// The corresponding Data is of type EFI_TLS_MASTER_SECRET. /// EfiTlsKeyMaterial, + /// + /// TLS session hostname for validation which is used to verify whether the name + /// within the peer certificate matches a given host name. + /// This parameter is invalid when EfiTlsVerifyMethod is EFI_TLS_VERIFY_NONE. + /// The corresponding Data is of type EFI_TLS_VERIFY_HOST. + /// + EfiTlsVerifyHost, EfiTlsSessionDataTypeMaximum - } EFI_TLS_SESSION_DATA_TYPE; /// /// EFI_TLS_VERSION /// Note: The TLS version definition is from SSL3.0 to the latest TLS (e.g. 1.2). @@ -176,19 +173,68 @@ typedef UINT32 EFI_TLS_VERIFY; /// The TLS/SSL handshake is immediately terminated with an alert message containing /// the reason for the certificate verification failure. /// #define EFI_TLS_VERIFY_PEER 0x1 /// -/// TLS session will fail peer certificate is absent. +/// EFI_TLS_VERIFY_FAIL_IF_NO_PEER_CERT is only meaningful in the server mode. +/// TLS session will fail if client certificate is absent. /// #define EFI_TLS_VERIFY_FAIL_IF_NO_PEER_CERT 0x2 /// /// TLS session only verify client once, and doesn't request certificate during /// re-negotiation. /// #define EFI_TLS_VERIFY_CLIENT_ONCE 0x4 +/// +/// EFI_TLS_VERIFY_HOST_FLAG +/// +typedef UINT32 EFI_TLS_VERIFY_HOST_FLAG; +/// +/// There is no additional flags set for hostname validation. +/// Wildcards are supported and they match only in the left-most label. +/// +#define EFI_TLS_VERIFY_FLAG_NONE 0x00 +/// +/// Always check the Subject Distinguished Name (DN) in the peer certificate even if the +/// certificate contains Subject Alternative Name (SAN). +/// +#define EFI_TLS_VERIFY_FLAG_ALWAYS_CHECK_SUBJECT 0x01 +/// +/// Disable the match of all wildcards. +/// +#define EFI_TLS_VERIFY_FLAG_NO_WILDCARDS 0x02 +/// +/// Disable the "*" as wildcard in labels that have a prefix or suffix (e.g. "www*" or "*www"). +/// +#define EFI_TLS_VERIFY_FLAG_NO_PARTIAL_WILDCARDS 0x04 +/// +/// Allow the "*" to match more than one labels. Otherwise, only matches a single label. +/// +#define EFI_TLS_VERIFY_FLAG_MULTI_LABEL_WILDCARDS 0x08 +/// +/// Restrict to only match direct child sub-domains which start with ".". +/// For example, a name of ".example.com" would match "www.example.com" with this flag, +/// but would not match "www.sub.example.com". +/// +#define EFI_TLS_VERIFY_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10 +/// +/// Never check the Subject Distinguished Name (DN) even there is no +/// Subject Alternative Name (SAN) in the certificate. +/// +#define EFI_TLS_VERIFY_FLAG_NEVER_CHECK_SUBJECT 0x20 + +/// +/// EFI_TLS_VERIFY_HOST +/// +#pragma pack (1) +typedef struct { + EFI_TLS_VERIFY_HOST_FLAG Flags; + CHAR8 *HostName; +} EFI_TLS_VERIFY_HOST; +#pragma pack () + /// /// EFI_TLS_RANDOM /// Note: The definition of EFI_TLS_RANDOM is from "RFC 5246 A.4.1. /// Hello Messages". /// -- 2.17.1.windows.2