[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] iSaSiLk w/o RSA talking to SSL web server



Thomas,
I have been working on something very similar to what you are
attempting, except that the server-side in my case is being supplied by
SilverStream instead of Netscape.  My experience is that the server
certificate loaded into the server must be based upon a DSA keypair
instead of an RSA keypair in order for the server to be able to handle
any of the key exchange algorthms that are not RSA based (DHE_DSS in
particular).  SilverStream defaults to creating an RSA keypair used for
the CSR, creating a DSA keypair and cooresponding CSR required using the
keytool program from a pre-JDK1.2 version of Java.

My conclusion was that avoiding the RSA algorthms (and therefor the
licensing issue) was "more trouble than it was worth".

We considered licensing the RSA SSL-J and Crypto-J code directly - this
is a rather expensive alternative.  We are currently leaning toward
licensing Crypto-J from RSA and licensing iSaSiLk from IAIK - still
expensive, but less so than getting SSL-J from RSA also.

If anyone has any insight into what the real implications are of the RSA
patents expiring in Sept of 2000, I would be very interested in hearing
about them.

Good Luck,
Ralph Roland
Impact Innovations Group

Thomas Dorris wrote:
> 
> I'm trying to evaluate JCE and iSaSiLk for use in intranet applications
> withing UPS.  Our goal is to use your software to issue HTTP requests
> over a secure socket to our suite of Netscape Enterprise web servers.  I
> have downloaded and installed JCE v2.51 (without RSA support) and
> iSaSiLk v3.0 on a Solaris 2.6 machine with a Netscape Enterprise Server
> v3.5.1 running on it with SSL support enabled.
> 
> I'm having a problem getting a good match between the cipher suites
> defined in the JCE/iSaSiLk package and those listed as supported in my
> Netscape Enterprise web server.  The webserver is configured to accept
> the following SSL 3.0 ciphers:
> 
>     RC4 with 128 bit encryption and MD5 message authentication
>     RC4 with 40 bit encryption and MD5 message authentication
>     Triple DES with 168 bit encryption and SHA message authentication
>     DES with 56 bit encryption and SHA message authentication
>     RC2 with 40 bit encryption and MD5 message authentication
> 
> I do not wish to deal with patent issues with RSA, so I'm trying to use
> a cipher suite that does not involve RC4 encryption.  I'm assuming the
> following subset of the previous list would suffice:
> 
>     Triple DES with 168 bit encryption and SHA message authentication
>     DES with 56 bit encryption and SHA message authentication
> 
> So I need to enable a cipher suite in the JCE/iSaSiLk that will match
> one of these two cipher suites defined in the Enterprise web server.
> Unfortunately, I do not know how to do this.
> 
> The program I'm trying to use to test my connection to the web server is
> the SSLClient application provided in your src/demo/client directory.
> When I run this program with the complete set of CipherSuites enabled, I
> get the following message (as expected):
> 
> --------------------------------------------------------------
> ssl_debug(1): Starting handshake...
> ssl_debug(1): Sending v3 client_hello message, requesting version 3.1...
> ssl_debug(1): Received v3 server_hello handshake message.
> ssl_debug(1): Server selected SSL version 3.0.
> ssl_debug(1): CipherSuite selected by server:
> SSL_RSA_EXPORT_WITH_RC4_40_MD5
> ssl_debug(1): CompressionMethod selected by server: NULL
> ssl_debug(1): Received certificate handshake message with server
> certificate.
> ssl_debug(1): Exception while handshaking:
> iaik.security.ssl.SSLException: Error decoding Certificate:
> java.security.cert.CertificateException: PublicKey algorithm not
> implemented: rsaEncryption
> ssl_debug(1): Shutting down SSL...
> --------------------------------------------------------------
> 
> As you can see, the web server selected the RC4 w/MD5 cipher suite.
> This is expected because I did not disable any of the RSA suites from
> the handshake.  So I proceed to remove all the RSA suites from the list
> of supported suites sent to the server.  I do this by changing the
> following lines in SSLClient.java:
> 
> --------------------------------------------------------------
>     CipherSuite[] cs = {
>       CipherSuite.SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
>       CipherSuite.SSL_DH_DSS_WITH_DES_CBC_SHA,
>       CipherSuite.SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA,
> 
>       CipherSuite.SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
>       CipherSuite.SSL_DHE_DSS_WITH_DES_CBC_SHA,
>       CipherSuite.SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
> 
>       CipherSuite.SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
>       CipherSuite.SSL_DH_anon_WITH_DES_CBC_SHA,
>       CipherSuite.SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
>     };
> 
>     context.setEnabledCipherSuites(cs);
> --------------------------------------------------------------
> 
> I then re-compile and run the SSLClient program and get the following
> error message:
> 
> --------------------------------------------------------------
> Connect to ismdev1.roadnet.ups.com:443
> 
> ssl_debug(1): Starting handshake...
> ssl_debug(1): Sending v3 client_hello message, requesting version 3.1...
> ssl_debug(1): Received alert message: Alert Fatal: handshake failure
> ssl_debug(1): Exception while handshaking:
> iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake
> failure
> ssl_debug(1): Shutting down SSL...
> --------------------------------------------------------------
> 
> I assume this exception is being thrown because the server did not like
> any of the cipher suites sent to it.  I do not know, however, what to do
> about.  I believe I might be able to just define a new CipherSuite (much
> like the "myBlowfish" example in SSLClient.java) to define the
> parameters of one of the cipher suites accepted by my web server, but
> again, I don't know how to do this.
> 
> Could you please let me know whether this is possible and, if so, what I
> would need to do to pull it off?  In the meantime, I suppose I'm gonna
> start talking with RSA to see about using their SSL-J package, although
> I'd really rather not do that.  :-(
> 
> Thomas Dorris
> United Parcel Service
> --
> Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html
> 
> To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl
>
--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl