基于OpenSSL的SSL/TLS加密套件全解析

概述

SSL/TLS握手时，客户端与服务端协商加密套件是很重要的一个步骤，协商出加密套件后才能继续完成后续的握手和加密通信。而现在SSL/TLS协议通信的实现，基本都是通过OpenSSL开源库，本文章就主要介绍下加密套件的含义以及如何在OpenSSL中指定加密套件。

加密套件介绍

SSL/TLS协议的加密套件是定义了在一次连接中所使用的各种加密算法的组合。它包括以下几个主要部分
- 密钥交换算法：用于协商会话密钥，如RSA、DH、ECDH等。
- 对称加密算法：用于实际数据传输的加解密，例如AES、3DES等。
- 消息认证码(MAC)或伪随机函数(PRF)：用于验证数据完整性及防止篡改，如SHA256等。

如何指定加密套件

使用OpenSSL或者Nginx实现SSL/TLS协议时，都需要指定加密套件。
一般指定这样指定就可以了，表示指定加密套件为任意算法，但身份认证算法和加密算法不能为空。这样客户端和服务端就会自动协商一个加密套件进行通信。

  	ssl_ciphers ALL:!aNULL;  #Nginx配置加密套件
  	SSL_CTX_set_cipher_list(ServerCTX, "ALL:!aNULL");  #openssl接口配置加密套件

但如果想自己指定加密套件，就可以使用以下列表中的一种。

序号	加密套件(完整名称)	加密套件(openssl接口指定名称)	版本	密钥协商算法	身份验证算法	加密算法	MAC
1	TLS_AES_256_GCM_SHA384	TLS_AES_256_GCM_SHA384	TLSv1.3	any	any	AESGCM(256)	AEAD
2	TLS_CHACHA20_POLY1305_SHA256	TLS_CHACHA20_POLY1305_SHA256	TLSv1.3	any	any	CHACHA20/POLY1305(256)	AEAD
3	TLS_AES_128_GCM_SHA256	TLS_AES_128_GCM_SHA256	TLSv1.3	any	any	AESGCM(128)	AEAD
4	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384	ECDHE-ECDSA-AES256-GCM-SHA384	TLSv1.2	ECDH	ECDSA	AESGCM(256)	AEAD
5	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384	ECDHE-RSA-AES256-GCM-SHA384	TLSv1.2	ECDH	RSA	AESGCM(256)	AEAD
6	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384	DHE-RSA-AES256-GCM-SHA384	TLSv1.2	DH	RSA	AESGCM(256)	AEAD
7	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256	ECDHE-ECDSA-CHACHA20-POLY1305	TLSv1.2	ECDH	ECDSA	CHACHA20/POLY1305(256)	AEAD
8	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256	ECDHE-RSA-CHACHA20-POLY1305	TLSv1.2	ECDH	RSA	CHACHA20/POLY1305(256)	AEAD
9	TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256	DHE-RSA-CHACHA20-POLY1305	TLSv1.2	DH	RSA	CHACHA20/POLY1305(256)	AEAD
10	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256	ECDHE-ECDSA-AES128-GCM-SHA256	TLSv1.2	ECDH	ECDSA	AESGCM(128)	AEAD
11	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256	ECDHE-RSA-AES128-GCM-SHA256	TLSv1.2	ECDH	RSA	AESGCM(128)	AEAD
12	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256	DHE-RSA-AES128-GCM-SHA256	TLSv1.2	DH	RSA	AESGCM(128)	AEAD
13	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384	ECDHE-ECDSA-AES256-SHA384	TLSv1.2	ECDH	ECDSA	AES(256)	SHA384
14	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384	ECDHE-RSA-AES256-SHA384	TLSv1.2	ECDH	RSA	AES(256)	SHA384
15	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256	DHE-RSA-AES256-SHA256	TLSv1.2	DH	RSA	AES(256)	SHA256
16	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256	ECDHE-ECDSA-AES128-SHA256	TLSv1.2	ECDH	ECDSA	AES(128)	SHA256
17	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	ECDHE-RSA-AES128-SHA256	TLSv1.2	ECDH	RSA	AES(128)	SHA256
18	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256	DHE-RSA-AES128-SHA256	TLSv1.2	DH	RSA	AES(128)	SHA256
19	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA	ECDHE-ECDSA-AES256-SHA	TLSv1	ECDH	ECDSA	AES(256)	SHA1
20	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA	ECDHE-RSA-AES256-SHA	TLSv1	ECDH	RSA	AES(256)	SHA1
21	TLS_DHE_RSA_WITH_AES_256_CBC_SHA	DHE-RSA-AES256-SHA	SSLv3	DH	RSA	AES(256)	SHA1
22	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA	ECDHE-ECDSA-AES128-SHA	TLSv1	ECDH	ECDSA	AES(128)	SHA1
23	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	ECDHE-RSA-AES128-SHA	TLSv1	ECDH	RSA	AES(128)	SHA1
24	TLS_DHE_RSA_WITH_AES_128_CBC_SHA	DHE-RSA-AES128-SHA	SSLv3	DH	RSA	AES(128)	SHA1
25	RSA_PSK_WITH_AES_256_GCM_SHA384	RSA-PSK-AES256-GCM-SHA384	TLSv1.2	RSAPSK	RSA	AESGCM(256)	AEAD
26	DHE_PSK_WITH_AES_256_GCM_SHA384	DHE-PSK-AES256-GCM-SHA384	TLSv1.2	DHEPSK	PSK	AESGCM(256)	AEAD
27	TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256	RSA-PSK-CHACHA20-POLY1305	TLSv1.2	RSAPSK	RSA	CHACHA20/POLY1305(256)	AEAD
28	TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256	DHE-PSK-CHACHA20-POLY1305	TLSv1.2	DHEPSK	PSK	CHACHA20/POLY1305(256)	AEAD
29	TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256	ECDHE-PSK-CHACHA20-POLY1305	TLSv1.2	ECDHEPSK	PSK	CHACHA20/POLY1305(256)	AEAD
30	TLS_RSA_WITH_AES_256_GCM_SHA384	AES256-GCM-SHA384	TLSv1.2	RSA	RSA	AESGCM(256)	AEAD
31	PSK_WITH_AES_256_GCM_SHA384	PSK-AES256-GCM-SHA384	TLSv1.2	PSK	PSK	AESGCM(256)	AEAD
32	TLS_PSK_WITH_CHACHA20_POLY1305_SHA256	PSK-CHACHA20-POLY1305	TLSv1.2	PSK	PSK	CHACHA20/POLY1305(256)	AEAD
33	RSA_PSK_WITH_AES_128_GCM_SHA256	RSA-PSK-AES128-GCM-SHA256	TLSv1.2	RSAPSK	RSA	AESGCM(128)	AEAD
34	DHE_PSK_WITH_AES_128_GCM_SHA256	DHE-PSK-AES128-GCM-SHA256	TLSv1.2	DHEPSK	PSK	AESGCM(128)	AEAD
35	TLS_RSA_WITH_AES_128_GCM_SHA256	AES128-GCM-SHA256	TLSv1.2	RSA	RSA	AESGCM(128)	AEAD
36	PSK_WITH_AES_128_GCM_SHA256	PSK-AES128-GCM-SHA256	TLSv1.2	PSK	PSK	AESGCM(128)	AEAD
37	TLS_RSA_WITH_AES_256_CBC_SHA256	AES256-SHA256	TLSv1.2	RSA	RSA	AES(256)	SHA256
38	TLS_RSA_WITH_AES_128_CBC_SHA256	AES128-SHA256	TLSv1.2	RSA	RSA	AES(128)	SHA256
39	ECDHE_PSK_WITH_AES_256_CBC_SHA384	ECDHE-PSK-AES256-CBC-SHA384	TLSv1	ECDHEPSK	PSK	AES(256)	SHA384
40	ECDHE_PSK_WITH_AES_256_CBC_SHA	ECDHE-PSK-AES256-CBC-SHA	TLSv1	ECDHEPSK	PSK	AES(256)	SHA1
41	RSA_PSK_WITH_AES_256_CBC_SHA384	TLSv1	RSAPSK	RSA	AES(256)	SHA384
42	DHE_PSK_WITH_AES_256_CBC_SHA384	DHE-PSK-AES256-CBC-SHA384	TLSv1	DHEPSK	PSK	AES(256)	SHA384
43	RSA_PSK_WITH_AES_256_CBC_SHA	RSA-PSK-AES256-CBC-SHA	SSLv3	RSAPSK	RSA	AES(256)	SHA1
44	DHE_PSK_WITH_AES_256_CBC_SHA	DHE-PSK-AES256-CBC-SHA	SSLv3	DHEPSK	PSK	AES(256)	SHA1
45	TLS_RSA_WITH_AES_256_CBC_SHA	AES256-SHA	SSLv3	RSA	RSA	AES(256)	SHA1
46	PSK_WITH_AES_256_CBC_SHA384	PSK-AES256-CBC-SHA384	TLSv1	PSK	PSK	AES(256)	SHA384
47	PSK_WITH_AES_256_CBC_SHA	PSK-AES256-CBC-SHA	SSLv3	PSK	PSK	AES(256)	SHA1
48	ECDHE_PSK_WITH_AES_128_CBC_SHA256	ECDHE-PSK-AES128-CBC-SHA256	TLSv1	ECDHEPSK	PSK	AES(128)	SHA256
49	ECDHE_PSK_WITH_AES_128_CBC_SHA	ECDHE-PSK-AES128-CBC-SHA	TLSv1	ECDHEPSK	PSK	AES(128)	SHA1
50	RSA_PSK_WITH_AES_128_CBC_SHA256	RSA-PSK-AES128-CBC-SHA256	TLSv1	RSAPSK	RSA	AES(128)	SHA256
51	DHE_PSK_WITH_AES_128_CBC_SHA256	DHE-PSK-AES128-CBC-SHA256	TLSv1	DHEPSK	PSK	AES(128)	SHA256
52	RSA_PSK_WITH_AES_128_CBC_SHA	RSA-PSK-AES128-CBC-SHA	SSLv3	RSAPSK	RSA	AES(128)	SHA1
53	DHE_PSK_WITH_AES_128_CBC_SHA	DHE-PSK-AES128-CBC-SHA	SSLv3	DHEPSK	PSK	AES(128)	SHA1
54	TLS_RSA_WITH_AES_128_CBC_SHA	AES128-SHA	SSLv3	RSA	RSA	AES(128)	SHA1
55	PSK_WITH_AES_128_CBC_SHA256	PSK-AES128-CBC-SHA256	TLSv1	PSK	PSK	AES(128)	SHA256
56	PSK_WITH_AES_128_CBC_SHA	PSK-AES128-CBC-SHA	SSLv3	PSK	PSK	AES(128)	SHA1