c – 用于DHE交换的OpenSSL证书生成
|
我是安全和OpenSSL的初学者.我的目标是以编程方式生成证书,通过Chrome所做的“过时??”羞辱.我用来生成使用RSA的AES_128_GCM的证书,即使我尝试将密码列表设置为kEECDH:kEDH:!ADH:AES256-SHA256,服务器上下文使用SSL_CTX_new(TLSv1_2_server_method());.
基于the documentation的示例,我尝试了以下方法: X509 *x = NULL;
EVP_PKEY *pk = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY *params = NULL;
if(NULL == (params = EVP_PKEY_new()))
goto err;
if(1 != EVP_PKEY_set1_DH(params,DH_get_2048_256()))
goto err;
if(!(ctx = EVP_PKEY_CTX_new(params,NULL)))
goto err;
if(!EVP_PKEY_keygen_init(ctx))
goto err;
if(!EVP_PKEY_keygen(ctx,&pk))
goto err;
if ((x=X509_new()) == NULL)
goto err;
X509_set_version(x,2);
X509_set_pubkey(x,pk);
//... (setting the issuer,subject,etc)
//Here is where it fails
if (!X509_sign(x,pk,EVP_sha256()))
goto err;
RSA的代码与DH相同. X509_sign给出的错误是此键类型不支持EVP_PKEY_sign_init操作. 我能做什么?我更喜欢连接使用ECDHE,但我不知道如何设置它.我需要在合理范围内保证安全,但我对安全的了解非常有限.我正在研究它.任何帮助将不胜感激,但请提供代码与您的答案(而不是命令行生成). 解决方法
通常,HIGH:!aNULL:!RC4:!MD5就足够了.既然你想使用短暂的密钥交换(这是一件好事),你也应该删除RSA密钥传输:HIGH:!aNULL:!kRSA:!RC4:!MD5.
另请参阅OpenSSL wiki上的SSL/TLS Client.它是一个客户端,但它向您展示了如何设置上下文. 因为它是一个服务器,你可能也想要像SSL_OP_SAFARI_ECDHE_ECDSA_BUG这样的上下文选项.
几乎任何证书都可以.它可以是RSA密钥,DSS密钥或ECDSA密钥.证书中的密钥将用于签署服务器消息(一些手放弃),因此用于服务器身份验证. 短暂的密钥交换是不同的.您可以使用 由于您没有使用SRP和PSK等密码套件,因此您也可以删除它们. RSA仍然显示,但它用于服务器身份验证,而不是密钥传输: $openssl ciphers -v 'HIGH:!aNULL:!kRSA:!RC4:!MD5:!3DES:!DSS:!DSA:!SRP:!PSK' ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1 ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD ECDH-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256) Mac=SHA384 ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256) Mac=SHA384 ECDH-RSA-AES256-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=AES(256) Mac=SHA1 ECDH-ECDSA-AES256-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256) Mac=SHA1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1 ECDHE-ECDSA-AES128-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1 ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD ECDH-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(128) Mac=SHA256 ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA256 ECDH-RSA-AES128-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=AES(128) Mac=SHA1 ECDH-ECDSA-AES128-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA1 (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |