Geek Answers Handbook

Java SSL Server disables weak elliptic curves

So this is the code of my ssl server for Java. ctx is an SSLContext initialized by the keystore server.

 public SSLEngine createSSLEngine() { SSLEngine sslEngine = ctx.createSSLEngine(); String[] ciphersuites = new String[]{ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" }; sslEngine.setEnabledCipherSuites(ciphersuites); sslEngine.setUseClientMode(false); return sslEngine; }

I tested it using cipherscan ( https://github.com/jvehent/cipherscan ), ciphersuites look fine, but the server supports all elliptic curves (sect163k1, sect163r1, sect163r2, sect193r1 , sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, secp192k1, prime192v1, secp224k1, secp224r1, secp256k1, prime25621,.

Is there a way to disable all curves except strong ones like secp384r1?

+7
java security ssl server
source share
2 answers

Starting with Java8 u121, you can configure which elliptic curve to use.

Use the parameter when starting the VM of your program ie:

 -Djdk.tls.namedGroups="secp521r1, secp256r1, secp256k1"

Or, if you want the JDK / JRE widescreen policy to modify the java.security file and add a property. i.e:.

 -jdk.tls.namedGroups="secp521r1, secp256r1, secp256k1"

As a reference, see: http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html the paragraph "Improve the default power of EC in the JDK"

+6
source share

I have the same problem. Here are my findings that only partially solve the problem:

  • TLS with elliptic curves are based on RFC 3546 (TLS extensions) and RFC 4492 (TLS extension for elliptic curves)
  • Java implements these extensions in com.sun.security.ssl.HelloExtension (which lists all the extensions) and com.sun.security.ssl.SupportedEllipticCurves (which is an elliptic curve extension that provides a list of allowed curves)
  • Unfortunately, these classes are included in the JVM, and there seems to be no way to just change the list with a parameter. :(
  • I read a bug fix report, which should be included in Java 9.1, which may contain a configuration function. So 2018, I think?

Ignoring OpenJDK licenses (GPLv2 + Classpath exception) and Oracle JDK licenses (here: Java binary license) at some point, here is a way to technically fix the problem:

  • take the code from OpenJDK, for example. class com.sun.security.ssl.SupportedEllipticCurves
  • change it accordingly (the list of curve identifiers can be found in com.sun.ec.CurveDB.java )
  • compile a jar
  • use Xbootclasspath:prepend to load the class with the modified curve list and ignore the JVM.

And what is the problem with the license ...

For example, jetty-alpn-agent does this. And it is also included in the GPLv2 + exception. I am not a lawyer, but I think you could create an open source project, do your work, add it to the GPLv2 + extension, and then just use it.

0
source share

More articles:


All Articles