[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] Problem with Executing ExtractKeys



I'm trying to execute a modified version of ExtractKeys from behind a firewall.
I believe that I've got the connection tunneling through the proxy ok.
I'm trying to extract an SSL key from a third party server which is protected with SSL.

The Key extraction is not working properly. 

Here's the output:

C:\pcib\scrap>runextractkeys PublicKeyStore.java -host:swww.etrade.com.au -rsa
Adding provider IAIK...
Downloading RSA certificate...
Opening SSL connection to swww.etrade.com.au:443...
line0 : HTTP/1.0 200 Connection established
line1 : Proxy-agent: Netscape-Proxy/3.5
line2 :
InputRecord locked.
OutputRecord locked.
starting handshake.
send client_hello...
v3ClientHello, version: 3.0
received server_hello...
Server doesn't want to resume a previous session.
CipherSuite selected by server: SSL_RSA_EXPORT_WITH_RC4_40_MD5
CompressionMethod selected by server: NULL
received Certificate...
A problem occured: Error decoding Certificate: PublicKey algorithm not implemented: rsaEncryption
Could not download RSA certificate from swww.etrade.com.au:443!
C:\pcib\scrap>

By restricting the available CipherSuites I am not able to get any further and get the same error. The common suites appear to be
CipherSuite.SSL_RSA_EXPORT_WITH_RC4_40_MD5,
CipherSuite.SSL_RSA_WITH_RC4_MD5,
CipherSuite.SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
CipherSuite.SSL_RSA_WITH_DES_CBC_SHA,
CipherSuite.SSL_RSA_WITH_3DES_EDE_CBC_SHA, 

Other suites give me a "A problem occured: No common cipher suites" error.

Executing with -dh option instead of -rsa gives me a "A problem occured: No common cipher suites" error.

Is there anything I can do?

Thanks,
Andrew Roughan
 

--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl