Support for TLS 1.3

[MaxXor]

Hi, thanks a lot for your work. It would be nice if cryptcheck could support TLS 1.3.

[aeris]

Hello!

It's currently not possible. I'm tied to OpenSSL 1.0.x to support old/deprecated ciphers like SSLv2 or RC4, but 1.2.x is required for TLSv1.3 which remove all deprecated world support with no way to reactivate it at build time. And there is no simple way to use 2 differents OpenSSL binding on the same ruby setup (OpenSSL support is built-in in Ruby core extension…).

I currently working on a pure ruby SSL/TLS stack to support both of the oldest and newest ciphers. But it's quite a long job to fully reimplement TLS :rofl:

[HLFH]

@aeris Hello! Are you still working on cryptcheck-engine? It does not have usage instructions in the README.

[aeris]

o/ here. Currently no more time to develop this part. It's not usable at all at the moment, not a single handshake is possible (close, but not done :D). I hope to be able to have free time to work on it soon !

[stephenhodgkiss]

@aeris - Have you looked any further into expanding the cypher's for TLSv1.3 ?

Reason I am asking is because after implementing SSL configs under Apache and checking with SSL Labs, I am getting an A+ grade with them. However, your site is only giving an E grade, If you need more specifics, please ask.

[aeris]

Have you looked any further into expanding the cypher's for TLSv1.3 ?

Currently it's not at all possible. Supporting SSL and other broken TLS cipher supposed OpenSSL 1.0 or lower and TLSv1.3 OpenSSL 1.1 or better. It needs a huge rework to achieve that and currently I have not enough time for that. 2 ways are possible :

• splitting workers to check on 2 differents ruby stack using 2 differents OpenSSL binding. Some work already done but merging 2 results in one is not that easy
• implementing a full compat pure ruby TLS engine. Currently in progress but it's a hard and long way, but the cleanest

Reason I am asking is because after implementing SSL configs under Apache and checking with SSL Labs, I am getting an A+ grade with them. However, your site is only giving an E grade, If you need more specifics, please ask.

I bet this E is not TLSv1.3 related but something else. You could check on the .json API to display many more information that the ones available on the .html page.

[stephenhodgkiss]

Ok thank you for your quick reply. Regarding checking the .json API I can't do that, as I have not integrated your code myself; it has been implemented by SEARXNG and is now giving unreliable TLS grades.

You can see many users have their own instances here https://searx.space/

An example instance is search.trom.tf where the TLS grade has only an E but SSL Labs is reporting back an A+

[aeris]

With .json API, i mean checking manually what check give the E scoring :blush: For example going here give you many more details than the ones available on the HTML page. In this case the grade is capped to E because presence of DHE negociation and so downgrade attack possible like this one. Currently DHE support is dropped from every decent browser and it presence server side is now just a useless weak point of attack.

[stephenhodgkiss]

Thanks. I checked my particular URL and it returns: -

{"dh":false,"pfs":false,"rsa":false,"tlsv1_0":false,"tlsv1_1":false},"great":{"hsts":true},"warning":{"dhe":true,"hsts":false,"sha1":true},"critical":{"dh":false,"des":false,"dss":false,"md5":false,"rc4":false,"rsa":false,"null":false,"sslv2":false,"sslv3":false,"export":false,"sweet32":false,"md2_sign":false,"md4_sign":false,"md5_sign":false,"sha_sign":false,"anonymous":false,"mdc2_sign":false,"sha1_sign":false}}

[aeris]

So the same, support for DHE & SHA1 cipher suite.

[stephenhodgkiss]

My Apache2 SSL config now has:

SSLCipherSuite !DH:EECDH+AESGCM:EDH+AESGCM:AES256+EDH

This has resulted in A+ grades at your site and also SSL Labs. Thanks for your help, appreciated.

[aeris]

I advice you a simple cipher suite : EECDH+CHACHA20:EECDH+AES:!AESCCM8:!SHA1 You got support for CHACHA20 and CCM cipher and remove sweet32 vulnerable CCM8 (currently not correctly reported in CryptCheck). Just for information, ! negative cipher suite selector is bugged as fuck and should be avoided as far as possible, check the real effect of your selector with openssl ciphers :)

[Gunni]

How about dropping support for old stuff and adding it for tls 1.3, just label any support for old stuff as a fail 😁

[aeris]

Because dropping support for old stuff is also not being able to detect it :rofl: