Re: Regarding TLS call failure on Openssl3.0 with cipher : ECDH-ECDSA-AES256-SHA384

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 18/11/2022 05:53, Viktor Dukhovni wrote:

On Fri, Nov 18, 2022 at 05:12:09AM +0000, Raman, Ina wrote:


I was trying to test TLS call with cipher suite :
tls_ecdh_ecdsa_with_aes_256_cbc_sha384 but it fails.


You probably actually wanted "ecdhe" not "ecdh", but see below.


Support for the ECDH version was removed from OpenSSL 1.1.0 and above:

https://github.com/openssl/openssl/commit/ce0c1f2bb2fd296f10a2847844205df0ed95fb8e

Matt




It fails on SSL_set_cipher_list API.


This API, and the cipher you had in mind apply only to TLS 1.2, with TLS
1.3 there is a separate API for setting the data encryption ciphers,
which are configured separately from signature schemes, and key
exchange "groups", but see below.


The list contains the mentioned cipher but still it is failing to set
that.


Actually the list does not contain that cipher:

- The available TLS 1.2 ciphers are ECDHE not ECDH.

     $ openssl ciphers -stdname -s -tls1_2 | awk '{print $1}' | grep ECDH
     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
     TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
     TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
     TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
     TLS_ECDHE_ECDSA_WITH_AES_256_CCM
     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
     TLS_ECDHE_ECDSA_WITH_AES_128_CCM
     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

- The standard names are "output only" when configuring ciphers you
   need to use the OpenSSL names.

     $ openssl ciphers -stdname -s -tls1_2 -v ECDHE-ECDSA-AES256-GCM-SHA384
     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD

     $ openssl ciphers -stdname -s -tls1_2 -v TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
     Error in cipher list
     C0F16339DF7F0000:error:0A0000B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2746:

- Cipher names are case-sensitive.

     $ openssl ciphers -stdname -s -tls1_2 -v $(echo ECDHE-ECDSA-AES256-GCM-SHA384 | tr A-Z a-z)
     Error in cipher list
     C0F1755DCB7F0000:error:0A0000B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2746:

- TLS 1.3 uses none of the above:

     $ openssl ciphers -s -v -tls1_3
     TLS_AES_256_GCM_SHA384         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(256)            Mac=AEAD
     TLS_CHACHA20_POLY1305_SHA256   TLSv1.3 Kx=any      Au=any   Enc=CHACHA20/POLY1305(256) Mac=AEAD
     TLS_AES_128_GCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(128)            Mac=AEAD
     TLS_AES_128_CCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESCCM(128)            Mac=AEAD


I wanted to know if this cipher is supported with openssl 3.0 or not .


Multiple mistakes:

* Wrong API for TLS 1.3
* Desired cipher not applicable to TLS 1.3 anyway
* Typo "ecdh" instead of "ecdhe"
* Cipher name was lower case
* Cipher name was the RFC name, not the OpenSSL name.

Any one mistake it sufficient, but 5 is impressive. :-)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux