SSL_CTX_set_ssl_version changes security level

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

SSL_CTX_set_ssl_version changes security level

takotakot
Hello,

I've found SSL_CTX_set_ssl_version changes security level:

=====
int main(void){
  int i;
  struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());

  printf("seclevel: %d\n", SSL_CTX_get_security_level(ctx));
  // 0--5 any

  i = SSL_CTX_set_ssl_version(ctx, SSLv23_client_method());
  printf("SSL_CTX_set_ssl_version result: %d\n", i);
  // i ==1; success

  printf("seclevel: %d\n", SSL_CTX_get_security_level(ctx));
  // result 2

  return 0;
}
=====

OS: CentOS 8
OpenSSL 1.1.1c FIPS  28 May 2019

Are there any reasons?
I know SSLv23_method is deprecated. That does not matter.

Regards,
Takuho
Reply | Threaded
Open this post in threaded view
|

Re: SSL_CTX_set_ssl_version changes security level

OpenSSL - User mailing list
On Mon, May 11, 2020 at 05:01:27PM +0900, NAKANO Takuho wrote:

> Hello,
>
> I've found SSL_CTX_set_ssl_version changes security level:
>
> =====
> int main(void){
>   int i;
>   struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());
>
>   printf("seclevel: %d\n", SSL_CTX_get_security_level(ctx));
>   // 0--5 any
>
>   i = SSL_CTX_set_ssl_version(ctx, SSLv23_client_method());
>   printf("SSL_CTX_set_ssl_version result: %d\n", i);
>   // i ==1; success
>
>   printf("seclevel: %d\n", SSL_CTX_get_security_level(ctx));
>   // result 2
>
>   return 0;
> }
> =====
>
> OS: CentOS 8
> OpenSSL 1.1.1c FIPS  28 May 2019
>
> Are there any reasons?
> I know SSLv23_method is deprecated. That does not matter.

Note that SSL_CTX_set_ssl_version() has to re-set the cipher list
to filter out ciphers unsupported by the new version.  It uses
the default cipher list as its starting point, which I assume on
EL8 includes the security level in the cipher string.
You can set the cipher list (and security level) back to what you
want afterward, but I note that this behavior is a result of the
OS-vendor customization and not inherent to openssl.

-Ben
Reply | Threaded
Open this post in threaded view
|

Re: SSL_CTX_set_ssl_version changes security level

takotakot
2020年5月12日(火) 0:31 Benjamin Kaduk <[hidden email]>:

>
> On Mon, May 11, 2020 at 05:01:27PM +0900, NAKANO Takuho wrote:
> > Hello,
> >
> > I've found SSL_CTX_set_ssl_version changes security level:
> >
> > =====
> > int main(void){
> >   int i;
> >   struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());
> >
> >   printf("seclevel: %d\n", SSL_CTX_get_security_level(ctx));
> >   // 0--5 any
> >
> >   i = SSL_CTX_set_ssl_version(ctx, SSLv23_client_method());
> >   printf("SSL_CTX_set_ssl_version result: %d\n", i);
> >   // i ==1; success
> >
> >   printf("seclevel: %d\n", SSL_CTX_get_security_level(ctx));
> >   // result 2
> >
> >   return 0;
> > }
> > =====
> >
> > OS: CentOS 8
> > OpenSSL 1.1.1c FIPS  28 May 2019
> >
> > Are there any reasons?
> > I know SSLv23_method is deprecated. That does not matter.
>
> Note that SSL_CTX_set_ssl_version() has to re-set the cipher list
> to filter out ciphers unsupported by the new version.  It uses
> the default cipher list as its starting point, which I assume on
> EL8 includes the security level in the cipher string.
> You can set the cipher list (and security level) back to what you
> want afterward, but I note that this behavior is a result of the
> OS-vendor customization and not inherent to openssl.

> OS-vendor customization

Thank you. That's very helpful. I get how to configure (but don't know why...).

On CentOS 8:
First result of SSL_CTX_get_security_level depends on
A: /etc/pki/tls/openssl.cnf .

To be more precise, set "CipherString = @SECLEVEL=5:..."
or "CipherString = @SECLEVEL=0:..." in
B: /etc/crypto-policies/back-ends/opensslcnf.config
that is included by A.

*BUT* second result of SSL_CTX_get_security_level depends on
C: /etc/crypto-policies/back-ends/openssl.config
(I assume SSL_CTX_set_ssl_version internally refer this file).
File C has a single line beginning with:
@SECLEVEL=2:kEECDH:..
If I change this level, the second result changes.
Maybe it's on RHEL8 patch (system-cipherlist.patch).

If I tried on Ubuntu 18.04 with "OpenSSL 1.1.1d  10 Sep 2019",
security level diddn't change.

Regards,
Takuho
Reply | Threaded
Open this post in threaded view
|

Re: SSL_CTX_set_ssl_version changes security level

OpenSSL - User mailing list
On Tue, May 12, 2020 at 05:22:29AM +0900, NAKANO Takuho wrote:

> 2020年5月12日(火) 0:31 Benjamin Kaduk <[hidden email]>:
>
> > OS-vendor customization
>
> Thank you. That's very helpful. I get how to configure (but don't know why...).
>
> On CentOS 8:
> First result of SSL_CTX_get_security_level depends on
> A: /etc/pki/tls/openssl.cnf .
>
> To be more precise, set "CipherString = @SECLEVEL=5:..."
> or "CipherString = @SECLEVEL=0:..." in
> B: /etc/crypto-policies/back-ends/opensslcnf.config
> that is included by A.
>
> *BUT* second result of SSL_CTX_get_security_level depends on
> C: /etc/crypto-policies/back-ends/openssl.config
> (I assume SSL_CTX_set_ssl_version internally refer this file).
> File C has a single line beginning with:
> @SECLEVEL=2:kEECDH:..
> If I change this level, the second result changes.
> Maybe it's on RHEL8 patch (system-cipherlist.patch).

https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-system-cipherlist.patch
suggests (the ssl.h chunk) that this patch does force the use of the "system
profile" as the default cipher list.

-Ben
Reply | Threaded
Open this post in threaded view
|

Re: SSL_CTX_set_ssl_version changes security level

takotakot
> https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-system-cipherlist.patch
> suggests (the ssl.h chunk) that this patch does force the use of the "system
> profile" as the default cipher list.

https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl.spec
"./Configure" with option below:
--system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config
this path is where I pointed.

Takuho
Reply | Threaded
Open this post in threaded view
|

Re: SSL_CTX_set_ssl_version changes security level

Tomas Mraz-2
In reply to this post by OpenSSL - User mailing list
On Mon, 2020-05-11 at 13:37 -0700, Benjamin Kaduk via openssl-users
wrote:

> On Tue, May 12, 2020 at 05:22:29AM +0900, NAKANO Takuho wrote:
> > 2020年5月12日(火) 0:31 Benjamin Kaduk <[hidden email]>:
> >
> > > OS-vendor customization
> >
> > Thank you. That's very helpful. I get how to configure (but don't
> > know why...).
> >
> > On CentOS 8:
> > First result of SSL_CTX_get_security_level depends on
> > A: /etc/pki/tls/openssl.cnf .
> >
> > To be more precise, set "CipherString = @SECLEVEL=5:..."
> > or "CipherString = @SECLEVEL=0:..." in
> > B: /etc/crypto-policies/back-ends/opensslcnf.config
> > that is included by A.
> >
> > *BUT* second result of SSL_CTX_get_security_level depends on
> > C: /etc/crypto-policies/back-ends/openssl.config
> > (I assume SSL_CTX_set_ssl_version internally refer this file).
> > File C has a single line beginning with:
> > @SECLEVEL=2:kEECDH:..
> > If I change this level, the second result changes.
> > Maybe it's on RHEL8 patch (system-cipherlist.patch).
>
> https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-system-cipherlist.patch
> suggests (the ssl.h chunk) that this patch does force the use of the
> "system
> profile" as the default cipher list.

Yes, on Fedora/RHEL 8 you need to replace the cipher strings in both
/etc/crypto-policies/back-ends/openssl.config and /etc/crypto-
policies/back-ends/opensslcnf.config config files or you have to
override the cipher string with a non-default one from the application.

--
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]