Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature] Add support for TLS 1.3 #1633

Open
banjaxedben opened this issue Apr 22, 2024 · 6 comments
Open

[Feature] Add support for TLS 1.3 #1633

banjaxedben opened this issue Apr 22, 2024 · 6 comments
Assignees
Labels
CLI MQTTX CLI desktop MQTTX Desktop enhancement New feature or request feature This pr is a feature web MQTTX Web
Milestone

Comments

@banjaxedben
Copy link

Motivation

At the moment (v1.9.10), when I enable SSL/TLS, the client seems to use TLS version 1.2 by default.
TLS 1.3 (RFC 8446) was published in 2018, and offers multiple improvements.

Detailed design

At the moment there is a binary toggle to disable or enable TLS. I suggest providing 3 radio buttons:

  • Disabled
  • TLS 1.2
  • TLS 1.3
@banjaxedben banjaxedben added the feature This pr is a feature label Apr 22, 2024
@github-project-automation github-project-automation bot moved this to Backlog in MQTTX Apr 22, 2024
@ysfscream ysfscream added enhancement New feature or request CLI MQTTX CLI web MQTTX Web desktop MQTTX Desktop labels Apr 23, 2024
@ysfscream ysfscream self-assigned this Apr 23, 2024
@ysfscream ysfscream added this to the v1.10.0 milestone Apr 23, 2024
@ysfscream
Copy link
Member

@banjaxedben Hi.

Thank you for pointing this out. You are correct; this is the first time we have recognized this issue. We greatly appreciate your contribution and attention to our project. We plan to support this feature in the next version.

@ysfscream
Copy link
Member

However, I have one more question regarding TLS support. Our system should automatically adapt between TLS 1.2 and TLS 1.3 based on the client's capabilities.

image

Could you please describe how you determined that it supports only TLS 1.2? Any specific details or replication steps you provide will help us address this more effectively.

Looking forward to hearing your thoughts.

@ysfscream ysfscream moved this from Backlog to TO DO in MQTTX Apr 24, 2024
@banjaxedben
Copy link
Author

@ysfscream : Thanks for picking this up.
I was having trouble getting my client to connect to my broker, so I ran Wireshark to sniff the packets from the client side.
See Wireshark packet capture file attached. It displays the Protocol field as TLSv1.2.

mqttx_issue.zip

What did you mean by "Our system should automatically adapt between TLS 1.2 and TLS 1.3 based on the client's capabilities." I am running the MQTTX desktop app on Windows Server 2022 Datacenter. Do you think I need to do something in the OS to enable TLS 1.3?

In my Wireshark data you can see:
Extension: supported_versions (len=5) TLS 1.3, TLS 1.2
which tallies with the code snippet you shared. Does MQTTX support TLS 1.3 already?

Apart from possible Windows configuration issues, I believe that the reason my client won't connect is that I am using EdDSA (ed25519) keys.
The TLS client (MQTTX) sends Client Hello, and the TLS server (Mosquitto) sends an Alert and immediately tears down the TCP connection. The error message in the broker log is "no suitable signature algorithm".

In my Wireshark data you can also see that the Client Hello message contains the signature_algorithms extension, with 9 algorithms listed, but none of them include EdDSA. I think this is why the server throws an error: it knows that its own leaf cert contains an ed25519 key, so the signature_algorithms supported by the client aren't going to work.

According to RFC 8446 (The Transport Layer Security (TLS) Protocol Version 1.3) I need ed25519 (0x0807) to be listed.

Note that RFC 8422 is titled "Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier". It seems to suggest that EdDSA can be supported in TLSv1.2.

I have 2 options:

  1. stay with TLS 1.2 but add support for ed25519 somehow.
  2. upgrade to TLS 1.3 and hope that ed25519 just works!

@ysfscream
Copy link
Member

  1. When I mentioned, "Our system should automatically adapt between TLS 1.2 and TLS 1.3 based on the client's capabilities," I meant that during the TLS handshake, our system will automatically select the highest TLS version supported by both the client and the server for communication.

  2. Just to let you know, MQTTX already supports TLS 1.3, I think 🤔. So, you don't need any particular setup for ed25519 if you are using TLS 1.3, as it natively supports the EdDSA algorithm, including ed25519.

  3. Please ensure that your system environment and network configurations are updated and set to support TLS 1.3. This typically involves checking for security updates in your operating system and application settings.

I'm hoping it's helpfulp you.

@ysfscream ysfscream moved this from TO DO to In Progress in MQTTX Apr 25, 2024
@banjaxedben
Copy link
Author

I tried using the openssl s_client command-line utility, and it works fine if I use the -tls1_3 option to force TLS version 1.3.
See Wireshark capture attached demonstrating the successful TLS 1.3 handshake.

s_client_1.3.zip

As expected, the signature_algorithms extension in the Client Hello message now includes ed25519 (0x0807).

So my question becomes: if my client system environment and network configurations are able to support TLS 1.3, why doesn't MQTTX use it?

Also, even if MQTTX was able to somehow "automatically adapt between TLS 1.2 and TLS 1.3 based on the client's capabilities", I suggest that the UI could be improved to provide more control to the user. The openssl s_client is an example of a client that allows the user to enable or disable specific TLS versions. The mosquitto command-line clients also provide a --tls-version option.

@ysfscream
Copy link
Member

ysfscream commented Apr 26, 2024

YES, this is also a good option for users. Based on the Node.js documentation, we should be able to implement it. We will try in the next version.

https://nodejs.org/docs/v20.12.1/api/tls.html#tlscreatesecurecontextoptions

image

Thank you for your suggestion.

@ysfscream ysfscream moved this from In Progress to TO DO in MQTTX Jun 7, 2024
@ysfscream ysfscream modified the milestones: v1.10.0, v1.10.1 Jun 7, 2024
@ysfscream ysfscream modified the milestones: v1.10.1, v1.11.0 Jul 17, 2024
@ysfscream ysfscream modified the milestones: v1.11.0, v1.11.1 Oct 23, 2024
@ysfscream ysfscream modified the milestones: v1.11.1, v1.12.0 Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
CLI MQTTX CLI desktop MQTTX Desktop enhancement New feature or request feature This pr is a feature web MQTTX Web
Projects
Status: Backlog
Development

No branches or pull requests

2 participants