Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Cannot Reproduce
-
10.3.13
-
Red Hat Enterprise Linux Server release 7.6 (Maipo)
Description
Hello.
During the TLS handshake, several clients present ECDHE ciphers during the "Hello client" step. However, the MariaDB server never seems to negotiate the ECDHE (Elliptic Curve Diffie-Hellman) ciphers, even if there is no restriction in the ssl-cipher parameter in [mysqld].
I have the impression that something must be wrong somewhere.
By the way, wouldn't it be a better choice to make MariaDB server choose his favorite cipher ? (see SSLHonorCipherOrder parameter, available in Apache) ?
Thanks
Attachments
Activity
Hello Daniel,
thanks for your reply.
To answer your question ; I believe our install is based on the Redhat RPM Packages (but I'm not quite 100% sure about this).
Please note that we don't use WolfSSL but OpenSSL 1.0.2k-fips, a MariaDB Server version: 10.3.13
Ssl_version TLSv1.2
have_openssl YES
Unless I'm mistaken, not all ECDHE suites use AES GCM and are not exclusively TLS 1.3, isn't ?
So, could you please reconsider the question ?
Thanks
Michel
Do your certificates allow ECDHE ciphers? Try
openssl x509 -text -noout -in your-cert.pem
|
you should see the line
ASN1 OID: prime256v1
|
You need to use openssl ecparam and openssl req -newkey ec: to create a correct certificate.
And you need to force TLSv1.2, because SSL_CTX_set_cipher_list() only works for TLSv1.2 and below.
With all that
mysql --ssl --tls-version=TLSv1.2 --ssl-cipher=ECDHE-ECDSA-AES128-GCM-SHA256 -e '\s'
|
shows for me
SSL: Cipher in use is ECDHE-ECDSA-AES128-GCM-SHA256
|
I'm apparently to stupid to get this working either, using MariaDB 10.5.8 right now:
$ mysql -u ssl_user -p.... -h .... --ssl --tls-version=TLSv1.2 --ssl-cipher=ECDHE-ECDSA-AES128-GCM-SHA256 -e "show status like 'ssl_cipher'"
|
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
|
The server certificate I generated looks like this:
openssl x509 -text -noout -in server-cert.pem
|
Certificate:
|
Data:
|
Version: 3 (0x2)
|
Serial Number: 1 (0x1)
|
Signature Algorithm: ecdsa-with-SHA256
|
Issuer: C=DE, ST=NRW, L=Bielefeld, O=MariaDB, OU=Support/emailAddress=hartmut@mariadb.com, CN=example.org
|
Validity
|
Not Before: Jun 14 15:38:11 2021 GMT
|
Not After : Jul 14 15:38:11 2021 GMT
|
Subject: C=DE, ST=NRW, L=Bielefeld, O=MariaDB, OU=Support/emailAddress=hartmut@mariadb.com, CN=server.example.org
|
Subject Public Key Info:
|
Public Key Algorithm: id-ecPublicKey
|
Public-Key: (256 bit)
|
pub:
|
04:f4:f1:ac:23:d7:23:25:87:d2:97:a1:92:7c:4a:
|
0a:f0:80:6a:6e:36:c3:b2:c6:fa:63:e7:c3:d8:9e:
|
eb:39:1c:fe:21:3f:36:85:46:05:e6:f2:41:68:fe:
|
ea:4e:c8:86:07:83:7a:8d:1d:84:be:f2:38:d4:d8:
|
2d:f4:41:7f:39
|
ASN1 OID: prime256v1
|
NIST CURVE: P-256
|
X509v3 extensions:
|
X509v3 Basic Constraints:
|
CA:FALSE
|
X509v3 Key Usage:
|
Digital Signature
|
X509v3 Extended Key Usage:
|
TLS Web Server Authentication, TLS Web Client Authentication
|
Signature Algorithm: ecdsa-with-SHA256
|
30:45:02:20:61:de:76:58:47:a0:24:86:35:61:c4:2f:ed:f6:
|
8c:16:b8:49:f9:26:b9:6a:e7:b3:1b:51:33:14:d3:12:ef:0c:
|
02:21:00:dd:80:d6:e5:fd:32:26:96:b8:39:1f:f5:42:b3:26:
|
19:b4:37:f4:68:43:96:92:1e:5f:94:b7:13:d2:e5:a8:e2
|
So I got at least the
ASN1 OID: prime256v1
|
part right.
I tried to generate it by modifying our "Certificate Creation with OpenSSL" instructions from
https://mariadb.com/kb/en/certificate-creation-with-openssl/
openssl ecparam -out ca-key.pem -name prime256v1 -genkey
|
openssl req -new -x509 -nodes -days 3600 -key ca-key.pem -out ca-cert.pem -subj ".../CN=example.org"
|
openssl req -newkey ec:ca-key.pem -days 3600 -nodes -keyout server-key.pem -out server-req.pem -subj ".../CN=server.example.org"
|
openssl x509 -req -in server-req.pem -extfile v3.ext -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem
|
openssl verify -CAfile ca-cert.pem server-cert.pem
|
with the v3.ext file just containing:
basicConstraints=CA:FALSE
|
keyUsage=digitalSignature
|
extendedKeyUsage=serverAuth,clientAuth
|
to enforce creation of a v3 certificate to make WolfSSL happy – different issue, here I'm using OpenSSL based server and clients exclusively.
I'm rather obviously doing it wrong, but I could not really find proper instructions for how to do it right either ...
My problem may even be more basic, as when just brute force trying all ciphers found in "SHOW STATUS LIKE 'Ssl_cipher_list'" output, one-way TLS connection attempts all fail with either
ERROR 2026 (HY000): SSL connection error: sslv3 alert handshake failure
|
or
ERROR 2026 (HY000): SSL connection error: no ciphers available
|
Strange. Now I've simply used certificates from the mysql-test/std_data, I did not generate anything new. And:
$ sql/mysqld --ssl-ca=/home/serg/maria/mysql-test/std_data/cacert.pem --ssl-cert=/home/serg/maria/mysql-test/std_data/server-cert.pem --ssl-key=/home/serg/maria/mysql-test/std_data/server-key.pem
|
...
|
$ mysql --ssl-ca=/home/serg/maria/mysql-test/std_data/cacert.pem --ssl-cert=/home/serg/maria/mysql-test/std_data/client-cert.pem --ssl-key=/home/serg/maria/mysql-test/std_data/client-key.pem -e '\s'|grep SSL
|
SSL: Cipher in use is TLS_AES_256_GCM_SHA384
|
$ mysql --ssl-ca=/home/serg/maria/mysql-test/std_data/cacert.pem --ssl-cert=/home/serg/maria/mysql-test/std_data/client-cert.pem --ssl-key=/home/serg/maria/mysql-test/std_data/client-key.pem -e '\s' --tls-version=TLSv1.2 |grep SSL
|
SSL: Cipher in use is ECDHE-RSA-AES256-GCM-SHA384
|
that is ECDHE cipher is used without me doing anything at all, no special certificates even. I only had to disable TLSv1.3, for --ssl-cipher to have any effect.
Is this a binary tarball of mariadb? If so
MDEV-22221isn't complete yet so ECDHE won't be available at its tls-1.3