为什么Node.js TLS支持的密码不对应openssl支持的密码?

时间:2014-01-21 08:01:47

标签: node.js security ssl encryption openssl

根据openssl,这些是它支持的密码:

 DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
 DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
 AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
 EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
 EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
 DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
 DES-CBC3-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=MD5 
 DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
 DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
 AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
 RC2-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=RC2(128)  Mac=MD5 
 RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
 RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5 
 RC4-MD5                 SSLv2 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5 
 EDH-RSA-DES-CBC-SHA     SSLv3 Kx=DH       Au=RSA  Enc=DES(56)   Mac=SHA1
 EDH-DSS-DES-CBC-SHA     SSLv3 Kx=DH       Au=DSS  Enc=DES(56)   Mac=SHA1
 DES-CBC-SHA             SSLv3 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=SHA1
 DES-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=MD5 
 EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=RSA  Enc=DES(40)   Mac=SHA1 export
 EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=DSS  Enc=DES(40)   Mac=SHA1 export
 EXP-DES-CBC-SHA         SSLv3 Kx=RSA(512) Au=RSA  Enc=DES(40)   Mac=SHA1 export
 EXP-RC2-CBC-MD5         SSLv3 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
 EXP-RC2-CBC-MD5         SSLv2 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
 EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
 EXP-RC4-MD5             SSLv2 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export

我在端口443上运行一个简单的node.js https服务器。当我运行sslscan时,以下是Accepted密码:

 Accepted  SSLv3  256 bits  AES256-SHA
 Accepted  SSLv3  128 bits  AES128-SHA
 Accepted  SSLv3  168 bits  DES-CBC3-SHA
 Accepted  SSLv3  128 bits  RC4-SHA
 Accepted  TLSv1  256 bits  AES256-SHA
 Accepted  TLSv1  128 bits  AES128-SHA
 Accepted  TLSv1  168 bits  DES-CBC3-SHA
 Accepted  TLSv1  128 bits  RC4-SHA

我不明白的是,为什么实际支持的密码列表会短得多?

更令人困惑的是,当我在节点中获得支持的密码列表tls.getCiphers()时,我找到一个很长的列表:

  

['aes128-gcm-sha256',     'AES128-SHA',     'AES128-SHA256',     'AES256-GCM-SHA384',     'AES256-SHA',     'AES256-SHA256',     “camellia128莎”,     “camellia256莎”,     'DES-CBC-SHA',     'DES-CBC3-SHA',     'DHE-DSS-AES128-GCM-SHA256',     'DHE-DSS-AES128-SHA',     'DHE-DSS-AES128-SHA256',     'DHE-DSS-AES256-GCM-SHA384',     'DHE-DSS-AES256-SHA',     'DHE-DSS-AES256-SHA256',     'DHE-DSS-camellia128-SHA',     'DHE-DSS-camellia256-SHA',     'DHE-DSS种子-SHA',     'DHE-RSA-AES128-GCM-SHA256',     'DHE-RSA-AES128-SHA',     'DHE-RSA-AES128-SHA256',     'DHE-RSA-AES256-GCM-SHA384',     'DHE-RSA-AES256-SHA',     'DHE-RSA-AES256-SHA256',     'DHE-RSA-camellia128-SHA',     'DHE-RSA-camellia256-SHA',     'DHE-RSA-种子-SHA',     'ECDH-ECDSA-AES128-GCM-SHA256',     'ECDH-ECDSA-AES128-SHA',     'ECDH-ECDSA-AES128-SHA256',     'ECDH-ECDSA-AES256-GCM-SHA384',     'ECDH-ECDSA-AES256-SHA',     'ECDH-ECDSA-AES256-SHA384',     'ECDH-ECDSA-DES-CBC3-SHA',     'ECDH-ECDSA-RC4-SHA',     'ECDH-RSA-AES128-GCM-SHA256',     'ECDH-RSA-AES128-SHA',     'ECDH-RSA-AES128-SHA256',     'ECDH-RSA-AES256-GCM-SHA384',     'ECDH-RSA-AES256-SHA',     'ECDH-RSA-AES256-SHA384',     'ECDH-RSA-DES-CBC3-SHA',     'ECDH-RSA-RC4-SHA',     'ecdhe-ECDSA-AES128-GCM-SHA256',     'ecdhe-ECDSA-AES128-SHA',     'ecdhe-ECDSA-AES128-SHA256',     'ecdhe-ECDSA-AES256-GCM-SHA384',     'ecdhe-ECDSA-AES256-SHA',     'ecdhe-ECDSA-AES256-SHA384',     'ecdhe-ECDSA-DES-CBC3-SHA',     'ecdhe-ECDSA-RC4-SHA',     'ecdhe-RSA-AES128-GCM-SHA256',     'ecdhe-RSA-AES128-SHA',     'ecdhe-RSA-AES128-SHA256',     'ecdhe-RSA-AES256-GCM-SHA384',     'ecdhe-RSA-AES256-SHA',     'ecdhe-RSA-AES256-SHA384',     'ecdhe-RSA-DES-CBC3-SHA',     'ecdhe-RSA-RC4-SHA',     'EDH-DSS-DES-CBC-SHA',     'EDH-DSS-DES-CBC3-SHA',     'EDH-RSA-DES-CBC-SHA',     'EDH-RSA-DES-CBC3-SHA',     'EXP-DES-CBC-SHA',     'EXP-EDH-DSS-DES-CBC-SHA',     'EXP-EDH-RSA-DES-CBC-SHA',     'EXP-RC2-CBC-MD5',     'EXP-RC4-MD5',     'IDEA-CBC-SHA',     'PSK-3DES-EDE-CBC-SHA',     'PSK的AES-128-CBC-SHA',     'PSK-AES256-CBC-SHA',     'PSK-RC4-SHA',     'RC4-MD5',     'RC4-SHA',     '种子-SHA',     'SRP-DSS-3DES-EDE-CBC-SHA',     'SRP-DSS-AES-128-CBC-SHA',     'SRP-DSS-AES-256-CBC-SHA',     'SRP-RSA-3DES-EDE-CBC-SHA',     'SRP-RSA-AES-128-CBC-SHA',     'srp-rsa-aes-256-cbc-sha']

2 个答案:

答案 0 :(得分:2)

第一个列表是SSLv3的所有密码。目前已经定义了TLS 1.0,TLS 1.1和TLS.2。所以这些是较旧的密码。

第二个列表是客户端(sslscan)和&#2中可用的密码列表。握手时的服务器。

最后,最后一个似乎是NodeJS中存在的(但可能没有配置?)的完整密码列表。

请注意,OpenSSL文档非常稀疏且经常过时,而且NodeJS稍微好一些。

答案 1 :(得分:0)

默认情况下,Node会禁用许多较旧的,不安全的密码。您可以在node documentation中看到默认启用的密码(请注意,这可能会因您使用的节点版本而异。)

正如jww所述,sslscan的旧版本(您似乎正在使用)并不支持TLSv1.1 / 1.2,因此无法检测到一些较新的密码(如GCM套件) )。 updated version确实如此。