我正在尝试在我的Spring启动REST服务中启用TLSv1密码,以便较旧的Android客户端可以连接到它但由于某种原因它不起作用。我正在运行openjdk version "1.8.0_131"
,默认情况下,TLSv1,TLSv1.1和TLSv1.2似乎已启用
我使用nmap --script ssl-enum-ciphers -p 8443 127.0.0.1
来扫描服务器可以采取的操作,并且我正在使用
8443/tcp open https-alt
| ssl-enum-ciphers:
| TLSv1.2:
| ciphers:
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (secp256k1) - A
| TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 (secp521r1) - A
| TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 (secp521r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (secp256k1) - A
| TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (secp521r1) - A
| TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 (secp521r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256k1) - A
| TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256k1) - A
| TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 (secp521r1) - A
| TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 (secp521r1) - A
| TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (secp521r1) - A
| TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (secp521r1) - A
| compressors:
| NULL
| cipher preference: server
| warnings:
| Key exchange (secp256k1) of lower strength than certificate key
|_ least strength: A
没有成功的TLSv1或TLSv1.1。但他们没有被禁用!我知道这个,因为当我通过设置server.ssl.enabled-protocols=TLSv1.2
来禁用它们时,在服务器的ssl日志上我看到了
javax.net.ssl.SSLHandshakeException: Client requested protocol TLSv1.1 not enabled or not supported
当我删除该行(因此再次启用默认值)时,我看不到该错误。我看到的是
javax.net.ssl.SSLHandshakeException: no cipher suites in common
这是nmap扫描发送的密码列表,它是一个巨大的列表,因此很难相信TLSv1或TLSv1.1中没有共同点:
Cipher Suites: [Unknown 0xc0:0xa9, TLS_PSK_WITH_AES_256_GCM_SHA384, Unknown 0xc0:0x64, Unknown 0xc0:0x6a, Unknown 0xc0:0x65, Unknown 0xc0:0x6b, Unknown 0xc0:0x94, Unknown 0xc0:0x8e, Unknown 0xc0:0x95, Unknown 0xc0:0x8f, Unknown 0xcc:0xab, TLS_PSK_WITH_NULL_SHA, TLS_PSK_WITH_NULL_SHA256, TLS_PSK_WITH_NULL_SHA384, TLS_PSK_WITH_RC4_128_SHA, SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA, Unknown 0x0:0x61, Unknown 0x0:0x60, SSL_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_RSA_EXPORT_WITH_RC4_40_MD5, TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, TLS_RSA_PSK_WITH_AES_128_CBC_SHA, TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, TLS_RSA_PSK_WITH_AES_256_CBC_SHA, TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, Unknown 0xc0:0x68, Unknown 0xc0:0x6e, Unknown 0xc0:0x69, Unknown 0xc0:0x6f, Unknown 0xc0:0x98, Unknown 0xc0:0x92, Unknown 0xc0:0x99, Unknown 0xc0:0x93, Unknown 0xcc:0xae, TLS_RSA_PSK_WITH_NULL_SHA, TLS_RSA_PSK_WITH_NULL_SHA256, TLS_RSA_PSK_WITH_NULL_SHA384, TLS_RSA_PSK_WITH_RC4_128_SHA, Unknown 0x0:0x7c, SSL_RSA_WITH_3DES_EDE_CBC_SHA, Unknown 0x0:0x7d, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, Unknown 0xc0:0x9c, Unknown 0xc0:0xa0, TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0x0:0x7e, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, Unknown 0xc0:0x9d, Unknown 0xc0:0xa1, TLS_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xc0:0x3c, Unknown 0xc0:0x50]
有些背景,我试图启用TLSv1希望我的android 4.4.4客户端然后连接。它在发送其密码列表时与{n}具有相同的错误no cipher suites in common
。然而,nmap成功使用了一些TLSv1.2密码,android没有,因为它支持较少的密码。所以我试图在android中启用更多密码(似乎更难/不可能)或在我的服务器中启用更多密码(似乎更容易)。这些是android在ClientHello中发送的密码
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_EMPTY_RENEGOTIATION_INFO_SCSV
如果我只使用server.ssl.ciphers
显式启用那些,那么nmap显示实际上没有接受任何密码。什么可能导致spring / java / somethingelse无法启用android尝试使用的任何(常用和标准)密码?
答案 0 :(得分:2)
我的案例中的问题不在于未启用TLS版本。这是密码的签名算法。
Jetty禁用所有使用SHA1或MD5的密码,并且在客户端列表中可以看到,在我的情况下,它们都是SHA1密码。这是Jetty代码
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setExcludeCipherSuites(
"^.*_(MD5|SHA|SHA1)$");
更多详情here
为了解决这个问题,我创建了一个明确的密码列表,用于我的spring boot配置,我启用了SHA1密码
我必须说,至少在与TLS1.2一起使用时,基于this post(我没有安全专家),这个码头似乎没有必要。要点是肯定不安全的是使用SHA1签署证书,但使用在HMAC中使用SHA1的密码套件仍然被认为是安全的