How do I disable a particular cipher suite in open

2020-06-16 02:03发布

站内问答 / 前沿技术
1942 1 5

I want to secure my server from FREAK attack so I want to disable all the cipher suites that uses export grade RSA key from Openssl. Is there a way to disable a particular cipher suite in openssl? If yes, how do i do it?

标签: openssl
举报
1条回答
啃猪蹄的小仙女
2楼-- · 2020-06-16 02:50

Is there a way to disable a particular cipher suite in openssl? If yes, how do i do it?

To answer the direct question of disabling a particular cipher suite, do so by removing it from the cipher suite list passed to SSL_CTX_set_cipher_list or SSL_CTX_set_cipher_list:

int rc = SSL_CTX_set_cipher_list(ctx, "ALL:!NULL-MD5:!NULL-SHA");
assert(0 != rc);

You can do it on a SSL* with:

int rc = SSL_set_cipher_list(ssl, "ALL:!NULL-MD5:!NULL-SHA");
assert(0 != rc);

In the above, NULL-MD5 is SSL_RSA_WITH_NULL_MD5 and NULL-SHA is SSL_RSA_WITH_NULL_SHA. You can get the list of mappings from the openssl ciphers command.

You can also disable export ciphers with !EXP:

int rc = SSL_CTX_set_cipher_list(ctx, "ALL:!EXP");
assert(0 != rc);

And you can do it on a SSL* with:

int rc = SSL_set_cipher_list(ssl, "ALL:!EXP");
assert(0 != rc);

You can see what "ALL:!EXP" equates to with the OpenSSL command (note the single quote so the shell does not get a hold of the bang):

$ openssl ciphers 'ALL:!EXP'
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:
ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:
SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384...

You can count the number of cipher suites with:

$ openssl ciphers 'ALL:!EXP' | tr ':' ' ' | wc -w
     124

That tells you your ClientHello will use at least 248 bytes due to the 124 cipher suites. Ideally, you should advertise the 16 or so suites you really want.

You usually configure your cipher suites using "HIGH" only. It excludes "MEDIUM", "LOW" and "EXP". Here's how my call sometimes look:

int rc = SSL_CTX_set_cipher_list(ctx, "HIGH:!ADH:!MD5:!RC4:!SRP:!PSK:!DSS");
assert(0 != rc);

Be sure to exclude the anonymous gear (!ADH) because its included by default. !MD5 and !RC4 are used because they are weak/wounded. !SRP, !PSK, and !DSS are used to trim the list of ciphers further because they are not usually used.

You can also do the same with a SSL* and SSL_set_cipher_list.

If you call SSL_CTX_set_cipher_list and SSL_set_cipher_list on a server, the the cipher suite list will be trimmed further depending on the type of key in the certificate.

In the previous block, I said ... how my call sometimes look. Usually, I like to specify the 16 or so I want to use with:

string GetCipherSuites()
{
    static string ciphers = ""

#if defined(ALLOW_ECDSA)
    "ECDHE-ECDSA-AES256-GCM-SHA384:"
    "ECDHE-ECDSA-AES128-GCM-SHA256:"
#endif

    "ECDHE-RSA-AES256-GCM-SHA384:"
    "ECDHE-RSA-AES128-GCM-SHA256:"

#if defined(ALLOW_DSA)
    "DHE-DSS-AES256-GCM-SHA384:"
#endif

    "DHE-RSA-AES256-GCM-SHA384:"

#if defined(ALLOW_DSA)
    "DHE-DSS-AES128-GCM-SHA256:"
#endif

    "DHE-RSA-AES128-GCM-SHA256:"

#if defined(ALLOW_DSA)
    "DHE-DSS-AES256-SHA:"
#endif

    "DHE-RSA-AES256-SHA:"

#if defined(ALLOW_DSA)
    "DHE-DSS-AES128-SHA:"
#endif

    "DHE-RSA-AES128-SHA:"

#if defined(ALLOW_DSA)
    "EDH-DSS-DES-CBC3-SHA:"
#endif

    "EDH-RSA-DES-CBC3-SHA:"

#if defined(ALLOW_DSA)
    "DH-DSS-DES-CBC3-SHA:"
#endif

    "DH-RSA-DES-CBC3-SHA:";

    return ciphers;
}
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)