openssl – Nginx with only TLS1.3 cipher suites

I am trying to configure Nginx to use only TLS1.3 with 2 ciphers: TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256.

So, I tried this configuration:

ssl_protocols TLSv1.3;
ssl_ciphers TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256;

But nginx -s reload errors out with

nginx: (emerg) SSL_CTX_set_cipher_list("TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256") failed (SSL: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)", "operationName": "Default", "category": "Default"}

Looks like I need to append at least one non-TLS1.3 cipher to make the config work. I tried various such combinations and they worked. One of them is:

TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384

Why is it so? I think it’s happening because OpenSSL itself doesn’t accept the original ciphersuite string. I am using OpenSSL-1.1.1g.

root@2ed6cae6e062:/azure/appgw# openssl ciphers -v TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256
Error in cipher list
140686067873536:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2558:

There are some useful links I came across but couldn’t figure out how to achieve what I want – using only TLS1.3 ciphersuites.

https://forum.nginx.org/read.php?2,284909,284914#msg-284914
https://trac.nginx.org/nginx/ticket/1529
https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites

ssl – ProFTPD – TLS – Client does not support any cipher

I am running Ubuntu Server 20.04 and proftpd 1.36 and have an issue setting up TLS.

I have followed the guide in the config file, but I get a very odd error. That there is no supported cipher. And then the process breaks with a handshake error. The SSL clienthello message includes a lot of ciphers that is recognised, and that is on the machine.

TLS log:

2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL sessions attempted: 0
2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL sessions established: 0
2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL sessions renegotiated: 0
2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL sessions resumed: 0
2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL sessions in cache: 0
2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL session cache hits: 0
2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL session cache misses: 0
2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL session cache timeouts: 0
2020-06-29 18:16:30,457 mod_tls/2.7(87378): (stat): SSL session cache size exceeded: 0
2020-06-29 18:16:35,242 mod_tls/2.7(87910): TLSOption EnableDiags enabled, setting diagnostics callback
2020-06-29 18:16:35,245 mod_tls/2.7(87910): error initializing OpenSSL context for this session
2020-06-29 18:16:35,247 mod_tls/2.7(87910): TLS/TLS-C requested, starting TLS handshake
2020-06-29 18:16:35,247 mod_tls/2.7(87910): (info) (unknown): before SSL initialization
2020-06-29 18:16:35,247 mod_tls/2.7(87910): (info) accepting: before SSL initialization
2020-06-29 18:16:35,247 mod_tls/2.7(87910): (info) accepting: before SSL initialization
2020-06-29 18:16:35,255 mod_tls/2.7(87910): (msg) received protocol record message (5 bytes)
2020-06-29 18:16:35,255 mod_tls/2.7(87910): (info) accepting: before SSL initialization
2020-06-29 18:16:35,255 mod_tls/2.7(87910): (msg) received TLSv1.3 'ClientHello' Handshake message (368 bytes)
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (msg)
ClientHello:
  client_version = TLS 1.2
  random:
    gmt_unix_time = Thu Oct 20 14:46:18 1904 (not guaranteed to be accurate)
    random_bytes (28 bytes)
      5820ebe66e5afa9ec7d9cfc5d69fd7b97698ba054091bd338c918587
  session_id (0 bytes)
  cipher_suites (58 bytes)
    TLS_AES_256_GCM_SHA384
    TLS_CHACHA20_POLY1305_SHA256
    TLS_AES_128_GCM_SHA256
    (unknown/unsupported)
    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    (unknown/unsupported)
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
    (unknown/unsupported)
    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
    (unknown/unsupported)
    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    (unknown/unsupported)

    TLS_RSA_WITH_AES_256_CBC_SHA
    (unknown/unsupported)
    TLS_RSA_WITH_AES_128_GCM_SHA256
    TLS_RSA_WITH_AES_128_CBC_SHA
    (unknown/unsupported)
    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
    (unknown/unsupported)
    TLS_DHE_RSA_WITH_AES_256_CBC_SHA
    (unknown/unsupported)
    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA
    (unknown/unsupported)
  compression_methods (1 byte)
    None
  extensions (265 bytes)
    extension_type = status_request (5 bytes)
    extension_type = elliptic_curves (22 bytes)
    extension_type = ec_point_formats (2 bytes)
    extension_type = signature_algorithms (34 bytes)
    extension_type = encrypt_then_mac (0 bytes)
    extension_type = extended_master_secret (0 bytes)
    extension_type = session_ticket (0 bytes)
    extension_type = key_share (139 bytes)
    extension_type = supported_versions (9 bytes)
    extension_type = renegotiate (1 byte)
    extension_type = psk_kex_modes (3 bytes)
    extension_type = (unknown/unsupported) (2 bytes)

2020-06-29 18:16:35,256 mod_tls/2.7(87910): (msg) sent protocol record message (5 bytes)
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (msg) sent TLSv1.2 fatal 'handshake_failure' Alert message (2 bytes)
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (info) writing: SSL/TLS alert fatal: handshake failure
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (info) accepting: error
2020-06-29 18:16:35,256 mod_tls/2.7(87910): unable to accept TLS connection: protocol error:
  (1) error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher
2020-06-29 18:16:35,256 mod_tls/2.7(87910): unable to accept TLS connection: client does not support any cipher from 'TLSCipherSuite DEFAULT:!ADH:!EXPORT:!DES' (see `openssl ciphers DE>
2020-06-29 18:16:35,256 mod_tls/2.7(87910): TLS/TLS-C negotiation failed on control channel
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL sessions attempted: 1
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL sessions established: 0
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL sessions renegotiated: 0
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL sessions resumed: 0
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL sessions in cache: 0
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL session cache hits: 0
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL session cache misses: 0
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL session cache timeouts: 0
2020-06-29 18:16:35,256 mod_tls/2.7(87910): (stat): SSL session cache size exceeded: 0

Output of openssl

openssl ciphers -v 'DEFAULT:!ADH:!EXPORT:!DES'
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH       Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES256-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
ECDHE-RSA-AES256-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
ECDHE-ECDSA-AES128-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA1
ECDHE-RSA-AES128-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
RSA-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=AESGCM(256) Mac=AEAD
RSA-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=ECDHEPSK Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
PSK-AES256-GCM-SHA384   TLSv1.2 Kx=PSK      Au=PSK  Enc=AESGCM(256) Mac=AEAD
PSK-CHACHA20-POLY1305   TLSv1.2 Kx=PSK      Au=PSK  Enc=CHACHA20/POLY1305(256) Mac=AEAD
RSA-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=RSAPSK   Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=DHEPSK   Au=PSK  Enc=AESGCM(128) Mac=AEAD
AES128-GCM-SHA256       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD
PSK-AES128-GCM-SHA256   TLSv1.2 Kx=PSK      Au=PSK  Enc=AESGCM(128) Mac=AEAD
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
AES128-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(256)  Mac=SHA384
ECDHE-PSK-AES256-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(256)  Mac=SHA1
SRP-RSA-AES-256-CBC-SHA SSLv3 Kx=SRP      Au=RSA  Enc=AES(256)  Mac=SHA1
SRP-AES-256-CBC-SHA     SSLv3 Kx=SRP      Au=SRP  Enc=AES(256)  Mac=SHA1
RSA-PSK-AES256-CBC-SHA384 TLSv1 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384
DHE-PSK-AES256-CBC-SHA384 TLSv1 Kx=DHEPSK   Au=PSK  Enc=AES(256)  Mac=SHA384
RSA-PSK-AES256-CBC-SHA  SSLv3 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-PSK-AES256-CBC-SHA  SSLv3 Kx=DHEPSK   Au=PSK  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
PSK-AES256-CBC-SHA384   TLSv1 Kx=PSK      Au=PSK  Enc=AES(256)  Mac=SHA384
PSK-AES256-CBC-SHA      SSLv3 Kx=PSK      Au=PSK  Enc=AES(256)  Mac=SHA1
ECDHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA256
ECDHE-PSK-AES128-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA1
SRP-RSA-AES-128-CBC-SHA SSLv3 Kx=SRP      Au=RSA  Enc=AES(128)  Mac=SHA1
SRP-AES-128-CBC-SHA     SSLv3 Kx=SRP      Au=SRP  Enc=AES(128)  Mac=SHA1
RSA-PSK-AES128-CBC-SHA256 TLSv1 Kx=RSAPSK   Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=DHEPSK   Au=PSK  Enc=AES(128)  Mac=SHA256
RSA-PSK-AES128-CBC-SHA  SSLv3 Kx=RSAPSK   Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-PSK-AES128-CBC-SHA  SSLv3 Kx=DHEPSK   Au=PSK  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
PSK-AES128-CBC-SHA256   TLSv1 Kx=PSK      Au=PSK  Enc=AES(128)  Mac=SHA256
PSK-AES128-CBC-SHA      SSLv3 Kx=PSK      Au=PSK  Enc=AES(128)  Mac=SHA1

As you can see there is plenty of matching ciphers. So why do I get this error??

———– Bonus info———-
I have tried changing the Cipher to a single cipher, to every cipher, still same error.
I have tried changing the protocol, still same error.
Google has not helped me find a solution, all errors seems to be with actual missing certificates, or not related.
proftpd tls config for completions sake:

#
# Proftpd sample configuration for FTPS connections.
#
# Note that FTPS impose some limitations in NAT traversing.
# See http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html
# for more information.
#

<IfModule mod_tls.c>
TLSEngine                               on
TLSLog                                  /var/log/proftpd/tls.log
TLSProtocol                             SSLv23
#
# Server SSL certificate. You can generate a self-signed certificate using 
# a command like:
#
# openssl req -x509 -newkey rsa:1024 
#          -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt 
#          -nodes -days 365
#
# The proftpd.key file must be readable by root only. The other file can be
# readable by anyone.
#
# chmod 0600 /etc/ssl/private/proftpd.key 
# chmod 0640 /etc/ssl/private/proftpd.key
# 
TLSRSACertificateFile                   /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile                /etc/ssl/private/proftpd.key
#
# CA the server trusts...
#TLSCACertificateFile            /etc/ssl/certs/CA.pem
# ...or avoid CA cert and be verbose
TLSOptions                      NoCertRequest EnableDiags 
# ... or the same with relaxed session use for some clients (e.g. FireFtp)
#TLSOptions                      NoCertRequest EnableDiags NoSessionReuseRequired
#
#
# Per default drop connection if client tries to start a renegotiate
# This is a fix for CVE-2009-3555 but could break some clients.
#
#TLSOptions                             AllowClientRenegotiations
#
# Authenticate clients that want to use FTP over TLS?
#
#TLSVerifyClient                         off
#
# Are clients required to use FTP over TLS when talking to this server?
#
TLSRequired                             auth
#
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotations.  Some clients do not support
# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
# clients will close the data connection, or there will be a timeout
# on an idle data connection.
#
#TLSRenegotiate                          required off
</IfModule>

beginner – Caesar Cipher [The Odin Project-Javascript Exercise]

Very new to coding, so please don’t bully me.

Implement the legendary caesar cipher:

In cryptography, a Caesar cipher, also known as Caesar’s cipher, the shift cipher, Caesar’s code or Caesar shift, is one of the simplest and most widely known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a left shift of 3, D would be replaced by A, E would become B, and so on. The method is named after Julius Caesar, who used it in his private correspondence.

Question: Write a function that takes a string to be encoded and a shift factor and then returns the encoded string:

caesar(‘A’, 1) // simply shifts the letter by 1: returns ‘B’ the cipher should retain capitalization:

caesar(‘Hey’, 5) // returns ‘Mjd; should not shift punctuation:

caesar(‘Hello, World!’, 5) //returns ‘Mjqqt, Btwqi!’ the shift should wrap around the alphabet:

caesar(‘Z’, 1) // returns ‘A’ negative numbers should work as well:

caesar(‘Mjqqt, Btwqi!’, -5) // returns ‘Hello, World!’

My Solution:

function caesar(string, num) {
let arr = ();
for(let i=0;i<string.length;i++)
  {if(!(/(a-zA-Z)/.test(string(i))))
    {arr(i)=string(i); continue;}
  let n = string.charCodeAt(i) + num;
  if (string(i) == string(i).toLowerCase()) 
    {if(n>122)  
      {while(n>122)
        {n-=26;}} 
     else  
      {while(n<97)
        {n+=26;}
      }
    }
  else
    {if(n>90)
      {while(n>90)
        {n-=26;}
      } 
     else 
      {while(n<65)
        {n+=26;}
      }
    }
  arr(i)=String.fromCharCode(n);    
  }
console.log(arr.join(''));
}
caesar("Hello, World!", 2);
caesar("Hello, World!", 75);

The code is working perfectly as per requirement, but please help me with a better solution if possible.

And if you do, please use comments to extensively explain the working process, as I’m quite the noob.

do you change your cpanl’s SSL Cipher Suite and SSL/TLS Protocols ?


‘);
var sidebar_align = ‘right’;
var content_container_margin = parseInt(‘350px’);
var sidebar_width = parseInt(‘330px’);
//–>


All times are GMT -4. The time now is 04:08 PM.





© WebHostingTalk, 1998-2020. All Rights Reserved.

tls – Do Cipher Suites matter under attack using sslsqueeze tool?

I find that sslsqueeze tool can carry attack on SSL/TLS server and does not need to perform any cryptographic operations. I think that no matter which cipher suite used in handshakes, the tool consumes the same CPU power.

Then do cipher suites used in handshakes a factor to make the server more susceptible to the attack using sslsqueeze tool?

If cipher suites really matter, does it mean that attacker can specify certain cipher suite for handshake to make the attack more likely to succeed?

tls – Why does TLS1.3 use same cipher suite for RSA and ECC key pairs?

As per this answer RSA and ECC certificates should use different cipher suites. I tried to test it. It holds true for TLSv1.2. But for TLSv1.3 I see same cipher suite being used for both types of certificates(Tested via Google Chrome=>Dev Tools=>Security). Why is that?

Here is how I generated an ECC cert:

openssl ecparam -out nginx.key -name prime256v1 -genkey
openssl req -new -key nginx.key -out csr.pem
openssl req -x509 -nodes -days 365 -key nginx.key -in csr.pem -out nginx.pem

Generating RSA cert:

 openssl genrsa -out rsa.key 2048
 openssl req -x509 -new -nodes -key rsa.key -days 7300 -out rsa.pem

With TLS1.3 both the certs result in usage of same cipher suite:

The connection to this site is encrypted and authenticated using TLS 1.3,
 X25519, and AES_256_GCM.

With TLS1.2, RSA cert:

    The connection to this site is encrypted and authenticated using TLS 1.2,
 ECDHE_RSA with X25519, and AES_256_GCM.

With TLS1.2, ECC cert:

The connection to this site is encrypted and authenticated using TLS 1.2, 
ECDHE_ECDSA with X25519, and AES_256_GCM.

tls – The cipher suite is different in "hello client" for the same code executed on different platforms

I am facing an error "Alert: contact failed (40)" when I try to establish a TLS connection. The error only occurs when I run the same application on the cloud, it works when I run the application on the HPG8 server. The operating system is the same Redhat 7. By checking the traces, I found that the cipher suite in "Hello customer" is much less in the case of error than in the case worked , and the cipher suite supported by the TLS server is just missed in the "hello client" of the error case. I want to know what will have an impact on the cipher suite that contains in the "hello customer"?

The openssl version is the same (1.1.1d) for both cases, the Redhat version has a little difference. TLS1.2 is used. The key file and the cert file are also the same.

In the code, I use SSL_set_cipher_list to define the encryption chain as "ALL :! DH :! EXP :! RC4: @STRENGTH".

SSL_set_cipher_list(ssl, "ALL:!DH:!EXP:!RC4:@STRENGTH");

I also checked the source code for openssl, but I didn't find a lot of clues.

Encryption suite in the event of failure:

Cipher Suites (25 suites)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
    Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 (0xc0af)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CCM (0xc0ad)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 (0xc05d)
    Cipher Suite: TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 (0xc061)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
    Cipher Suite: TLS_RSA_WITH_AES_256_CCM_8 (0xc0a1)
    Cipher Suite: TLS_RSA_WITH_AES_256_CCM (0xc09d)
    Cipher Suite: TLS_RSA_WITH_ARIA_256_GCM_SHA384 (0xc051)
    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (0xc0ae)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CCM (0xc0ac)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 (0xc05c)
    Cipher Suite: TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 (0xc060)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
    Cipher Suite: TLS_RSA_WITH_AES_128_CCM_8 (0xc0a0)
    Cipher Suite: TLS_RSA_WITH_AES_128_CCM (0xc09c)
    Cipher Suite: TLS_RSA_WITH_ARIA_128_GCM_SHA256 (0xc050)
    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041)
    Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)

Encryption suite for a successful case (0xc02f is the suite that the server returned in "hello to the server"):

Cipher Suites (45 suites)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
    Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 (0xc0af)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CCM (0xc0ad)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 (0xc05d)
    Cipher Suite: TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 (0xc061)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 (0xc073)
    Cipher Suite: TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 (0xc077)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
    Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
    Cipher Suite: TLS_RSA_WITH_AES_256_CCM_8 (0xc0a1)
    Cipher Suite: TLS_RSA_WITH_AES_256_CCM (0xc09d)
    Cipher Suite: TLS_RSA_WITH_ARIA_256_GCM_SHA384 (0xc051)
    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (0x00c0)
    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
    Cipher Suite: **TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256** (0xc02f)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (0xc0ae)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CCM (0xc0ac)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 (0xc05c)
    Cipher Suite: TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 (0xc060)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 (0xc072)
    Cipher Suite: TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0xc076)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
    Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
    Cipher Suite: TLS_RSA_WITH_AES_128_CCM_8 (0xc0a0)
    Cipher Suite: TLS_RSA_WITH_AES_128_CCM (0xc09c)
    Cipher Suite: TLS_RSA_WITH_ARIA_128_GCM_SHA256 (0xc050)
    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0x00ba)
    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
    Cipher Suite: TLS_RSA_WITH_SEED_CBC_SHA (0x0096)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041)
    Cipher Suite: TLS_RSA_WITH_IDEA_CBC_SHA (0x0007)
    Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)

What is the purpose of coupling TLS cipher suites? Why are they matched as they are?

Why are there predefined sets of cipher suites. Why is it not recommended to create your own cipher suites.

encryption – Name of a Ceasar Cipher that uses random offsets?

In a traditional Ceasar Cipher, you choose a specific offset such as "plus three" so that to encrypt each character of a message, you count three letters up from the entry and to decrypt you count three letters down from the entry. For example, "APPLE" would become "DSSOH" where D is A + 3, S is P + 3, etc.

I have seen a variant of this where the key is used as the seed of a random number generator instead of a constant offset, and these random offsets are then used to code the message. This has the advantage that the same input characters are not mapped to the same output characters. For example, my RNG could generate a sequence of 3 7 5 0 2, so "APPLE" would become "DWULG" where D is A + 3, W is P + 7, U is P + 5, etc.

Since the random number generator is deterministic, you can redefine the RNG with the original key and generate the same random sequence to decode.

Is there a specific name for this type of encryption?

Beginner – Atbash Cipher in Rust – Exercise Exercise

So I'm working on an implementation of Atbash encryption for Rust – it's an exercise on physical exercise. I come from a little experience and found that my code was rather round and tortured. Doing str handling and ropes in Rust is something that I have not really blamed yet. It seems like it would take fewer lines of code in C.

The code below is my code – am I doing the right thing for Rust, or is it missing an important concept or way to minimize the data? Is it as simple as it should be?

Exercise involves obtaining a contribution &str and take out a String, with each character modified according to the atbash code, adding a space every 5 characters. Included is also a decode a function. All this goes in a lib.rs.

// "Encipher" with the Atbash cipher.
pub fn encode(plain: &str) -> String {
    let mut coded: String = plain.to_string();

    coded.retain(|c| c.is_ascii_alphanumeric());
    coded.make_ascii_lowercase();

    let coded_no_spacing = String::from_utf8(
        coded
            .bytes()
            .map(|c| {
                if c.is_ascii_alphabetic() {
                    122 - c + 97
                } else {
                    c
                }
            })
            .collect(),
    )
    .unwrap();

    spacer(coded_no_spacing)
}

/// "Decipher" with the Atbash cipher.
pub fn decode(cipher: &str) -> String {
    let mut out = encode(cipher);
    out.retain(|c| c.is_ascii_alphanumeric());
    out
}

fn spacer(coded_no_spacing: String) -> String {
    let mut coded_no_spacing = coded_no_spacing.chars();

    let mut temp_char = coded_no_spacing.next();
    let mut counter = 0;
    let mut coded_with_spaces = "".to_string();
    while temp_char.is_some() {
        if counter % 5 == 0 && counter != 0 {
            coded_with_spaces.push(' ');
        }
        coded_with_spaces.push(temp_char.unwrap());
        temp_char = coded_no_spacing.next();
        counter += 1;
    }
    coded_with_spaces
}
```