Is there a way to disable a specific cipher suite in openssl? If so, how to do it?
To answer the direct question about disabling a particular cipher suite, do this by removing it from the cipher suite list passed to SSL_CTX_set_cipher_list or SSL_CTX_set_cipher_list :
int rc = SSL_CTX_set_cipher_list(ctx, "ALL:!NULL-MD5:!NULL-SHA"); assert(0 != rc);
You can do this on SSL* with:
int rc = SSL_set_cipher_list(ssl, "ALL:!NULL-MD5:!NULL-SHA"); assert(0 != rc);
In the above example, NULL-MD5 is SSL_RSA_WITH_NULL_MD5 , and NULL-SHA is SSL_RSA_WITH_NULL_SHA . You can get a list of mappings from openssl ciphers .
You can also disable export ciphers with !EXP :
int rc = SSL_CTX_set_cipher_list(ctx, "ALL:!EXP"); assert(0 != rc);
And you can do it on SSL* with:
int rc = SSL_set_cipher_list(ssl, "ALL:!EXP"); assert(0 != rc);
You can see that "ALL:!EXP" equivalent to the OpenSSL command (pay attention to a single quote so that the shell does not master the blow):
$ openssl ciphers 'ALL:!EXP' ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384: ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA: SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384...
You can count the number of cipher suites with:
$ openssl ciphers 'ALL:!EXP' | tr ':' ' ' | wc -w 124
This suggests that your ClientHello will use at least 248 bytes due to 124 cipher suites. Ideally, you should advertise 16 or more suites that you really need.
Usually you only configure your cipher numbers with "HIGH" . It excludes "MEDIUM" , "LOW" and "EXP" . This is what my call looks like:
int rc = SSL_CTX_set_cipher_list(ctx, "HIGH:!ADH:!MD5:!RC4:!SRP:!PSK:!DSS"); assert(0 != rc);
Be sure to exclude anonymous submission ( !ADH ) as it is enabled by default. !MD5 and !RC4 are used because they are weak / injured. !SRP !PSK and !DSS are used to trim the list of ciphers, as they are not commonly used.
You can also do the same with SSL* and SSL_set_cipher_list .
If you call SSL_CTX_set_cipher_list and SSL_set_cipher_list on the server, the list of encryption packets will be further truncated depending on the type of key in the certificate.
In the previous block, I said ... how my call sometimes looks. I usually like to specify 16 or so with which I want to use:
string GetCipherSuites() { static string ciphers = "" #if defined(ALLOW_ECDSA) "ECDHE-ECDSA-AES256-GCM-SHA384:" "ECDHE-ECDSA-AES128-GCM-SHA256:" #endif "ECDHE-RSA-AES256-GCM-SHA384:" "ECDHE-RSA-AES128-GCM-SHA256:" #if defined(ALLOW_DSA) "DHE-DSS-AES256-GCM-SHA384:" #endif "DHE-RSA-AES256-GCM-SHA384:" #if defined(ALLOW_DSA) "DHE-DSS-AES128-GCM-SHA256:" #endif "DHE-RSA-AES128-GCM-SHA256:" #if defined(ALLOW_DSA) "DHE-DSS-AES256-SHA:" #endif "DHE-RSA-AES256-SHA:" #if defined(ALLOW_DSA) "DHE-DSS-AES128-SHA:" #endif "DHE-RSA-AES128-SHA:" #if defined(ALLOW_DSA) "EDH-DSS-DES-CBC3-SHA:" #endif "EDH-RSA-DES-CBC3-SHA:" #if defined(ALLOW_DSA) "DH-DSS-DES-CBC3-SHA:" #endif "DH-RSA-DES-CBC3-SHA:"; return ciphers; }