From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 8E80EAC0F5C for ; Fri, 29 Sep 2023 07:59:59 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=6//PruiZtnwmKS5Rkxeqpdubuwbde697DqGPfATdjKw=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1695974398; v=1; b=QkqDvrRBl8RXdrGtZwTF1wF/TW5/zDsPUPLUM23uZUe4ENY2vyfxSR3i7ZzIUqd+dijd8cYq u9FZt/uoCjnito085hYSUFSADGxDWA5tgchpkfv+vojmD3mlZevwUsI7HKrsotPXQvLv7yRv5cy CVYJu0hmCXcqd+uz25vttfsI= X-Received: by 127.0.0.2 with SMTP id XiIHYY7687511xe9cgEmfdys; Fri, 29 Sep 2023 00:59:58 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web10.12731.1695974397414967583 for ; Fri, 29 Sep 2023 00:59:57 -0700 X-Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-611-v6acr12aOOSn6CzMsVq1zQ-1; Fri, 29 Sep 2023 03:59:55 -0400 X-MC-Unique: v6acr12aOOSn6CzMsVq1zQ-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E5CCE3C0F238; Fri, 29 Sep 2023 07:59:54 +0000 (UTC) X-Received: from [10.39.193.17] (unknown [10.39.193.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id ECC7314171B6; Fri, 29 Sep 2023 07:59:53 +0000 (UTC) Message-ID: Date: Fri, 29 Sep 2023 09:59:52 +0200 MIME-Version: 1.0 Subject: Re: [edk2-devel] setting TLS ciphers is broken (openssl 3?) To: Gerd Hoffmann Cc: edk2-devel-groups-io , "Li, Yi" , Jiewen Yao References: <27kjaqdrgubri6i3vvickznsmdqnuo6h3tbxfmb3hr76n75gjf@cah3opindcnc> <273c853d-e70b-ddda-4387-35b825fdfebc@redhat.com> From: "Laszlo Ersek" In-Reply-To: X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: th7Xz620PkefjEkDzWx4CaF9x7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=QkqDvrRB; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io On 9/28/23 16:25, Gerd Hoffmann wrote: >> The OpenSSL3 update may have restricted set (3), causing the grand >> intersection to be empty. > > That seems to be the case. Maybe (2) needs an update to enable newer > ciphers, when logging the mappings I see there are quite a few IDs which > don't get mapped: > > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x1302 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x1303 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x1301 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x1304 > TlsDxe:TlsSetCipherList: CipherId=3D0xC030 -> ECDHE-RSA-AES256-GCM-SHA384 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xCCA8 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC014 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC02F > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC013 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC012 > TlsDxe:TlsSetCipherList: CipherId=3D0xC02C -> ECDHE-ECDSA-AES256-GCM-SHA3= 84 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC0AD > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xCCA9 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC00A > TlsDxe:TlsSetCipherList: CipherId=3D0xC02B -> ECDHE-ECDSA-AES128-GCM-SHA2= 56 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC0AC > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC009 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC008 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x009D > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC09D > TlsDxe:TlsSetCipherList: CipherId=3D0x0035 -> AES256-SHA > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x009C > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC09C > TlsDxe:TlsSetCipherList: CipherId=3D0x002F -> AES128-SHA > TlsDxe:TlsSetCipherList: CipherId=3D0x000A -> DES-CBC3-SHA > TlsDxe:TlsSetCipherList: CipherId=3D0x009F -> DHE-RSA-AES256-GCM-SHA384 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC09F > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xCCAA > TlsDxe:TlsSetCipherList: CipherId=3D0x0039 -> DHE-RSA-AES256-SHA > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x009E > TlsDxe:TlsSetCipherList: skipping CipherId=3D0xC09E > TlsDxe:TlsSetCipherList: CipherId=3D0x0033 -> DHE-RSA-AES128-SHA > TlsDxe:TlsSetCipherList: CipherId=3D0x0016 -> DHE-RSA-DES-CBC3-SHA > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x00A3 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x0038 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x00A2 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x0032 > TlsDxe:TlsSetCipherList: skipping CipherId=3D0x0013 > Not setting ciphers works. Right, so the default cipher list built into OpenSSL3 (3) is not the problem in itself, and (1) and (4) have not changed. I have raised before that TlsCipherMappingTable should be kept in sync with all the ciphers that we build in from OpenSSL: * https://bugzilla.tianocore.org/show_bug.cgi?id=3D915#c0 (dated 2018-03-30): > (3) While it is correct that an unrecognized EFI_TLS_CIPHER is rejected w= ith > EFI_UNSUPPORTED, the table used by TlsGetCipherString(), namely > "TlsCipherMappingTable", is very lacking -- at commit 9c7d0d499296, it li= sts > 23 cipher suites, and even those include "NULL-MD5" and "NULL-SHA". > > On my laptop, "openssl ciphers -V ALL" lists 110 cipher suites. > > The "TlsCipherMappingTable" array should include all ciphers that are > supported by the OpenSSL release identified in > > CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt > > Whenever edk2 picks up a new OpenSSL release, the cipher table should be > actualized. * https://bugzilla.tianocore.org/show_bug.cgi?id=3D929 (reported on 2018-04-10; closed as WONTFIX by myself, approx. 5 years later, because nobody cared): > According to the mailing list discussion linked in > , > "TlsCipherMappingTable" should never offer *more* cipher suites than > actually supported by OpensslLib (because then the TLS client might > negotiate a cipher suite with the server that the client ultimately > won't be able to support). However, for best coverage of the ciphers > that *are* available, "TlsCipherMappingTable" should reasonably > approach the set of ciphers that we enable in "OpensslLib.inf". Please > review the latter set and merge the according cipher suite identifiers > into "TlsCipherMappingTable". Also reported by Microsoft separately: * https://bugzilla.tianocore.org/show_bug.cgi?id=3D2541 (reported on 2020-02-20; in CONFIRMED state currently) ... I wonder how TlsCipherMappingTable looks in Project Mu! Laszlo -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109186): https://edk2.groups.io/g/devel/message/109186 Mute This Topic: https://groups.io/mt/101613778/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/19134562= 12/xyzzy [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-