ssl-opt.sh fail with openssl 1.1.1f

[yuhaoth]

Summary

Build and test in ubuntu20.04 , ssl-opt.sh reports fail with development branch.

System information

Mbed TLS version (number or commit id): cee21d
Operating system and version: Ubuntu 20.04

Expected behavior

ssl-opt.sh PASSED.

Actual behavior

ssl-opt.sh reports below fail

keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK ................ SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-322.log
keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK ............ SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-323.log
keyUsage cli: KeyEncipherment, RSA: OK ................................. SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-324.log
keyUsage cli: KeyEncipherment, DHE-RSA: fail ........................... SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-325.log
keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft ..................... SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-326.log
keyUsage cli: DigitalSignature, DHE-RSA: OK ............................ SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-327.log
keyUsage cli: DigitalSignature, RSA: fail .............................. SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-328.log
keyUsage cli: DigitalSignature, RSA: fail, soft ........................ SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-329.log
keyUsage cli-auth: RSA, DigitalSignature: OK ........................... FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-330.log
keyUsage cli-auth: RSA, KeyEncipherment: fail (soft) ................... FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-331.log
keyUsage cli-auth: RSA, KeyEncipherment: fail (hard) ................... FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-332.log

o-srv-3*.log report below error

SSL routines:SSL_CTX_use_certificate:ca md too weak:../ssl/ssl_rsa.c:310:

Steps to reproduce

# OS=Ubuntu20.04
make
./tests/ssl-opt.sh

Additional information

[gilles-peskine-arm]

The SSL test scripts assume that openssl and gnutls have certain features and don't work with versions that are too recent, too old, or built with certain features disabled. Our CI script (all.sh) are set up to use three different versions of each of openssl and gnutls depending on what is being tested. See https://developer.trustedfirmware.org/w/mbed-tls/testing/ci/#tooling-for-all-sh

[mpg]

Thanks for your report! As Gilles said, currently this script is not meant to work our of the box with arbitrary versions of OpenSSL, so the behaviour you're reporting is not entirely unexpected.

However, of course it's desirable to be able to use it with the latest version. If you want to investigate the reason for this failure and raise a PR improving the script so that it can be used with OpenSSL 1.1.1, that would be welcome!

[yuhaoth]

I regenerate tests/data_files/dhparams.pem with openssl dhparam -out dhparams.pem 2048 . It can pass test both versions( openssl1.1.1 and openssl1.1.1f )

Can I fix it with above command ? I am not sure if it is right way.

[gilles-peskine-arm]

With a recent development branch with #4429 merged, dhparams.pem shouldn't be a problem: it isn't used with recent openssl versions anymore. However it looks like we need to update some certificates.

$ tests/ssl-opt.sh -f 'keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK'
keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK ................ SERVER START TIMEOUT
./tests/ssl-opt.sh: 828: kill: No such process

FAIL
  ! server or client failed to reach handshake stage
  ! outputs saved to o-XXX-1.log
$ cat tests/o-srv-1.log 
# keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK
openssl s_server -www -cert data_files/server5.crt -key data_files/server5.key -accept 17469 -key data_files/server2.key              -cert data_files/server2.ku-ds_ke.crt
Using default temp DH parameters
error setting certificate
140304611403072:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: DH PARAMETERS
140304611403072:error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak:../ssl/ssl_rsa.c:310:
SERVER START TIMEOUT

Some of our test certificates are still using SHA-1, for example server2.ku-ds_ke.crt. I think that's the problem.

[yuhaoth]

Should we add generate command into tests/data_files/Makefile ? dhparams.pem is not in the file

[gilles-peskine-arm]

Yes, eventually. We register all the new files in tests/data_files/Makefile, but dhparams.pem is an old file from before that makefile existed. It's a pretty low-priority backlog item right now, we don't even have an issue for it.