ECDSA cipher suites support

December 13, 2018

Contributed by: S

ECDSA cipher suites use elliptical curve cryptography (ECC). Because of its smaller size, it is particularly helpful in environments where processing power, storage space, bandwidth, and power consumption are constrained.

The following NetScaler appliances now support the elliptical curve digital signature algorithm (ECDSA) cipher group:

NetScaler MPX and SDX appliances with N3 chips
NetScaler MPX 5900/8900
NetScaler SDX 8900
NetScaler VPX appliances

To support ECDSA cipher suites on a NetScaler SDX appliance, an SSL core must be assigned to the VPX instance.

When the ECDHE_ECDSA cipher group is used, the server’s certificate must contain an ECDSA-capable public key.

Example:

sh ssl cipher ECDSA

1)      Cipher Name: TLS1-ECDHE-ECDSA-AES256-SHA        Priority : 1

Description: SSLv3 Kx=ECC-DHE  Au=ECDSA Enc=AES(256)  Mac=SHA1   HexCode=0xc00a

2)      Cipher Name: TLS1-ECDHE-ECDSA-AES128-SHA        Priority : 2

Description: SSLv3 Kx=ECC-DHE  Au=ECDSA Enc=AES(128)  Mac=SHA1   HexCode=0xc009

3)      Cipher Name: TLS1.2-ECDHE-ECDSA-AES256-SHA384   Priority : 3

Description: TLSv1.2 Kx=ECC-DHE  Au=ECDSA Enc=AES(256)  Mac=SHA-384   HexCode=0xc024

4)      Cipher Name: TLS1.2-ECDHE-ECDSA-AES128-SHA256   Priority : 4

Description: TLSv1.2 Kx=ECC-DHE  Au=ECDSA Enc=AES(128)  Mac=SHA-256   HexCode=0xc023

5)      Cipher Name: TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384       Priority : 5

Description: TLSv1.2 Kx=ECC-DHE  Au=ECDSA Enc=AES-GCM(256) Mac=AEAD   HexCode=0xc02c

6)      Cipher Name: TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256       Priority : 6

Description: TLSv1.2 Kx=ECC-DHE  Au=ECDSA Enc=AES-GCM(128) Mac=AEAD   HexCode=0xc02b

7)      Cipher Name: TLS1-ECDHE-ECDSA-DES-CBC3-SHA      Priority : 7

Description: SSLv3 Kx=ECC-DHE  Au=ECDSA Enc=3DES(168) Mac=SHA1   HexCode=0xc008

8)      Cipher Name: TLS1-ECDHE-ECDSA-RC4-SHA   Priority : 8

Description: SSLv3 Kx=ECC-DHE  Au=ECDSA Enc=RC4(128)  Mac=SHA1   HexCode=0xc007

9)      Cipher Name: TLS1.2-ECDHE-ECDSA-CHACHA20-POLY1305       Priority : 9

Description: TLSv1.2 Kx=ECC-DHE  Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD   HexCode=0xcca9

Done

The following table lists the ECDSA ciphers that are supported on the NetScaler MPX and SDX appliances with N3 chips, MPX 5900, and MPX/SDX 8900 appliances.

Cipher Name	Priority	Description	Key Exchange Algorithm	Authentication Algorithm	Encryption Algorithm (Key Size)	Message Authentication Code (MAC) Algorithm	HexCode
TLS1-ECDHE-ECDSA-AES128-SHA	1	SSLv3	ECC-DHE	ECDSA	AES(128)	SHA1	0xc009
TLS1-ECDHE-ECDSA-AES256-SHA	2	SSLv3	ECC-DHE	ECDSA	AES(256)	SHA1	0xc00a
TLS1.2-ECDHE-ECDSA-AES128-SHA256	3	TLSv1.2	ECC-DHE	ECDSA	AES(128)	SHA-256	0xc023
TLS1.2-ECDHE-ECDSA-AES256-SHA384	4	TLSv1.2	ECC-DHE	ECDSA	AES(256)	SHA-384	0xc024
TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256	5	TLSv1.2	ECC-DHE	ECDSA	AES-GCM(128)	SHA-256	0xc02b
TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384	6	TLSv1.2	ECC-DHE	ECDSA	AES-GCM(256)	SHA-384	0xc02c
TLS1-ECDHE-ECDSA-RC4-SHA	7	SSLv3	ECC-DHE	ECDSA	RC4(128)	SHA1	0xc007
TLS1-ECDHE-ECDSA-DES-CBC3-SHA	8	SSLv3	ECC-DHE	ECDSA	3DES(168)	SHA1	0xc008
TLS1.2-ECDHE-ECDSA-CHACHA20-POLY1305	9	TLSv1.2	ECC-DHE	ECDSA	CHACHA20/POLY1305(256)	AEAD	0xcca9

Important

Use the show ns hardware command to find out if your appliance has N3 chips.

Example:

sh ns hardware
              Platform: NSMPX-22000 16*CPU+24*IX+12*E1K+2*E1K+4*CVM N3 2200100
              Manufactured on: 8/19/2013
              CPU: 2900MHZ
              Host Id: 1006665862
              Serial no: ENUK6298FT
              Encoded serial no: ENUK6298FT
Done

ECDSA/RSA cipher and certificate selection

You can bind both ECDSA and RSA server certificates at the same time to an SSL virtual server. When both ECDSA and RSA certificates are bound to the virtual server, it automatically selects the appropriate server certificate to present to the client. If the client cipher list includes RSA ciphers, but does not include ECDSA ciphers, the virtual server presents the RSA server certificate. If both ciphers are present in the client’s list, then the server certificate presented depends on the cipher priority set on the virtual server. That is, if RSA has a higher priority, the RSA certificate is presented. If ECDSA has a higher priority, the ECDSA certificate is presented to the client.

Client authentication by using an ECDSA or an RSA certificate

For client authentication, the CA certificate bound to the virtual server can be ECDSA or RSA signed. The appliance supports a mixed certificate chain. For example, the following certificate chain is supported.

Client certificate (ECDSA) <-> CA certificate (RSA) <-> Intermediate certificate (RSA) <-> Root certificate (RSA)

Note

ECDSA certificates with only the following curves are supported:

prime256v1

secp384r1

secp521r1 (VPX only)

secp224r1 (VPX only)

The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. Citrix has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Citrix product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Citrix, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Citrix will not be held responsible for any damage or issues that may arise from using machine-translated content.

ECDSA cipher suites support

December 13, 2018

Contributed by: S

ECDSA cipher suites support

ECDSA/RSA cipher and certificate selection

Client authentication by using an ECDSA or an RSA certificate

ECDSA cipher suites support

In this article