Re: nginx 1.17.1 configcheck fails if config'd for TLSv1.3-only ?

PGNet Dev Fri, 19 Jul 2019 11:25:14 -0700

On 7/19/19 11:02 AM, Maxim Dounin wrote:
> Hello!
> 
> On Fri, Jul 19, 2019 at 10:52:55AM -0700, PGNet Dev wrote:
> 
>>>> And, if I change nginx to be 'TLSv1.3-only',
>>>>
>>>> -  ssl_protocols TLSv1.3 TLSv1.2;
>>>> -  ssl_ciphers "TLS13-CHACHA20-POLY1305-SHA256 TLS13-AES-256-GCM-SHA384 
>>>> TLS13-AES-128-GCM-SHA256 ECDHE-ECDSA-CHACHA20-POLY1305";
>>>> +  ssl_protocols TLSv1.3;
>>>> +  ssl_ciphers "TLS13-CHACHA20-POLY1305-SHA256 TLS13-AES-256-GCM-SHA384 
>>>> TLS13-AES-128-GCM-SHA256";
>>>>
>>>> even the webserver config check FAILs,
>>>>
>>>>    nginxconfcheck
>>>>            TLS13-AES-128-GCM-SHA256") failed (SSL: error:1410D0B9:SSL 
>>>> routines:SSL_CTX_set_cipher_list:no cipher match)
>>>>            nginx: configuration file /usr/local/etc/nginx/nginx.conf test 
>>>> failed
>>>>
>>>> and the server fails to start.
>>>
>>> That's because the cipher string listed contains no valid ciphers.
>>
>>
>> Sorry, I'm missing something :-/
>>
>> What's specifically "invalid" about the 3, listed ciphers?
>>
>>      TLS13-CHACHA20-POLY1305-SHA256 TLS13-AES-256-GCM-SHA384 
>> TLS13-AES-128-GCM-SHA256
> 
> There are no such ciphers in the OpenSSL.
> Try it yourself:
> 
> $ openssl ciphers TLS13-CHACHA20-POLY1305-SHA256
> Error in cipher list
> 0:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher 
> match:ssl/ssl_lib.c:2549:
> 
> [...]
>


Then what are these lists?

https://wiki.openssl.org/index.php/TLS1.3

        Ciphersuites

         
        OpenSSL has implemented support for five TLSv1.3 ciphersuites as 
follows:

         
            TLS_AES_256_GCM_SHA384

            TLS_CHACHA20_POLY1305_SHA256

            TLS_AES_128_GCM_SHA256

            TLS_AES_128_CCM_8_SHA256

            TLS_AES_128_CCM_SHA256

https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/

        Ciphersuites

         
        OpenSSL has implemented support for five TLSv1.3 ciphersuites as 
follows:

         
            TLS13-AES-256-GCM-SHA384

            TLS13-CHACHA20-POLY1305-SHA256

            TLS13-AES-128-GCM-SHA256

            TLS13-AES-128-CCM-8-SHA256

            TLS13-AES-128-CCM-SHA256



        "$ openssl ciphers -s -v ECDHE
          Will list all the ciphersuites for TLSv1.2 and below that support 
ECDHE and additionally all of the default TLSv1.3 ciphersuites."

openssl ciphers -s -v ECDHE
>>      TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) 
>> Mac=AEAD
>>      TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  
>> Enc=CHACHA20/POLY1305(256) Mac=AEAD
>>      TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) 
>> Mac=AEAD
        ...


openssl ciphers -tls1_3
>>      TLS_AES_256_GCM_SHA384:
>>      TLS_CHACHA20_POLY1305_SHA256:
>>      TLS_AES_128_GCM_SHA256:
        
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES2
 
56-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA

openssl ciphers TLS13-CHACHA20-POLY1305-SHA256
        Error in cipher list
        140418731745728:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no 
cipher match:ssl/ssl_lib.c:2549:

openssl ciphers TLS-CHACHA20-POLY1305-SHA256
        Error in cipher list
        140126717628864:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no 
cipher match:ssl/ssl_lib.c:2549:

openssl ciphers TLS13_CHACHA20_POLY1305_SHA256
        Error in cipher list
        139978279444928:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no 
cipher match:ssl/ssl_lib.c:2549:

openssl ciphers TLS_CHACHA20_POLY1305_SHA256
        Error in cipher list
        139921842241984:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no 
cipher match:ssl/ssl_lib.c:2549:


If your argument for TLSv1.3 usage in nginx is as-correctly-used in openssl, 
that's fine.

Can you provide a correct nginx example of TLS13-only usage of 
CHACHA20-POLY1305-SHA256 cipher?

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: nginx 1.17.1 configcheck fails if config'd for TLSv1.3-only ?

Reply via email to