所以这是我的
Java ssl Server的代码. ctx是使用服务器密钥库初始化的SSLContext.
public SSLEngine createSSLEngine() {
SSLEngine sslEngine = ctx.createSSLEngine();
String[] ciphersuites = new String[]{
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
};
sslEngine.setEnabledCipherSuites(ciphersuites);
sslEngine.setUseClientMode(false);
return sslEngine;
}
我用cipherscan(https://github.com/jvehent/cipherscan)测试了它,密码套看起来很好,但是服务器支持所有可能的椭圆曲线(sect163k1,sect163r1,sect163r2,sect193r1,sect193r2,sect233k1,sect233r1,sect239k1,sect283k1,sect283r1,sect409k1,sect409r1,sect571k1,sect571r1,secp160k1,secp160r1,secp160r2,secp192k1,prime192v1,secp224k1,secp224r1,secp256k1,prime256v1,secp384r1,secp521r1).
有没有办法禁用所有曲线,除了像secp384r1这样的强曲线?
解决方法
从Java8 u121开始,可以配置要使用的椭圆曲线.
在程序的VM启动时使用参数,即:
-Djdk.tls.namedGroups="secp521r1,secp256r1,secp256k1"
或者,如果您希望JDK / JRE宽策略更改java.security文件并添加该属性.即:
-jdk.tls.namedGroups="secp521r1,secp256k1"
参考文献见:http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html段“提高JDK中EC的默认强度”