setopt: add TLS 1.3 ciphersuites

Adds CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS.

curl: added --tls13-ciphers and --proxy-tls13-ciphers

Fixes #2435
Reported-by: zzq1015 on github

Author: bagder

docs/CIPHERS.md

@@ -142,6 +142,16 @@ libcurl was built to use. This is an attempt to list known cipher names.
 `ECDHE-RSA-CAMELLIA128-SHA256`
 `ECDHE-RSA-CAMELLIA256-SHA384`
 
+### TLS 1.3 cipher suites
+
+(Note: the TLS 1.3 cipher suites are set with a separate option.)
+
+`TLS13-AES-256-GCM-SHA384`
+`TLS13-CHACHA20-POLY1305-SHA256`
+`TLS13-AES-128-GCM-SHA256`
+`TLS13-AES-128-CCM-8-SHA256`
+`TLS13-AES-128-CCM-SHA256`
+
 ## NSS
 
 ### Totally insecure

docs/cmdline-opts/Makefile.inc

@@ -47,6 +47,6 @@ DPAGES = abstract-unix-socket.d anyauth.d append.d basic.d cacert.d capath.d cer
   tlsv1.3.d tlsv1.d trace-ascii.d trace.d trace-time.d tr-encoding.d    \
   unix-socket.d upload-file.d url.d use-ascii.d user-agent.d user.d     \
   verbose.d version.d write-out.d xattr.d request-target.d              \
-  styled-output.d
+  styled-output.d tls13-ciphers.d proxy-tls13-ciphers.d
 
 OTHERPAGES = page-footer page-header

docs/cmdline-opts/proxy-tls13-ciphers.d

@@ -0,0 +1,12 @@
+Long: proxy-tls13-ciphers
+Arg: <ciphersuite list>
+help: TLS 1.3 proxy cipher suites
+Protocols: TLS
+---
+Specifies which cipher suites to use in the connection to your HTTPS proxy
+when it negotiates TLS 1.3. The list of ciphers suites must specify valid
+ciphers. Read up on TLS 1.3 cipher suite details on this URL:
+
+ https://curl.haxx.se/docs/ssl-ciphers.html
+
+If this option is used several times, the last one will be used.

docs/cmdline-opts/tls13-ciphers.d

@@ -0,0 +1,12 @@
+Long: tls13-ciphers
+Arg: <list of TLS 1.3 ciphersuites>
+help: TLS 1.3 cipher suites to use
+Protocols: TLS
+---
+Specifies which cipher suites to use in the connection if it negotiates TLS
+1.3. The list of ciphers suites must specify valid ciphers. Read up on TLS 1.3
+cipher suite details on this URL:
+
+ https://curl.haxx.se/docs/ssl-ciphers.html
+
+If this option is used several times, the last one will be used.

docs/libcurl/curl_easy_setopt.3

@@ -548,6 +548,10 @@ Identify EGD socket for entropy. See \fICURLOPT_EGDSOCKET(3)\fP
 Ciphers to use. See \fICURLOPT_SSL_CIPHER_LIST(3)\fP
 .IP CURLOPT_PROXY_SSL_CIPHER_LIST
 Proxy ciphers to use. See \fICURLOPT_PROXY_SSL_CIPHER_LIST(3)\fP
+.IP CURLOPT_TLS13_CIPHERS
+TLS 1.3 cipher suites to use. See \fICURLOPT_TLS13_CIPHERS(3)\fP
+.IP CURLOPT_PROXY_TLS13_CIPHERS
+Proxy TLS 1.3 cipher suites to use. See \fICURLOPT_PROXY_TLS13_CIPHERS(3)\fP
 .IP CURLOPT_SSL_SESSIONID_CACHE
 Disable SSL session-id cache. See \fICURLOPT_SSL_SESSIONID_CACHE(3)\fP
 .IP CURLOPT_SSL_OPTIONS

docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.3

@@ -0,0 +1,63 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2018, Daniel Stenberg, <[email protected]>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_TLS13_CIPHERS 3 "25 May 2018" "libcurl 7.61.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_TLS13_CIPHERS \- ciphers suites for proxy TLS 1.3
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_TLS13_CIPHERS, char *list);
+.SH DESCRIPTION
+Pass a char *, pointing to a zero terminated string holding the list of cipher
+suites to use for the TLS 1.3 connection to a proxy. The list must be
+syntactically correct, it consists of one or more cipher suite strings
+separated by colons.
+
+You'll find more details about cipher lists on this URL:
+
+ https://curl.haxx.se/docs/ssl-ciphers.html
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL, use internal default
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
+  curl_easy_setopt(curl, CURLOPT_PROXY_TLS13_CIPHERS,
+                   "TLS13-CHACHA20-POLY1305-SHA256");
+  ret = curl_easy_perform(curl);
+  curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.61.0.
+Available when built with OpenSSL >= 1.1.1.
+.SH RETURN VALUE
+Returns CURLE_OK if supported, CURLE_NOT_BUILT_IN otherwise.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLVERSION "(3), " CURLOPT_TLS13_CIPHERS "(3), "

docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.3

@@ -0,0 +1,62 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2018, Daniel Stenberg, <[email protected]>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_TLS13_CIPHERS 3 "25 May 2018" "libcurl 7.61.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_TLS13_CIPHERS \- specify ciphers suites to use for TLS 1.3
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TLS13_CIPHERS, char *list);
+.SH DESCRIPTION
+Pass a char *, pointing to a zero terminated string holding the list of cipher
+suites to use for the TLS 1.3 connection. The list must be syntactically
+correct, it consists of one or more cipher suite strings separated by colons.
+
+You'll find more details about cipher lists on this URL:
+
+ https://curl.haxx.se/docs/ssl-ciphers.html
+
+The application does not have to keep the string around after setting this
+option.
+.SH DEFAULT
+NULL, use internal default
+.SH PROTOCOLS
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
+  curl_easy_setopt(curl, CURLOPT_TLS13_CIPHERS,
+                   "TLS13-CHACHA20-POLY1305-SHA256");
+  ret = curl_easy_perform(curl);
+  curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.61.0.
+Available when built with OpenSSL >= 1.1.1.
+.SH RETURN VALUE
+Returns CURLE_OK if supported, CURLE_NOT_BUILT_IN otherwise.
+.SH "SEE ALSO"
+.BR CURLOPT_SSLVERSION "(3), " CURLOPT_PROXY_TLS13_CIPHERS "(3), "

docs/libcurl/opts/Makefile.inc

@@ -237,6 +237,7 @@ man_MANS =                                      \
   CURLOPT_PROXY_SSL_OPTIONS.3                   \
   CURLOPT_PROXY_SSL_VERIFYHOST.3                \
   CURLOPT_PROXY_SSL_VERIFYPEER.3                \
+  CURLOPT_PROXY_TLS13_CIPHERS.3                 \
   CURLOPT_PROXY_TLSAUTH_PASSWORD.3              \
   CURLOPT_PROXY_TLSAUTH_TYPE.3                  \
   CURLOPT_PROXY_TLSAUTH_USERNAME.3              \
@@ -315,6 +316,7 @@ man_MANS =                                      \
   CURLOPT_TIMEOUT_MS.3                          \
   CURLOPT_TIMEVALUE.3                           \
   CURLOPT_TIMEVALUE_LARGE.3                     \
+  CURLOPT_TLS13_CIPHERS.3                       \
   CURLOPT_TLSAUTH_PASSWORD.3                    \
   CURLOPT_TLSAUTH_TYPE.3                        \
   CURLOPT_TLSAUTH_USERNAME.3                    \

docs/libcurl/symbols-in-versions

@@ -101,8 +101,8 @@ CURLE_PEER_FAILED_VERIFICATION  7.17.1
 CURLE_QUOTE_ERROR               7.17.0
 CURLE_RANGE_ERROR               7.17.0
 CURLE_READ_ERROR                7.1
-CURLE_RECV_ERROR                7.10
 CURLE_RECURSIVE_API_CALL        7.59.0
+CURLE_RECV_ERROR                7.10
 CURLE_REMOTE_ACCESS_DENIED      7.17.0
 CURLE_REMOTE_DISK_FULL          7.17.0
 CURLE_REMOTE_FILE_EXISTS        7.17.0
@@ -514,6 +514,7 @@ CURLOPT_PROXY_SSL_CIPHER_LIST   7.52.0
 CURLOPT_PROXY_SSL_OPTIONS       7.52.0
 CURLOPT_PROXY_SSL_VERIFYHOST    7.52.0
 CURLOPT_PROXY_SSL_VERIFYPEER    7.52.0
+CURLOPT_PROXY_TLS13_CIPHERS     7.61.0
 CURLOPT_PROXY_TLSAUTH_PASSWORD  7.52.0
 CURLOPT_PROXY_TLSAUTH_TYPE      7.52.0
 CURLOPT_PROXY_TLSAUTH_USERNAME  7.52.0
@@ -528,6 +529,8 @@ CURLOPT_REDIR_PROTOCOLS         7.19.4
 CURLOPT_REFERER                 7.1
 CURLOPT_REQUEST_TARGET          7.55.0
 CURLOPT_RESOLVE                 7.21.3
+CURLOPT_RESOLVER_START_DATA     7.59.0
+CURLOPT_RESOLVER_START_FUNCTION 7.59.0
 CURLOPT_RESUME_FROM             7.1
 CURLOPT_RESUME_FROM_LARGE       7.11.0
 CURLOPT_RTSPHEADER              7.20.0
@@ -602,13 +605,12 @@ CURLOPT_TIMEOUT                 7.1
 CURLOPT_TIMEOUT_MS              7.16.2
 CURLOPT_TIMEVALUE               7.1
 CURLOPT_TIMEVALUE_LARGE         7.59.0
+CURLOPT_TLS13_CIPHERS           7.61.0
 CURLOPT_TLSAUTH_PASSWORD        7.21.4
 CURLOPT_TLSAUTH_TYPE            7.21.4
 CURLOPT_TLSAUTH_USERNAME        7.21.4
 CURLOPT_TRANSFERTEXT            7.1.1
 CURLOPT_TRANSFER_ENCODING       7.21.6
-CURLOPT_RESOLVER_START_FUNCTION 7.59.0
-CURLOPT_RESOLVER_START_DATA     7.59.0
 CURLOPT_UNIX_SOCKET_PATH        7.40.0
 CURLOPT_UNRESTRICTED_AUTH       7.10.4
 CURLOPT_UPLOAD                  7.1

include/curl/curl.h

@@ -1849,6 +1849,10 @@ typedef enum {
   /* shuffle addresses before use when DNS returns multiple */
   CINIT(DNS_SHUFFLE_ADDRESSES, LONG, 275),
 
+  /* Specify which TLS 1.3 ciphers suites to use */
+  CINIT(TLS13_CIPHERS, STRINGPOINT, 276),
+  CINIT(PROXY_TLS13_CIPHERS, STRINGPOINT, 277),
+
   CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;
 

lib/setopt.c

@@ -142,6 +142,25 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option,
                             va_arg(param, char *));
     break;
 
+  case CURLOPT_TLS13_CIPHERS:
+    if(Curl_ssl_tls13_ciphersuites()) {
+      /* set preferred list of TLS 1.3 cipher suites */
+      result = Curl_setstropt(&data->set.str[STRING_SSL_CIPHER13_LIST_ORIG],
+                              va_arg(param, char *));
+    }
+    else
+      return CURLE_NOT_BUILT_IN;
+    break;
+  case CURLOPT_PROXY_TLS13_CIPHERS:
+    if(Curl_ssl_tls13_ciphersuites()) {
+      /* set preferred list of TLS 1.3 cipher suites for proxy */
+      result = Curl_setstropt(&data->set.str[STRING_SSL_CIPHER13_LIST_PROXY],
+                              va_arg(param, char *));
+    }
+    else
+      return CURLE_NOT_BUILT_IN;
+    break;
+
   case CURLOPT_RANDOM_FILE:
     /*
      * This is the path name to a file that contains random data to seed

lib/urldata.h

@@ -227,6 +227,7 @@ struct ssl_primary_config {
   char *random_file;     /* path to file containing "random" data */
   char *egdsocket;       /* path to file containing the EGD daemon socket */
   char *cipher_list;     /* list of ciphers to use */
+  char *cipher_list13;   /* list of TLS 1.3 cipher suites to use */
 };
 
 struct ssl_config_data {
@@ -1401,6 +1402,8 @@ enum dupstring {
   STRING_SSL_PINNEDPUBLICKEY_PROXY, /* public key file to verify proxy */
   STRING_SSL_CIPHER_LIST_ORIG, /* list of ciphers to use */
   STRING_SSL_CIPHER_LIST_PROXY, /* list of ciphers to use */
+  STRING_SSL_CIPHER13_LIST_ORIG, /* list of TLS 1.3 ciphers to use */
+  STRING_SSL_CIPHER13_LIST_PROXY, /* list of TLS 1.3 ciphers to use */
   STRING_SSL_EGDSOCKET,   /* path to file containing the EGD daemon socket */
   STRING_SSL_RANDOM_FILE, /* path to file containing "random" data */
   STRING_USERAGENT,       /* User-Agent string */

lib/vtls/openssl.c

@@ -166,6 +166,17 @@ static unsigned long OpenSSL_version_num(void)
 #define HAVE_KEYLOG_CALLBACK
 #endif
 
+/* Whether SSL_CTX_set_ciphersuites is available.
+ * OpenSSL: supported since 1.1.1 (commit a53b5be6a05)
+ * BoringSSL: no
+ * LibreSSL: no
+ */
+#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && \
+     !defined(LIBRESSL_VERSION_NUMBER) &&       \
+     !defined(OPENSSL_IS_BORINGSSL))
+#define HAVE_SSL_CTX_SET_CIPHERSUITES
+#endif
+
 #if defined(LIBRESSL_VERSION_NUMBER)
 #define OSSL_PACKAGE "LibreSSL"
 #elif defined(OPENSSL_IS_BORINGSSL)
@@ -2413,6 +2424,19 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
     infof(data, "Cipher selection: %s\n", ciphers);
   }
 
+#ifdef HAVE_SSL_CTX_SET_CIPHERSUITES
+  {
+    char *ciphers13 = SSL_CONN_CONFIG(cipher_list13);
+    if(ciphers13) {
+      if(!SSL_CTX_set_ciphersuites(BACKEND->ctx, ciphers13)) {
+        failf(data, "failed setting TLS 1.3 cipher suite: %s", ciphers);
+        return CURLE_SSL_CIPHER;
+      }
+      infof(data, "TLS 1.3 cipher selection: %s\n", ciphers13);
+    }
+  }
+#endif
+
 #ifdef USE_TLS_SRP
   if(ssl_authtype == CURL_TLSAUTH_SRP) {
     char * const ssl_username = SSL_SET_OPTION(username);

lib/vtls/vtls.c

@@ -979,6 +979,14 @@ bool Curl_ssl_false_start(void)
   return Curl_ssl->false_start();
 }
 
+/*
+ * Check whether the SSL backend supports setting TLS 1.3 cipher suites
+ */
+bool Curl_ssl_tls13_ciphersuites(void)
+{
+  return Curl_ssl->supports & SSLSUPP_TLS13_CIPHERSUITES;
+}
+
 /*
  * Default implementations for unsupported functions.
  */

lib/vtls/vtls.h

@@ -31,6 +31,7 @@ struct ssl_connect_data;
 #define SSLSUPP_PINNEDPUBKEY (1<<2) /* supports CURLOPT_PINNEDPUBLICKEY */
 #define SSLSUPP_SSL_CTX      (1<<3) /* supports CURLOPT_SSL_CTX */
 #define SSLSUPP_HTTPS_PROXY  (1<<4) /* supports access via HTTPS proxies */
+#define SSLSUPP_TLS13_CIPHERSUITES (1<<5) /* supports TLS 1.3 ciphersuites */
 
 struct Curl_ssl {
   /*
@@ -93,6 +94,7 @@ CURLcode Curl_none_set_engine(struct Curl_easy *data, const char *engine);
 CURLcode Curl_none_set_engine_default(struct Curl_easy *data);
 struct curl_slist *Curl_none_engines_list(struct Curl_easy *data);
 bool Curl_none_false_start(void);
+bool Curl_ssl_tls13_ciphersuites(void);
 CURLcode Curl_none_md5sum(unsigned char *input, size_t inputlen,
                           unsigned char *md5sum, size_t md5len);
 
@@ -246,7 +248,7 @@ bool Curl_ssl_false_start(void);
 
 #define SSL_SHUTDOWN_TIMEOUT 10000 /* ms */
 
-#else
+#else /* if not USE_SSL */
 
 /* When SSL support is not present, just define away these function calls */
 #define Curl_ssl_init() 1
@@ -270,6 +272,7 @@ bool Curl_ssl_false_start(void);
 #define Curl_ssl_random(x,y,z) ((void)x, CURLE_NOT_BUILT_IN)
 #define Curl_ssl_cert_status_request() FALSE
 #define Curl_ssl_false_start() FALSE
+#define Curl_ssl_tls13_ciphersuites() FALSE
 #endif
 
 #endif /* HEADER_CURL_VTLS_H */

src/tool_cfgable.h

@@ -117,6 +117,8 @@ struct OperationConfig {
   struct getout *url_ul;    /* point to the node to fill in upload */
   char *cipher_list;
   char *proxy_cipher_list;
+  char *cipher13_list;
+  char *proxy_cipher13_list;
   char *cert;
   char *proxy_cert;
   char *cert_type;