ciphersについて整理してみた。

■ciphersについて整理してみた。

　IANA、OpenSSL、GnuTLSの3種類の名前があり、共通するのはHex code。

■まずはIANAとopensslのマッピングを取得する。

$ w3m -dump https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml > tls-parameters.txt

$ openssl ciphers -V 'DEFAULT:@SECLEVEL=2:!SSLv3:!TLSv1:!TLSv1.1:!DH:!DHE' | sort > openssl-map.txt
$ openssl ciphers -V 'DEFAULT:@SECLEVEL=2:!SSLv3:!TLSv1:!TLSv1.1:!DH:!DHE' | awk '{print $1 | "sort"}' > openssl-grep.txt 

$ openssl ciphers -V 'DEFAULT:@SECLEVEL=2:!SSLv3:!TLSv1:!TLSv1.1:!DH:!DHE' | wc -l
27
$ grep -F -f openssl-grep.txt openssl-map.txt | wc -l
27
$ grep -F -f openssl-grep.txt tls-parameters.txt | wc -l
27

$ grep -F -f openssl-grep.txt tls-parameters.txt | sort > openssl-iana.txt
$ join openssl-map.txt openssl-iana.txt | awk '{print $1,$3,$9}' | nl
     1	0x00,0x3C AES128-SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256
     2	0x00,0x3D AES256-SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256
     3	0x00,0x9C AES128-GCM-SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256
     4	0x00,0x9D AES256-GCM-SHA384 TLS_RSA_WITH_AES_256_GCM_SHA384
     5	0x00,0xA8 PSK-AES128-GCM-SHA256 TLS_PSK_WITH_AES_128_GCM_SHA256
     6	0x00,0xA9 PSK-AES256-GCM-SHA384 TLS_PSK_WITH_AES_256_GCM_SHA384
     7	0x00,0xAA DHE-PSK-AES128-GCM-SHA256 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
     8	0x00,0xAB DHE-PSK-AES256-GCM-SHA384 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
     9	0x00,0xAC RSA-PSK-AES128-GCM-SHA256 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
    10	0x00,0xAD RSA-PSK-AES256-GCM-SHA384 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
    11	0x13,0x01 TLS_AES_128_GCM_SHA256 TLS_AES_128_GCM_SHA256
    12	0x13,0x02 TLS_AES_256_GCM_SHA384 TLS_AES_256_GCM_SHA384
    13	0x13,0x03 TLS_CHACHA20_POLY1305_SHA256 TLS_CHACHA20_POLY1305_SHA256
    14	0xC0,0x23 ECDHE-ECDSA-AES128-SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
    15	0xC0,0x24 ECDHE-ECDSA-AES256-SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
    16	0xC0,0x27 ECDHE-RSA-AES128-SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
    17	0xC0,0x28 ECDHE-RSA-AES256-SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
    18	0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    19	0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    20	0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    21	0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    22	0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
    23	0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
    24	0xCC,0xAB PSK-CHACHA20-POLY1305 TLS_PSK_WITH_CHACHA20_POLY1305_SHA256
    25	0xCC,0xAC ECDHE-PSK-CHACHA20-POLY1305 TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
    26	0xCC,0xAD DHE-PSK-CHACHA20-POLY1305 TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
    27	0xCC,0xAE RSA-PSK-CHACHA20-POLY1305 TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256

■gnutls-cliとの比較

$ apt-cache search gnutls-cli
gnutls-bin - GNU TLS library - commandline utilities

$ sudo apt-get install -y gnutls-bin
$ gnutls-cli --priority "SECURE192:-DHE-RSA:+AES-128-GCM:-AES-256-CCM" -l 2>&1 | \
  awk '$1 ~ /^TLS/{print substr($2,1,2) toupper(substr($2,3,3)) substr($3,1,2) toupper(substr($3,3,2)),$1,$4 | "sort"}'
0x00,0x9C TLS_RSA_AES_128_GCM_SHA256 TLS1.2
0x00,0x9D TLS_RSA_AES_256_GCM_SHA384 TLS1.2
0x13,0x01 TLS_AES_128_GCM_SHA256 TLS1.3
0x13,0x02 TLS_AES_256_GCM_SHA384 TLS1.3
0x13,0x03 TLS_CHACHA20_POLY1305_SHA256 TLS1.3
0xC0,0x2B TLS_ECDHE_ECDSA_AES_128_GCM_SHA256 TLS1.2
0xC0,0x2C TLS_ECDHE_ECDSA_AES_256_GCM_SHA384 TLS1.2
0xC0,0x2F TLS_ECDHE_RSA_AES_128_GCM_SHA256 TLS1.2
0xC0,0x30 TLS_ECDHE_RSA_AES_256_GCM_SHA384 TLS1.2
0xCC,0xA8 TLS_ECDHE_RSA_CHACHA20_POLY1305 TLS1.2
0xCC,0xA9 TLS_ECDHE_ECDSA_CHACHA20_POLY1305 TLS1.2

$ grep -v "PSK-\|AES128-SHA\|AES256-SHA" openssl-map.txt 
          0x00,0x9C - AES128-GCM-SHA256       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD
          0x00,0x9D - AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
          0x13,0x01 - TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
          0x13,0x02 - TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
          0x13,0x03 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
          0xC0,0x2B - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
          0xC0,0x2C - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
          0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
          0xC0,0x30 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
          0xCC,0xA8 - ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
          0xCC,0xA9 - ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD

$ grep -v "PSK_\|AES128_SHA\|AES256_SHA\|CBC_SHA" openssl-iana.txt 
 0x00,0x9C   TLS_RSA_WITH_AES_128_GCM_SHA256               Y       N           [RFC5288]
 0x00,0x9D   TLS_RSA_WITH_AES_256_GCM_SHA384               Y       N           [RFC5288]
 0x13,0x01   TLS_AES_128_GCM_SHA256                        Y       Y           [RFC8446]
 0x13,0x02   TLS_AES_256_GCM_SHA384                        Y       Y           [RFC8446]
 0x13,0x03   TLS_CHACHA20_POLY1305_SHA256                  Y       Y           [RFC8446]
 0xC0,0x2B   TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256       Y       Y           [RFC5289]
 0xC0,0x2C   TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384       Y       Y           [RFC5289]
 0xC0,0x2F   TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256         Y       Y           [RFC5289]
 0xC0,0x30   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384         Y       Y           [RFC5289]
 0xCC,0xA8   TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   Y       Y           [RFC7905]
 0xCC,0xA9   TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 Y       Y           [RFC7905]

$ openssl ciphers -V 'DEFAULT:@SECLEVEL=2:!SSLv3:!TLSv1:!TLSv1.1:!DH:!DHE:!PSK:!AES128-SHA256:!AES256-SHA256:!ECDHE-ECDSA-AES128-SHA256:!ECDHE-ECDSA-AES256-SHA384:!ECDHE-RSA-AES128-SHA256:!ECDHE-RSA-AES256-SHA384' | sort
          0x00,0x9C - AES128-GCM-SHA256       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD
          0x00,0x9D - AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
          0x13,0x01 - TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
          0x13,0x02 - TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
          0x13,0x03 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
          0xC0,0x2B - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
          0xC0,0x2C - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
          0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
          0xC0,0x30 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
          0xCC,0xA8 - ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
          0xCC,0xA9 - ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD

■以下で該当サイトのWeakでないIANA名と0x0000形式のHEX値を取得。

　SSL Report
　https://www.ssllabs.com/ssltest/

■Weakでない以下2つ以外に選択出来るものがサーバ側に無いことは確認済みなので。

　TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) 
　TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)

■結構弱めながら、以下を含む程度の強度を選択。

$ grep "0xC0,0x30\|0xC0,2F" openssl-map.txt openssl-iana.txt tls-parameters.txt 
openssl-map.txt:          0xC0,0x30 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
openssl-iana.txt: 0xC0,0x30   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384         Y       Y           [RFC5289]
tls-parameters.txt: 0xC0,0x30   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384         Y       Y           [RFC5289]

■curlではopenssl名で指定

$ curl -S "https://jvndb.jvn.jp/myjvn?method=getProductList&feed=hnd&keyword=docker" \
    --cipher ECDHE-RSA-AES256-GCM-SHA384 --tlsv1.2 2>/dev/null | head -1
<?xml version="1.0" encoding="UTF-8" ?>   

■wgetではgnutls名で指定

$ gnutls-cli --priority "+SECURE128:-AES-256-CCM:-AES-128-CCM:-DHE-RSA:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0:-VERS-TLS1.3:-SHA1" \
    -l 2>&1 | \
  awk '$1 ~ /^TLS/{print substr($2,1,2) toupper(substr($2,3,3)) substr($3,1,2) toupper(substr($3,3,2)),$1,$4 | "sort"}'
0x00,0x9C TLS_RSA_AES_128_GCM_SHA256 TLS1.2
0x00,0x9D TLS_RSA_AES_256_GCM_SHA384 TLS1.2
0xC0,0x2B TLS_ECDHE_ECDSA_AES_128_GCM_SHA256 TLS1.2
0xC0,0x2C TLS_ECDHE_ECDSA_AES_256_GCM_SHA384 TLS1.2
0xC0,0x2F TLS_ECDHE_RSA_AES_128_GCM_SHA256 TLS1.2
0xC0,0x30 TLS_ECDHE_RSA_AES_256_GCM_SHA384 TLS1.2
0xCC,0xA8 TLS_ECDHE_RSA_CHACHA20_POLY1305 TLS1.2
0xCC,0xA9 TLS_ECDHE_ECDSA_CHACHA20_POLY1305 TLS1.2

$ wget -O - "https://jvndb.jvn.jp/myjvn?method=getStatistics&feed=hnd&theme=sumCwe&type=y&datePublicStartY=2010&cweId=CWE-20" \
    --secure-protocol=TLSv1_2 \
    --ciphers="+SECURE128:-AES-256-CCM:-AES-128-CCM:-DHE-RSA:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0:-VERS-TLS1.3:-SHA1" \
    2>//dev/null | head -1 | sed -e 's/\"/\n  &/g'
<?xml version=
  "1.0
  " encoding=
  "UTF-8
  " ?>   <Result version=
  "3.3
  " xmlns:xsi=
  "http://www.w3.org/2001/XMLSchema-instance
  " xmlns=
  "http://jvndb.jvn.jp/myjvn/Results
  " xmlns:mjres=
  "http://jvndb.jvn.jp/myjvn/Results
  " xmlns:mjstat=
  "http://jvndb.jvn.jp/myjvn/Statistics
  " xmlns:status=
  "http://jvndb.jvn.jp/myjvn/Status
  " xsi:schemaLocation=
  "http://jvndb.jvn.jp/myjvn/Results https://jvndb.jvn.jp/schema/results_3.3.xsd
  ">