[New-bugs-announce] [issue13626] Python SSL stack doesn't support DH ciphers

naif report at bugs.python.org
Sun Dec 18 14:07:07 CET 2011

New submission from naif <naif at globaleaks.org>:

Python SSL doesn't support DH ciphers in in all version tested.

This is a serious security issue because it's not possible to use as a server or client Perfect Forward Secrecy [1] security provided by DHE and ECDH ciphers .

In order to enable DH ciphers the SSL implementation the in the file Modules/_ssl.c, it must issue a DH_generate_parameters() if a cipher is DH.

For example PHP handling of DH ciphers, look php-5.3.8/ext/openssl/openssl.c : 

#if !defined(NO_DH)
                        case OPENSSL_KEYTYPE_DH:
                                        DH *dhpar = DH_generate_parameters(req->priv_key_bits, 2, NULL, NULL);
                                        int codes = 0;

                                        if (dhpar) {
                                                DH_set_method(dhpar, DH_get_default_method());
                                                if (DH_check(dhpar, &codes) && codes == 0 && DH_generate_key(dhpar)) {
                                                        if (EVP_PKEY_assign_DH(req->priv_key, dhpar)) {
                                                                return_val = req->priv_key;
                                                } else {

An important security fix, to support and enable by default DH ciphers has to be done.

[1] http://en.wikipedia.org/wiki/Perfect_forward_secrecy

components: Library (Lib)
messages: 149749
nosy: naif
priority: normal
severity: normal
status: open
title: Python SSL stack doesn't support DH ciphers
versions: Python 2.6, Python 2.7, Python 3.1, Python 3.2, Python 3.3, Python 3.4

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list