LOGJAM (CVE-2015-4000) testing #107
Comments
ghost
changed the title
|
yes, see #105 |
|
The unique DH group is difficult to test for. Currently testssl.sh marks all DH groups with 1024 bit as red and doesn't distinguish between the fixed one which comes e.g. in Apache 2.2 /openssl and a self generated one (e.g. nginx, postfix etc.). Any clues how to test this uniqueness? |
|
see a76ca52. Todo: precomputed primes. DH length is being checked for negotiated cipher and in "testsslsh -e' |
|
For Apache, anything older than 2.4.7 won't have the ability to have any other DH parameters size, and it appears the precomputed primes are included in the binaries. (Perhaps a version string check, for servers which show the version string?) The only thing this might not work well on are older Apache versions which have the changes to permit the extra DH parameter files to be specified, in which case 2048-bit or whatever length is generated is returned instead of 1024. I think anything under 2048 is bad practice anyways, though, so identifying that 1024 is a little on the 'weak' side may be a good thing to do either way. (cipherli.st and Mozilla's TLS guide both suggest >= 2048 DH parameter size) |
|
@teward, thx. My question was more how to test it. Likely for openssl the important file is It's easy to say "anything under 2048 is bad practice anyways". You should do a bit of a reality check how many sites are still running Apache 2.2. BTW: Ubuntu 12.04 has for their Apache a backport https://twitter.com/drwetter/status/606060434873970689. I put it in production for a couple of systems. |
|
@drwetter True, I didn't take into account the scope of things using 1024... :/ |
|
closing this. For the rest see #120 |
Hi,
would be great to have Logjam DH 2048bit check for the "Server Temp Key".
CVE-2015-4000
https://weakdh.org/sysadmin.html
Greetings, f-s
The text was updated successfully, but these errors were encountered: