asp*_*zae 10 openssl cryptography node.js
我想知道ECDHE-ECDSA-AES128-GCM-SHA256和ECDHE-ECDSA-AES128-GCM-SHA256是否有最低密钥生成要求?我试图让一个TLS客户端和服务器使用上述算法之一相互连接并继续接收"没有共享密码错误".我创建了一个用于签署客户端和服务器证书的CA,并尝试仅使用openssl和node.js进行连接.我在localhost(127.0.0.1)上运行cliengt和server以消除任何其他可能的问题.
这是我到目前为止所做的:
CA密钥对创建:
$ openssl genrsa -out ca-key.pem 4096
$ openssl req -new -x509 -days 365 -key ca-key.pem -out ca-cert.pem
服务器/客户端密钥对创建:
$ openssl genrsa -out server-key.pem 4096
$ openssl req -new -key server-key.pem -out server-csr.pem
$ openssl x509 -req -days 365 -in server-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem
$ openssl genrsa -out client-key.pem 4096
$ openssl req -new -key client-key.pem -out client-csr.pem
$ openssl x509 -req -days 365 -in client-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 -out client-cert.pem
我最初尝试从命令行连接到node.js服务器(tls.createServer(),带有选项:ciphers:'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256'),但是为了消除节点的怀疑,我又回到openssl来创建客户端和服务器.
以下命令CORRECTLY连接客户端和服务器,并声明它使用的密码为"New,TLSv1/SSLv3,Cipher为ECDHE-RSA-AES256-GCM-SHA384":
$ openssl s_server -accept 8888 -cert server-cert.pem -key server-key.pem -pass stdin -CAfile ca-cert.pem -state
<password entered here>
$ openssl s_client -connect 127.0.0.1:8888 -cert client-cert.pem -key client-key.pem -pass stdin -CAfile ca-cert.pem -state
<password entered here>
使用共享密码信息如下:
Shared ciphers:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-R
SA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES2
56-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384
:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-A
ES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECD
H-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH
-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384
:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES
-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA
:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA
:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA2
56:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS
-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256
当我在服务器或客户端和服务器上指定密码时,以下命令不起作用.请注意,ECDHE-ECDSA-AES128-GCM-SHA256密码在上面的列表中列为共享.
$ openssl s_server -accept 8888 -cert server-cert.pem -key server-key.pem -pass stdin -CAfile ca-cert.pem -cipher ECDHE-ECDSA-AES128-GCM-SHA256
<password entered here>
<< Server output after client connection attempt >>
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
ERROR
2674688:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1353:
shutting down SSL
CONNECTION CLOSED
ACCEPT
$ openssl s_client -connect 127.0.0.1:8888 -cert client-cert.pem -key client-key.pem -pass stdin -CAfile ca-cert.pem -cipher ECDHE-ECDSA-AES128-GCM-SHA256
<password entered here>
<<client output after connection attempt>>
CONNECTED(00000003)
2674688:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:708:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 166 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
有没有人有任何想法?提前致谢!
imi*_*ers 16
你正在制作错误的钥匙
openssl genrsa -out ca-key.pem 4096
你需要使用ecparam
openssl ecparam -name secp521r1 -out ca-key.pem -genkey
和
openssl ecparam -name secp521r1 -out client-key.pem -genkey
genrsa 生成一个RSA密钥,当与ECDHE一起使用时,验证Elliptic Curve Diffie Hellman密钥交换(ECDHE).
ECDHE-ECDSA-AES128-GCM-SHA256中的ECDSA意味着您需要使用椭圆曲线数字签名算法来验证该密钥.因为您没有这种密钥,所以命令失败.但是,ECDHE-RSA-AES256-GCM-SHA384可以使用,因为它使用了您拥有的RSA密钥.
你得到了sha384,因为openssl选择了最强的密码套件,所有东西都相同sha384比sha256更好.你可以覆盖这个,看起来就像你这样做了--cipher.
请注意,您可能希望使用不同的曲线.您可以获得完整列表
openssl ecparam -list_curves
出于好奇,为什么那个特定的密码套件?ECDHE和ECDSA是最先进的,但sha256只是标准配置,而且AES 128当然足够好,如果它们像ECDHE和ECDSA所暗示的那样谨慎,人们倾向于使用256.
| 归档时间: |
|
| 查看次数: |
15807 次 |
| 最近记录: |