Re: Regarding TLS call failure on Openssl3.0 with cipher : ECDH-ECDSA-AES256-SHA384

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Nov 18, 2022 at 05:12:09AM +0000, Raman, Ina wrote:

> I was trying to test TLS call with cipher suite :
> tls_ecdh_ecdsa_with_aes_256_cbc_sha384 but it fails.

You probably actually wanted "ecdhe" not "ecdh", but see below.

> It fails on SSL_set_cipher_list API.

This API, and the cipher you had in mind apply only to TLS 1.2, with TLS
1.3 there is a separate API for setting the data encryption ciphers,
which are configured separately from signature schemes, and key
exchange "groups", but see below.

> The list contains the mentioned cipher but still it is failing to set
> that.

Actually the list does not contain that cipher:

- The available TLS 1.2 ciphers are ECDHE not ECDH.

    $ openssl ciphers -stdname -s -tls1_2 | awk '{print $1}' | grep ECDH
    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
    TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
    TLS_ECDHE_ECDSA_WITH_AES_256_CCM
    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    TLS_ECDHE_ECDSA_WITH_AES_128_CCM
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

- The standard names are "output only" when configuring ciphers you
  need to use the OpenSSL names.

    $ openssl ciphers -stdname -s -tls1_2 -v ECDHE-ECDSA-AES256-GCM-SHA384
    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD

    $ openssl ciphers -stdname -s -tls1_2 -v TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    Error in cipher list
    C0F16339DF7F0000:error:0A0000B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2746:

- Cipher names are case-sensitive.

    $ openssl ciphers -stdname -s -tls1_2 -v $(echo ECDHE-ECDSA-AES256-GCM-SHA384 | tr A-Z a-z)
    Error in cipher list
    C0F1755DCB7F0000:error:0A0000B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2746:

- TLS 1.3 uses none of the above:

    $ openssl ciphers -s -v -tls1_3
    TLS_AES_256_GCM_SHA384         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(256)            Mac=AEAD
    TLS_CHACHA20_POLY1305_SHA256   TLSv1.3 Kx=any      Au=any   Enc=CHACHA20/POLY1305(256) Mac=AEAD
    TLS_AES_128_GCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(128)            Mac=AEAD
    TLS_AES_128_CCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESCCM(128)            Mac=AEAD

> I wanted to know if this cipher is supported with openssl 3.0 or not .

Multiple mistakes:

* Wrong API for TLS 1.3
* Desired cipher not applicable to TLS 1.3 anyway
* Typo "ecdh" instead of "ecdhe"
* Cipher name was lower case
* Cipher name was the RFC name, not the OpenSSL name.

Any one mistake it sufficient, but 5 is impressive. :-)

-- 
    Viktor.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux