Re: Android 5.0 SSL handshake failure

[Matthew Mah]

On 01/22/2015 04:19 AM, Mark Thomas wrote:

On 22/01/2015 00:12, Matthew Mah wrote:

On 01/21/2015 03:24 PM, Christopher Schultz wrote:

Have you tried a plain-old HTTPS connection? No Websocket?

I just tried HTTPS using

HttpsURLConnection urlConnection = (HttpsURLConnection)
url.openConnection();
try {
 try {
 InputStream in = new
BufferedInputStream(urlConnection.getInputStream());
 byte [] buffer = new byte[1024];
 in.read(buffer);
 Log.i(TAG, new String(buffer));
 }
 catch(Exception e){
 }
 String cipherSuite = urlConnection.getCipherSuite();
 Log.i(TAG, connected?  + cipherSuite);
}

There is currently no content being served (only the websocket), but the
network trace shows a successful TLSv1.2 handshake. This should mean the
certificates and cipher suites are fine, but there is a problem with
some interaction between Android 5.0 and the Tyrus websocket
implementation.

Huh? Tyrus WebSocket is nothing to do with Tomcat.

Mark


Tyrus is running on a client trying to negotiate a SSL connection with 
Tomcat. At this point, I am confident there is a bug either in Android 
or in Tyrus and not in the Tomcat configuration, so we can cease 
discussion on this topic here.



I think the most logical next step is to try a different
websocket implementation.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Android 5.0 SSL handshake failure

[Matthew Mah]

On 01/21/2015 11:26 AM, Christopher Schultz wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Matt,

On 1/21/15 11:13 AM, Matthew Mah wrote:

On 01/20/2015 10:08 AM, Christopher Schultz wrote: Matthew,

On 1/18/15 1:54 PM, Matthew Mah wrote:

I have setup a Tomcat server using spring-boot with SSL/TLS
for secure websockets.

Tomcat version? JVM version? Any relevant configuration?

Tomcat 8.0.15. multiple JVM: java version 1.7.0_55 OpenJDK
Runtime Environment java version 1.7.0_65 OpenJDK Runtime
Environment java version 1.7.0_71 OpenJDK Runtime Environment
I have tried the default ciphers, as well as:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is listed as both supported
and enabled for Android API 11+
http://developer.android.com/reference/javax/net/ssl/SSLSocket.html
  I would prefer a stronger cipher suite (not SHA1), but right now
I am looking for anything that works.



This works for Android 4.4, iOS, Firefox, and Chrome
clients. Android 5.0 clients (Nexus 5) fail the SSL
handshake.

What protocol and ciphers are those working browsers using?

Chrome: TLS 1.2 ECDHE RSA AES 128 CBC SHA1 Firefox: TLS v? ECDHE
RSA AES 128 CBC SHA1

Check the archives for a somewhat recent post by me including code
to scan an SSL server for the protocols and ciphers it supports.

That's a great tool you've written. Using the shortlist of cipher
suites on Tomcat above, this is supported: AcceptedTLSv1
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA AcceptedTLSv1
TLS_RSA_WITH_AES_128_CBC_SHA AcceptedTLSv1
TLS_DHE_RSA_WITH_AES_128_CBC_SHA Accepted  TLSv1.1
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Accepted  TLSv1.1
TLS_RSA_WITH_AES_128_CBC_SHA Accepted  TLSv1.1
TLS_DHE_RSA_WITH_AES_128_CBC_SHA Accepted  TLSv1.2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Accepted  TLSv1.2
TLS_RSA_WITH_AES_128_CBC_SHA Accepted  TLSv1.2
TLS_DHE_RSA_WITH_AES_128_CBC_SHA


Cool. Is that the whole list? It's not many: just 3 different ciphers
for each of 3 protocols. It's possible there simply isn't any match
between what Android 5.0 can do and what you have available.
Yes, that's currently the whole list. I tried the default cipher suites 
first and when they did not work, I tried to slim down the list so that 
the openssl s_client would negotiate a cipher suite on the supported 
Android list.


- From your SO posting, I can see you claim that
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is documented to be available in
Android's SSL/TLS API, so I'd be surprised if it didn't connect.

I wonder if this is a problem with the handshake only?
I suspect there is a problem with Android 5's handshake. I've opened an 
Android bug report:

https://code.google.com/p/android/issues/detail?id=103251

If someone on the list had responded that they do have Android 5 
connecting a websocket to Tomcat, it would probably be a configuration 
problem on my Tomcat server.


What does your Connector configuration look like?
I am using spring-boot 1.2.1, and I don't have that set explicitly. The 
configuration I do have is the spring boot application.properties:

server.ssl.key-store = mind7.cs.umd.edu.chained.p12
server.ssl.key-store-password = secret
server.ssl.key-store-type = PKCS12

Otherwise the configuration is the default for spring-boot.


Perhaps you have to re-enable the SSLv2hello protocol. (Note that this
does not allow SSLv2 or SSLv3 to be used as the protocol... only to
start the handshake using the old protocol).

I will look into this for spring boot. Thanks.


- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJUv9NEAAoJEBzwKT+lPKRY7QwQAJOJUhBJT4F7jzuT44+vp3oF
2qd+cJLcNtF0Q6u+eyjrWLtvih+AlkxkXvEl9ezOqD5KEwnv0OHk+UDXO6NNu9ha
f+X/dXWIr6+WBX9+GAF83b3G4+ZT6VqyYLjj1ydUkx5LIW6JHDbDbXbtt0OGCzN+
q98e0NKOFs2jcw0fudWWtQj1pg7VIMH5eviTdjMWSQursK1MC5n6Byreq0a1KqaP
uxbmFI9NgnD9YFm+FCZeDz2Bwj76oHBYdB01TvqDFvvkihepz7SlqsuSLqBOO3Ev
s3yIuq6WFIcZUjmqBmrX4aR35DsOzDTS6XRXLuS2vxKn8/WEoclezRmPlqU++f7I
qy7EBZEe6wkCTxGtd13/3YbXHhfixvjwplh6127gmLQtfYRF40N++7ZTIAUejLBK
bLoeB12NGbFOsPjrSXXcYb0Bj9oz9OKYYCFLL7tgLfBFgtZfh8g8xQuu8DTBs+Ue
4qXDvYDuEq1o4xlgTtQClUq2YG8dKq30U4LMW3K8e7bZFZw7yof2GW2IatWHaljj
RcIM9kUxXYrUC3ak4oLJ03xRCqpu6xoouAGr/WVfT182el+CVIJM93llvxA3ULRb
AeyF8J+svDiEBeZ4TNmuIp4LVbjBBYlOy7rG3SswHYHUw5KWjzQNNUlN63S1IvL5
gEfezVm/77xilOEMPp9+
=5tO3
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Android 5.0 SSL handshake failure

[Matthew Mah]

On 01/20/2015 10:08 AM, Christopher Schultz wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Matthew,

On 1/18/15 1:54 PM, Matthew Mah wrote:

I have setup a Tomcat server using spring-boot with SSL/TLS for
secure websockets.

Tomcat version? JVM version? Any relevant configuration?

Tomcat 8.0.15.
multiple JVM:
java version 1.7.0_55 OpenJDK Runtime Environment
java version 1.7.0_65 OpenJDK Runtime Environment
java version 1.7.0_71 OpenJDK Runtime Environment

I have tried the default ciphers, as well as:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA is listed as both supported and 
enabled for Android API 11+

http://developer.android.com/reference/javax/net/ssl/SSLSocket.html

I would prefer a stronger cipher suite (not SHA1), but right now I am 
looking for anything that works.





This works for Android 4.4, iOS, Firefox, and Chrome clients.
Android 5.0 clients (Nexus 5) fail the SSL handshake.

What protocol and ciphers are those working browsers using?

Chrome: TLS 1.2 ECDHE RSA AES 128 CBC SHA1
Firefox: TLS v? ECDHE RSA AES 128 CBC SHA1


Check the archives for a somewhat recent post by me including code to
scan an SSL server for the protocols and ciphers it supports.
That's a great tool you've written. Using the shortlist of cipher suites 
on Tomcat above, this is supported:

 AcceptedTLSv1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 AcceptedTLSv1 TLS_RSA_WITH_AES_128_CBC_SHA
 AcceptedTLSv1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.1 TLS_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA




Has anyone successfully setup secure websockets with Android 5?

I know there are SSL/TLS changes in Android 5, and so far I am
unable to find any combination of configurations on the server and
client to successfully connect. If someone else has gotten this to
work, at least I will know I am making an error somewhere.

I have details posted on stack overflow:
http://stackoverflow.com/questions/28011581/android-5-0-lollipop-websocket-ssl-handshake-failure

It
looks like you might have to re-enable the SSL2hello
pseudo-protocol, which is weird because Android 5 should definitely
speak TLS.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJUvm93AAoJEBzwKT+lPKRYawkQAIaON8MmU0bTw0RYmzuvcL1X
uPP23ARjgfNpL04skX/+Rmy6fuHF5zmwhSeABDaHnhx/Uuyobpz+5W9/nXF1IyCq
eb6wuGIrQfjHBvvA3vUHN46hNOCrN1hT/ky5oGaXcKShepNB5psl+3/l2zWSIosv
535YYYb59LLykMPEC99LNKjwHszPTciFlbiBJqkbGDWu3AxZ5iaQw8T+UlxtgHsc
Mh5UlsC72hi9lkeQ9fpwV74dqpitJsVz336D2gXjtz6MeIgBc0BWYrzHCTtL4Ra7
ISk/T5wHNZTYD4iINTCrWQ4uBGazIs3x91Y8MpKHA9kiBJPZMNqX0UiED+ZuAD0x
wT/9MTVyzz1YK9e8i1crcCb3EKEC4aYD6QRLoxqet9i5Bkp2ZGbUoSzw70CmEhz+
w/jHzWJ/pVVIPsxBduFRdj4R+wlYNK/wp6Qyr6EX2Fgm3ZE0MJuAH8OirnYgizrj
p/vu17S/P6e8xf1q+3rcWj1ar4/1C73CVOzs1G71dAlx3KaT+DIW2CkZrySYQP29
BpEFjYy08pUUIaG36V5Jeylmz1PeF78CpSV/MD0/XdP8Ar8ayoEfFngkPKCm2e4q
KF87qDZ9ylAX97Qn2hmXZKnW2AhXsi3BTf/Z/Z6eDKywhSFuWL4yO2gDrwBHZ+rb
ye41SxCVoaxzodEO62Bw
=yZdl
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Android 5.0 SSL handshake failure

[Matthew Mah]

On 01/21/2015 03:24 PM, Christopher Schultz wrote:

Have you tried a plain-old HTTPS connection? No Websocket?

I just tried HTTPS using

HttpsURLConnection urlConnection = (HttpsURLConnection) 
url.openConnection();

try {
try {
InputStream in = new 
BufferedInputStream(urlConnection.getInputStream());

byte [] buffer = new byte[1024];
in.read(buffer);
Log.i(TAG, new String(buffer));
}
catch(Exception e){
}
String cipherSuite = urlConnection.getCipherSuite();
Log.i(TAG, connected?  + cipherSuite);
}

There is currently no content being served (only the websocket), but the 
network trace shows a successful TLSv1.2 handshake. This should mean the 
certificates and cipher suites are fine, but there is a problem with 
some interaction between Android 5.0 and the Tyrus websocket 
implementation. I think the most logical next step is to try a different 
websocket implementation.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Android 5.0 SSL handshake failure

[Matthew Mah]

I have setup a Tomcat server using spring-boot with SSL/TLS for secure 
websockets. This works for Android 4.4, iOS, Firefox, and Chrome 
clients. Android 5.0 clients (Nexus 5) fail the SSL handshake.


Has anyone successfully setup secure websockets with Android 5?

I know there are SSL/TLS changes in Android 5, and so far I am unable to 
find any combination of configurations on the server and client to 
successfully connect. If someone else has gotten this to work, at least 
I will know I am making an error somewhere.


I have details posted on stack overflow:
http://stackoverflow.com/questions/28011581/android-5-0-lollipop-websocket-ssl-handshake-failure

Thanks,
Matt

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org