Wrong signature type error trying to connect to gibs.earthdata.nasa.gov on Ubuntu 20.04
Andrea Giudiceandrea
andreaerdna at libero.it
Fri Aug 14 05:59:53 UTC 2020
Hi all,
on Ubuntu 20.04 LTS 64 bit, with OpenSSL version 1.1.1f, it is not
possible to connect to a popular GIS OGC server at
gibs.earthdata.nasa.gov:443 using OpenSSL or cUrl or Wget default
parameters. The OpenSSL 1.1.1f package available for Ubuntu 20.04 is
build with the "-DOPENSSL_TLS_SECURITY_LEVEL=2" option.
The relevant errors are: "SSL routines:tls12_check_peer_sigalg:wrong
signature type:../ssl/t1_lib.c:1145" and "SSL3 alert
write:fatal:handshake failure".
On the same machine it is possible to connect to that server using
Firefox version 79.0 (the reported connection security properties are
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS 1.2") or
gnutls-cli version 3.6.13 (the reported connection security properties
are "(TLS1.2-X.509)-(ECDHE-SECP384R1)-(RSA-SHA1)-(AES-256-GCM)").
The connection is also possible on Ubuntu 18.04 (OpenSSL 1.1.1 without
the "-DOPENSSL_TLS_SECURITY_LEVEL=2" build option).
I already know the source of the issue (the server uses SHA1 as peer
signing digest which is not allowed at SECURITY LEVEL = 2) and how to
workaround it (setting SECLEVEL=1 as a cli option or in openssl.cnf),
but I'd like to know if it is due to a misconfigured / non compliant
server or to a bug in OpenSSL.
In the former case, I'd like to know some technical specifications to
refer to in order to submit the issue to the gibs.earthdata.nasa.gov
system administrators so that they can understand the problem and
configure the server correctly.
Best regards.
Andrea Giudiceandrea
Note:
see the following excerpts from the connection logs:
**************
$ openssl s_client -state -connect gibs.earthdata.nasa.gov:443
CONNECTED(00000003)
SSL_connect:before SSL initialization
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS read server hello
depth=2 C = US, O = "Entrust, Inc.", OU = See
www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for
authorized use only", CN = Entrust Root Certification Authority - G2
verify return:1
depth=1 C = US, O = "Entrust, Inc.", OU = See
www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for
authorized use only", CN = Entrust Certification Authority - L1K
verify return:1
depth=0 C = US, ST = Maryland, L = Greenbelt, O = NASA (National
Aeronautics and Space Administration), CN = gibs.earthdata.nasa.gov
verify return:1
SSL_connect:SSLv3/TLS read server certificate
SSL3 alert write:fatal:handshake failure
SSL_connect:error in error
139920655459648:error:1414D172:SSL
routines:tls12_check_peer_sigalg:wrong signature type:../ssl/t1_lib.c:1145:
[...]
---
No client certificate CA names sent
Server Temp Key: ECDH, P-384, 384 bits
---
SSL handshake has read 5443 bytes and written 322 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
12B3427E761029EDED05CB26B3DD854ADE7B0D68061C2515A60A8A297AC968DB
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1597339233
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
**************
**************
$ openssl s_client -connect gibs.earthdata.nasa.gov:443 -cipher
DEFAULT at SECLEVEL=1
CONNECTED(00000003)
depth=2 C = US, O = "Entrust, Inc.", OU = See
www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for
authorized use only", CN = Entrust Root Certification Authority - G2
verify return:1
depth=1 C = US, O = "Entrust, Inc.", OU = See
www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for
authorized use only", CN = Entrust Certification Authority - L1K
verify return:1
depth=0 C = US, ST = Maryland, L = Greenbelt, O = NASA (National
Aeronautics and Space Administration), CN = gibs.earthdata.nasa.gov
verify return:1
[...]
---
No client certificate CA names sent
Peer signing digest: SHA1
Peer signature type: RSA
Server Temp Key: ECDH, P-384, 384 bits
---
SSL handshake has read 5503 bytes and written 483 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
A48C668A8154E1A81137873D8D7D6CCF77B4C31729074C8C37A67B4A1CE9B155
Session-ID-ctx:
Master-Key:
D0147A71395D3336D998B1499630E4D4BA965F1BC9D8E526EF232A7D15ECC7989AE3A8844693D628C47B76A7BA8BFC4B
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1597384544
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
**************
More information about the openssl-users
mailing list