As I see the document, there are multiple providers for JCE. How can I find out the provider(s) that are available by default?
Call Security.getProviders(), e.g.
for (Provider provider : Security.getProviders())
System.out.printf("%-11s %s%n", provider.getName(), provider.getInfo());
Output on my Oracle Java 9.0.1 on Windows:
SUN SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; PKCS12, JKS & DKS keystores; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy; JavaLoginConfig Configuration)
SunRsaSign Sun RSA signature provider
SunEC Sun Elliptic Curve provider (EC, ECDSA, ECDH)
SunJSSE Sun JSSE provider(PKCS12, SunX509/PKIX key/trust factories, SSLv3/TLSv1/TLSv1.1/TLSv1.2/DTLSv1.0/DTLSv1.2)
SunJCE SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
SunJGSS Sun (Kerberos v5, SPNEGO)
SunSASL Sun SASL provider(implements client mechanisms for: DIGEST-MD5, EXTERNAL, PLAIN, CRAM-MD5, NTLM; server mechanisms for: DIGEST-MD5, CRAM-MD5, NTLM)
XMLDSig XMLDSig (DOM XMLSignatureFactory; DOM KeyInfoFactory; C14N 1.0, C14N 1.1, Exclusive C14N, Base64, Enveloped, XPath, XPath2, XSLT TransformServices)
SunPCSC Sun PC/SC provider
JdkLDAP JdkLDAP Provider (implements LDAP CertStore)
JdkSASL JDK SASL provider(implements client and server mechanisms for GSSAPI)
SunMSCAPI Sun's Microsoft Crypto API provider
SunPKCS11 Unconfigured and unusable PKCS11 provider
If you want to see the services each provider provides, try this:
for (Provider provider : Security.getProviders()) {
System.out.printf("%-11s %s%n", provider.getName(), provider.getInfo());
for (Service service : provider.getServices())
System.out.printf(" %s: %s%n", service.getType(), service.getAlgorithm());
}
Output
SUN SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; PKCS12, JKS & DKS keystores; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy; JavaLoginConfig Configuration)
SecureRandom: DRBG
SecureRandom: SHA1PRNG
Signature: SHA1withDSA
Signature: NONEwithDSA
Signature: SHA224withDSA
Signature: SHA256withDSA
Signature: SHA1withDSAinP1363Format
Signature: NONEwithDSAinP1363Format
Signature: SHA224withDSAinP1363Format
Signature: SHA256withDSAinP1363Format
KeyPairGenerator: DSA
MessageDigest: MD2
MessageDigest: MD5
MessageDigest: SHA
MessageDigest: SHA-224
MessageDigest: SHA-256
MessageDigest: SHA-384
MessageDigest: SHA-512
MessageDigest: SHA-512/224
MessageDigest: SHA-512/256
MessageDigest: SHA3-224
MessageDigest: SHA3-256
MessageDigest: SHA3-384
MessageDigest: SHA3-512
AlgorithmParameterGenerator: DSA
AlgorithmParameters: DSA
KeyFactory: DSA
CertificateFactory: X.509
KeyStore: PKCS12
KeyStore: JKS
KeyStore: CaseExactJKS
KeyStore: DKS
Policy: JavaPolicy
Configuration: JavaLoginConfig
CertPathBuilder: PKIX
CertPathValidator: PKIX
CertStore: Collection
CertStore: com.sun.security.IndexedCollection
SunRsaSign Sun RSA signature provider
KeyFactory: RSA
KeyPairGenerator: RSA
Signature: MD2withRSA
Signature: MD5withRSA
Signature: SHA1withRSA
Signature: SHA224withRSA
Signature: SHA256withRSA
Signature: SHA384withRSA
Signature: SHA512withRSA
SunEC Sun Elliptic Curve provider (EC, ECDSA, ECDH)
KeyFactory: EC
AlgorithmParameters: EC
Signature: NONEwithECDSA
Signature: SHA1withECDSA
Signature: SHA224withECDSA
Signature: SHA256withECDSA
Signature: SHA384withECDSA
Signature: SHA512withECDSA
Signature: NONEwithECDSAinP1363Format
Signature: SHA1withECDSAinP1363Format
Signature: SHA224withECDSAinP1363Format
Signature: SHA256withECDSAinP1363Format
Signature: SHA384withECDSAinP1363Format
Signature: SHA512withECDSAinP1363Format
KeyPairGenerator: EC
KeyAgreement: ECDH
SunJSSE Sun JSSE provider(PKCS12, SunX509/PKIX key/trust factories, SSLv3/TLSv1/TLSv1.1/TLSv1.2/DTLSv1.0/DTLSv1.2)
KeyFactory: RSA
KeyPairGenerator: RSA
Signature: MD2withRSA
Signature: MD5withRSA
Signature: SHA1withRSA
Signature: MD5andSHA1withRSA
KeyManagerFactory: SunX509
KeyManagerFactory: NewSunX509
TrustManagerFactory: SunX509
TrustManagerFactory: PKIX
SSLContext: TLSv1
SSLContext: TLSv1.1
SSLContext: TLSv1.2
SSLContext: TLS
SSLContext: DTLSv1.0
SSLContext: DTLSv1.2
SSLContext: DTLS
SSLContext: Default
KeyStore: PKCS12
SunJCE SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
Cipher: RSA
Cipher: DES
Cipher: DESede
Cipher: DESedeWrap
Cipher: PBEWithMD5AndDES
Cipher: PBEWithMD5AndTripleDES
Cipher: PBEWithSHA1AndDESede
Cipher: PBEWithSHA1AndRC2_40
Cipher: PBEWithSHA1AndRC2_128
Cipher: PBEWithSHA1AndRC4_40
Cipher: PBEWithSHA1AndRC4_128
Cipher: PBEWithHmacSHA1AndAES_128
Cipher: PBEWithHmacSHA224AndAES_128
Cipher: PBEWithHmacSHA256AndAES_128
Cipher: PBEWithHmacSHA384AndAES_128
Cipher: PBEWithHmacSHA512AndAES_128
Cipher: PBEWithHmacSHA1AndAES_256
Cipher: PBEWithHmacSHA224AndAES_256
Cipher: PBEWithHmacSHA256AndAES_256
Cipher: PBEWithHmacSHA384AndAES_256
Cipher: PBEWithHmacSHA512AndAES_256
Cipher: Blowfish
Cipher: AES
Cipher: AES_128/ECB/NoPadding
Cipher: AES_128/CBC/NoPadding
Cipher: AES_128/OFB/NoPadding
Cipher: AES_128/CFB/NoPadding
Cipher: AES_128/GCM/NoPadding
Cipher: AES_192/ECB/NoPadding
Cipher: AES_192/CBC/NoPadding
Cipher: AES_192/OFB/NoPadding
Cipher: AES_192/CFB/NoPadding
Cipher: AES_192/GCM/NoPadding
Cipher: AES_256/ECB/NoPadding
Cipher: AES_256/CBC/NoPadding
Cipher: AES_256/OFB/NoPadding
Cipher: AES_256/CFB/NoPadding
Cipher: AES_256/GCM/NoPadding
Cipher: AESWrap
Cipher: AESWrap_128
Cipher: AESWrap_192
Cipher: AESWrap_256
Cipher: RC2
Cipher: ARCFOUR
KeyGenerator: DES
KeyGenerator: DESede
KeyGenerator: Blowfish
KeyGenerator: AES
KeyGenerator: RC2
KeyGenerator: ARCFOUR
KeyGenerator: HmacMD5
KeyGenerator: HmacSHA1
KeyGenerator: HmacSHA224
KeyGenerator: HmacSHA256
KeyGenerator: HmacSHA384
KeyGenerator: HmacSHA512
KeyPairGenerator: DiffieHellman
AlgorithmParameterGenerator: DiffieHellman
KeyAgreement: DiffieHellman
AlgorithmParameters: DiffieHellman
AlgorithmParameters: DES
AlgorithmParameters: DESede
AlgorithmParameters: PBE
AlgorithmParameters: PBEWithMD5AndDES
AlgorithmParameters: PBEWithMD5AndTripleDES
AlgorithmParameters: PBEWithSHA1AndDESede
AlgorithmParameters: PBEWithSHA1AndRC2_40
AlgorithmParameters: PBEWithSHA1AndRC2_128
AlgorithmParameters: PBEWithSHA1AndRC4_40
AlgorithmParameters: PBEWithSHA1AndRC4_128
AlgorithmParameters: PBES2
AlgorithmParameters: PBEWithHmacSHA1AndAES_128
AlgorithmParameters: PBEWithHmacSHA224AndAES_128
AlgorithmParameters: PBEWithHmacSHA256AndAES_128
AlgorithmParameters: PBEWithHmacSHA384AndAES_128
AlgorithmParameters: PBEWithHmacSHA512AndAES_128
AlgorithmParameters: PBEWithHmacSHA1AndAES_256
AlgorithmParameters: PBEWithHmacSHA224AndAES_256
AlgorithmParameters: PBEWithHmacSHA256AndAES_256
AlgorithmParameters: PBEWithHmacSHA384AndAES_256
AlgorithmParameters: PBEWithHmacSHA512AndAES_256
AlgorithmParameters: Blowfish
AlgorithmParameters: AES
AlgorithmParameters: GCM
AlgorithmParameters: RC2
AlgorithmParameters: OAEP
KeyFactory: DiffieHellman
SecretKeyFactory: DES
SecretKeyFactory: DESede
SecretKeyFactory: PBEWithMD5AndDES
SecretKeyFactory: PBEWithMD5AndTripleDES
SecretKeyFactory: PBEWithSHA1AndDESede
SecretKeyFactory: PBEWithSHA1AndRC2_40
SecretKeyFactory: PBEWithSHA1AndRC2_128
SecretKeyFactory: PBEWithSHA1AndRC4_40
SecretKeyFactory: PBEWithSHA1AndRC4_128
SecretKeyFactory: PBEWithHmacSHA1AndAES_128
SecretKeyFactory: PBEWithHmacSHA224AndAES_128
SecretKeyFactory: PBEWithHmacSHA256AndAES_128
SecretKeyFactory: PBEWithHmacSHA384AndAES_128
SecretKeyFactory: PBEWithHmacSHA512AndAES_128
SecretKeyFactory: PBEWithHmacSHA1AndAES_256
SecretKeyFactory: PBEWithHmacSHA224AndAES_256
SecretKeyFactory: PBEWithHmacSHA256AndAES_256
SecretKeyFactory: PBEWithHmacSHA384AndAES_256
SecretKeyFactory: PBEWithHmacSHA512AndAES_256
SecretKeyFactory: PBKDF2WithHmacSHA1
SecretKeyFactory: PBKDF2WithHmacSHA224
SecretKeyFactory: PBKDF2WithHmacSHA256
SecretKeyFactory: PBKDF2WithHmacSHA384
SecretKeyFactory: PBKDF2WithHmacSHA512
Mac: HmacMD5
Mac: HmacSHA1
Mac: HmacSHA224
Mac: HmacSHA256
Mac: HmacSHA384
Mac: HmacSHA512
Mac: HmacSHA512/224
Mac: HmacSHA512/256
Mac: HmacPBESHA1
Mac: PBEWithHmacSHA1
Mac: PBEWithHmacSHA224
Mac: PBEWithHmacSHA256
Mac: PBEWithHmacSHA384
Mac: PBEWithHmacSHA512
Mac: SslMacMD5
Mac: SslMacSHA1
KeyStore: JCEKS
KeyGenerator: SunTlsPrf
KeyGenerator: SunTls12Prf
KeyGenerator: SunTlsMasterSecret
KeyGenerator: SunTlsKeyMaterial
KeyGenerator: SunTlsRsaPremasterSecret
SunJGSS Sun (Kerberos v5, SPNEGO)
GssApiMechanism: 1.2.840.113554.1.2.2
GssApiMechanism: 1.3.6.1.5.5.2
SunSASL Sun SASL provider(implements client mechanisms for: DIGEST-MD5, EXTERNAL, PLAIN, CRAM-MD5, NTLM; server mechanisms for: DIGEST-MD5, CRAM-MD5, NTLM)
SaslClientFactory: DIGEST-MD5
SaslClientFactory: NTLM
SaslClientFactory: EXTERNAL
SaslClientFactory: PLAIN
SaslClientFactory: CRAM-MD5
SaslServerFactory: CRAM-MD5
SaslServerFactory: DIGEST-MD5
SaslServerFactory: NTLM
XMLDSig XMLDSig (DOM XMLSignatureFactory; DOM KeyInfoFactory; C14N 1.0, C14N 1.1, Exclusive C14N, Base64, Enveloped, XPath, XPath2, XSLT TransformServices)
XMLSignatureFactory: DOM
KeyInfoFactory: DOM
TransformService: http://www.w3.org/TR/2001/REC-xml-c14n-20010315
TransformService: http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
TransformService: http://www.w3.org/2006/12/xml-c14n11
TransformService: http://www.w3.org/2006/12/xml-c14n11#WithComments
TransformService: http://www.w3.org/2001/10/xml-exc-c14n#
TransformService: http://www.w3.org/2001/10/xml-exc-c14n#WithComments
TransformService: http://www.w3.org/2000/09/xmldsig#base64
TransformService: http://www.w3.org/2000/09/xmldsig#enveloped-signature
TransformService: http://www.w3.org/2002/06/xmldsig-filter2
TransformService: http://www.w3.org/TR/1999/REC-xpath-19991116
TransformService: http://www.w3.org/TR/1999/REC-xslt-19991116
SunPCSC Sun PC/SC provider
TerminalFactory: PC/SC
JdkLDAP JdkLDAP Provider (implements LDAP CertStore)
CertStore: LDAP
JdkSASL JDK SASL provider(implements client and server mechanisms for GSSAPI)
SaslClientFactory: GSSAPI
SaslServerFactory: GSSAPI
SunMSCAPI Sun's Microsoft Crypto API provider
SecureRandom: Windows-PRNG
KeyStore: Windows-MY
KeyStore: Windows-ROOT
Signature: NONEwithRSA
Signature: SHA1withRSA
Signature: SHA256withRSA
Signature: SHA384withRSA
Signature: SHA512withRSA
Signature: MD5withRSA
Signature: MD2withRSA
KeyPairGenerator: RSA
Cipher: RSA
Cipher: RSA/ECB/PKCS1Padding
SunPKCS11 Unconfigured and unusable PKCS11 provider
Related
Information about my implementation
The code snippet below highlights my current implementation of a crypto object, using both the AES cipher and CTR mode of operation.
import javax.crypto.Cipher;
public abstract class Crypto {
private static final String CIPHER_ALGORITHM = "AES/CTR/NoPadding";
private String AesKeyString = "ByWelFHCgFqivFZrWs89LQ==";
private void setKey() throws NoSuchAlgorithmException{
byte[] keyBytes;
keyBytes = Base64.getDecoder().decode(AesKeyString);
aesKey = new SecretKeySpec(keyBytes, "AES");
}
protected byte[] execute(int mode, byte[] target, byte[] iv)
throws Exception{
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
cipher.init(mode, aesKey, ivSpec);
return cipher.doFinal(target);
}
}
As far as I'm concerned, the getInstance() method returns a Cipher object that implements the requested transformation, from the first Provider that supports this transformation.
Following, there is a list containing all of my available providers:
SUN
Alg.Alias.Signature.SHA1/DSA SHA1withDSA
Alg.Alias.Signature.1.2.840.10040.4.3 SHA1withDSA
Alg.Alias.Signature.DSS SHA1withDSA
SecureRandom.SHA1PRNG ImplementedIn Software
KeyStore.JKS sun.security.provider.JavaKeyStore$DualFormatJKS
Alg.Alias.MessageDigest.SHA-1 SHA
MessageDigest.SHA sun.security.provider.SHA
KeyStore.CaseExactJKS sun.security.provider.JavaKeyStore$CaseExactJKS
CertStore.com.sun.security.IndexedCollection ImplementedIn Software
Signature.SHA256withDSA sun.security.provider.DSA$SHA256withDSA
Alg.Alias.MessageDigest.OID.1.3.14.3.2.26 SHA
Alg.Alias.Signature.DSA SHA1withDSA
KeyFactory.DSA ImplementedIn Software
KeyStore.JKS ImplementedIn Software
AlgorithmParameters.DSA ImplementedIn Software
Signature.NONEwithDSA sun.security.provider.DSA$RawDSA
Alg.Alias.CertificateFactory.X509 X.509
Signature.SHA256withDSA SupportedKeyClasses java.security.interfaces.DSAPublicKey|java.security.interfaces.DSAPrivateKey
CertStore.com.sun.security.IndexedCollection sun.security.provider.certpath.IndexedCollectionCertStore
Provider.id className sun.security.provider.Sun
Alg.Alias.MessageDigest.1.3.14.3.2.26 SHA
Alg.Alias.Signature.SHA-1/DSA SHA1withDSA
KeyStore.DKS sun.security.provider.DomainKeyStore$DKS
Alg.Alias.Signature.OID.2.16.840.1.101.3.4.3.2 SHA256withDSA
CertificateFactory.X.509 ImplementedIn Software
Alg.Alias.Signature.OID.2.16.840.1.101.3.4.3.1 SHA224withDSA
Signature.SHA1withDSA KeySize 1024
Signature.NONEwithDSA KeySize 1024
KeyFactory.DSA sun.security.provider.DSAKeyFactory
CertPathValidator.PKIX ImplementedIn Software
Configuration.JavaLoginConfig sun.security.provider.ConfigFile$Spi
Alg.Alias.Signature.OID.1.2.840.10040.4.3 SHA1withDSA
Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.4 SHA-224
Alg.Alias.KeyFactory.1.2.840.10040.4.1 DSA
MessageDigest.MD5 ImplementedIn Software
Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.3 SHA-512
Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.2 SHA-384
Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.1 SHA-256
Alg.Alias.Signature.RawDSA NONEwithDSA
Provider.id name SUN
Alg.Alias.AlgorithmParameters.1.2.840.10040.4.1 DSA
CertPathBuilder.PKIX ValidationAlgorithm RFC3280
Policy.JavaPolicy sun.security.provider.PolicySpiFile
Alg.Alias.AlgorithmParameters.OID.1.2.840.10040.4.1 DSA
Signature.SHA224withDSA KeySize 2048
Alg.Alias.AlgorithmParameters.1.3.14.3.2.12 DSA
Alg.Alias.Signature.SHA/DSA SHA1withDSA
Alg.Alias.KeyPairGenerator.1.3.14.3.2.12 DSA
MessageDigest.SHA-384 sun.security.provider.SHA5$SHA384
MessageDigest.SHA-224 sun.security.provider.SHA2$SHA224
Signature.SHA1withDSA ImplementedIn Software
AlgorithmParameterGenerator.DSA sun.security.provider.DSAParameterGenerator
Signature.NONEwithDSA SupportedKeyClasses java.security.interfaces.DSAPublicKey|java.security.interfaces.DSAPrivateKey
MessageDigest.SHA-512 sun.security.provider.SHA5$SHA512
Alg.Alias.KeyFactory.OID.1.2.840.10040.4.1 DSA
CertPathBuilder.PKIX sun.security.provider.certpath.SunCertPathBuilder
Alg.Alias.Signature.1.3.14.3.2.27 SHA1withDSA
Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.4 SHA-224
CertPathBuilder.PKIX ImplementedIn Software
Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.3 SHA-512
Provider.id version 1.8
Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.2 SHA-384
Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1 SHA-256
Signature.SHA256withDSA KeySize 2048
AlgorithmParameters.DSA sun.security.provider.DSAParameters
Signature.SHA1withDSA SupportedKeyClasses java.security.interfaces.DSAPublicKey|java.security.interfaces.DSAPrivateKey
CertStore.Collection sun.security.provider.certpath.CollectionCertStore
AlgorithmParameterGenerator.DSA ImplementedIn Software
KeyPairGenerator.DSA KeySize 2048
CertStore.LDAP sun.security.provider.certpath.ldap.LDAPCertStore
Alg.Alias.Signature.2.16.840.1.101.3.4.3.2 SHA256withDSA
CertificateFactory.X.509 sun.security.provider.X509Factory
Alg.Alias.Signature.2.16.840.1.101.3.4.3.1 SHA224withDSA
CertStore.LDAP LDAPSchema RFC2587
KeyPairGenerator.DSA ImplementedIn Software
CertStore.LDAP ImplementedIn Software
CertPathValidator.PKIX ValidationAlgorithm RFC3280
Signature.SHA224withDSA sun.security.provider.DSA$SHA224withDSA
CertStore.Collection ImplementedIn Software
Alg.Alias.Signature.1.3.14.3.2.13 SHA1withDSA
CertPathValidator.PKIX sun.security.provider.certpath.PKIXCertPathValidator
Alg.Alias.MessageDigest.SHA1 SHA
AlgorithmParameterGenerator.DSA KeySize 2048
SecureRandom.SHA1PRNG sun.security.provider.SecureRandom
Signature.SHA1withDSA sun.security.provider.DSA$SHA1withDSA
Alg.Alias.KeyFactory.1.3.14.3.2.12 DSA
KeyPairGenerator.DSA sun.security.provider.DSAKeyPairGenerator
MessageDigest.SHA ImplementedIn Software
Provider.id info SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS & DKS keystores; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy; JavaLoginConfig Configuration)
Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1 DSA
MessageDigest.SHA-256 sun.security.provider.SHA2$SHA256
Alg.Alias.Signature.DSAWithSHA1 SHA1withDSA
MessageDigest.MD5 sun.security.provider.MD5
Alg.Alias.Signature.SHAwithDSA SHA1withDSA
Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1 DSA
Signature.SHA224withDSA SupportedKeyClasses java.security.interfaces.DSAPublicKey|java.security.interfaces.DSAPrivateKey
MessageDigest.MD2 sun.security.provider.MD2
SunRsaSign
Signature.SHA224withRSA SupportedKeyClasses java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey
Alg.Alias.Signature.OID.1.2.840.113549.1.1.2 MD2withRSA
Provider.id name SunRsaSign
Signature.SHA224withRSA sun.security.rsa.RSASignature$SHA224withRSA
Signature.SHA512withRSA sun.security.rsa.RSASignature$SHA512withRSA
Signature.MD5withRSA SupportedKeyClasses java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey
Signature.MD2withRSA sun.security.rsa.RSASignature$MD2withRSA
Signature.MD2withRSA SupportedKeyClasses java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey
Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1 RSA
Provider.id version 1.8
KeyFactory.RSA sun.security.rsa.RSAKeyFactory
Signature.SHA512withRSA SupportedKeyClasses java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey
Signature.MD5withRSA sun.security.rsa.RSASignature$MD5withRSA
Signature.SHA256withRSA sun.security.rsa.RSASignature$SHA256withRSA
Alg.Alias.KeyFactory.OID.1.2.840.113549.1.1 RSA
Signature.SHA1withRSA SupportedKeyClasses java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey
Alg.Alias.Signature.OID.1.2.840.113549.1.1.14 SHA224withRSA
Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1 RSA
Alg.Alias.Signature.OID.1.2.840.113549.1.1.13 SHA512withRSA
Signature.SHA256withRSA SupportedKeyClasses java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey
Alg.Alias.Signature.OID.1.2.840.113549.1.1.12 SHA384withRSA
Alg.Alias.Signature.OID.1.2.840.113549.1.1.11 SHA256withRSA
Provider.id info Sun RSA signature provider
Signature.SHA1withRSA sun.security.rsa.RSASignature$SHA1withRSA
Signature.SHA384withRSA sun.security.rsa.RSASignature$SHA384withRSA
Alg.Alias.Signature.1.3.14.3.2.29 SHA1withRSA
Alg.Alias.Signature.1.2.840.113549.1.1.14 SHA224withRSA
Alg.Alias.Signature.1.2.840.113549.1.1.13 SHA512withRSA
Alg.Alias.Signature.1.2.840.113549.1.1.5 SHA1withRSA
Alg.Alias.Signature.1.2.840.113549.1.1.12 SHA384withRSA
Provider.id className sun.security.rsa.SunRsaSign
Alg.Alias.Signature.1.2.840.113549.1.1.4 MD5withRSA
Alg.Alias.Signature.1.2.840.113549.1.1.11 SHA256withRSA
Alg.Alias.KeyFactory.1.2.840.113549.1.1 RSA
KeyPairGenerator.RSA sun.security.rsa.RSAKeyPairGenerator
Alg.Alias.Signature.1.2.840.113549.1.1.2 MD2withRSA
Signature.SHA384withRSA SupportedKeyClasses java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey
Alg.Alias.Signature.OID.1.2.840.113549.1.1.5 SHA1withRSA
Alg.Alias.Signature.OID.1.2.840.113549.1.1.4 MD5withRSA
SunEC
AlgorithmParameters.EC sun.security.ec.ECParameters
KeyAgreement.ECDH SupportedKeyClasses java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey
Signature.SHA256withECDSA ImplementedIn Software
Provider.id name SunEC
Signature.NONEwithECDSA SupportedKeyClasses java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey
Signature.SHA224withECDSA ImplementedIn Software
Signature.SHA1withECDSA sun.security.ec.ECDSASignature$SHA1
Alg.Alias.Signature.OID.1.2.840.10045.4.1 SHA1withECDSA
Signature.SHA256withECDSA SupportedKeyClasses java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey
Signature.SHA224withECDSA SupportedKeyClasses java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey
KeyPairGenerator.EC KeySize 256
KeyFactory.EC ImplementedIn Software
Provider.id version 1.8
AlgorithmParameters.EC KeySize 256
Signature.NONEwithECDSA sun.security.ec.ECDSASignature$Raw
Signature.SHA512withECDSA ImplementedIn Software
Alg.Alias.KeyFactory.EllipticCurve EC
Signature.SHA256withECDSA sun.security.ec.ECDSASignature$SHA256
Alg.Alias.KeyPairGenerator.EllipticCurve EC
Signature.SHA512withECDSA sun.security.ec.ECDSASignature$SHA512
Signature.SHA1withECDSA KeySize 256
Signature.SHA1withECDSA SupportedKeyClasses java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey
Signature.SHA384withECDSA SupportedKeyClasses java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey
Alg.Alias.AlgorithmParameters.EllipticCurve EC
Alg.Alias.AlgorithmParameters.1.2.840.10045.2.1 EC
Alg.Alias.Signature.1.2.840.10045.4.1 SHA1withECDSA
Signature.SHA224withECDSA sun.security.ec.ECDSASignature$SHA224
Signature.SHA384withECDSA ImplementedIn Software
AlgorithmParameters.EC ImplementedIn Software
Provider.id info Sun Elliptic Curve provider (EC, ECDSA, ECDH)
Signature.SHA512withECDSA SupportedKeyClasses java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey
KeyPairGenerator.EC sun.security.ec.ECKeyPairGenerator
Alg.Alias.Signature.OID.1.2.840.10045.4.3.4 SHA512withECDSA
Alg.Alias.Signature.OID.1.2.840.10045.4.3.3 SHA384withECDSA
Alg.Alias.Signature.OID.1.2.840.10045.4.3.2 SHA256withECDSA
KeyAgreement.ECDH sun.security.ec.ECDHKeyAgreement
Alg.Alias.Signature.OID.1.2.840.10045.4.3.1 SHA224withECDSA
Alg.Alias.Signature.1.2.840.10045.4.3.4 SHA512withECDSA
Alg.Alias.Signature.1.2.840.10045.4.3.3 SHA384withECDSA
Signature.SHA384withECDSA sun.security.ec.ECDSASignature$SHA384
Alg.Alias.Signature.1.2.840.10045.4.3.2 SHA256withECDSA
Alg.Alias.Signature.1.2.840.10045.4.3.1 SHA224withECDSA
AlgorithmParameters.EC SupportedCurves [secp112r1,1.3.132.0.6]|[secp112r2,1.3.132.0.7]|[secp128r1,1.3.132.0.28]|[secp128r2,1.3.132.0.29]|[secp160k1,1.3.132.0.9]|[secp160r1,1.3.132.0.8]|[secp160r2,1.3.132.0.30]|[secp192k1,1.3.132.0.31]|[secp192r1,NIST P-192,X9.62 prime192v1,1.2.840.10045.3.1.1]|[secp224k1,1.3.132.0.32]|[secp224r1,NIST P-224,1.3.132.0.33]|[secp256k1,1.3.132.0.10]|[secp256r1,NIST P-256,X9.62 prime256v1,1.2.840.10045.3.1.7]|[secp384r1,NIST P-384,1.3.132.0.34]|[secp521r1,NIST P-521,1.3.132.0.35]|[X9.62 prime192v2,1.2.840.10045.3.1.2]|[X9.62 prime192v3,1.2.840.10045.3.1.3]|[X9.62 prime239v1,1.2.840.10045.3.1.4]|[X9.62 prime239v2,1.2.840.10045.3.1.5]|[X9.62 prime239v3,1.2.840.10045.3.1.6]|[sect113r1,1.3.132.0.4]|[sect113r2,1.3.132.0.5]|[sect131r1,1.3.132.0.22]|[sect131r2,1.3.132.0.23]|[sect163k1,NIST K-163,1.3.132.0.1]|[sect163r1,1.3.132.0.2]|[sect163r2,NIST B-163,1.3.132.0.15]|[sect193r1,1.3.132.0.24]|[sect193r2,1.3.132.0.25]|[sect233k1,NIST K-233,1.3.132.0.26]|[sect233r1,NIST B-233,1.3.132.0.27]|[sect239k1,1.3.132.0.3]|[sect283k1,NIST K-283,1.3.132.0.16]|[sect283r1,NIST B-283,1.3.132.0.17]|[sect409k1,NIST K-409,1.3.132.0.36]|[sect409r1,NIST B-409,1.3.132.0.37]|[sect571k1,NIST K-571,1.3.132.0.38]|[sect571r1,NIST B-571,1.3.132.0.39]|[X9.62 c2tnb191v1,1.2.840.10045.3.0.5]|[X9.62 c2tnb191v2,1.2.840.10045.3.0.6]|[X9.62 c2tnb191v3,1.2.840.10045.3.0.7]|[X9.62 c2tnb239v1,1.2.840.10045.3.0.11]|[X9.62 c2tnb239v2,1.2.840.10045.3.0.12]|[X9.62 c2tnb239v3,1.2.840.10045.3.0.13]|[X9.62 c2tnb359v1,1.2.840.10045.3.0.18]|[X9.62 c2tnb431r1,1.2.840.10045.3.0.20]|[brainpoolP160r1,1.3.36.3.3.2.8.1.1.1]|[brainpoolP192r1,1.3.36.3.3.2.8.1.1.3]|[brainpoolP224r1,1.3.36.3.3.2.8.1.1.5]|[brainpoolP256r1,1.3.36.3.3.2.8.1.1.7]|[brainpoolP320r1,1.3.36.3.3.2.8.1.1.9]|[brainpoolP384r1,1.3.36.3.3.2.8.1.1.11]|[brainpoolP512r1,1.3.36.3.3.2.8.1.1.13]
Provider.id className sun.security.ec.SunEC
Signature.NONEwithECDSA ImplementedIn Software
Signature.SHA1withECDSA ImplementedIn Software
KeyPairGenerator.EC ImplementedIn Software
KeyFactory.EC sun.security.ec.ECKeyFactory
KeyAgreement.ECDH ImplementedIn Software
SunJSSE
Signature.MD5andSHA1withRSA sun.security.ssl.RSASignature
Alg.Alias.Signature.OID.1.2.840.113549.1.1.2 MD2withRSA
Alg.Alias.KeyManagerFactory.PKIX NewSunX509
Provider.id name SunJSSE
KeyManagerFactory.NewSunX509 sun.security.ssl.KeyManagerFactoryImpl$X509
Alg.Alias.Signature.OID.1.3.14.3.2.29 SHA1withRSA
Signature.MD2withRSA sun.security.rsa.RSASignature$MD2withRSA
Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1 RSA
Provider.id version 1.8
KeyManagerFactory.SunX509 sun.security.ssl.KeyManagerFactoryImpl$SunX509
KeyFactory.RSA sun.security.rsa.RSAKeyFactory
TrustManagerFactory.SunX509 sun.security.ssl.TrustManagerFactoryImpl$SimpleFactory
Alg.Alias.TrustManagerFactory.X.509 PKIX
SSLContext.TLSv1.2 sun.security.ssl.SSLContextImpl$TLS12Context
SSLContext.TLSv1.1 sun.security.ssl.SSLContextImpl$TLS11Context
Signature.MD5withRSA sun.security.rsa.RSASignature$MD5withRSA
Alg.Alias.SSLContext.SSLv3 TLSv1
Alg.Alias.SSLContext.SSL TLS
KeyStore.PKCS12 sun.security.pkcs12.PKCS12KeyStore
Alg.Alias.TrustManagerFactory.SunPKIX PKIX
Alg.Alias.KeyFactory.OID.1.2.840.113549.1.1 RSA
SSLContext.Default sun.security.ssl.SSLContextImpl$DefaultSSLContext
Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1 RSA
Provider.id info Sun JSSE provider(PKCS12, SunX509/PKIX key/trust factories, SSLv3/TLSv1/TLSv1.1/TLSv1.2)
Signature.SHA1withRSA sun.security.rsa.RSASignature$SHA1withRSA
TrustManagerFactory.PKIX sun.security.ssl.TrustManagerFactoryImpl$PKIXFactory
SSLContext.TLS sun.security.ssl.SSLContextImpl$TLSContext
SSLContext.TLSv1 sun.security.ssl.SSLContextImpl$TLS10Context
Alg.Alias.Signature.1.3.14.3.2.29 SHA1withRSA
Alg.Alias.Signature.1.2.840.113549.1.1.5 SHA1withRSA
Alg.Alias.TrustManagerFactory.X509 PKIX
Provider.id className com.sun.net.ssl.internal.ssl.Provider
Alg.Alias.Signature.1.2.840.113549.1.1.4 MD5withRSA
Alg.Alias.KeyFactory.1.2.840.113549.1.1 RSA
KeyPairGenerator.RSA sun.security.rsa.RSAKeyPairGenerator
Alg.Alias.Signature.1.2.840.113549.1.1.2 MD2withRSA
Alg.Alias.Signature.OID.1.2.840.113549.1.1.5 SHA1withRSA
Alg.Alias.Signature.OID.1.2.840.113549.1.1.4 MD5withRSA
Even though I don't see any provider supporting the "AES/CTR/NoPadding" algorithm, there is no NoSuchAlgorithmException thrown by the execute() method, thus I suppose this algorithm is supported by one of the previous providers.
Question
Which of the previous providers is being called to get the envisaged
cipher object that supports the "AES/CTR/NoPadding" algorithm?
Note
The list of providers was too long to fit into this post, if you need any information regarding a not mentioned specific provider, please let me know.
You can just call getProvider() on any Cipher (or MessageDigest, etc.). If you do that for a Cipher using "AES/GCM/NoPadding" you would get the SunJCE provider. You would not get the additional service information, of course.
To get the service information about the AES cipher, try this code:
public static void main(String[] args) {
Provider[] provs = Security.getProviders();
for (Provider provider : provs) {
Service service = provider.getService("Cipher", "AES");
if (service == null) {
continue;
}
String modes = service.getAttribute("SupportedModes");
if (modes != null && modes.matches("(?i).*CTR.*")) {
System.out.println(service);
}
}
}
which will output:
SunJCE: Cipher.AES -> com.sun.crypto.provider.AESCipher$General
aliases: [Rijndael]
attributes: {SupportedPaddings=NOPADDING|PKCS5PADDING|ISO10126PADDING, SupportedKeyFormats=RAW, SupportedModes=ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|GCM|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128}
So there you have it: AES, CTR and NoPadding.
Admittedly, the Service interface of Provider is not that well described so it takes a bit of puzzling to get to this information.
I'm having a hard time connecting to a service with client authentication. The service ("SecureService") is on AWS. The clients are on a Linux VM on my Mac. Nginx on SecureService enforces Client Authentication on the resource I'm accessing on port 443. I can get a successful response connecting from the same VM to the same SecureService, using a proof of concept Java standalone application (openjdk 1.8.0_60) or other clients (wget, openssl), but not from the same Java code hosted on Websphere AS (admittedly relying on older libraries and IBM J9 VM, build 2.6, JRE 1.6.0). When remapping the SecureService hostname to 127.0.0.1 in /etc/hosts, though, that same java code on Websphere AS connects successfully to a local openSSL server requiring client authentication from the same Certification Authority. The response from SecureServer in the failing connection reports "400 No required SSL certificate was sent"... "400 Bad Request", but tcpdump packet captures show it's NOT sending a Certificate Request, whereas it is in all the other cases. This is puzzling and leads me to think there is something in the ClientHello message that the server doesn't like, though ClientHello messages in successful and failing connections are very similar.
A quite odd detail is also that tcpdump never captures the first TCP SYN packet from my client to the server in the failing communication, while it captures the rest (SYN + ACK from the server, then ACK from the client) and all the packets (SYN, SYN + ACK, ACK) on all other communications.
All communications use TLSv1.2 in all their parts.
Failing connection:
(client <--> server)
<-- SYN, ACK
--> ACK
--> Client Hello
<-- ACK
<-- Server Hello, Certificate, Server Hello Done
--> ACK
--> Client Key Exchange
<-- ACK
--> Change Cypher Spec
<-- ACK
--> Encrypted Handshake Message
<-- ACK
<-- Change Cypher Spec, Encrypted Handshake Message
--> Application Data
...
Successful connection from proof of concept Java app:
(client <--> server)
--> SYN
<-- SYN, ACK
--> ACK
--> Client Hello
<-- ACK
<-- Server Hello
<-- Certificate
<-- Certificate Request, Server Hello Done
--> ACK
--> ACK
--> [TCP segment of a reassembled PDU]
--> Certificate, Client Key Exchange
<-- ACK
--> Certificate Verify
--> Change Cypher Spec
--> Hello Request, Hello Request
<-- ACK
<-- Change Cypher Spec, Encrypted Handshake Message
--> Application Data
...
Successful connection from Websphere AS to local openSSL:
(client <--> server)
--> SYN
<-- SYN, ACK
--> ACK
--> Client Hello
<-- ACK
<-- Server Hello, Certificate, Certificate Request, Server Hello Done
--> ACK
--> Certificate, Client Key Exchange
<-- ACK
--> Certificate Verify
--> Change Cypher Spec
--> Encrypted Handshake Message
<-- ACK
<-- Change Cypher Spec, Encrypted Handshake Message
--> Application Data
...
Failing Client Hello:
Frame 3: 332 bytes on wire (2656 bits), 332 bytes captured (2656 bits)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Feb 25, 2016 13:29:15.353437000 GMT
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1456406955.353437000 seconds
[Time delta from previous captured frame: 0.004839000 seconds]
[Time delta from previous displayed frame: 0.004839000 seconds]
[Time since reference or first frame: 0.004868000 seconds]
Frame Number: 3
Frame Length: 332 bytes (2656 bits)
Capture Length: 332 bytes (2656 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:tcp:ssl]
[Coloring Rule Name: TCP]
[Coloring Rule String: tcp]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: CadmusCo_67:0a:c1 (08:00:27:67:0a:c1)
Protocol: IPv4 (0x0800)
Internet Protocol Version 4, Src: (OMITTED FOR SECURITY REASONS), Dst: (OMITTED FOR SECURITY REASONS)
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 316
Identification: 0xf29d (62109)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0xc7f8 [validation disabled]
[Good: False]
[Bad: False]
Source: (OMITTED FOR SECURITY REASONS)
Destination: (OMITTED FOR SECURITY REASONS)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Transmission Control Protocol, Src Port: 51512 (51512), Dst Port: 443 (443), Seq: 1, Ack: 1, Len: 276
Source Port: 51512
Destination Port: 443
[Stream index: 0]
[TCP Segment Len: 276]
Sequence number: 1 (relative sequence number)
[Next sequence number: 277 (relative sequence number)]
Acknowledgment number: 1 (relative ack number)
Header Length: 20 bytes
Flags: 0x018 (PSH, ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 1... = Push: Set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
[TCP Flags: *******AP***]
Window size value: 14600
[Calculated window size: 14600]
[Window size scaling factor: -2 (no window scaling used)]
Checksum: 0x8054 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
[SEQ/ACK analysis]
[Bytes in flight: 276]
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 271
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 267
Version: TLS 1.2 (0x0303)
Random
GMT Unix Time: Feb 25, 2016 13:29:15.000000000 GMT
Random Bytes: 2ca99e72b66289fcd3f11bf2dc3ef464709b197e6dd6cdd5...
Session ID Length: 32
Session ID: 28eef056a41440e760eaa9e3358a9cd56d8823fa130e9100...
Cipher Suites Length: 128
Cipher Suites (64 suites)
Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Cipher Suite: SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (0xfeff)
Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
Cipher Suite: TLS_DHE_DSS_WITH_RC4_128_SHA (0x0066)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA (0x0011)
Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2)
Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012)
Cipher Suite: TLS_DHE_DSS_WITH_RC4_128_SHA (0x0066)
Cipher Suite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0014)
Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
Cipher Suite: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x0015)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (0xc007)
Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011)
Cipher Suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (0xc025)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02d)
Cipher Suite: TLS_ECDH_ECDSA_WITH_RC4_128_SHA (0xc002)
Cipher Suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 (0xc029)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031)
Cipher Suite: TLS_ECDH_RSA_WITH_RC4_128_SHA (0xc00c)
Cipher Suite: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0008)
Cipher Suite: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x0003)
Cipher Suite: SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (0xfeff)
Cipher Suite: SSL_RSA_FIPS_WITH_DES_CBC_SHA (0xfefe)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009)
Cipher Suite: TLS_RSA_WITH_NULL_MD5 (0x0001)
Cipher Suite: TLS_RSA_WITH_NULL_SHA (0x0002)
Cipher Suite: TLS_RSA_WITH_NULL_SHA256 (0x003b)
Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
Extensions Length: 66
Extension: elliptic_curves
Type: elliptic_curves (0x000a)
Length: 24
Elliptic Curves Length: 22
Elliptic curves (11 curves)
Elliptic curve: secp256r1 (0x0017)
Elliptic curve: secp192r1 (0x0013)
Elliptic curve: secp224r1 (0x0015)
Elliptic curve: secp384r1 (0x0018)
Elliptic curve: secp521r1 (0x0019)
Elliptic curve: secp160k1 (0x000f)
Elliptic curve: secp160r1 (0x0010)
Elliptic curve: secp160r2 (0x0011)
Elliptic curve: secp192k1 (0x0012)
Elliptic curve: secp224k1 (0x0014)
Elliptic curve: secp256k1 (0x0016)
Extension: ec_point_formats
Type: ec_point_formats (0x000b)
Length: 2
EC point formats Length: 1
Elliptic curves point formats (1)
EC point format: uncompressed (0)
Extension: signature_algorithms
Type: signature_algorithms (0x000d)
Length: 28
Signature Hash Algorithms Length: 26
Signature Hash Algorithms (13 algorithms)
Signature Hash Algorithm: 0x0603
Signature Hash Algorithm Hash: SHA512 (6)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0601
Signature Hash Algorithm Hash: SHA512 (6)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0503
Signature Hash Algorithm Hash: SHA384 (5)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0501
Signature Hash Algorithm Hash: SHA384 (5)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0403
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0401
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0303
Signature Hash Algorithm Hash: SHA224 (3)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0301
Signature Hash Algorithm Hash: SHA224 (3)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0203
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0201
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0402
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: DSA (2)
Signature Hash Algorithm: 0x0202
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: DSA (2)
Signature Hash Algorithm: 0x0101
Signature Hash Algorithm Hash: MD5 (1)
Signature Hash Algorithm Signature: RSA (1)
Successful Client Hello from proof of concept to SecureServer:
Frame 62: 306 bytes on wire (2448 bits), 306 bytes captured (2448 bits) on interface 0
Interface id: 0 (en0)
Encapsulation type: Ethernet (1)
Arrival Time: Feb 24, 2016 17:20:21.803009000 GMT
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1456334421.803009000 seconds
[Time delta from previous captured frame: 0.119948000 seconds]
[Time delta from previous displayed frame: 0.119948000 seconds]
[Time since reference or first frame: 17.897514000 seconds]
Frame Number: 62
Frame Length: 306 bytes (2448 bits)
Capture Length: 306 bytes (2448 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp:ssl]
[Coloring Rule Name: TCP]
[Coloring Rule String: tcp]
Ethernet II, Src: Apple_bc:c7:11 (a4:5e:60:bc:c7:11), Dst: CiscoInc_76:28:80 (a4:4c:11:76:28:80)
Destination: CiscoInc_76:28:80 (a4:4c:11:76:28:80)
Address: CiscoInc_76:28:80 (a4:4c:11:76:28:80)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: Apple_bc:c7:11 (a4:5e:60:bc:c7:11)
Address: Apple_bc:c7:11 (a4:5e:60:bc:c7:11)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: (OMITTED FOR SECURITY REASONS), Dst: (OMITTED FOR SECURITY REASONS)
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 292
Identification: 0xa8b7 (43191)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0x279c [validation disabled]
[Good: False]
[Bad: False]
Source: (OMITTED FOR SECURITY REASONS)
Destination: (OMITTED FOR SECURITY REASONS)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Transmission Control Protocol, Src Port: 62197 (62197), Dst Port: 443 (443), Seq: 1, Ack: 1, Len: 240
Source Port: 62197
Destination Port: 443
[Stream index: 9]
[TCP Segment Len: 240]
Sequence number: 1 (relative sequence number)
[Next sequence number: 241 (relative sequence number)]
Acknowledgment number: 1 (relative ack number)
Header Length: 32 bytes
Flags: 0x018 (PSH, ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 1... = Push: Set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
[TCP Flags: *******AP***]
Window size value: 4122
[Calculated window size: 131904]
[Window size scaling factor: 32]
Checksum: 0xc3c5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
Timestamps: TSval 928661973, TSecr 546145009
Kind: Time Stamp Option (8)
Length: 10
Timestamp value: 928661973
Timestamp echo reply: 546145009
[SEQ/ACK analysis]
[iRTT: 0.016102000 seconds]
[Bytes in flight: 240]
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 235
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 231
Version: TLS 1.2 (0x0303)
Random
GMT Unix Time: Feb 24, 2016 17:20:21.000000000 GMT
Random Bytes: fbb67137e8cde6609cb570685f6c9b5a62eefbc12973b545...
Session ID Length: 0
Cipher Suites Length: 58
Cipher Suites (29 suites)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (0xc025)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 (0xc029)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02d)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008)
Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Cipher Suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003)
Cipher Suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d)
Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
Extensions Length: 132
Extension: elliptic_curves
Type: elliptic_curves (0x000a)
Length: 52
Elliptic Curves Length: 50
Elliptic curves (25 curves)
Elliptic curve: secp256r1 (0x0017)
Elliptic curve: sect163k1 (0x0001)
Elliptic curve: sect163r2 (0x0003)
Elliptic curve: secp192r1 (0x0013)
Elliptic curve: secp224r1 (0x0015)
Elliptic curve: sect233k1 (0x0006)
Elliptic curve: sect233r1 (0x0007)
Elliptic curve: sect283k1 (0x0009)
Elliptic curve: sect283r1 (0x000a)
Elliptic curve: secp384r1 (0x0018)
Elliptic curve: sect409k1 (0x000b)
Elliptic curve: sect409r1 (0x000c)
Elliptic curve: secp521r1 (0x0019)
Elliptic curve: sect571k1 (0x000d)
Elliptic curve: sect571r1 (0x000e)
Elliptic curve: secp160k1 (0x000f)
Elliptic curve: secp160r1 (0x0010)
Elliptic curve: secp160r2 (0x0011)
Elliptic curve: sect163r1 (0x0002)
Elliptic curve: secp192k1 (0x0012)
Elliptic curve: sect193r1 (0x0004)
Elliptic curve: sect193r2 (0x0005)
Elliptic curve: secp224k1 (0x0014)
Elliptic curve: sect239k1 (0x0008)
Elliptic curve: secp256k1 (0x0016)
Extension: ec_point_formats
Type: ec_point_formats (0x000b)
Length: 2
EC point formats Length: 1
Elliptic curves point formats (1)
EC point format: uncompressed (0)
Extension: signature_algorithms
Type: signature_algorithms (0x000d)
Length: 26
Signature Hash Algorithms Length: 24
Signature Hash Algorithms (12 algorithms)
Signature Hash Algorithm: 0x0603
Signature Hash Algorithm Hash: SHA512 (6)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0601
Signature Hash Algorithm Hash: SHA512 (6)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0503
Signature Hash Algorithm Hash: SHA384 (5)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0501
Signature Hash Algorithm Hash: SHA384 (5)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0403
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0401
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0303
Signature Hash Algorithm Hash: SHA224 (3)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0301
Signature Hash Algorithm Hash: SHA224 (3)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0203
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0201
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0202
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: DSA (2)
Signature Hash Algorithm: 0x0101
Signature Hash Algorithm Hash: MD5 (1)
Signature Hash Algorithm Signature: RSA (1)
Extension: server_name
Type: server_name (0x0000)
Length: 36
Server Name Indication extension
Server Name list length: 34
Server Name Type: host_name (0)
Server Name length: 31
Server Name: (OMITTED FOR SECURITY REASONS - IT CORRESPONDS TO THE DESTINATION HOSTNAME)
Tcpdump command line:
sudo tcpdump -s 0 -n "port 443" -w /Repo/security/capture.cap -i any
Has anyone got any idea what could be going wrong? I don't have administration rights or even an account to log in on the server, at the moment.
SOLVED - I have found that the Nginx server requires a "server_name" extension to be specified in the Client Hello. In fact the following openssl command prompts the server to issue a Certificate Request...
/usr/local/Cellar/openssl/1.0.2e/bin/openssl s_client -cert client_identity.crt -key client_identity.key -connect SecureServerHostName:443 -debug <post_request.txt -tls1_2 -servername SecureServerHostName
...while omitting the "-servername" option doesn't.
How I will force WebsphereAS to add that extension is another pair of shoes. Perhaps upgrading the version of Java will help, by updating the implementation of the TLS protocol.
Update: Yes, upgrading the IBM JDK from 1.6 to 1.7.1 worked, generating Client Hello messages with Server Name Indication, as mentioned here (By default Java SE 7 enables Server Name Indication (SNI).).
I am running a dropwizard server, and a client leveraging Apache HttpClient 4.5.1.
Given a single .pfx file that contains both the public and private keys, how would I structure my key/trust stores on both the server and client to accept/trust and pass the certificate for authentication purposes?
What I'm running into is the client trusts the provided server certificate, but
after the server hello that includes the certificate request per tls spec, my client is unable to find a suitable certificate to send back.
My first thought was to run the server with the keystore and truststore as the same pfx file, but java throws a null cert chain error when loading the pfx file as a trust store in the server. So I had to go through the process of creating a trust store manually.
Here are the general steps I thought would allow this entire process to succeed:
Run the server with the .pfx file, with a PKCS12 keystore type.
Extract the cert from the pfx file, and create a java trust store using the cert.
Run the server with the above clientCerts.jks file as the trust store
Run the client with a keystore set to the clientCerts.jks file
Run the client with a truststore set to the .pfx PKCS12 keystore.
These steps didn't work, and I've tried other less obvious permutations and none of them worked. Is there something blatantly wrong with the way I'm approaching this? Does anyone have any advice on actually getting it to work?
Lots of details below (including ssl debug logs)
PFX cert info:
(its a valid corporate signed cert, but I don't have the root CA as trusted anywhere, which is why I just create a trust store so I can trust the client cert).
$ openssl pkcs12 -info -in cert.pfx
Enter Import Password:
MAC Iteration 1
MAC verified OK
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2000
Bag Attributes
Microsoft Local Key set: <No Values>
localKeyID: 01 00 00 00
friendlyName: xxx
Microsoft CSP Name: Microsoft RSA SChannel Cryptographic Provider
Key Attributes
X509v3 Key Usage: 10
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----BEGIN ENCRYPTED PRIVATE KEY-----
xxx
-----END ENCRYPTED PRIVATE KEY-----
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2000
Certificate bag
Bag Attributes
localKeyID: 01 00 00 00
friendlyName: my.domain.com
subject=/C=US/O=My Company/OU=Web Servers/CN=my.domain.com
issuer=/C=US/O=My Company
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
Java Trust store Creation:
//create pem file
openssl pkcs12 -in cert.pfx -out tempCert.crt -nokeys -clcerts
//convert to x509
openssl x509 -inform pem -in tempCert.crt -outform der -out tempx509Cert.cer
//create a java trust store
keytool -import -file tempx509Cert.cer -alias firstCA -keystore newJavaTrustStore.jks
Dropwizard Config:
applicationConnectors:
- type: https
port: 443
bindHost: localhost
keyStorePath: ./cert.pfx
keyStorePassword: pw
keyStoreType: PKCS12
trustStorePath: ./clientCerts.jks
trustStorePassword: pw
trustStoreType: JKS
supportedProtocols: [TLSv1, TLSv1.1, TLSv1.2]
excludedProtocols: [SSLv2Hello, SSLv3]
validateCerts: false
needClientAuth: true
wantClientAuth: true
HttpClient Config Values:
keyStorePath: ./clientCerts.jks
keyStorePassword: pw
keyStoreType: JKS
trustStorePath: ./cert.pfx
trustStorePassword: pw
trustStoreType: PKCS12
HttpClient Config:
public static CloseableHttpClient getSecurePooledHttpClient(
final String host,
final int port,
final boolean ssl,
final String keystorePath,
final String keystorePassword,
final String keystoreType,
final String trustStorePath,
final String trustStorePassword,
final String trustStoreType
) throws Exception {
//Setup the keystore that will hold the client certificate
KeyStore ks = KeyStore.getInstance(keystoreType);
ks.load(new FileInputStream(new File(keystorePath)),
keystorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, keystorePassword.toCharArray());
//Setup the Trust Store so we know what certificates
//we can trust that are hosting the service
KeyStore ts = KeyStore.getInstance((trustStoreType));
ts.load(new FileInputStream(new File(trustStorePath)),
trustStorePassword.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ts);
//setup our SSL context to be TLSv1.2, then setup the key and trust manager.
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
//Register the socket factory so that it uses the ssl Context and key
// manager we created above
Registry<ConnectionSocketFactory> socketFactoryRegistry =
RegistryBuilder.<ConnectionSocketFactory>create()
.register("https", new SSLConnectionSocketFactory(sslContext,
NoopHostnameVerifier.INSTANCE))
.build();
//Define an overridden routeplanner that setups up our default host
// so all our later calls can simply be
//sub-routes.
HttpRoutePlanner routePlanner =
new DefaultRoutePlanner(DefaultSchemePortResolver.INSTANCE)
{
#Override
public HttpRoute determineRoute(
final HttpHost target,
final HttpRequest request,
final HttpContext context) throws HttpException {
return super.determineRoute(
target != null ? target : new HttpHost(host, port, ssl ? "https" : "http"),
request, context);
}
};
return BuildClientWithRoutePlanner(socketFactoryRegistry, routePlanner);
Client SSL debug:
...
*** ServerHello, TLSv1.2
RandomCookie: Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
%% Initialized: [Session-7, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
** TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=my.domain.com, OU=Web Servers, O=My Company, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
.........
***
Found trusted certificate:
[
[
Version: V3
Subject: CN=my.domain.com, OU=Web Servers, O=My Company, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
......
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Cert Authorities:
<CN=my.domain.com, OU=Web Servers, O=My Company, C=US>
*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
openssl x509 -inform DER -text
on my DER file gives the dump on the bottom of this question.
I try to read it with:
static PublicKey getCertKey() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
URL keyUrl = Resources.getResource(LManager.class, "iid.der");
byte[] keyBytes = Resources.toByteArray(keyUrl);
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePublic(spec);
}
And I get:
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:205)
at java.security.KeyFactory.generatePublic(KeyFactory.java:334)
....
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at Caused by: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
at sun.security.x509.X509Key.decode(X509Key.java:397)
at sun.security.x509.X509Key.decode(X509Key.java:403)
at sun.security.rsa.RSAPublicKeyImpl.<init>(RSAPublicKeyImpl.java:83)
at sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:298)
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:201)
... 25 more
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a9:cb:e1:41:03:30:df:c5
Signature Algorithm: sha1WithRSAEncryption
Issuer: REDACTED
Validity
Not Before: Jun 5 14:28:02 2014 GMT
Not After : Jun 5 14:28:02 2024 GMT
Subject: REDACTED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:87:bd:18:df:ff:49:12:b6:92:76:e3:c9:21:b4:
86:8d:f2:a9:03:37:7b:64:c3:85:63:bc:0f:67:bc:
f9:76:6a:72:4e:f9:e2:01:52:a3:df:40:6d:3d:91:
99:70:a5:6a:66:c8:ef:1b:18:1d:91:5a:a5:b1:0b:
0b:81:fd:d7:27:22:86:fa:c3:8d:b4:93:d5:98:e4:
2d:08:20:6b:43:44:d6:ae:37:79:2e:bc:65:e4:c3:
71:c4:9c:5d:04:8d:8a:f4:a5:cc:96:52:f0:72:59:
8e:0a:b3:06:55:e3:65:fb:63:b5:d2:4b:5d:e1:38:
87:0b:e8:d2:c0:f8:7f:78:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D6:CC:08:15:CA:B6:F0:9C:59:DC:14:52:2C:EF:B5:41:76:51:38
X509v3 Authority Key Identifier:
keyid:25:D6:CC:08:15:CA:B6:F0:9C:59:DC:14:52:2C:EF:B5:41:76:51:38
DirName:/C=US/ST=Washington/L=Seattle/O=Amazon.com Inc./CN=ec2.amazonaws.com
serial:A9:CB:E1:41:03:30:DF:C5
X509v3 Basic Constraints:
CA:TRUE
First, openssl -inform DER -text is an error. The openssl program is a wrapper that runs one of a bunch of functions, identified by the first argument, which in this case must be x509, so openssl x509 -inform DER -text.
That's a clue. Your file is an X.509 certificate not (just) a public key. Certificates in general, and X.509 certificates in particular, contain a public key but that is not the same thing as being a public key.
Since your file is an X.509 certificate, use a CertificateFactory of type X.509 to read it. The pattern is similar: use a static .getInstance() method to get a factory then use .generateCertificate() to take some input, here a stream that reads the data (directly from the file, or from memory if you have it buffered), and generate a Certificate object. (Note java.security.cert.Certificate not the obsolete and deprecated java.security.Certificate -- some IDEs may not default to the good one.)
If you want to use the public key in the certificate for something like encrypting or verifying call .getPublicKey() on the Certificate. If you want to look at other information such as the subject name or extensions which are specific to X.509, cast the Certificate to X509Certificate (also in java.lang.security.cert) and use its additional methods.
Also: the certificate is signed with sha1withRSA. The publickey itself is an RSA key, and could be used for any RSA operation -- but since the cert claims this key belongs to a CA, the corresponding privatekey should be used only for signing certs and/or CRLs (controlled by KeyUsage if present, but it's not unless you've redacted it) and thus doing something with this publickey other than verifying those certs and/or CRLs is useless. And since the key is only 1024 bits, using a signing hash stronger than SHA1 would be wasted, except for the facts that RSA-1024 is already considered insecure (since early 2014) and using SHA1-RSA for certificates is considered at risk and prohibited after sometime next year.
I want to encrypt my post payload with an X.509 certificate and the inherited public key. So far I have this java code to perform the encryption
private String encrypt(String str) throws Exception {
ClassPathResource classPathResource = new ClassPathResource("testcert1.crt");
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate)certificateFactory.generateCertificate(classPathResource.getInputStream());
PublicKey pk = certificate.getPublicKey();
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
cipher.init(Cipher.ENCRYPT_MODE, pk);
return Base64.encodeBase64String(cipher.doFinal(str.getBytes()));
}
which returns the base64 encoded string. From the endpoint I am always getting the result, that the certificate is not valid.
So I want to validate my encrypted string on the console using the openssl command, but failing to do so.
I can read out the certificate with: openssl x509 -in testcert1.crt -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=xxx, ST=xxx, L=xxx, O=xxx, OU=xxx, CN=xxx
Validity
Not Before: Jul 24 11:40:39 2013 GMT
Not After : Jul 24 11:40:39 2015 GMT
Subject: C=xxx, ST=xxx, L=xxx, O=xxx, OU=xxx, CN=xxx
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (4096 bit)
Modulus (4096 bit):
....
Exponent: 65537 (0x10001)
But I cannot figure out the command lines to encrypt/decrypt a text file using that certificate
You can validate your encrypted string using openssl with the following command:
echo -n 'string to encrypt' | openssl rsautl -encrypt -certin -inkey testcert1.crt | base64
As you are using asymmetric cryptography, if you encrypt using the public key of your certificate, you can only decrypt using the corresponding private key. Make sure you have that key and use it for decryption.