Hello,
I have a couple of questions about the TLS standard version that dcmtk uses when the OpenSSL version being used while building dcmtk is lower than 1.1.0.
In dcmtls/libsrc/tlslayer.cc, the TLS context being created for OpenSSL versions lower than 1.1.0 uses SSLv23_* methods, which probably causes an application using dcmtk libraries to choose a lower version than TLS 1.2 to establish the secure connection.
My question is, if I want to write an application that uses OpenSSL version 1.0.2 and yet supports TLS version 1.2 based connections, then is there some way I can make dcmtk use the new TLS_* methods for initializing the context short of modifying the tlslayer.cc file and rebuilding dcmtk? Even if (as a last resort) I modify the tlslayer.cc check for the OpenSSL version while initialising the context so that it always uses the TLS_method/TLS_server_method/TLS_client_method, would there a negative side effect to it?
To give a background context to why I want to use an older LTS version of OpenSSL to build dcmtk: the reason is the OpenSSL FIPS module, which can only be used with the 1.0.2 version of OpenSSL. This means that I can either use the newer OpenSSL version and have the applications using dcmtk use TLS 1.2 without the FIPS module or have FIPS but not TLS v1.2.
I understand that the OpenSSL developers are working on a newer FIPS module for the OpenSSL 1.1.1 versions, but till it is released, I guess I would have to stick to OpenSSL 1.0.2.
Thanks,
Indrajit
TLS standard version when OpenSSL version < 1.1.0
Moderator: Moderator Team
-
- OFFIS DICOM Team
- Posts: 1515
- Joined: Tue, 2004-11-02, 17:22
- Location: Oldenburg, Germany
- Contact:
Re: TLS standard version when OpenSSL version < 1.1.0
Brief Answer: In the public git repository of the DCMTK project you can find a completely revised implementation of the TLS support that will be released in the upcoming DCMTK 3.6.4 release. Check how we have approached this topic there.
Long Answer: You cannot use the TLS_* methods with OpenSSL 1.0.2 because these are fixed to a single version of TLS (1.0 or 1.1) and provide no compatibility across TLS version.
If could use the TLS 1.0 methods, then a client trying to connect with TLS 1.1 or 1.2 will fail; if you use the TLS 1.1 method, then a client trying to connect with TLS 1.0 or 1.2 will fail, and so on.
Therefore, with OpenSSL 1.0.2 you have to use the SSLv23_* methods (which do offer compatibility across versions).
In order to prevent a fallback to SSLv3 or SSLv2, which are both considered insecure, you can use SSL_CTX_set_options() with SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3 to disable negotiation of these two protocols.
Long Answer: You cannot use the TLS_* methods with OpenSSL 1.0.2 because these are fixed to a single version of TLS (1.0 or 1.1) and provide no compatibility across TLS version.
If could use the TLS 1.0 methods, then a client trying to connect with TLS 1.1 or 1.2 will fail; if you use the TLS 1.1 method, then a client trying to connect with TLS 1.0 or 1.2 will fail, and so on.
Therefore, with OpenSSL 1.0.2 you have to use the SSLv23_* methods (which do offer compatibility across versions).
In order to prevent a fallback to SSLv3 or SSLv2, which are both considered insecure, you can use SSL_CTX_set_options() with SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3 to disable negotiation of these two protocols.
Re: TLS standard version when OpenSSL version < 1.1.0
Thanks for the explanation Marco.
Who is online
Users browsing this forum: Bing [Bot], Semrush [Bot] and 1 guest