[Ach] Vote for new Cipherstring B [Was: Issue with OpenSSL >0.9.8l]

Aaron Zauner azet at azet.org
Thu May 15 20:03:25 CEST 2014 

Hi Adi,

Adi Kriegisch wrote:
> Hey!
> 
> First off, thanks for the effort!
> 
>> EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
> Something is strange with that cipher string; I still do not grasp the
> cipher selection on 0.9.8.
>   |  -> openssl version
>   | OpenSSL 0.9.8c 05 Sep 2006
>   |  -> openssl ciphers -v 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'
>   | ECDHE-RSA-AES256-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
>   | ECDHE-RSA-AES128-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
>   | ECDH-RSA-AES256-SHA     SSLv3 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
>   | ECDH-RSA-AES128-SHA     SSLv3 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
>   | DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
>   | AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
>   | DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
>   | AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
> 
With which tool were you testing this? There should be no ECDHE
nagotiation with 0.9.8 in the updated version of the cipherstring I sent
to the ML. I cannot reproduce this. As the guys from the openssl-dev
mailinglist told me explicitly not to use anything elliptic curve in
0.9.8 I have removed that from the cipherstring.

Simply using `openssl ciphers -v` does not really tell you the whole
story (at least for 0.9.8) as I found out. You really need to test this
on a daemon that is linked against that specific OpenSSL version or do a
negotiation test with s_server (my openssl-compare project does exactly
that: https://github.com/azet/openssl-compare/blob/master/lib/negotiate
- bug reports and improvements welcome).
There are various inconsistencies in how 0.9.8 handles cipherstrings
which were fixed in 1.0.0 and above.


Aaron

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140515/23a45b90/attachment.sig>

More information about the Ach mailing list