aes_cbc_hmac_sha1 implementation
Hubert Kario
hkario at redhat.com
Wed Feb 26 12:27:00 UTC 2020
On Wednesday, 26 February 2020 08:59:01 CET, Phani 2004 wrote:
> Thanks for the quick response Matt.
>
> My command was :
> openssl s_client -connect 10.29.20.26 -cipher ECDHE-RSA-AES128-SHA -tls1_2.
> I did not realise that "2" was not copied.
>
> I am trying to implement combined algo support on our engine.
> I am using the openssl s_server and s_client apps to validate my
> implementation.
> The combined algo that i am looking to implement is AES128/256 and SHA1.
> Its clear that i should always use tls version less than 1.3 otherwise GCM
> ciphers are used.
>
> What cipher suites can i use to validate the above combination of combined
> algo?
OpenSSL internally treats key exchange and symmetric cipher separately, so
all "*AES128-SHA" ciphers use the same cipher backend
you should also test AES256-SHA, AES128-SHA256, AES256-SHA256 and
AES256-SHA384
> Which tls versions support which cipher suites?
*-SHA1 and *MD5 is supported by everything between SSL3 and TLS 1.2
*-SHA256 and *-SHA384 (if they are not TLS1.3 cipher suites) are supported
by TLS 1.2 only
> Should i be doing "encrypt-then-mac" or "mac-then-encrypt" in my
> implementation?
> Does the cipher suite decide this?
> If yes, what are the ciphers which do "encrypt-then-mac" and what ciphers
> to "mac-then-encrypt"?
etm vs mte happens based on negotiated extension, not cipher suite
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
More information about the openssl-users
mailing list