JDK-4424213 : Problem with setting SSLContext.getInstance();
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 1.0.2
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: generic
  • CPU: generic
  • Submitted: 2001-03-10
  • Updated: 2001-06-28
  • Resolved: 2001-06-28
Related Reports
Duplicate :  
JDK-4273544 - JSSE: request for function forceV3ClientHello()
Description

Name: krC82822			Date: 03/10/2001


[10 Mar 2001, eval1127@eng -- pls. see Comments section]

java version "1.2.2"
Classic VM (build JDK-1.2.2-W, native threads, symcjit)

I have a problem working with any version of SSL but TLS.
I can only work with 'TLS' (which is "SSL3.1" - according to your documentaion).
I have to work with "SSLv3" and "SSLv2" because I am working with FW which work
only with "SSLv3" and "SSLv2", but even when I set
SSLContext.getInstance("SSLv3"); - it keep show me (during debug) that it works
with -SSLv3.1


########################################################

The code I am using is:

     SSLContext ctx;
     KeyManagerFactory kmf;

     try{

        ctx = SSLContext.getInstance("SSLv3");
        kmf = KeyManagerFactory.getInstance("SunX509");
        try{
       ctx.init(kmf.getKeyManagers(), null, null);
       SSLSocketFactory factory = ctx.getSocketFactory();
       SSL Socket socketS = (SSLSocket)factory.createSocket
(InetAddress.getByName(rServer), rPort);

     } catch(java.security.KeyManagementException kme ){
          System.out.println("##### KeyManagementException  " + kme.getMessage
());
       }

     } catch ( java.security.NoSuchAlgorithmException ne){
          System.out.println("##### NoSuchAlgorithmException  " + ne.getMessage
());
     }


#####################################################

The debug messages:

*** ClientHello, v3.1
RandomCookie:  GMT: 966524654 bytes = { 95, 153, 168, 241, 198, 83, 134, 149, 13
7, 162, 228, 191, 63, 26, 97, 202, 210, 135, 41, 44, 224, 162, 249, 197, 122, 14
7, 88, 229 }
Session ID:  {}
Cipher Suites:  { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods:  { 0 }
***
[write] MD5 and SHA1 hashes:  len = 59
0000: 01 00 00 37 03 01 3A 9C   FF EE 5F 99 A8 F1 C6 53  ...7..:..._....S
0010: 86 95 89 A2 E4 BF 3F 1A   61 CA D2 87 29 2C E0 A2  ......?.a...),..
0020: F9 C5 7A 93 58 E5 00 00   10 00 05 00 04 00 09 00  ..z.X...........
0030: 0A 00 12 00 13 00 03 00   11 01 00                 ...........
WorkerThread-0, WRITE:  SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes:  len = 77
0000: 01 03 01 00 24 00 00 00   20 00 00 05 00 00 04 01  ....$... .......
0010: 00 80 00 00 09 06 00 40   00 00 0A 07 00 C0 00 00  .......@........
0020: 12 00 00 13 00 00 03 02   00 80 00 00 11 3A 9C FF  .............:..
0030: EE 5F 99 A8 F1 C6 53 86   95 89 A2 E4 BF 3F 1A 61  ._....S......?.a
0040: CA D2 87 29 2C E0 A2 F9   C5 7A 93 58 E5           ...),....z.X.
WorkerThread-0, WRITE:  SSL v2, contentType = 22, translated length = 16310
Execption while doing 'startHandShake'  Socket closed
2
3
*** Error in setConnection in 'Https'    java.net.SocketException: Socket closed



####################################################

It seems like it fails in the 'clientHello' step...
(Review ID: 118196) 
======================================================================
Comments
EVALUATION I'm guessing it may be related to whacking the v3.x hello into a v2 client hello and sending to a server that doesn't recognise v2. brad Please See RFE 4273544 : JSSE Request for function forceV3ClientHello. We are implementing a new set of SSLSocket APIs (setEnabledProtocols, getEnabledProtocols and getSupportedProtocols) to enable a specific protocol on the socket. I am closing this as a duplicate of the RFE 4273544. ram.marti@Eng 2001-06-28
28-06-2001