CHIA-2102 - Set minimum to TLSv1.3

[emlowe]

Set the minimum for all TLS communications to TLS v1.3. This includes the node peer protocol and service RPC calls.
Note, TLS v1.3 only has secure and safe ciphersuites, so we don't need to specifically set the ciphersuites list.

The change to allow TLS v1.2 was done here (#9195). At that time there was some concern over older python versions and older systems with openssl without 1.3 support.

Since that time we have dropped support for python 3.7 and 3.8 and it seems unlikely there are any system out there without TLS v1.3 support.

I'll note that apparently .NET still does not have TLS v1.3 support on macOS (dotnet/runtime#1979) until .NET 10 something in 2025 - so the daemon workaround introduced here (#16747) remains available to downgrade daemon connections to TLS v1.2

Converted to draft, because I believe this likely breaks again https://github.com/dkackman/chia-dotnet - that talks to the daemon and all the RPC endpoints.

Previously, the default was TLS 1.2 for everything except for the daemon which used 1.3. This broke chia-dotnet for the daemon connections only, but not for the RPC ports.

Changing the default everywhere to 1.3 likely breaks chia-dotnet again for the RPC services and so those also need a downgrade. Unfortunately doing a downgrade for the RPC services and 1.3 on the peer protocol is suitably annoying.

Discussed this with @dkackman and once dotnet 10 adds in support for TLS 1.3 (which is planned for early 2025) we can move forward with this.

[hoffmang9]

Looks GREAT to me!

[emlowe]

testssl.sh report:

###########################################################
    testssl.sh       3.2rc3 from https://testssl.sh/dev/

      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ https://testssl.sh/bugs/

###########################################################

 Using "OpenSSL 3.4.0 22 Oct 2024 (Library: OpenSSL 3.4.0 22 Oct 2024)" [~94 ciphers]
 on GreenPower-3:/opt/homebrew/bin/openssl
 (built: "Oct 22 12:26:59 2024", platform: "darwin64-arm64-cc")


 Start 2024-12-20 10:51:05                -->> 127.0.0.1:58444 (localhost) <<--

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       localhost.
 Service detected:       Couldn't determine what's running on port 58444, assuming no HTTP service => skipping all HTTP checks


 Testing protocols via sockets except NPN+ALPN 

 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      not offered
 TLS 1.1    not offered
 TLS 1.2    not offered
 TLS 1.3    offered (OK): final
 NPN/SPDY   not offered
 ALPN/HTTP2 not offered

 Testing cipher categories 

 NULL ciphers (no encryption)                      not offered (OK)
 Anonymous NULL Ciphers (no authentication)        not offered (OK)
 Export ciphers (w/o ADH+NULL)                     not offered (OK)
 LOW: 64 Bit + DES, RC[2,4], MD5 (w/o export)      not offered (OK)
 Triple DES Ciphers / IDEA                         not offered
 Obsoleted CBC ciphers (AES, ARIA etc.)            not offered
 Strong encryption (AEAD ciphers) with no FS       not offered
 Forward Secrecy strong encryption (AEAD ciphers)  offered (OK)


 Testing server's cipher preferences 

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (IANA/RFC)
-----------------------------------------------------------------------------------------------------------------------------
SSLv2
 - 
SSLv3
 - 
TLSv1
 - 
TLSv1.1
 - 
TLSv1.2
 - 
TLSv1.3 (server order)
 x1302   TLS_AES_256_GCM_SHA384            ECDH 253   AESGCM      256      TLS_AES_256_GCM_SHA384                             
 x1303   TLS_CHACHA20_POLY1305_SHA256      ECDH 253   ChaCha20    256      TLS_CHACHA20_POLY1305_SHA256                       
 x1301   TLS_AES_128_GCM_SHA256            ECDH 253   AESGCM      128      TLS_AES_128_GCM_SHA256                             

 Has server cipher order?     yes (TLS 1.3 only)


 Testing robust forward secrecy (FS) -- omitting Null Authentication/Encryption, 3DES, RC4 

 FS is offered (OK)           TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 
 Elliptic curves offered:     prime256v1 secp384r1 secp521r1 X25519 X448 
 Finite field group:          ffdhe2048 ffdhe3072 ffdhe4096 ffdhe6144 ffdhe8192
 TLS 1.3 sig_algs offered:    RSA-PSS-RSAE+SHA256 RSA-PSS-RSAE+SHA384 RSA-PSS-RSAE+SHA512 

 Testing server defaults (Server Hello) 

 TLS extensions (standard)    "supported versions/#43" "key share/#51" "signature algorithms/#13"
 Session Ticket RFC 5077 hint no -- no lifetime advertised
 SSL Session ID support       no
 Session Resumption           Tickets no, ID: no
 TLS clock skew               Random values, no fingerprinting possible 
 Certificate Compression      none
 Client Authentication        optional
 CA List for Client Auth      empty
 Signature Algorithm          SHA256 with RSA
 Server key size              RSA 2048 bits (exponent is 65537)
 Server key usage             --
 Server extended key usage    --
 Serial                       27301F7308DB4E05408488FF8C580A781877F75F (OK: length 20)
 Fingerprints                 SHA1 C2285FA4E70FA2988AA4A2A55824075DBAD15DE9
                              SHA256 1F2A696767203D097E6A242BCD3568CAD6F10C8ADC0ECA9DD87AFF6B6439AED8
 Common Name (CN)             Chia 
 subjectAltName (SAN)         chia.net 
 Trust (hostname)             certificate does not match supplied URI (same w/o SNI)
 Chain of trust               NOT ok (self signed CA in chain)
 EV cert (experimental)       no 
 Certificate Validity (UTC)   27617 >= 60 days (2022-05-26 16:11 --> 2100-08-02 00:00)
                              >= 10 years is way too long
 ETS/"eTLS", visibility info  not present
 Certificate Revocation List  --
 OCSP URI                     --
                              NOT ok -- neither CRL nor OCSP URI provided
 OCSP stapling                not offered
 OCSP must staple extension   --
 DNS CAA RR (experimental)    not offered
 Certificate Transparency     N/A
 Certificates provided        2
 Issuer                       Chia CA (Chia)
 Intermediate cert validity   #1: ok > 40 days (2031-01-21 08:51). Organic Farming Division <-- Organic Farming Division
 Intermediate Bad OCSP (exp.) Ok


 Testing vulnerabilities 

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Ticketbleed (CVE-2016-9244), experiment.  (applicable only for HTTPS)
 ROBOT                                     Server does not support any cipher suites that use RSA key transport
 Secure Renegotiation (RFC 5746)           not vulnerable (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK), no SSLv3 support
 TLS_FALLBACK_SCSV (RFC 7507)              No fallback possible (OK), TLS 1.3 is the only protocol
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services, see
                                           https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=1F2A696767203D097E6A242BCD3568CAD6F10C8ADC0ECA9DD87AFF6B6439AED8
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
 BEAST (CVE-2011-3389)                     not vulnerable (OK), no SSL3 or TLS1
 LUCKY13 (CVE-2013-0169), experimental     not vulnerable (OK)
 Winshock (CVE-2014-6321), experimental    not vulnerable (OK)
 RC4 (CVE-2013-2566, CVE-2015-2808)        not vulnerable (OK)

Could not determine the protocol, only simulating generic clients.

 Running client simulations via sockets 

 Browser                      Protocol  Cipher Suite Name (OpenSSL)       Forward Secrecy
------------------------------------------------------------------------------------------------
 Android 8.1 (native)         No connection
 Android 9.0 (native)         TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
 Android 10.0 (native)        TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
 Android 11 (native)          TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
 Android 12 (native)          TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
 Java 7u25                    No connection
 Java 8u161                   No connection
 Java 11.0.2 (OpenJDK)        TLSv1.3   TLS_AES_256_GCM_SHA384            256 bit ECDH (P-256)
 Java 17.0.3 (OpenJDK)        TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
 go 1.17.8                    TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
 LibreSSL 2.8.3 (Apple)       No connection
 OpenSSL 1.0.2e               No connection
 OpenSSL 1.1.0l (Debian)      No connection
 OpenSSL 1.1.1d (Debian)      TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
 OpenSSL 3.0.3 (git)          TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)


 Rating (experimental) 

 Rating specs (not complete)  SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
 Specification documentation  https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
 Protocol Support (weighted)  0 (0)
 Key Exchange     (weighted)  0 (0)
 Cipher Strength  (weighted)  0 (0)
 Final Score                  0
 Overall Grade                T
 Grade cap reasons            Grade capped to T. Issues with the chain of trust (self signed CA in chain)
                              Grade capped to M. Domain name mismatch

 Done 2024-12-20 10:52:13 [0071s] -->> 127.0.0.1:58444 (localhost) <<--

[github-actions]

File	Coverage	Missing Lines
chia/daemon/server.py	33.3%	lines 200-201

Total	Missing	Coverage
4 lines	2 lines	50%

[github-actions]

This PR has been flagged as stale due to no activity for over 60 days. It will not be automatically closed, but it has been given a stale-pr label and should be manually reviewed by the relevant parties.

[emlowe]

This can be moved forward now with addition of TLS 1.3 on macOS for dotnet here: https://learn.microsoft.com/en-us/dotnet/core/whats-new/dotnet-10/libraries#tls-13-for-macos-client

[emlowe]

There remains an override available for the daemon that we could probably also remove