Menu
I want to secure my server from FREAK attack so I want to disable all the cipher suites that uses export grade RSA key from Openssl. Is there a way to disable a particular cipher suite in openssl? If yes, how do i do it?
427
Disable RC4/DES/3DES cipher suites in Windows using registry, GPO, or local security settings. You can do this using GPO or Local security policy under Computer configuration -> Administrative Templates -> Network -> SSL Configuration Settings -> SSL Cipher Suite Order.
Is there a way to disable a particular cipher suite in openssl? If yes, how do i do it?
To answer the direct question of disabling a particular cipher suite, do so by removing it from the cipher suite list passed to SSL_CTX_set_cipher_list or SSL_CTX_set_cipher_list:
int rc = SSL_CTX_set_cipher_list(ctx, "ALL:!NULL-MD5:!NULL-SHA");
assert(0 != rc);
You can do it on a SSL* with:
int rc = SSL_set_cipher_list(ssl, "ALL:!NULL-MD5:!NULL-SHA");
assert(0 != rc);
In the above, NULL-MD5 is SSL_RSA_WITH_NULL_MD5 and NULL-SHA is SSL_RSA_WITH_NULL_SHA. You can get the list of mappings from the openssl ciphers command.
You can also disable export ciphers with !EXP:
int rc = SSL_CTX_set_cipher_list(ctx, "ALL:!EXP");
assert(0 != rc);
And you can do it on a SSL* with:
int rc = SSL_set_cipher_list(ssl, "ALL:!EXP");
assert(0 != rc);
You can see what "ALL:!EXP" equates to with the OpenSSL command (note the single quote so the shell does not get a hold of the bang):
$ openssl ciphers 'ALL:!EXP'
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:
ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:
SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384...
You can count the number of cipher suites with:
$ openssl ciphers 'ALL:!EXP' | tr ':' ' ' | wc -w
124
That tells you your ClientHello will use at least 248 bytes due to the 124 cipher suites. Ideally, you should advertise the 16 or so suites you really want.
You usually configure your cipher suites using "HIGH" only. It excludes "MEDIUM", "LOW" and "EXP". Here's how my call sometimes look:
int rc = SSL_CTX_set_cipher_list(ctx, "HIGH:!ADH:!MD5:!RC4:!SRP:!PSK:!DSS");
assert(0 != rc);
Be sure to exclude the anonymous gear (!ADH) because its included by default. !MD5 and !RC4 are used because they are weak/wounded. !SRP, !PSK, and !DSS are used to trim the list of ciphers further because they are not usually used.
You can also do the same with a SSL* and SSL_set_cipher_list.
If you call SSL_CTX_set_cipher_list and SSL_set_cipher_list on a server, the the cipher suite list will be trimmed further depending on the type of key in the certificate.
In the previous block, I said ... how my call sometimes look. Usually, I like to specify the 16 or so I want to use with:
string GetCipherSuites()
{
static string ciphers = ""
#if defined(ALLOW_ECDSA)
"ECDHE-ECDSA-AES256-GCM-SHA384:"
"ECDHE-ECDSA-AES128-GCM-SHA256:"
#endif
"ECDHE-RSA-AES256-GCM-SHA384:"
"ECDHE-RSA-AES128-GCM-SHA256:"
#if defined(ALLOW_DSA)
"DHE-DSS-AES256-GCM-SHA384:"
#endif
"DHE-RSA-AES256-GCM-SHA384:"
#if defined(ALLOW_DSA)
"DHE-DSS-AES128-GCM-SHA256:"
#endif
"DHE-RSA-AES128-GCM-SHA256:"
#if defined(ALLOW_DSA)
"DHE-DSS-AES256-SHA:"
#endif
"DHE-RSA-AES256-SHA:"
#if defined(ALLOW_DSA)
"DHE-DSS-AES128-SHA:"
#endif
"DHE-RSA-AES128-SHA:"
#if defined(ALLOW_DSA)
"EDH-DSS-DES-CBC3-SHA:"
#endif
"EDH-RSA-DES-CBC3-SHA:"
#if defined(ALLOW_DSA)
"DH-DSS-DES-CBC3-SHA:"
#endif
"DH-RSA-DES-CBC3-SHA:";
return ciphers;
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
