Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gnutls support #30

Open
mathstuf opened this issue Mar 5, 2015 · 7 comments
Open

Gnutls support #30

mathstuf opened this issue Mar 5, 2015 · 7 comments
Labels
config generator Issue related to the Mozilla SSL Configuration Generator help wanted new app support request Request for the config generator to support a new application

Comments

@mathstuf
Copy link

mathstuf commented Mar 5, 2015

It would be nice to have a string for use with gnutls since it has a different set of ciphers available.

@gene1wood
Copy link
Collaborator

Here's some more information on GnuTLS ciphersuites.

Can you (or someone) provide the modified ciphersuites for old, intermediate and modern in the GnuTLS grammar?

@jvehent wrote this converstion tool, convert_openssl_to_gnutls.sh but he says it's given him mixed results.

@mathstuf
Copy link
Author

The problems I had poking around with this is that gnutls can't hit any of the targets exactly. Typically because some suites either aren't supported or turning off some of the broken ones takes out stronger ones too.

Here's my best attempt at Intermediate:

%SERVER_PRECEDENCE:NORMAL:-VERS-SSL3.0:-VERS-TLS1.0:-3DES-CBC:-ARCFOUR-128:-ARCFOUR-40:-MD5

@gene1wood
Copy link
Collaborator

Can anyone provide the gnutls equivalent for old and modern?

@floatingatoll
Copy link

We did a lot of work on this back in the IRC server setup days and, basically, our document is written assuming intersections that GnuTLS cannot provide. Primarily of concern was that cipher ordering is, on RHEL6 and prior, hard-coded into GnuTLS such that no matter what we indicated, clients would get something wrong and broken and fail to negotiate.

If y'all choose to proceed with addressing this issue, I strongly advise setting a minimum GnuTLS version to ensure that ordering is possible and supported. Otherwise, our specs break TLS when adapted to it.

@szepeviktor
Copy link
Contributor

szepeviktor commented Apr 30, 2017

This gnutls priority string

NONE:+VERS-TLS-ALL:+CHACHA20-POLY1305:+AES-128-GCM:+AES-256-GCM:+AES-128-CBC:+AES-256-CBC:+DHE-RSA:+ECDHE-RSA:+ECDHE-ECDSA:+3DES-CBC:+RSA:+SHA1:+SHA256:+SHA384:+AEAD

gave only one more ciphersuite:

TLS_DHE_RSA_3DES_EDE_CBC_SHA1                                   TLS_DHE_RSA_3DES_EDE_CBC_SHA1
TLS_DHE_RSA_AES_128_CBC_SHA1                                    TLS_DHE_RSA_AES_128_CBC_SHA1
TLS_DHE_RSA_AES_128_CBC_SHA256                                  TLS_DHE_RSA_AES_128_CBC_SHA256
TLS_DHE_RSA_AES_128_GCM_SHA256                                  TLS_DHE_RSA_AES_128_GCM_SHA256
TLS_DHE_RSA_AES_256_CBC_SHA1                                    TLS_DHE_RSA_AES_256_CBC_SHA1
TLS_DHE_RSA_AES_256_CBC_SHA256                                  TLS_DHE_RSA_AES_256_CBC_SHA256
TLS_DHE_RSA_AES_256_GCM_SHA384                                  TLS_DHE_RSA_AES_256_GCM_SHA384
                                                              > TLS_DHE_RSA_CHACHA20_POLY1305
TLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1                               TLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1
TLS_ECDHE_ECDSA_AES_128_CBC_SHA1                                TLS_ECDHE_ECDSA_AES_128_CBC_SHA1
TLS_ECDHE_ECDSA_AES_128_CBC_SHA256                              TLS_ECDHE_ECDSA_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_AES_128_GCM_SHA256                              TLS_ECDHE_ECDSA_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_AES_256_CBC_SHA1                                TLS_ECDHE_ECDSA_AES_256_CBC_SHA1
TLS_ECDHE_ECDSA_AES_256_CBC_SHA384                              TLS_ECDHE_ECDSA_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_AES_256_GCM_SHA384                              TLS_ECDHE_ECDSA_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_CHACHA20_POLY1305                               TLS_ECDHE_ECDSA_CHACHA20_POLY1305
TLS_ECDHE_RSA_3DES_EDE_CBC_SHA1                                 TLS_ECDHE_RSA_3DES_EDE_CBC_SHA1
TLS_ECDHE_RSA_AES_128_CBC_SHA1                                  TLS_ECDHE_RSA_AES_128_CBC_SHA1
TLS_ECDHE_RSA_AES_128_CBC_SHA256                                TLS_ECDHE_RSA_AES_128_CBC_SHA256
TLS_ECDHE_RSA_AES_128_GCM_SHA256                                TLS_ECDHE_RSA_AES_128_GCM_SHA256
TLS_ECDHE_RSA_AES_256_CBC_SHA1                                  TLS_ECDHE_RSA_AES_256_CBC_SHA1
TLS_ECDHE_RSA_AES_256_CBC_SHA384                                TLS_ECDHE_RSA_AES_256_CBC_SHA384
TLS_ECDHE_RSA_AES_256_GCM_SHA384                                TLS_ECDHE_RSA_AES_256_GCM_SHA384
TLS_ECDHE_RSA_CHACHA20_POLY1305                                 TLS_ECDHE_RSA_CHACHA20_POLY1305
TLS_RSA_3DES_EDE_CBC_SHA1                                       TLS_RSA_3DES_EDE_CBC_SHA1
TLS_RSA_AES_128_CBC_SHA1                                        TLS_RSA_AES_128_CBC_SHA1
TLS_RSA_AES_128_CBC_SHA256                                      TLS_RSA_AES_128_CBC_SHA256
TLS_RSA_AES_128_GCM_SHA256                                      TLS_RSA_AES_128_GCM_SHA256
TLS_RSA_AES_256_CBC_SHA1                                        TLS_RSA_AES_256_CBC_SHA1
TLS_RSA_AES_256_CBC_SHA256                                      TLS_RSA_AES_256_CBC_SHA256
TLS_RSA_AES_256_GCM_SHA384                                      TLS_RSA_AES_256_GCM_SHA384

(both sorted, left: Mozilla intermediate, right: this priority string)

@szepeviktor
Copy link
Contributor

szepeviktor commented Apr 30, 2017

This gave better order: NONE:+VERS-TLS-ALL:+CHACHA20-POLY1305:+AES-128-GCM:+AES-256-GCM:+AES-128-CBC:+AES-256-CBC:+ECDHE-ECDSA:+ECDHE-RSA:+DHE-RSA:+3DES-CBC:+RSA:+SHA1:+SHA256:+SHA384:+AEAD

TLS_ECDHE_ECDSA_CHACHA20_POLY1305                               TLS_ECDHE_ECDSA_CHACHA20_POLY1305
TLS_ECDHE_RSA_CHACHA20_POLY1305                               <
TLS_ECDHE_ECDSA_AES_128_GCM_SHA256                              TLS_ECDHE_ECDSA_AES_128_GCM_SHA256
TLS_ECDHE_RSA_AES_128_GCM_SHA256                              <
TLS_ECDHE_ECDSA_AES_256_GCM_SHA384                              TLS_ECDHE_ECDSA_AES_256_GCM_SHA384
TLS_ECDHE_RSA_AES_256_GCM_SHA384                              <
TLS_DHE_RSA_AES_128_GCM_SHA256                                <
TLS_DHE_RSA_AES_256_GCM_SHA384                                <
TLS_ECDHE_ECDSA_AES_128_CBC_SHA256                            <
TLS_ECDHE_RSA_AES_128_CBC_SHA256                              <
TLS_ECDHE_ECDSA_AES_128_CBC_SHA1                                TLS_ECDHE_ECDSA_AES_128_CBC_SHA1
TLS_ECDHE_RSA_AES_256_CBC_SHA384                              | TLS_ECDHE_ECDSA_AES_128_CBC_SHA256
TLS_ECDHE_RSA_AES_128_CBC_SHA1                                <
TLS_ECDHE_ECDSA_AES_256_CBC_SHA384                            <
TLS_ECDHE_ECDSA_AES_256_CBC_SHA1                                TLS_ECDHE_ECDSA_AES_256_CBC_SHA1
                                                              > TLS_ECDHE_ECDSA_AES_256_CBC_SHA384
                                                              > TLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1
                                                              > TLS_ECDHE_RSA_CHACHA20_POLY1305
                                                              > TLS_ECDHE_RSA_AES_128_GCM_SHA256
                                                              > TLS_ECDHE_RSA_AES_256_GCM_SHA384
                                                              > TLS_ECDHE_RSA_AES_128_CBC_SHA1
                                                              > TLS_ECDHE_RSA_AES_128_CBC_SHA256
TLS_ECDHE_RSA_AES_256_CBC_SHA1                                  TLS_ECDHE_RSA_AES_256_CBC_SHA1
TLS_DHE_RSA_AES_128_CBC_SHA256                                | TLS_ECDHE_RSA_AES_256_CBC_SHA384
                                                              > TLS_ECDHE_RSA_3DES_EDE_CBC_SHA1
                                                              > TLS_DHE_RSA_CHACHA20_POLY1305
                                                              > TLS_DHE_RSA_AES_128_GCM_SHA256
                                                              > TLS_DHE_RSA_AES_256_GCM_SHA384
TLS_DHE_RSA_AES_128_CBC_SHA1                                    TLS_DHE_RSA_AES_128_CBC_SHA1
TLS_DHE_RSA_AES_256_CBC_SHA256                                | TLS_DHE_RSA_AES_128_CBC_SHA256
TLS_DHE_RSA_AES_256_CBC_SHA1                                    TLS_DHE_RSA_AES_256_CBC_SHA1
TLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1                             | TLS_DHE_RSA_AES_256_CBC_SHA256
TLS_ECDHE_RSA_3DES_EDE_CBC_SHA1                               <
TLS_DHE_RSA_3DES_EDE_CBC_SHA1                                   TLS_DHE_RSA_3DES_EDE_CBC_SHA1
TLS_RSA_AES_128_GCM_SHA256                                      TLS_RSA_AES_128_GCM_SHA256
TLS_RSA_AES_256_GCM_SHA384                                      TLS_RSA_AES_256_GCM_SHA384
TLS_RSA_AES_128_CBC_SHA256                                    <
TLS_RSA_AES_256_CBC_SHA256                                    <
TLS_RSA_AES_128_CBC_SHA1                                        TLS_RSA_AES_128_CBC_SHA1
                                                              > TLS_RSA_AES_128_CBC_SHA256
TLS_RSA_AES_256_CBC_SHA1                                        TLS_RSA_AES_256_CBC_SHA1
                                                              > TLS_RSA_AES_256_CBC_SHA256
TLS_RSA_3DES_EDE_CBC_SHA1                                       TLS_RSA_3DES_EDE_CBC_SHA1

(not sorted)

@szepeviktor
Copy link
Contributor

This priority string yields the same ciphersuites but different order: NORMAL:-AES-128-CCM:-AES-256-CCM:-CAMELLIA-128-GCM:-CAMELLIA-256-GCM:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC

@gene1wood gene1wood added config generator Issue related to the Mozilla SSL Configuration Generator new app support request Request for the config generator to support a new application labels Apr 10, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
config generator Issue related to the Mozilla SSL Configuration Generator help wanted new app support request Request for the config generator to support a new application
Projects
None yet
Development

No branches or pull requests

4 participants