Author Topic: Adding support for TLSv1.2  (Read 35687 times)

0brad0

  • Newbie
  • *
  • Posts: 9
Adding support for TLSv1.2
« on: August 01, 2014, 03:25:37 am »
Trying to connect via POP3/IMAP/SMTP I noticed AquaMail fails to connect to a server utilizing TLSv1.2.
« Last Edit: August 04, 2014, 03:35:39 pm by Kostya Vasilyev, Aqua Mail »

Thomas

  • Sr. Member
  • ****
  • Posts: 280
  • Just enjoying life...
Re: No support for TLSv1.2
« Reply #1 on: August 01, 2014, 07:43:48 am »
Need to know a little bit more. Which email provider? Is TLS supported from the server side? Did the server has special ports for TLS?

0brad0

  • Newbie
  • *
  • Posts: 9
Re: No support for TLSv1.2
« Reply #2 on: August 01, 2014, 08:23:04 am »
Need to know a little bit more. Which email provider? Is TLS supported from the server side? Did the server has special ports for TLS?

The e-mail provider is irrelevant; the problem would be the same no matter what. I wouldn't be asking about TLSv1.2 support if it did not support TLS. The port is irrelevant as it could be on 143, 10000 or 50000 or some other random port and it would be the same issue. Other e-mail clients such as modern Thunderbird (31), mutt and other clients using modern OpenSSL, GnuTLS, NSS or some other TLS stack supporting TLSv1.2 work fine; AquaMail at the moment does not.
« Last Edit: August 01, 2014, 08:33:32 am by 0brad0 »

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: No support for TLSv1.2
« Reply #3 on: August 02, 2014, 02:24:00 am »
You'll want to enable "SSL hardening" in Aqua's network settings. Disabled by default.

Then it'll go like this:

Code: [Select]
    // Order taken from OpenSSL 1.0.1c
private static final String[] ORDERED_KNOWN_CIPHERS = {
            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
            "TLS_RSA_WITH_AES_256_CBC_SHA",
            "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
            "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
            "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
            "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
            "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
            "TLS_RSA_WITH_AES_128_CBC_SHA",
            "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
            "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
            "TLS_ECDH_RSA_WITH_RC4_128_SHA",
            "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
            "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
            "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
            "SSL_RSA_WITH_RC4_128_SHA",
            "SSL_RSA_WITH_RC4_128_MD5",
    };

and like this

Code: [Select]
private static final String[] BLACKLISTED_CIPHERS = {
            "SSL_RSA_WITH_DES_CBC_SHA",
            "SSL_DHE_RSA_WITH_DES_CBC_SHA",
            "SSL_DHE_DSS_WITH_DES_CBC_SHA",
            "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
            "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
            "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
            "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
    };

and like this

Code: [Select]
private static final String[] ORDERED_KNOWN_PROTOCOLS = {
            "TLSv1.2", "TLSv1.1", "TLSv1", "SSLv3"
    };

I *think * it says "TLSv1.2".
Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

0brad0

  • Newbie
  • *
  • Posts: 9
Re: No support for TLSv1.2
« Reply #4 on: August 02, 2014, 05:31:08 am »
You'll want to enable "SSL hardening" in Aqua's network settings. Disabled by default.

If what you posted is correct then in theory it should work, but after enabling that setting I am still not able to establish a connection to a server only allowing for TLSv1.2.

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: No support for TLSv1.2
« Reply #5 on: August 02, 2014, 09:09:12 pm »
Well, I posted the code here:

https://gist.github.com/kmansoft/f4de66b422de7e93655d

I don't happen to have a mail server configured with TLS1.2 only.

If you can create a test account for me, I can take a look. I'd need IMAP or POP3 access too (so I can add the account into Aqua).

My email is kmansoft / gmail

Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: No support for TLSv1.2
« Reply #6 on: August 02, 2014, 09:40:36 pm »
PS:

First:

Feel free to compare Aqua's code to that in K9 Mail:

https://github.com/k9mail/k-9/blob/master/src/com/fsck/k9/net/ssl/TrustedSocketFactory.java

Yes, I copied some code from there. Almost all of it.

Second:

I was able to reconfigure my postfix server with TLSv1.2, and tried Aqua with SSL hardening enabled (so I don't need a test account anymore).

You're right, the code ended up using TLSv1.

And the reason is: socket.getEnabledProtocols in the code above returned [SSLv3, TLSv1].

The actual socket class is OpenSSLSocketImplWrapper.

I have no idea why it does not include TLSv1.1 and TLSv1.2.

I tested this on three devices -- HTC One Max with 4.4.2, Nexus 5 with 4.4.4, and a Samsung S4 Mini with 4.2.2 -- and it's the same on all of them. TLSv1.1 and TLSv1.2 are not listed as supported.

This Android code looks interesting, it says "No TLSv1.1 or TLSv1.2 support on SSLEngine based provider". But *the* provider in Android 4.1+ is OpenSSL, as far as I know (they switched from Bouncy Castle used in earlier versions).

https://android.googlesource.com/platform/libcore/+/cf6b19bbe9eba2ec41eeb3f0f1c2da1ad5e6800e/support/src/test/java/libcore/java/security/StandardNames.java#550

Since you seem to be quite knowledgeable about computer security stuff, maybe you can shed some light on this?
« Last Edit: August 02, 2014, 09:44:18 pm by Kostya Vasilyev, Aqua Mail »
Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: No support for TLSv1.2
« Reply #7 on: August 03, 2014, 02:20:56 am »
I did a bit more testing, with K9 Mail this time.

When connecting with K9 Mail, this is what I get in /var/log/mail.log (smtpd_tls_loglevel=1 in postfix's main.cf):

Aug  3 02:13:43 li463-125 postfix/submission/smtpd[4581]: Anonymous TLS connection established from [snip]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)

With AquaMail, I get this:

Aug  3 02:15:45 li463-125 postfix/submission/smtpd[4632]: Anonymous TLS connection established from [snip]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)

So it's consistent, and for both apps, caused by Android system code saying it only supports SSLv3, TLSv1.

Sanity check:

% openssl s_client -crlf -starttls smtp -connect localhost:587

SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384

in /var/log/mail.log:

Aug  3 02:17:43 li463-125 postfix/submission/smtpd[4745]: Anonymous TLS connection established from localhost[127.0.0.1]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)

----------

Feel free to file a bug at:

http://b.android.com

As for me (and AquaMail), I'm done here.

-----------

PS - stock Android Email, Nexus 5 with latest Android 4.4.4:

Aug  3 02:27:13 li463-125 postfix/submission/smtpd[5233]: Anonymous TLS connection established from [snip]: TLSv1 with cipher RC4-MD5 (128/128 bits)

RC4-MD5 ?

RC4-MD5 ?????


« Last Edit: August 03, 2014, 02:30:17 am by Kostya Vasilyev, Aqua Mail »
Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

0brad0

  • Newbie
  • *
  • Posts: 9
Re: No support for TLSv1.2
« Reply #8 on: August 03, 2014, 05:51:14 am »
And the reason is: socket.getEnabledProtocols in the code above returned [SSLv3, TLSv1].

The actual socket class is OpenSSLSocketImplWrapper.

I have no idea why it does not include TLSv1.1 and TLSv1.2.

I tested this on three devices -- HTC One Max with 4.4.2, Nexus 5 with 4.4.4, and a Samsung S4 Mini with 4.2.2 -- and it's the same on all of them. TLSv1.1 and TLSv1.2 are not listed as supported.

This Android code looks interesting, it says "No TLSv1.1 or TLSv1.2 support on SSLEngine based provider". But *the* provider in Android 4.1+ is OpenSSL, as far as I know (they switched from Bouncy Castle used in earlier versions).

https://android.googlesource.com/platform/libcore/+/cf6b19bbe9eba2ec41eeb3f0f1c2da1ad5e6800e/support/src/test/java/libcore/java/security/StandardNames.java#550 [nofollow]

Since you seem to be quite knowledgeable about computer security stuff, maybe you can shed some light on this?

Yes, I have two tablets and one of them is running 4.4 and was surprised about not being able to use TLSv1.2.

Looking around I came across this...

http://code.google.com/p/android/issues/detail?id=61085 [nofollow]

"* These changes should appear in the next major platform release (so, not 4.4.x), the one offering API Level 20."

But not being familiar with the Android SDK I still don't get why TLS v1.1 / v1.2 support cannot be enabled as it looks like the K9 / AquaMail code is trying to do even if it is not enabled by *default*.

Google appears to be using OpenSSL almost everywhere from ChromeOS, Chrome on Android (although that might include other OS's in the future) and relatively modern Android.

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: No support for TLSv1.2
« Reply #9 on: August 03, 2014, 11:06:27 am »
>>> I still don't get why TLS v1.1 / v1.2 support cannot be enabled

Because it it's not listed as a supported protocol.

You can't enable something that's not there (or maybe looks like it's not there).

>>> These changes should appear in the next major platform release

I can confirm that Android Preview L (I've used the emulator) has TLSv1.1 and TLSv1.2 support and it works with Aqua.

Aug  3 11:01:35 li463-125 postfix/submission/smtpd[21143]: Anonymous TLS connection established from [snip]: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)

« Last Edit: August 03, 2014, 11:20:33 am by Kostya Vasilyev, Aqua Mail »
Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

0brad0

  • Newbie
  • *
  • Posts: 9
Re: No support for TLSv1.2
« Reply #10 on: August 03, 2014, 12:19:49 pm »
>>> These changes should appear in the next major platform release

I can confirm that Android Preview L (I've used the emulator) has TLSv1.1 and TLSv1.2 support and it works with Aqua.

Aug  3 11:01:35 li463-125 postfix/submission/smtpd[21143]: Anonymous TLS connection established from [snip]: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)

Wow, that is pathetic and yet not surprising for Android. Same old crap from Google.

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: No support for TLSv1.2
« Reply #11 on: August 03, 2014, 03:43:19 pm »
I see you filed a report in the Android bug tracker. I just added a comment to clarify things a bit more.

https://code.google.com/p/android/issues/detail?id=74408
Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

scanno

  • Newbie
  • *
  • Posts: 43
Re: No support for TLSv1.2
« Reply #12 on: August 03, 2014, 08:18:08 pm »
Kostya, you know what needs to be changed to support tls 1.1 and 1.2? If the function you pointed to where tls 1.1 and 1.2 are enumerated as not supported, just returns nothing should that solve the problem?

I maintain 3 devices for OmniROM so it is no problem to make a build that incudes a patch to enable tls 1.1/1.2

Verstuurd vanaf mijn Xperia T met Tapatalk


Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: No support for TLSv1.2
« Reply #13 on: August 03, 2014, 09:11:07 pm »
@scanno -- so I typed a long response full of technical info, and then checked the code again...

...and then I finally saw it.

My bug. Very obvious now that I've actually noticed it.

Fixed.

TLSv1.2 now works great on an HTC One Max with 4.4.2 -- I assume it's also going to work on any other 4.4 device (and supposedly on Android 4.1 and higher).

Aug  3 21:05:55 li463-125 postfix/smtps/smtpd[11171]: Anonymous TLS connection established from [snip]: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)

One caveat:

It only works with "STARTTLS (strict)" and "SSL (strict)".

The "STARTTLS (accept any)" and "SSL (accept any)" variations use TLSv1 even when my code asks for TLSv1.2.

@0brad0

So there you have it. Just wait for the next -beta build of AquaMail.

Thanks for bringing it up.
« Last Edit: August 03, 2014, 09:35:31 pm by Kostya Vasilyev, Aqua Mail »
Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

0brad0

  • Newbie
  • *
  • Posts: 9
Re: No support for TLSv1.2
« Reply #14 on: August 04, 2014, 01:07:06 am »
One caveat:

It only works with "STARTTLS (strict)" and "SSL (strict)".

The "STARTTLS (accept any)" and "SSL (accept any)" variations use TLSv1 even when my code asks for TLSv1.2.

@0brad0

So there you have it. Just wait for the next -beta build of AquaMail.

Thanks for bringing it up.

Can you please explain why that is that it only works with strict mode? Frustrating since I am using self signed certs and this wouldn't help me.

Well either way it is still a step forward and a bug fixed ;)

Do you ever interact with the author of K9? If so can you please pass this issue on to the author.