kanda@centos8 ~]$ curl --tlsv1.3 https://www.google.com
4 0.012311605 240f:100:6c22:1:55b7:2483:c3f:364d 2404:6800:4004:80a::2004 TLSv1.3 603 Client Hello
Secure Sockets Layer
TLSv1.3 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 512
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 508
Version: TLS 1.2 (0x0303)
Random: d197072b1c3f918dd8cd09d952b0e7e316513c4726f6fb11...
Session ID Length: 32
Session ID: c63f29893314831f0f95a53270ae14bb680238c3e4af2ea3...
Cipher Suites Length: 10
Cipher Suites (5 suites)
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Cipher Suite: TLS_CHACHA20_POLY1305_SHA256 (0x1303)
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Cipher Suite: TLS_AES_128_CCM_SHA256 (0x1304)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
Compression Methods Length: 1
Compression Methods (1 method)
Extensions Length: 425
Extension: server_name (len=19)
Extension: ec_point_formats (len=4)
Extension: supported_groups (len=12)
Extension: next_protocol_negotiation (len=0)
Extension: application_layer_protocol_negotiation (len=14)
Extension: encrypt_then_mac (len=0)
Extension: extended_master_secret (len=0)
Extension: post_handshake_auth (len=0)
Extension: signature_algorithms (len=30)
Extension: supported_versions (len=3)
Extension: psk_key_exchange_modes (len=2)
Extension: key_share (len=38)
Extension: padding (len=251)
6 0.054035312 2404:6800:4004:80a::2004 240f:100:6c22:1:55b7:2483:c3f:364d TLSv1.3 2736 Server Hello, Change Cipher Spec, Application Data
Secure Sockets Layer
TLSv1.3 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 122
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 118
Version: TLS 1.2 (0x0303)
Random: 221899cd14d1a6b6e161b591c386994946dcc2772656687a...
Session ID Length: 32
Session ID: c63f29893314831f0f95a53270ae14bb680238c3e4af2ea3...
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Compression Method: null (0)
Extensions Length: 46
Extension: key_share (len=36)
Extension: supported_versions (len=2)
TLSv1.3 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: TLS 1.2 (0x0303)
Length: 1
Change Cipher Spec Message
TLSv1.3 Record Layer: Application Data Protocol: http-over-tls
Opaque Type: Application Data (23)
Version: TLS 1.2 (0x0303)
Length: 2512
Encrypted Application Data: f1f009f31a4f7d9cb5994ea61e6f6804d957eec0655ac3df...
#!/usr/bin/python3
# https://docs.python.org/ja/3/library/ssl.html
import socket
import ssl
import pprint
hostname = 'www.google.com'
context = ssl.create_default_context()
#context.set_ciphers("TLS_AES_256_GCM_SHA384") XXX なんで、これ、だめなのだろう。
# ssl.SSLError: ('No cipher can be selected.',)
context.set_ciphers("ECDHE-ECDSA-AES256-GCM-SHA384")
conn = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname=hostname)
conn.connect((hostname, 443))
msg = "GET / HTTP/1.0\r\nHost: {}\r\n\r\n".format(hostname)
conn.sendall(msg.encode("utf-8"))
pprint.pprint(conn.recv(4096).split(b"\r\n"))
マニュアルによると、 TLSv1.3 の暗号スイートはデフォルトで有効になっていて、 set_cipers で除くことはできないそうな。
使える暗号一覧は、https://www.openssl.org/docs/man1.1.1/man1/ciphers.html
Cipher Suites (6 suites)
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Cipher Suite: TLS_CHACHA20_POLY1305_SHA256 (0x1303)
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Cipher Suite: TLS_AES_128_CCM_SHA256 (0x1304)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) # XXX これが増えた
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
https://docs.microsoft.com/ja-jp/dotnet/api/system.net.http.httpclient?view=netcore-3.1
を動かす。
Secure Sockets Layer
TLSv1.3 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 309
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 305
Version: TLS 1.2 (0x0303)
Random: cbc74101a8b8d68ddb3b7b312f08fb120bf302006008f47c...
Session ID Length: 32
Session ID: 8bd26bc75caf91b130eb6149ab3e5347ef0a74fdd85ef51b...
Cipher Suites Length: 64
Cipher Suites (32 suites)
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Cipher Suite: TLS_CHACHA20_POLY1305_SHA256 (0x1303)
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Cipher Suite: TLS_AES_128_CCM_SHA256 (0x1304)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
Cipher Suite: TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xccaa)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
Compression Methods Length: 1
Secure Sockets Layer
TLSv1.3 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 122
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 118
Version: TLS 1.2 (0x0303)
Random: 44742d7ea55d575683cc222d1b862952aef2a087f60e640a...
Session ID Length: 32
Session ID: 8bd26bc75caf91b130eb6149ab3e5347ef0a74fdd85ef51b...
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Compression Method: null (0)
Extensions Length: 46
Extension: key_share (len=36)
Extension: supported_versions (len=2)
TLSv1.3 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls13;
にしても、 Tls にしても、 Tls 1.3 で、クライアントは、前記32個の暗号を提案するみたい。
https://stackoverflow.com/questions/59388038/supporting-tls-1-2-in-httpclient-c-sharp