Technical Blog Post
Abstract
Guide to disable weak, medium, null ciphers on SBI secure HTTP interfaces and Tool to identify available ciphers on IBM SBI
Body
Guide to disable weak, medium, null ciphers on SBI secure HTTP interfaces
and Tool to identify available ciphers on IBM SBI
Of late, security is hot topic across software products and manufacturers are taking the utmost care to protect the products from security vulnerabilities. This applies to IBM Sterling B2B Integrator (SBI) as well.
Often security scan tools report usage of less-secure ciphers in web application archives (war) deployed on SBI NoAppServer (i.e., jetty @ baseport) accessible over https and baseport+1. To name few of these interfaces -
dashboard - https://host:<port+1>/dashboard
filegateway - https://host:<port+1>/filegateway
mailbox - https://host:<port+1>/mailbox
Note - Wherever "SBI secure HTTP interfaces" referred in this article, it is limited to wars deployed on jetty @ baseport+1.
SBI offers configuration options to suppress usage of weak, medium and null ciphers on these secure HTTP interfaces. In this article, I will provide the instructions in order to keep SBI secure HTTP interfaces safe from using less-secure ciphers. There will be a different article on how to do it for wars deployed on SBI HTTP server adapter.
Let us understand more about ciphers and criteria to decide cipher strength before jumping onto core topic.
As defined by OpenSSL org, following are some of the cipher strengths and their meanings.
- HIGH - "high'' encryption cipher suites currently means those with key lengths of 128 bits or more.
- MEDIUM - "medium'' encryption cipher suites currently some of those using 128 bit encryption.
- LOW - "low" encryption cipher suites currently those using 64 or 56 bit encryption algorithms but excluding export cipher suites.
- eNULL or NULL - These type of ciphers offering no encryption. Because these offer no encryption at all and are a security risk they are disabled unless explicitly included.
1.NULL Ciphers in SBI secure HTTP interfaces:
1.1
SBI secure HTTP interfaces don't support the use of NULL ciphers by default. The following ciphers are considered null ciphers (TLS_RSA_WITH_NULL_MD5, TLS_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5, SSL_RSA_WITH_NULL_SHA) in default configuration. In case your security scan report highlights use of other null ciphers in your SBI server, it is possible that your OS/JDK and internal library combination are adding/providing these, follow the steps outlined below to suppress them too.
Sample Security Scan report, which listed NULL ciphers, against SBI.
Plugin Output: |
Here is the list of null SSL ciphers supported by the remote server: |
TLSv1 |
ECDHE-RSA-NULL-SHA Kx=ECDH Au=RSA Enc=None Mac=SHA1 |
##Documentation for allowNullCiphers & NullCiphers properties that are used to suppress NULL ciphers##
security.allowNullCiphers - Boolean property that takes either true or false and instructs SBI whether to use NULL ciphers. Default is false.
security.NullCiphers - comma separated list of NULL ciphers. These are the ONLY ciphers excluded from use by SBI server secure HTTP interfaces. This list is used ONLY when security.allowNullCiphers is set to false (is default setting anyways)
- Stop SBI server
- Edit <sbi_install>/properties/customer_overrides.properties to add following e.g.,
security.allowNullCiphers=false
security.NullCiphers=TLS_RSA_WITH_NULL_MD5,TLS_RSA_WITH_NULL_SHA,
SSL_RSA_WITH_NULL_MD5,SSL_RSA_WITH_NULL_SHA,TLS_ECDHE_RSA_WITH_NULL_SHA
- Start SBI to pick these configuration changes
Note that TLS_ECDHE_RSA_WITH_NULL_SHA is actual cipher name for ECDHE-RSA-NULL-SHA openSSL cipher format
1.2 FIPS mode
If FIPSMode=true in sandbox.cfg and NIST.800-131a=off in security.properties, SBI still runs on FIPS mode. Configuration from 1.1 works in same in FTP mode too. SBI secure HTTP interfaces imposes additional filter to choose ciphers with encryption algorithms 3DES or AES and signing algorithms SHA or SHA#.
1.3 NIST mode
If NIST.800-131a=strict in security.properties, SBI works in NIST mode. There are no NULL ciphers exist since SSL communication happens over "TLS1.2-ONLY" protocol in this mode. In case, if there is a reference of NULL ciphers seen during communication, those can be excluded through same "security.NullCiphers" property.
Note - NIST mode is introduced in SBI fixpack 5020402. NIST meaning "National Institute of Standards and Technology". NIST mode is stricter than FIPS.
2.non-NULL Ciphers in SBI secure HTTP interfaces:
Next, let us consider other lower strength ciphers. The following steps will explain a way to suppress the use of weak and medium cipher suites by SBI secure HTTP interfaces. Currently, SBI secure HTTP interfaces has no restriction on cipher usage in default configuration. That said, SBI use all available ciphers on the platform/JDK SBI is running on.
Sample Security Scan report, which listed medium strength ciphers, against SBI.
Plugin Output: |
Here is the list of medium strength SSL ciphers supported by the remote server: |
TLSv1 |
EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES-CBC(56) Mac=SHA1 |
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1 |
##Doc for dashboardCipherSuite property##
security.dashboardCipherSuite - string property that takes one of "strong", "weak" or "all". Each represents the corresponding cipher suites defined by one of other property "StrongCipherSuite", "WeakCipherSuite" and "AllCipherSuite". By default this property is not set which means no restriction on ciphers used by SBI secure HTTP interfaces.
##Doc for StrongCipherSuite, WeakCipherSuite, AllCipherSuite properties##
security.StrongCipherSuite - ONLY ciphers that SBI server secure HTTP interfaces use.
- Stop SBI server
- Edit <sbi_install>/properties/customer_overrides.properties to add following e.g.,
security.dashboardCipherSuite=strong
security.StrongCipherSuite=<list of comma separated strong ciphers. Do not add EDH-RSA-DES-CBC-SHA and DES-CBC-SHA to this list>
- Start SBI to pick these configuration changes
Note - NIST implementation in SBI 5.2.4.2 had brought in significant changes in product as far as cipher suite configuration and usage. There will be another article that covers 5.2.4.2 fixpack. Section#2 is limited to pre-5.2.4.2 fixpacks.
Note the difference between 1 and 2. NullCiphers holds exclusion list and StrongCipherSuite/ WeakCipherSuite/AllCipherSuite lists hold inclusion list.
Resources
A few resources that explain ciphers in depth are given below. Cipher names with corresponding openSSL names are listed in there. It helps user to identify exact cipher name by using openSSL format thrown from security scan tool (or by some other).
https://www.openssl.org/docs/apps/ciphers.html#SSL_v3_0_cipher_suites_
https://www.openssl.org/docs/apps/ciphers.html#TLS_v1_0_cipher_suites_
https://www.mkssoftware.com/docs/man1/openssl_ciphers.1.asp
Sample Java Tool
For somebody with strong knowledge of ciphers and their strengths, I have a simple java tool that lists the available ciphers on particular SBI/platform/JDK combination and is the list used by SBI server interfaces. Tool can be tweaked to use any SSL/TLS version and/or sslprovider as needed. This should be executed by JDK of SBI install, since this JDK has got provider specific ssl libraries already bundled with it.
When the list is ready, it is time to configure properties explained in above sections.
/*****************************/ |
/** FetchAvailableCiphers.java **/ |
/****************************/ |
import java.io.PrintStream; |
import java.util.Arrays; |
import javax.net.ssl.SSLContext; |
import javax.net.ssl.SSLServerSocketFactory; |
public class FetchAvailableCiphers { |
public static void main(String args[]) throws Exception { |
String protocol = "TLS"; String provider = "CerticomJSSE"; |
System.out.println("IBM TEST : SSL provider=" + provider + ", protocol=" + protocol); |
SSLContext sslcontext = SSLContext.getInstance(protocol,provider); |
SSLServerSocketFactory sslserversocketfactory = sslcontext.getServerSocketFactory(); |
java.util.List list = Arrays.asList(sslserversocketfactory.getSupportedCipherSuites()); |
System.out.println("IBM TEST - List of " + list.size() + " available Ciphers for this particular IBM SBI install : "+ list); |
} |
} |
Here is the example run of this tool. The tool was run on the JDK that is used for an SBI installation. Hence all of the SBI secure HTTP interfaces (over https mode) would use all these ciphers, by default. Taking a close look at this list… It includes Null cipher (TLS_RSA_WITH_NULL_MD5, TLS_RSA_WITH_NULL_SHA) and some medium strength ciphers. By following instructions from 1.1 and 2, these ciphers can be eliminated.
UID
ibm11120647