IBM Support

Elliptical ciphers are defined to AT-TLS, but not used

Question & Answer


Question

We have defined our cipher suites to AT-TLS as follows:

 TTLSCipherParms                   cipher1~AT-TLS__Gold                  
 {                                                                       
   V3CipherSuites4Char             TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 
   V3CipherSuites4Char             TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 
   V3CipherSuites4Char             TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 
   V3CipherSuites4Char             TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 
   V3CipherSuites                        TLS_RSA_WITH_AES_256_GCM_SHA384      
   V3CipherSuites                        TLS_RSA_WITH_AES_128_GCM_SHA256  
   V3CipherSuites                        TLS_RSA_WITH_AES_256_CBC_SHA256  
   V3CipherSuites                        TLS_RSA_WITH_AES_128_CBC_SHA256  
   V3CipherSuites                        TLS_RSA_WITH_AES_128_CBC_SHA     
   V3CipherSuites                        TLS_RSA_WITH_3DES_EDE_CBC_SHA    
 }                                                                   

The client program specified this list of cipher suites, all elliptical except for one:

   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)               
   TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)               
   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)               
   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)               
   TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)        

Since AT-TLS (the server side) specifies the elliptical cipher suites as preferred to the non-elliptical cipher suites, we expected the server side to accept an elliptical cipher suite in this case. Unexpectedly, however, it only accepts the non-elliptical cipher suite specified by the client.

Answer

On the AT-TLS (server), the V3CipherSuites4Char parameter was invalidly used to defined a cipher constant. The V3CipherSuites statement must be used to define either a single cipher constant, or a string of one or more 2-hexadecimal character ciphers. The V3CipherSuites4Char statement is used to define a string of one or more 4-hexadecimal character ciphers only.

Because AT-TLS invalidly used the V3CipherSuites4Char parameter to define cipher constants representing elliptical cipher suites, none of those elliptical cipher suite definitions took effect. As a result, the non-elliptical cipher suite offered the client was accepted.

Here is how the TTLSCipherParms statement on the AT-TLS server side needs to be coded to make sure that an elliptical cipher suite is chosen in this case:

 TTLSCipherParms                   cipher1~AT-TLS__Gold                  
     {                                                                       
       V3CipherSuites                        TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 
       V3CipherSuites                        TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 
       V3CipherSuites                        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 
       V3CipherSuites                        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 
       V3CipherSuites                        TLS_RSA_WITH_AES_256_GCM_SHA384      
       V3CipherSuites                        TLS_RSA_WITH_AES_128_GCM_SHA256  
       V3CipherSuites                        TLS_RSA_WITH_AES_256_CBC_SHA256  
       V3CipherSuites                        TLS_RSA_WITH_AES_128_CBC_SHA256  
       V3CipherSuites                        TLS_RSA_WITH_AES_128_CBC_SHA     
       V3CipherSuites                        TLS_RSA_WITH_3DES_EDE_CBC_SHA    
     }                                                                   




[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Platform":[{"code":"PF035","label":"z\/OS"}],"Component":"","Version":""}]

Product Synonym

ZOSCS COMMSERVER

Document Information

Modified date:
07 March 2016

UID

dwa1247560