Revert "Default SSL_set_enforce_rsa_key_usage to enabled."
This reverts commit 64393b57e8734b92a6ba784bcfc02b1aa01e5ff2. We'll
reland this change in January. Projects that rely on this revert should
use SSL_set_enforce_rsa_key_usage, available since 2019, to control the
security check without being reliant on the defaults.
Bug: 519
Change-Id: Icf53eae8c29f316c7df4ec1a7c16626ac3af8560
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/55005
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index a6ca0ab..4d56d37 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -687,7 +687,7 @@
signed_cert_timestamps_enabled(false),
ocsp_stapling_enabled(false),
channel_id_enabled(false),
- enforce_rsa_key_usage(true),
+ enforce_rsa_key_usage(false),
retain_only_sha256_of_client_certs(false),
handoff(false),
shed_handshake_config(false),
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 655226c..5c6ef4f 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -15613,6 +15613,9 @@
},
shouldFail: true,
expectedError: ":KEY_USAGE_BIT_INCORRECT:",
+ flags: []string{
+ "-enforce-rsa-key-usage",
+ },
})
testCases = append(testCases, testCase{
@@ -15624,6 +15627,9 @@
Certificates: []Certificate{dsCert},
CipherSuites: dsSuites,
},
+ flags: []string{
+ "-enforce-rsa-key-usage",
+ },
})
// TLS 1.3 removes the encipherment suites.
@@ -15637,6 +15643,9 @@
Certificates: []Certificate{encCert},
CipherSuites: encSuites,
},
+ flags: []string{
+ "-enforce-rsa-key-usage",
+ },
})
testCases = append(testCases, testCase{
@@ -15650,6 +15659,9 @@
},
shouldFail: true,
expectedError: ":KEY_USAGE_BIT_INCORRECT:",
+ flags: []string{
+ "-enforce-rsa-key-usage",
+ },
})
// In 1.2 and below, we should not enforce without the enforce-rsa-key-usage flag.
@@ -15662,7 +15674,6 @@
Certificates: []Certificate{dsCert},
CipherSuites: encSuites,
},
- flags: []string{"-no-enforce-rsa-key-usage"},
})
testCases = append(testCases, testCase{
@@ -15674,22 +15685,20 @@
Certificates: []Certificate{encCert},
CipherSuites: dsSuites,
},
- flags: []string{"-no-enforce-rsa-key-usage"},
})
}
if ver.version >= VersionTLS13 {
- // In 1.3 and above, we enforce keyUsage even when disabled.
+ // In 1.3 and above, we enforce keyUsage even without the flag.
testCases = append(testCases, testCase{
testType: clientTest,
- name: "RSAKeyUsage-Client-WantSignature-GotEncipherment-AlwaysEnforced" + ver.name,
+ name: "RSAKeyUsage-Client-WantSignature-GotEncipherment-Enforced" + ver.name,
config: Config{
MinVersion: ver.version,
MaxVersion: ver.version,
Certificates: []Certificate{encCert},
CipherSuites: dsSuites,
},
- flags: []string{"-no-enforce-rsa-key-usage"},
shouldFail: true,
expectedError: ":KEY_USAGE_BIT_INCORRECT:",
})
diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc
index cb79dea..2671370 100644
--- a/ssl/test/test_config.cc
+++ b/ssl/test/test_config.cc
@@ -364,8 +364,7 @@
IntFlag("-install-one-cert-compression-alg",
&TestConfig::install_one_cert_compression_alg),
BoolFlag("-reverify-on-resume", &TestConfig::reverify_on_resume),
- BoolFlag("-no-enforce-rsa-key-usage",
- &TestConfig::no_enforce_rsa_key_usage),
+ BoolFlag("-enforce-rsa-key-usage", &TestConfig::enforce_rsa_key_usage),
BoolFlag("-is-handshaker-supported",
&TestConfig::is_handshaker_supported),
BoolFlag("-handshaker-resume", &TestConfig::handshaker_resume),
@@ -1743,8 +1742,8 @@
if (reverify_on_resume) {
SSL_CTX_set_reverify_on_resume(ssl_ctx, 1);
}
- if (no_enforce_rsa_key_usage) {
- SSL_set_enforce_rsa_key_usage(ssl.get(), 0);
+ if (enforce_rsa_key_usage) {
+ SSL_set_enforce_rsa_key_usage(ssl.get(), 1);
}
if (no_tls13) {
SSL_set_options(ssl.get(), SSL_OP_NO_TLSv1_3);
diff --git a/ssl/test/test_config.h b/ssl/test/test_config.h
index 6b15891..1a21ac1 100644
--- a/ssl/test/test_config.h
+++ b/ssl/test/test_config.h
@@ -177,7 +177,7 @@
bool install_cert_compression_algs = false;
int install_one_cert_compression_alg = 0;
bool reverify_on_resume = false;
- bool no_enforce_rsa_key_usage = false;
+ bool enforce_rsa_key_usage = false;
bool is_handshaker_supported = false;
bool handshaker_resume = false;
std::string handshaker_path;
