Page 1 of 1

HTTPS Server Cipher Suite

Posted: Tue Mar 29, 2022 11:18 am
by SKO84CR
Hello!

For my current project i am developing a HTTPS Server that runs on the ESP32-S2. It shall be used by a mobile Application.

One of the requirements is that the Cipher Suite that shall be used will be ECDHE_RSA_AES128_SHA256.

From my understanding, i can simply implement the HTTPS Server as it is done in this example:
https://github.com/espressif/esp-idf/bl ... ain/main.c

In order to enable TLS Security (in general) i set the

Code: Select all

.transport_mode = HTTPD_SSL_TRANSPORT_SECURE
However there seems to be no further configuration field to limit the supported Cipher Suite of my Server.
How do i do that?

I can configure mbedTLS via kconfig / MenuConfig as described here:
https://docs.espressif.com/projects/esp ... onfig.html

But i have some questions about it:
1 - "CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA"
Does this mean that the key exchange is done using ECDHE and the Authentication is done with RSA?

2 - Do i have to disable all the other unwanted key exchange methods if i want to limit the available cipher suites?

3 - If the key exchange / authentication is set as described in 1 and 2, how do i set the other two parts of the cipher suite (encryption algorithm as AES128 and hashing algorithm as SHA256) ?

4 - If i do the limiting of the cipher suite as described above, via the config, this will then also affect the HTTPS Client that i will be implementing, right? So i will not be able to send requests as a client while utilizing another Cipher Suite. Correct?

Re: HTTPS Server Cipher Suite

Posted: Wed Mar 30, 2022 7:17 am
by ESP_flying_raijin
Hi,
Thank you for your query,
> 1 - "CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA" Does this mean that the key exchange is done using ECDHE and the Authentication is done with RSA?
As the help menu for the option informs, this config option only "Enable ECDHE-RSA based ciphersuite modes"
This means that these type of ciphersuites will be enabled. It doesn't necessarily mean that only this is going to be used.
mbedtls may decide what to use based on available ciphersuites and also the ciphersuites supported by the peer.

2 - Do i have to disable all the other unwanted key exchange methods if i want to limit the available cipher suites?
No, mbedtls has provided an option to select a specific cipher suite for the communication.
The user can define `MBEDTLS_SSL_CIPHERSUITE` in `mbedtls/config.h` or `esp_mbedtls_config.h` in order to select a specific list of ciphersuites for the session. The config option is listed here - https://github.com/ARMmbed/mbedtls/blob ... ig.h#L3372
currently this is not directly supported through esp-idf menuconfig, I think we can add this support of selecting the ciphersuite through menuconfig.

3 - If the key exchange / authentication is set as described in 1 and 2, how do i set the other two parts of the cipher suite (encryption algorithm as AES128 and hashing algorithm as SHA256) ?
I think you can set the above option to
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
or
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

4 - If i do the limiting of the cipher suite as described above, via the config, this will then also affect the HTTPS Client that i will be implementing, right? So i will not be able to send requests as a client while utilizing another Cipher Suite. Correct?
Right, the client also needs to support this particular cipher in order to establish a secure TLS connection.

I hope I have clarified your doubts.
Thanks