GNUTLS

Match the required ciphers for the German BSI

BSI TR-02102-2 (german)

For example the ciphers that are defined secure for perfect forward secrecy in that document are:

Cipher-Suite	IANA-No.	Refenrenced	Usable until
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256	0xC0,0x23	[RFC5289]	2027+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384	0xC0,0x24	[RFC5289]	2027+
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256	0xC0,0x2B	[RFC5289]	2027+
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384	0xC0,0x2C	[RFC5289]	2027+
TLS_ECDHE_ECDSA_WITH_AES_128_CCM	0xC0,0xAC	[RFC7251]	2027+
TLS_ECDHE_ECDSA_WITH_AES_256_CCM	0xC0,0xAD	[RFC7251]	2027+
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	0xC0,0x27	[RFC5289]	2027+
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384	0xC0,0x28	[RFC5289]	2027+
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256	0xC0,0x2F	[RFC5289]	2027+
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384	0xC0,0x30	[RFC5289]	2027+
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256	0x00,0x40	[RFC5246]	2027+
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256	0x00,0x6A	[RFC5246]	2027+
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256	0x00,0xA2	[RFC5288]	2027+
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384	0x00,0xA3	[RFC5288]	2027+
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256	0x00,0x67	[RFC5246]	2027+
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256	0x00,0x6B	[RFC5246]	2027+
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256	0x00,0x9E	[RFC5288]	2027+
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384	0x00,0x9F	[RFC5288]	2027+
TLS_DHE_RSA_WITH_AES_128_CCM	0xC0,0x9E	[RFC6655]	2027+
TLS_DHE_RSA_WITH_AES_256_CCM	0xC0,0x9F	[RFC6655]	2027+

The key to the table is: TLS_(key exchange algorithms)_WITH_(ciphers)_(hash algorithms)

So to build a definition for GnuTLS that matches this requirements is:

Some basic security settings: %SERVER_PRECEDENCE:%LATEST_RECORD_VERSION:PFS
Disable defaults, enable only TLSv1.2: -VERS-TLS-ALL:+VERS-TLS1.2:-VERS-DTLS-ALL:-CIPHER-ALL:-KX-ALL:-MAC-ALL:-CURVE-ALL
Set the key exchange algorithms: +ECDHE-RSA:+ECDHE-ECDSA:+DHE-DSS:+DHE-RSA
Set the ciphers: +AES-256-CBC:+AES-128-CBC:+AES-256-GCM:+AES-128-GCM
Set the hash algorithms: +SHA256:+SHA384
Set the wanted curves from the document above: +CURVE-SECP256R1:+CURVE-SECP384R1
Set the signature algorithm used in your certificate: +SIGN-RSA-SHA256

Ans now put ist all together and let us see what happens:

$ gnutls-cli --list CIPHER --priority '%SERVER_PRECEDENCE:%LATEST_RECORD_VERSION:PFS:-VERS-TLS-ALL:+VERS-TLS1.2:-VERS-DTLS-ALL:-CIPHER-ALL:-KX-ALL:-MAC-ALL:-CURVE-ALL:+ECDHE-RSA:+ECDHE-ECDSA:+DHE-DSS:+DHE-RSA:+AES-256-CBC:+AES-128-CBC:+AES-256-GCM:+AES-128-GCM:+SHA256:+SHA384:+CURVE-SECP256R1:+CURVE-SECP384R1:+SIGN-RSA-SHA256'
Cipher suites for %SERVER_PRECEDENCE:%LATEST_RECORD_VERSION:PFS:-VERS-TLS-ALL:+VERS-TLS1.2:-VERS-DTLS-ALL:-CIPHER-ALL:-KX-ALL:-MAC-ALL:-CURVE-ALL:+ECDHE-RSA:+ECDHE-ECDSA:+DHE-DSS:+DHE-RSA:+AES-256-CBC:+AES-128-CBC:+AES-256-GCM:+AES-128-GCM:+SHA256:+SHA384:+CURVE-SECP256R1:+CURVE-SECP384R1:+SIGN-RSA-SHA256
TLS_ECDHE_RSA_AES_256_CBC_SHA384                  	0xc0, 0x28	TLS1.2
TLS_ECDHE_RSA_AES_128_CBC_SHA256                  	0xc0, 0x27	TLS1.2
TLS_ECDHE_ECDSA_AES_256_CBC_SHA384                	0xc0, 0x24	TLS1.2
TLS_ECDHE_ECDSA_AES_128_CBC_SHA256                	0xc0, 0x23	TLS1.2
TLS_DHE_DSS_AES_256_CBC_SHA256                    	0x00, 0x6a	TLS1.2
TLS_DHE_DSS_AES_128_CBC_SHA256                    	0x00, 0x40	TLS1.2
TLS_DHE_RSA_AES_256_CBC_SHA256                    	0x00, 0x6b	TLS1.2
TLS_DHE_RSA_AES_128_CBC_SHA256                    	0x00, 0x67	TLS1.2

Certificate types: CTYPE-X.509
Protocols: VERS-TLS1.2
Compression: COMP-NULL
Elliptic curves: CURVE-SECP256R1, CURVE-SECP384R1
PK-signatures: SIGN-RSA-SHA256, SIGN-ECDSA-SHA256, SIGN-RSA-SHA384, SIGN-ECDSA-SHA384, SIGN-RSA-SHA512, SIGN-ECDSA-SHA512, SIGN-RSA-SHA224, SIGN-ECDSA-SHA224, SIGN-RSA-SHA1, SIGN-ECDSA-SHA1

As you can see it is not all what we would expect, but is faces all what is implemented and can be used with our restrictions in GnuTLS. As far as I know: that's it!

GNUTLS

Match the required ciphers for the German BSI

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools

Categories