Re: H2 compatible ciphers (was: svn commit: r1708593)

Yann Ylavic Fri, 16 Oct 2015 06:42:04 -0700

On Fri, Oct 16, 2015 at 2:33 PM, Yann Ylavic <[email protected]> wrote:
> On Fri, Oct 16, 2015 at 1:38 PM, Yann Ylavic <[email protected]> wrote:
>>
>> Actually I tried some brute bash script (attached) to show what
>> remains compared to "openssl ciphers ALL", and the result is:
>>
>> * libressl/install/2.2.1/bin/openssl:
>> - ECDHE-ECDSA-CHACHA20-POLY1305
>> - ECDHE-RSA-CHACHA20-POLY1305
>> - DHE-RSA-CHACHA20-POLY1305
>> - ECDHE-RSA-AES256-GCM-SHA384
>> - ECDHE-ECDSA-AES256-GCM-SHA384
>> - DHE-DSS-AES256-GCM-SHA384
>> - DHE-RSA-AES256-GCM-SHA384
>> - GOST2012256-GOST89-GOST89
>> - GOST2001-GOST89-GOST89
>> - ECDHE-RSA-AES128-GCM-SHA256
>> - ECDHE-ECDSA-AES128-GCM-SHA256
>> - DHE-DSS-AES128-GCM-SHA256
>> - DHE-RSA-AES128-GCM-SHA256
>> - EDH-RSA-DES-CBC3-SHA
>> - EDH-DSS-DES-CBC3-SHA
>> - EDH-RSA-DES-CBC-SHA
>> - EDH-DSS-DES-CBC-SHA
>>
>> * openssl/install/1.0.2d/bin/openssl:
>> - ECDHE-RSA-AES256-GCM-SHA384
>> - ECDHE-ECDSA-AES256-GCM-SHA384
>> - DHE-DSS-AES256-GCM-SHA384
>> - DHE-RSA-AES256-GCM-SHA384
>> - ECDHE-RSA-AES128-GCM-SHA256
>> - ECDHE-ECDSA-AES128-GCM-SHA256
>> - DHE-DSS-AES128-GCM-SHA256
>> - DHE-RSA-AES128-GCM-SHA256
>> - EDH-RSA-DES-CBC3-SHA
>> - EDH-DSS-DES-CBC3-SHA
>> - EDH-RSA-DES-CBC-SHA
>> - EDH-DSS-DES-CBC-SHA
>> - EXP-EDH-RSA-DES-CBC-SHA
>> - EXP-EDH-DSS-DES-CBC-SHA
>>
>> So 'TLSv1.2:!kRSA:!aECDH:!DH' is a bit too restrictive
>
> Looks like 'ALL:!SSLv3:!kRSA:!ADH:!aECDH' matches pretty well
> (excluding for the undesirable ones above).


Actually there is a typo above (!ADH => !aDH), so the correct suite
would be: 'ALL:!SSLv3:!kRSA:!aDH:!aECDH'.
This assumes aNULL is added by default (which http does in its latest
versions, along with eNULL), otherwise the full openssl command would
be:

$ openssl ciphers -v 'ALL:!SSLv3:!kRSA:!aDH:!aECDH:!aNULL'

which gives,

* libressl/install/2.2.1/bin/openssl:
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA
Enc=ChaCha20-Poly1305 Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA
Enc=ChaCha20-Poly1305 Mac=AEAD
DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH       Au=RSA
Enc=ChaCha20-Poly1305 Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA
Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-DSS-AES256-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA256
DHE-RSA-CAMELLIA256-SHA256 TLSv1.2 Kx=DH       Au=RSA
Enc=Camellia(256) Mac=SHA256
DHE-DSS-CAMELLIA256-SHA256 TLSv1.2 Kx=DH       Au=DSS
Enc=Camellia(256) Mac=SHA256
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA
Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-DSS-AES128-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA256
DHE-RSA-CAMELLIA128-SHA256 TLSv1.2 Kx=DH       Au=RSA
Enc=Camellia(128) Mac=SHA256
DHE-DSS-CAMELLIA128-SHA256 TLSv1.2 Kx=DH       Au=DSS
Enc=Camellia(128) Mac=SHA256

* openssl/install/1.0.2d/bin/openssl:
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA
Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-DSS-AES256-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA256
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA
Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-DSS-AES128-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA256

Re: H2 compatible ciphers (was: svn commit: r1708593)

Reply via email to