Currently, we are having below cipher suites used in our platform.
AES128-GCM-SHA256
AES128-SHA256
AES128-SHA
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
Post security scan, team has asked us to block the below static cipher suites.
AES128-GCM-SHA256
AES128-SHA256
AES128-SHA
We've blocked above said cipher suites via underlying JDK (used by our app servers), by updating the tls.disabled algorithms section in java.security file.
This in turn is blocking the below ciphers too since above blocked cipher suites are used in the key exchange/MAC section of the below cipher suites.
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
Please advise if there is a way to block only the AES ones without blocking the ECDHE with AES.
Best Answer
You may not realize it, but the ciphersuites that OpenSSL for hysterical raisins labels with names that don't specify a key-exchange actually use RSA (aka plain-RSA) key-exchange. Those OpenSSL names (see man ciphers in section 1, or possibly 1ssl or similar, on your system or on the website) actually correspond to these standard names:
The syntax for secprop
jdk.tls.disabledAlgorithmsonly supports individual algorithms, not combinations, much less a complex combination like "RSA and not ECDHE". However, you can disable a TLS ciphersuite using the (full) name Java uses, which is the standard name as above. So just put those names as comma-separated entries in the secprop.Note in TLS1.3 (implemented in Java 11) the ciphersuite no longer selects the key-exchange and authentication methods. However, 1.3 no longer supports non-PFS plain-RSA keyexchange at all, and since it appears that is what your 'team' is trying to avoid, the defaults for 1.3 should be good for you.