TLS 1.3 cipher priority

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
jimdoe
OpenVPN User
Posts: 41
Joined: Fri Oct 13, 2017 10:22 pm

TLS 1.3 cipher priority

Post by jimdoe » Mon Sep 24, 2018 1:37 pm

I was just wondering if someone could tell me how TLS 1.3 affects tls cipher priority and negotiation on the control channel in openvpn 2.4.6?

I have an openVPN 2.4.6 server, compiled with OpenSSL 1.1.1, which includes full support for tls 1.3.

On one of my 2.4.6 clients (also using openssl 1.1.1), I changed the

Code: Select all

tls-version-min
option from 1.2 to 1.3.

In this client config, I already had it set to prioritise the ChaCha20-Poly1305 tls cipher with the option

Code: Select all

tls-cipher TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
in addition to tls-version-min

This was working fine. On the client, it would connect with

Code: Select all

TLSv1.2, cipher TLSv1.2 TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
However, since updating the client to

Code: Select all

tls-version-min 1.3
, it now connects using

Code: Select all

Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384
even though the tls-cipher is still set to use chacha20.

Does tls 1.3 negate the affects of including

Code: Select all

tls-cipher
option? How do I use ChaCha20-Poly1305 on tls 1.3?

jimdoe
OpenVPN User
Posts: 41
Joined: Fri Oct 13, 2017 10:22 pm

Re: TLS 1.3 cipher priority

Post by jimdoe » Tue Sep 25, 2018 8:27 am

Just an addition. I noticed on the openssl wiki that with tls 1.3, the way that ciphersuites are defined is different, and now no longer differentiates between the certificate type (ECDSA, RSA etc). This means that the way ciphesuites are presented is different now, especially the way in which it is written when adding it to the config. However, even after adding the new definition of ChaCha20-Poly1305 to the tls-cipher in the ovpn client config:

Code: Select all

tls-cipher TLS_CHACHA20_POLY1305_SHA256
I still can only make a TLS_AES_256_GCM_SHA384 connection when using tls 1.3.

From my limited understanding of the openssl wiki, does this mean openvpn itself needs an update to properly configure how it presents the supported ciphers and their priority when using 1.3? Perhaps I should file a bug? (Although I really have no idea if this is a bug or just a feature of tls 1.3)

User avatar
TinCanTech
Forum Team
Posts: 11003
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS 1.3 cipher priority

Post by TinCanTech » Tue Sep 25, 2018 10:52 am

I tested this and found the same.

Currently, OpenVPN does not officially support TLS 1.3, it is still a work in progress.
You are welcome to submit a bug report but I expect the developers are aware of the problem.

jimdoe
OpenVPN User
Posts: 41
Joined: Fri Oct 13, 2017 10:22 pm

Re: TLS 1.3 cipher priority

Post by jimdoe » Tue Sep 25, 2018 1:36 pm

TinCanTech wrote:
Tue Sep 25, 2018 10:52 am
You are welcome to submit a bug report but I expect the developers are aware of the problem.
I went ahead and submitted a bug ticket, just in case.
I didn't realise 2.4.6 didn't officially support 1.3. Hope it can be worked in to openvpn some time soon.

Post Reply