Когда я пытаюсь открыть соединение LDAP с помощью SSLContext, я получаю ошибку проверки сертификата, как показано ниже.
javax.naming.CommunicationException: simple bind failed: <Host>:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates do not conform to algorithm constraints]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2791)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates do not conform to algorithm constraints
at sun.security.ssl.Alerts.getSSLException(Alerts.java:198)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1967)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:333)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:327)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1689)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1084)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:1012)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1079)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1388)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:765)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:441)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:414)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214)
... 91 more
Caused by: java.security.cert.CertificateException: Certificates do not conform to algorithm constraints
at sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:1236)
at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:1158)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1100)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1671)
... 104 more
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on signature algorithm: RSASSA-PSS
at sun.security.provider.certpath.AlgorithmChecker.check(AlgorithmChecker.java:278)
at sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:1232)
... 107 more
Я проверил, что алгоритм RSASSA-PSS поддерживается последней версией Zulu JDK 8u252 поставщиками печати и алгоритмы подписи, как показано ниже
Provider p[] = Security.getProviders();
for (int i = 0; i < p.length; i++) {
log.debug(p[i].toString());
for (Enumeration e = p[i].keys(); e.hasMoreElements();)
log.debug("\t" + e.nextElement());
}
Will print Signature.RSASSA-PSS in one of the log line
Также, запустив KeyFactory.getInstance («RSASSA-PSS»), ниже приведены подробности алгоритма подписи
result = {SunRsaSign@17319} size = 60
"Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.1.10" -> "RSASSA-PSS"
"Signature.SHA224withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.2" -> "MD2withRSA"
"Provider.id name" -> "SunRsaSign"
"Signature.SHA224withRSA" -> "sun.security.rsa.RSASignature$SHA224withRSA"
"Signature.RSASSA-PSS" -> "sun.security.rsa.RSAPSSSignature"
"Signature.SHA512withRSA" -> "sun.security.rsa.RSASignature$SHA512withRSA"
"Signature.MD5withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Signature.MD2withRSA" -> "sun.security.rsa.RSASignature$MD2withRSA"
"Signature.SHA512/256withRSA" -> "sun.security.rsa.RSASignature$SHA512_256withRSA"
"Signature.MD2withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"KeyFactory.RSASSA-PSS" -> "sun.security.rsa.RSAKeyFactory$PSS"
"Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1.10" -> "RSASSA-PSS"
"Alg.Alias.KeyFactory.OID.1.2.840.113549.1.1.10" -> "RSASSA-PSS"
"Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1" -> "RSA"
"Provider.id version" -> "1.8"
"KeyFactory.RSA" -> "sun.security.rsa.RSAKeyFactory$Legacy"
"Signature.SHA512withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1.10" -> "RSASSA-PSS"
"Signature.MD5withRSA" -> "sun.security.rsa.RSASignature$MD5withRSA"
"Signature.SHA256withRSA" -> "sun.security.rsa.RSASignature$SHA256withRSA"
"Signature.SHA512/256withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Alg.Alias.KeyFactory.OID.1.2.840.113549.1.1" -> "RSA"
"KeyPairGenerator.RSASSA-PSS" -> "sun.security.rsa.RSAKeyPairGenerator$PSS"
"Signature.SHA1withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.16" -> "SHA512/256withRSA"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.15" -> "SHA512/224withRSA"
"AlgorithmParameters.RSASSA-PSS" -> "sun.security.rsa.PSSParameters"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.14" -> "SHA224withRSA"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.13" -> "SHA512withRSA"
"Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1" -> "RSA"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.12" -> "SHA384withRSA"
"Signature.SHA256withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.11" -> "SHA256withRSA"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.10" -> "RSASSA-PSS"
"Signature.SHA512/224withRSA" -> "sun.security.rsa.RSASignature$SHA512_224withRSA"
"Provider.id info" -> "Sun RSA signature provider"
"Signature.RSASSA-PSS SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Alg.Alias.KeyFactory.1.2.840.113549.1.1.10" -> "RSASSA-PSS"
"Signature.SHA1withRSA" -> "sun.security.rsa.RSASignature$SHA1withRSA"
"Signature.SHA384withRSA" -> "sun.security.rsa.RSASignature$SHA384withRSA"
"Alg.Alias.Signature.1.2.840.113549.1.1.16" -> "SHA512/256withRSA"
"Alg.Alias.Signature.1.2.840.113549.1.1.15" -> "SHA512/224withRSA"
"Alg.Alias.Signature.1.2.840.113549.1.1.14" -> "SHA224withRSA"
"Alg.Alias.Signature.1.3.14.3.2.29" -> "SHA1withRSA"
"Alg.Alias.Signature.1.2.840.113549.1.1.13" -> "SHA512withRSA"
"Signature.SHA512/224withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Alg.Alias.AlgorithmParameters.1.2.840.113549.1.1.10" -> "RSASSA-PSS"
"Alg.Alias.Signature.1.2.840.113549.1.1.12" -> "SHA384withRSA"
"Alg.Alias.Signature.1.2.840.113549.1.1.5" -> "SHA1withRSA"
"Alg.Alias.Signature.1.2.840.113549.1.1.11" -> "SHA256withRSA"
"Alg.Alias.Signature.1.2.840.113549.1.1.4" -> "MD5withRSA"
"Provider.id className" -> "sun.security.rsa.SunRsaSign"
"Alg.Alias.KeyFactory.1.2.840.113549.1.1" -> "RSA"
"Alg.Alias.Signature.1.2.840.113549.1.1.10" -> "RSASSA-PSS"
"Signature.SHA384withRSA SupportedKeyClasses" -> "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey"
"Alg.Alias.Signature.1.2.840.113549.1.1.2" -> "MD2withRSA"
"KeyPairGenerator.RSA" -> "sun.security.rsa.RSAKeyPairGenerator$Legacy"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.5" -> "SHA1withRSA"
"Alg.Alias.Signature.OID.1.2.840.113549.1.1.4" -> "MD5withRSA"
Содержимое сертификата сервера как ниже. Обратите внимание, что алгоритм подписи RSASSA-PSS
Version: 3
SerialNumber: 2586886443162469273038800222551716765315891225
IssuerDN: <Issuer DN>
Start Date: Thu Mar 12 17:57:45 IST 2020
Final Date: Fri Mar 12 17:57:45 IST 2021
SubjectDN: <Subject DN>
Public Key: RSA Public Key
modulus: 879f18a4f644393d7bdd2047f4ab6888b788403aa5d2c94bec6e4fec6231c0663eec92f24ea6a7d7521915f976c8785d19f60a19a2e9208927465136b69ab7fb1edc9aad4ba3f571c06b224112b5f6e4bf97e2caabd2154e77913dfe1f1e1138c117f50b8c6574196d686abe0111637afe3f18d019e304fc0f0410e367ff92fed1835752a72b300cc245144d844422713bde9bbe29b3675edbc74e03dc2f15ba0d55974d924613a7b911352f6509ada93fe0fafc9ec4a9c529f3758ccd6cfc702b299f1593fd4036e55379591049b3b0c986199b8bdb2330d334c7b8be1b7eabda3061f17d5eec0cfc61ed9710f36deef546436bdb596b47293c81a01866c59b
public exponent: 10001
Signature Algorithm: RSASSA-PSS
Signature: 60622de6b5fcc485657a8b08f85791feb10ad70e
6832105575eaf71e91af49d6d4db80140b509741
4e4e2ff6b23d8702eba4bf08682546595896e2da
aa65cb1d4199c1226408a5055c15bad7dc9c16e9
8a5de7a8a11b64eb0a4c673d3ac3fb5146770d16
d5bd51b460d8de088c8c164af0e139670b676ec9
919f38145c57a0f39e971983c6129f9df1b7be63
8066d8897f82a06e066a7ee217ae399e3e4ff249
13aee87a75bb036b2296c328f123d2dd8f0f6284
e7473783ef6f6ed36849fb69de3a44bbfee9f26c
6b7fe9981fa1d123d8c64e1136ac6219a4ed3d54
04faa124db2af80564f6f13911b8595eec6768da
877943dfe69ded5bb23f40fc79d30d7d
Extensions:
critical(false) 1.3.6.1.4.1.311.20.2 value = BMPString(DomainController)
critical(false) 2.5.29.37 value = DER Sequence
ObjectIdentifier(1.3.6.1.5.5.7.3.2)
ObjectIdentifier(1.3.6.1.5.5.7.3.1)
critical(true) KeyUsage: 0xa0
critical(false) 1.2.840.113549.1.9.15 value = DER Sequence
DER Sequence
ObjectIdentifier(1.2.840.113549.3.2)
Integer(128)
DER Sequence
ObjectIdentifier(1.2.840.113549.3.4)
Integer(128)
DER Sequence
ObjectIdentifier(2.16.840.1.101.3.4.1.42)
DER Sequence
ObjectIdentifier(2.16.840.1.101.3.4.1.45)
DER Sequence
ObjectIdentifier(2.16.840.1.101.3.4.1.2)
DER Sequence
ObjectIdentifier(2.16.840.1.101.3.4.1.5)
DER Sequence
ObjectIdentifier(1.3.14.3.2.7)
DER Sequence
ObjectIdentifier(1.2.840.113549.3.7)
critical(false) 2.5.29.17 value = DER Sequence
Tagged [0] IMPLICIT
DER Sequence
ObjectIdentifier(1.3.6.1.4.1.311.25.1)
Tagged [0]
DER Octet String[16]
Tagged [2] IMPLICIT
DER Octet String[18]
critical(false) 2.5.29.14 value = DER Octet String[20]
critical(false) 2.5.29.35 value = DER Sequence
Tagged [0] IMPLICIT
DER Octet String[20]
critical(false) 2.5.29.31 value = DER Sequence
DER Sequence
Tagged [0]
Tagged [0]
Tagged [6] IMPLICIT
DER Octet String[186]
critical(false) 1.3.6.1.5.5.7.1.1 value = DER Sequence
DER Sequence
ObjectIdentifier(1.3.6.1.5.5.7.48.2)
Tagged [6] IMPLICIT
DER Octet String[161]
Я отключил большинство алгоритмов подписи как в java .security, так и в Java, как показано ниже
Security.setProperty("jdk.jar.disabledAlgorithms", "SSLv3, DSA keySize < 1024");
Security.setProperty("jdk.certpath.disabledAlgorithms", "SSLv3, DSA keySize < 1024");
Security.setProperty("jdk.tls.disabledAlgorithms", "SSLv3, DSA keySize < 1024");
В журнале Я получаю вышеупомянутые алгоритмы как отключенные с помощью Security.getProperty ("jdk.certpath.disabledAlgorithms")
log.debug("jdk.certpath.disabledAlgorithms : " + Security.getProperty("jdk.certpath.disabledAlgorithms"));
log.debug("jdk.jar.disabledAlgorithms : " + Security.getProperty("jdk.jar.disabledAlgorithms"));
log.debug("jdk.tls.disabledAlgorithms : " + Security.getProperty("jdk.tls.disabledAlgorithms"));
Output:
jdk.certpath.disabledAlgorithms : SSLv3, DSA keySize < 1024
jdk.jar.disabledAlgorithms : SSLv3, DSA keySize < 1024
jdk.tls.disabledAlgorithms : SSLv3, DSA keySize < 1024
Я инициализирую SSLContext, как показано ниже
SSLSocketFactory sslFactory = null;
SSLContext sslc = SSLContext.getInstance("TLS");
sslc.init(null, new X509TrustManager[] { new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {.
for(X509Certificate cert: chain)
log.info(cert.toString());
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException { //authType=ECDHE_RSA
for(X509Certificate cert: chain)
log.info(cert.toString());
return;
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
}, new SecureRandom());
sslFactory = sslc.getSocketFactory();
Поскольку я новичок в Crypto и попытался заставить его работать с помощью онлайн-ресурса, я все еще чего-то не хватает. Кто-нибудь может мне помочь, где я иду не так?
ОБНОВЛЕНИЕ:
Один из способов заставить его использовать X509ExtendedTrustManager вместо X509TrustManager при создании экземпляра собственного диспетчера доверия. Но каковы потенциальные уязвимости использования X509ExtendedTrustManager вместо X509TrustManager? Как упомянуто в этой ссылке / комментарии , его небезопасно использовать в производстве.