0 Replies Latest reply: Jul 10, 2014 9:12 AM by user9024396 RSS

    Trouble with SSL-Ciphers

    user9024396

      Hi there,

       

      I've a Apache configured with SSL. The SSL ciphers are restricted to EECDH+AES:EDH+AES:-SHA1@STRENGTH. That causes, that only ciphers with perfect forward secrecy are used and SHA1 musst be rejected.

       

      Firefox 30 works well with this settings. As the Java documentation says, it should also have no problem with it. To test it, i have a little Java tool which tries to make a https-connection to the Apache. But sadly the handshake fails.

      The reason for this is, that the Java client tells the server that it only offers ciphers with SHA1 in the client hello. I can see the hello by enabling the -Djavax.net.debug=ssl paremeter. Here's the client hello of my Java:

       

      *** ClientHello, TLSv1

      RandomCookie:  GMT: 1388158343 bytes = { 153, 1, 72, 35, 134, 144, 180, 94, 62, 150, 195, 10, 193, 209, 171, 103, 113, 127, 32, 219, 160, 224, 69, 32, 46, 113, 215, 147 }

      Session ID:  {}

      Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]

      Compression Methods:  { 0 }

      Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}

      Extension ec_point_formats, formats: [uncompressed]

      ***

       

      And that's the part I don't understand. All offerd ciphers are with SHA1.

       

      Another little java programm lists my available algorithms:

       

      Ciphers:

                  OID.1.2.840.113549.1.12.1.6

                  Blowfish

                  Rijndael

                  DESede

                  Blowfish SupportedModes

                  AES SupportedModes

                  DES SupportedModes

                  ARCFOUR

                  RC2

                  PBEWithSHA1AndRC2_40

                  RC4

                  AESWrap

                  OID.1.2.840.113549.1.12.1.3

                  DES SupportedPaddings

                  DES

                  AES

                  OID.1.2.840.113549.1.5.3

                  1.2.840.113549.1.5.3

                  DESede SupportedModes

                  DES SupportedKeyFormats

                  RSA SupportedPaddings

                  AESWrap SupportedKeyFormats

                  ARCFOUR SupportedModes

                  Blowfish SupportedKeyFormats

                  Blowfish SupportedPaddings

                  DESedeWrap

                  PBEWithSHA1AndDESede

                  AESWrap SupportedPaddings

                  RC2 SupportedPaddings

                  RSA

                  PBEWithMD5AndTripleDES

                  DESede SupportedPaddings

                  1.2.840.113549.1.12.1.6

                  RC2 SupportedModes

                  ARCFOUR SupportedKeyFormats

                  1.2.840.113549.1.12.1.3

                  RSA SupportedModes

                  RSA SupportedKeyClasses

                  DESedeWrap SupportedKeyFormats

                  DESedeWrap SupportedModes

                  DESedeWrap SupportedPaddings

                  AES SupportedPaddings

                  PBEWithMD5AndDES

                  TripleDES

                  AESWrap SupportedModes

                  AES SupportedKeyFormats

                  DESede SupportedKeyFormats

                  ARCFOUR SupportedPaddings

                  RC2 SupportedKeyFormats

      KeyAgreeents:

                  DiffieHellman SupportedKeyClasses

                  1.2.840.113549.1.3.1

                  ECDH SupportedKeyClasses

                  OID.1.2.840.113549.1.3.1

                  ECDH

                  DiffieHellman

                  DH

                  ECDH ImplementedIn

      Macs:

                  SslMacMD5 SupportedKeyFormats

                  SslMacMD5

                  HmacPBESHA1 SupportedKeyFormats

                  HmacSHA384 SupportedKeyFormats

                  HmacMD5

                  SslMacSHA1

                  HmacSHA384

                  HmacSHA512 SupportedKeyFormats

                  HmacSHA256

                  HmacMD5 SupportedKeyFormats

                  HmacSHA512

                  HmacSHA1

                  HmacSHA1 SupportedKeyFormats

                  SslMacSHA1 SupportedKeyFormats

                  HmacPBESHA1

                  HmacSHA256 SupportedKeyFormats

      MessageDigests:

                  SHA-256

                  SHA-512

                  SHA

                  SHA-384

                  MD5

                  SHA1

                  SHA-1

                  MD5 ImplementedIn

                  MD2

                  SHA ImplementedIn

      Signatures:

                  SHA1withECDSA KeySize

                  1.3.14.3.2.29

                  MD5withRSA

                  SHA384withRSA SupportedKeyClasses

                  DSA

                  SHA1withRSA

                  1.2.840.113549.1.1.5

                  NONEwithECDSA

                  1.2.840.113549.1.1.4

                  1.2.840.113549.1.1.2

                  SHA256withECDSA ImplementedIn

                  NONEwithECDSA SupportedKeyClasses

                  SHA512withRSA SupportedKeyClasses

                  SHAwithDSA

                  1.3.14.3.2.27

                  OID.1.3.14.3.2.29

                  SHA-1/DSA

                  MD5andSHA1withRSA

                  SHA512withECDSA ImplementedIn

                  1.2.840.113549.1.1.13

                  SHA1withECDSA ImplementedIn

                  NONEwithDSA

                  SHA1withECDSA

                  DSAWithSHA1

                  SHA1withDSA

                  SHA512withECDSA

                  SHA/DSA

                  DSS

                  1.2.840.113549.1.1.11

                  1.2.840.113549.1.1.12

                  NONEwithDSA SupportedKeyClasses

                  NONEwithECDSA ImplementedIn

                  SHA1withECDSA SupportedKeyClasses

                  SHA512withECDSA SupportedKeyClasses

                  1.2.840.10040.4.3

                  SHA256withRSA SupportedKeyClasses

                  SHA384withECDSA ImplementedIn

                  SHA512withRSA

                  OID.1.2.840.113549.1.1.2

                  OID.1.2.840.113549.1.1.5

                  OID.1.2.840.113549.1.1.4

                  SHA1withRSA SupportedKeyClasses

                  SHA1/DSA

                  SHA1withDSA ImplementedIn

                  SHA256withECDSA

                  SHA1withDSA SupportedKeyClasses

                  OID.1.2.840.10040.4.3

                  SHA256withECDSA SupportedKeyClasses

                  SHA1withDSA KeySize

                  SHA256withRSA

                  SHA384withECDSA

                  MD2withRSA SupportedKeyClasses

                  RawDSA

                  SHA384withRSA

                  MD2withRSA

                  OID.1.2.840.113549.1.1.13

                  OID.1.2.840.113549.1.1.12

                  OID.1.2.840.113549.1.1.11

                  SHA384withECDSA SupportedKeyClasses

                  MD5withRSA SupportedKeyClasses

                  1.3.14.3.2.13

       

      As you can see, SHA256 and SHA384 should be no problem. Can anybody tell me, what'S going wrong?

       

      Regards,

       

      Sebastian