[Ach] Issue with OpenSSL >0.9.8l <1.0.0

Aaron Zauner azet at azet.org
Fri Apr 25 16:37:57 CEST 2014


There is still the option for

AES128 with DHE and RSA missing, but yes that would work, should we
expand accordingly?

Aaron

Torsten Gigler wrote:
> Hi,
> 
> Have you tried to add ':DHE-RSA-AES256-SHA' in the Cipher String?
> Here my suggestion:
> 
> openssl ciphers -V
> EDH+aRSA+AESGCM:EDH+aRSA+AES256:DHE-RSA-AES256-SHA:EDH+aRSA+CAMELLIA256:DHE-RSA-AES128-SHA256:EDH+aRSA+CAMELLIA:EECDH+aRSA+AESGCM:EECDH+aRSA+AES:RSA+AESGCM:AES256-SHA:CAMELLIA256-SHA:RSA+AES+SHA:RSA+CAMELLIA+SHA
>           0x00,0x9F - DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH      
> Au=RSA  Enc=AESGCM(256) Mac=AEAD
>           0x00,0x9E - DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH      
> Au=RSA  Enc=AESGCM(128) Mac=AEAD
>           0x00,0x6B - DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH      
> Au=RSA  Enc=AES(256)  Mac=SHA256
>           0x00,0x39 - DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA 
> Enc=AES(256)  Mac=SHA1
>           0x00,0x88 - DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH       Au=RSA 
> Enc=Camellia(256) Mac=SHA1
>           0x00,0x67 - DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH      
> Au=RSA  Enc=AES(128)  Mac=SHA256
>           0x00,0x45 - DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH       Au=RSA 
> Enc=Camellia(128) Mac=SHA1
>           0xC0,0x30 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH    
> Au=RSA  Enc=AESGCM(256) Mac=AEAD
>           0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH    
> Au=RSA  Enc=AESGCM(128) Mac=AEAD
>           0xC0,0x28 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH    
> Au=RSA  Enc=AES(256)  Mac=SHA384
>           0xC0,0x14 - ECDHE-RSA-AES256-SHA    SSLv3 Kx=ECDH     Au=RSA 
> Enc=AES(256)  Mac=SHA1
>           0xC0,0x27 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH    
> Au=RSA  Enc=AES(128)  Mac=SHA256
>           0xC0,0x13 - ECDHE-RSA-AES128-SHA    SSLv3 Kx=ECDH     Au=RSA 
> Enc=AES(128)  Mac=SHA1
>           0x00,0x9D - AES256-GCM-SHA384       TLSv1.2 Kx=RSA     
> Au=RSA  Enc=AESGCM(256) Mac=AEAD
>           0x00,0x9C - AES128-GCM-SHA256       TLSv1.2 Kx=RSA     
> Au=RSA  Enc=AESGCM(128) Mac=AEAD
>           0x00,0x35 - AES256-SHA              SSLv3 Kx=RSA      Au=RSA 
> Enc=AES(256)  Mac=SHA1
>           0x00,0x84 - CAMELLIA256-SHA         SSLv3 Kx=RSA      Au=RSA 
> Enc=Camellia(256) Mac=SHA1
>           0x00,0x2F - AES128-SHA              SSLv3 Kx=RSA      Au=RSA 
> Enc=AES(128)  Mac=SHA1
>           0x00,0x41 - CAMELLIA128-SHA         SSLv3 Kx=RSA      Au=RSA 
> Enc=Camellia(128) Mac=SHA1
> 
> Remarks:
> - I changed the order of the ciphers (= Priority of the ciphers a server
> chooses, if 'Server Order' is set),
> - excluded '0x00,0x33 - DHE-RSA-AES128-SHA' to protect aginst a possible
> incompatibility for JAVA6+7 & DH-Keys >1024bits
> - added '0x00,0x9D - AES256-GCM-SHA384' and '0x00,0x9C -
> AES128-GCM-SHA256' (is there any reason why they weren't included before?)
> 
> Do you get the following Ciphers with OpenSSL 0.9.8?
> openssl ciphers -v
> EDH+aRSA+AESGCM:EDH+aRSA+AES256:DHE-RSA-AES256-SHA:EDH+aRSA+CAMELLIA256:DHE-RSA-AES128-SHA256:EDH+aRSA+CAMELLIA:EECDH+aRSA+AESGCM:EECDH+aRSA+AES:RSA+AESGCM:AES256-SHA:CAMELLIA256-SHA:RSA+AES+SHA:RSA+CAMELLIA+SHA
> DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
> AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
> AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
> 
> Kind regards
> Torsten
> 
> 2014-04-25 11:15 GMT+02:00 Pepi Zawodsky <pepi.zawodsky at maclemon.at
> <mailto:pepi.zawodsky at maclemon.at>>:
> 
> 
>     On 25.04.2014, at 04:53, Aaron Zauner <azet at azet.org
>     <mailto:azet at azet.org>> wrote:
>     > as well as older versions of Mac OS X.
> 
>     ALL versions of OS X up to and including the current Mavericks are
>     affected by this.
>     $ /usr/bin/openssl version
>     OpenSSL 0.9.8y 5 Feb 2013
> 
>     Expanding Ciphersuite B results in:
> 
>     $ /usr/bin/openssl ciphers
>     'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'
> 
>     AES256-SHA:AES128-SHA
> 
>     Unexpectedly, DHE ciphers are missing.
> 
> 
>     $ /opt/local/bin/openssl version
>     OpenSSL 1.0.1g 7 Apr 2014
> 
>     $ /opt/local/bin/openssl ciphers
>     'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'
> 
>     DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
> 
>     Best regards
>     Pepi
> 
>     _______________________________________________
>     Ach mailing list
>     Ach at lists.cert.at <mailto:Ach at lists.cert.at>
>     http://lists.cert.at/cgi-bin/mailman/listinfo/ach
> 
> 
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140425/f19e662b/attachment.sig>


More information about the Ach mailing list