LoginSignup
0
0

More than 1 year has passed since last update.

@georgeOsdDev@github(Takeharu Oshida)

dh key too small を試す

Last updated at Posted at 2023-07-21

はじめに

通信先が脆弱なキーサイズを使っているとクライアント側が自衛のために発生するらしい

クライアント側のセキュリティレベルを下げると発生しなくなる(下げるな)

What Should I Do?
If you run a server…
If you have a web or mail server, you should disable support for export cipher suites and use a 2048-bit Diffie-Hellman group. We have published a Guide to Deploying Diffie-Hellman for TLS with step-by-step instructions. If you use SSH, you should upgrade both your server and client installations to the most recent version of OpenSSH, which prefers Elliptic-Curve Diffie-Hellman Key Exchange.
If you use a browser…
Make sure you have the most recent version of your browser installed, and check for updates frequently. Google Chrome (including Android Browser), Mozilla Firefox, Microsoft Internet Explorer, and Apple Safari are all deploying fixes for the Logjam attack.
If you’re a sysadmin or developer …
Make sure any TLS libraries you use are up-to-date, that servers you maintain use 2048-bit or larger primes, and that clients you maintain reject Diffie-Hellman primes smaller than 1024-bit.

検証

脆弱な通信の検証方法は Bing chat が教えてくれた

image.png

curl でやる場合

curl https://dh1024.badssl.com -v
*   Trying 104.154.89.105:443...
* Connected to dh1024.badssl.com (104.154.89.105) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (OUT), TLS alert, handshake failure (552):
* error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small
* Closing connection 0
curl: (35) error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small

curl https://dh1024.badssl.com -v --ciphers 'DEFAULT@SECLEVEL=1'
*   Trying 104.154.89.105:443...
* Connected to dh1024.badssl.com (104.154.89.105) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: DEFAULT@SECLEVEL=1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / DHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=*.badssl.com
*  start date: Apr 23 23:00:10 2023 GMT
*  expire date: Jul 22 23:00:09 2023 GMT
*  subjectAltName: host "dh1024.badssl.com" matched cert's "*.badssl.com"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
> GET / HTTP/1.1
> Host: dh1024.badssl.com
> User-Agent: curl/7.74.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: nginx/1.10.3 (Ubuntu)
< Date: Fri, 21 Jul 2023 11:56:23 GMT
< Content-Type: text/html
< Content-Length: 573
< Last-Modified: Mon, 24 Apr 2023 00:02:00 GMT
< Connection: keep-alive
< ETag: "6445c6f8-23d"
< Cache-Control: no-store
< Accept-Ranges: bytes
< 
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="shortcut icon" href="/icons/favicon-red.ico"/>
  <link rel="apple-touch-icon" href="/icons/icon-red.png"/>
  <title>dh1024.badssl.com</title>
  <link rel="stylesheet" href="/style.css">
  <style>body { background: red; }</style>
</head>
<body>
<div id="content">
  <h1>
    dh1024.badssl.com
  </h1>
</div>

<div id="footer">
  This site uses an ephemeral Diffie-Hellman key exchange<br>over a 1024-bit group.
</div>

</body>
</html>
* Connection #0 to host dh1024.badssl.com left intact

PHP でやる場合

CURLOPT_SSL_CIPHER_LISTをセットしない場合

crul1.php
<?php
$ch = curl_init("https://dh1024.badssl.com");
$res =  curl_exec($ch);
var_dump($res);
if (curl_errno($ch)) {
  var_dump(curl_error($ch));
}
curl_close($ch);
?>

実行結果

root@e2d27dede779:/home# php curl1.php 
bool(false)
string(64) "error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small"

CURLOPT_SSL_CIPHER_LISTをセットした場合

crul2.php
<?php
$ch = curl_init("https://dh1024.badssl.com");
curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'DEFAULT@SECLEVEL=1');
$res =  curl_exec($ch);
var_dump($res);
if (curl_errno($ch)) {
  var_dump(curl_error($ch));
}
curl_close($ch);
?>

実行結果

root@e2d27dede779:/home# php curl2.php 
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="shortcut icon" href="/icons/favicon-red.ico"/>
  <link rel="apple-touch-icon" href="/icons/icon-red.png"/>
  <title>dh1024.badssl.com</title>
  <link rel="stylesheet" href="/style.css">
  <style>body { background: red; }</style>
</head>
<body>
<div id="content">
  <h1>
    dh1024.badssl.com
  </h1>
</div>

<div id="footer">
  This site uses an ephemeral Diffie-Hellman key exchange<br>over a 1024-bit group.
</div>

</body>
</html>
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0