TLSv1.0 on OpenSSL 3.0-API (looking for answers)

Tomas Mraz tomas at openssl.org
Fri Apr 19 07:02:43 UTC 2024 

Hello,

do you use the default provider or do you configure some other
providers such as the fips provider?

Is this a regular OpenSSL build (which particular version is used?) or
is this some Linux distribution provided build?

Regards,

Tomas Mraz, OpenSSL

On Fri, 2024-04-19 at 01:27 +0000, Yuko Doki (Fujitsu) via openssl-
users wrote:
> Hello OpenSSL users' community,
> I still haven't been able to solve the problem of TLS1.0 and LS1.1
> connection error with OpenSSL3.0. 
> If anyone knows a solution, please advise.
> 
> I will explain the problem again.
> ----
> I am developing an application using the OpenSSL 3.0 API library.
> When I tested the connection using TLSv1.0 and TLSv1.1, I got a
> handshake error.
> Successful with TLS1.2 and TLS1.3.
> 
> I got some advice here, so I set "DEFAULT:@SECLEVEL=0" or
> "ALL:@SECLEVEL=0"
>  to the argument string of SSL_CTX_set_cipher_list() and tried
> connecting. 
> However, the following error occurred again.
> 
>  [client side error]
>     error:0A000438:SSL routines::tlsv1 alert internal error
>     (detail: ssl/statem/statem_srvr.c line 2684 - do_sigver_init())
> 
>  [server side error]
>     error:03000098:digital envelope routines::invalid digest
>     (detail: crypto/evp/m_sigver.c line 343 -
> tls_construct_server_key_exchange())
>     error:0A0C0103:SSL routines::internal error
>     (detail: ssl/record/rec_layer_s3.c line 1600 - ssl3_read_bytes())
> ----
> 
> Any advice would be greatly appreciated.
> 
> Kind regards,
> Yuko Doki
> 
> -----Original Message-----
> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of
> Yuko Doki (Fujitsu) via openssl-users
> Sent: Thursday, April 11, 2024 3:41 PM
> To: 'Tomas Mraz' <tomas at openssl.org>; openssl-users at openssl.org
> Subject: RE: TLSv1.0 on OpenSSL 3.0-API
> 
> Hello OpenSSL users' community,
> I still haven't been able to resolve the issue.
> 
> After that, I tried some additional cipher strings, but I got the
> same error.
> The string I tried this time is as follows.
>   "ALL:@SECLEVEL=0"
>   "ECDHE-RSA-AES256-SHA:@SECLEVEL=0"
> 
> I would appreciate any further advice.
> 
> Kind regards,
> Yuko Doki
> 
> -----Original Message-----
> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of
> Yuko Doki (Fujitsu) via openssl-users
> Sent: Monday, April 8, 2024 11:58 AM
> To: 'Tomas Mraz' <tomas at openssl.org>; openssl-users at openssl.org
> Subject: RE: TLSv1.0 on OpenSSL 3.0-API
> 
> Thank you for your advice, Thomas.
> 
> I added "@SECLEVEL=0" to the cipher string and tried.
> But I got a handshake error again.
> Note: I did not try SSL_CTX_set_security_level() to avoid changing
> the applications sources.
> 
> The errors are as follows.
> [client side]
>     error:0A000438:SSL routines::tlsv1 alert internal error
>     (detail: ssl/statem/statem_srvr.c line 2684 - do_sigver_init())
> [server side]
>     error:03000098:digital envelope routines::invalid digest
>     (detail: crypto/evp/m_sigver.c line 343 -
> tls_construct_server_key_exchange())
>     error:0A0C0103:SSL routines::internal error
>     (detail: ssl/record/rec_layer_s3.c line 1600 - ssl3_read_bytes())
> 
> The implementation for setting protocol version and cipher is as
> follows.
>      SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
>      SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION);
>      SSL_CTX_set_cipher_list(ctx, "DEFAULT:@SECLEVEL=0");
> 
> Could you please tell me what is the problem and how to fix it?
> 
> Kind regards,
> Yuko Doki
> 
> -----Original Message-----
> From: Tomas Mraz <tomas at openssl.org> 
> Sent: Friday, April 5, 2024 3:47 PM
> To: Doki, Yuko/道木 裕子 <doki.yuko at fujitsu.com>;
> openssl-users at openssl.org
> Subject: Re: TLSv1.0 on OpenSSL 3.0-API
> 
> These versions require SHA1 to operate. However security bits for
> this algorithm was downgraded due to the known weaknesses and
> collision attacks. For that reason you have to use @SECLEVEL=0 in the
> cipher string or call SSL_CTX_set_security_level() to make TLS-1.0
> and 1.1 work.
> https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_security_level.html
> 
> 
> Regards,
> 
> Tomas Mraz, OpenSSL
> 
> On Fri, 2024-04-05 at 05:55 +0000, Yuko Doki (Fujitsu) via openssl-
> users wrote:
> > Hello OpenSSL users' community,
> > This is my first time posting.
> > 
> > I am developing an application using the OpenSSL API library.
> > And now I'm trying to migrate from OpenSSL 1.1.1 to 3.0.
> > 
> > The application supports TLS protocol versions from TLSv1.0 to 1.3,
> > but with OpenSSL 3.0, TLSv1.0 and TLSv1.1 resulted in a handshake 
> > error.
> > 
> > The errors are as follows.
> > [client side]
> >   error:0A000438:SSL routines::tlsv1 alert internal error [server 
> > side]
> >   error:0A000076:SSL routines::no suitable signature algorithm
> > 
> > The TLS protocol version is set using the following functions.
> >   SSL_CTX_set_min_proto_version()
> >   SSL_CTX_set_max_proto_version()
> > No cipher suite is set. (Automatically selected by OpenSSL.)
> > 
> > This implementation worked fine with OpenSSL 1.1.1. 
> > Is OpenSSL 3.0 not supporting these protocol versions?
> > I would appreciate any advice on how to use TLSv1.0 or TLSv1.1 with
> > OpenSSL 3.0.
> > 
> > In addition, the operating environment is as follows.
> > OS: Red Hat Enterprise Linux release 9.3 OpenSSL : OpenSSL 3.0.7 1
> > Nov 
> > 2022 (Library: OpenSSL 3.0.7 1 Nov
> > 2022)
> > 
> > Kind regards,
> > Yuko Doki
> > 
> 
> --
> Tomáš Mráz, OpenSSL
> 

-- 
Tomáš Mráz, OpenSSL

More information about the openssl-users mailing list