tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: [OT] ECDHE cipher suites missing on Amazon Linux / OpenJDK 7 and 8 ??
Date Wed, 05 Oct 2016 20:52:10 GMT
Am 05.10.2016 um 21:11 schrieb Christopher Schultz:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> All,
>
> Apologies for off-topic post, but lots of folks here have lots of
> different experiences and maybe someone has come across this.
>
> I've got a few servers in Amazon EC2 running Amazon Linux. I'm using
> the OpenJDK package, and I have versions 1.7.0 and 1.8.0 running
> side-by-side:
>
> $ java -version
> java version "1.7.0_111"
> OpenJDK Runtime Environment (amzn-2.6.7.2.68.amzn1-i386 u111-b01)
> OpenJDK Client VM (build 24.111-b01, mixed mode, sharing)
>
> $ java8 -version
> openjdk version "1.8.0_101"
> OpenJDK Runtime Environment (build 1.8.0_101-b13)
> OpenJDK Server VM (build 25.101-b13, mixed mode)
>
> For some reason, a whole slew of crypto support is flat-out /missing/
> from those packages (java-1.7.0-openjdk and java-1.8.0-openjdk).
> Here's what I get when I run my SSLInfo tool on the box:
>
> $ java -showversion -classpath libs/chadis-tools-1.55.jar
> com.chadis.tools.security.SSLInfo
> java version "1.7.0_111"
> OpenJDK Runtime Environment (amzn-2.6.7.2.68.amzn1-i386 u111-b01)
> OpenJDK Client VM (build 24.111-b01, mixed mode, sharing)
>
> Supported SSL Protocols:
>   TLSv1 (SunJSSE)
>   TLSv1.1 (SunJSSE)
>   TLSv1.2 (SunJSSE)
> Default	Cipher Name
>  	SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> *	SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
>  	SSL_DHE_DSS_WITH_DES_CBC_SHA
>  	SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
> *	SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
>  	SSL_DHE_RSA_WITH_DES_CBC_SHA
>  	SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
>  	SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
>  	SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
>  	SSL_DH_anon_WITH_DES_CBC_SHA
>  	SSL_DH_anon_WITH_RC4_128_MD5
>  	SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
>  	SSL_RSA_EXPORT_WITH_RC4_40_MD5
> *	SSL_RSA_WITH_3DES_EDE_CBC_SHA
>  	SSL_RSA_WITH_DES_CBC_SHA
>  	SSL_RSA_WITH_NULL_MD5
>  	SSL_RSA_WITH_NULL_SHA
>  	SSL_RSA_WITH_RC4_128_MD5
>  	SSL_RSA_WITH_RC4_128_SHA
> *	TLS_DHE_DSS_WITH_AES_128_CBC_SHA
> *	TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
> *	TLS_DHE_DSS_WITH_AES_256_CBC_SHA
> *	TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
> *	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
> *	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
> *	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
> *	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
>  	TLS_DH_anon_WITH_AES_128_CBC_SHA
>  	TLS_DH_anon_WITH_AES_128_CBC_SHA256
>  	TLS_DH_anon_WITH_AES_256_CBC_SHA
>  	TLS_DH_anon_WITH_AES_256_CBC_SHA256
> *	TLS_EMPTY_RENEGOTIATION_INFO_SCSV
>  	TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
>  	TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
>  	TLS_KRB5_EXPORT_WITH_RC4_40_MD5
>  	TLS_KRB5_EXPORT_WITH_RC4_40_SHA
>  	TLS_KRB5_WITH_3DES_EDE_CBC_MD5
>  	TLS_KRB5_WITH_3DES_EDE_CBC_SHA
>  	TLS_KRB5_WITH_DES_CBC_MD5
>  	TLS_KRB5_WITH_DES_CBC_SHA
>  	TLS_KRB5_WITH_RC4_128_MD5
>  	TLS_KRB5_WITH_RC4_128_SHA
> *	TLS_RSA_WITH_AES_128_CBC_SHA
> *	TLS_RSA_WITH_AES_128_CBC_SHA256
> *	TLS_RSA_WITH_AES_256_CBC_SHA
> *	TLS_RSA_WITH_AES_256_CBC_SHA256
>  	TLS_RSA_WITH_NULL_SHA256
>
> Note the complete lack of ECDH or ECDHE cipher suites. Now again with
> Java 8:
>
> $ java8 -showversion -classpath libs/chadis-tools-1.55.jar
> com.chadis.tools.security.SSLInfo
> openjdk version "1.8.0_101"
> OpenJDK Runtime Environment (build 1.8.0_101-b13)
> OpenJDK Server VM (build 25.101-b13, mixed mode)
>
> Supported SSL Protocols:
>   TLS (SunJSSE)
>   TLSv1 (SunJSSE)
>   TLSv1.1 (SunJSSE)
>   TLSv1.2 (SunJSSE)
> Default	Cipher Name
>  	SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> *	SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
>  	SSL_DHE_DSS_WITH_DES_CBC_SHA
>  	SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
> *	SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
>  	SSL_DHE_RSA_WITH_DES_CBC_SHA
>  	SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
>  	SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
>  	SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
>  	SSL_DH_anon_WITH_DES_CBC_SHA
>  	SSL_DH_anon_WITH_RC4_128_MD5
>  	SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
>  	SSL_RSA_EXPORT_WITH_RC4_40_MD5
> *	SSL_RSA_WITH_3DES_EDE_CBC_SHA
>  	SSL_RSA_WITH_DES_CBC_SHA
>  	SSL_RSA_WITH_NULL_MD5
>  	SSL_RSA_WITH_NULL_SHA
>  	SSL_RSA_WITH_RC4_128_MD5
>  	SSL_RSA_WITH_RC4_128_SHA
> *	TLS_DHE_DSS_WITH_AES_128_CBC_SHA
> *	TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
> *	TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
> *	TLS_DHE_DSS_WITH_AES_256_CBC_SHA
> *	TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
> *	TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
> *	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
> *	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
> *	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
> *	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
> *	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
> *	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
>  	TLS_DH_anon_WITH_AES_128_CBC_SHA
>  	TLS_DH_anon_WITH_AES_128_CBC_SHA256
>  	TLS_DH_anon_WITH_AES_128_GCM_SHA256
>  	TLS_DH_anon_WITH_AES_256_CBC_SHA
>  	TLS_DH_anon_WITH_AES_256_CBC_SHA256
>  	TLS_DH_anon_WITH_AES_256_GCM_SHA384
> *	TLS_EMPTY_RENEGOTIATION_INFO_SCSV
>  	TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
>  	TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
>  	TLS_KRB5_EXPORT_WITH_RC4_40_MD5
>  	TLS_KRB5_EXPORT_WITH_RC4_40_SHA
>  	TLS_KRB5_WITH_3DES_EDE_CBC_MD5
>  	TLS_KRB5_WITH_3DES_EDE_CBC_SHA
>  	TLS_KRB5_WITH_DES_CBC_MD5
>  	TLS_KRB5_WITH_DES_CBC_SHA
>  	TLS_KRB5_WITH_RC4_128_MD5
>  	TLS_KRB5_WITH_RC4_128_SHA
> *	TLS_RSA_WITH_AES_128_CBC_SHA
> *	TLS_RSA_WITH_AES_128_CBC_SHA256
> *	TLS_RSA_WITH_AES_128_GCM_SHA256
> *	TLS_RSA_WITH_AES_256_CBC_SHA
> *	TLS_RSA_WITH_AES_256_CBC_SHA256
> *	TLS_RSA_WITH_AES_256_GCM_SHA384
>  	TLS_RSA_WITH_NULL_SHA256
>
> If I run this on another box where Oracle's Java has been installed, I
> get the full compliment:
>
> $ /usr/local/java-8/bin/java -showversion -classpath build/classes/
> com.chadis.tools.security.SSLInfo
> java version "1.8.0_101"
> Java(TM) SE Runtime Environment (build 1.8.0_101-b13)
> Java HotSpot(TM) 64-Bit Server VM (build 25.101-b13, mixed mode)
>
> Supported SSL Protocols:
>   TLS (SunJSSE)
>   TLSv1 (SunJSSE)
>   TLSv1.1 (SunJSSE)
>   TLSv1.2 (SunJSSE)
> Default	Cipher Name
>  	SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> *	SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
>  	SSL_DHE_DSS_WITH_DES_CBC_SHA
>  	SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
> *	SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
>  	SSL_DHE_RSA_WITH_DES_CBC_SHA
>  	SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
>  	SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
>  	SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
>  	SSL_DH_anon_WITH_DES_CBC_SHA
>  	SSL_DH_anon_WITH_RC4_128_MD5
>  	SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
>  	SSL_RSA_EXPORT_WITH_RC4_40_MD5
> *	SSL_RSA_WITH_3DES_EDE_CBC_SHA
>  	SSL_RSA_WITH_DES_CBC_SHA
>  	SSL_RSA_WITH_NULL_MD5
>  	SSL_RSA_WITH_NULL_SHA
>  	SSL_RSA_WITH_RC4_128_MD5
>  	SSL_RSA_WITH_RC4_128_SHA
> *	TLS_DHE_DSS_WITH_AES_128_CBC_SHA
> *	TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
> *	TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
> *	TLS_DHE_DSS_WITH_AES_256_CBC_SHA
> *	TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
> *	TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
> *	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
> *	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
> *	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
> *	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
> *	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
> *	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
>  	TLS_DH_anon_WITH_AES_128_CBC_SHA
>  	TLS_DH_anon_WITH_AES_128_CBC_SHA256
>  	TLS_DH_anon_WITH_AES_128_GCM_SHA256
>  	TLS_DH_anon_WITH_AES_256_CBC_SHA
>  	TLS_DH_anon_WITH_AES_256_CBC_SHA256
>  	TLS_DH_anon_WITH_AES_256_GCM_SHA384
> *	TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> *	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
> *	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
> *	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
> *	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
> *	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
> *	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
>  	TLS_ECDHE_ECDSA_WITH_NULL_SHA
>  	TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
> *	TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> *	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
> *	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
> *	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> *	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
> *	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
> *	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
>  	TLS_ECDHE_RSA_WITH_NULL_SHA
>  	TLS_ECDHE_RSA_WITH_RC4_128_SHA
> *	TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> *	TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
> *	TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
> *	TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
> *	TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
> *	TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
> *	TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
>  	TLS_ECDH_ECDSA_WITH_NULL_SHA
>  	TLS_ECDH_ECDSA_WITH_RC4_128_SHA
> *	TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> *	TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
> *	TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
> *	TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
> *	TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
> *	TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
> *	TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
>  	TLS_ECDH_RSA_WITH_NULL_SHA
>  	TLS_ECDH_RSA_WITH_RC4_128_SHA
>  	TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
>  	TLS_ECDH_anon_WITH_AES_128_CBC_SHA
>  	TLS_ECDH_anon_WITH_AES_256_CBC_SHA
>  	TLS_ECDH_anon_WITH_NULL_SHA
>  	TLS_ECDH_anon_WITH_RC4_128_SHA
> *	TLS_EMPTY_RENEGOTIATION_INFO_SCSV
>  	TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
>  	TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
>  	TLS_KRB5_EXPORT_WITH_RC4_40_MD5
>  	TLS_KRB5_EXPORT_WITH_RC4_40_SHA
>  	TLS_KRB5_WITH_3DES_EDE_CBC_MD5
>  	TLS_KRB5_WITH_3DES_EDE_CBC_SHA
>  	TLS_KRB5_WITH_DES_CBC_MD5
>  	TLS_KRB5_WITH_DES_CBC_SHA
>  	TLS_KRB5_WITH_RC4_128_MD5
>  	TLS_KRB5_WITH_RC4_128_SHA
> *	TLS_RSA_WITH_AES_128_CBC_SHA
> *	TLS_RSA_WITH_AES_128_CBC_SHA256
> *	TLS_RSA_WITH_AES_128_GCM_SHA256
> *	TLS_RSA_WITH_AES_256_CBC_SHA
> *	TLS_RSA_WITH_AES_256_CBC_SHA256
> *	TLS_RSA_WITH_AES_256_GCM_SHA384
>  	TLS_RSA_WITH_NULL_SHA256
>
> I've tried a few things. First, checking to see if any algorithms have
> been artificially suppressed:
>
> The security policy has these algorithms disabled:
>
> jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
>
> I'm okay with all those.
>
> I've installed the "Java Unlimited Strength Policy Files" which may or
> may not have been necessary (in general) but that doesn't enable the
> ECDH/ECDHE cipher suites, anyway.
>
> The only promising suggestion I've read online is to install the
> Bouncy Castle crypto provider, except that provider is 100% Java and
> I'd prefer to get (what little) acceleration the native implementation
> can provide.
>
> Do I need to abandon OpenJDK in order to get a decent selection of
> cipher suites? Or is there a package I have not installed, or a
> setting I haven't tweaked somewhere to get this working?

Coincidentally I an currently involved in a project which forced 
customers to download EC support for OpenJDK as a separate package due 
to license limitations. EC support in Oracle JDK is provided by the Sun 
EC provider which consists of a jar file sunec.jar plus (and therein 
lies the real impl) a native library (libsunec.so on Unix/Linux). These 
files seem to have been removed from OpenJDK due to license restrictions 
or policies.

I found two texts related to this:

http://armoredbarista.blogspot.de/2013/10/how-to-use-ecc-with-openjdk.html

and

https://bugzilla.redhat.com/show_bug.cgi?id=1167153

I do not know, whether AWS really does not include the Sun EC jar file 
and/or library (then your observation would be explained by this) or 
whether the root cause on AWS is something else.

Regards,

Rainer

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message