3

Update: Many of my problems just had to do with not knowing how to post the client certificate. I've placed those details over here.

I am using Ruby to connect to an SSL server that only supports the TLS_RSA_WITH_AES_256_CBC_SHA256 cipher. I also need to supply a client certificate.

When I look at the available ciphers from OpenSSL::Cipher.ciphers, TLS_RSA_WITH_AES_256_CBC_SHA256 is not listed as an option.

How can I add this cipher to the available ciphers?

Thanks!

Here is my code:

  http = Net::HTTP.new(uri.host, uri.port)
  http.use_ssl = true
  http.cert = OpenSSL::X509::Certificate.new(File.read("my.cer"))
  http.ca_file = 'their_root.cer'
  http.ciphers = ['AES256-SHA256']
  http.verify_mode = OpenSSL::SSL::VERIFY_PEER
  http.ssl_version = :SSLv23
  request = Net::HTTP::Post.new(uri.request_uri)
  request.body = my_xml
  response = http.request(request)

The error I receive:

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert handshake failure

Inspecting the packets shows the server terminates with the message "Handshake Failure (40)" which appears to be a cipher problem.

I am not connecting from the command line, but here are the results of openssl s_client:

$ openssl s_client -connect dir-staging.surescripts.net:443 -tls1 -servername dir-staging.surescripts.net
CONNECTED(00000003)
depth=2 /C=US/O=Surescripts LLC./OU=Surescripts Certification Authorities/CN=Surescripts Root Certification Authority
verify error:num=19:self signed certificate in certificate chain
verify return:0
14089:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52.20.2/src/ssl/s3_pkt.c:1145:SSL alert number 40
14089:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52.20.2/src/ssl/s3_pkt.c:566:
Community
  • 1
  • 1
Tom Rossi
  • 11,604
  • 5
  • 65
  • 96
  • I am trying to connect to an existing private service and just can't seem to get the SSL configured to make it work. – Tom Rossi May 04 '15 at 17:18
  • Edited my answer , but it's really 2 questions now. – steenslag May 04 '15 at 19:49
  • @steenslag I can't figure out if the problem is the cipher or something else. jww pointed out some issues with openssl command line, but no joy yet. – Tom Rossi May 04 '15 at 22:40
  • @Tom - related to *`http.cert = OpenSSL::X509::Certificate.new(File.read("my.cer"))`*... Where are you setting the key to use with the certificate? I think you need a `http.key` in there somewhere.... – jww May 04 '15 at 22:53
  • @jww Where would that come from? The key file I used to create the CSR? – Tom Rossi May 04 '15 at 22:54
  • @Tom - when you created your CSR, you needed a key. Do you recall what you did with the key used for the CSR? You *might* be able to find it *if* its in PEM format with `cd ; grep -R "-----BEGIN" *`. The `-----BEGIN XXX----` is the preamble for PEM encoded stuff. Also see [Create CSR using existing private key](http://stackoverflow.com/q/9471380/608639). – jww May 04 '15 at 22:56

2 Answers2

1

According to openssl, this is also called "AES256-SHA256". According to Ruby lang, AES256-SHA256 is considered insecure and therefor disabled. The link contains a "patch" to re-enable the insecure ciphers.

You may want to seek advise from a security pro about the risks involved for your organisation.

(Edit) The error "self signed certificate in certificate chain" needs to be taken care of.

steenslag
  • 79,051
  • 16
  • 138
  • 171
  • I know you're just the messenger, but... There's nothing wrong with AES256-SHA256. POODLE was a CSRF against user agents like the browser. (Browsers are notoriously insecure due to their security model and design principles). Other user agents were *not* susceptible. You can find a good discussion about it on the TKS Working Group's [Rethink TLS 1.3](https://www.ietf.org/mail-archive/web/tls/current/msg14704.html). And Ruby enables RC4, which we know is weak and wounded. It looks like more Ruby security bugs to me. – jww May 05 '15 at 22:43
0

When I look at the available ciphers from OpenSSL::Cipher.ciphers, TLS_RSA_WITH_AES_256_CBC_SHA256 is not listed as an option.

The following OpenSSL command will list the relevant ciphers for you:

$ openssl ciphers -v 'ALL:!RC4:!MD5:!aNULL' | grep AES256 | grep SHA256`.

The results are:

DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-DSS-AES256-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA256
DH-RSA-AES256-SHA256    TLSv1.2 Kx=DH/RSA   Au=DH   Enc=AES(256)  Mac=SHA256
DH-DSS-AES256-SHA256    TLSv1.2 Kx=DH/DSS   Au=DH   Enc=AES(256)  Mac=SHA256
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256

Based on Is it possible to enable TLS v1.2 in Ruby? If so, how?, you should next try to change the following:

http.ssl_version = :SSLv23

To:

ctx = OpenSSL::SSL::SSLContext.new
ctx.ssl_version = :TLSv1_2

How can I add this cipher to the available ciphers?

Based on the Edit to your question:

$ openssl s_client -connect dir-staging.surescripts.net:443 -tls1 -servername dir-staging.surescripts.net

14089:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52.20.2/src/ssl/s3_pkt.c:1145:SSL alert number 40
14089:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52.20.2/src/ssl/s3_pkt.c:566:

OpenSSL 0.9.8 does not support TLS 1.2. You should move to OpenSSL 1.0.0 or above. OpenSSL 1.0.2 is the latest, and you are encouraged to use it.

Community
  • 1
  • 1
jww
  • 97,681
  • 90
  • 411
  • 885
  • I upgraded openssl and re-ran that command: https://gist.github.com/tomrossi7/030f95513390edce3042 I also updated my code: https://gist.github.com/tomrossi7/3c8d564fedfd22249b3c. Still can't get it to go through – Tom Rossi May 04 '15 at 17:49
  • Check out those gists. Unfortunately I don't have control over that server and it is locked down by IP. – Tom Rossi May 04 '15 at 17:52
  • @Tom - it looks like a problem related to the server or its configuration. You are able to connect, perform key exchange and then arrive at a master key. Then, you inexplicably get an alert 40. Do they want a client certificate? – jww May 04 '15 at 18:29
  • 1
    yes, they want a client certificate. How can I pass it with the openssl command? You can see it in my ruby code. – Tom Rossi May 04 '15 at 22:36
  • @Tom -Damn, I missed that .... Sorry about that. For `s_client`, try the `-cert` option to pass the cert. You will also want `-key` option (and `-certfom` and `-keyform`). Here's the [manpage on `s_client`](https://www.openssl.org/docs/apps/s_client.html). – jww May 04 '15 at 22:39
  • Gotcha. I added the cert and key (both in PEM). Now when I run it https://gist.github.com/tomrossi7/030f95513390edce3042. Is the connection working? – Tom Rossi May 05 '15 at 14:21
  • it looks like that was what was missing. The alert 40 sent me down a rabbit hole, but you helped a ton. Thanks! – Tom Rossi May 05 '15 at 18:54
  • @Tom - Yes, that's correct. If interested, you can clear *"Verify return code: 19 (self signed certificate in certificate chain)"* with the `-CAfile` option to `s_client`. But that's usually a trivial detail. When you get to that point, you are effectively done trouble shooting. – jww May 08 '15 at 23:45