How to use ChaCha cipher in SSL ciphersuite using java

Question

I was trying to find way to edit the supported cipher suite in a Java SSL client so I can offer a specific list of cipher suites.

One suggested solution was to use the SSLSocketFactoryEx class that was posted by @jww in this link: Which Cipher Suites to enable for SSL Socket?

I did added the SSLSocketFactoryEx class and run the code that lists the supported ciphers by this class (NOTE: I used GetCipherList(); instead of the getSupportedCipheSuites(); because the first is what I found in the SSLSocketFactoryEx) . The code is:

import java.io.IOException;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.util.Arrays;

import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class ListCiphers {

    public static void main(String[] args) throws UnknownHostException, IOException, KeyManagementException, NoSuchAlgorithmException
    {   
        Security.addProvider(new BouncyCastleProvider());

        //BC is the ID for the Bouncy Castle provider;
        if (Security.getProvider("BC") == null){
            System.out.println("Bouncy Castle provider is NOT available");
        }
        else{
            System.out.println("Bouncy Castle provider is available");
        }

        SSLSocketFactoryEx factory = new SSLSocketFactoryEx();
        String[] cipherSuites = factory.GetCipherList();
        System.out.println(Arrays.toString(cipherSuites));

    } //end main
}

My code is supported by Bouncy Castle (BC) provider which says that it supports ChaCha cipher in the specification. See: https://www.bouncycastle.org/specifications.html

the result of the code (the supported ciphers) are:

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_EMPTY_RENEGOTIATION_INFO_SCSV

Why I can not see the ciphers with ChaCha cipher??

If you look at the SSLSocketFactoryEx code, it includes several cipher suites with ChaCha.

Why I can not get them in the supported cipher suites list after using BC provider? How can I add the following cipher suites in the supported cipher suites list so I can include them in the client hello message??

ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

Please, help.

Wait for https://bugs.openjdk.java.net/browse/JDK-8140466 to be delivered, or help deliver it — David Filiatrault, May 07 '16 at 14:11

Maarten Bodewes · Accepted Answer · 2016-04-26T10:17:55.740

2

The problem is that the JSSE implementation (which implements the Java TLS support) does not support ChaCha20. That the ChaCha20 implementation is now available through a JCE provider does not change that.

These kind of cipher classes cannot just be dropped in; ciphers have specific requirements with regards to the key, IV, padding etc. etc. to be used. So you need to write code around the cipher to have it supported by your particular implementation of TLS.

So you need to either wait until it is supported (if ever) or use a JSSE (Java Secure Socket Extensions, TLS) provider that does support it. I guess that it may become available after 1.3 is finalized as that standardizes on AEAD (authenticated) ciphers, and ChaCha20 + Poly 1305 would be a pretty fast configuration.

edited Apr 26 '16 at 10:17

answered Jun 07 '15 at 00:52

Maarten Bodewes

90,524
13
150
263

1

Doesn't BC have an SSL provider? – user207421 Jun 07 '15 at 01:24
@EJP Only in the lightweight API (`org.bouncycastle.*`). I don't think it has a JSSE provider, which is what the user tries to use. Still, using the Lightweight API could be a possibility. – Maarten Bodewes Jun 07 '15 at 01:58
1

@Maarten Bodewes I do not undertsand from your answers whether I can use BC to achieve what I want? If no, then why? the BC specs says it supports ChCha. Can you help me with another programming language that allows me to add/drop any cipher supported in OpenSSL ?? does python allows that? – user2192774 Jun 07 '15 at 11:40
Again: support of a separate cipher in the generic API doesn't mean that it can auto-magically be used by a TLS implementation. That would require additional programming. This goes for any implementation. It's like finding a random wheel for a car and expecting that it will fit without modifications. Thy the lightweight API, maybe it is implemented in there. – Maarten Bodewes Jun 07 '15 at 11:51

How to use ChaCha cipher in SSL ciphersuite using java

1 Answers1