Forum Discussion

ottleydamian's avatar
ottleydamian
Icon for Cirrus rankCirrus
Jun 20, 2017

F5 ciphersuite syntax

Help me understand F5 ciphersuite syntax please: https://support.f5.com/csp/article/K13400   In the client-ssl ciphers syntax the article states that if you want to support TLS1.0 and SSL3.0 do th...
BIG-IP
security
TMOS
Kevin_K_51432's avatar
Kevin_K_51432
Historic F5 Account
Jun 26, 2017

Greetings,

 

I parsed through the responses and don't see that anyone's mentioned this yet, apologies if this has already been mentioned:

 

Note: When you use the ! symbol preceding a cipher, the SSL profile permanently removes the cipher from the cipher list, even if it is explicitly stated later in the cipher string. When you use the - symbol preceding a cipher, the SSL profile removes the cipher from the cipher list, but it can be added back to the cipher list if there are later options that allow it. For more information about building and viewing custom cipher lists, refer to K15194: Overview of the BIG-IP SSL/TLS cipher suite.

 

https://support.f5.com/csp/article/K13171

 

Hope this is helpful, thank you!

 

Kevin

 

  • ottleydamian's avatar
    ottleydamian
    Icon for Cirrus rankCirrus
    Jun 26, 2017

    Thanks Kevin,

     

    Actually the ! symbol was the syntax that I did understand. What was tripping me up before was if I only wanted TLSv1.2 ie. no sslv3, no tlsv1.0 and no tlsv1.1 why did the syntax in the F5 article have "-TLSv1:-SSLv3". I was expecting "!TLSv1:!SSLv3" etc.

     

    But though I can't fully understand all the intricacies of why it works, I at least am confident that it does work.

     

  • Kevin_K_51432's avatar
    Kevin_K_51432
    Historic F5 Account
    Jun 26, 2017

    I think the only difference would be flexibility. Allow customers to add specific ciphers back in if they deem them necessary. For example, tlsv1 would work for DHE-RSA-DES-CBC3-SHA (if you needed that):

    -TLSv1:-SSLv3:DHE-RSA-DES-CBC3-SHA

    tlsv1 would not work for DHE-RSA-DES-CBC3-SHA (if you needed it):

    !TLSv1:!SSLv3:DHE-RSA-DES-CBC3-SHA
  • ottleydamian's avatar
    ottleydamian
    Icon for Cirrus rankCirrus
    Jun 26, 2017

    Thanks,

     

    The missed question/answer in all this was how does the following syntax ONLY allow TLSv1.2:

     

    'ALL:!ADH:!EXPORT:!eNULL:!MD5:!DES:!SSLv2:-TLSv1:-SSLv3:RC4-SHA'

     

    Or put another way, when you read that syntax, what specifically prevents ciphers that use TLSv1.1 or TLS1.0 or even SSLv3 from being used?

     

  • Kevin_K_51432's avatar
    Kevin_K_51432
    Historic F5 Account
    Jun 26, 2017

    "what specifically prevents ciphers that use TLSv1.1 or TLS1.0 or even SSLv3 from being used?"

     

    This string: !SSLv2:-TLSv1:-SSLv3 should not prevent TLS1.1 (I wouldn't expect that reading the title of the CVE). But it should:

     

    Do not allow SSLv2 ever -> !SSLv2 Do not allow tlsv1, but add back later: -> -TLSv1 Do not allow sslv3, but add back later: -> -SSLv3

     

    Hope this helps,

     

    Kevin

     

  • ottleydamian's avatar
    ottleydamian
    Icon for Cirrus rankCirrus
    Jun 26, 2017
    1. In the article there is a section titled: Restricting the Configuration utility to use only TLS 1.2 compatible or RC4-SHA ciphers The first subsection shows explicit details on how to ONLY allow TLSv1.2. There is where I got the syntax from.
    2. I tested the syntax using openssl s_client -connect (see above) and saw evidence that tlsv1.0, tls1.1 was NOT ALLOWED to connect. Only tlsv1.1.

    So the question was how do you achieve this from reading the syntax?

     

    What I now understand is that since the '-' means that ciphers are deleted from the list but could be re added later and they were not re add then in essence they were deleted. There is no syntax for tls1.1 so it was also blocked by the -tls1 syntax. RC4-SHA was needed, that is why they used '-' and not !. Since the 'ALL' was used initially anything not explicitly denied is allowed. That is my understanding as to why the syntax works. If I'm wrong tell me.

     

  • Kevin_K_51432's avatar
    Kevin_K_51432
    Historic F5 Account
    Jun 27, 2017

    Good day,

     

    I just wanted to mention that I am taking a peek into this, but your testing seems to have confirmed that the syntax is working.

     

    Will let you know once I have something.

     

    Thanks,

     

    Kevin

     

  • Kevin_K_51432's avatar
    Kevin_K_51432
    Historic F5 Account
    Jun 28, 2017

    Good day,

     

    I was a bit thrown off by the tmm --clientciphers output and didn't realize this is actually for the UI. Oops. So two things to consider so far:

     

    1) You definitely would need to add TLSv1_1 to block tls1.1 using a client ssl profile. 2) It isn't apparent from my research why -TLSv1 blocks tlsv1 and tlsv1.1 in httpd (apache).

     

    Adding -TLSv1.1 doesn't seem to affect anything in 11.x, but 10.x can't accept that option.

     

    Does this help? I believe there's an anomaly here, though tested to work and tls1.1 isn't affected by beast, so this seems to simply be a question of "why does this work this way" and there doesn't as of yet seem an obvious answer.

     

    If something comes up, I'll let you know.

     

    Thank you,

     

    Kevin