Improving Qt's SSL Support: Difference between revisions

From Qt Wiki
Jump to navigation Jump to search
No edit summary
 
No edit summary
Line 1: Line 1:
=Improving Qt’s <span class="caps">SSL</span> Support=
[[Category:Developing Qt::Network]]<br />[[Category:Developing Qt::Bugs]]


Qt has pretty good support for <span class="caps">SSL</span> that is sufficient for a lot of common uses, but the <span class="caps">SSL</span> support is missing a number of features that exist in applications such as Firefox, Internet Explorer or Opera. In addition, whilst Qt uses OpenSSL for the underlying implementation of <span class="caps">SSL</span>, it only provides an <span class="caps">API</span> for using a small subset of the available facilities.
[toc align_right=&quot;yes&amp;quot; depth=&quot;3&amp;quot;]


I’ve been doing some work to enhance the <span class="caps">SSL</span> support in Qt, and have been asked to put together this page which is a cross between a <span class="caps">TODO</span> list, a set of links to existing solutions, and a pie-in-the-sky wishlist.
= Improving Qt's SSL Support =


==Areas for Improvement==
Qt has pretty good support for SSL that is sufficient for a lot of common uses, but the SSL support is missing a number of features that exist in applications such as Firefox, Internet Explorer or Opera. In addition, whilst Qt uses OpenSSL for the underlying implementation of SSL, it only provides an API for using a small subset of the available facilities.


There are a number of missing facilities in Qt’s <span class="caps">SSL</span> support right now; here’s a rough list cross-referenced with the QT-<span class="caps">BUG</span> tracking number:
I've been doing some work to enhance the SSL support in Qt, and have been asked to put together this page which is a cross between a TODO list, a set of links to existing solutions, and a pie-in-the-sky wishlist.
 
== Areas for Improvement ==
 
There are a number of missing facilities in Qt's SSL support right now; here's a rough list cross-referenced with the QT-BUG tracking number:


* Improved certificate handling
* Improved certificate handling
** No support for creating certificates, [http://bugreports.qt.nokia.com/browse/QTBUG-20279 <span class="caps">QTBUG</span>-20279] ''[bugreports.qt.nokia.com]'' See gitorious.org/qt-certificate-addon for an addon that offers this.
** No support for creating certificates, &quot;QTBUG-20279&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-20279 See gitorious.org/qt-certificate-addon for an addon that offers this.
** No support of EV (extended validation) certificates, [http://bugreports.qt.nokia.com/browse/QTBUG-12815 <span class="caps">QTBUG</span>-12815] ''[bugreports.qt.nokia.com]''
** No support of EV (extended validation) certificates, &quot;QTBUG-12815&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-12815
* Improved <span class="caps">TLS</span> handshake support
* Improved TLS handshake support
** Provide a generic mechanism for setting and retrieving <span class="caps">TLS</span> extensions in the client hello and server hello provided during the handshake process
** Provide a generic mechanism for setting and retrieving TLS extensions in the client hello and server hello provided during the handshake process
** Add the ability to retrieve and set the supplemental data handshake message
** Add the ability to retrieve and set the supplemental data handshake message
** Add the ability to propagate errors encountered during the handshake to applications
** Add the ability to propagate errors encountered during the handshake to applications
* <span class="caps">OCSP</span> and related issues
* OCSP and related issues
** No support for <span class="caps">OCSP</span> (online certificate status protocol), [http://bugreports.qt.nokia.com/browse/QTBUG-12812 <span class="caps">QTBUG</span>-12812] ''[bugreports.qt.nokia.com]''
** No support for OCSP (online certificate status protocol), &quot;QTBUG-12812&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-12812
** No support for <span class="caps">TLS</span> certificate status extension <span class="caps">AKA</span> <span class="caps">OCSP</span> stapling (asking the server to check <span class="caps">OCSP</span> himself and send us the response (sic)), [http://bugreports.qt.nokia.com/browse/QTBUG-17158 <span class="caps">QTBUG</span>-17158] ''[bugreports.qt.nokia.com]''
** No support for TLS certificate status extension AKA OCSP stapling (asking the server to check OCSP himself and send us the response (sic)), &quot;QTBUG-17158&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-17158
* General <span class="caps">API</span> limitations
* General API limitations
** No <span class="caps">DNS</span> pinning (though there is a <span class="caps">DNS</span> cache minimising this issue), [http://bugreports.qt.nokia.com/browse/QTBUG-12814 <span class="caps">QTBUG</span>-12814] ''[bugreports.qt.nokia.com]''
** No DNS pinning (though there is a DNS cache minimising this issue), &quot;QTBUG-12814&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-12814
** No <span class="caps">API</span> for the <span class="caps">SSL</span> context, [http://bugreports.qt.nokia.com/browse/QTBUG-14983 <span class="caps">QTBUG</span>-14983] ''[bugreports.qt.nokia.com]''
** No API for the SSL context, &quot;QTBUG-14983&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-14983
** No support for <span class="caps">TLS</span> Renegotiation Information (securing <span class="caps">TLS</span> renegotiation), [http://bugreports.qt.nokia.com/browse/QTBUG-18305 <span class="caps">QTBUG</span>-18305] ''[bugreports.qt.nokia.com]''
** No support for TLS Renegotiation Information (securing TLS renegotiation), &quot;QTBUG-18305&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-18305
* Additional protocols
* Additional protocols
** No support for <span class="caps">HSTS</span> (<span class="caps">HTTP</span> strict transport security, means the server tells a client to connect to the https version directly rather than to the http version), [http://bugreports.qt.nokia.com/browse/QTBUG-18030 <span class="caps">QTBUG</span>-18030] ''[bugreports.qt.nokia.com]''
** No support for HSTS (HTTP strict transport security, means the server tells a client to connect to the https version directly rather than to the http version), &quot;QTBUG-18030&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-18030
* Internal cleanups
* Internal cleanups
** typedef for <span class="caps">STACK</span> vs <span class="caps">STACK</span>_
** typedef for STACK vs STACK_
** Specify supported openssl versions
** Specify supported openssl versions
** Consider changing the way QSslConfiguration works as the deep copy stuff is unexpected
** Consider changing the way QSslConfiguration works as the deep copy stuff is unexpected
** Centralise the code for setting up a CA store (used for both connecting and verify)
** Centralise the code for setting up a CA store (used for both connecting and verify)


It should be noted that most of these issues only affect a tiny minority of possible uses. That said, wouldn’t it be nice if we had support for them in Qt with a nice <span class="caps">API</span>?
It should be noted that most of these issues only affect a tiny minority of possible uses. That said, wouldn't it be nice if we had support for them in Qt with a nice API?


==Areas for performance improvement==
== Areas for performance improvement ==


* support the “abbreviated handshake” (as used by Google) to reduce round trip time, [http://bugreports.qt.nokia.com/browse/QTBUG-15452 <span class="caps">QTBUG</span>-15452] ''[bugreports.qt.nokia.com]''
* support the &quot;abbreviated handshake&amp;quot; (as used by Google) to reduce round trip time, &quot;QTBUG-15452&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-15452
* do not use a tcp socket internally to send ssl data, [http://bugreports.qt.nokia.com/browse/QTBUG-14160 <span class="caps">QTBUG</span>-14160] ''[bugreports.qt.nokia.com]''
* do not use a tcp socket internally to send ssl data, &quot;QTBUG-14160&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-14160
* Once the extra layer (above) is removed check if ensuring we always disable the Nagle algorithm helps our performance.
* Once the extra layer (above) is removed check if ensuring we always disable the Nagle algorithm helps our performance.


==Work Underway==
== Work Underway ==


This would be a depressing page if it wasn’t for the fact that these issues are being addressed. So, let’s look at the areas where progress is already being made:
This would be a depressing page if it wasn't for the fact that these issues are being addressed. So, let's look at the areas where progress is already being made:


===(<span class="caps">OCSP</span>) Online Certificate Status Protocol Support===
=== (OCSP) Online Certificate Status Protocol Support ===


I’ve implemented the basic facilities required for <span class="caps">OCSP</span> support in Qt, specifically accessors for the <span class="caps">AIA</span> field of the certificate, and classes to generate and validate <span class="caps">OCSP</span> requests/responses. Still remaining is the integration of this code into the QNetworkAccessManager and QSslSocket classes, and a cache of the results. As of Nov 2011 after a hiatus while I worked on some other areas, I have got this building against Qt 5.
I've implemented the basic facilities required for OCSP support in Qt, specifically accessors for the AIA field of the certificate, and classes to generate and validate OCSP requests/responses. Still remaining is the integration of this code into the QNetworkAccessManager and QSslSocket classes, and a cache of the results. As of Nov 2011 after a hiatus while I worked on some other areas, I have got this building against Qt 5.


The code is currently in my personal clone at https://qt.gitorious.org/~rich/qt/richs-qtbase/commits/ocsp-support
The code is currently in my personal clone at https://qt.gitorious.org/~rich/qt/richs-qtbase/commits/ocsp-support


===Notification when the Certificate for a Site Changes===
=== Notification when the Certificate for a Site Changes ===


I wrote a proof of concept for this that showed up some <span class="caps">API</span> limitations that prevent a production quality implementation. This looks like something that can be addressed in a future release without major issues. I’ve written up the details of the implementation and the its limitations at http://www.kdedevelopers.org/node/4434
I wrote a proof of concept for this that showed up some API limitations that prevent a production quality implementation. This looks like something that can be addressed in a future release without major issues. I've written up the details of the implementation and the its limitations at http://www.kdedevelopers.org/node/4434


===Support for <span class="caps">TLS</span> extensions and supplemental data===
=== Support for TLS extensions and supplemental data ===


Work is being tracked in the issue tracker and a Wiki is being used to work through implementation and <span class="caps">API</span> design issues: [[Improving TLS handshake support|Improving_TLS_handshake_support]]
Work is being tracked in the issue tracker and a Wiki is being used to work through implementation and API design issues: [[Improving_TLS_handshake_support]]


==Solved Issues==
== Solved Issues ==


This section is for areas that have been put to bed:
This section is for areas that have been put to bed:


* enable <span class="caps">SSL</span> session sharing, [http://bugreports.qt.nokia.com/browse/QTBUG-14983 <span class="caps">QTBUG</span>-14983] ''[bugreports.qt.nokia.com]'' [resolved]
* enable SSL session sharing, &quot;QTBUG-14983&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-14983 [resolved]
* limit <span class="caps">SSL</span> message size to fit into one <span class="caps">TCP</span> packet, [http://bugreports.qt.nokia.com/browse/QTBUG-16716 <span class="caps">QTBUG</span>-16716] ''[bugreports.qt.nokia.com]'' / [https://bugreports.qt.io/browse/QTBUG-28764 <span class="caps">QTBUG</span>-28764] ''[bugreports.qt.io]'' [invalid]
* limit SSL message size to fit into one TCP packet, &quot;QTBUG-16716&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-16716 / &quot;QTBUG-28764&amp;quot;:https://bugreports.qt.io/browse/QTBUG-28764 [invalid]
* Qt uses shell globs for wildcards rather than the newer more restrictive policies. [http://bugreports.qt.nokia.com/browse/QTBUG-4455 <span class="caps">QTBUG</span>-4455] ''[bugreports.qt.nokia.com]'' [resolved]
* Qt uses shell globs for wildcards rather than the newer more restrictive policies. &quot;QTBUG-4455&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-4455 [resolved]
* No support for <span class="caps">SNI</span> (server name indication) extension, [http://bugreports.qt.nokia.com/browse/QTBUG-1352 <span class="caps">QTBUG</span>-1352] ''[bugreports.qt.nokia.com]'' [resolved] This has been implemented by Daniel Black and David Faure and is now merged into Qt master.
* No support for SNI (server name indication) extension, &quot;QTBUG-1352&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-1352 [resolved] This has been implemented by Daniel Black and David Faure and is now merged into Qt master.
* [performance] on Linux, load root certs on demand, and not all on startup (if supported by the system via openssl’s c_rehash script), [http://bugreports.qt.nokia.com/browse/QTBUG-14016 <span class="caps">QTBUG</span>-14016] ''[bugreports.qt.nokia.com]'' [resolved]
* [performance] on Linux, load root certs on demand, and not all on startup (if supported by the system via openssl's c_rehash script), &quot;QTBUG-14016&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-14016 [resolved]
* No simple <span class="caps">API</span> for only enabling SSL3 and TLS1 while disabling SSL2, [http://bugreports.qt.nokia.com/browse/QTBUG-12338 <span class="caps">QTBUG</span>-12338] ''[bugreports.qt.nokia.com]'' and [http://bugreports.qt.nokia.com/browse/QTBUG-15220 <span class="caps">QTBUG</span>-15220] ''[bugreports.qt.nokia.com]'' [resolved]
* No simple API for only enabling SSL3 and TLS1 while disabling SSL2, &quot;QTBUG-12338&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-12338 and &quot;QTBUG-15220&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-15220 [resolved]
* The way the subject and issuer info is extracted from the x509 cert is buggy and slow. This function should be replaced with something using the openssl functions to get the elements of the subject using the tag name directly. This was addressed by the following merge [https://qt.gitorious.org/qt/qt/merge_requests/922 MR 922] ''[qt.gitorious.org]''. There are some remaining <span class="caps">API</span> issues, that are covered above.
* The way the subject and issuer info is extracted from the x509 cert is buggy and slow. This function should be replaced with something using the openssl functions to get the elements of the subject using the tag name directly. This was addressed by the following merge &quot;MR 922&amp;quot;:https://qt.gitorious.org/qt/qt/merge_requests/922. There are some remaining API issues, that are covered above.
* QSslCertificate does not provide an <span class="caps">API</span> to dump a certificate as text. Now merged in master, see https://qt.gitorious.org/qt/qtbase/merge_requests/2
* QSslCertificate does not provide an API to dump a certificate as text. Now merged in master, see https://qt.gitorious.org/qt/qtbase/merge_requests/2
* <span class="caps">API</span> provides no access to duplicate fields in certificate issuer and subject. [ Qt5 MR 5 https://qt.gitorious.org/qt/qtbase/merge_requests/5 ] [resolved]
* API provides no access to duplicate fields in certificate issuer and subject. [ Qt5 MR 5 https://qt.gitorious.org/qt/qtbase/merge_requests/5 ] [resolved]
* No accessor for unusual (but legal) fields in certificate issuer and subject. See MR https://qt.gitorious.org/qt/qtbase/merge_requests/18 [resolved]
* No accessor for unusual (but legal) fields in certificate issuer and subject. See MR https://qt.gitorious.org/qt/qtbase/merge_requests/18 [resolved]
* No way to check that a certificate chain is valid unless you’re connecting to a site using it. [ see https://qt.gitorious.org/qt/qtbase/merge_requests/11 ] [resolved]
* No way to check that a certificate chain is valid unless you're connecting to a site using it. [ see https://qt.gitorious.org/qt/qtbase/merge_requests/11 ] [resolved]
* <span class="caps">API</span> doesn’t allow to use opaque keys as QSslKey (needed by <span class="caps">PKCS</span>#11 and <span class="caps">HSM</span>) [ Qt5 MR 48 https://qt.gitorious.org/qt/qtbase/merge_requests/48 ]
* API doesn't allow to use opaque keys as QSslKey (needed by PKCS#11 and HSM) [ Qt5 MR 48 https://qt.gitorious.org/qt/qtbase/merge_requests/48 ]
* No <span class="caps">API</span> for enabling or disabling compression which is required to connect to some buggy servers (eg. the on [https://bugs.kde.org/show_bug.cgi?id=275524 <span class="caps">KDE</span> bug 275524] ''[bugs.kde.org]'' ) there are probably other servers as broken as this one around. Only newish openssl’s support this which means that we’ll probably hit an increasing number of such problems. See [ Qt5 MR 68 MR https://qt.gitorious.org/qt/qtbase/merge_requests/68 ] [resolved] [backported to 4.8]
* No API for enabling or disabling compression which is required to connect to some buggy servers (eg. the on &quot;KDE bug 275524&amp;quot;:https://bugs.kde.org/show_bug.cgi?id=275524 ) there are probably other servers as broken as this one around. Only newish openssl's support this which means that we'll probably hit an increasing number of such problems. See [ Qt5 MR 68 MR https://qt.gitorious.org/qt/qtbase/merge_requests/68 ] [resolved] [backported to 4.8]
* QSslCertificate does not provide access to the extensions a certificate contains. Resolved through gerrit change I5c5d9513: <span class="caps">SSL</span> certificates: add functionality to read extensions
* QSslCertificate does not provide access to the extensions a certificate contains. Resolved through gerrit change I5c5d9513: SSL certificates: add functionality to read extensions
* Consider removing symbian support code [removed]
* Consider removing symbian support code [removed]
* No support for intermediate certificates when acting as a server socket, [http://bugreports.qt.nokia.com/browse/QTBUG-13281 <span class="caps">QTBUG</span>-13281] ''[bugreports.qt.nokia.com]'' [resolved]
* No support for intermediate certificates when acting as a server socket, &quot;QTBUG-13281&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-13281 [resolved]
* <span class="caps">SSL</span> Context <span class="caps">API</span> There appears to be active work from Nokia on this issue, as can be seen from the task tracker in [http://bugreports.qt.nokia.com/browse/QTBUG-14983 <span class="caps">QTBUG</span>-14983] ''[bugreports.qt.nokia.com]''. This will also allow sharing of the <span class="caps">SSL</span> context between requests removing the need for round trips and <span class="caps">SSL</span> negotiation each time. [resolved] Note that the <span class="caps">API</span> is internal.
* SSL Context API There appears to be active work from Nokia on this issue, as can be seen from the task tracker in &quot;QTBUG-14983&amp;quot;:http://bugreports.qt.nokia.com/browse/QTBUG-14983. This will also allow sharing of the SSL context between requests removing the need for round trips and SSL negotiation each time. [resolved] Note that the API is internal.


==OpenSSL on OS X==
== OpenSSL on OS X ==


OS X has the oldest versions of OpenSSL in use on any platform, so it’s setting the lower limit on what we can rely on:
OS X has the oldest versions of OpenSSL in use on any platform, so it's setting the lower limit on what we can rely on:


{| class="infotable line"
{|
! OS X version
!OS X version
! OpenSSL version
!OpenSSL version
! OpenSSL build date
!OpenSSL build date
|-
|-
| 10.9.2
|10.9.2
| 0.9.8y
|0.9.8y
| 5 Feb 2013
|5 Feb 2013
|-
|-
| 10.8.4
|10.8.4
| 0.9.8x
|0.9.8x
| 10 May 2012
|10 May 2012
|-
|-
| 10.8.3
|10.8.3
| 0.9.8r
|0.9.8r
| 8 Feb 2011
|8 Feb 2011
|-
|-
| 10.8.2
|10.8.2
| 0.9.8r
|0.9.8r
| 8 Feb 2011
|8 Feb 2011
|-
|-
| 10.7.4
|10.7.4
| 0.9.8r
|0.9.8r
| 8 Feb 2011
|8 Feb 2011
|-
|-
| 10.6.8 v1.1
|10.6.8 v1.1
| 0.9.8x
|0.9.8x
| 10 May 2012
|10 May 2012
|-
|-
| 10.6.0
|10.6.0
| 0.9.8k
|0.9.8k
| 25 Mar 2009
|25 Mar 2009
|-
|-
| 10.5.8
|10.5.8
| 0.9.7l
|0.9.7l
| 28 Sep 2006
|28 Sep 2006
|}
|}


==To Do Lists==
== To Do Lists ==


Rich Moore:
Rich Moore:
Line 127: Line 131:
* Certificate change notifier
* Certificate change notifier
* EV certificates
* EV certificates
* <span class="caps">OCSP</span>
* OCSP


Peter:
Peter:
* do not stall the network access manager upon sslErrors signal [http://bugreports.qt.nokia.com/browse/QTBUG-19032]
===Categories:===
* [[:Category:Developing-Qt|Developing Qt]]
** [[:Category:Developing-Qt::Bugs|Bugs]]
* [[:Category:Developing-Qt::Network|Network]]

Revision as of 09:57, 24 February 2015


[toc align_right="yes&quot; depth="3&quot;]

Improving Qt's SSL Support

Qt has pretty good support for SSL that is sufficient for a lot of common uses, but the SSL support is missing a number of features that exist in applications such as Firefox, Internet Explorer or Opera. In addition, whilst Qt uses OpenSSL for the underlying implementation of SSL, it only provides an API for using a small subset of the available facilities.

I've been doing some work to enhance the SSL support in Qt, and have been asked to put together this page which is a cross between a TODO list, a set of links to existing solutions, and a pie-in-the-sky wishlist.

Areas for Improvement

There are a number of missing facilities in Qt's SSL support right now; here's a rough list cross-referenced with the QT-BUG tracking number:

It should be noted that most of these issues only affect a tiny minority of possible uses. That said, wouldn't it be nice if we had support for them in Qt with a nice API?

Areas for performance improvement

Work Underway

This would be a depressing page if it wasn't for the fact that these issues are being addressed. So, let's look at the areas where progress is already being made:

(OCSP) Online Certificate Status Protocol Support

I've implemented the basic facilities required for OCSP support in Qt, specifically accessors for the AIA field of the certificate, and classes to generate and validate OCSP requests/responses. Still remaining is the integration of this code into the QNetworkAccessManager and QSslSocket classes, and a cache of the results. As of Nov 2011 after a hiatus while I worked on some other areas, I have got this building against Qt 5.

The code is currently in my personal clone at https://qt.gitorious.org/~rich/qt/richs-qtbase/commits/ocsp-support

Notification when the Certificate for a Site Changes

I wrote a proof of concept for this that showed up some API limitations that prevent a production quality implementation. This looks like something that can be addressed in a future release without major issues. I've written up the details of the implementation and the its limitations at http://www.kdedevelopers.org/node/4434

Support for TLS extensions and supplemental data

Work is being tracked in the issue tracker and a Wiki is being used to work through implementation and API design issues: Improving_TLS_handshake_support

Solved Issues

This section is for areas that have been put to bed:

OpenSSL on OS X

OS X has the oldest versions of OpenSSL in use on any platform, so it's setting the lower limit on what we can rely on:

OS X version OpenSSL version OpenSSL build date
10.9.2 0.9.8y 5 Feb 2013
10.8.4 0.9.8x 10 May 2012
10.8.3 0.9.8r 8 Feb 2011
10.8.2 0.9.8r 8 Feb 2011
10.7.4 0.9.8r 8 Feb 2011
10.6.8 v1.1 0.9.8x 10 May 2012
10.6.0 0.9.8k 25 Mar 2009
10.5.8 0.9.7l 28 Sep 2006

To Do Lists

Rich Moore:

  • Certificate change notifier
  • EV certificates
  • OCSP

Peter: