Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Safari does not work with new Warp TLS #429

Closed
kazu-yamamoto opened this issue Sep 9, 2015 · 10 comments

Comments

Projects
None yet
3 participants
@kazu-yamamoto
Copy link
Contributor

commented Sep 9, 2015

@tathougies reported in http://www.yesodweb.com/blog/2015/08/ssl-server-test

Probably we should add 3DES.

@kazu-yamamoto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 9, 2015

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which is not specified in Warp TLS, is selected. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 should be selected. I think that this is a bug of the tls library.

@tathougies

This comment has been minimized.

Copy link

commented Sep 9, 2015

Bug already filed on the tls library github, but I'm afraid I lack the expertise to be able to adequately debug.

tls bug: vincenthz/hs-tls#119

@kazu-yamamoto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 9, 2015

Safari does not implement SHA512 correctly. Caligatio/jsSHA#3

I know that the tls library of golang also has this bug. Sigh.

I would propose to remove SHA384 and SHA512 from supportedHashSignatures.

@kazu-yamamoto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 9, 2015

Cc: @AaronFriel Just for your information.

@kazu-yamamoto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 9, 2015

@tathougies Don't worry. I will take care of this tomorrow.

@AaronFriel

This comment has been minimized.

Copy link
Contributor

commented Sep 9, 2015

I'm opposed to adding 3DES, that's a clear regression in terms of security. I don't think it's worth it to support 3DES by default, at least.

The quick fix seems to be to do as @kazu-yamamoto suggested and remove SHA384 and SHA512 based ciphers. SHA256 is not considered insecure by anyone, so this isn't a security issue. (It's not like we'd be removing support for all SHA-2 based ciphers, just two problematic ones.)

I hope an issue has been filed with Apple re: SHA384 and SHA512?

kazu-yamamoto added a commit that referenced this issue Sep 10, 2015

@kazu-yamamoto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 10, 2015

I have removed SHA 384 and SHA 512. I don't add 3DES. I confirmed that the patch above rescue Safari 8 and golang tls.

@AaronFriel

This comment has been minimized.

Copy link
Contributor

commented Sep 10, 2015

Very peculiar. I haven't looked at the other thread in detail. Does tls implement SHA384/512 incorrectly or is it golang and Safari?

@kazu-yamamoto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 10, 2015

I believe that golang and Safari suck. When Safari received a SHA512 signature, it returns an alert.

@kazu-yamamoto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 10, 2015

I have released a new version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.