News  [SoftwareSite

Latest News
Older News
RSS Feed
 
Complete Projects
Useful Classes
Top Downloads
Message Board
AllAPI.net
 
Send Comments
Software License
Mentalis.org Buttons
Donate
 
Forums -> Security Library Forum
 
No Cipher Suites in Common - Part 2  
by James Jones [jbjones at chapman dot edu]
posted on 2004/10/18

Here's parts of the prior thread in hopes of finding someone who has implemented this before: Having a java sslsocket server talk to a mentalis.org sslsocket client. So far I can't get past the "no cipher suites in common" error when calling in.readline(): read below:

I've started from scratch, creating a new certificate with the keytool as well as generating the corresponding .p12 cert, and taking your code exactly, pasting it into new projects, and running them against one another. I also have java 1.4.2 and .NET framework 1.1. Here's the majority of the relevant code:

(JAVA SERVER CODE)
String cert = "C:\\Documents and Settings\\jbjones\\.keystore";
String pass = "*****";
int port = 10116;
ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(cert), pass.toCharArray());
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, pass.toCharArray());

km = kmf.getKeyManagers();
tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
tm = tmf.getTrustManagers();
sslc = SSLContext.getInstance("TLS");
sslc.init(km, tm, null);
ServerSocketFactory ssf = sslc.getServerSocketFactory();

ServerSocket ss = ssf.createServerSocket(port);

Socket tester = ss.accept();

BufferedReader in = new BufferedReader(new InputStreamReader(tester.getInputStream()));
BufferedOutputStream outStream = new BufferedOutputStream(tester.getOutputStream());
PrintStream outPrint = new PrintStream(outStream);
String line;

//read input
line = in.readLine();

NOTE: The exception occurs when calling in.readLine(): "SSLHandshakeException: no cipher suites in common"

(C# CLIENT CODE)
IPHostEntry ipHostInfo = Dns.Resolve(ip);
IPAddress ipAddress = ipHostInfo.AddressList[0];
IPEndPoint remoteEP = new IPEndPoint(ipAddress, port);

Certificate ssl = LoadPfxFile("c:\\testcert.p12", "ch4pm4n");//LoadCerFile("c:\\testcert.cer");
SecurityOptions security;// = new SecurityOptions(SecureProtocol.Ssl3 | SecureProtocol.Tls1, ssl, ConnectionEnd.Client);

security = new SecurityOptions(SecureProtocol.Tls1);
security.AllowedAlgorithms = SslAlgorithms.ALL;
security.Entity = ConnectionEnd.Client;
security.VerificationType = CredentialVerification.None;
security.Flags = SecurityFlags.Default;
security.Certificate = ssl;
//Create a TCP/IP socket
SecureSocket client = new SecureSocket(AddressFamily.InterNetwork,
SocketType.Stream, ProtocolType.Tcp, security);

// Connect to the remote endpoint
client.BeginConnect(remoteEP, new AsyncCallback(ConnectCallback), client);
connectDone.WaitOne(connectTimeout, true);

// Send data to the remote device
Send(client, request + "\n");
sendDone.WaitOne(sendTimeout, true);


The c# client successfully sends the message. The java server throws the "no ciphr suites in common".

Any Ideas?

Thanks for your help,
Jim

by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2004/11/19

Did you initialize the Java server with an RSA key? I think it uses Diffie-Hellman by default, and DH is not supported by our Security Library.

by Chris Mullins [cmullins at winfessor dot com]
posted on 2004/11/24

We had this problem quite some time ago, when testing some interop between our .NET application and a Java application.

The problem (after several days of hair-pulling) turned out to be the method by which the Java certificate was created.

When we use the certificated provided by the vendor, our app would report "no ciphers in common". When we build a certificate using the standard tools, and used it, everthing was fine.

The vendor looked at this for a while, couldn't make heads or tales of why this was happening, and switched to a different certificate generation mechanism.

--
Chris Mullins

 

Copyright © 2002-2007, The Mentalis.org Team. All rights reserved.
This site is located at http://www.mentalis.org/
Send comments to the webmaster.