Hubert Kario via RT
2014-10-08 17:12:29 UTC
# Start a server:
openssl req -x509 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch
openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.crt -subj /CN=server -nodes -batch
openssl s_server -key localhost.key -cert localhost.crt -key2 server.key -cert2 server.crt -servername server
# connect to it using new enough client (openssl 1.0.2 at least):
openssl s_client -connect localhost:4433 </dev/null 2>/dev/null| grep 'Peer signing digest'
openssl s_client -connect localhost:4433 -servername server </dev/null 2>/dev/null| grep 'Peer signing digest'
The results are respectively:
Peer signing digest: SHA512
Peer signing digest: SHA1
The virtual host should use the same signing digest as the
default host (that is the strongest mutually supported by
client and server).
The issue is present in at least openssl-1.0.1e-39.fc20.x86_64
(fedora package, where it also affects Apache mod_ssl) as well
as current development master e0fdea3e49e7454
In master it also affects SuiteB mode where it causes the SNI
to not work:
openssl ecparam -name prime256v1 -out p256
openssl req -x509 -newkey ec:p256 -keyout server.key -out server.crt -subj /CN=server -nodes -batch -sha256
openssl req -x509 -newkey ec:p256 -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch -sha256
openssl s_server -key localhost.key -cert localhost.crt -key2 server.key -cert2 server.crt -servername server -cipher SUITEB128
In different terminal:
$ openssl s_client -connect localhost:4433 </dev/null 2> /dev/null | grep 'Peer signing digest'
Peer signing digest: SHA256
$ openssl s_client -connect localhost:4433 -servername server </dev/null
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
CONNECTED(00000003)
140627487106720:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:757:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 390 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
---
While at the same time server reports:
ACCEPT
Hostname in TLS extension: "server"
Switching server context.
ERROR
140475191449248:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:s3_srvr.c:1405:
shutting down SSL
CONNECTION CLOSED
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Email: ***@redhat.com
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
openssl req -x509 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch
openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.crt -subj /CN=server -nodes -batch
openssl s_server -key localhost.key -cert localhost.crt -key2 server.key -cert2 server.crt -servername server
# connect to it using new enough client (openssl 1.0.2 at least):
openssl s_client -connect localhost:4433 </dev/null 2>/dev/null| grep 'Peer signing digest'
openssl s_client -connect localhost:4433 -servername server </dev/null 2>/dev/null| grep 'Peer signing digest'
The results are respectively:
Peer signing digest: SHA512
Peer signing digest: SHA1
The virtual host should use the same signing digest as the
default host (that is the strongest mutually supported by
client and server).
The issue is present in at least openssl-1.0.1e-39.fc20.x86_64
(fedora package, where it also affects Apache mod_ssl) as well
as current development master e0fdea3e49e7454
In master it also affects SuiteB mode where it causes the SNI
to not work:
openssl ecparam -name prime256v1 -out p256
openssl req -x509 -newkey ec:p256 -keyout server.key -out server.crt -subj /CN=server -nodes -batch -sha256
openssl req -x509 -newkey ec:p256 -keyout localhost.key -out localhost.crt -subj /CN=localhost -nodes -batch -sha256
openssl s_server -key localhost.key -cert localhost.crt -key2 server.key -cert2 server.crt -servername server -cipher SUITEB128
In different terminal:
$ openssl s_client -connect localhost:4433 </dev/null 2> /dev/null | grep 'Peer signing digest'
Peer signing digest: SHA256
$ openssl s_client -connect localhost:4433 -servername server </dev/null
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
CONNECTED(00000003)
140627487106720:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:757:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 390 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
---
While at the same time server reports:
ACCEPT
Hostname in TLS extension: "server"
Switching server context.
ERROR
140475191449248:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:s3_srvr.c:1405:
shutting down SSL
CONNECTION CLOSED
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Email: ***@redhat.com
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org