terminology : the X509 standard defines certificates, and RSA and DSA are two of the public key algorithms that can be used in those certificates; certificates are used to hold public keys, and never private keys. PKCS#12 is a standard for a container which holds an X509 client certificates and private keys So, if you're examining a PKCS#12 file (typically .p12 extension or a .pfx extension), then you already know: It contains at least one X509 client certificate and corresponding private keys. All you don't know is whether those certificate & private key are RSA or DSA algorithms
You can check this by extracting the certificate(s), and then examine them:openssl pkcs12 -in mycert.p12 -clcerts -nokeys -out mycert.crt openssl x509 -in mycert.crt -text The text output of the openssl x509 command should include a Subject Public Key section, which will include fields that let you see if it's an RSA or DSA key (along with the key size). http://stackoverflow.com/questions/1722181/determine-certificate-type PublicKey Generation: to generate a public-key from PKCS12 privateKeyAndX509Cert use openssl openssl pkcs12 -in myFile.p12 -out myPublicKey.pem -clcerts -nokeys https://ca.cern.ch/ca/Help/?kbid=023010 KeyAlgorithms: KeyAlgorithms are categorised to their cipher-groups symmetric ciphers, public-key ciphers, and one-way hashing to list available ciphers within AES algorithm use openssl e.g. openssl ciphers -v 'AES+HIGH' cipherGroup is categorised by keysize within cipher-groups (usually a 4digit number which is a power of 2 e.g. 1024 and 2048) http://www.gnupg.org/gph/en/manual.html#AEN185 each permutation of cipherGroup-KeySize is further categorised according to implemented ModeOfOperation http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation ECB, CBC and PCBC are the usual choices for the optional ModeOfOperation parameter Determining the ALGO-CIPHER supported by your key so we can see that public keys contain a algorithm-cipher combination but how to determine the algo-cipher supported by your key: keytool -list -v -keystore fubar.pfx -storetype PKCS12 Here is output: Certificate fingerprints: MD5: SHA1: Signature algorithm name: SHA1withRSA Providers (SUN, SunJCE, SunJSSE,SunRsaSign, IBMJSSE, bcprov-jdkNN-MMM) Lets stick with SunJSSE as our provider supported ciphers will be those ciphers which match SHA1 with RSA from this list: http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/JSSERefGuide.html so what you are asking Tomcat Connector to do is 1)export contents of supplied keystoreFile key of keystoreType PKCS12 2)determine Signature algorithm name 3)aggregate cipherSuite by determining Signature specific supported ciphers from Signature algorithm name from http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/JSSERefGuide.html 4)reference ciphers attribute from Tomcat <Connector 5)determine SignatureSpecificSupportedCiphers from 3) and implement ONLY those ciphers which match exactly to the ciphers listed in Tomcat Connector 5) (i have not seen this currently implemented) Martin ______________________________________________ do not alter or disrupt this transmission > Date: Thu, 10 Jan 2013 11:44:49 +0400 > Subject: Re: Restricting ciphers > From: knst.koli...@gmail.com > To: users@tomcat.apache.org > > 2013/1/10 Baron Fujimoto <ba...@hawaii.edu>: > > On Wed, Jan 09, 2013 at 01:08:01PM +0400, Konstantin Kolinko wrote: > >>2013/1/9 Baron Fujimoto <ba...@hawaii.edu>: > >>> I'm attempting to mitigate BEAST (CVE-2011-3389) attacks on Tomcat 6.0.35. > >>> My understanding is that the attack applies only to CBC ciphers, and that > >>> RC4 ciphers are not vulnerable, so I am attempting to restrict the set of > >>> ciphers that Tomcat uses with the following config for a connector: > >>> > >>> <Connector protocol="HTTP/1.1" SSLEnabled="true" > >>> address="0.0.0.0" > >>> port="8443" > >>> maxThreads="150" scheme="https" secure="true" > >>> keystoreFile="/path/to/keystore" > >>> keystoreType="pkcs12" > >>> ciphers="TLS_RSA_WITH_RC4_128_SHA, > >>> TLS_RSA_WITH_RC4_128_MD5, > >>> SSL_CK_RC4_128_WITH_MD5" > >>> clientAuth="false" sslProtocol="TLS" /> > >>>(...) > >>> > >> > >>As can be seen from your usage of "keystoreType" attribute, you are > >>using Java implementation of the Connector, not openssl/APR one. > >> > >>You should look into Java documentation for their cipher names. > >> > >>See this thread from October 2009: > >>http://markmail.org/message/zn4namfhypyxum23 > > > > Ahh, that was it! It did not occur to me that OpenSSL and Java might > > name the ciphers differently. If I restrict the ciphers to those > > from the (differently named) set used by Java, it works as expected. > > Mahalo! > > > > ciphers="SSL_RSA_WITH_RC4_128_MD5, > > SSL_RSA_WITH_RC4_128_SHA, > > TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, > > TLS_ECDHE_RSA_WITH_RC4_128_SHA, > > TLS_ECDH_ECDSA_WITH_RC4_128_SHA, > > TLS_ECDH_RSA_WITH_RC4_128_SHA" > > > > Good. > > I used your example to create a FAQ page, > http://wiki.apache.org/tomcat/HowTo/SSLCiphers > > Best regards, > Konstantin Kolinko > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org >
