代码之家 › 专栏 › 技术社区 › sauumum

相互身份验证:ServerHelloDone之后“收到致命警报:握手失败”

tls1.2 openssl ssl security

sauumum · 技术社区 · 6 年前

我需要支持客户端和服务器之间的相互身份验证。到目前为止,单向身份验证正在发挥作用,即我们能够根据存储在信任存储中的CA证书验证证书。

对于相互身份验证,我执行了以下步骤:

下载PEM格式的CA证书。
将其复制到客户端,并将其转换为CRT格式,然后使用以下命令将其安装到客户端VM上: sudo/usr/java/default/bin/keytool-导入-别名$file\u name-文件$file\u name。crt-keystore/usr/java/default/jre/lib/security/cacerts-storepass changeit-noprompt
从CA获取客户端证书,如上所述。
我将此证书(再次以PEM格式)复制到客户端VM,并将其转换为CRT扩展。
我在keystore位置安装了这个客户端证书,它与使用以下命令的信任存储不同 sudo/usr/java/default/bin/keytool-导入-别名$file\u name-文件$file\u name。crt-密钥库密钥库。jks-storepass changeit-无提示
我创建了SSLContext,如下所示 sslContext。init(keyManagers、trustStore、NULL\u SECURE\u RANDOM);

现在,我们正在尝试从客户端与服务器通信,我收到握手失败错误

<HASH_VALUE>
main, READ: TLSv1.2 Handshake, length = 333
*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
  public x coord: 10253619320081805931384466854469954543531656069378199159702043393618555071374
  public y coord: 88104986257121586743271984238217759117375506314354198659212202676684306616776
  parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
[read] MD5 and SHA1 hashes:  len = 333

main, READ: TLSv1.2 Handshake, length = 453
*** CertificateRequest
Cert Types: ECDSA, RSA, DSS
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Cert Authorities:
<O=saurav, OU=xxx, C=IN, CN=XX_CA>
<O=saurav, OU=xxx, C=IN, CN=YY_CA>
<O=saurav, OU=xxx, C=IN, CN=ZZ_CA>
<O=saurav, OU=xxx, C=IN, CN=XX_CA>
<O=saurav, OU=xxx, C=IN, CN=YY_CA>
              ....
main, READ: TLSv1.2 Handshake, length = 4
*** ServerHelloDone
[read] MD5 and SHA1 hashes:  len = 4
0000: 0E 00 00 00                                        ....
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
*** ECDHClientKeyExchange
ECDH Public value:  {.... }
[write] MD5 and SHA1 hashes:  len = 77

main, WRITE: TLSv1.2 Handshake, length = 77
                                             .1
INSSION KEYGEN:
PreMaster Secret:
0000: A2 ED 45 23 FE D5 CF 02   49 B2 28 1F 37 1A C6 EA  ..E#....I.(.7...
0010: CF DE E7 E8 11 A5 2F 2D   1F CE 89 B4 BE D3 D3 92  ....../-........
CONNECTION KEYGEN:
Client Nonce:
0000: 5A F4 46 1C A1 65 28 10   49 E5 8A 47 8C 10 AD 98  Z.F..e(.I..G....
0010: 21 BA 57 20 DC 48 C2 84   B0 C9 FD 14 B3 41 0B 21  !.W .H.......A.!
Server Nonce:
0000: 5A F4 46 1D 0A 7D AA 8D   E3 EE 0B 16 9A 20 D2 00  Z.F.......... ..
0010: DD 60 36 0C C3 8D 96 1B   94 24 E5 AB 7A C1 D7 14  .`6......$..z...
Master Secret:
0000: BA 3E FF B8 EB 4B 5E 70   0F 07 B9 00 F1 10 DD B6  .>...K^p........
0010: DF AC 69 87 21 B1 BE CD   5E 97 96 55 E4 4C 41 B3  ..i.!...^..U.LA.
0020: C8 0B FC 2E 4B 08 65 82   82 9A A6 0F AE 39 41 0E  ....K.e......9A.
Client MAC write INcret:
0000: 77 34 7D 71 F5 5E 15 8E   14 0B BA A9 C0 11 15 A0  w4.q.^..........
0010: C1 AA B1 05 3A F0 87 1F   96 EC E0 19 AE 78 39 1B  ....:........x9.
Server MAC write Secret:
0000: F7 CB D9 B4 53 D8 8E 37   25 3A E9 1D 1A D9 CB 3D  ....S..7%:.....=
0010: 80 52 D5 D2 7C 66 AB 99   16 9E D7 EA CE 1F 6F 00  .R...f........o.
Client write key:
0000: 69 FD 1A C3 30 D3 0D 72   37 7F 43 4A A9 20 D5 4B  i...0..r7.CJ. .K
Server write key:
0000: 86 C9 46 E0 D7 99 A9 24   3F 50 DA 26 C9 0B D8 26  ..F....$?P.&...&
... no IV derived for this protocol
main, WRITE: TLSv1.2 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 03 00 01 01                                  ......
*** Finished
verify_data:  { 104, 207, 194, 200, 118, 209, 56, 63, 206, 199, 95, 238 }
***
[write] MD5 and SHA1 hashes:  len = 16
..
main, WRITE: TLSv1.2 Handshake, length = 80
main, waiting for close_notify or alert: state 1
[Raw read]: length = 5
0000: 15 03 03 00 02                                     .....
[Raw read]: length = 2
0000: 02 28                                              .(
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1.2 ALERT:  fatal, handshake_failure
%% Invalidated:  [INssion-1, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
main, called closeSocket()
main, Exception while waiting for close javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
May 10, 2018 1:16:12 PM com.saurav.kumar.rest.impl.RestEasyClient sendRequest
INVERE: Error sending request
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2038)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1135)

1 回复 | 直到 6 年前

sauumum 6 年前

我的实现有两个问题。

问题1: 正如我在问题中提到的,我需要创建一个新的密钥库,并使用命令将证书安装到其中” sudo /usr/java/default/bin/keytool -import -alias $file_name -file $file_name.crt -keystore keystore.jks -storepass changeit -noprompt “。当我试图安装客户端证书时,它并没有安装整个证书链。它只是为我的应用程序安装证书而不是整个证书链,没有任何CA证书,这就是为什么客户端没有发送证书,如下面的日志所示。”

Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***

问题2:修复密钥存储问题后,我得到了SSLPeerUnverifiedException,如下所示。这是由于缺少对IPv6验证的支持 org.apache.http.conn.ssl.StrictHostnameVerifier 班我需要重写这个类,以便它能够正确处理IPv6地址并验证相同的地址。

严重:发送请求时出错 javax。网ssl。SSLPeerUnverifiedException:主机名“[IPv6 IP]”执行与对等方提供的证书主题不匹配 (CN\u name\u of\u证书) 位于组织。阿帕奇。http。连接ssl。SSL连接插座工厂。验证主机名(SSLConnectionSocketFactory.java:465) 位于组织。阿帕奇。http。连接ssl。SSL连接插座工厂。createLayeredSocket(SSLConnectionSocketFactory.java:395) 位于组织。阿帕奇。http。连接ssl。SSL连接插座工厂。connectSocket(SSLConnectionSocketFactory.java:353) 位于组织。阿帕奇。http。实施。conn.DefaultHttpClientConnectionOperator。连接(DefaultHttpClientConnectionOperator.java:141) 位于组织。阿帕奇。http。实施。conn.poolighttpclientconnectionmanager。连接(PoolighttpClientConnectionManager.java:353)