Choose encryption in SSL

Navigation
4

How can I define exactly which encryption I will use in the routine below? I want to define for example that the encryption to be used is AES, or DES, or 3DES ... 

// Setup truststore
KeyStore trustStore = null;
trustStore = KeyStore.getInstance("BKS"); 

TrustManagerFactory trustManagerFactory = null;
trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
InputStream trustStoreStream = ctx.getResources().openRawResource(R.raw.truststore);

trustStore.load(trustStoreStream, "MyPassword".toCharArray());
trustManagerFactory.init(trustStore);

// Setup keystore
KeyStore keyStore = null;
keyStore = KeyStore.getInstance("BKS");

KeyManagerFactory keyManagerFactory = null;
keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());

InputStream keyStoreStream = ctx.getResources().openRawResource(R.raw.client);
keyStore.load(keyStoreStream, "MyPassword".toCharArray());
keyManagerFactory.init(keyStore, "MyPassword".toCharArray());

ssl_ctx = SSLContext.getInstance("TLS");
ssl_ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(),
        null);
    
asked by anonymous 13.10.2014 / 04:46

1 answer

1
  

Disclaimer: I am not a security expert, nor do I have hands-on experience with TLS in Java. This is a partial response, intended to assist in the search for a definitive answer.

First, it is worth noting that AES / DES / 3DES is only part of the equation: they correspond to a cryptographic primitive for symmetric encryption. Alone, they are useless. So a "cipher suite" is composed of several distinct primitives, such as: 1) key exchange method; 2) asymmetric digital signature; 3) symmetric encryption - block; 4) symmetric encryption - mode of operation; 5) hash. If you run the code below, for example, you will see which suites are supported (but not necessarily enabled) by your Java: 

SSLParameters params = ssl_ctx.getSupportedSSLParameters();
String[] suites = params.getCipherSuites();
for (int i = 0; i < suites.length; i++)
    System.out.println(suites[i]);

Output example (varies by implementation): 

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
...
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
...
SSL_RSA_WITH_DES_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_DH_anon_WITH_DES_CBC_SHA
...
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_KRB5_WITH_RC4_128_SHA
TLS_ECDH_RSA_WITH_NULL_SHA
...

Font

As you can see, each supported suite can use SSL or TLS, and for the same algorithm (% with%, for example) others may vary (eg RSA vs. Elliptic Curves, SHA256 vs. SHA vs. MD5 , etc). In some cases, no algorithm is used (eg, AES_128 - makes communication not confidential), in others it uses one that is not in your list (eg NULL or RC4_128 ).

I do not know how to answer you how to define exactly which algorithm to use. If you want to put some of them on a "blacklist", one way is to use the DES40 property, which already comes with some of them disabled by default: 

jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024

Source

Now if what you want is a "white list" (eg picking the array of supported algorithms and filtering by those that fit your criteria), you need to figure out exactly where the code should be done that. Initially this could be done directly in jdk.tls.disabledAlgorithms , provided that before the handshake:

  

There are two groups of encryption suites that you will need to know when managing them:

     
  • Supported Suites: All suites that are supported by the SSL implementation. This list is reported using SSLSocket .
    •   
  • Enabled suites, which may be less than the full list of supported suites. This group is assigned using the getSupportedCipherSuites method and retrieved using the setEnabledCipherSuites method. Initially, a standard suite of suites will be enabled in a new socket that represents the suggested minimum configuration.
    •   

Deployment standards require that only suites that authenticate servers and provide confidentiality are enabled by default. Only if both sides explicitly agree to non-authenticated and / or non-private (non-encrypted) communications will such a suite be selected.

     

When SSLSockets are initially created, no handshake is done so that applications can first assign their communication preferences: which suites to use, whether the socket should be in client mode or server mode, and so on. However, security is always guaranteed when application data is sent over the connection.

This suggests that this property can be directly assigned in getEnabledCipherSuites . This answer in SOen seems to agree with this, but I can not give any assurances as to its correctness (in particular, it is important to know if the handshake has already happened or not - and I do not know how to do it, or even if it is possible).

Another possibility is to use the SSLSocket which receives a list of suites. Where to use these parameters, I also do not know to tell you (as I have said, I have no practical experience in the subject). It might be in the socket itself (via

13.10.2014 / 08:36
Problems with logic to bring data from a list or table How to create a library for sound?