Skip to content

SSL_CTX_set_ciphersuites does not ignore unknown cipher string #9335

New issue
New issue
Closed
Closed
SSL_CTX_set_ciphersuites does not ignore unknown cipher string#9335
Labels
triaged: featureThe issue/pr requests/adds a feature
Milestone
Post 3.0.0
@Posolsvetla

Description

@Posolsvetla
Posolsvetla
opened on Jul 10, 2019

Hi,

the statement in the issue title is well according to the docs for SSL_CTX_set_ciphersuites at https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_cipher_list.html

SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() return 1 if the requested ciphersuite list was configured, and 0 otherwise.

However, imagine this scenario:

Prerequisites:

  1. An application (APP) which uses OpenSSL provided by the OS (or other 3rd party)
  2. APP calls SSL_CTX_set_ciphersuites with (e.g.) the cipher string "TLS_CHACHA20_POLY1305_SHA256"

Steps:

  1. A new "SUPER_SECURE_NEW_CIPHER" is added into OpenSSL version x.y.z (might be very well 1.1.1)
  2. APP is updated to call SSL_CTX_set_ciphersuites with "TLS_CHACHA20_POLY1305_SHA256:SUPER_SECURE_NEW_CIPHER" with the intention to use the new cipher ASAP
  3. APP is deployed to the public, but OpenSSL stays not updated (the developer of APP does not have any influence on the deployment of OpenSSL)
  4. As call to SSL_CTX_set_ciphersuites failes, APP could (as a consequence), either:
    4.1. stop using TLS 1.3
    4.2. continue using TLS 1.3 with the default ciphers
    neither of which is ideal

This behaviour basically prevents deployment of APP which would use "SUPER_SECURE_NEW_CIPHER".

Possible solutions:

  1. SSL_CTX_set_ciphersuites would not fail, if at least one cipher could be set up
  2. APP would (at the beginning of step 2) enumerate the ciphers provided by OpenSSL and would not try to set up the ones which are not present

Ad solution 1:
Current behaviour seems to be implemented from the very beginning in #5359, but I didn't find any reasoning for it, just a small mention of BoringSSL in #7759 (comment)
Therefore I don't know if the solution 1 is acceptable or not.
Ad solution 2:
It happens that I already enumerate the ciphers provided by OpenSSL, for a different reason (there is, and won't be, no other possibility, unfortunately). The code is rather silly (although better than in 1.0.2) and I think such code should not be needed in APP before calling of SSL_CTX_set_ciphersuites.

This issue is not urgent by any means, it's just some precaution for the future.
I would welcome any thoughts or advice.
Many thanks.

Metadata

Metadata

Assignees

No one assigned

    Labels

    triaged: featureThe issue/pr requests/adds a feature

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions