OQS Chromium(117.0.5863.0) : ERR_SSL_VERSION_OR_CIPHER_MISMATCH

[ColligenceLabs]

I build oqs-demo chromium with liboqs 0.8.0 and later oqs boringssl, etc. on my M1 Macbook.

At the test site (ttps://test.openquantumsafe.org/chromium-base.html) these are not supported :

ecdsap256/p256_frodo640aes <-- OK
rsa3072/p256_frodo640aes <-- OK
>> The other are not ok. I got ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
      dilithium2/p256_frodo640aes
      alcon512/p256_frodo640aes
      sphincssha2128fsimple/p256_frodo640aes
      sphincssha2128ssimple/p256_frodo640aes
      sphincsshake128fsimple/p256_frodo640aes

What did I missed when compiling OQS Chromium(117.0.5863.0) ? Is there any missing on the file "oqs-changes.patch" for 117.0.5863.0 chromium ?

[baentsch]

Is there any missing on the file "oqs-changes.patch" for 117.0.5863.0 chromium ?

I frankly don't know: You possibly may have fallen prey to a changed level of support for the BoringSSL toolchain: The OQS community didn't exactly clamor for PQ-BoringSSL support, so we're now focusing on (PQ-)OpenSSL (and the epiphany browser -- that is PQ-wise much more complete than anything based on BoringSSL), so allow me to ask you as to why you're interested in this browser/SW stack?

Tagging @Raytonne for comment (who kindly volunteered to take on looking after the BoringSSL/chromium toolchain in spare time) and @bhess (who took over responsibility for test.openquantumsafe.org): When setting up the site did you also test the chromium check page as documented in the above?

[hwnahm]

I am testing to launch a quantum safe web service - extremely security critical - with PQ-nginx proxy and PQ-chromium. So I need windows, macos (Intel, Apple-chip) browsers.

I successfully built PQ-chromium followed by your build instructions but PQ curve algorithms are not supported.

[ColligenceLabs]

./tool/bssl client -curves p256_frodo640aes -connect test.openquantumsafe.org:6023, 6066, 6094, 6150, 6168, 6186, 6220

These are all ok. Does this mean that something missed to oqs patch for chromium 117 with switched boringssl ?

% ./tool/bssl client -curves p256_frodo640aes -connect test.openquantumsafe.org:6186 Connecting to 158.177.128.14:6186 Connected. Version: TLSv1.3 Resumed session: no Cipher: TLS_AES_128_GCM_SHA256 ECDHE group: p256_frodo640aes Signature algorithm: sphincssha2128ssimple Secure renegotiation: yes Extended master secret: yes Next protocol negotiated: ALPN protocol: OCSP staple: no SCT list: no Early data: no Encrypted ClientHello: no Cert subject: CN = test.openquantumsafe.org Cert issuer: CN = oqstest_CA

% ./tool/bssl client -curves p256_frodo640aes -connect test.openquantumsafe.org:6187 Connecting to 158.177.128.14:6187 Error while connecting: SSLV3_ALERT_HANDSHAKE_FAILURE 5084563712:error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE:/Users/peter/Develop/Chromium/test/boringssl/ssl/tls_record.cc:592:SSL alert number 40 5084563712:error:1000009a:SSL routines:OPENSSL_internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO:/Users/peter/Develop/Chromium/test/boringssl/ssl/handshake.cc:646:

./tool/bssl client -curves p256_bikel1 -connect das.pqc.daosolution.io:6304 Connecting to 101.33.66.247:6304 Connected. Version: TLSv1.3 Resumed session: no Cipher: TLS_AES_128_GCM_SHA256 ECDHE group: p256_bikel1 Signature algorithm: sphincssha2192fsimple Secure renegotiation: yes Extended master secret: yes Next protocol negotiated: ALPN protocol: OCSP staple: no SCT list: no Early data: no Encrypted ClientHello: no Cert subject: CN = das.pqc.daosolution.io Cert issuer: CN = oqstest_CA

[bhess]

When setting up the site did you also test the chromium check page as documented in the above?

The last compatibility report is from @Raytonne: https://github.com/open-quantum-safe/boringssl/pull/103#issuecomment-1616803098.

The reference to the chromium page was removed from the the main page because of the changed boringssl support, I didn't notice that it is still available if accessed directly. I've now removed it from the server.

Note that the test server and with it some algorithms will be updated soon with the 0.9.0 release.

[ColligenceLabs]

According to the compatibility report Boringssl has no problem then does it mean there is a mistake on when it is applied to PQ-Chromium ?

TLS handshake is excuted in the same PQ-boringssl shared on both bssl tool and PQ-chromim. It is ok on bssl tool but PQ-chromium is failed handshaking with test.openquantumsafe.org.

[baentsch]

According to the compatibility report Boringssl has no problem then does it mean there is a mistake on when it is applied to PQ-Chromium ?

That is one possible interpretation. But please note that the compatibility was about KEMs; you are having problems with SIG algs...

[baentsch]

a quantum safe web service ... with PQ-nginx proxy and PQ-chromium

@hwnahm Thanks for letting us know. Is there a reason why PQ-epiphany browser is no option for you? Which PQ algorithm choices did you make (KEM and SIG or just KEM?)

[Raytonne]

Hello @hwnahm @ColligenceLabs May I know which set of instructions have you followed? Also I guess the signature algorithm is sphincssha2192fsimple ?

If you are following the Linux instructions, they are outdated and some algorithms won’t work correctly. Hence, don’t use the oqs-changes.patch. Instead, check this to build on Linux https://github.com/open-quantum-safe/oqs-demos/discussions/219 (with Windows instructions) If you are using quantum safe signature algorithms, you’ll need to add the root certificate to chrome root store.

Based on your description: I think you only applied the outdated linux patch and didn't make edits based on the Windows instructions... again check https://github.com/open-quantum-safe/oqs-demos/discussions/219 and follow the Windows build instructions and make sure you’ve made all required edits If you’ve done correctly, most ports on test.openquantumsafe.org are accessible, except those x25519_*hybrid algorithms because they are not implemented in boringssl.

[ColligenceLabs]

@Raytonne I just followed the Linux instruction and used the scripts in the oqs-demo/chromium. During the process some steps not fit on Mac are skipped and handled manually. I will read the Windows instruction. Thanks.

[Raytonne]

@Raytonne I just followed the Linux instruction and used the scripts in the oqs-demo/chromium. During the process some steps not fit on Mac are skipped and handled manually. I will read the Windows instruction. Thanks.

Good! If Windows instructions work well, please reply here and I'll update Linux instructions in this repo :D

[hwnahm]

I solved the problem with the Windows instructions . Thanks a lot.

[Raytonne]

@hwnahm Glad to hear that!

@baentsch We'll make a note about Linux instructions in README (tagging @pi-314159 ). I guess we can close this issue now.

[baentsch]

@baentsch We'll make a note about Linux instructions in README (tagging @pi-314159 ). I guess we can close this issue now.

Merging #232 would be my preferred way to close this issue. Sorry I didn't note before that the Linux instructions are not valid any more. Only/primarily supporting a proprietary operating system in an open source project seems wrong. #232 is thus meant to set proper user expectations (and solicit support for "my" understanding of open source). @Raytonne @pi-314159 please change the documentation again as and when you find time to bring back support for open source OSs.

[Raytonne]

@baentsch Sounds good! Could you merge #233 because I made some changes to the Linux build instructions. I think that instruction will work based on @hwnahm 's reply. Even though it hasn't been tested by us, I think it's still better than an outdated instruction.

[baentsch]

Resolved via #234 : Thanks @Raytonne !