search

PeterMosmans / openssl

'Extra featured' OpenSSL with ChaCha20 and Poly1305 support
https://onwebsecurity.com/pages/openssl.html
Other
92 stars 18 forks source link

make report fails in SSLv3 cipher list order #26

Open drwetter opened 9 years ago

drwetter commented 9 years ago

Hi Peter,

I wasn't able to get make report finishing without errors;

[..]
Testing cipher id-aes256-wrap(encrypt/decrypt)
Key
0000 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
0010 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
Plaintext
0000 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff
0010 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
Ciphertext
0000 28 c9 f4 04 c4 b8 10 f4 cb cc b3 5c fb 87 f8 26
0010 3f 57 86 e2 d8 0e d3 26 cb c7 f0 e7 1a 99 f4 3b
0020 fb 98 8b 9b 7a 02 dd 21

../util/shlib_wrap.sh ./evp_extra_test
PASS
test SSL protocol
../util/shlib_wrap.sh ./ssltest -test_cipherlist
testing SSLv2 cipher list order: .........ok
testing SSLv3 cipher list order: ....failed 300ff03 vs. 300cc13
Testing cipherlist order only. Ignoring all other options.
make[2]: *** [test_ssl] Error 1

Any clue what's happening?

Thx, Dirk

PeterMosmans commented 9 years ago

Hi @drwetter , I suspect this has something to do with the ordering of ciphers. Check line 1567 of ssl/ssl_ciph.c, where CHACHA20-POLY1305 is explicitly being set as first (preferred) cipher.

 0xCC,0x13 - ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=ChaCha20(256) Mac=AEAD

But what's 0xff03 ? Are you using the ghost-enabled configure file ? I suspect one of those ciphers (which isn't expected)

drwetter commented 9 years ago

Yes, I used -DTEMP_GOST_TLS which gives GOST-MD5 + GOST-GOST94 (300ff00, 300ff01) directly without engine , but not 300ff03 .

Ok, but how come then the test failed?

Despite using `-DTEMP_GOST_TLS` `300ff03` and`300ff02` are missing: ``` prompt% openssl..i686.krb ciphers -V | grep GOST 0xFF,0x01 - GOST-GOST94 SSLv3 Kx=RSA Au=RSA Enc=GOST89(256) Mac=GOST94 0xFF,0x00 - GOST-MD5 SSLv3 Kx=RSA Au=RSA Enc=GOST89(256) Mac=MD5 ``` `ssl/s3_lib.c` (line 3227) let me hope for those two more
PeterMosmans commented 9 years ago

can you try

./ssltest -cipher "GOST-MD5"
./ssltest -cipher "GOST-GOST94"

If that fails - could you try the same with the official repo ?

And could you check the output of

 openssl engine gost -vvvv -t -c

Which should show the correct ciphers ?

PeterMosmans commented 9 years ago

Aaah, I think I know what's happening... The SSL tests don't create a gost94 key, which is necessary for the GOST(94) ciphers. This is probably an upstream issue with testing, and it probably works, but the test script is borked. You could try creating a gost94 key to see if everything works correctly, with something like:

openssl req -new -nodes -batch -subj "/C=DE/ST=Deutschland/L=Hamburg/O=Dirk/OU=IT Department/CN=dirk.hamburg.de" -newkey gost94 -pkeyopt paramset:A -keyout gost94.key -out gost94.pem
openssl ca -keyfile cacert.key -cert cacert.pem -policy policy_anything -batch -out gost94.crt -infiles gost94.pem
drwetter commented 9 years ago

Am 07/20/2015 um 05:28 PM schrieb Peter Mosmans:

can you try

|./ssltest -cipher "GOST-MD5" ./ssltest -cipher "GOST-GOST94" |

you seem right, see fopen call, but there's a bit I do not understand:

prompt% ./test/ssltest -cipher "GOST-MD5"
Available compression methods:
  1: zlib compression
160118820:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1372:
160118820:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1372:
160118820:error:02001002:system library:fopen:No such file or directory:bss_file.c:391:fopen('../apps/server.pem','r')
160118820:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:393:
160118820:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib:ssl_rsa.c:452:
ERROR in CLIENT
160118820:error:140740B5:SSL routines:SSL23_CLIENT_HELLO:no ciphers available:s23_clnt.c:510:
TLSv1.2, cipher (NONE) (NONE)
prompt%  ./test/ssltest -cipher "GOST-GOST94"
Available compression methods:
  1: zlib compression
142526500:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1372:
142526500:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1372:
142526500:error:02001002:system library:fopen:No such file or directory:bss_file.c:391:fopen('../apps/server.pem','r')
142526500:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:393:
142526500:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib:ssl_rsa.c:452:
ERROR in CLIENT
142526500:error:140740B5:SSL routines:SSL23_CLIENT_HELLO:no ciphers available:s23_clnt.c:510:
TLSv1.2, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
prompt%

But I am still confused as those two are not the ones failed during the test -- that was 300ff03 = GOST-GOST89STREAM .

But:

./test/ssltest -cipher "TESTSSL.SH.RULES"
Available compression methods:
  1: zlib compression
158070820:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1372:
158070820:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1372:
158070820:error:02001002:system library:fopen:No such file or directory:bss_file.c:391:fopen('../apps/server.pem','r')
158070820:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:393:
158070820:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib:ssl_rsa.c:452:
ERROR in CLIENT
158070820:error:140740B5:SSL routines:SSL23_CLIENT_HELLO:no ciphers available:s23_clnt.c:510:
TLSv1.2, cipher (NONE) (NONE)
1 handshakes of 256 bytes done

What? ;-)

Cheers, Dirk

drwetter commented 9 years ago

openssl engine gost -vvvv -t -c lists 

(gost) Reference implementation of GOST engine
 [gost89, gost89-cnt, md_gost94, gost-mac, gost94, gost2001, gost-mac]
     [ available ]
     CRYPT_PARAMS: OID of default GOST 28147-89 parameters
          (input flags): STRING