HOW TO handle "Cipher not supported in this libcrypto version" for :des_ecb

CharlesO · December 10, 2023, 1:58pm

Please how can we replace :des_ecb, the list of supported ciphers no longer includes :des_ecb

 :crypto.supports(:ciphers) |> Enum.sort

[:aes_128_cbc, :aes_128_ccm, :aes_128_cfb128, :aes_128_cfb8, :aes_128_ctr, :aes_128_ecb, :aes_128_gcm, :aes_128_ofb, :aes_192_cbc, :aes_192_ccm, :aes_192_cfb128, :aes_192_cfb8, :aes_192_ctr, :aes_192_ecb, :aes_192_gcm, :aes_192_ofb, :aes_256_cbc, :aes_256_ccm, :aes_256_cfb128, :aes_256_cfb8, :aes_256_ctr, :aes_256_ecb, :aes_256_gcm, :aes_256_ofb, :aes_cbc, :aes_ccm, :aes_cfb128, :aes_cfb8, :aes_ctr, :aes_ecb, :aes_gcm, :chacha20, :chacha20_poly1305, :des_ede3_cbc, :des_ede3_cfb]

 :crypto.crypto_one_time(:des_ecb, <<22, 196, 241, 251, 94, 110, 73, 185>>, <<173, 40, 36, 224, 82, 88, 223, 183>>, true)

** (ErlangError) Erlang error: {:notsup, {~c"api_ng.c", 284}, ~c"Cipher not supported in this libcrypto version"}:

  * 1st argument: Cipher not supported in this libcrypto version

    (crypto 5.3) crypto.erl:965: :crypto.crypto_one_time(:des_ecb, <<22, 196, 241, 251, 94, 110, 73, 185>>, <<173, 40, 36, 224, 82, 88, 223, 183>>, true)
    iex:3: (file)

I had ported this erlang library to Elixir, it was working before updating to OTP26

github.com

gotthardp/erlang-ntlm/blob/9e78be32dd627d350f7ff0c52693c46b4e25fb02/src/ntlm_auth.erl#L199


      
                  0 -> Msg;
                  N -> Msg ++ lists:duplicate(Bytes-N, 0)
              end;
          padded(Bytes, Msg) when is_binary(Msg) ->
              case bit_size(Msg) rem (8*Bytes) of
                  0 -> Msg;
                  N -> <<Msg/bitstring, 0:(8*Bytes-N)>>
              end.
          
          % Encryption of an 8-byte data item D with the 7-byte key K using the DES-ECB.
          des(K, D) ->
              % Erlang/OpenSSL expects a key of 8 bytes with odd parity.
              % The least significant bit in each byte is the parity bit.
              crypto:block_encrypt(des_ecb, expand_des_key(K), D).
          
          % Convert a 7-byte key to an 8-byte key with odd parity.
          expand_des_key(<<B:7, R/bitstring>>) ->
              <<(check_parity(B bsl 1)), (expand_des_key(R))/bitstring>>;
          expand_des_key(<<>>) ->
              <<>>.

al2o3cr · December 10, 2023, 5:04pm

You’ll likely need to adjust how OpenSSL is compiled on your system; des_cbc is in the “legacy” provider, and Erlang started tolerating that provider’s absence in OTP25.1:

CharlesO · December 10, 2023, 5:12pm

it would seem Windows Server 2019 has this version presently

λ openssl version
OpenSSL 3.1.1 30 May 2023 (Library: OpenSSL 3.1.1 30 May 2023)

CharlesO · December 12, 2023, 3:26am

are you suggesting we can set a flag to allow “legacy” providers?

al2o3cr · December 12, 2023, 3:57am

Not quite - I linked to the Erlang source where it’s trying to load the legacy provider, but will ignore a failure to load. des_ecb not working tells me that provider isn’t being loaded.

The documentation suggests that, depending on how OpenSSL was compiled, you might be able to set an environment variable to allow that provider to load. On the other hand, those functions might not be compiled into the OpenSSL library at all if that option was selected at compile-time.

Another alternative would be to manually implement the needed DES functions. The usual advice of “don’t roll your own crypto” applies less here, since NTLMv1 has been deprecated for a decade+…

D4no0 · December 12, 2023, 4:23am

Maybe downgrading to openssl 1.1 might help.

CharlesO · December 12, 2023, 10:13am

Im on a windows server, I dont know if reconfiguring openSSL would be advisable

CharlesO · December 13, 2023, 4:14pm

A lot of companies still use web services that require NTLMv1
IT would be good for us to have a way to keep supporting those clients , even if we upgrade to OPT26 and beyond

D4no0 · December 13, 2023, 4:28pm

Disagree, deprecation encouragement is the only way to motivate those companies to move to new secure standards.

CharlesO · December 14, 2023, 4:05am

I’ll simply roll them back to OTP25