1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
|
/*
* Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8208350 8163327
* @summary Disable all DES, RC4, and 3DES/DesEde cipher suites
* @run main/othervm NoDesRC4DesEdeCiphSuite
*/
/*
* SunJSSE does not support dynamic system properties, no way to re-use
* system properties in samevm/agentvm mode.
*/
import java.security.Security;
import javax.net.ssl.*;
import javax.net.ssl.SSLEngineResult.HandshakeStatus;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.util.List;
import java.util.ArrayList;
import java.util.Arrays;
public class NoDesRC4DesEdeCiphSuite {
private static final boolean DEBUG = false;
private static final byte RECTYPE_HS = 0x16;
private static final byte HSMSG_CLIHELLO = 0x01;
// These are some groups of Cipher Suites by names and IDs
private static final List<Integer> DES_CS_LIST = Arrays.asList(
0x0009, 0x0015, 0x0012, 0x001A, 0x0008, 0x0014, 0x0011, 0x0019
);
private static final String[] DES_CS_LIST_NAMES = new String[] {
"SSL_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_DSS_WITH_DES_CBC_SHA",
"SSL_DH_anon_WITH_DES_CBC_SHA",
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"
};
private static final List<Integer> RC4_CS_LIST = Arrays.asList(
0xC007, 0xC011, 0x0005, 0xC002, 0xC00C, 0x0004, 0xC016, 0x0018,
0x0003, 0x0017
);
private static final String[] RC4_CS_LIST_NAMES = new String[] {
"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
"TLS_ECDHE_RSA_WITH_RC4_128_SHA",
"SSL_RSA_WITH_RC4_128_SHA",
"TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
"TLS_ECDH_RSA_WITH_RC4_128_SHA",
"SSL_RSA_WITH_RC4_128_MD5",
"TLS_ECDH_anon_WITH_RC4_128_SHA",
"SSL_DH_anon_WITH_RC4_128_MD5",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"
};
private static final List<Integer> DESEDE_CS_LIST = Arrays.asList(
0xC008, 0xC012, 0x0016, 0x0013, 0xC003, 0xC00D, 0x000A
);
private static final String[] DESEDE_CS_LIST_NAMES = new String[] {
"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA"
};
private static final ByteBuffer CLIOUTBUF =
ByteBuffer.wrap("Client Side".getBytes());
public static void main(String[] args) throws Exception {
boolean allGood = true;
String disAlg = Security.getProperty("jdk.tls.disabledAlgorithms");
System.err.println("Disabled Algs: " + disAlg);
// Disabled DES tests
allGood &= testDefaultCase(DES_CS_LIST);
allGood &= testEngAddDisabled(DES_CS_LIST_NAMES, DES_CS_LIST);
allGood &= testEngOnlyDisabled(DES_CS_LIST_NAMES);
// Disabled RC4 tests
allGood &= testDefaultCase(RC4_CS_LIST);
allGood &= testEngAddDisabled(RC4_CS_LIST_NAMES, RC4_CS_LIST);
allGood &= testEngOnlyDisabled(RC4_CS_LIST_NAMES);
// Disabled 3DES tests
allGood &= testDefaultCase(DESEDE_CS_LIST);
allGood &= testEngAddDisabled(DESEDE_CS_LIST_NAMES, DESEDE_CS_LIST);
allGood &= testEngOnlyDisabled(DESEDE_CS_LIST_NAMES);
if (allGood) {
System.err.println("All tests passed");
} else {
throw new RuntimeException("One or more tests failed");
}
}
/**
* Create an engine with the default set of cipher suites enabled and make
* sure none of the disabled suites are present in the client hello.
*
* @param disabledSuiteIds the {@code List} of disabled cipher suite IDs
* to be checked for.
*
* @return true if the test passed (No disabled suites), false otherwise
*/
private static boolean testDefaultCase(List<Integer> disabledSuiteIds)
throws Exception {
System.err.println("\nTest: Default SSLEngine suite set");
SSLEngine ssle = makeEngine();
if (DEBUG) {
listCiphers("Suite set upon creation", ssle);
}
SSLEngineResult clientResult;
ByteBuffer cTOs = makeClientBuf(ssle);
clientResult = ssle.wrap(CLIOUTBUF, cTOs);
if (DEBUG) {
dumpResult("ClientHello: ", clientResult);
}
cTOs.flip();
boolean foundSuite = areSuitesPresentCH(cTOs, disabledSuiteIds);
if (foundSuite) {
System.err.println("FAIL: Found disabled suites!");
return false;
} else {
System.err.println("PASS: No disabled suites found.");
return true;
}
}
/**
* Create an engine and set only disabled cipher suites.
* The engine should not create the client hello message since the only
* available suites to assert in the client hello are disabled ones.
*
* @param disabledSuiteNames an array of cipher suite names that
* should be disabled cipher suites.
*
* @return true if the engine throws SSLHandshakeException during client
* hello creation, false otherwise.
*/
private static boolean testEngOnlyDisabled(String[] disabledSuiteNames)
throws Exception {
System.err.println(
"\nTest: SSLEngine configured with only disabled suites");
try {
SSLEngine ssle = makeEngine();
ssle.setEnabledCipherSuites(disabledSuiteNames);
if (DEBUG) {
listCiphers("Suite set upon creation", ssle);
}
SSLEngineResult clientResult;
ByteBuffer cTOs = makeClientBuf(ssle);
clientResult = ssle.wrap(CLIOUTBUF, cTOs);
if (DEBUG) {
dumpResult("ClientHello: ", clientResult);
}
cTOs.flip();
} catch (SSLHandshakeException shse) {
System.err.println("PASS: Caught expected exception: " + shse);
return true;
}
System.err.println("FAIL: Expected SSLHandshakeException not thrown");
return false;
}
/**
* Create an engine and add some disabled suites to the default
* set of cipher suites. Make sure none of the disabled suites show up
* in the client hello even though they were explicitly added.
*
* @param disabledSuiteNames an array of cipher suite names that
* should be disabled cipher suites.
* @param disabledIds the {@code List} of disabled cipher suite IDs
* to be checked for.
*
* @return true if the test passed (No disabled suites), false otherwise
*/
private static boolean testEngAddDisabled(String[] disabledNames,
List<Integer> disabledIds) throws Exception {
System.err.println("\nTest: SSLEngine with disabled suites added");
SSLEngine ssle = makeEngine();
// Add disabled suites to the existing engine's set of enabled suites
String[] initialSuites = ssle.getEnabledCipherSuites();
String[] plusDisSuites = Arrays.copyOf(initialSuites,
initialSuites.length + disabledNames.length);
System.arraycopy(disabledNames, 0, plusDisSuites,
initialSuites.length, disabledNames.length);
ssle.setEnabledCipherSuites(plusDisSuites);
if (DEBUG) {
listCiphers("Suite set upon creation", ssle);
}
SSLEngineResult clientResult;
ByteBuffer cTOs = makeClientBuf(ssle);
clientResult = ssle.wrap(CLIOUTBUF, cTOs);
if (DEBUG) {
dumpResult("ClientHello: ", clientResult);
}
cTOs.flip();
boolean foundDisabled = areSuitesPresentCH(cTOs, disabledIds);
if (foundDisabled) {
System.err.println("FAIL: Found disabled suites!");
return false;
} else {
System.err.println("PASS: No disabled suites found.");
return true;
}
}
private static SSLEngine makeEngine() throws GeneralSecurityException {
SSLContext ctx = SSLContext.getInstance("TLSv1.2");
ctx.init(null, null, null);
return ctx.createSSLEngine();
}
private static ByteBuffer makeClientBuf(SSLEngine ssle) {
ssle.setUseClientMode(true);
ssle.setNeedClientAuth(false);
SSLSession sess = ssle.getSession();
ByteBuffer cTOs = ByteBuffer.allocateDirect(sess.getPacketBufferSize());
return cTOs;
}
private static void listCiphers(String prefix, SSLEngine ssle) {
System.err.println(prefix + "\n---------------");
String[] suites = ssle.getEnabledCipherSuites();
for (String suite : suites) {
System.err.println(suite);
}
System.err.println("---------------");
}
/**
* Walk a TLS 1.2 or earlier ClientHello looking for any of the suites
* in the suiteIdList.
*
* @param clientHello a ByteBuffer containing the ClientHello message as
* a complete TLS record. The position of the buffer should be
* at the first byte of the TLS record header.
* @param suiteIdList a List of integer values corresponding to
* TLS cipher suite identifiers.
*
* @return true if at least one of the suites in {@code suiteIdList}
* is found in the ClientHello's cipher suite list
*
* @throws IOException if the data in the {@code clientHello}
* buffer is not a TLS handshake message or is not a client hello.
*/
private static boolean areSuitesPresentCH(ByteBuffer clientHello,
List<Integer> suiteIdList) throws IOException {
byte val;
// Process the TLS Record
val = clientHello.get();
if (val != RECTYPE_HS) {
throw new IOException(
"Not a handshake record, type = " + val);
}
// Just skip over the version and length
clientHello.position(clientHello.position() + 4);
// Check the handshake message type
val = clientHello.get();
if (val != HSMSG_CLIHELLO) {
throw new IOException(
"Not a ClientHello handshake message, type = " + val);
}
// Skip over the length
clientHello.position(clientHello.position() + 3);
// Skip over the protocol version (2) and random (32);
clientHello.position(clientHello.position() + 34);
// Skip past the session ID (variable length <= 32)
int len = Byte.toUnsignedInt(clientHello.get());
if (len > 32) {
throw new IOException("Session ID is too large, len = " + len);
}
clientHello.position(clientHello.position() + len);
// Finally, we are at the cipher suites. Walk the list and place them
// into a List.
int csLen = Short.toUnsignedInt(clientHello.getShort());
if (csLen % 2 != 0) {
throw new IOException("CipherSuite length is invalid, len = " +
csLen);
}
int csCount = csLen / 2;
List<Integer> csSuiteList = new ArrayList<>(csCount);
log("Found following suite IDs in hello:");
for (int i = 0; i < csCount; i++) {
int curSuite = Short.toUnsignedInt(clientHello.getShort());
log(String.format("Suite ID: 0x%04x", curSuite));
csSuiteList.add(curSuite);
}
// Now check to see if any of the suites passed in match what is in
// the suite list.
boolean foundMatch = false;
for (Integer cs : suiteIdList) {
if (csSuiteList.contains(cs)) {
System.err.format("Found match for suite ID 0x%04x\n", cs);
foundMatch = true;
break;
}
}
// We don't care about the rest of the ClientHello message.
// Rewind and return whether we found a match or not.
clientHello.rewind();
return foundMatch;
}
private static void dumpResult(String str, SSLEngineResult result) {
System.err.println("The format of the SSLEngineResult is: \n" +
"\t\"getStatus() / getHandshakeStatus()\" +\n" +
"\t\"bytesConsumed() / bytesProduced()\"\n");
HandshakeStatus hsStatus = result.getHandshakeStatus();
System.err.println(str + result.getStatus() + "/" + hsStatus + ", " +
result.bytesConsumed() + "/" + result.bytesProduced() + " bytes");
if (hsStatus == HandshakeStatus.FINISHED) {
System.err.println("\t...ready for application data");
}
}
private static void log(String str) {
if (DEBUG) {
System.err.println(str);
}
}
}
|
