java - SSLServerSocket and certificate setup

Question

I wrote a client/server Java program using ServerSocket and Socket objects. I then modified the code to use SSLServerSocket and 'SSLSocket` however I am getting different Exceptions thrown including:

javax.net.ssl.SSLHandshakeException: no cipher suites in common

I am hoping to do as much programmatically as I can. I am also okay with self signed certificates.

One tutorial I followed suggested creating a certificate with the keytool java application, then moving that file into your java project. I have done that with the terminal command keytool -genkey -alias zastore -keyalg RSA -keystore za.store. I assigned the password to be password.

I then call the function System.setProperty in hopes of the SSLSockets working but it still does not.

Here is my server code

public class Server implements Runnable
{
    private SSLServerSocket serverSocket;
    private int portNumber;
    private Thread acceptThread;

    private LinkedList<Connection> connections;

    private ConnectionListener connectionListener;

    public Server(int port, ConnectionListener connectionListener)
    {
        this.connectionListener = connectionListener;
        portNumber = port;
        connections = new LinkedList<Connection>();
        try 
        {
            System.setProperty("javax.net.ssl.trustStore", "za.store");
            System.setProperty("javax.net.ssl.keyStorePassword", "password");
            SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();

            serverSocket = (SSLServerSocket) sslssf.createServerSocket(portNumber,15);

        } 
        catch (IOException e) 
        {
            e.printStackTrace();
        }
    }

    public void startListening()
    {
        acceptThread = new Thread(this);
        acceptThread.start();
    }
    public void stopListening()
    {

        for(Connection c:connections)
        {
            c.stopListeningAndDisconnect();
        }

        try 
        {   
            serverSocket.close();
        } 
        catch (IOException e) 
        {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }
    @Override
    public void run() 
    {
        try 
        {
            while(true)
            {
                SSLSocket s = (SSLSocket) serverSocket.accept();
                Connection c = new Connection(s,connectionListener);
                connections.add(c);
                System.out.println("New Connection Established From"+s.getInetAddress().toString());
            }
        } 
        catch(java.net.SocketException e)
        {
            System.out.println("Listening thread terminated with exception.");
        }
        catch(IOException e) 
        {

            e.printStackTrace();
        }
    }

    public void removeConnection(Connection c)
    {
        connections.remove(c);
    }

    public void printConnections()
    {
        System.out.println("Number of connections "+connections.toString());

        for(int i=0; i<connections.size(); i++)
        {
            System.out.println(connections.toString());
        }
    }

}

And then a snipbit of my client code that connects when a button is pressed:

@Override
    public void actionPerformed(ActionEvent e) 
    {
        if(e.getSource() == connect)
        {
            try 
            {
                System.setProperty("javax.net.ssl.trustStore", "za.store");
                System.setProperty("javax.net.ssl.keyStorePassword", "password");



                SSLSocketFactory sslsf = (SSLSocketFactory)SSLSocketFactory.getDefault();

                SSLSocket s = (SSLSocket)sslsf.createSocket(ipBox.getText(), Integer.parseInt(portBox.getText()));
                Connection c = new Connection(s,parent);
                parent.connectionSuccessful(c);
            } 
            catch (NumberFormatException e1) 
            {
                JOptionPane.showMessageDialog(this, "Error! Port number must be a number", "Error", JOptionPane.ERROR_MESSAGE);             
            } 
            catch (UnknownHostException e1) 
            {
                JOptionPane.showMessageDialog(this, "Error! Unable to find that host", "Error", JOptionPane.ERROR_MESSAGE);
            } 
            catch (IOException e1) 
            {


e1.printStackTrace();
        }   
    }
}

One Stackoverflow article suggested that my server "doesn't have a certificate." I don't know what that means or how to go about getting one and locating it in the right place.

Answer 1

The following error may come due to various reasons:

javax.net.ssl.SSLHandshakeException: no cipher suites in common

The points to check while debugging:

1. The keystore and truststore are correctly loaded and used to create the socket connections
2. The certificate is compatible with the enabled cipher suites
3. At least one common cipher suite should be enabled in the client and the server and that cipher suite should be also compatible with the certificate

For e.g. in the following example, I am using Java 8 with the default set of cipher suites. The certificate I have generated is using ECDSA and SHA384, and hence when the TLS connection is established between the server and the client, I can see the negotiated cipher suite is TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 by enabling the debug (System.setProperty("javax.net.debug", "ssl");).

Following is a working example:

As a first step, a key pair and a certificate need to be created. For testing purpose, let's create a self-signed certificate and let's use the same certificate for both the server and the client:

keytool -genkeypair -alias server -keyalg EC 
-sigalg SHA384withECDSA -keysize 256 -keystore servercert.p12 
-storetype pkcs12 -v -storepass abc123 -validity 10000 -ext san=ip:127.0.0.1

Let's now create the server:

package com.sapbasu.javastudy;

import java.io.InputStream;
import java.io.PrintWriter;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Objects;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.TrustManagerFactory;

/*
 * keytool -genkeypair -alias server -keyalg EC 
 * -sigalg SHA384withECDSA -keysize 256 -keystore servercert.p12 
 * -storetype pkcs12 -v -storepass abc123 -validity 10000 -ext san=ip:127.0.0.1
 */

public class TLSServer {
  public void serve(int port, String tlsVersion, String trustStoreName,
      char[] trustStorePassword, String keyStoreName, char[] keyStorePassword)
      throws Exception {

    Objects.requireNonNull(tlsVersion, "TLS version is mandatory");

    if (port <= 0) {
      throw new IllegalArgumentException(
          "Port number cannot be less than or equal to 0");
    }

    KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
    InputStream tstore = TLSServer.class
        .getResourceAsStream("/" + trustStoreName);
    trustStore.load(tstore, trustStorePassword);
    tstore.close();
    TrustManagerFactory tmf = TrustManagerFactory
        .getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(trustStore);

    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    InputStream kstore = TLSServer.class
        .getResourceAsStream("/" + keyStoreName);
    keyStore.load(kstore, keyStorePassword);
    KeyManagerFactory kmf = KeyManagerFactory
        .getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(keyStore, keyStorePassword);
    SSLContext ctx = SSLContext.getInstance("TLS");
    ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(),
        SecureRandom.getInstanceStrong());

    SSLServerSocketFactory factory = ctx.getServerSocketFactory();
    try (ServerSocket listener = factory.createServerSocket(port)) {
      SSLServerSocket sslListener = (SSLServerSocket) listener;

      sslListener.setNeedClientAuth(true);
      sslListener.setEnabledProtocols(new String[] {tlsVersion});
      // NIO to be implemented
      while (true) {
        try (Socket socket = sslListener.accept()) {
          PrintWriter out = new PrintWriter(socket.getOutputStream(), true);
          out.println("Hello World!");
        } catch (Exception e) {
          e.printStackTrace();
        }
      }
    }
  }
}

Now create the client:

package com.sapbasu.javastudy;

import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Objects;

import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;

public class TLSClient {
  public String request(InetAddress serverHost, int serverPort,
      String tlsVersion, String trustStoreName, char[] trustStorePassword,
      String keyStoreName, char[] keyStorePassword) throws Exception {

    Objects.requireNonNull(tlsVersion, "TLS version is mandatory");

    Objects.requireNonNull(serverHost, "Server host cannot be null");

    if (serverPort <= 0) {
      throw new IllegalArgumentException(
          "Server port cannot be lesss than or equal to 0");
    }

    KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
    InputStream tstore = TLSClient.class
        .getResourceAsStream("/" + trustStoreName);
    trustStore.load(tstore, trustStorePassword);
    tstore.close();
    TrustManagerFactory tmf = TrustManagerFactory
        .getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(trustStore);

    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    InputStream kstore = TLSClient.class
        .getResourceAsStream("/" + keyStoreName);
    keyStore.load(kstore, keyStorePassword);
    KeyManagerFactory kmf = KeyManagerFactory
        .getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(keyStore, keyStorePassword);
    SSLContext ctx = SSLContext.getInstance("TLS");
    ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(),
        SecureRandom.getInstanceStrong());

    SocketFactory factory = ctx.getSocketFactory();

    try (Socket connection = factory.createSocket(serverHost, serverPort)) {
      ((SSLSocket) connection).setEnabledProtocols(new String[] {tlsVersion});
      SSLParameters sslParams = new SSLParameters();
      sslParams.setEndpointIdentificationAlgorithm("HTTPS");
      ((SSLSocket) connection).setSSLParameters(sslParams);

      BufferedReader input = new BufferedReader(
          new InputStreamReader(connection.getInputStream()));
      return input.readLine();
    }
  }
}

Finally, here's is a JUnit test to test the connection:

package com.sapbasu.javastudy;

import static org.junit.jupiter.api.Assertions.assertEquals;

import java.net.InetAddress;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;

import org.junit.jupiter.api.Test;

public class TLSServerClientTest {

  private static final int SERVER_PORT = 8444;
  private static final String TLS_VERSION = "TLSv1.2";
  private static final int SERVER_COUNT = 1;
  private static final String SERVER_HOST_NAME = "127.0.0.1";
  private static final String TRUST_STORE_NAME = "servercert.p12";
  private static final char[] TRUST_STORE_PWD = new char[] {'a', 'b', 'c', '1',
      '2', '3'};
  private static final String KEY_STORE_NAME = "servercert.p12";
  private static final char[] KEY_STORE_PWD = new char[] {'a', 'b', 'c', '1',
      '2', '3'};

  @Test
  public void whenClientSendsServerRequest_givenServerIsUp_returnsHelloWorld()
      throws Exception {
    TLSServer server = new TLSServer();
    TLSClient client = new TLSClient();

    System.setProperty("javax.net.debug", "ssl");

    ExecutorService serverExecutor = Executors.newFixedThreadPool(SERVER_COUNT);
    serverExecutor.submit(() -> {
      try {
        server.serve(SERVER_PORT, TLS_VERSION, TRUST_STORE_NAME,
            TRUST_STORE_PWD, KEY_STORE_NAME, KEY_STORE_PWD);
      } catch (Exception e) {
        e.printStackTrace();
      }
    });
    try {
      String returnedValue = client.request(
          InetAddress.getByName(SERVER_HOST_NAME), SERVER_PORT, TLS_VERSION,
          TRUST_STORE_NAME, TRUST_STORE_PWD, KEY_STORE_NAME, KEY_STORE_PWD);
      assertEquals("Hello World!", returnedValue);
    } catch (Exception e) {
      e.printStackTrace();
      throw e;
    }
  }
}

Note: The certificate (servercert.p12 in this example) should be in the classpath. In this example, I've kept it in the test/resources folder of Maven folder structure so that the JUnit test can get it in the classpath.

---

Cipher Suite Background

When using TLS/SSL, the cryptographic algorithms to be used are determined by cipher suites. The server supports a set of cipher suites (you can enable or disable certain suites as per your needs and security level you want). The client also supports a set of cipher suites. During connection setup, the cipher suite to be used is negotiated between the client and the server. The client preference will be honored given that the server supports that particular cipher suite.

You'd find the list of cipher suites supported by the Sun Providers upto Java 8 here.

A typical cipher suite name looks like this:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

Here,

ECDHE stands for Elliptic Curve Diffie Hellman Ephemeral. It's a Key exchange algorithm. The Elliptic variant (the first E) is used for performance, whereas the Ephemeral variant (the last E) is for forward secrecy. Forward secrecy means that if an attacker keeps recording all the communications over TLS and at a later point of time somehow gets hold of the private key, he/she cannot decrypt the past recorded communications.

ECDSA is a digital signature algorithm used for signing the key and is used for authenticating (verifying the integrity of) the shared secret. ECDSA is weaker and slower than the other authentication algorithms like HMAC. Yet it is used for shared key authentication because it does not need the verifier know the secret key used to create the authentication tag. The server can very well use its private key to verify the integrity of the message.

AES_128_GCM - Once a common secret key is shared between both the parties (usually a browser and a web server), a symmetric block cipher algorithm is used to encrypt the message exchanges between the parties. In this particular case, the block cipher AES with 128 bit key and GCM authentication mode is used.

SHA256 - Hashing algorithm for the PRF