Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 145 users
Status: Fixed
Owner:
Last visit > 30 days ago
Closed: Jun 2013
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug

Restricted
  • Only users with EditIssue permission may comment.



Sign in to add a comment
No TLS 1.2 (SHA-2) Support
Reported by j...@nnbfn.net, Jul 25 2011 Back to list
Chrome Version       : 12.0.742.122 (Official Build 91910) m
URLs (if applicable) : N/A
Other browsers tested: N/A  Supported in IE9 and Opera.

What steps will reproduce the problem?
1. Visit - TLS1.2 enabled website.
2. Check TLS conneciton info.
3.

What is the expected result? Connection negotiates a TLS 1.2/SHA256 session.


What happens instead? Connection negotiates a TLS 1.0 session.

Please provide any additional information below. Attach a screenshot if
possible.

The US Government has mandated the implementation of a minimum of SHA-256 for use in generation and validation of digital signatures by the end of 2012.  This mandate applies to SSL/TLS communication.  SHA-256 support was implemented in the TLS 1.2 protocol.  Support for TLS 1.2 has already been implemented in IE9 and Opera 10.  In this regard, Chrome is behind.  

Without this support, Chrome will not be authorized for use by US Government or Military communications once the mandate has become effective.
 
Comment 1 by wtc@chromium.org, Aug 2 2011
Labels: -Area-Undefined Area-Internals Internals-Network-SSL
Status: ExternalDependency
jon: thank you for the bug report.  This requires adding TLS 1.2 support
to NSS first: https://bugzilla.mozilla.org/show_bug.cgi?id=480514
Comment 3 by Deleted ...@, Sep 21 2011
Come on, TLS 1.0 can be cracked in 10 minutes!

Comment 4 by mcromp...@gmail.com, Jan 21 2012
At http://blogs.msdn.com/b/kaushal/archive/2011/10/03/taming-the-beast-browser-exploit-against-ssl-tls.aspx

"The irony is that major internet browsers (Chrome, Firefox and Safari) still don’t provide support for TLS 1.1 and TLS 1.2. They continue to use a security protocols which is a decade old. Its been 5 years since TLS 1.1 was released, yet this hasn’t been implemented by them."
BEAST isn't as big a deal as it was made out to be. 

TLS 1.1/2 are nice but servers need to support them and they don't. I think browsers should step on it so that servers will take advantage but it's not a huge deal.
Comment 6 by papal...@gmail.com, Jan 22 2012
Not a big deal? I would argue that it's a bigger deal than the renegotiation issue.
Why?
Why?
BEAST is quite interesting but it is not nearly as dangerous as it's made out to be. It requires things like SOP to be broken and only works because of a flaw in TLS 1.0 CBC ciphers. You can just switch to RC4 and be fine for the time being.

That being said, we still really need TLS 1.2 support
So the solution is... to downgrade from AES to arcfour? Sorry, that's *not* a solution.
in Chrome 21 TLS 1.1 has been implemented and enabled by default. We are getting somewhere. Would be great if 1.2 would follow soon!

Source:
http://googlechromereleases.blogspot.nl/2012/05/dev-channel-update_29.html
I've just upgraded my servers openssl. It now provides up to TLS 1.2. Support from Chrome would indeed be appreciated. 
Project Member Comment 13 by bugdroid1@chromium.org, Mar 10 2013
Labels: -Area-Internals -Internals-Network-SSL Cr-Internals Cr-Internals-Network-SSL
Comment 14 by wtc@chromium.org, Apr 25 2013
Owner: wtc@chromium.org
Status: Assigned
Comment 15 by wtc@chromium.org, Apr 29 2013
Labels: M-31
Status: Started
I have started working on this. I plan to finish this by Chrome 31.
Comment 16 by wtc@chromium.org, Apr 29 2013
Labels: Restrict-AddIssueComment-EditIssue
Comment 17 by wtc@chromium.org, May 10 2013
Cc: rsleevi@chromium.org nasko@chromium.org agl@chromium.org
I converted Adam's NSS patch to a Chromium changelist to make code review
easier: https://codereview.chromium.org/14772023/

For Chromium, we need to update our platform SSL client auth code and
TLS Channel ID code because the SSL3Hashes structure has changed.  I
have updated the TLS Channel ID code. I will update the platform SSL
client auth code tomorrow.

Project Member Comment 18 by bugdroid1@chromium.org, May 14 2013
------------------------------------------------------------------------
r200019 | wtc@chromium.org | 2013-05-14T17:08:37.887019Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/nss/nss/exports_win.def?r1=200019&r2=200018&pathrev=200019

Export HASH_ResultLenByOidTag.

The TLS 1.2 code is expected to need this function.

R=agl@chromium.org
BUG= 90392 
TEST=none

Review URL: https://chromiumcodereview.appspot.com/14941009
------------------------------------------------------------------------
Project Member Comment 19 by bugdroid1@chromium.org, May 15 2013
------------------------------------------------------------------------
r200266 | wtc@chromium.org | 2013-05-15T14:47:25.913960Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/nss/nss/exports_win.def?r1=200266&r2=200265&pathrev=200266

Export SGN_Digest and VFY_VerifyDigestDirect.

These functions generate or verify RSA signatures that contain
the ASN.1 DigestInfo structure. TLS 1.2 uses this kind of RSA
signature.

R=agl@chromium.org
BUG= 90392 
TEST=none

Review URL: https://chromiumcodereview.appspot.com/14575005
------------------------------------------------------------------------
Project Member Comment 20 by bugdroid1@chromium.org, May 16 2013
------------------------------------------------------------------------
r200469 | wtc@chromium.org | 2013-05-16T06:33:54.590901Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/DEPS?r1=200469&r2=200468&pathrev=200469

Update nss_revision to 200337.

Underlying CLs:
https://codereview.chromium.org/14941009/
https://codereview.chromium.org/14575005/
https://codereview.chromium.org/12383037/
https://codereview.chromium.org/15067014/

R=rsleevi@chromium.org
BUG= 90392 , 176541 ,236469
TEST=none

Review URL: https://chromiumcodereview.appspot.com/15127009
------------------------------------------------------------------------
Project Member Comment 21 by bugdroid1@chromium.org, May 30 2013
------------------------------------------------------------------------
r203090 | wtc@chromium.org | 2013-05-30T05:52:51.878068Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslt.h?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslproto.h?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/README.chromium?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3prot.h?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3ecc.c?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/SSLerrs.h?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_network_transaction_spdy2_unittest.cc?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_network_transaction_spdy3_unittest.cc?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3ext.c?r1=203090&r2=203089&pathrev=203090
   A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12.patch?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/applypatches.sh?r1=203090&r2=203089&pathrev=203090
   A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12chromium.patch?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/ssl/ssl_config_service.cc?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslerr.h?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslsock.c?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3con.c?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslimpl.h?r1=203090&r2=203089&pathrev=203090
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslplatf.c?r1=203090&r2=203089&pathrev=203090

Implement TLS 1.2.

Patch by Adam Langley.

R=agl@chromium.org
BUG= 90392 
TEST=net_unittests

Review URL: https://chromiumcodereview.appspot.com/14772023
------------------------------------------------------------------------
Project Member Comment 23 by bugdroid1@chromium.org, Jun 6 2013
------------------------------------------------------------------------
r204467 | wtc@chromium.org | 2013-06-06T09:48:34.226637Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslsock.c?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3con.c?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslenum.c?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslimpl.h?r1=204467&r2=204466&pathrev=204467
   A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12hmacsha256.patch?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslproto.h?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslt.h?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/applypatches.sh?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/README.chromium?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslinfo.c?r1=204467&r2=204466&pathrev=204467
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3ecc.c?r1=204467&r2=204466&pathrev=204467

Support the new TLS 1.2 HMAC-SHA256 cipher suites specified in
RFC 5246 and RFC 5289.

To avoid making ClientHello too big, the new DH_DSS, DH_RSA,
DHE_DSS, DH_anon, ECDH_ECDSA, and ECDH_RSA are not added.

Do not generate client_write_IV and server_write_IV in TLS 1.1+
for CBC block ciphers because 1) they aren't used, and 2) a
buffer in the NSS softoken is not big enough if the HMAC key
is 32 bytes (for HMAC-SHA256) and client_write_IV and
server_write_IV are still generated.

Do not downgrade to TLS 1.1 silently when SSL_BYPASS_PKCS11
mode is requested because we won't be able to test the new
TLS 1.2 only cipher suites in PKCS #11 bypass mode. Instead,
silently turn off PKCS #11 bypass if TLS 1.2 is enabled.

R=agl@chromium.org
BUG= 90392 
TEST=none (done in NSS upstream)

Review URL: https://chromiumcodereview.appspot.com/16394004
------------------------------------------------------------------------
Project Member Comment 24 by bugdroid1@chromium.org, Jun 17 2013
------------------------------------------------------------------------
r206827 | wtc@chromium.org | 2013-06-17T23:13:59.278526Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslimpl.h?r1=206827&r2=206826&pathrev=206827
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/applypatches.sh?r1=206827&r2=206826&pathrev=206827
   A http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/patches/tls12handshakehashes.patch?r1=206827&r2=206826&pathrev=206827
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/README.chromium?r1=206827&r2=206826&pathrev=206827
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/derive.c?r1=206827&r2=206826&pathrev=206827
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/sslsock.c?r1=206827&r2=206826&pathrev=206827
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/third_party/nss/ssl/ssl3con.c?r1=206827&r2=206826&pathrev=206827

Miscellaneous cleanup of TLS 1.2 code.

1. Support TLS 1.2 in PKCS #11 bypass mode.
2. Delay the creation of handshake hash contexts until we have established
   the handshake hash functions.
3. Buffer handshake messages until the handshake hash contexts have been
   created.
4. Fix the double ssl3_RestartHandshakeHashes calls, by removing the
   ssl3_RestartHandshakeHashes call in ssl3_NewHandshakeHashes.
5. Remove redundant ssl3_InitState calls.
6. Remove NSS_SURVIVE_DOUBLE_BYPASS_FAILURE support, so that
   ss->ssl3.hs.messages is used for only one purpose.

R=agl@chromium.org
BUG= 90392 
TEST=none

Review URL: https://chromiumcodereview.appspot.com/17109007
------------------------------------------------------------------------
Project Member Comment 25 by bugdroid1@chromium.org, Jun 21 2013
------------------------------------------------------------------------
r207759 | wtc@chromium.org | 2013-06-21T08:58:41.837727Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/ssl/ssl_config_service.cc?r1=207759&r2=207758&pathrev=207759

Disable TLS 1.2 if USE_OPENSSL is defined (such as on Android) to
prevent ClientHello from being larger than 256 bytes. Some broken
servers can't handle a large ClientHello.

R=agl@chromium.org,rsleevi@chromium.org
BUG= 90392 , 245500 ,247691
TEST=none

Review URL: https://chromiumcodereview.appspot.com/17094016
------------------------------------------------------------------------
Project Member Comment 26 by bugdroid1@chromium.org, Jun 22 2013
------------------------------------------------------------------------
r208102 | wtc@chromium.org | 2013-06-22T23:54:28.305176Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/ssl/ssl_config_service.cc?r1=208102&r2=208101&pathrev=208102

Revert 207759 "Disable TLS 1.2 if USE_OPENSSL is defined (such a..."

With r208081 (https://codereview.chromium.org/16879015), it is safe to
re-enable TLS 1.2 for USE_OPENSSL.

> Disable TLS 1.2 if USE_OPENSSL is defined (such as on Android) to
> prevent ClientHello from being larger than 256 bytes. Some broken
> servers can't handle a large ClientHello.
> 
> R=agl@chromium.org,rsleevi@chromium.org
> BUG= 90392 , 245500 ,247691
> TEST=none
> 
> Review URL: https://chromiumcodereview.appspot.com/17094016

TBR=wtc@chromium.org

Review URL: https://codereview.chromium.org/17553016
------------------------------------------------------------------------
Project Member Comment 27 by bugdroid1@chromium.org, Jun 24 2013
------------------------------------------------------------------------
r208230 | wtc@chromium.org | 2013-06-24T17:37:16.166338Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/ssl/ssl_config_service.cc?r1=208230&r2=208229&pathrev=208230

Revert 207759 "Disable TLS 1.2 if USE_OPENSSL is defined (such a..."

With r208081 (https://codereview.chromium.org/16879015), it is safe to
re-enable TLS 1.2 for USE_OPENSSL.

> Disable TLS 1.2 if USE_OPENSSL is defined (such as on Android) to
> prevent ClientHello from being larger than 256 bytes. Some broken
> servers can't handle a large ClientHello.
> 
> R=agl@chromium.org,rsleevi@chromium.org
> BUG= 90392 , 245500 ,247691
> TEST=none
> 
> Review URL: https://chromiumcodereview.appspot.com/17094016

TBR=wtc@chromium.org

Review URL: https://codereview.chromium.org/17575013
------------------------------------------------------------------------
Comment 28 by wtc@chromium.org, Jun 27 2013
Labels: -M-31 M-29
Status: Fixed
Marked the bug fixed in M29.

If everything goes well, Chrome 29 will enable TLS 1.2 by default and support
the HMAC-SHA256 cipher suites, which allow us to use the TLS protocol without
MD5 or SHA-1 at all.

The support for AES GCM cipher suites for TLS is tracked in  issue 255241 .
Sign in to add a comment