Hi all, Am Freitag, den 18.01.2019, 18:06 +0100 schrieb Peter Müller: > Hello, > > just for the records some explanations on this patch: > (a) Chacha/Poly is faster on devices without built-in AES > acceleration. > Since it provides the same strength as AES, I usually prefer it > except > for _very_ high bandwidth requirements. > (b) At the moment, there seems to be little support of AESCCM, so I > disabled it for now in order to keep our ciphersuite zoo smaller. :-) > If there is any need to enable it, I will update the patch > accordingly. the new OpenSSL has implemented support for five new TLSv1.3 ciphersuites. We have already three activated (which is the default) and the other two are CCM mode ciphers --> https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites . Am currently not sure about a concrete use case for this but it appears that e.g. 'TLS_AES_128_CCM_8_SHA256' have a shorter authentication tag and in combination with a short plaintext the ciphertext are less than 16 bytes. --> https://datatracker.ietf.org/meeting/102/agenda/tls-drafts.pdf which can be in rare use cases (?) nice. > > I am happy this made its way into IPFire. :-) Me too :-) . > > Updated add-on versions for Postfix and Tor will come soon, at the > moment, I am somewhat busy with libloc, Suricata and the ORANGE > default > firewall behaviour. There are some more OpenSSL patches for elinks-0.12pre6-openssl11.patch net-snmp-5.7.3-openssl.patch openssh-7.8p1-openssl-1.1.0-1.patch openssl-1.0.0-beta5-enginesdir.patch openssl-1.0.2a-rpmbuild.patch openssl-1.0.2a_disable_ssse3_for_amd.patch openssl-1.0.2g-disable-sslv2v3.patch ppp-2.4.7-openssl.patch as far as i can see openssl-compat has been dropped ? Best, Erik > > Thanks, and best regards, > Peter Müller > > > > > Even i use the old patch i am a happy tester with 64 bit since one > > month + :-). > > > > The difference between old and new patch (from Peter) are not that > > vast > > and they looks like this: > > > > --- OpenSSL-1.1.1a_old_patch 2019-01-13 18:15:33.316651666 > > +0100 > > +++ OpenSSL-1.1.1a-new_patch 2019-01-13 18:16:22.008650232 > > +0100 > > @@ -1,31 +1,23 @@ > > -TLS_AES_256_GCM_SHA384 TLSv1.3 > > Kx=any Au=any Enc=AESGCM(256) Mac=AEAD > > TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 > > Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD > > +TLS_AES_256_GCM_SHA384 TLSv1.3 > > Kx=any Au=any Enc=AESGCM(256) Mac=AEAD > > TLS_AES_128_GCM_SHA256 TLSv1.3 > > Kx=any Au=any Enc=AESGCM(128) Mac=AEAD > > -ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESGCM(256) Mac=AEAD > > ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=CHACHA20/POLY1305(256) Mac=AEAD > > -ECDHE-ECDSA-AES256-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESCCM8(256) Mac=AEAD > > -ECDHE-ECDSA-AES256-CCM TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESCCM(256) Mac=AEAD > > +ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESGCM(256) Mac=AEAD > > ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESGCM(128) Mac=AEAD > > -ECDHE-ECDSA-AES128-CCM8 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESCCM8(128) Mac=AEAD > > -ECDHE-ECDSA-AES128-CCM TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AESCCM(128) Mac=AEAD > > ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AES(256) Mac=SHA384 > > ECDHE-ECDSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=Camellia(256) Mac=SHA384 > > ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=AES(128) Mac=SHA256 > > ECDHE-ECDSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA > > Enc=Camellia(128) Mac=SHA256 > > -ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD > > ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 > > Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD > > +ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD > > ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD > > ECDHE-RSA-AES256-SHA384 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 > > ECDHE-RSA-CAMELLIA256-SHA384 TLSv1.2 > > Kx=ECDH Au=RSA Enc=Camellia(256) Mac=SHA384 > > ECDHE-RSA-AES128-SHA256 TLSv1.2 > > Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 > > ECDHE-RSA-CAMELLIA128-SHA256 TLSv1.2 > > Kx=ECDH Au=RSA Enc=Camellia(128) Mac=SHA256 > > -DHE-RSA-AES256-GCM-SHA384 TLSv1.2 > > Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD > > DHE-RSA-CHACHA20-POLY1305 TLSv1.2 > > Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD > > -DHE-RSA-AES256-CCM8 TLSv1.2 > > Kx=DH Au=RSA Enc=AESCCM8(256) Mac=AEAD > > -DHE-RSA-AES256-CCM TLSv1.2 > > Kx=DH Au=RSA Enc=AESCCM(256) Mac=AEAD > > +DHE-RSA-AES256-GCM-SHA384 TLSv1.2 > > Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD > > DHE-RSA-AES128-GCM-SHA256 TLSv1.2 > > Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD > > -DHE-RSA-AES128-CCM8 TLSv1.2 > > Kx=DH Au=RSA Enc=AESCCM8(128) Mac=AEAD > > -DHE-RSA-AES128-CCM TLSv1.2 > > Kx=DH Au=RSA Enc=AESCCM(128) Mac=AEAD > > DHE-RSA-AES256-SHA256 TLSv1.2 > > Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 > > DHE-RSA-CAMELLIA256-SHA256 TLSv1.2 > > Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA256 > > DHE-RSA-AES128-SHA256 TLSv1.2 > > Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 > > @@ -37,14 +29,9 @@ > > DHE-RSA-AES256-SHA SSLv3 > > Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 > > DHE-RSA-CAMELLIA256-SHA SSLv3 > > Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1 > > DHE-RSA-AES128-SHA SSLv3 > > Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 > > -DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) > > Mac=SHA1 > > DHE-RSA-CAMELLIA128-SHA SSLv3 > > Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1 > > AES256-GCM-SHA384 TLSv1.2 > > Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD > > -AES256-CCM8 TLSv1.2 > > Kx=RSA Au=RSA Enc=AESCCM8(256) Mac=AEAD > > -AES256-CCM TLSv1.2 > > Kx=RSA Au=RSA Enc=AESCCM(256) Mac=AEAD > > AES128-GCM-SHA256 TLSv1.2 > > Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD > > -AES128-CCM8 TLSv1.2 > > Kx=RSA Au=RSA Enc=AESCCM8(128) Mac=AEAD > > -AES128-CCM TLSv1.2 > > Kx=RSA Au=RSA Enc=AESCCM(128) Mac=AEAD > > AES256-SHA256 TLSv1.2 > > Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256 > > CAMELLIA256-SHA256 TLSv1.2 > > Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA256 > > AES128-SHA256 TLSv1.2 > > Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256 > > > > So mostly changes are causing by the disabled AES-CCM. > > > > Best, > > > > Erik > >