13

I am using the function SSL_CTX_set_cipher_list to set the ciphers supported for the SSL connection. What argument to pass to SSL_CTX_set_cipher_list to disable weak ciphers.

I tried passing ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

but it doesn't seem to work.

My tool to detect weak cipher reports for the following as enabled still

** SSLv3:DES-CBC-SHA - ENABLED - WEAK 56 bits **

** TLSv1:DES-CBC-SHA - ENABLED - WEAK 56 bits **

** SSLv2:RC4-MD5 - ENABLED - WEAK 128 bits **
** SSLv2:RC2-CBC-MD5 - ENABLED - WEAK 128 bits **
** SSLv2:RC4-64-MD5 - ENABLED - WEAK 64 bits **
** SSLv2:DES-CBC-MD5 - ENABLED - WEAK 56 bits **
** SSLv2:EXP-RC4-MD5 - ENABLED - WEAK 40 bits **
** SSLv2:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits **
** SSLv2:DES-CBC3-MD5 - ENABLED - WEAK 168 bits **

What argument to pass to SSL_CTX_set_cipher_list to disable the above ciphers?

kay
  • 23,543
  • 10
  • 89
  • 128
Ravi
  • 161
  • 1
  • 3
  • 5

2 Answers2

12

HIGH:!DSS:!aNULL@STRENGTH should work.

openssl ciphers -v 'HIGH:!DSS:!aNULL@STRENGTH' prints the following list of ciphers:

DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
DES-CBC3-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=MD5
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1

For a complete list of OpenSSL cipher strings and their meaning take a look at: http://www.openssl.org/docs/apps/ciphers.html

Gerhard Schlager
  • 3,096
  • 1
  • 29
  • 51
  • However, I'm not sure why your tool detects all those weak ciphers. OpenSSL does list only one of the reported weak ciphers when your list of ciphers is used and I don't think DES-CBC3-MD5 is weak. Did you disable SSLv2 in case it's not disabled by default? You can try appending !SSLv2 to the list of ciphers if you want to remove all SSLv2 ciphers. – Gerhard Schlager Sep 23 '10 at 11:28
  • How to remove DES-CBC3-SHA weak cipher? – Natim Sep 04 '13 at 15:25
  • 3
    Just add `:!DES-CBC3-SHA` to the cipher list in order to remove it. – Gerhard Schlager Sep 04 '13 at 15:51
  • 1
    MD5 is considered weak in the DES-CBC3-MD5 cipher. – davenpcj Sep 13 '13 at 15:51
2

What argument to pass to SSL_CTX_set_cipher_list to disable weak ciphers

It depends upon who's defintion of weak you are using. In 2015, you have to bump from effectively HIGH:!aNULL because modern browsers reject some of the ciphers included with HIGH. If you allow MD5 and/or RC4, then you get the obsolete cryptography warning.

HIGH:!aNULL:!MD5:!RC4

The call would look like so:

rc = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!MD5:!RC4");
ASSERT(rc >= 1);

You should also disable SSLv2, SSLv3 and probably compression. You do it like so:

const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
SSL_CTX_set_options(ctx, flags);

SSL_CTX_set_options does not return a value, so there's nothing to test to ensure the call succeeds.

Community
  • 1
  • 1
jww
  • 83,594
  • 69
  • 338
  • 732
  • the author did not ask for a certain year :) – jitter Jun 07 '16 at 19:23
  • 1
    Not sure what you mean jitter. It is what it is. `HIGH` is high, but its someone else's definition. In 2014 and 2015, the browsers moved against MD5, RC4, SHA1 and 1024-bit FF-crypto and IF-crypto. FF is ***F***inite ***F***ield (like Diffie-Hellman), and IF is ***I***nteger ***F***actorization (like RSA). – jww Jun 07 '16 at 20:33
  • @jitter - I'm not blaming others for anything. I'm not claiming anything is secure or insecure. I don't think we can make that determination based on terms like "weak" and "strong" or "high"; instead, we would need a threat model or requirements. Again, I don't care about your answer, and I don't care about how it compares. You are free to do whatever you want. I also don't claim to be an expert, though I do have some subject matter expertise. What is the point of all this rambling? – jww Jun 10 '16 at 23:16