| Issue 90392: | No TLS 1.2 (SHA-2) Support | |
| 145 people starred this issue and may be notified of changes. | Back to list |
Restricted
Sign in to add a comment
|
Chrome Version : 12.0.742.122 (Official Build 91910) m URLs (if applicable) : N/A Other browsers tested: N/A Supported in IE9 and Opera. What steps will reproduce the problem? 1. Visit - TLS1.2 enabled website. 2. Check TLS conneciton info. 3. What is the expected result? Connection negotiates a TLS 1.2/SHA256 session. What happens instead? Connection negotiates a TLS 1.0 session. Please provide any additional information below. Attach a screenshot if possible. The US Government has mandated the implementation of a minimum of SHA-256 for use in generation and validation of digital signatures by the end of 2012. This mandate applies to SSL/TLS communication. SHA-256 support was implemented in the TLS 1.2 protocol. Support for TLS 1.2 has already been implemented in IE9 and Opera 10. In this regard, Chrome is behind. Without this support, Chrome will not be authorized for use by US Government or Military communications once the mandate has become effective.
Sep 20, 2011
*bump* -> http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/
Sep 21, 2011
Come on, TLS 1.0 can be cracked in 10 minutes!
Jan 21, 2012
At http://blogs.msdn.com/b/kaushal/archive/2011/10/03/taming-the-beast-browser-exploit-against-ssl-tls.aspx "The irony is that major internet browsers (Chrome, Firefox and Safari) still don’t provide support for TLS 1.1 and TLS 1.2. They continue to use a security protocols which is a decade old. Its been 5 years since TLS 1.1 was released, yet this hasn’t been implemented by them."
Jan 21, 2012
BEAST isn't as big a deal as it was made out to be. TLS 1.1/2 are nice but servers need to support them and they don't. I think browsers should step on it so that servers will take advantage but it's not a huge deal.
Jan 22, 2012
Not a big deal? I would argue that it's a bigger deal than the renegotiation issue.
Jan 22, 2012
Why?
Jan 22, 2012
Why?
Mar 7, 2012
BEAST is quite interesting but it is not nearly as dangerous as it's made out to be. It requires things like SOP to be broken and only works because of a flaw in TLS 1.0 CBC ciphers. You can just switch to RC4 and be fine for the time being. That being said, we still really need TLS 1.2 support
Apr 29, 2012
So the solution is... to downgrade from AES to arcfour? Sorry, that's *not* a solution.
Jun 1, 2012
in Chrome 21 TLS 1.1 has been implemented and enabled by default. We are getting somewhere. Would be great if 1.2 would follow soon! Source: http://googlechromereleases.blogspot.nl/2012/05/dev-channel-update_29.html
Jun 6, 2012
I've just upgraded my servers openssl. It now provides up to TLS 1.2. Support from Chrome would indeed be appreciated.
Mar 10, 2013
(No comment was entered for this change.)
Labels:
-Area-Internals -Internals-Network-SSL Cr-Internals Cr-Internals-Network-SSL
Apr 25, 2013
(No comment was entered for this change.)
Status:
Assigned
Owner: wtc@chromium.org
Apr 29, 2013
I have started working on this. I plan to finish this by Chrome 31.
Status:
Started
Labels: M-31
Apr 29, 2013
(No comment was entered for this change.)
Labels:
Restrict-AddIssueComment-EditIssue
May 9, 2013
I converted Adam's NSS patch to a Chromium changelist to make code review easier: https://codereview.chromium.org/14772023/ For Chromium, we need to update our platform SSL client auth code and TLS Channel ID code because the SSL3Hashes structure has changed. I have updated the TLS Channel ID code. I will update the platform SSL client auth code tomorrow.
Cc:
a...@chromium.org rsleevi@chromium.org nasko@chromium.org
May 14, 2013
------------------------------------------------------------------------ r200019 | wtc@chromium.org | 2013-05-14T17:08:37.887019Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/nss/nss/exports_win.def?r1=200019&r2=200018&pathrev=200019 Export HASH_ResultLenByOidTag. The TLS 1.2 code is expected to need this function. R=agl@chromium.org BUG=90392 TEST=none Review URL: https://chromiumcodereview.appspot.com/14941009 ------------------------------------------------------------------------
May 15, 2013
------------------------------------------------------------------------ r200266 | wtc@chromium.org | 2013-05-15T14:47:25.913960Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/nss/nss/exports_win.def?r1=200266&r2=200265&pathrev=200266 Export SGN_Digest and VFY_VerifyDigestDirect. These functions generate or verify RSA signatures that contain the ASN.1 DigestInfo structure. TLS 1.2 uses this kind of RSA signature. R=agl@chromium.org BUG=90392 TEST=none Review URL: https://chromiumcodereview.appspot.com/14575005 ------------------------------------------------------------------------
May 15, 2013
------------------------------------------------------------------------ r200469 | wtc@chromium.org | 2013-05-16T06:33:54.590901Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/DEPS?r1=200469&r2=200468&pathrev=200469 Update nss_revision to 200337. Underlying CLs: https://codereview.chromium.org/14941009/ https://codereview.chromium.org/14575005/ https://codereview.chromium.org/12383037/ https://codereview.chromium.org/15067014/ R=rsleevi@chromium.org BUG=90392,176541,236469 TEST=none Review URL: https://chromiumcodereview.appspot.com/15127009 ------------------------------------------------------------------------
May 29, 2013
------------------------------------------------------------------------ r203090 | wtc@chromium.org | 2013-05-30T05:52:51.878068Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslt.h?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslproto.h?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/README.chromium?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3prot.h?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3ecc.c?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/SSLerrs.h?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_network_transaction_spdy2_unittest.cc?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_network_transaction_spdy3_unittest.cc?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3ext.c?r1=203090&r2=203089&pathrev=203090 A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12.patch?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/applypatches.sh?r1=203090&r2=203089&pathrev=203090 A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12chromium.patch?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/ssl/ssl_config_service.cc?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslerr.h?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslsock.c?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3con.c?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslimpl.h?r1=203090&r2=203089&pathrev=203090 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslplatf.c?r1=203090&r2=203089&pathrev=203090 Implement TLS 1.2. Patch by Adam Langley. R=agl@chromium.org BUG=90392 TEST=net_unittests Review URL: https://chromiumcodereview.appspot.com/14772023 ------------------------------------------------------------------------
May 31, 2013
------------------------------------------------------------------------ r203445 | wtc@chromium.org | 2013-05-31T18:48:52.414559Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslimpl.h?r1=203445&r2=203444&pathrev=203445 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/applypatches.sh?r1=203445&r2=203444&pathrev=203445 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/README.chromium?r1=203445&r2=203444&pathrev=203445 A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12certrequest.patch?r1=203445&r2=203444&pathrev=203445 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3con.c?r1=203445&r2=203444&pathrev=203445 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3ext.c?r1=203445&r2=203444&pathrev=203445 Support the new supported_signature_algorithms field of the CertificateRequest message in TLS 1.2. R=rsleevi@chromium.org BUG=90392 TEST=none Review URL: https://chromiumcodereview.appspot.com/16195008 ------------------------------------------------------------------------
Jun 6, 2013
------------------------------------------------------------------------ r204467 | wtc@chromium.org | 2013-06-06T09:48:34.226637Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslsock.c?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3con.c?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslenum.c?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslimpl.h?r1=204467&r2=204466&pathrev=204467 A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12hmacsha256.patch?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslproto.h?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslt.h?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/applypatches.sh?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/README.chromium?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslinfo.c?r1=204467&r2=204466&pathrev=204467 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3ecc.c?r1=204467&r2=204466&pathrev=204467 Support the new TLS 1.2 HMAC-SHA256 cipher suites specified in RFC 5246 and RFC 5289. To avoid making ClientHello too big, the new DH_DSS, DH_RSA, DHE_DSS, DH_anon, ECDH_ECDSA, and ECDH_RSA are not added. Do not generate client_write_IV and server_write_IV in TLS 1.1+ for CBC block ciphers because 1) they aren't used, and 2) a buffer in the NSS softoken is not big enough if the HMAC key is 32 bytes (for HMAC-SHA256) and client_write_IV and server_write_IV are still generated. Do not downgrade to TLS 1.1 silently when SSL_BYPASS_PKCS11 mode is requested because we won't be able to test the new TLS 1.2 only cipher suites in PKCS #11 bypass mode. Instead, silently turn off PKCS #11 bypass if TLS 1.2 is enabled. R=agl@chromium.org BUG=90392 TEST=none (done in NSS upstream) Review URL: https://chromiumcodereview.appspot.com/16394004 ------------------------------------------------------------------------
Jun 17, 2013
------------------------------------------------------------------------ r206827 | wtc@chromium.org | 2013-06-17T23:13:59.278526Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslimpl.h?r1=206827&r2=206826&pathrev=206827 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/applypatches.sh?r1=206827&r2=206826&pathrev=206827 A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12handshakehashes.patch?r1=206827&r2=206826&pathrev=206827 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/README.chromium?r1=206827&r2=206826&pathrev=206827 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/derive.c?r1=206827&r2=206826&pathrev=206827 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslsock.c?r1=206827&r2=206826&pathrev=206827 M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3con.c?r1=206827&r2=206826&pathrev=206827 Miscellaneous cleanup of TLS 1.2 code. 1. Support TLS 1.2 in PKCS #11 bypass mode. 2. Delay the creation of handshake hash contexts until we have established the handshake hash functions. 3. Buffer handshake messages until the handshake hash contexts have been created. 4. Fix the double ssl3_RestartHandshakeHashes calls, by removing the ssl3_RestartHandshakeHashes call in ssl3_NewHandshakeHashes. 5. Remove redundant ssl3_InitState calls. 6. Remove NSS_SURVIVE_DOUBLE_BYPASS_FAILURE support, so that ss->ssl3.hs.messages is used for only one purpose. R=agl@chromium.org BUG=90392 TEST=none Review URL: https://chromiumcodereview.appspot.com/17109007 ------------------------------------------------------------------------
Jun 21, 2013
------------------------------------------------------------------------ r207759 | wtc@chromium.org | 2013-06-21T08:58:41.837727Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/net/ssl/ssl_config_service.cc?r1=207759&r2=207758&pathrev=207759 Disable TLS 1.2 if USE_OPENSSL is defined (such as on Android) to prevent ClientHello from being larger than 256 bytes. Some broken servers can't handle a large ClientHello. R=agl@chromium.org,rsleevi@chromium.org BUG=90392,245500,247691 TEST=none Review URL: https://chromiumcodereview.appspot.com/17094016 ------------------------------------------------------------------------
Jun 22, 2013
------------------------------------------------------------------------ r208102 | wtc@chromium.org | 2013-06-22T23:54:28.305176Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/net/ssl/ssl_config_service.cc?r1=208102&r2=208101&pathrev=208102 Revert 207759 "Disable TLS 1.2 if USE_OPENSSL is defined (such a..." With r208081 (https://codereview.chromium.org/16879015), it is safe to re-enable TLS 1.2 for USE_OPENSSL. > Disable TLS 1.2 if USE_OPENSSL is defined (such as on Android) to > prevent ClientHello from being larger than 256 bytes. Some broken > servers can't handle a large ClientHello. > > R=agl@chromium.org,rsleevi@chromium.org > BUG=90392,245500,247691 > TEST=none > > Review URL: https://chromiumcodereview.appspot.com/17094016 TBR=wtc@chromium.org Review URL: https://codereview.chromium.org/17553016 ------------------------------------------------------------------------
Jun 24, 2013
------------------------------------------------------------------------ r208230 | wtc@chromium.org | 2013-06-24T17:37:16.166338Z Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/net/ssl/ssl_config_service.cc?r1=208230&r2=208229&pathrev=208230 Revert 207759 "Disable TLS 1.2 if USE_OPENSSL is defined (such a..." With r208081 (https://codereview.chromium.org/16879015), it is safe to re-enable TLS 1.2 for USE_OPENSSL. > Disable TLS 1.2 if USE_OPENSSL is defined (such as on Android) to > prevent ClientHello from being larger than 256 bytes. Some broken > servers can't handle a large ClientHello. > > R=agl@chromium.org,rsleevi@chromium.org > BUG=90392,245500,247691 > TEST=none > > Review URL: https://chromiumcodereview.appspot.com/17094016 TBR=wtc@chromium.org Review URL: https://codereview.chromium.org/17575013 ------------------------------------------------------------------------
Jun 27, 2013
Marked the bug fixed in M29. If everything goes well, Chrome 29 will enable TLS 1.2 by default and support the HMAC-SHA256 cipher suites, which allow us to use the TLS protocol without MD5 or SHA-1 at all. The support for AES GCM cipher suites for TLS is tracked in issue 255241 .
Status:
Fixed
Labels: -M-31 M-29 |
||||||||||
| ► Sign in to add a comment | |||||||||||
Labels: -Area-Undefined Area-Internals Internals-Network-SSL