HTTPServer with AES256 encryption

298 views
Skip to first unread message

asl...@amaryllo.eu

unread,
Dec 1, 2014, 3:40:40 AM12/1/14
to python-...@googlegroups.com
Hi,

I try to set ADH-AES256-SHA in HTTPServer, but it still doesn't work.
Here is my code:

    ssl_args = {
        'certfile': '%s/ssl.crt' % WEB_WORKING_PATH,
        'keyfile': '%s/ssl.key' % WEB_WORKING_PATH,
        'ciphers': 'ADH-AES256-SHA'
    };

    server = tornado.httpserver.HTTPServer(application, ssl_options=ssl_args)

And the error message is:

[W 141201 16:37:53 iostream:1184] SSL Error on 9 ('192.168.7.2', 51850): [Errno 1] _ssl.c:510: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
[E 141201 16:37:53 http1connection:683] Uncaught exception
    Traceback (most recent call last):
      File "/usr/local/lib/python2.7/dist-packages/tornado-4.0.2-py2.7-linux-x86_64.egg/tornado/http1connection.py", line 674, in _server_request_loop
        ret = yield conn.read_response(request_delegate)
      File "/usr/local/lib/python2.7/dist-packages/tornado-4.0.2-py2.7-linux-x86_64.egg/tornado/gen.py", line 628, in run
        value = future.result()
      File "/usr/local/lib/python2.7/dist-packages/tornado-4.0.2-py2.7-linux-x86_64.egg/tornado/concurrent.py", line 109, in result
        raise_exc_info(self._exc_info)
      File "/usr/local/lib/python2.7/dist-packages/tornado-4.0.2-py2.7-linux-x86_64.egg/tornado/gen.py", line 631, in run
        yielded = self.gen.throw(*sys.exc_info())
      File "/usr/local/lib/python2.7/dist-packages/tornado-4.0.2-py2.7-linux-x86_64.egg/tornado/http1connection.py", line 165, in _read_message
        io_loop=self.stream.io_loop)
      File "/usr/local/lib/python2.7/dist-packages/tornado-4.0.2-py2.7-linux-x86_64.egg/tornado/gen.py", line 628, in run
        value = future.result()
      File "/usr/local/lib/python2.7/dist-packages/tornado-4.0.2-py2.7-linux-x86_64.egg/tornado/concurrent.py", line 111, in result
        raise self._exception
    SSLError: [Errno 1] _ssl.c:510: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher


Actually, I just want to use 256 bits encryption in https. But I never thins it's so hard to change it.
Does anyone can help me?

asl...@amaryllo.eu

unread,
Dec 1, 2014, 4:00:46 AM12/1/14
to python-...@googlegroups.com
Hi all,

Sorry, I find the answer. The answer is ADH-AES256-SHA is not supported in TLSv1.2.
So if I change to use AES256-SHA, and then it works.

Thanks!!!

Ben Darnell

unread,
Dec 1, 2014, 8:06:47 AM12/1/14
to Tornado Mailing List
"ADH" means this is an anonymous cipher; it's almost certainly not what you want because it is vulnerable to MITM attacks. It's not a versioning issue; the client is refusing to use anonymous ciphers unless you've specifically configured it to do so.

Also, perfect forward secrecy is a bigger issue in practice than the difference between AES128 and AES256, so you probably want to use an ECDH or DH cipher when available. This guide describes best current practices and has a cipher suite string you can use:

-Ben

--
You received this message because you are subscribed to the Google Groups "Tornado Web Server" group.
To unsubscribe from this group and stop receiving emails from it, send an email to python-tornad...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

asl...@amaryllo.eu

unread,
Dec 1, 2014, 9:16:31 PM12/1/14
to python-...@googlegroups.com
In https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/, it says I can get the best ciphers by using the following command:

openssl ciphers -v 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS'

According this output list, I pick out 256 bits ciphers and here is the result:

ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
ECDHE-ECDSA-AES256-SHA  SSLv3 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
ECDH-RSA-AES256-SHA384  TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256)  Mac=SHA384
ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA384
ECDH-RSA-AES256-SHA     SSLv3 Kx=ECDH/RSA Au=ECDH Enc=AES(256)  Mac=SHA1
ECDH-ECDSA-AES256-SHA   SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1


I think you suggest me use ECDH or DHE ciphers to instead of AES256-SHA.
So I tried every possible item is shown as above, no one works except AES256-SHA.

Any suggestion about this?




On Monday, December 1, 2014 4:40:40 PM UTC+8, asl...@amaryllo.eu wrote:

Ben Darnell

unread,
Dec 2, 2014, 11:24:16 PM12/2/14
to Tornado Mailing List
On Mon, Dec 1, 2014 at 9:16 PM, <asl...@amaryllo.eu> wrote:
In https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/, it says I can get the best ciphers by using the following command:

openssl ciphers -v 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS'


Don't pick just one cipher out of this list; use that string as-is for the "ciphers" argument (you can tweak it a bit, e.g. add a ":!AES128" at the end to exclude AES128 if you want to. Use "openssl ciphers -v" to make sure that the results are as you expect). That gives the server the flexibility to choose any cipher from the allowed list, which is important if you want to support all major web browsers. If you are in a more limited environment where you control both the clients and the servers then it might make sense to choose a single cipher, although even then I probably wouldn't bother unless you have very specific reasons.

 
According this output list, I pick out 256 bits ciphers and here is the result:

ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
ECDHE-ECDSA-AES256-SHA  SSLv3 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
ECDH-RSA-AES256-SHA384  TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256)  Mac=SHA384
ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA384
ECDH-RSA-AES256-SHA     SSLv3 Kx=ECDH/RSA Au=ECDH Enc=AES(256)  Mac=SHA1
ECDH-ECDSA-AES256-SHA   SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1


I think you suggest me use ECDH or DHE ciphers to instead of AES256-SHA.
So I tried every possible item is shown as above, no one works except AES256-SHA.

Any suggestion about this?

I don't know. How are you testing? What client are you using and how is it configured?

-Ben
 

--

asl...@amaryllo.eu

unread,
Dec 3, 2014, 3:55:35 AM12/3/14
to python-...@googlegroups.com
For example, I write the code for testing ECDHE-RSA-AES256-SHA
    ssl_args = {
        'ca_certs': '%s/%s' % (WEB_WORKING_PATH, options.ssl_ca) if options.ssl_ca else None,
        'certfile': '%s/%s' % (WEB_WORKING_PATH, options.ssl_cert) if options.ssl_cert else None,
        'keyfile': '%s/%s' % (WEB_WORKING_PATH, options.ssl_key) if options.ssl_key else None,
        'ciphers': 'ECDHE-RSA-AES256-SHA'
    };

    server = tornado.httpserver.HTTPServer(application, ssl_options=ssl_args)
    server.listen(options.web_port)
    tornado.ioloop.IOLoop.instance().start()

daemon_context = daemon.DaemonContext()


Then, use FF33 to connect it. Only that.
But I always get "no shared cipher" error on my server side.



On Monday, December 1, 2014 4:40:40 PM UTC+8, asl...@amaryllo.eu wrote:
Reply all
Reply to author
Forward
0 new messages