Openssl TLSv1.3 ciphers failing during handshake
kgoudra at ups.com
kgoudra at ups.com
Wed Jul 12 08:06:46 UTC 2023
Hello Openssl team,
We were in a process of integrating openssl3 with our application in RHEL8, during which we came across below issue.
Our app will initiate a secure connection between a client(Linux-RHEL8) and server(Windows) which are having openssl versions 1.1.1k and 3.0.8 on them respectively.
Observations done during testing:
1). Client is able to make a connection with server when security level is set to zero but connection is made with the lower TLSv1 cipher suite(ECDHE-RSA-AES256-SHA). But we want to go with higher version protocol i.e. TLSv1.3
2). When we are trying to force it with SSL_CTX_set_ciphersuites () to use higher version TLSv1.3 cipher(TLS_CHACHA20_POLY1305_SHA256) then below errors are observed in logs.
Client log:
07/03 07:01:52| 1 SSL_connect failed with error ^M
139821832050432:error:141A90B5:SSL routines:ssl_cipher_list_to_bytes:no ciphers available:ssl/statem/statem_clnt.c:3802:No ciphers enabled for max supported SSL/TLS version
Server log:
07/03 07:01:52:674| 1 SSL_accept failed with error Remotehost: lsvrd13086.
F41A0000:error:0A0000F4:SSL routines:ssl3_read_bytes:unexpected message:ssl\record\rec_layer_s3.c:1542
3). Interesting is, the same combination i.e client(Openssl 1.1.1k) and server(Openssl 3.0.8) is working perfectly fine with higher protocol version TLSv1.3 when both client and server are windows.
Question:
Any known issues specifically on linux environment where RHEL8 is not able to provide TLSv1.3 ciphers while handshake between client and server?
1. Although TLSv1.3 ciphers are available for use in RHEL8, our query is why they are not provided for handshake between client and a server?
#test# [cleint: ~] $ openssl ciphers -s -v ALL
TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD
TLS_AES_128_CCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESCCM(128) Mac=AEAD
1. We have already tried below things on our end.
1. Updated openssl.cnf as below:
openssl_conf = default_modules
[ default_modules ]
ssl_conf = ssl_module
[ ssl_module ]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1.3
CipherString = CHACHA20 at SECLEVEL=0
Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
Options = ServerPreference,PrioritizeChaCha
1. Forcing TLSv1.3 ciphers through code as below,
const char *cipher_list = "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256";
SSL_CTX_set_cipher_list(pCtx, "");
SSL_CTX_set_ciphersuites(pCtx, cipher_list);
It would be great help if anyone has any idea with respect to above issue. Thanks in advance!
Thanks,
Kirtikumar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230712/bb494721/attachment-0001.htm>
More information about the openssl-users
mailing list