web-dev-qa-db-ja.com

Java 7およびTLSv1.2ソケット

暗号化を使用してWebサーバーに接続しようとしています。 Webサーバーは、プロトコルTLSv1.2を使用した接続のみを許可します。

このスニペットを official doc から変更しました

import Java.net.*;
import Java.io.*;
import javax.net.ssl.*;

/*
 * This example demostrates how to use a SSLSocket as client to
 * send a HTTP request and get response from an HTTPS server.
 * It assumes that the client is not behind a firewall
 */

public class SSLSocketClient {

public static void main(String[] args) throws Exception {
    try {
        String Host = "172.20.172.106";
        SSLSocketFactory factory =
                (SSLSocketFactory) SSLSocketFactory.getDefault();
        SSLSocket socket = (SSLSocket) factory.createSocket(Host, 443);
        String[] protocols = socket.getEnabledProtocols();
        System.out.println("Enabled Protocols: ");
        for (int i = 0; i < protocols.length; i++) {
            System.out.println(protocols[i] + ", ");
        }
        String[] supportedProtocols = socket.getSupportedProtocols();
        System.out.println("Supported Protocols: ");
        for (int i = 0; i < protocols.length; i++) {
            System.out.println(supportedProtocols[i] + ", ");
        }
        String[] goodProtocols = new String[1];
        goodProtocols[0] = "TLSv1.2";
        socket.setEnabledProtocols(goodProtocols);
        protocols = socket.getEnabledProtocols();
        System.out.println("Set Protocols: ");
        for (int i = 0; i < protocols.length; i++) {
            System.out.println(protocols[i] + ", ");
        }
        /*
         * send http request
         *
         * Before any application data is sent or received, the
         * SSL socket will do SSL handshaking first to set up
         * the security attributes.
         *
         * SSL handshaking can be initiated by either flushing data
         * down the pipe, or by starting the handshaking by hand.
         *
         * Handshaking is started manually in this example because
         * PrintWriter catches all IOExceptions (including
         * SSLExceptions), sets an internal error flag, and then
         * returns without rethrowing the exception.
         *
         * Unfortunately, this means any error messages are lost,
         * which caused lots of confusion for others using this
         * code.  The only way to tell there was an error is to call
         * PrintWriter.checkError().
         */
        socket.startHandshake();

        PrintWriter out = new PrintWriter(
                new BufferedWriter(
                        new OutputStreamWriter(
                                socket.getOutputStream())));

        out.println("GET / HTTP/1.0");
        out.println();
        out.flush();

        /*
         * Make sure there were no surprises
         */
        if (out.checkError())
            System.out.println(
                    "SSLSocketClient:  Java.io.PrintWriter error");

        /* read response */
        BufferedReader in = new BufferedReader(
                new InputStreamReader(
                        socket.getInputStream()));

        String inputLine;
        while ((inputLine = in.readLine()) != null)
            System.out.println(inputLine);

        in.close();
        out.close();
        socket.close();

    } catch (Exception e) {
        e.printStackTrace();
    }
}
}

このコードをJRE 8で実行すると、すべてが正常に動作します。

これは私が得る出力です

Enabled Protocols:
TLSv1,
TLSv1.1,
TLSv1.2,
Supported Protocols:
SSLv2Hello,
SSLv3,
TLSv1,
Set Protocols:
TLSv1.2,
HTTP/1.1 302 Moved Temporarily
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 0
Date: Mon, 09 Feb 2015 15:08:25 GMT
Expires: 0
Cache-Control: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: PRTG/15.1.13.1382
Location: /index.htm

しかし、JRE1.7.0_75を-Djavax.net.debug=allで試してみると、次のようになります。

Enabled Protocols:
TLSv1,
Supported Protocols:
SSLv2Hello,
Set Protocols:
TLSv1.2,

keyStore is : 
keyStore type is : jks
keyStore provider is : 
init keystore
init keymanager of type SunX509
trustStore is: C:\Program Files\Java\jdk1.7.0_75\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is : 
init truststore

...SKIPPING CERTIFICATE INIT...

trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Enabled Protocols: 
TLSv1, 
Supported Protocols: 
SSLv2Hello, 
Set Protocols: 
TLSv1.2, 
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1406651565 bytes = { 85, 112, 165, 115, 135, 15, 171, 1, 167, 182, 47, 68, 233, 53, 164, 111, 112, 244, 51, 252, 240, 40, 178, 238, 204, 215, 13, 137 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
***
[write] MD5 and SHA1 hashes:  len = 179
0000: 01 00 00 AF 03 03 54 D8   CD AD 55 70 A5 73 87 0F  ......T...Up.s..
0010: AB 01 A7 B6 2F 44 E9 35   A4 6F 70 F4 33 FC F0 28  ..../D.5.op.3..(
0020: B2 EE CC D7 0D 89 00 00   2A C0 09 C0 13 00 2F C0  ........*...../.
0030: 04 C0 0E 00 33 00 32 C0   08 C0 12 00 0A C0 03 C0  ....3.2.........
0040: 0D 00 16 00 13 C0 07 C0   11 00 05 C0 02 C0 0C 00  ................
0050: 04 00 FF 01 00 00 5C 00   0A 00 34 00 32 00 17 00  ......\...4.2...
0060: 01 00 03 00 13 00 15 00   06 00 07 00 09 00 0A 00  ................
0070: 18 00 0B 00 0C 00 19 00   0D 00 0E 00 0F 00 10 00  ................
0080: 11 00 02 00 12 00 04 00   05 00 14 00 08 00 16 00  ................
0090: 0B 00 02 01 00 00 0D 00   1A 00 18 06 03 06 01 05  ................
00A0: 03 05 01 04 03 04 01 03   03 03 01 02 03 02 01 02  ................
00B0: 02 01 01                                           ...
main, WRITE: TLSv1.2 Handshake, length = 179
[Raw write]: length = 184
0000: 16 03 03 00 B3 01 00 00   AF 03 03 54 D8 CD AD 55  ...........T...U
0010: 70 A5 73 87 0F AB 01 A7   B6 2F 44 E9 35 A4 6F 70  p.s....../D.5.op
0020: F4 33 FC F0 28 B2 EE CC   D7 0D 89 00 00 2A C0 09  .3..(........*..
0030: C0 13 00 2F C0 04 C0 0E   00 33 00 32 C0 08 C0 12  .../.....3.2....
0040: 00 0A C0 03 C0 0D 00 16   00 13 C0 07 C0 11 00 05  ................
0050: C0 02 C0 0C 00 04 00 FF   01 00 00 5C 00 0A 00 34  ...........\...4
0060: 00 32 00 17 00 01 00 03   00 13 00 15 00 06 00 07  .2..............
0070: 00 09 00 0A 00 18 00 0B   00 0C 00 19 00 0D 00 0E  ................
0080: 00 0F 00 10 00 11 00 02   00 12 00 04 00 05 00 14  ................
0090: 00 08 00 16 00 0B 00 02   01 00 00 0D 00 1A 00 18  ................
00A0: 06 03 06 01 05 03 05 01   04 03 04 01 03 03 03 01  ................
00B0: 02 03 02 01 02 02 01 01                            ........
[Raw read]: length = 5
0000: 15 03 03 00 02                                     .....
[Raw read]: length = 2
0000: 02 28                                              .(
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at Sun.security.ssl.Alerts.getSSLException(Alerts.Java:192)
    at Sun.security.ssl.Alerts.getSSLException(Alerts.Java:154)
    at Sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.Java:1979)
    at Sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.Java:1086)
    at Sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.Java:1332)
    at Sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.Java:1359)
    at Sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.Java:1343)
    at SSLSocketClient.main(SSLSocketClient.Java:96)

jdk7はTLSv1.2をサポートするはずですが、サポートされているプロトコル出力には表示されません

10
EmaB

PRTGは、高セキュリティモードセットで 4つの暗号 をサポートします。

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

これらのどれもJava 1.7の標準ディストリビューションにはありません

ただし、 Java Cryptography Extension(JCE)Unlimited Strength Jurisdiction Policy Files 7 Download には含まれていますTLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

無制限の強度のZipをダウンロードして、local_policy.jarおよびUS_export_policy.jar JRE_HOME/lib/securityにあるファイルとダウンロードしたファイル。

2016年2月12日編集:

また、システムプロパティを使用して適切なTLSバージョンを有効にする必要があります。

-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
8
Gary

最後に問題を発見しました:モードSSL security: high securityに設定されているときに接続しようとしているPRTGサーバーは、TLSv1.2と暗号TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256を使用した安全な接続のみを受け入れるようです。 Java 8。

@Peteshはあなたのサポートをありがとう

4
EmaB