[openssl-users] Disable SSL3 and enable TLS1? / Ambiguous "DES-CBC3-SHA"
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Apr 7 15:31:54 UTC 2015
On Tue, Apr 07, 2015 at 08:09:31AM -0700, David Rueter wrote:
> >> You're confusing SSLv3 the protocol, with SSLv3 ciphersuites.
>
> Yes, I admit I am not distinguishing between these. However, !SSLv3 in the
> cipher list does evidently disable the SSLv3 protocol as well--as evidenced
> by testing with https://www.ssllabs.com/ssltest
When there are no SSLv3 ciphers left, the protocol is not offerred,
but this also disables TLSv1 and TLSv1.1 as they use the same set
of ciphers.
> From the symptoms, it sure seems like OpenSSL mistakenly uses the string
> "DES-CBC3-SHA" to refer to both TLS and SSL3 (see
> https://www.openssl.org/docs/apps/ciphers.html )
There is no mistake. The same cipher-suite:
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
applies to SSLv3, TLSv1, TLSv1.1 and TLSv1.2.
> intentional? In other words, is the SSLv3 cipher
> SSL_RSA_WITH_3DES_EDE_CBC_SHA actually the same as the TLS cipher
> TLS_RSA_WITH_[3]DES_[EDE_]CBC_SHA?
Yes, they are one and the same (SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2):
RFC 6101: CipherSuite SSL_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
RFC 2246: CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
RFC 4346: CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
RFC 5246: CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
As for:
CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 };
it is not triple DES, it is single-DES, and corresponds (RFC 6101) to:
CipherSuite SSL_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 };
which OpenSSL calls:
DES-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
--
Viktor.
More information about the openssl-users
mailing list