http2: add all bad ciphers, use package constants

Make all the ciphers from https://www.iana.org/assignments/tls-parameters/tls-parameters.txt available as package constants (no longer relying on crypto/tls). Number of bad ciphers such as TLS_RSA_WITH_AES_128_CBC_SHA256 from https://tools.ietf.org/html/rfc7540#appendix-A are added to the HTTP/2 blacklist (also listed in https://http2.github.io/http2-spec/#BadCipherSuites). The zero CipherSuite TLS_NULL_WITH_NULL_NULL (0x00) is now explicitly marked as a bad one which required change of some test mocks. Fixes golang/go#20213 Change-Id: I6b02061603cce4cf469998606400ed6729199238 Reviewed-on: https://go-review.googlesource.com/42510 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

http2: add all bad ciphers, use package constants
Make all the ciphers from https://www.iana.org/assignments/tls-parameters/tls-parameters.txt available as package constants (no longer relying on crypto/tls). Number of bad ciphers such as TLS_RSA_WITH_AES_128_CBC_SHA256 from https://tools.ietf.org/html/rfc7540#appendix-A are added to the HTTP/2 blacklist (also listed in https://http2.github.io/http2-spec/#BadCipherSuites). The zero CipherSuite TLS_NULL_WITH_NULL_NULL (0x00) is now explicitly marked as a bad one which required change of some test mocks. Fixes golang/go#20213 Change-Id: I6b02061603cce4cf469998606400ed6729199238 Reviewed-on: https://go-review.googlesource.com/42510 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
feeb4856 · Dmitry Savintsev · Brad Fitzpatrick · 0819898f · feeb4856 · feeb4856
Commit feeb4856 authored May 02, 2017 by Dmitry Savintsev Committed by Brad Fitzpatrick May 03, 2017
7 changed files
--- a/http2/ciphers.go
+++ b/http2/ciphers.go
--- a/http2/ciphers_test.go
+++ b/http2/ciphers_test.go
--- a/http2/databuffer_test.go
+++ b/http2/databuffer_test.go
@@ -2,6 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

+// +build go1.7
+
 package http2

 import (

--- a/http2/go16.go
+++ b/http2/go16.go
@@ -7,7 +7,6 @@
 package http2

 import (
-	"crypto/tls"
 	"net/http"
 	"time"
 )
@@ -15,29 +14,3 @@ import (
 func transportExpectContinueTimeout(t1 *http.Transport) time.Duration {
 	return t1.ExpectContinueTimeout
 }
-
-// isBadCipher reports whether the cipher is blacklisted by the HTTP/2 spec.
-func isBadCipher(cipher uint16) bool {
-	switch cipher {
-	case tls.TLS_RSA_WITH_RC4_128_SHA,
-		tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
-		tls.TLS_RSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_RSA_WITH_AES_256_CBC_SHA,
-		tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
-		tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
-		tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
-		tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-		// Reject cipher suites from Appendix A.
-		// "This list includes those cipher suites that do not
-		// offer an ephemeral key exchange and those that are
-		// based on the TLS null, stream or block cipher type"
-		return true
-	default:
-		return false
-	}
-}
--- a/http2/not_go16.go
+++ b/http2/not_go16.go
@@ -7,7 +7,6 @@
 package http2

 import (
-	"crypto/tls"
 	"net/http"
 	"time"
 )
@@ -20,27 +19,3 @@ func transportExpectContinueTimeout(t1 *http.Transport) time.Duration {
 	return 0

 }
-
-// isBadCipher reports whether the cipher is blacklisted by the HTTP/2 spec.
-func isBadCipher(cipher uint16) bool {
-	switch cipher {
-	case tls.TLS_RSA_WITH_RC4_128_SHA,
-		tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
-		tls.TLS_RSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_RSA_WITH_AES_256_CBC_SHA,
-		tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
-		tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-		// Reject cipher suites from Appendix A.
-		// "This list includes those cipher suites that do not
-		// offer an ephemeral key exchange and those that are
-		// based on the TLS null, stream or block cipher type"
-		return true
-	default:
-		return false
-	}
-}
--- a/http2/server_test.go
+++ b/http2/server_test.go
@@ -2432,6 +2432,7 @@ func TestServer_Rejects_TLSBadCipher(t *testing.T) {
 			tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
 			tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
 			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+			cipher_TLS_RSA_WITH_AES_128_CBC_SHA256,
 		}
 	})
 	defer st.Close()
@@ -3416,6 +3417,7 @@ func TestServerHandleCustomConn(t *testing.T) {
 	fakeConnState := tls.ConnectionState{
 		ServerName:  testString,
 		Version:     tls.VersionTLS12,
+		CipherSuite: cipher_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
 	}
 	go s.ServeConn(connStateConn{c1, fakeConnState}, &ServeConnOpts{
 		BaseConfig: &http.Server{

--- a/http2/transport_test.go
+++ b/http2/transport_test.go
@@ -66,6 +66,7 @@ type fakeTLSConn struct {
 func (c *fakeTLSConn) ConnectionState() tls.ConnectionState {
 	return tls.ConnectionState{
 		Version:     tls.VersionTLS12,
+		CipherSuite: cipher_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
 	}
 }