TLS standard version when OpenSSL version < 1.1.0

All other questions regarding DCMTK

Moderator: Moderator Team

Post Reply
Message
Author
indrajit
Posts: 3
Joined: Wed, 2004-12-22, 15:31
Location: Bangalore, India

TLS standard version when OpenSSL version < 1.1.0

#1 Post by indrajit »

Hello,

I have a couple of questions about the TLS standard version that dcmtk uses when the OpenSSL version being used while building dcmtk is lower than 1.1.0.

In dcmtls/libsrc/tlslayer.cc, the TLS context being created for OpenSSL versions lower than 1.1.0 uses SSLv23_* methods, which probably causes an application using dcmtk libraries to choose a lower version than TLS 1.2 to establish the secure connection.

My question is, if I want to write an application that uses OpenSSL version 1.0.2 and yet supports TLS version 1.2 based connections, then is there some way I can make dcmtk use the new TLS_* methods for initializing the context short of modifying the tlslayer.cc file and rebuilding dcmtk? Even if (as a last resort) I modify the tlslayer.cc check for the OpenSSL version while initialising the context so that it always uses the TLS_method/TLS_server_method/TLS_client_method, would there a negative side effect to it?

To give a background context to why I want to use an older LTS version of OpenSSL to build dcmtk: the reason is the OpenSSL FIPS module, which can only be used with the 1.0.2 version of OpenSSL. This means that I can either use the newer OpenSSL version and have the applications using dcmtk use TLS 1.2 without the FIPS module or have FIPS but not TLS v1.2.

I understand that the OpenSSL developers are working on a newer FIPS module for the OpenSSL 1.1.1 versions, but till it is released, I guess I would have to stick to OpenSSL 1.0.2.

Thanks,
Indrajit

Marco Eichelberg
OFFIS DICOM Team
OFFIS DICOM Team
Posts: 1437
Joined: Tue, 2004-11-02, 17:22
Location: Oldenburg, Germany
Contact:

Re: TLS standard version when OpenSSL version < 1.1.0

#2 Post by Marco Eichelberg »

Brief Answer: In the public git repository of the DCMTK project you can find a completely revised implementation of the TLS support that will be released in the upcoming DCMTK 3.6.4 release. Check how we have approached this topic there.

Long Answer: You cannot use the TLS_* methods with OpenSSL 1.0.2 because these are fixed to a single version of TLS (1.0 or 1.1) and provide no compatibility across TLS version.
If could use the TLS 1.0 methods, then a client trying to connect with TLS 1.1 or 1.2 will fail; if you use the TLS 1.1 method, then a client trying to connect with TLS 1.0 or 1.2 will fail, and so on.
Therefore, with OpenSSL 1.0.2 you have to use the SSLv23_* methods (which do offer compatibility across versions).
In order to prevent a fallback to SSLv3 or SSLv2, which are both considered insecure, you can use SSL_CTX_set_options() with SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3 to disable negotiation of these two protocols.

indrajit
Posts: 3
Joined: Wed, 2004-12-22, 15:31
Location: Bangalore, India

Re: TLS standard version when OpenSSL version < 1.1.0

#3 Post by indrajit »

Thanks for the explanation Marco.

Post Reply

Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 1 guest