Geek asks and answers

Protect tomcat 6 apr SSL from BEAST attack

We are launching a web application on Tomcat 6 using our own Apache Portable Runtime SSL SSL connector to provide an SSL connection. How can we configure the server to prevent a BEAST attack ?. The proposed solution (1) cannot be configured in the Tomcat configuration, because it does not allow setting the SSLHonorCipherOrder (2) parameter.

Currently we only use the setting SSLCipherSuite = "ECDHE-RSA-AES256-SHA384: AES256-SHA256: RC4: HIGH :! MD5 :! aNULL :! EDH :! AESGCM", but the test using the SSL server test shows the server by - still vulnerable to BEAST attacks. I know that we can solve this problem by sending Tomcat using an Apache proxy, but this change is too invasive to be implemented in the short term. I can also pay Tomcat to add support, but this will prevent Tomcat from updating automatically, which is against the policies.

1: https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls

2: http://tomcat.apache.org/tomcat-6.0-doc/apr.html

+3
source share
3

. , / JSSE Tomcat.

:

/*
SSLSettingHelper prevents BEAST SSL attack by setting the appropriate option.
Due to protected variable must be in org.apache.tomcat.util.net package...
Instruction:
1) Compile and place JAR in tomcat /lib
2) Add protocol="org.apache.tomcat.util.net.SSLSettingHelper" to SSL APR connector
*/
package org.apache.tomcat.util.net;

public class SSLSettingHelper extends org.apache.coyote.http11.Http11AprProtocol {
    @Override
    public void init() throws Exception {
        super.init();
        org.apache.tomcat.jni.SSLContext.setOptions(endpoint.sslContext, org.apache.tomcat.jni.SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
        log.info("SSLSettingHelper set SSL_OP_CIPHER_SERVER_PREFERENCE to prevent BEAST SSL attack");
    }
}

:

<Connector server="Server" protocol="org.apache.tomcat.util.net.SSLSettingHelper" port="8443" maxThreads="256" scheme="https" secure="true" SSLEnabled="true" SSLCertificateFile="..." SSLCertificateKeyFile="..." SSLCertificateChainFile="..." SSLCipherSuite="ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" compression="on" compressableMimeType="text/html,text/xml,text/plain,application/json,text/css,text/javascript" maxPostSize="1024000"/>

BEAST.

+1

, Tomcat CipherOrder, , BugZilla, , Tomcat 7.0.30 . , . https://issues.apache.org/bugzilla/show_bug.cgi?id=53481

+2

java , "SSLHonorCipherOrder". , Sun Sun JSSE (bootclasspath), Server .

: sun.security.ssl.ServerHandshaker

public static boolean preferServerOrder = true;

selectCipherSuite:

private void chooseCipherSuite(final HandshakeMessage.ClientHello mesg) throws IOException {
    if(preferServerOrder) {
        final CipherSuiteList clientList = mesg.getCipherSuites();
        for(final CipherSuite serverSuite : getActiveCipherSuites().collection()) {
            if (this.doClientAuth == 2) {
                if (serverSuite.keyExchange == CipherSuite.KeyExchange.K_DH_ANON) continue;
                if (serverSuite.keyExchange == CipherSuite.KeyExchange.K_ECDH_ANON) continue;
            }
            if(!serverSuite.isNegotiable()) continue;
            if(clientList.contains(serverSuite)) {
                if (trySetCipherSuite(serverSuite)) return;
            }
        }
    } else {
        final Collection list = mesg.getCipherSuites().collection();
        for(final CipherSuite suite : list) {
            if (!(isNegotiable(suite))) continue;
            if (this.doClientAuth == 2) {
                if (suite.keyExchange == CipherSuite.KeyExchange.K_DH_ANON) continue;
                if (suite.keyExchange == CipherSuite.KeyExchange.K_ECDH_ANON) continue;
            }
            if (trySetCipherSuite(suite)) return;
        }
    }
    fatalSE(Alerts.alert_handshake_failure, "no cipher suites in common");
}
0
source

More articles:


All Articles