CHACHA20-POLY1305 Server Preference NOK with tlsv1.3

Maxim Dounin mdounin at mdounin.ru
Sun May 3 21:21:23 UTC 2020 

Hello!

On Sun, May 03, 2020 at 07:04:49PM +0200, Vincent Blondel wrote:

> Hello,
> 
> Trying to get CHACHA20-POLY1305 Server Preference ... Working with tlsv1.2
> but NOK with tlsv1.3
> 
> ** Tried with a Custom OpenSSL.conf ServerPreference,PrioritizeChaCha
> 
> OPENSSL_CONF=$HOME/conf/openssl.conf $HOME/bin/nginx.exe
> 
> [default_conf]
> ssl_conf = ssl_sect
> [ssl_sect]
> system_default = system_default_sect
> [system_default_sect]
> Ciphersuites =
> TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384
> Options = ServerPreference,PrioritizeChaCha
> 
> ** Tried by patching src/event/ngx_event_openssl.c
> 
> -        SSL_CTX_set_options(ssl->ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
> +        SSL_CTX_set_options(ssl->ctx, SSL_OP_CIPHER_SERVER_PREFERENCE |
> SSL_OP_PRIORITIZE_CHACHA);
> 
> ** Tried by patching src/event/ngx_event_openssl.c

There is no need to patch anything as long as you have Options set 
in openssl.conf.

> nginx -s reload
> nginx: [emerg]
> SSL_CTX_set_cipher_list("TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_CCM_SHA256")
> failed (SSL: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher
> match)
> 
> ssl_prefer_server_ciphers on;
> ssl_protocols TLSv1.3;
> ssl_ciphers
> TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_CCM_SHA256;
> 
> my config is working like a charm with tlsv1.2 but i cannot get CHACHA20
> prioritized with tlsv1.3 ... hence my question ...how to do with nginx
> version: nginx/1.18.0 ?

The problem is that OpenSSL's SSL_CTX_set_cipher_list() does not 
recognize any ciphers in the cipher list you've provided in the 
ssl_ciphers directive, hence the error.  You have to provide at 
least one valid cipher.

Note that OpenSSL's SSL_CTX_set_cipher_list() does not recognize 
any TLSv1.3 ciphers (and instead enables them by default), hence 
you have to use at least one TLSv1.2 cipher listed.

-- 
Maxim Dounin
http://mdounin.ru/

More information about the nginx mailing list