确定 SSL 证书是否受到 SHA-1 淘汰的影响

确定 SSL 证书是否受到 SHA-1 淘汰的影响

Google Chrome 将开始警告用户他们的 SSL 连接不安全在下列条件下:

  1. 该证书使用 SHA1 哈希算法,
  2. 该证书将于 2016-01-01 或之后到期(或不同来源的 2017-01-01)

因此,我尝试编写一个方法来确定证书是否受到影响。下面是我维护的另一台服务器上的 SHA1 证书的示例,该证书在“安全”时间范围内过期:

$ curl -v --silent https://example.com/ 2>&1 | grep "expire\|SSL connection using"
* SSL connection using DHE-RSA-AES256-GCM-SHA384
*        expire date: 2015-07-20 00:00:00 GMT

我如何根据字符串确定该证书是 SHA1 DHE-RSA-AES256-GCM-SHA384字符串中的这段256代码看起来确实像是在使用 256 位算法,尽管我知道事实并非如此,因为我自己用 做了证书请求$ openssl req -new -newkey rsa:2048 -nodes。我在 Google 上搜索后发现此资源或支持的密码但我不知道如何从该文档中确定密码强度。

我如何通过 curl 确定密码强度,以便可以编写脚本?

答案1

我如何根据字符串 DHE-RSA-AES256-GCM-SHA384 确定此证书是 SHA1

不能。此字符串仅描述用于加密的密码套件,与证书本身无关。您必须查看证书,如下所示:

openssl s_client -connect example.com:443 | \
openssl x509 -text -noout |\
grep 'Signature Algorithm\|Not After'

答案2

请注意,仅验证证书是否包含 SHA-2 签名是不够的。您需要检查证书链中直至根证书的所有中间证书是否均未使用 SHA-1 签名。

国家安全战略具有环境变量,NSS_HASH_ALG_SUPPORT,可用于控制使用该库的程序可以使用哪些哈希算法。许多程序(包括 Firefox)都会尊重此环境变量,curl如果使用 NSS 支持编译(例如,在 Red Hat Enterprise Linux 和 Fedora 上),则也会尊重此环境变量。

curl -V | fgrep NSS/
env NSS_HASH_ALG_SUPPORT=-SHA-1 curl -v --head https://www.google.com/

如果curl使用 NSS 支持进行编译,并且使用 SHA-1 证书,则输出将如下所示:

curl 7.40.0 (x86_64-redhat-linux-gnu) libcurl/7.40.0 NSS/3.18 Basic ECC zlib/1.2.8 libidn/1.29 libssh2/1.5.0
*   Trying 64.233.166.104...
* Connected to www.google.com (64.233.166.104) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* Server certificate:
*       subject: CN=www.google.com,O=Google Inc,L=Mountain View,ST=California,C=US
*       start date: Jun 03 09:26:01 2015 GMT
*       expire date: Sep 01 00:00:00 2015 GMT
*       common name: www.google.com
*       issuer: CN=Google Internet Authority G2,O=Google Inc,C=US
* NSS error -8016 (SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED)
* The certificate was signed using a signature algorithm that is disabled because it is not secure.
* Closing connection 0
curl: (60) The certificate was signed using a signature algorithm that is disabled because it is not secure.
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
Exit 60

相关内容