EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Forward Secrecy

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#30163
Posted: 07/28/2014 05:33:42
by Ken Ivanov (EldoS Corp.)

Hi Birger,

Sorry for making you wait.

It appears that the discussed configuration makes the server incorrectly pick a DH-driven cipher suite even though it does not have a DH certificate. This leads to further errors during SSL key material negotiation and to fatal handshake failure in the end. We have fixed the problem; the fix is undertaking its QA assessment at the moment, and will be included to the future SecureBlackbox update.

In the mean time, please switch off DH- and ECDH-driven cipher suites (SB_SUITE_DH_..., SB_SUITE_ECDH_...) on the server manually to overcome the problem. This won't affect the functionality of the server at all, as those suites can only be used if your server has DH or ECDH certificate installed.

It is also a good idea to switch off SRP and PSK suites if you do not plan to use them explicitly.

Thank you for reporting the problem. We are sorry for the inconvenience it might have caused you.

Ken
#31307
Posted: 11/05/2014 03:15:10
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

Hi Ken,
Quote
We have fixed the problem; the fix is undertaking its QA assessment at the moment, and will be included to the future SecureBlackbox update.


Is this already included in the latest SecureBlackbox update as I still have these problems.
#31308
Posted: 11/05/2014 03:32:58
by Ken Ivanov (EldoS Corp.)

Hi Birger,

Yes, the most recent SecureBlackbox version (12.0.262) does include the fix. Is that the latest build that doesn't work for you?
#31310
Posted: 11/05/2014 03:45:01
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

Yes, I am using 12.0.262

I'm not sure what is happening now, but I think it is related to this issue:

If I enable the (EC)DHE ciphers and give them a high prioriy (5) a connection is established from the client. So this seems to work now.

This is without requiring a client certificate. But if I require a client certificate (SSLClientAuthentication = True and a CertificateValidate function that Always sets Validate := True) the connection fails on the server with error 75778 ERROR_SSL_BAD_RECORD_MAC.

This is the Call Stack (on the server) leading to DoSSLError:
Code
SBHTTPSServer.TElHTTPSServer.DoSSLError($4733FF0,75778,True,False)
SBSSLServer.TElSSLServer.DoError(75778,True,False)
SBSSLServer.TElSSLServer.TLS1ParseOnRecordLayer($4738528,40,0,0)
SBSSLServer.TElSSLServer.TLS1AnalyzeBuffer
SBSSLServer.TElSSLServer.AnalyzeBuffer
SBSSLServer.TElSSLServer.DataAvailable
SBHTTPSServer.TElHTTPSServer.DataAvailable
[...].Execute
:004c6919 ThreadProc + $45
:0040a6ba ThreadWrapper + $2A
:7597f13c kernel32.BaseThreadInitThunk + 0xe
:77bcd819 ntdll.RtlCreateUserProcess + 0x8c
:77bcda2b ntdll.RtlCreateProcessParameters + 0x4e
#31311
Posted: 11/05/2014 03:52:52
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

The different result seems to be caused by the result of DecRes := TLS1Decrypt(...) on line 5670.

When a client certificate is NOT used this results in DecRes = True
When a client certificate is used this results in DecRes = False

and this leads to the exception on line 5774.
#31319
Posted: 11/05/2014 05:43:11
by Ken Ivanov (EldoS Corp.)

Hmm, that sounds weird. Could you please let us know the value of the CipherSuite property when the exception happens?
#31347
Posted: 11/05/2014 09:49:48
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

That is TLS1.2 with CipherSuite 146: SB_SUITE_ECDHE_RSA_AES256_GCM_SHA384

I disabled that one and then get the same error with (in order of disabling):
145: SB_SUITE_ECDHE_RSA_AES128_GCM_SHA256 (error 75778, local)
137: SB_SUITE_ECDHE_RSA_AES128_SHA256 (error 75778, local)
138: SB_SUITE_ECDHE_RSA_AES256_SHA384 (error 75778, local)
124: SB_SUITE_DHE_RSA_AES256_GCM_SHA384 (error 75797, remote) <-- another error?!
163: SB_SUITE_RSA_PSK_AES128_SHA256 (error 75782, remote) <-- another error?!

and here I stopped since now the problem seems to be remote (on the client)

At least the 75778 errors are all with ECDHE ciphers, which makes me think the error is related to the one that started this topic?
#31364
Posted: 11/06/2014 08:42:12
by Ken Ivanov (EldoS Corp.)

Birger,

What software do you use as a TLS client? We tried to reproduce the problem with a number of client-side applications but all of them worked fine, even with the cipher suites you've mentioned.
#31389
Posted: 11/10/2014 08:50:19
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

The client is based om TElHTTPSClient.
#31396
Posted: 11/12/2014 04:24:38
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

The client was running on an older SB version. I have rebuild the client with the most recent SB version and now the problem is gone.
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 2205 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!