Cipher suite not enabled even though being explicitly set/provided.

[mattchidley]

Is there an existing issue for this?

• I have searched the existing issues

Describe the bug

It doesn't appear that the Kestrel webserver will ever negotiate a TLS_1.2 connection using the TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 cipher suite. It seems to me like the webserver does not recognize this cipher suite when it's provided to OnAuthenticate or by default in openssl.cnf

I used nmap to list the available ciphers on the webserver, and this one never appears to be available as a connection options. I'ts important to note that you can avoid the repro below if you just edit your /etc/ssl/openssl.cnf file to set the following:

[system_default_section]
MinProtocol = TLSv1.2
CipherString = **ECDHE-ECDSA-AES256-GCM-SHA384**:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384
CipherSuites = TLS_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
Options = ServerPreference,PrioritizeChaCha

You'll notice that the cipher is included in the CipherString, yet it will still not show up as available by any tool which evaluates webserver ciphers.

Expected Behavior

The webserver will use the provided cipher suites as described here: https://learn.microsoft.com/en-us/dotnet/core/compatibility/cryptography/5.0/default-cipher-suites-for-tls-on-linux

Here's the link to the TLS1.2 mappings from openssl: https://www.openssl.org/docs/man1.1.1/man1/ciphers.html

Steps To Reproduce

using System.Net;
using System.Net.Security;using System.Security.Cryptography.X509Certificates;
using Microsoft.AspNetCore;
using Microsoft.AspNetCore.Server.Kestrel.Core;
using Microsoft.AspNetCore.Server.Kestrel.Https;

const string pfxFileLocation = "/home/place/thing.pfx";
const string pfxFilePassword = "";
const int port = 7067;

var webHost = WebHost.CreateDefaultBuilder().UseStartup<Startup>().UseKestrel(options =>
{
    options.Listen(IPAddress.Any, port, listenOptions =>
    {
        var allowedCipherSuites = new TlsCipherSuite[] { TlsCipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 };
        var httpsOptions = new HttpsConnectionAdapterOptions
        {
            ServerCertificate = new X509Certificate2(pfxFileLocation, pfxFilePassword),
            OnAuthenticate = (_, httpOptions) =>
            {
                httpOptions.CipherSuitesPolicy = new CipherSuitesPolicy(allowedCipherSuites);
            }
        };

        listenOptions.Protocols = HttpProtocols.Http1AndHttp2;
        listenOptions.UseHttps(httpsOptions);
    });
});

webHost.Build().Run();

public sealed class Startup
{
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {}
}

Exceptions (if any)

No response

.NET Version

6.0.402

Anything else?

Running on Ubuntu 20.04

Tagging subscribers to this area: @dotnet/ncl, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

---

Is there an existing issue for this?

• I have searched the existing issues

Describe the bug

It doesn't appear that the Kestrel webserver will ever negotiate a TLS_1.2 connection using the TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 cipher suite. It seems to me like the webserver does not recognize this cipher suite when it's provided to OnAuthenticate or by default in openssl.cnf

I used nmap to list the available ciphers on the webserver, and this one never appears to be available as a connection options. I'ts important to note that you can avoid the repro below if you just edit your /etc/ssl/openssl.cnf file to set the following:

[system_default_section]
MinProtocol = TLSv1.2
CipherString = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384
CipherSuites = TLS_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
Options = ServerPreference,PrioritizeChaCha

You'll notice that the cipher is included in the CipherString, yet it will still not show up as available by any tool which evaluates webserver ciphers.

Expected Behavior

The webserver will use the provided cipher suites as described here: https://learn.microsoft.com/en-us/dotnet/core/compatibility/cryptography/5.0/default-cipher-suites-for-tls-on-linux

Here's the link to the TLS1.2 mappings from openssl: https://www.openssl.org/docs/man1.1.1/man1/ciphers.html

Steps To Reproduce

using System.Net;
using System.Net.Security;using System.Security.Cryptography.X509Certificates;
using Microsoft.AspNetCore;
using Microsoft.AspNetCore.Server.Kestrel.Core;
using Microsoft.AspNetCore.Server.Kestrel.Https;

const string pfxFileLocation = "/home/place/thing.pfx";
const string pfxFilePassword = "";
const int port = 7067;

var webHost = WebHost.CreateDefaultBuilder().UseStartup<Startup>().UseKestrel(options =>
{
    options.Listen(IPAddress.Any, port, listenOptions =>
    {
        var allowedCipherSuites = new TlsCipherSuite[] { TlsCipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 };
        var httpsOptions = new HttpsConnectionAdapterOptions
        {
            ServerCertificate = new X509Certificate2(pfxFileLocation, pfxFilePassword),
            OnAuthenticate = (_, httpOptions) =>
            {
                httpOptions.CipherSuitesPolicy = new CipherSuitesPolicy(allowedCipherSuites);
            }
        };

        listenOptions.Protocols = HttpProtocols.Http1AndHttp2;
        listenOptions.UseHttps(httpsOptions);
    });
});

webHost.Build().Run();

public sealed class Startup
{
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {}
}

Exceptions (if any)

No response

.NET Version

6.0.402

Anything else?

Running on Ubuntu 20.04

Author:	mattchidley
Assignees:	-
Labels:	area-System.Net.Security
Milestone:	-

[wfurt]

cc: @bartonjs

[bartonjs]

Is your certificate an ECDSA certificate, or an RSA certificate?

[mattchidley]

Ah. RSA cert.