From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id B5EB17803DB for ; Thu, 28 Sep 2023 09:11:08 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=HimUPLDRkLxGdnXrkpJ2o1RvZeatt/lwbiYvq5GwBFk=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:Subject:To:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1695892267; v=1; b=WrErKfsstvLWay2UcHSel4hrAURaA6GRyif+xzD/SLyLFkBN+PVnZM4P1hfTU3S4F/JE2EDG u2oMOsVyJ/xqlM9DwHhmUJvEmfONsscqS/7Yw1qFdCRuetAP6P+kHkG+MUMypfPo4Rhk5nqQVqS wpaDTzYLmxGEx01WNF8QMEkY= X-Received: by 127.0.0.2 with SMTP id M73bYY7687511x9pE73Af7FD; Thu, 28 Sep 2023 02:11:07 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web10.9889.1695892266507091486 for ; Thu, 28 Sep 2023 02:11:06 -0700 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-423-iHUX7g6AMJSiK8hWnHIpOA-1; Thu, 28 Sep 2023 05:11:02 -0400 X-MC-Unique: iHUX7g6AMJSiK8hWnHIpOA-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 36AF5101A58B; Thu, 28 Sep 2023 09:11:02 +0000 (UTC) X-Received: from [10.39.192.184] (unknown [10.39.192.184]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7936B14171B6; Thu, 28 Sep 2023 09:11:01 +0000 (UTC) Message-ID: <273c853d-e70b-ddda-4387-35b825fdfebc@redhat.com> Date: Thu, 28 Sep 2023 11:11:00 +0200 MIME-Version: 1.0 Subject: Re: [edk2-devel] setting TLS ciphers is broken (openssl 3?) To: Gerd Hoffmann , edk2-devel-groups-io , "Li, Yi" , Jiewen Yao References: <27kjaqdrgubri6i3vvickznsmdqnuo6h3tbxfmb3hr76n75gjf@cah3opindcnc> From: "Laszlo Ersek" In-Reply-To: <27kjaqdrgubri6i3vvickznsmdqnuo6h3tbxfmb3hr76n75gjf@cah3opindcnc> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: KQZEbj4V5Wa7VmgHNI9H01dPx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=WrErKfss; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io On 9/27/23 10:38, kraxel at redhat.com (Gerd Hoffmann) wrote: > Hi, > > I've noticed that setting chipers for TLS stopped working in ovmf, > most likely due to the openssl 3.0 update. > > Test case: try http boot from https server, set ciphers on the qemu > command line using: > -object tls-cipher-suites,id=3Dtls-cipher0,priority=3D@SYSTEM > -fw_cfg name=3Detc/edk2/https/ciphers,gen_id=3Dtls-cipher0 > > OvmfPkg/Library/TlsAuthConfigLib will read it from fwcfg and set > EDKII_HTTP_TLS_CIPHER_LIST_VARIABLE. > > CryptoPkg/Library/TlsLib/TlsConfig.c will read the variable, map the > IDs to strings and call SSL_set_cipher_list() with the result. > > Later on the tls handshake fails. From the log: > > [ ... ] > TlsDxe:TlsSetCipherList: CipherString=3D{ > ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-A= ES128-GC > M-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-GCM-SHA384:D= HE-RSA-A > ES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-DES-CBC3-SHA > } > [ ... ] > TlsDoHandshake SSL_HANDSHAKE_ERROR State=3D0x10 SSL_ERROR_SSL > TlsDoHandshake ERROR 0x308010C=3DL6:R8010C Library 6 is "EVP" ("envelope"): # define ERR_LIB_EVP 6 Reason code is 0x8010C, in binary: 10000000000100001100 The least significant 18 bits (ERR_RFLAGS_OFFSET) are the actual reason code (000000000100001100), bits above it are the reason flags (10). The reason flag is therefore ERR_RFLAG_COMMON -- "the reason code is common to all libraries". Reason code (0x10c, 268) is ERR_R_UNSUPPORTED: # define ERR_R_UNSUPPORTED (268|ERR_RFLAG_COMMON) > TlsDoHandshake ERROR 0xA0C0103=3DL14:RC0103 Library: 0x14 # define ERR_LIB_SSL 20 Reason flags: ERR_RFLAG_FATAL (1) + ERR_RFLAG_COMMON (2). Reason code: 0x103 -- 259 # define ERR_R_FATAL (ERR_RFLAG_FATAL|ERR_RFLAG= _COMMON) # define ERR_R_INTERNAL_ERROR (259|ERR_R_FATAL) For a successful handshake, we need the intersection of the following sets not to be empty: (1) the ciphers enabled in your system-wide crypto policy (likely DEFAULT) (2) TlsCipherMappingTable [CryptoPkg/Library/TlsLib/TlsConfig.c] (3) the ciphers supported by the openssl library linked into the firmware (4) the ciphers supported by the HTTPS server The OpenSSL3 update may have restricted set (3), causing the grand intersection to be empty. Can you perhaps relax your crypto policy -- i.e., widen set (1) -- to LEGACY with "update-crypto-policies", to see if that makes a difference? (Or else, on the QEMU command line, use a different priority from @SYSTEM; but I'm not sure how that works.) Laszlo -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109143): https://edk2.groups.io/g/devel/message/109143 Mute This Topic: https://groups.io/mt/101613778/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/19134562= 12/xyzzy [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-