PolarSSL Elliptic Curve into php-fpm

8 February 2014, 18:28
Hello Hugo:

I have been planning some future stuff and came across PolarSSL 1.3.4 which I used your update script to include
in hiwatha 9.3.x

And I have seen some other posts here about cipher list preferences.

But what I do not see is anyone asking how php-fpm would receive WHICH cipher is being used during https:// processing.

We would need for polarssl to tell hiawatha which cipher ultimately was selected for the HTTPS and then include this cipher into
the php-fpm global vars instead of just $_SERVER["HTTPS"] = on.

It would need to pass along $_SERVER["HTTPS_CIPHER"] = "ECDSA-ECDH-AES256-SHA2"
so that php could then make decisions about security.

I know there is a general move away from RSA for server certificates, so also the php layer would like to know
the validation of the certificate:


Your thoughts on bubbling up out of polarssl the HTTPS cipher and certificate details
and allowing the Fast CGI processes receive that information?

Hiawatha version: 9.3.x
Operating System: Linux, of course.
Hugo Leisink
9 February 2014, 07:43
The SSL_CIPHER environment string will be available in 9.4. Why do you think the PHP layer needs to know the validation of the certificate? How does that improve security?
9 February 2014, 19:20
Hugo: It does not improve security, but allows the PHP layer to decide if security is high enough to allow certain operations and detect old browsers that do not support
higher levels of encryption and better ciphers.

Don't forget that we also want to bubble up the result of ssl_set_authmode() -> POLARSSL_VERIFY_OPTIONAL so that a failed cert be passed into PHP layer as well.

This is kind of a dilemma between client and server. I do not know if a server knows when its client has determined the cert is invalid. ssl_get_verify_result( ) is available
on the client side, but do not know if the server gets that information as well.

This means that the CERT verified was either RSA or ECC and whether it has expired or not or some other problem out of polarssl.

Over the next few years, there will be a transition out of RSA and into ECC, and the PHP layer should have more of this intelligence.

Hopefully, I have explained it well enough.

Hugo Leisink
10 February 2014, 22:04
Don't forget that in some cases, it even lowers security. Specially when setting ssl_set_authmode() to 'optional'. Via SSL client authentication, you can limit the amount of people who can visit your website. Only users with the right SSL certificate can. This excludes potential hackers from all over the world.

Anyway, you can use the SSL_VERSION (already available) and SSL_CIPHER (v9.4) for that.
This topic has been closed.