OpenSSL mapping broken #5

noraj · 2021-04-23T08:09:50Z

There is an issue with openssl mapping.

If you look at the documentation of Openssl 1.1.1: https://www.openssl.org/docs/man1.1.1/man1/ciphers.html

There is the following mapping for ChaCha20-Poly1305 cipher suites, extending TLS v1.2 (IANA / OpenSSL)

 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256      ECDHE-RSA-CHACHA20-POLY1305
 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256    ECDHE-ECDSA-CHACHA20-POLY1305
 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256        DHE-RSA-CHACHA20-POLY1305
 TLS_PSK_WITH_CHACHA20_POLY1305_SHA256            PSK-CHACHA20-POLY1305
 TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256      ECDHE-PSK-CHACHA20-POLY1305
 TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256        DHE-PSK-CHACHA20-POLY1305
 TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256        RSA-PSK-CHACHA20-POLY1305

But looking at tls-table output the openssl cipher names are empty:

  "0xCC,0xA8": {
    "GnuTLS": "TLS_ECDHE_RSA_CHACHA20_POLY1305",
    "IANA": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
    "NSS": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
    "OpenSSL": ""
  },
  "0xCC,0xA9": {
    "GnuTLS": "TLS_ECDHE_ECDSA_CHACHA20_POLY1305",
    "IANA": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
    "NSS": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
    "OpenSSL": ""
  },
  "0xCC,0xAA": {
    "GnuTLS": "TLS_DHE_RSA_CHACHA20_POLY1305",
    "IANA": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
    "NSS": "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
    "OpenSSL": ""
  },
  "0xCC,0xAB": {
    "GnuTLS": "TLS_PSK_CHACHA20_POLY1305",
    "IANA": "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256",
    "NSS": "",
    "OpenSSL": ""
  },
  "0xCC,0xAC": {
    "GnuTLS": "TLS_ECDHE_PSK_CHACHA20_POLY1305",
    "IANA": "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
    "NSS": "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
    "OpenSSL": ""
  },
  "0xCC,0xAD": {
    "GnuTLS": "TLS_DHE_PSK_CHACHA20_POLY1305",
    "IANA": "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
    "NSS": "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
    "OpenSSL": ""
  },
  "0xCC,0xAE": {
    "GnuTLS": "TLS_RSA_PSK_CHACHA20_POLY1305",
    "IANA": "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256",
    "NSS": "",
    "OpenSSL": ""
  },

The code of tls-table is looking for cipher beginning with TLS1_CK_ or TLS1_TXT.

tls-table/tls-table.py

Lines 136 to 167 in 169f749

    
           # Grab the list from OpenSSL 
        
           print('Retrieving OpenSSL cipher list', file=sys.stderr) 
        
           try: 
        
               # OpenSSL splits up their code points and their text names for them 
        
               openssl_hex_values = {} 
        
               openssl_txt_values = {} 
        
               r = requests.get(OPENSSL_URL) 
        
               for line in r.text.split('\n'): 
        
                   if line.startswith('# define TLS1_CK'): 
        
                       cipher = line.split()[2].split('TLS1_CK_')[-1] 
        
                       hex = line.split()[3] 
        
                       code_point = '0x' + hex[6:8] + ',0x' + hex[8:10] 
        
                       # e.g., ECDHE_RSA_WITH_AES_128_GCM_SHA256 -> 0x0C,0x2F 
        
                       openssl_hex_values[cipher] = code_point 
        
                   elif line.startswith('# define TLS1_TXT'): 
        
                       cipher = line.split()[2].split('TLS1_TXT_')[-1] 
        
                       text = line.split()[3][1:-1] 
        
                       # e.g., ECDHE_RSA_WITH_AES_128_GCM_SHA256 -> ECDHE-RSA-AES128-GCM-SHA256 
        
                       openssl_txt_values[cipher] = text 
        
               for key in openssl_hex_values.iterkeys(): 
        
                   if openssl_hex_values[key] in cipher_hex_values: 
        
                       cipher_hex_values[openssl_hex_values[key]]['OpenSSL'] = openssl_txt_values[key] 
        
                   else: 
        
                       print('  Warning: code point {code_point} ({cipher}) not in IANA registry'.format( 
        
                           code_point=openssl_hex_values[key], cipher=key 
        
                       ), file=sys.stderr) 
        
           except: 
        
               print('Unable to retrieve or parse OpenSSL cipher list', file=sys.stderr)

The ciphers are declared here:

https://github.com/openssl/openssl/blob/0ba8bc058376d423d7c5649cfce83a23cce97267/include/openssl/tls1.h#L1074-L1081

/* draft-ietf-tls-chacha20-poly1305-03 */
# define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305         "ECDHE-RSA-CHACHA20-POLY1305"
# define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305       "ECDHE-ECDSA-CHACHA20-POLY1305"
# define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305           "DHE-RSA-CHACHA20-POLY1305"
# define TLS1_TXT_PSK_WITH_CHACHA20_POLY1305               "PSK-CHACHA20-POLY1305"
# define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305         "ECDHE-PSK-CHACHA20-POLY1305"
# define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305           "DHE-PSK-CHACHA20-POLY1305"
# define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305           "RSA-PSK-CHACHA20-POLY1305"

https://github.com/openssl/openssl/blob/0ba8bc058376d423d7c5649cfce83a23cce97267/include/openssl/tls1.h#L581-L588

/* draft-ietf-tls-chacha20-poly1305-03 */
# define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305         0x0300CCA8
# define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305       0x0300CCA9
# define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305           0x0300CCAA
# define TLS1_CK_PSK_WITH_CHACHA20_POLY1305               0x0300CCAB
# define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305         0x0300CCAC
# define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305           0x0300CCAD
# define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305           0x0300CCAE

https://github.com/openssl/openssl/blob/0ba8bc058376d423d7c5649cfce83a23cce97267/include/openssl/tls1.h#L743-L749

# define TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305         "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305       "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305     "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_PSK_WITH_CHACHA20_POLY1305             "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305       "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305         "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305         "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"

Yet nothing shows up. I took the example for ChaCha20-Poly1305 cipher suites but it's not working for any chipher anymore.
I guess it is because they changed the structure of the code.

The text was updated successfully, but these errors were encountered:

noraj · 2021-04-23T08:18:39Z

There are also TLS 1.3 cipher suites that won't be taken into account because they begin with TLS1_3_CK or TLS1_3_RFC and not TLS1_CK or TLS1_RFC and by the way have no TLS1_3_TXT entries but are listed here https://www.openssl.org/docs/man1.1.1/man1/ciphers.html:

https://github.com/openssl/openssl/blob/0ba8bc058376d423d7c5649cfce83a23cce97267/include/openssl/tls1.h#L590-L595

/* TLS v1.3 ciphersuites */
# define TLS1_3_CK_AES_128_GCM_SHA256                     0x03001301
# define TLS1_3_CK_AES_256_GCM_SHA384                     0x03001302
# define TLS1_3_CK_CHACHA20_POLY1305_SHA256               0x03001303
# define TLS1_3_CK_AES_128_CCM_SHA256                     0x03001304
# define TLS1_3_CK_AES_128_CCM_8_SHA256                   0x03001305

https://github.com/openssl/openssl/blob/0ba8bc058376d423d7c5649cfce83a23cce97267/include/openssl/tls1.h#L671-L675

# define TLS1_3_RFC_AES_128_GCM_SHA256                   "TLS_AES_128_GCM_SHA256"
# define TLS1_3_RFC_AES_256_GCM_SHA384                   "TLS_AES_256_GCM_SHA384"
# define TLS1_3_RFC_CHACHA20_POLY1305_SHA256             "TLS_CHACHA20_POLY1305_SHA256"
# define TLS1_3_RFC_AES_128_CCM_SHA256                   "TLS_AES_128_CCM_SHA256"
# define TLS1_3_RFC_AES_128_CCM_8_SHA256                 "TLS_AES_128_CCM_8_SHA256"

https://wiki.mozilla.org/Security/Cipher_Suites

github: closes april#5 github: closes april#9

noraj mentioned this issue May 8, 2021

Are these Cipher_Suites still updated? #4

Open

This was referenced Dec 22, 2023

Cipher_suites table on wiki may no longer be generated automatically, and therefore stale. mozilla/server-side-tls#247

Open

tls-table doesn't seem to be working mozilla/server-side-tls#292

Open

gstrauss added a commit to gstrauss/tls-table that referenced this issue Nov 9, 2024

parse more from openssl/tls1.h

578f331

github: closes april#5 github: closes april#9

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OpenSSL mapping broken #5

OpenSSL mapping broken #5

noraj commented Apr 23, 2021

noraj commented Apr 23, 2021 •

edited

Loading

OpenSSL mapping broken #5

OpenSSL mapping broken #5

Comments

noraj commented Apr 23, 2021

noraj commented Apr 23, 2021 • edited Loading

noraj commented Apr 23, 2021 •

edited

Loading