OSX 10.11 El Capitan does not only support ECDHE Ciphers
Daniel Nashed – 1 October 2015 08:21:45
After updating to OSX 10.11 I did a quick test.
It wasn't sure if Apple will only support ECDHE and implementing their new standard ATS.
The first tests shows that the current ciphers are there but Apple does even support quite simple ciphers like RSA_WITH_RC4_128_SHA / MD5 as a fall back.
But you never know if this is going away in one of the next updates.
Here is a trace from against a Domino 9.0.1 FP4 IF2 server.
You can see all supported common ciphers and I highlighted the most important parts of the handshake.
Happy updating!
-- Daniel
SSLProcessProtocolMessage> Record Content: Handshake (22)
SSLProcessHandshakeMessage Enter> Message: ClientHello (1) State: HandshakeServerIdle (3) Key Exchange: 0 Cipher: Unknown Cipher (0x0000)
SSLProcessHandshakeMessage client_hello> SGC FLAG: 0 CTX state = 3 SGCCount = 0
SSLProcessClientHello> clientVersion: 0303
SSLProcessClientHello> SSL/TLS protocol clientVersion 0x0303, serverVersion 0x0303
SSLProcessClientHello> 26 ciphers requested by client
SSLProcessClientHello> Client requested TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00FF)
SSLProcessClientHello> TLS_EMPTY_RENEGOTIATION_INFO_SCSV found
SSLProcessClientHello> Client requested ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C)
SSLProcessClientHello> Client requested ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B)
SSLProcessClientHello> Client requested ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xC024)
SSLProcessClientHello> Client requested ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xC023)
SSLProcessClientHello> Client requested ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC00A)
SSLProcessClientHello> Client requested ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC009)
SSLProcessClientHello> Client requested ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xC008)
SSLProcessClientHello> Client requested ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030)
SSLProcessClientHello> Best common cipherspec 0xC030 (so far)
SSLProcessClientHello> Client requested ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)
SSLProcessClientHello> Client requested ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xC028)
SSLProcessClientHello> Client requested ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xC027)
SSLProcessClientHello> Client requested ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014)
SSLProcessClientHello> Client requested ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013)
SSLProcessClientHello> Client requested ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xC012)
SSLProcessClientHello> Client requested RSA_WITH_AES_256_GCM_SHA384 (0x009D)
SSLProcessClientHello> Best common non-EC cipherspec 0x009D (so far)
SSLProcessClientHello> Client requested RSA_WITH_AES_128_GCM_SHA256 (0x009C)
SSLProcessClientHello> Client requested RSA_WITH_AES_256_CBC_SHA256 (0x003D)
SSLProcessClientHello> Client requested RSA_WITH_AES_128_CBC_SHA256 (0x003C)
SSLProcessClientHello> Client requested RSA_WITH_AES_256_CBC_SHA (0x0035)
SSLProcessClientHello> Client requested RSA_WITH_AES_128_CBC_SHA (0x002F)
SSLProcessClientHello> Client requested RSA_WITH_3DES_EDE_CBC_SHA (0x000A)
SSLProcessClientHello> Client requested ECDHE_ECDSA_WITH_RC4_128_SHA (0xC007)
SSLProcessClientHello> Client requested ECDHE_RSA_WITH_RC4_128_SHA (0xC011)
SSLProcessClientHello> Client requested RSA_WITH_RC4_128_SHA (0x0005)
SSLProcessClientHello> Client requested RSA_WITH_RC4_128_MD5 (0x0004)
SSLProcessClientHello> Extensions found in this message
SSLProcessClientHello> Received TLS Server Name Indication (SNI) extension
SSLProcessClientHello> SNI - client requested server name 'domino.nashcom.de'
SSLProcessClientHello> Received Elliptic Curves extension
SSLProcessClientHello> Client supports NamedCurve secp256r1 (23)
SSLProcessClientHello> Client supports NamedCurve secp384r1 (24)
SSLProcessClientHello> Client supports NamedCurve secp521r1 (25)
SSLProcessClientHello> Received EC Point Formats extension
SSLProcessClientHello> Client supports uncompressed (0) points
SSLProcessClientHello> Processing TLS signature algorithms extension
SSLProcessClientHello> Client supports hash mask 0x0034; server cert chain has mask 0x0014
SSLProcessClientHello> Extension type 0x3374, extension length 0x0000
SSLProcessClientHello> Extension type 0x0010, extension length 0x0030
SSLProcessClientHello> Processing TLS Status Request extension (OCSP)
SSLProcessClientHello> Extension type 0x0012, extension length 0x0000
SSLProcessClientHello> hash/alg in certchain fSupHasAlg:0000
SSLProcessClientHello> We selected cipher ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030)
SSLProcessHandshakeMessage Exit> Message: ClientHello (1) State: HandshakeServerIdle (3) Key Exchange: 15 Cipher: ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030)
SSLAdvanceHandshake Enter> Processed: ClientHello (1) State: HandshakeServerIdle (3)
SSLAdvanceHandshake client_hello> SGC FLAG: 0 Count = 2
SSLAdvanceHandshake client_hello> Using resumed SSL/TLS Session
SSLAdvanceHandshake calling SSLPrepareAndQueueMessage> SSLEncodeServerHello
SSLEncodeServerHello> Sending empty renegotiation_info (0xff01) extension
SSLEncodeServerHello> Sending empty status_request (0x0005) extension
SSLEncodeServerHello> Sending supported point formats (0x000b) extension
SSLAdvanceHandshake calling SSLPrepareAndQueueMessage> SSLEncodeChangeCipherSpec
SSLAdvanceHandshake calling SSLPrepareAndQueueMessage> SSLEncodeFinishedMessage
SSLCalculateTLS12FinishedMessage Enter> senderID: server finished, PRF using SHA384
SSLAdvanceHandshake Exit> State HandshakeChangeCipherSpec (13)
SSL_Handshake> After handshake state = HandshakeChangeCipherSpec (13); Status = -5000
int_MapSSLError> Mapping SSL error -5000 to 4176 [SSLHandshakeNoDone]
SSLProcessProtocolMessage> Record Content: Change cipher spec (20)
SSL_Handshake> After handshake2 state HandshakeFinished (14)
int_MapSSLError> Mapping SSL error -5000 to 4176 [SSLHandshakeNoDone]
SSLProcessProtocolMessage> Record Content: Handshake (22)
SSLProcessHandshakeMessage Enter> Message: Finished (20) State: HandshakeFinished (14) Key Exchange: 15 Cipher: ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030)
SSLCalculateTLS12FinishedMessage Enter> senderID: client finished, PRF using SHA384
SSLProcessHandshakeMessage Exit> Message: Finished (20) State: HandshakeFinished (14) Key Exchange: 15 Cipher: ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030)
SSLAdvanceHandshake Enter> Processed: Finished (20) State: HandshakeFinished (14)
SSLAdvanceHandshake Exit> State HandshakeServerIdle (3)
SSL_Handshake> After handshake2 state HandshakeServerIdle (3)
SSL_Handshake> Using resumed SSL/TLS session
SSL_Handshake> Protocol Version TLS1.2 (0x303)
SSL_Handshake> Cipher = ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030)
SSL_Handshake> KeySize = 256 bits
SSL_Handshake> Original Elliptic Curve = NIST P-256 (23)
SSL_Handshake> Server RSA key size = 2048 bits
SSL_Handshake> SSLErr = 0
SSL_Handshake> TLS/SSL Handshake completed successfully
int_MapSSLError> Mapping SSL error 0 to 0 [SSLNoErr]
- Comments [0]