SSL_CTX_set_security_level.pod 7.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189
  1. =pod
  2. =head1 NAME
  3. SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework
  4. =head1 SYNOPSIS
  5. #include <openssl/ssl.h>
  6. void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
  7. void SSL_set_security_level(SSL *s, int level);
  8. int SSL_CTX_get_security_level(const SSL_CTX *ctx);
  9. int SSL_get_security_level(const SSL *s);
  10. void SSL_CTX_set_security_callback(SSL_CTX *ctx,
  11. int (*cb)(SSL *s, SSL_CTX *ctx, int op,
  12. int bits, int nid,
  13. void *other, void *ex));
  14. void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
  15. int bits, int nid,
  16. void *other, void *ex));
  17. int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
  18. int bits, int nid, void *other,
  19. void *ex);
  20. int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
  21. int bits, int nid, void *other,
  22. void *ex);
  23. void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
  24. void SSL_set0_security_ex_data(SSL *s, void *ex);
  25. void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
  26. void *SSL_get0_security_ex_data(const SSL *s);
  27. =head1 DESCRIPTION
  28. The functions SSL_CTX_set_security_level() and SSL_set_security_level() set
  29. the security level to B<level>. If not set the library default security level
  30. is used.
  31. The functions SSL_CTX_get_security_level() and SSL_get_security_level()
  32. retrieve the current security level.
  33. SSL_CTX_set_security_callback(), SSL_set_security_callback(),
  34. SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set
  35. the security callback associated with B<ctx> or B<s>. If not set a default
  36. security callback is used. The meaning of the parameters and the behaviour
  37. of the default callbacks is described below.
  38. SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(),
  39. SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the
  40. extra data pointer passed to the B<ex> parameter of the callback. This
  41. value is passed to the callback verbatim and can be set to any convenient
  42. application specific value.
  43. =head1 DEFAULT CALLBACK BEHAVIOUR
  44. If an application doesn't set its own security callback the default
  45. callback is used. It is intended to provide sane defaults. The meaning
  46. of each level is described below.
  47. =over 4
  48. =item B<Level 0>
  49. Everything is permitted. This retains compatibility with previous versions of
  50. OpenSSL.
  51. =item B<Level 1>
  52. The security level corresponds to a minimum of 80 bits of security. Any
  53. parameters offering below 80 bits of security are excluded. As a result RSA,
  54. DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits
  55. are prohibited. Any cipher suite using MD5 for the MAC is also prohibited. Any
  56. cipher suites using CCM with a 64 bit authentication tag are prohibited. Note
  57. that signatures using SHA1 and MD5 are also forbidden at this level as they
  58. have less than 80 security bits. Additionally, SSLv3, TLS 1.0, TLS 1.1 and
  59. DTLS 1.0 are all disabled at this level.
  60. =item B<Level 2>
  61. Security level set to 112 bits of security. As a result RSA, DSA and DH keys
  62. shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited.
  63. In addition to the level 1 exclusions any cipher suite using RC4 is also
  64. prohibited. Compression is disabled.
  65. =item B<Level 3>
  66. Security level set to 128 bits of security. As a result RSA, DSA and DH keys
  67. shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited.
  68. In addition to the level 2 exclusions cipher suites not offering forward
  69. secrecy are prohibited. Session tickets are disabled.
  70. =item B<Level 4>
  71. Security level set to 192 bits of security. As a result RSA, DSA and
  72. DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are
  73. prohibited. Cipher suites using SHA1 for the MAC are prohibited.
  74. =item B<Level 5>
  75. Security level set to 256 bits of security. As a result RSA, DSA and DH keys
  76. shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.
  77. =back
  78. =head1 APPLICATION DEFINED SECURITY CALLBACKS
  79. I<Documentation to be provided.>
  80. =head1 NOTES
  81. The default security level can be configured when OpenSSL is compiled by
  82. setting B<-DOPENSSL_TLS_SECURITY_LEVEL=level>. If not set then 2 is used.
  83. The security framework disables or reject parameters inconsistent with the
  84. set security level. In the past this was difficult as applications had to set
  85. a number of distinct parameters (supported ciphers, supported curves supported
  86. signature algorithms) to achieve this end and some cases (DH parameter size
  87. for example) could not be checked at all.
  88. By setting an appropriate security level much of this complexity can be
  89. avoided.
  90. The bits of security limits affect all relevant parameters including
  91. cipher suite encryption algorithms, supported ECC curves, supported
  92. signature algorithms, DH parameter sizes, certificate key sizes and
  93. signature algorithms. This limit applies no matter what other custom
  94. settings an application has set: so if the cipher suite is set to B<ALL>
  95. then only cipher suites consistent with the security level are permissible.
  96. See SP800-57 for how the security limits are related to individual
  97. algorithms.
  98. Some security levels require large key sizes for non-ECC public key
  99. algorithms which can severely degrade performance. For example 256 bits
  100. of security requires the use of RSA keys of at least 15360 bits in size.
  101. Some restrictions can be gracefully handled: for example cipher suites
  102. offering insufficient security are not sent by the client and will not
  103. be selected by the server. Other restrictions such as the peer certificate
  104. key size or the DH parameter size will abort the handshake with a fatal
  105. alert.
  106. Attempts to set certificates or parameters with insufficient security are
  107. also blocked. For example trying to set a certificate using a 512 bit RSA key
  108. or a certificate with a signature with SHA1 digest at level 1 using
  109. SSL_CTX_use_certificate(). Applications which do not check the return values
  110. for errors will misbehave: for example it might appear that a certificate is
  111. not set at all because it had been rejected.
  112. =head1 RETURN VALUES
  113. SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.
  114. SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that
  115. represents the security level with B<SSL_CTX> or B<SSL>, respectively.
  116. SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return
  117. values.
  118. SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer
  119. to the security callback or NULL if the callback is not set.
  120. SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra
  121. data pointer or NULL if the ex data is not set.
  122. =head1 SEE ALSO
  123. L<ssl(7)>
  124. =head1 HISTORY
  125. These functions were added in OpenSSL 1.1.0.
  126. =head1 COPYRIGHT
  127. Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
  128. Licensed under the Apache License 2.0 (the "License"). You may not use
  129. this file except in compliance with the License. You can obtain a copy
  130. in the file LICENSE in the source distribution or at
  131. L<https://www.openssl.org/source/license.html>.
  132. =cut