Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Ciphers Suites in java

 
Ashish Kirpan
Greenhorn
Posts: 22
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to use Ciphers Suites in java program.
If you having any idea regarding how to add cipher suites in java sample java program then please help me.

Here is the actual scenario

I am using org.apache.commons.httpclient.HttpClient class to send the request to server over HTTPS connection.
The Client(My java program) must support below cipher suites for handshake
TLS_RSA_WITH_3DES_EDE_CBC_SHA (TLS) and SSL_RSA_WITH_3DES_EDE_CBC_SHA (SSL Version 3) .
Right now i am able to set only one cipher suite i.e. SSL_RSA_WITH_3DES_EDE_CBC_SHA (SSL Version 3)
but i dont know how to set TLS_RSA_WITH_3DES_EDE_CBC_SHA (TLS).

any help is appreciated
 
greg stark
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
TLS_RSA_WITH_3DES_EDE_CBC_SHA and SSL_RSA_WITH_3DES_EDE_CBC_SHA are the same cipher suite, they are synonyms. The JSSE only lists the one but it works for both SSL v3 and TLS 1.0.
 
Ashish Kirpan
Greenhorn
Posts: 22
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Greg.
 
Kapil Chouhan
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ashish,
Hi Greg,
I am facing a problem in my project as my client required RC4 SHA cipher suite. I am hitting their Server API by java 1.8 and also I tried java 6 and 7, but still I am getting a Error "handshake_failure".
Here is the Response :
At the time Client hello ::::

*** ClientHello, TLSv1
RandomCookie: GMT: 1463577558 bytes = { 61, 169, 215, 200, 232, 160, 82, 251, 179, 221, 124, 50, 155, 146, 32, 91, 172, 233, 90, 233, 10, 40, 236, 255, 71, 43, 128, 218 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }

At the time server hello ::::

*** ServerHello, TLSv1
RandomCookie: GMT: 1463577553 bytes = { 111, 160, 211, 150, 31, 46, 140, 169, 215, 89, 63, 215, 25, 22, 173, 63, 228, 45, 59, 1, 42, 82, 105, 218, 138, 125, 170, 61 }
Session ID: {78, 53, 89, 29, 48, 9, 158, 175, 146, 243, 125, 61, 56, 81, 117, 109, 7, 12, 178, 120, 147, 202, 18, 192, 29, 92, 141, 56, 23, 132, 89, 65}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>

And at the End I am getting this Error::::


*** Finished
verify_data: { 246, 228, 38, 180, 95, 210, 68, 100, 21, 216, 174, 27 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C F6 E4 26 B 4 5F D2 44 64 15 D8 AE 1B ......&._.Dd....
Padded plaintext before ENCRYPTION: len = 32
0000: 14 00 00 0C F6 E4 26 B 4 5F D2 44 64 15 D8 AE 1B ......&._.Dd....
0010: 17 E4 12 50 4C 3E 74 23 80 21 AD 98 B7 15 59 C2 ...PL>t#.!....Y.
main, WRITE: TLSv1 Handshake, length = 32
[Raw write]: length = 37
0000: 16 03 01 00 20 8D AF 95 7B EA FA D4 D4 9E 9C 9C .... ...........
0010: 39 66 36 FD 36 08 78 40 09 D1 46 71 30 E9 D9 A0 9f6.6.x@..Fq0...
0020: 71 92 E7 CD 5D q...]
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Exception in thread "main" AxisFault


At the time of handshake server is not giving any info or we are getting empty. Please suggest me if their is any possibility to write java code to send the cipher suite, Or anything you suggest to solve this problem..
your advice and suggestion will be appreciated.
 
Tim Moores
Bartender
Posts: 2730
36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
RC4 is obsolete and should be considered insecure (as are MD5 and DES, only AES and -just barely- 3DES should be used). Do your client and yourself a favor and get them to switch to something secure.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic