Re: Tomcat 7 cannot get ciphers with SHA256 or SHA384

Mon, 26 May 2014 11:10:30 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Tim,

On 5/25/14, 9:34 PM, Tim Whittington wrote:
> 
> On 21/05/2014, at 10:21 pm, Sverre Moe <sverre....@gmail.com>
> wrote:
> 
> <snip>
> 
>> ciphers="TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA265, 
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256"
>> />
> 
> Documentation aside, none of these cipher-suites are supported in
> Oracle Java 7.

If you run the code I referenced elsewhere in this thread, you'll see
that some of the components are available, just not in the
combinations you have above:

$ java -showversion -classpath build/ SSLInfo | grep '\(256\|384\)'
java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)

Supported SSL Protocols:
  TLSv1 (SunJSSE)
  TLSv1.1 (SunJSSE)
  TLSv1.2 (SunJSSE)
Default Cipher Name
*       TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
*       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
        TLS_DH_anon_WITH_AES_128_CBC_SHA256
*       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
*       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
*       TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
*       TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
*       TLS_RSA_WITH_AES_128_CBC_SHA256
        TLS_RSA_WITH_NULL_SHA256

So, you can get ECDHE_(ECDSA|RSA)_AES, but not with a 256-bit cipher.
You can get a 128-bit cipher and a 256-bit hash, but not higher-bit
hash functions.

> Oracle Java 7 has no GCM support (AIX does I think, but from
> memory the cipher suite names are different), and some of the
> cipher-suites don’t exist (see below). GCM was originally targeted
> for JDK 7 (which is why the cipher suite names and AEAD APIs in the
> JCE are there) but the implementation didn’t show up until JDK 8.

I find no ciphers with 384-bit hashes in Oracle Java 8, but there are
256-bit ones -- at least in the Mac OS X build:

$
/Library/Java/JavaVirtualMachines/disabled/jdk1.8.0.jdk/Contents/Home/bin/java
- -showversion -classpath build/ SSLInfo | grep '\(256\|384\)'
java version "1.8.0-ea"
Java(TM) SE Runtime Environment (build 1.8.0-ea-b99)
Java HotSpot(TM) 64-Bit Server VM (build 25.0-b41, mixed mode)

*       TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
*       TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
*       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
*       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
        TLS_DH_anon_WITH_AES_128_CBC_SHA256
        TLS_DH_anon_WITH_AES_128_GCM_SHA256
*       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
*       TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
*       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
*       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*       TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
*       TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
*       TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
*       TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
*       TLS_RSA_WITH_AES_128_CBC_SHA256
*       TLS_RSA_WITH_AES_128_GCM_SHA256
        TLS_RSA_WITH_NULL_SHA256

So as Tim says, Oracle Java 7 doesn't support this stuff. And neither
does Java 8.

If you want higher-grade encryption (and you want it to run faster),
consider switching to the OpenSSL-based APR connector: performance is
one of the major reasons for using the APR connector, and its a bit
more efficient than the NIO connector and certainly better than the
BIO connector.

- -chris

>> I have tried running Tomcat with Java 7 and Java 8. Both of these
>> should support CBC_SHA256 and CBC_SHA384, but only Java 8
>> supports GCM_SHA384. I have downloaded the Java cryptographic
>> extensions policy files for both Java 7 and Java 8.
>> 
>> The only way I get a connection is when I add the following
>> ciphers: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 
>> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
>> 
>> According to the specification all these ciphers are correct
>> names: 
>> http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#ciphersuites
>>
>
>> 
> This is not true for TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA265 or 
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256 in Java 7 or 8 (only SHA/
> SHA384 or AES_128 variants of these are listed in the docs and
> reported by the JRE).
> 
> i.e. for whatever reason, SHA384 and SHA are coupled with AES_256, 
> and SHA256 and SHA are coupled with AES_128.
> 
> The email trail Christopher linked should help you discover what’s 
> available on the system you’re running on.
> 
> cheers tim
> 
> For the record, these are the ECDHE cipher suites supported in
> Oracle Java 7, excluding those that use SHA(1):
> 
> Cipher                                   Kx       Au       Enc
> Mode Key Str   Mac    Size Unsafe 
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384  ECDHE    ECDSA    AES
> CBC  256 (256) SHA384  384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
> ECDHE    RSA      AES        CBC  256 (256) SHA384  384 
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256  ECDHE    ECDSA    AES
> CBC  128 (128) SHA256  256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
> ECDHE    RSA      AES        CBC  128 (128) SHA256  256
> 
> Oracle Java 8 adds the following ECDHE + GCM cipher suites (again
> not including SHA(1)) to the list above:
> 
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  ECDHE    ECDSA    AES
> GCM  256 (256) SHA384  384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
> ECDHE    ECDSA    AES        GCM  128 (128) SHA256  256 
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    ECDHE    RSA      AES
> GCM  256 (256) SHA384  384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> ECDHE    RSA      AES        GCM  128 (128) SHA256  256
> 
> ---------------------------------------------------------------------
>
> 
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTg4NoAAoJEBzwKT+lPKRYBPAQAK8J7vkGIen28+B2OCWIV+pa
KLU4qevtVUN+J5GDtaofXMiURwo9JfeGC8MrCSyK/sD4tOQOV8NgbmUuA8LlTbum
4/Zfrd2eb7tH4ZQgo14ijk/zRD+pK+/0G5MqcY+kWqJ9XZoljlIzHMksZOP9hBkv
n9k7C7vSEE3s1gKIb5rHcUYnGE4zkTZX+DFnFjFeuriU/4WSOUNMCG2rsiNwfnIv
srrYfKhwM8dPO+JIIWbCsIlvQen8RDAdJglvkZti6kLl03o0wfQHgA2HcQMxwDlj
YEa7YuWRJB5+bzYM5E5frHbGjIN4Q80NpOpYH+6LBUZdc3kyBu4mwf8Of9MH7U4+
2AkSxDZ9VELP1G5oZpLr7tEcapaaBVMHdjAo4/VgfGNGUuhFRQxvLKKI1S6QsE21
jmGj6tvARpGpMPbwl5iD0JsWKETY1C+h2tRXcoqvAwQeD1x7llyGQ7KD0ibBK8Rq
F4yxQgd0TlIVHmIZlTb+U+ZVPrJ+pQqL+xGhAQ5PN9B5McA7dxv6881ggQC9djop
nuNnSl+vYI/2PH+VK7YEqgHo3SQRhJbs9lrFESks5M+EDf8U1BbD+6YQLZPAG6Js
uvdFeH7dXvEsmZ/4xb9flqphwNrol5SjrIQE/cHx2IF+YpJOXT0AiZFUHy2gbDrJ
Oh9wQlcF0k1BynQ55nWo
=/cVw
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to