Problems with SSL configuration

[Alex Ivanov]

I have some problems with SSL configuration and i guess the problem is not in Spray, but i have very little knowledge in security and the solutions i've seen didn't help me, so maybe someone would help me here. So, i have a verified certificate from Comodo and with keytool utility made a *.jks keystone from the received certificates. Then i've used snippet from Spray.io to add SSL configuration and run the project. The run the curl command:

curl --verbose https://localhost:8089

which respond with the following:

* Adding handle: conn: 0x7f8fb9804000

* Adding handle: send: 0

* Adding handle: recv: 0

* Curl_addHandleToPipeline: length: 1

* - Conn 0 (0x7f8fb9804000) send_pipe: 1, recv_pipe: 0

* About to connect() to localhost port 8089 (#0)

*   Trying ::1...

* Connected to localhost (::1) port 8089 (#0)

* Server aborted the SSL handshake

* Closing connection 0

And the server:

medikit Using SSLEngineImpl.

medikit Allow unsafe renegotiation: false

medikit Allow legacy hello messages: true

medikit Is initial handshake: true

medikit Is secure renegotiation: false

medikit Medikit-akka.actor.default-dispatcher-4, READ: TLSv1 Handshake, length = 191

medikit *** ClientHello, TLSv1.2

medikit RandomCookie:  GMT: 1395996989 bytes = { 110, 40, 47, 81, 55, 62, 8, 164, 131, 91, 179, 51, 178, 92, 143, 24, 149, 72, 138, 157, 41, 65, 50, 122, 157, 72, 150, 157 }

medikit Session ID:  {}

medikit Cipher Suites: [... long list of suites ...]

medikit Compression Methods:  { 0 }

medikit Extension server_name, server_name: [type=host_name (0), value=localhost]

medikit Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}

medikit Extension ec_point_formats, formats: [uncompressed]

medikit Extension signature_algorithms, signature_algorithms: SHA384withRSA, SHA256withRSA, SHA1withRSA, SHA256withECDSA, SHA1withECDSA

medikit ***

medikit %% Initialized:  [Session-4, SSL_NULL_WITH_NULL_NULL]

medikit Medikit-akka.actor.default-dispatcher-4, fatal error: 40: no cipher suites in common

medikit javax.net.ssl.SSLHandshakeException: no cipher suites in common

medikit %% Invalidated:  [Session-4, SSL_NULL_WITH_NULL_NULL]

medikit Medikit-akka.actor.default-dispatcher-4, SEND TLSv1 ALERT:  fatal, description = handshake_failure

medikit Medikit-akka.actor.default-dispatcher-4, WRITE: TLSv1 Alert, length = 2

medikit Medikit-akka.actor.default-dispatcher-4, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common

medikit 12:56:29.248 [Medikit-akka.actor.default-dispatcher-2] ERROR s.can.server.HttpServerConnection - Aborting encrypted connection to localhost/0:0:0:0:0:0:0:1:49642 due to [SSLHandshakeException:no cipher suites in common] -> [SSLHandshakeException:no cipher suites in common]

I've tried different tried different solutions i've found somewhere, but it didn't help, so maybe my problem is more essential and i'm simply doing something wrong?

[Johannes Rudolph]

Hi Alex,

it seems one of the peers tries to connect with SSL but without
encryption (SSL_NULL_WITH_NULL_NULL) and the other side doesn't accept
it. It's hard to say from the logs you posted to say which side is
which. Could you post your spray SSL configuration code? What also
helps much is using "openssl s_client" to connect to the server and
post its output which usually is much more detailed than output from
any other tool.

One reason could be that you need to install/activate extra ciphers
that are not automatically activated for your JVM, see
http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider

You can use `SSLContext.getSupportedSSLParameters.getCipherSuites` to
output a concrete list of ciphers enabled for this SSLContext.

Johannes

> --
> You received this message because you are subscribed to the Google Groups
> "spray.io User List" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to spray-user+...@googlegroups.com.
> Visit this group at http://groups.google.com/group/spray-user.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/spray-user/8f6ab833-1b86-430c-889a-48b117e28e82%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



--
Johannes

-----------------------------------------------
Johannes Rudolph
http://virtual-void.net

[Alex Ivanov]

Im using config the config from your example:

implicit def sslContext: SSLContext = {

    val keyStoreResouce = "selfsigned.jks"

    val password = "password"

    val keystore = KeyStore.getInstance("jks")

      keystore.load(getClass.getResourceAsStream(keyStoreResouce), password.toCharArray)

      val keyManagerFactory = KeyManagerFactory.getInstance("SunX509")

      keyManagerFactory.init(keystore, password.toCharArray)

      val trustManagerFactory = TrustManagerFactory.getInstance("SunX509")

      trustManagerFactory.init(keystore)

      val context = SSLContext.getInstance("TLS")

      context.init(keyManagerFactory.getKeyManagers, trustManagerFactory.getTrustManagers, new SecureRandom)

      context

    }

    implicit def sslEngineProvider: ServerSSLEngineProvider = {

      ServerSSLEngineProvider { engine =>

        engine.setEnabledCipherSuites(Array("TLS_RSA_WITH_AES_256_CBC_SHA"))

        engine.setEnabledProtocols(Array("SSLv3", "TLSv1"))

        engine

      }

    }

As for openssl, unfortunately it didn't give me any clue on what's wrong:

openssl s_client -debug -msg -connect localhost:8089 -ssl3

CONNECTED(00000003)

write to 0x7fe5027004e0 [0x7fe50380ba00] (94 bytes => 94 (0x5E))

0000 - 16 03 00 00 59 01 00 00-55 03 00 53 35 7a 2e c3   ....Y...U..S5z..

0010 - b8 df 48 22 72 6d f2 57-8a 7c d0 65 3e a7 32 94   ..H"rm.W.|.e>.2.

0020 - 7d ff b3 dd 49 8c dc c6-15 1f bd 00 00 2e 00 39   }...I..........9

0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f   .8.5.......3.2./

0040 - 00 9a 00 99 00 96 00 05-00 04 00 15 00 12 00 09   ................

0050 - 00 14 00 11 00 08 00 06-00 03 00 ff 01            .............

005e - <SPACES/NULS>

>>> SSL 3.0 Handshake [length 0059], ClientHello

    01 00 00 55 03 00 53 35 7a 2e c3 b8 df 48 22 72

    6d f2 57 8a 7c d0 65 3e a7 32 94 7d ff b3 dd 49

    8c dc c6 15 1f bd 00 00 2e 00 39 00 38 00 35 00

    16 00 13 00 0a 00 33 00 32 00 2f 00 9a 00 99 00

    96 00 05 00 04 00 15 00 12 00 09 00 14 00 11 00

    08 00 06 00 03 00 ff 01 00

read from 0x7fe5027004e0 [0x7fe503807000] (5 bytes => -1 (0xFFFFFFFFFFFFFFFF))

write:errno=54

Now i'm using simple self signed certificate generated by the Javas keytool, but it doesn't work. I've found that errno 54 usually results from the connection not being able to auto-negotiate a suitable ssl version to use, but -ssl3 or -tls1 didn't help me either. 

[Johannes Rudolph]

What is the output of "ctx.getSupportedSSLParameters.getCipherSuites"
after initializing the context?

[Alex Ivanov]

Long list of ciphers:

medikit 18:18:44.097 INFO  akka.actor.ActorSystemImpl ActorSystem(Medikit) - Suites: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

medikit TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

medikit TLS_RSA_WITH_AES_256_CBC_SHA256

medikit TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384

medikit TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384

medikit TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

medikit TLS_DHE_DSS_WITH_AES_256_CBC_SHA256

medikit TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

medikit TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

medikit TLS_RSA_WITH_AES_256_CBC_SHA

medikit TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

medikit TLS_ECDH_RSA_WITH_AES_256_CBC_SHA

medikit TLS_DHE_RSA_WITH_AES_256_CBC_SHA

medikit TLS_DHE_DSS_WITH_AES_256_CBC_SHA

medikit TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

medikit TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

medikit TLS_RSA_WITH_AES_128_CBC_SHA256

medikit TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256

medikit TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256

medikit TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

medikit TLS_DHE_DSS_WITH_AES_128_CBC_SHA256

medikit TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

medikit TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

medikit TLS_RSA_WITH_AES_128_CBC_SHA

medikit TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA

medikit TLS_ECDH_RSA_WITH_AES_128_CBC_SHA

medikit TLS_DHE_RSA_WITH_AES_128_CBC_SHA

medikit TLS_DHE_DSS_WITH_AES_128_CBC_SHA

medikit TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

medikit TLS_ECDHE_RSA_WITH_RC4_128_SHA

medikit SSL_RSA_WITH_RC4_128_SHA

medikit TLS_ECDH_ECDSA_WITH_RC4_128_SHA

medikit TLS_ECDH_RSA_WITH_RC4_128_SHA

medikit TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

medikit TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

medikit TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

medikit TLS_RSA_WITH_AES_256_GCM_SHA384

medikit TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384

medikit TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384

medikit TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

medikit TLS_DHE_DSS_WITH_AES_256_GCM_SHA384

medikit TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

medikit TLS_RSA_WITH_AES_128_GCM_SHA256

medikit TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256

medikit TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256

medikit TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

medikit TLS_DHE_DSS_WITH_AES_128_GCM_SHA256

medikit TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

medikit TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

medikit SSL_RSA_WITH_3DES_EDE_CBC_SHA

medikit TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA

medikit TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA

medikit SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA

medikit SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA

medikit SSL_RSA_WITH_RC4_128_MD5

medikit TLS_EMPTY_RENEGOTIATION_INFO_SCSV

medikit TLS_DH_anon_WITH_AES_256_GCM_SHA384

medikit TLS_DH_anon_WITH_AES_128_GCM_SHA256

medikit TLS_DH_anon_WITH_AES_256_CBC_SHA256

medikit TLS_ECDH_anon_WITH_AES_256_CBC_SHA

medikit TLS_DH_anon_WITH_AES_256_CBC_SHA

medikit TLS_DH_anon_WITH_AES_128_CBC_SHA256

medikit TLS_ECDH_anon_WITH_AES_128_CBC_SHA

medikit TLS_DH_anon_WITH_AES_128_CBC_SHA

medikit TLS_ECDH_anon_WITH_RC4_128_SHA

medikit SSL_DH_anon_WITH_RC4_128_MD5

medikit TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA

medikit SSL_DH_anon_WITH_3DES_EDE_CBC_SHA

medikit TLS_RSA_WITH_NULL_SHA256

medikit TLS_ECDHE_ECDSA_WITH_NULL_SHA

medikit TLS_ECDHE_RSA_WITH_NULL_SHA

medikit SSL_RSA_WITH_NULL_SHA

medikit TLS_ECDH_ECDSA_WITH_NULL_SHA

medikit TLS_ECDH_RSA_WITH_NULL_SHA

medikit TLS_ECDH_anon_WITH_NULL_SHA

medikit SSL_RSA_WITH_NULL_MD5

medikit SSL_RSA_WITH_DES_CBC_SHA

medikit SSL_DHE_RSA_WITH_DES_CBC_SHA

medikit SSL_DHE_DSS_WITH_DES_CBC_SHA

medikit SSL_DH_anon_WITH_DES_CBC_SHA

medikit SSL_RSA_EXPORT_WITH_RC4_40_MD5

medikit SSL_DH_anon_EXPORT_WITH_RC4_40_MD5

medikit SSL_RSA_EXPORT_WITH_DES40_CBC_SHA

medikit SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA

medikit SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA

medikit SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA

medikit TLS_KRB5_WITH_RC4_128_SHA

medikit TLS_KRB5_WITH_RC4_128_MD5

medikit TLS_KRB5_WITH_3DES_EDE_CBC_SHA

medikit TLS_KRB5_WITH_3DES_EDE_CBC_MD5

medikit TLS_KRB5_WITH_DES_CBC_SHA

medikit TLS_KRB5_WITH_DES_CBC_MD5

medikit TLS_KRB5_EXPORT_WITH_RC4_40_SHA

medikit TLS_KRB5_EXPORT_WITH_RC4_40_MD5

medikit TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA

medikit TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5

I've tried different variants with them, but it didn't change anything

[Johannes Rudolph]

On Fri, Mar 28, 2014 at 2:37 PM, Alex Ivanov <stimp...@gmail.com> wrote:

> Now i'm using simple self signed certificate generated by the Javas keytool,
> but it doesn't work. I've found that errno 54 usually results from the
> connection not being able to auto-negotiate a suitable ssl version to use,
> but -ssl3 or -tls1 didn't help me either.

I agree this is strange. Have you made sure that
TLS_RSA_WITH_AES_256_CBC_SHA is listed in the supported list of
ciphers you snipped from your original log?

Maybe it's the same problem as described here (providing DSA keys but
requiring an RSA cipher):

https://groups.google.com/d/msg/akka-user/c1ac5jH_ezU/AOGI57WrGzgJ

[Johannes Rudolph]

On Fri, Mar 28, 2014 at 4:11 PM, Johannes Rudolph
<johannes...@googlemail.com> wrote:
> Maybe it's the same problem as described here (providing DSA keys but
> requiring an RSA cipher):
>
> https://groups.google.com/d/msg/akka-user/c1ac5jH_ezU/AOGI57WrGzgJ

Maybe also relevant:

http://stackoverflow.com/questions/3662837/java-no-cipher-suites-in-common-issue-when-trying-to-securely-connect-to-serve

[Johannes Rudolph]

On Fri, Mar 28, 2014 at 4:12 PM, Johannes Rudolph

<johannes...@googlemail.com> wrote:
> On Fri, Mar 28, 2014 at 4:11 PM, Johannes Rudolph
> <johannes...@googlemail.com> wrote:
>> Maybe it's the same problem as described here (providing DSA keys but
>> requiring an RSA cipher):
>>
>> https://groups.google.com/d/msg/akka-user/c1ac5jH_ezU/AOGI57WrGzgJ
>
> Maybe also relevant:
>
> http://stackoverflow.com/questions/3662837/java-no-cipher-suites-in-common-issue-when-trying-to-securely-connect-to-serve

I can reproduce the issue by setting the `keyManager` to `null` in the
SSLContext initialization:

context.init(null, trustManagerFactory.getTrustManagers, new SecureRandom)

So, that indeed hints to the keyStore not being used as it should.
Have you just tried without the

engine.setEnabledCipherSuites(Array("TLS_RSA_WITH_AES_256_CBC_SHA"))

line?