OpenBSD manual page server

Manual Page Search Parameters

SSL_CTX_SET_SECURITY_LEVEL(3) Library Functions Manual SSL_CTX_SET_SECURITY_LEVEL(3)

SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_levelchange security level for TLS

#include <openssl/ssl.h>

void
SSL_CTX_set_security_level(SSL_CTX *ctx, int level);

void
SSL_set_security_level(SSL *s, int level);

int
SSL_CTX_get_security_level(const SSL_CTX *ctx);

int
SSL_get_security_level(const SSL *s);

A security level is a set of restrictions on algorithms, key lengths, protocol versions, and other features in TLS connections. These restrictions apply in addition to those that exist from individually selecting supported features, for example ciphers, curves, or algorithms.

The following table shows properties of the various security levels:

# sec   RSA ECC TLS MAC
0   0     0   0 1.0 MD5
1  80  1024 160 1.0 RC4
2 112  2048 224 1.0
3 128  3072 256 1.1 SHA1
4 192  7680 384 1.2
5 256 15360 512 1.2

The meaning of the columns is as follows:

#
The number of the level.
sec
The minimum security strength measured in bits, which is approximately the binary logarithm of the number of operations an attacker has to perform in order to break a cryptographic key. This minimum strength is enforced for all relevant parameters including cipher suite encryption algorithms, ECC curves, signature algorithms, DH parameter sizes, and certificate algorithms and key sizes. See SP800-57 below SEE ALSO for details on individual algorithms.
RSA
The minimum key length in bits for the RSA, DSA, and DH algorithms.
ECC
The minimum key length in bits for ECC algorithms.
TLS
The minimum TLS protocol version.
MAC
Cipher suites using the given MACs are allowed on this level and on lower levels, but not on higher levels.

Level 0 is only provided for backward compatibility and permits everything.

Level 3 and higher disable support for session tickets and only accept cipher suites that provide forward secrecy.

The functions () and () choose the security level for ctx or s, respectively. If not set, security level 1 is used.

SSL_CTX_new(3) initializes the security level of the new object to 1.

SSL_new(3) and SSL_set_SSL_CTX(3) copy the security level from the context to the SSL object.

SSL_dup(3) copies the security level from the old to the new object.

SSL_CTX_get_security_level() and SSL_get_security_level() return the security level configured in ctx or s, respectively.

EVP_PKEY_security_bits(3), RSA_security_bits(3), ssl(3), SSL_CTX_new(3), SSL_new(3)

Elaine Barker, Recommendation for Key Management, U.S. National Institute of Standards and Technology, NIST Special Publication 800-57 Part 1 Revision 5, https://doi.org/10.6028/NIST.SP.800-57pt1r5, Gaithersburg, MD, May 2020.

These functions first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 7.2.

Applications which do not check the return values of configuration functions will misbehave. For example, if an application does not check the return value after trying to set a certificate and the certificate is rejected because of the security level, the application may behave as if no certificate had been provided at all.

While some restrictions may be handled gracefully by negotiations between the client and the server, other restrictions may be fatal and abort the TLS handshake. For example, this can happen if the peer certificate contains a key that is too short or if the DH parameter size is too small.

July 13, 2022 OpenBSD-7.6