From mboxrd@z Thu Jan 1 00:00:00 1970 From: ummeegge To: development@lists.ipfire.org Subject: Re: [PATCH] OpenSSL_update: Update to version 1.1.1a Date: Mon, 11 Feb 2019 09:52:27 +0100 Message-ID: <161805aa58cc9c071780428082141dc699764640.camel@ipfire.org> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5911369054425194070==" List-Id: --===============5911369054425194070== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Hi all, On Fr, 2019-01-18 at 18:06 +0100, Peter Müller wrote: > Hello, > > just for the records some explanations on this patch: > (a) Chacha/Poly is faster on devices without built-in AES > acceleration. > Since it provides the same strength as AES, I usually prefer it > except > for _very_ high bandwidth requirements. > (b) At the moment, there seems to be little support of AESCCM, so I > disabled it for now in order to keep our ciphersuite zoo smaller. :-) > If there is any need to enable it, I will update the patch > accordingly. it seems that unbound uses AES-CCM. With version 1.9.0 which Matthias has already pushed, some new directives for DoT has been introduced. Please take a look to unbound example configurations --> https://github.com/NLnetLabs/unbound/blob/master/doc/example.conf.in under "cipher setting for TLSv1.3" . So it might be an idea to enable AESCCM !? > > I am happy this made its way into IPFire. :-) > > Updated add-on versions for Postfix and Tor will come soon, at the > moment, I am somewhat busy with libloc, Suricata and the ORANGE > default > firewall behaviour. > > Thanks, and best regards, > Peter Müller > > > > > Even i use the old patch i am a happy tester with 64 bit since one > > month + :-). > > > > The difference between old and new patch (from Peter) are not that > > vast > > and they looks like this: > > > > --- OpenSSL-1.1.1a_old_patch 2019-01-13 18:15:33.316651666 > > +0100 > > +++ OpenSSL-1.1.1a-new_patch 2019-01-13 18:16:22.008650232 > > +0100 > > @@ -1,31 +1,23 @@ > > -TLS_AES_256_GCM_SHA384 TLSv1.3 > > Kx=any Au=any Enc=AESGCM(256) Mac=AEAD > > TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 > > Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD > > +TLS_AES_256_GCM_SHA384 TLSv1.3 > > Kx=any Au=any Enc=AESGCM(256) Mac=AEAD > > TLS_AES_128_GCM_SHA256 TLSv1.3 > > Kx=any Au=any Enc=AESGCM(128) Mac=AEAD > > -ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESGCM(256) Mac=AEAD > > ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=CHACHA20/POLY1305(256) Mac=AEAD > > -ECDHE-ECDSA-AES256-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESCCM8(256) Mac=AEAD > > -ECDHE-ECDSA-AES256-CCM TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESCCM(256) Mac=AEAD > > +ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESGCM(256) Mac=AEAD > > ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESGCM(128) Mac=AEAD > > -ECDHE-ECDSA-AES128-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESCCM8(128) Mac=AEAD > > -ECDHE-ECDSA-AES128-CCM TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESCCM(128) Mac=AEAD > > ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AES(256) Mac=SHA384 > > ECDHE-ECDSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=Camellia(256) Mac=SHA384 > > ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AES(128) Mac=SHA256 > > ECDHE-ECDSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=Camellia(128) Mac=SHA256 > > -ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD > > ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 > > Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD > > +ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD > > ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD > > ECDHE-RSA-AES256-SHA384 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 > > ECDHE-RSA-CAMELLIA256-SHA384 TLSv1.2 > > Kx=ECDH Au=RSA Enc=Camellia(256) Mac=SHA384 > > ECDHE-RSA-AES128-SHA256 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 > > ECDHE-RSA-CAMELLIA128-SHA256 TLSv1.2 > > Kx=ECDH Au=RSA Enc=Camellia(128) Mac=SHA256 > > -DHE-RSA-AES256-GCM-SHA384 TLSv1.2 > > Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD > > DHE-RSA-CHACHA20-POLY1305 TLSv1.2 > > Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD > > -DHE-RSA-AES256-CCM8 TLSv1.2 > > Kx=DH Au=RSA Enc=AESCCM8(256) Mac=AEAD > > -DHE-RSA-AES256-CCM TLSv1.2 > > Kx=DH Au=RSA Enc=AESCCM(256) Mac=AEAD > > +DHE-RSA-AES256-GCM-SHA384 TLSv1.2 > > Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD > > DHE-RSA-AES128-GCM-SHA256 TLSv1.2 > > Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD > > -DHE-RSA-AES128-CCM8 TLSv1.2 > > Kx=DH Au=RSA Enc=AESCCM8(128) Mac=AEAD > > -DHE-RSA-AES128-CCM TLSv1.2 > > Kx=DH Au=RSA Enc=AESCCM(128) Mac=AEAD > > DHE-RSA-AES256-SHA256 TLSv1.2 > > Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 > > DHE-RSA-CAMELLIA256-SHA256 TLSv1.2 > > Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA256 > > DHE-RSA-AES128-SHA256 TLSv1.2 > > Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 > > @@ -37,14 +29,9 @@ > > DHE-RSA-AES256-SHA SSLv3 > > Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 > > DHE-RSA-CAMELLIA256-SHA SSLv3 > > Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1 > > DHE-RSA-AES128-SHA SSLv3 > > Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 > > -DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) > > Mac=SHA1 > > DHE-RSA-CAMELLIA128-SHA SSLv3 > > Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1 > > AES256-GCM-SHA384 TLSv1.2 > > Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD > > -AES256-CCM8 TLSv1.2 > > Kx=RSA Au=RSA Enc=AESCCM8(256) Mac=AEAD > > -AES256-CCM TLSv1.2 > > Kx=RSA Au=RSA Enc=AESCCM(256) Mac=AEAD > > AES128-GCM-SHA256 TLSv1.2 > > Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD > > -AES128-CCM8 TLSv1.2 > > Kx=RSA Au=RSA Enc=AESCCM8(128) Mac=AEAD > > -AES128-CCM TLSv1.2 > > Kx=RSA Au=RSA Enc=AESCCM(128) Mac=AEAD > > AES256-SHA256 TLSv1.2 > > Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256 > > CAMELLIA256-SHA256 TLSv1.2 > > Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA256 > > AES128-SHA256 TLSv1.2 > > Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256 > > > > So mostly changes are causing by the disabled AES-CCM. > > Best, Erik --===============5911369054425194070==--