1

I am hitting the third party websites via webscarab (webscarab-selfcontained-20070504-1631.jar) as proxy in java6, which is working fine for more than 20K websites.

But currently i am getting below error while hitting only third party url,

java.lang.RuntimeException: Could not generate DH keypair
 at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1612)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1595)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1521)
 at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
 at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
 at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
 at org.owasp.webscarab.model.Request.writeDirect(Request.java:234)
 at org.owasp.webscarab.model.Request.writeDirect(Request.java:215)
 at org.owasp.webscarab.httpclient.URLFetcher.fetchResponse(URLFetcher.java:247)
 at org.owasp.webscarab.plugin.proxy.CookieTracker$Plugin.fetchResponse(CookieTracker.java:130)
 at org.owasp.webscarab.plugin.proxy.BrowserCache$Plugin.fetchResponse(BrowserCache.java:101)
 at org.owasp.webscarab.plugin.proxy.RevealHidden$Plugin.fetchResponse(RevealHidden.java:100)
 at org.owasp.webscarab.plugin.proxy.BeanShell$Plugin.fetchResponse(BeanShell.java:229)
 at org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse(ManualEdit.java:243)
 at org.owasp.webscarab.plugin.proxy.ConnectionHandler.run(ConnectionHandler.java:233)
 at java.lang.Thread.run(Thread.java:662)
Prime size must be multiple of 64, and can only range from 512 to 1024

I have searched for and also tried by updating the unlimited strength JCE far files still getting the same error.

Also i found that the url which i am hitting uses the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher for encryption.

When i tried to hit the same url in java7, i am getting the proper response and found that it uses the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher from default enabled cipher of java7 for this url.

Now what i need is how to use the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher in java6,, I referred the javadoc's for java6, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher encryption is not supported in java6. Is there any other way to support it in java6,since i don want to take a risk of upgrading the java version to 7 to resolve this issue.....

TikTik
  • 347
  • 2
  • 8
  • 22
  • Maybe read this article:[Check supported Ciphers](https://answers.launchpad.net/ubuntu/+question/239272) and try running in your Java 1.6 /bin directory to see if it is actually 'supported'. – Alvin Bunk Oct 30 '14 at 05:26
  • 2
    It looks more like it is trying to use a common cipher but fails because it does not support the prime size. See http://stackoverflow.com/a/18254095/3081018 for a possible help. – Steffen Ullrich Oct 30 '14 at 06:13
  • @ Alvin Bunk, Thanks for your suggestion. I have verified the ciphers of java6 and TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA it is not available in java6. It is available only in java7. So is there a any other way to enable it? – TikTik Oct 31 '14 at 04:13
  • @ Steffen Ullrich, Thanks for your comments. When i tried commenting all the DHE ciphers in java6, i can able to get the proper response via SSL_RSA_WITH_3DES_EDE_CBC_SHA cipher in java6. – TikTik Nov 05 '14 at 10:45

1 Answers1

1

The only option to resolve this issue by adding third-party API - Bouncy castle. Please refer to the below link and happy coding.

https://docs.oracle.com/cd/E19830-01/819-4712/ablsc/index.html

Magesh S
  • 11
  • 1