# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. # # This file enables policy testing # # The policy string is set to the config= line in the pkcs11.txt # it currently has 2 keywords: # # disallow= turn off the use of this algorithm by policy. (implies disable) # allow= allow this algorithm to by used if selected by policy. # disable= turn off the use of this algorithm even if allowed by policy # (application can override) # enable= turn off this algorithm by default (implies allow) # flags= policy-lock: can't change policy with NSS_SetAlgorithmPolicy, # NSS_SetOption, or SSL_SetCipherPolicy # ssl-lock: can't change the cipher suite settings with the application. # # The syntax is disallow=algorithm{/uses}:algorithm{/uses} # where {} signifies an optional element # # valid algorithms are: # ECC curves: # PRIME192V1 # PRIME192V2 # PRIME192V3 # PRIME239V1 # PRIME239V2 # PRIME239V3 # PRIME256V1 # SECP112R1 # SECP112R2 # SECP128R1 # SECP128R2 # SECP160K1 # SECP160R1 # SECP160R2 # SECP192K1 # SECP192R1 # SECP224K1 # SECP256K1 # SECP256R1 # SECP384R1 # SECP521R1 # C2PNB163V1 # C2PNB163V2 # C2PNB163V3 # C2PNB176V1 # C2TNB191V1 # C2TNB191V2 # C2TNB191V3 # C2ONB191V4 # C2ONB191V5 # C2PNB208W1 # C2TNB239V1 # C2TNB239V2 # C2TNB239V3 # C2ONB239V4 # C2ONB239V5 # C2PNB272W1 # C2PNB304W1 # C2TNB359V1 # C2PNB368W1 # C2TNB431R1 # SECT113R1 # SECT131R1 # SECT131R1 # SECT131R2 # SECT163K1 # SECT163R1 # SECT163R2 # SECT193R1 # SECT193R2 # SECT233K1 # SECT233R1 # SECT239K1 # SECT283K1 # SECT283R1 # SECT409K1 # SECT409R1 # SECT571K1 # SECT571R1 # Signatures: # DSA # RSA-PKCS # RSA-PSS # ECDSA # Hashes: # MD2 # MD4 # MD5 # SHA1 # SHA224 # SHA256 # SHA384 # SHA512 # MACs: # HMAC-SHA1 # HMAC-SHA224 # HMAC-SHA256 # HMAC-SHA384 # HMAC-SHA512 # HMAC-MD5 # Ciphers: # AES128-CBC # AES192-CBC # AES256-CBC # AES128-GCM # AES192-GCM # AES256-GCM # CAMELLIA128-CBC # CAMELLIA192-CBC # CAMELLIA256-CBC # SEED-CBC # DES-EDE3-CBC # DES-40-CBC # DES-CBC # NULL-CIPHER # RC2 # RC4 # IDEA # Key exchange # RSA # RSA-EXPORT # DHE-RSA # DHE-DSS # DH-RSA # DH-DSS # ECDHE-ECDSA # ECDHE-RSA # ECDH-ECDSA # ECDH-RSA # SSL Versions # SSL2.0 # SSL3.0 # TLS1.0 # TLS1.1 # TLS1.2 # DTLS1.1 # DTLS1.2 # Include all of the above: # ALL #----------------------------------------------- # Uses are: # ssl # ssl-key-exchange # key-exchange (includes ssl-key-exchange) # cert-signature # all-signature (includes cert-signature) # signature (all signatures off, some signature allowed based on other option) # all (includes all of the above) #----------------------------------------------- # In addition there are the following options: # min-rsa # min-dh # min-dsa # they have the following syntax: # allow=min-rsa=512:min-dh=1024 # # in the following tests, we use the cipher suite 'd': # d SSL3 RSA WITH 3DES EDE CBC SHA (=:000a). # NOTE: the certificates used in validation are rsa-pkcs1/sha256 signed. # # Exp Enable Enable Cipher Config Policy Test Name # Ret EC TLS # turn on single cipher 0 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:rsa:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Allowed by Narrow Policy 0 noECC SSL3 d disallow=all_allow=hmac-sha1/ssl,ssl-key-exchange:sha256/all-signature:rsa-pkcs/all-signature:rsa/ssl-key-exchange:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Allowed by Strict Policy 0 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:dsa/all:rsa-pss/all:ecdsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Allow All Explicitly 1 noECC SSL3 d disallow=all Disallow All Explicitly # turn off signature only 1 noECC SSL3 d disallow=all/signature Disallow all signatures with Explicitly 1 noECC SSL3 d disallow=sha256 Disallow SHA256 Explicitly 1 noECC SSL3 d disallow=sha256/cert-signature Disallow SHA256 Certificate signature Explicitly 1 noECC SSL3 d disallow=sha256/signature Disallow All SHA256 signatures Explicitly 1 noECC SSL3 d disallow=sha256/all-signature Disallow Any SHA256 signature Explicitly 1 noECC SSL3 d disallow=all_allow=hmac-sha1:rsa/ssl-key-exchange:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow SHA256 Signatures Implicitly Narrow 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:dsa/all:ecdsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow SHA256 Signatures Implicitly # turn off single cipher 1 noECC SSL3 d disallow=des-ede3-cbc Disallow Cipher Explicitly 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:rsa:des-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow Cipher Implicitly Narrow 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-verion-max=tls1.2 Disallow Cipher Implicitly # turn off H-Mac 1 noECC SSL3 d disallow=hmac-sha1 Disallow HMAC Explicitly 1 noECC SSL3 d disallow=all_allow=md5:sha256:rsa:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow HMAC Implicitly Narrow 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow HMAC Signatures Implicitly # turn off key exchange 1 noECC SSL3 d disallow=rsa/ssl-key-exchange Disallow Key Exchange Explicitly 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:dh-dss:des-ede3-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0 Disallow Key Exchange Implicitly Narrow 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=ssl2.0:tls-version-max=tls1.2 Disallow Key Exchange Signatures Implicitly # turn off version 1 noECC SSL3 d allow=tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Exlicitly 1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:rsa:des-ede3-cbc:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly Narrow 1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly 0 noECC SSL3 d disallow=dsa Disallow DSA Signatures Explicitly 1 noECC SSL3 d disallow=rsa-pkcs Disallow RSA PKCS 1 Signatures Explicitly # test default settings # NOTE: tstclient will attempt to overide the defaults, so we detect we # were successful by locking in our settings 0 noECC SSL3 d allow=all_disable=all Disable all by default, application override 1 noECC SSL3 d allow=all_disable=all_flags=ssl-lock,policy-lock Disable all by default, prevent application from enabling 0 noECC SSL3 d allow=all_disable=all_flags=policy-lock Disable all by default, lock policy (application can still change the ciphers) # explicitly enable :002f RSA_AES_128_CBC_SHA1 and lock it in 0 noECC SSL3 d allow=all_disable=all_enable=hmac-sha1:sha256:rsa-pkcs:rsa:aes128-cbc:tls-version-min=ssl3.0:tls-version-max=ssl3.0_flags=ssl-lock Lock in a different ciphersuite that the one the application asks for