Geek Answers Handbook

Key Generation Requirements for TLS ECDHE-ECDSA-AES128-GCM-SHA256

I was wondering if there are minimum key generation requirements for ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-ECDSA-AES128-GCM-SHA256? I am trying to get a client and a TLS server using one of the above algorithms in order to connect to each other and continue to receive โ€œno common encryption errorsโ€. I created a CA to sign client and server certificates and tried to connect only with openssl, as well as in node.js. I am running cliengt and the server on localhost (127.0.0.1) to fix any other possible problems.

Here is what I have done so far:

Create a CA key pair:

$ openssl genrsa -out ca-key.pem 4096 $ openssl req -new -x509 -days 365 -key ca-key.pem -out ca-cert.pem

Creating a server / client key pair:

  $ openssl genrsa -out server-key.pem 4096 $ openssl req -new -key server-key.pem -out server-csr.pem $ openssl x509 -req -days 365 -in server-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem $ openssl genrsa -out client-key.pem 4096 $ openssl req -new -key client-key.pem -out client-csr.pem $ openssl x509 -req -days 365 -in client-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 -out client-cert.pem

At first I tried to connect to the node.js server from the command line (tls.createServer () with parameters: ciphers: 'ECDHE-ECDSA-AES256-GCM-SHA384: ECDHE-ECDSA-AES128-GCM -SHA256'), but to eliminate the suspicion node I returned to openssl to create the client and server.

The following commands are CORRECTLY connected for the client and server and declare that they use the cipher "New, TLSv1 / SSLv3, Cipher - ECDHE-RSA-AES256-GCM-SHA384":

 $ openssl s_server -accept 8888 -cert server-cert.pem -key server-key.pem -pass stdin -CAfile ca-cert.pem -state <password entered here> $ openssl s_client -connect 127.0.0.1:8888 -cert client-cert.pem -key client-key.pem -pass stdin -CAfile ca-cert.pem -state <password entered here>

With general encryption information:

 Shared ciphers:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-R SA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES2 56-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384 :DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-A ES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECD H-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH -ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384 :AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES -CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA :EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA :ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA2 56:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS -AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256

The following commands do NOT work when I specify the cipher on the server, or the client and server. Please note that the ECDHE-ECDSA-AES128-GCM-SHA256 code is listed as common in the above list.

 $ openssl s_server -accept 8888 -cert server-cert.pem -key server-key.pem -pass stdin -CAfile ca-cert.pem -cipher ECDHE-ECDSA-AES128-GCM-SHA256 <password entered here> << Server output after client connection attempt >> Using default temp DH parameters Using default temp ECDH parameters ACCEPT ERROR 2674688:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1353: shutting down SSL CONNECTION CLOSED ACCEPT $ openssl s_client -connect 127.0.0.1:8888 -cert client-cert.pem -key client-key.pem -pass stdin -CAfile ca-cert.pem -cipher ECDHE-ECDSA-AES128-GCM-SHA256 <password entered here> <<client output after connection attempt>> CONNECTED(00000003) 2674688:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:708: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 166 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE ---

Does anyone have any ideas? Thanks in advance!

+10
source share
1 answer

You make the wrong key with

  openssl genrsa -out ca-key.pem 4096

You need to use ecparam

 openssl ecparam -name secp521r1 -out ca-key.pem -genkey

and

 openssl ecparam -name secp521r1 -out client-key.pem -genkey

genrsa generates an RSA key, which when used with ECDHE authenticates the Diffie Hellman elliptic curve key exchange key (ECDHE).

ECDSA in ECDHE-ECDSA-AES128-GCM-SHA256 means you need an elliptic curve digital signature algorithm to authenticate this key. Since you do not have such keys, the command does not work. However, ECDHE-RSA-AES256-GCM-SHA384 works because it uses the RSA keys that you have.

You get sha384 because openssl chooses the strongest cipher suite, and all things are equal to sha384 better than sha256. You can override this, and it looks like you did it with --cipher .

Please note that you can use a different curve. You can get the full list with

 openssl ecparam -list_curves

Out of curiosity, why is this particular set of ciphers? ECDHE and ECDSA are state-of-the-art, but sha256 is standard, and well AES 128 is certainly good enough, people tend to use 256 if they are as careful as the ECDHE and ECDSA implies.

+16
source

More articles:


All Articles