• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

Ciphers Suites in java

 
Greenhorn
Posts: 22
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I want to use Ciphers Suites in java program.
If you having any idea regarding how to add cipher suites in java sample java program then please help me.

Here is the actual scenario

I am using org.apache.commons.httpclient.HttpClient class to send the request to server over HTTPS connection.
The Client(My java program) must support below cipher suites for handshake
TLS_RSA_WITH_3DES_EDE_CBC_SHA (TLS) and SSL_RSA_WITH_3DES_EDE_CBC_SHA (SSL Version 3) .
Right now i am able to set only one cipher suite i.e. SSL_RSA_WITH_3DES_EDE_CBC_SHA (SSL Version 3)
but i dont know how to set TLS_RSA_WITH_3DES_EDE_CBC_SHA (TLS).

any help is appreciated
 
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
TLS_RSA_WITH_3DES_EDE_CBC_SHA and SSL_RSA_WITH_3DES_EDE_CBC_SHA are the same cipher suite, they are synonyms. The JSSE only lists the one but it works for both SSL v3 and TLS 1.0.
 
Ashish Kirpan
Greenhorn
Posts: 22
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Greg.
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Ashish,
Hi Greg,
I am facing a problem in my project as my client required RC4 SHA cipher suite. I am hitting their Server API by java 1.8 and also I tried java 6 and 7, but still I am getting a Error "handshake_failure".
Here is the Response :
At the time Client hello ::::

*** ClientHello, TLSv1
RandomCookie: GMT: 1463577558 bytes = { 61, 169, 215, 200, 232, 160, 82, 251, 179, 221, 124, 50, 155, 146, 32, 91, 172, 233, 90, 233, 10, 40, 236, 255, 71, 43, 128, 218 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }

At the time server hello ::::

*** ServerHello, TLSv1
RandomCookie: GMT: 1463577553 bytes = { 111, 160, 211, 150, 31, 46, 140, 169, 215, 89, 63, 215, 25, 22, 173, 63, 228, 45, 59, 1, 42, 82, 105, 218, 138, 125, 170, 61 }
Session ID: {78, 53, 89, 29, 48, 9, 158, 175, 146, 243, 125, 61, 56, 81, 117, 109, 7, 12, 178, 120, 147, 202, 18, 192, 29, 92, 141, 56, 23, 132, 89, 65}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>

And at the End I am getting this Error::::


*** Finished
verify_data: { 246, 228, 38, 180, 95, 210, 68, 100, 21, 216, 174, 27 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C F6 E4 26 B 4 5F D2 44 64 15 D8 AE 1B ......&._.Dd....
Padded plaintext before ENCRYPTION: len = 32
0000: 14 00 00 0C F6 E4 26 B 4 5F D2 44 64 15 D8 AE 1B ......&._.Dd....
0010: 17 E4 12 50 4C 3E 74 23 80 21 AD 98 B7 15 59 C2 ...PL>t#.!....Y.
main, WRITE: TLSv1 Handshake, length = 32
[Raw write]: length = 37
0000: 16 03 01 00 20 8D AF 95 7B EA FA D4 D4 9E 9C 9C .... ...........
0010: 39 66 36 FD 36 08 78 40 09 D1 46 71 30 E9 D9 A0 9f6.6.x@..Fq0...
0020: 71 92 E7 CD 5D q...]
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Exception in thread "main" AxisFault


At the time of handshake server is not giving any info or we are getting empty. Please suggest me if their is any possibility to write java code to send the cipher suite, Or anything you suggest to solve this problem..
your advice and suggestion will be appreciated.
 
Saloon Keeper
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
RC4 is obsolete and should be considered insecure (as are MD5 and DES, only AES and -just barely- 3DES should be used). Do your client and yourself a favor and get them to switch to something secure.
 
WHAT is your favorite color? Blue, no yellow, ahhhhhhh! Tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic