Search code examples
sslopenssltls1.2tls-psk

OpenSSL TLS/DTLS PSK

I'm working on an application where Key Server (K) generates a symmetrical key and shares it with Server(A) and Client(B). A and B connects via UDP. I'm using Memory BIOs, and was trying to use Cipher "PSK-AES128-CBC-SHA".

I have few questions related to this:

  1. When we have a symmetrical key should we still call SSL_do_handshake ?
  2. When I set the Cipher with this call SSL_CTX_set_cipher_list(context, "PSK-AES128-CBC-SHA"); I get an error SSL routines:ssl_cipher_list_to_bytes:no ciphers available

I tried using TLSV1_2_server_method, TLSV1_2_server_method, DTLS_server_method, DTLS_client_method but every method failed with the above error.

Is there any example code available for TLS-PSK encryption ? I couldn't find any good tutorial or example online.

I was referring to this article while doing this, but instead i'm using Memory BIOs https://bitbucket.org/tiebingzhang/tls-psk-server-client-example/src/783092f802383421cfa1088b0e7b804b39d3cf7c/psk_server.c?at=default&fileviewer=file-view-default

Solution

  • I can't tell you why the cipher doesn't exist. I can only assume that it doesn't exist in the version of openssl that you have or it has to be added to openssl to begin with.

    Did you know that PSK support is build into tls1.3? If you use openssl 1.1.1 you can do PSK from the openssl command line.

    Server:

    # use a 48 byte PSK
$ PSK=63ef2024b1de6417f856fab7005d38f6df70b6c5e97c220060e2ea122c4fdd054555827ab229457c366b2dd4817ff38b 
$ openssl s_server -psk $PSK -cipher TLS13-AES-256-GCM-SHA384 -nocert -accept 2020

    Client:

    $ openssl s_client -psk $PSK -connect localhost:2020 
CONNECTED(00000003)
---
no peer certificate available
---
No client certificate CA names sent
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 195 bytes and written 475 bytes
Verification: OK
---
Reused, TLSv1.3, Cipher is TLS13-AES-256-GCM-SHA384
…

    So I would recommend that you look up the source code for openssl 1.1.1 s_server and s_client commands to see a example of how to use PSK in tls1.3.

    @xkcd

    For openssl 3.0 and above the above commands don't work because of this issue.

    Using openssl 3.1 I could not get it working with AES-256-GCM-SHA384, I think it's something to do with SHA384. Also in 3.0 and above you have to use the -ciphersuites option for v1.3 tls ciphers as -ciphers option is for up to 1.2 tls only now.

    What I did to get this working is:

    Server:

    # use a 48 byte PSK
$ PSK=63ef2024b1de6417f856fab7005d38f6df70b6c5e97c220060e2ea122c4fdd054555827ab229457c366b2dd4817ff38b 
$ openssl s_server -psk $PSK -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -nocert -accept 2020

    Client:

    $ openssl s_client -psk $PSK -connect localhost:2020 -ciphersuites TLS_CHACHA20_POLY1305_SHA256