TLSv1.0 on OpenSSL 3.0-API (looking for answers)

Yuko Doki (Fujitsu) doki.yuko at fujitsu.com
Mon Apr 22 08:01:49 UTC 2024 

Thank you for your reply, Thomas.

I have not configured any providers, so the default provider will be used.

When using RedHat Linux distribution, "@SECLEVEL=0" did not seem to work.
The versions are as follows.
  OpenSSL 3.0.7 1 Nov 2022 (Library: OpenSSL 3.0.7 1 Nov 2022)
Will changing the provider in the file "openssl.cnf" have any effect?

I also tried with OpenSSL built from the source downloaded from "https://www.openssl.org/source/", on Solaris.
This time, adding "@SECLEVEL=0" was effect, the TLS1.0 connection was successful.
The versions are as follows.
  OpenSSL 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)

This problem seems to occur only in the RedHat distribution, so it might be better to ask RedHat.
Thank you for your cooperation.

Kind regards,
Yuko Doki
-----Original Message-----
From: Tomas Mraz <tomas at openssl.org> 
Sent: Friday, April 19, 2024 4:03 PM
To: Doki, Yuko/道木 裕子 <doki.yuko at fujitsu.com>; openssl-users at openssl.org
Subject: Re: TLSv1.0 on OpenSSL 3.0-API (looking for answers)

Hello,

do you use the default provider or do you configure some other providers such as the fips provider?

Is this a regular OpenSSL build (which particular version is used?) or is this some Linux distribution provided build?

Regards,

Tomas Mraz, OpenSSL

On Fri, 2024-04-19 at 01:27 +0000, Yuko Doki (Fujitsu) via openssl- users wrote:
> Hello OpenSSL users' community,
> I still haven't been able to solve the problem of TLS1.0 and LS1.1 
> connection error with OpenSSL3.0.
> If anyone knows a solution, please advise.
> 
> I will explain the problem again.
> ----
> I am developing an application using the OpenSSL 3.0 API library.
> When I tested the connection using TLSv1.0 and TLSv1.1, I got a 
> handshake error.
> Successful with TLS1.2 and TLS1.3.
> 
> I got some advice here, so I set "DEFAULT:@SECLEVEL=0" or 
> "ALL:@SECLEVEL=0"
>  to the argument string of SSL_CTX_set_cipher_list() and tried 
> connecting.
> However, the following error occurred again.
> 
>  [client side error]
>     error:0A000438:SSL routines::tlsv1 alert internal error
>     (detail: ssl/statem/statem_srvr.c line 2684 - do_sigver_init())
> 
>  [server side error]
>     error:03000098:digital envelope routines::invalid digest
>     (detail: crypto/evp/m_sigver.c line 343 -
> tls_construct_server_key_exchange())
>     error:0A0C0103:SSL routines::internal error
>     (detail: ssl/record/rec_layer_s3.c line 1600 - ssl3_read_bytes())
> ----
> 
> Any advice would be greatly appreciated.
> 
> Kind regards,
> Yuko Doki
> 
> -----Original Message-----
> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of 
> Yuko Doki (Fujitsu) via openssl-users
> Sent: Thursday, April 11, 2024 3:41 PM
> To: 'Tomas Mraz' <tomas at openssl.org>; openssl-users at openssl.org
> Subject: RE: TLSv1.0 on OpenSSL 3.0-API
> 
> Hello OpenSSL users' community,
> I still haven't been able to resolve the issue.
> 
> After that, I tried some additional cipher strings, but I got the same 
> error.
> The string I tried this time is as follows.
>   "ALL:@SECLEVEL=0"
>   "ECDHE-RSA-AES256-SHA:@SECLEVEL=0"
> 
> I would appreciate any further advice.
> 
> Kind regards,
> Yuko Doki
> 
> -----Original Message-----
> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of 
> Yuko Doki (Fujitsu) via openssl-users
> Sent: Monday, April 8, 2024 11:58 AM
> To: 'Tomas Mraz' <tomas at openssl.org>; openssl-users at openssl.org
> Subject: RE: TLSv1.0 on OpenSSL 3.0-API
> 
> Thank you for your advice, Thomas.
> 
> I added "@SECLEVEL=0" to the cipher string and tried.
> But I got a handshake error again.
> Note: I did not try SSL_CTX_set_security_level() to avoid changing the 
> applications sources.
> 
> The errors are as follows.
> [client side]
>     error:0A000438:SSL routines::tlsv1 alert internal error
>     (detail: ssl/statem/statem_srvr.c line 2684 - do_sigver_init()) 
> [server side]
>     error:03000098:digital envelope routines::invalid digest
>     (detail: crypto/evp/m_sigver.c line 343 -
> tls_construct_server_key_exchange())
>     error:0A0C0103:SSL routines::internal error
>     (detail: ssl/record/rec_layer_s3.c line 1600 - ssl3_read_bytes())
> 
> The implementation for setting protocol version and cipher is as 
> follows.
>      SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
>      SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION);
>      SSL_CTX_set_cipher_list(ctx, "DEFAULT:@SECLEVEL=0");
> 
> Could you please tell me what is the problem and how to fix it?
> 
> Kind regards,
> Yuko Doki
> 
> -----Original Message-----
> From: Tomas Mraz <tomas at openssl.org>
> Sent: Friday, April 5, 2024 3:47 PM
> To: Doki, Yuko/道木 裕子 <doki.yuko at fujitsu.com>; 
> openssl-users at openssl.org
> Subject: Re: TLSv1.0 on OpenSSL 3.0-API
> 
> These versions require SHA1 to operate. However security bits for this 
> algorithm was downgraded due to the known weaknesses and collision 
> attacks. For that reason you have to use @SECLEVEL=0 in the cipher 
> string or call SSL_CTX_set_security_level() to make TLS-1.0 and 1.1 
> work.
> https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_security_level
> .html
> 
> 
> Regards,
> 
> Tomas Mraz, OpenSSL
> 
> On Fri, 2024-04-05 at 05:55 +0000, Yuko Doki (Fujitsu) via openssl- 
> users wrote:
> > Hello OpenSSL users' community,
> > This is my first time posting.
> > 
> > I am developing an application using the OpenSSL API library.
> > And now I'm trying to migrate from OpenSSL 1.1.1 to 3.0.
> > 
> > The application supports TLS protocol versions from TLSv1.0 to 1.3, 
> > but with OpenSSL 3.0, TLSv1.0 and TLSv1.1 resulted in a handshake 
> > error.
> > 
> > The errors are as follows.
> > [client side]
> >   error:0A000438:SSL routines::tlsv1 alert internal error [server 
> > side]
> >   error:0A000076:SSL routines::no suitable signature algorithm
> > 
> > The TLS protocol version is set using the following functions.
> >   SSL_CTX_set_min_proto_version()
> >   SSL_CTX_set_max_proto_version()
> > No cipher suite is set. (Automatically selected by OpenSSL.)
> > 
> > This implementation worked fine with OpenSSL 1.1.1. 
> > Is OpenSSL 3.0 not supporting these protocol versions?
> > I would appreciate any advice on how to use TLSv1.0 or TLSv1.1 with 
> > OpenSSL 3.0.
> > 
> > In addition, the operating environment is as follows.
> > OS: Red Hat Enterprise Linux release 9.3 OpenSSL : OpenSSL 3.0.7 1 
> > Nov
> > 2022 (Library: OpenSSL 3.0.7 1 Nov
> > 2022)
> > 
> > Kind regards,
> > Yuko Doki
> > 
> 
> --
> Tomáš Mráz, OpenSSL
> 

--
Tomáš Mráz, OpenSSL

More information about the openssl-users mailing list