From mboxrd@z Thu Jan  1 00:00:00 1970
From: ummeegge <ummeegge@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] OpenSSL_update: Update to version 1.1.1a
Date: Fri, 18 Jan 2019 18:35:33 +0100
Message-ID: <cb66f01dba3a345b0f4e14621e9a793b8bc51447.camel@ipfire.org>
In-Reply-To: <a3044a33-1dff-be6a-621d-ebdbe4527900@link38.eu>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5777130032492368913=="
List-Id: <development.lists.ipfire.org>

--===============5777130032492368913==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit

Hi all,

Am Freitag, den 18.01.2019, 18:06 +0100 schrieb Peter Müller:
> Hello,
> 
> just for the records some explanations on this patch:
> (a) Chacha/Poly is faster on devices without built-in AES
> acceleration.
> Since it provides the same strength as AES, I usually prefer it
> except
> for _very_ high bandwidth requirements.
> (b) At the moment, there seems to be little support of AESCCM, so I
> disabled it for now in order to keep our ciphersuite zoo smaller. :-)
> If there is any need to enable it, I will update the patch
> accordingly.
the new OpenSSL has implemented support for five new TLSv1.3
ciphersuites. We have already three activated (which is the default)
and the other two are CCM mode ciphers --> 
https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites 
. Am currently not sure about a concrete use case for this but it
appears that e.g. 'TLS_AES_128_CCM_8_SHA256' have a shorter
authentication tag and in combination with a short plaintext the
ciphertext are less than 16 bytes.
--> https://datatracker.ietf.org/meeting/102/agenda/tls-drafts.pdf
which can be in rare use cases (?) nice.


> 
> I am happy this made its way into IPFire. :-)
Me too :-) .

> 
> Updated add-on versions for Postfix and Tor will come soon, at the
> moment, I am somewhat busy with libloc, Suricata and the ORANGE
> default
> firewall behaviour.
There are some more OpenSSL patches for 

elinks-0.12pre6-openssl11.patch
net-snmp-5.7.3-openssl.patch
openssh-7.8p1-openssl-1.1.0-1.patch
openssl-1.0.0-beta5-enginesdir.patch
openssl-1.0.2a-rpmbuild.patch
openssl-1.0.2a_disable_ssse3_for_amd.patch
openssl-1.0.2g-disable-sslv2v3.patch
ppp-2.4.7-openssl.patch

as far as i can see openssl-compat has been dropped ?


Best,

Erik

> 
> Thanks, and best regards,
> Peter Müller 
> 
> > 
> > Even i use the old patch i am a happy tester with 64 bit since one
> > month + :-).
> > 
> > The difference between old and new patch (from Peter) are not that
> > vast
> > and they looks like this:
> > 
> > --- OpenSSL-1.1.1a_old_patch	2019-01-13 18:15:33.316651666
> > +0100
> > +++ OpenSSL-1.1.1a-new_patch	2019-01-13 18:16:22.008650232
> > +0100
> > @@ -1,31 +1,23 @@
> > -TLS_AES_256_GCM_SHA384  TLSv1.3
> > Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
> >  TLS_CHACHA20_POLY1305_SHA256 TLSv1.3
> > Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
> > +TLS_AES_256_GCM_SHA384  TLSv1.3
> > Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
> >  TLS_AES_128_GCM_SHA256  TLSv1.3
> > Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
> > -ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AESGCM(256) Mac=AEAD
> >  ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=CHACHA20/POLY1305(256) Mac=AEAD
> > -ECDHE-ECDSA-AES256-CCM8 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AESCCM8(256) Mac=AEAD
> > -ECDHE-ECDSA-AES256-CCM  TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AESCCM(256) Mac=AEAD
> > +ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AESGCM(256) Mac=AEAD
> >  ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AESGCM(128) Mac=AEAD
> > -ECDHE-ECDSA-AES128-CCM8 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AESCCM8(128) Mac=AEAD
> > -ECDHE-ECDSA-AES128-CCM  TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AESCCM(128) Mac=AEAD
> >  ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AES(256)  Mac=SHA384
> >  ECDHE-ECDSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=Camellia(256) Mac=SHA384
> >  ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=AES(128)  Mac=SHA256
> >  ECDHE-ECDSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA
> > Enc=Camellia(128) Mac=SHA256
> > -ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2
> > Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
> >  ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2
> > Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
> > +ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2
> > Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
> >  ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
> > Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
> >  ECDHE-RSA-AES256-SHA384 TLSv1.2
> > Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
> >  ECDHE-RSA-CAMELLIA256-SHA384 TLSv1.2
> > Kx=ECDH     Au=RSA  Enc=Camellia(256) Mac=SHA384
> >  ECDHE-RSA-AES128-SHA256 TLSv1.2
> > Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
> >  ECDHE-RSA-CAMELLIA128-SHA256 TLSv1.2
> > Kx=ECDH     Au=RSA  Enc=Camellia(128) Mac=SHA256
> > -DHE-RSA-AES256-GCM-SHA384 TLSv1.2
> > Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
> >  DHE-RSA-CHACHA20-POLY1305 TLSv1.2
> > Kx=DH       Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
> > -DHE-RSA-AES256-CCM8     TLSv1.2
> > Kx=DH       Au=RSA  Enc=AESCCM8(256) Mac=AEAD
> > -DHE-RSA-AES256-CCM      TLSv1.2
> > Kx=DH       Au=RSA  Enc=AESCCM(256) Mac=AEAD
> > +DHE-RSA-AES256-GCM-SHA384 TLSv1.2
> > Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
> >  DHE-RSA-AES128-GCM-SHA256 TLSv1.2
> > Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
> > -DHE-RSA-AES128-CCM8     TLSv1.2
> > Kx=DH       Au=RSA  Enc=AESCCM8(128) Mac=AEAD
> > -DHE-RSA-AES128-CCM      TLSv1.2
> > Kx=DH       Au=RSA  Enc=AESCCM(128) Mac=AEAD
> >  DHE-RSA-AES256-SHA256   TLSv1.2
> > Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
> >  DHE-RSA-CAMELLIA256-SHA256 TLSv1.2
> > Kx=DH       Au=RSA  Enc=Camellia(256) Mac=SHA256
> >  DHE-RSA-AES128-SHA256   TLSv1.2
> > Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
> > @@ -37,14 +29,9 @@
> >  DHE-RSA-AES256-SHA      SSLv3
> > Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
> >  DHE-RSA-CAMELLIA256-SHA SSLv3
> > Kx=DH       Au=RSA  Enc=Camellia(256) Mac=SHA1
> >  DHE-RSA-AES128-SHA      SSLv3
> > Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
> > -DHE-RSA-SEED-SHA        SSLv3 Kx=DH       Au=RSA  Enc=SEED(128)
> > Mac=SHA1
> >  DHE-RSA-CAMELLIA128-SHA SSLv3
> > Kx=DH       Au=RSA  Enc=Camellia(128) Mac=SHA1
> >  AES256-GCM-SHA384       TLSv1.2
> > Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
> > -AES256-CCM8             TLSv1.2
> > Kx=RSA      Au=RSA  Enc=AESCCM8(256) Mac=AEAD
> > -AES256-CCM              TLSv1.2
> > Kx=RSA      Au=RSA  Enc=AESCCM(256) Mac=AEAD
> >  AES128-GCM-SHA256       TLSv1.2
> > Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD
> > -AES128-CCM8             TLSv1.2
> > Kx=RSA      Au=RSA  Enc=AESCCM8(128) Mac=AEAD
> > -AES128-CCM              TLSv1.2
> > Kx=RSA      Au=RSA  Enc=AESCCM(128) Mac=AEAD
> >  AES256-SHA256           TLSv1.2
> > Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
> >  CAMELLIA256-SHA256      TLSv1.2
> > Kx=RSA      Au=RSA  Enc=Camellia(256) Mac=SHA256
> >  AES128-SHA256           TLSv1.2
> > Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA256 
> > 
> > So mostly changes are causing by the disabled AES-CCM.
> > 
> > Best,
> > 
> > Erik
> 
> 


--===============5777130032492368913==--