[erlang-bugs] Incomplete Elliptic Curve Cipher Suites in R16B01 and R16B02
Ingela Anderton Andin
ingela.anderton.andin@REDACTED
Wed Oct 2 15:49:22 CEST 2013
Hi!
I think your test is a little too naive! I just run your test against an
openssl server ( OpenSSL 1.0.1 14 Mar 2012)
and here is the result:
works not: ECDHE-RSA-AES256-SHA384
works not: ECDHE-ECDSA-AES256-SHA384
works: ECDHE-RSA-AES256-SHA
works not: ECDHE-ECDSA-AES256-SHA
works not: DHE-RSA-AES256-SHA256
works not: DHE-DSS-AES256-SHA256
works: DHE-RSA-AES256-SHA
works not: DHE-DSS-AES256-SHA
works not: ECDH-RSA-AES256-SHA384
works not: ECDH-ECDSA-AES256-SHA384
works not: ECDH-RSA-AES256-SHA
works not: ECDH-ECDSA-AES256-SHA
works not: AES256-SHA256
works: AES256-SHA
works: ECDHE-RSA-DES-CBC3-SHA
works not: ECDHE-ECDSA-DES-CBC3-SHA
works not: ECDH-RSA-DES-CBC3-SHA
works not: ECDH-ECDSA-DES-CBC3-SHA
works: DES-CBC3-SHA
works not: ECDHE-RSA-AES128-SHA256
works not: ECDHE-ECDSA-AES128-SHA256
works: ECDHE-RSA-AES128-SHA
works not: ECDHE-ECDSA-AES128-SHA
works not: DHE-RSA-AES128-SHA256
works not: DHE-DSS-AES128-SHA256
works: DHE-RSA-AES128-SHA
works not: DHE-DSS-AES128-SHA
works not: ECDH-RSA-AES128-SHA256
works not: ECDH-ECDSA-AES128-SHA256
works not: ECDH-RSA-AES128-SHA
works not: ECDH-ECDSA-AES128-SHA
works not: AES128-SHA256
works: AES128-SHA
works: ECDHE-RSA-RC4-SHA
works not: ECDHE-ECDSA-RC4-SHA
works not: ECDH-RSA-RC4-SHA
works not: ECDH-ECDSA-RC4-SHA
works: RC4-SHA
works: RC4-MD5
works: DES-CBC-SHA
If you look closer you willl see that the error is:
"140232248637088:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no
shared cipher:s3_srvr.c:1353:"
After just a quick check of
your test of erlang:
works not: ECDH-RSA-AES256-SHA384
Our test suite: ssl_ECC_SUITE:client_ec_server_ec/1 <cid:part1.05060104.08000707@REDACTED>
sucessfully negotiaties ECDH-RSA-AES256-SHA384 with openssl in R16B02
So I think some of your conclusions where a bit premature.
The problems you mentioned in R16B01 are probably fixed in R16B02
"Now handles signature_algorithm field in digitally_signed
properly with proper defaults. Prior to this change
some elliptic curve cipher suites could fail reporting the error "bad
certificate"."
Also there is at the moment a documented limitation:
"Elliptic Curve cipher suites are supported if crypto supports it and
named curves are used."
But your welcome to submit a new bug report if you should find a correct
setup that fails.
Regards Ingela Erlang/OTP team Ericsson AB
On 10/01/2013 06:09 PM, Klaus Trainer wrote:
> Hey!
>
> The incomplete implementation of elliptic curves in R16B01 and R16B02 is
> an annoying issue for people who try to use Erlang/OTP's SSL/TLS
> implementation. The issue is not easy to debug, and finding relevant
> information on the web is not easy as well. For reference, here's a
> list of the few resources that I'm aware of:
>
> * http://erlang.org/pipermail/erlang-questions/2013-June/074349.html
> * http://erlang.org/pipermail/erlang-bugs/2013-June/003636.html
> * https://github.com/extend/ranch/commit/c0c09a1311
>
> As noted in the latter resource, which is a respective workaround in
> Ranch, most popular browsers (e.g. Firefox, Chromium, and Safari) are
> affected by this issue.
>
> In order to see which cipher suites are affected, I wrote an echo server
> (using Ranch and its SSL transport) and a shell script that uses
> `openssl s_client` in order to test several cipher suites against the
> echo server. It can be found at
> https://github.com/KlausTrainer/erl_ssl_test and you can compile and run
> it by executing `make check`. Running it under Debian GNU/Linux 7.1
> (x86_64) with R16B02 and OpenSSL 1.0.1e generates the following output:
>
> works: ECDHE-RSA-AES256-SHA384
> works not: ECDHE-ECDSA-AES256-SHA384
> works: ECDHE-RSA-AES256-SHA
> works not: ECDHE-ECDSA-AES256-SHA
> works: DHE-RSA-AES256-SHA256
> works not: DHE-DSS-AES256-SHA256
> works: DHE-RSA-AES256-SHA
> works not: DHE-DSS-AES256-SHA
> works not: ECDH-RSA-AES256-SHA384
> works not: ECDH-ECDSA-AES256-SHA384
> works not: ECDH-RSA-AES256-SHA
> works not: ECDH-ECDSA-AES256-SHA
> works: AES256-SHA256
> works: AES256-SHA
> works: ECDHE-RSA-DES-CBC3-SHA
> works not: ECDHE-ECDSA-DES-CBC3-SHA
> works not: ECDH-RSA-DES-CBC3-SHA
> works not: ECDH-ECDSA-DES-CBC3-SHA
> works: DES-CBC3-SHA
> works: ECDHE-RSA-AES128-SHA256
> works not: ECDHE-ECDSA-AES128-SHA256
> works: ECDHE-RSA-AES128-SHA
> works not: ECDHE-ECDSA-AES128-SHA
> works: DHE-RSA-AES128-SHA256
> works not: DHE-DSS-AES128-SHA256
> works: DHE-RSA-AES128-SHA
> works not: DHE-DSS-AES128-SHA
> works not: ECDH-RSA-AES128-SHA256
> works not: ECDH-ECDSA-AES128-SHA256
> works not: ECDH-RSA-AES128-SHA
> works not: ECDH-ECDSA-AES128-SHA
> works: AES128-SHA256
> works: AES128-SHA
> works: ECDHE-RSA-RC4-SHA
> works not: ECDHE-ECDSA-RC4-SHA
> works not: ECDH-RSA-RC4-SHA
> works not: ECDH-ECDSA-RC4-SHA
> works: RC4-SHA
> works: RC4-MD5
> works: DES-CBC-SHA
>
> I hope this helps.
>
> Regards,
> Klaus
>
>
> _______________________________________________
> erlang-bugs mailing list
> erlang-bugs@REDACTED
> http://erlang.org/mailman/listinfo/erlang-bugs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-bugs/attachments/20131002/9fc508dc/attachment.htm>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-bugs/attachments/20131002/9fc508dc/attachment.html>
More information about the erlang-bugs
mailing list