[openssl-users] Unable to select NULL or NULL-MD5

Thu Mar 29 04:22:45 UTC 2018

> On Mar 28, 2018, at 7:14 PM, Eric Jacksch <eric at jacksch.com> wrote:
> 
> I'm using OpenSSL for testing and recently compiled 1.1.0g and h. I'm seeing the same behaviour in both. 
> 
> openssl ciphers -v list the NULL ciphers, but when I try to use NULL or NULL-MD5 I get the same result:  No ciphers available.
> 
> I've tried several compile options to no avail.

To use eNULL ciphers you must set the security level to 0:

$ openssl ciphers -s -tls1_2 -v eNULL:@SECLEVEL=0
ECDHE-ECDSA-NULL-SHA    TLSv1 Kx=ECDH     Au=ECDSA Enc=None      Mac=SHA1
ECDHE-RSA-NULL-SHA      TLSv1 Kx=ECDH     Au=RSA  Enc=None      Mac=SHA1
AECDH-NULL-SHA          TLSv1 Kx=ECDH     Au=None Enc=None      Mac=SHA1
NULL-SHA256             TLSv1.2 Kx=RSA      Au=RSA  Enc=None      Mac=SHA256
NULL-SHA                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=SHA1
NULL-MD5                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=MD5

-- 
	Viktor.