openssl 1.0.2,如何强制服务器仅选择一组密码
[英]openssl 1.0.2, how to force server to choose only set of ciphers
问题描述
I have client server which uses opensl 1.0.2j, and want to force the server to use only the following ciphers. 
我有使用opensl 1.0.2j的客户端服务器,并且想强制服务器仅使用以下密码。
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDH-RSA-AES128-GCM-SHA256
ECDH-RSA-AES128-SHA256
ECDH-ECDSA-AES128-GCM-SHA256
ECDH-ECDSA-AES128-SHA256
DHE-DSS-AES256-GCM-SHA384
DHE-DSS-AES256-SHA256
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256
DHE-DSS-AES128-GCM-SHA256
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-DSS-AES128-SHA256
My server side code will look like below. 我的服务器端代码如下所示。
method = SSLv23_server_method();
ctx = SSL_CTX_new(method);
SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDH-RSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-SHA256:DHE-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256");
SSL_CTX_set_ecdh_auto(ctx, 1);
SSL_CTX_use_certificate_file(ctx, certFilePath, SSL_FILETYPE_PEM);
SSL_CTX_use_PrivateKey_file(ctx, privKeyPath, SSL_FILETYPE_PEM)
SSL_accept()
The last step ssl_accept fails with 最后一步ssl_accept失败,
here'error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher'
I have error checking for each ssl calls in the above code and for clarity purpose not put all the code. 我在上面的代码中对每个ssl调用进行了错误检查,为清楚起见,没有放置所有代码。 If I use "TLSv1.2:!ADH:!NULL" for SSL_CTX_set_cipher_list() it works fine. 如果我对SSL_CTX_set_cipher_list()使用“ TLSv1.2:!ADH:!NULL”,它可以正常工作。
Edit: The key generated is RSA:4096. 编辑:生成的密钥是RSA:4096。 Do I need to generate keys differently for ECDH/ECDHE/DHE? 我需要为ECDH / ECDHE / DHE生成不同的密钥吗?
Could you please help me to find why it fails and how can I resolve it? 您能否帮助我找到失败的原因以及如何解决?
Let me know if you need more information. 如果您需要更多信息,请与我们联系。
Thanks, Naga 谢谢,娜迦
1 个解决方案
解决方案1
2 已采纳 2018-10-23 16:30:07
Based on this code you don't set any DH parameter so any of these DHE-* certificates will not work. 根据此代码,您没有设置任何DH参数,因此这些DHE-*证书中的任何证书都不起作用。 Also, no static parameter for ECDH (not ECDHE) are set so no ECDH-* ciphers will be used either. 另外,没有设置ECDH(不是ECDHE)的静态参数,因此也不会使用ECDH-*密码。 This leaves only: 这仅留下:
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
But from these 4 ciphers only two can be used since either you have a RSA certificate (first two ciphers) or an ECC certificate (last two ciphers). 但是从这4个密码中只能使用两个,因为您拥有RSA证书(前两个密码)或ECC证书(后两个密码)。 Most likely it is an RSA certificate which leaves: 最有可能是RSA证书,它留下了:
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
Since you get no shared cipher it is likely that your unknown client does not support any of these two ciphers. 由于no shared cipher ,您的未知客户端很可能不支持这两种密码。
If I use "TLSv1.2:!ADH:!NULL" for SSL_CTX_set_cipher_list() it works fine.
With OpenSSL 1.0.2 in a common configuration I see that this set also includes the following ciphers (skipping all DH, ECDH-... as before): 在通用配置中使用OpenSSL 1.0.2时,我看到该集合还包含以下密码(像以前一样跳过所有DH,ECDH -...):
AES256-GCM-SHA384
AES256-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
AES128-GCM-SHA256
AES128-SHA256
So it is likely that your unknown client use any of these ciphers to connect successfully. 因此,您的未知客户端很可能使用这些密码中的任何一个来成功连接。 For more on this you need to look at the specific client and maybe its configuration. 有关更多信息,您需要查看特定的客户端及其配置。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.