Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Handshake - application data

843811Oct 19 2005
Hi.

I've written an ssl server in java that connects to a client written in c, which uses openssl. The client finishes handshaking correctly but the server wants to read / write application data. Here is the debug:
trigger seeding of SecureRandom
done seeding SecureRandom
export control - checking the cipher suites
export control - found legal entry in cache...
Client Hash: 17682935
Processing connection
Started Handshaking With Client

%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1129734383 bytes = { 6, 81, 94, 51, 0, 153, 104, 183, 76, 17
5, 111, 57, 103, 138, 92, 226, 55, 159, 40, 90, 216, 57, 133, 186, 242, 190, 239
, 215 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH
_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC
_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SH
A, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_
WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI
TH_DES40_CBC_SHA]
Compression Methods:  { 0 }
***
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
Finalizer, called close()
Finalizer, called closeInternal(true)
Finalizer, SEND TLSv1 ALERT:  warning, description = close_notify
main, READ: SSLv3 Handshake, length = 95
Finalizer, WRITE: TLSv1 Alert, length = 2
*** ClientHello, SSLv3
RandomCookie:  GMT: 1129734383 bytes = { 185, 84, 89, 223, 108, 119, 210, 124, 7
, 118, 2, 79, 158, 146, 49, 130, 89, 215, 132, 115, 185, 60, 160, 147, 170, 144,
 22, 185 }
Session ID:  {}
Cipher Suites: [TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_S
HA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS
_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_
CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, SSL_DHE
_DSS_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_D
HE_DSS_EXPORT1024_WITH_DES_CBC_SHA, SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA, Unknown
 0x0:0x61, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_W
ITH_DES_CBC_SHA, SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, SSL_RSA_EXPORT1024_WITH
_RC4_56_SHA, Unknown 0x0:0x60, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DS
S_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_W
ITH_RC2_CBC_40_MD5, SSL_RSA_EXPORT_WITH_RC4_40_MD5]
Compression Methods:  { 0 }
***
%% Created:  [Session-1, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
*** ServerHello, SSLv3
RandomCookie:  GMT: 1129734383 bytes = { 43, 15, 133, 243, 73, 196, 15, 166, 75,
 222, 152, 109, 139, 39, 178, 76, 225, 202, 198, 26, 82, 209, 11, 218, 178, 179,
 108, 30 }
Session ID:  {67, 86, 97, 239, 130, 31, 10, 232, 216, 164, 232, 82, 180, 36, 115
, 36, 82, 11, 12, 33, 150, 32, 30, 98, 100, 66, 39, 69, 155, 119, 197, 136}
Cipher Suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Compression Method: 0
***
Cipher suite:  SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
*** Certificate chain
chain [0] = [
[
  Version: V1
  Subject: CN=root, OU=Development Team, O=CTI, L=Sydney, ST=NSW, C=AU
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  Sun RSA public key, 1024 bits
  modulus: 110240476392121229869292950792296314404385857571223198645307316794892
45787256130133842987458418326262521515632284153953645856956648555107985140123259
30904002347344588369282736845247171087256279483861070669520857346069810686890992
13236011324229780837605311056778407898312658036232744674189201876981115945728739

  public exponent: 65537
  Validity: [From: Mon Oct 10 13:23:26 EST 2005,
               To: Sun Jan 08 14:23:26 EST 2006]
  Issuer: CN=root, OU=Development Team, O=CTI, L=Sydney, ST=NSW, C=AU
  SerialNumber: [    4349deae]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: 03 A7 7F 96 1E BC 09 B9   2D 4B 4B A7 0C 7A F2 3D  ........-KK..z.=
0010: 62 D5 1F D0 03 E4 CE C7   FB DB 4B 69 F0 34 8E 98  b.........Ki.4..
0020: DD 10 3A F8 91 B7 3D 18   D3 4B 0A E9 D0 08 EB 4E  ..:...=..K.....N
0030: 6F 32 04 7C D8 0C 53 74   69 56 D8 C8 4A 4B 66 40  o2....StiV..JKf@
0040: B5 FC D1 6D 49 77 EF B4   87 8A 17 4A 65 74 0D A4  ...mIw.....Jet..
0050: 29 5F 79 29 3F 8B 02 9E   7D F4 C0 B8 4B 37 D9 51  )_y)?.......K7.Q
0060: 45 93 C2 21 5C 25 3A 2C   54 E2 7B FF 0F B7 B7 49  E..!\%:,T......I
0070: B7 25 6C C2 4E 5F 5B D3   96 FD 13 5C E5 7C B8 A1  .%l.N_[....\....

]
***
*** Diffie-Hellman ServerKeyExchange
DH Modulus:  { 244, 136, 253, 88, 78, 73, 219, 205, 32, 180, 157, 228, 145, 7, 5
4, 107, 51, 108, 56, 13, 69, 29, 15, 124, 136, 179, 28, 124, 91, 45, 142, 246, 2
43, 201, 35, 192, 67, 240, 165, 91, 24, 141, 142, 187, 85, 140, 184, 93, 56, 211
, 52, 253, 124, 23, 87, 67, 163, 29, 24, 108, 222, 51, 33, 44, 181, 42, 255, 60,
 225, 177, 41, 64, 24, 17, 141, 124, 132, 167, 10, 114, 214, 134, 196, 3, 25, 20
0, 7, 41, 122, 202, 149, 12, 217, 150, 159, 171, 208, 10, 80, 155, 2, 70, 211, 8
, 61, 102, 164, 93, 65, 159, 156, 124, 189, 137, 75, 34, 25, 38, 186, 171, 162,
94, 195, 85, 233, 47, 120, 199 }
DH Base:  { 2 }
Server DH Public Key:  { 20, 217, 135, 50, 197, 150, 160, 132, 32, 16, 171, 7, 8
9, 62, 156, 184, 172, 119, 222, 217, 201, 163, 186, 94, 10, 206, 223, 146, 180,
150, 59, 125, 108, 183, 39, 163, 252, 191, 20, 109, 206, 240, 212, 0, 198, 209,
200, 58, 37, 37, 7, 184, 104, 192, 167, 240, 30, 46, 185, 121, 111, 195, 180, 16
3, 31, 156, 195, 167, 105, 14, 6, 117, 6, 216, 58, 9, 238, 208, 210, 110, 4, 139
, 155, 215, 95, 243, 81, 213, 93, 138, 111, 135, 106, 128, 196, 241, 86, 120, 29
, 37, 93, 144, 88, 237, 101, 123, 191, 193, 133, 146, 36, 152, 142, 244, 15, 226
, 129, 30, 116, 47, 90, 31, 2, 97, 209, 12, 59, 75 }
Signed with a DSA or RSA public key
*** ServerHelloDone
main, WRITE: SSLv3 Handshake, length = 1075
main, READ: SSLv3 Handshake, length = 134
*** ClientDiffieHellmanPublic
DH Public key:  { 85, 100, 104, 77, 3, 100, 126, 71, 236, 205, 12, 28, 69, 190,
186, 45, 254, 62, 188, 155, 161, 231, 17, 98, 133, 195, 93, 97, 7, 229, 107, 241
, 253, 28, 154, 100, 2, 204, 120, 226, 106, 56, 180, 12, 149, 232, 194, 113, 139
, 27, 211, 139, 229, 205, 112, 255, 112, 164, 220, 100, 113, 190, 209, 41, 243,
145, 83, 113, 120, 251, 102, 28, 31, 65, 245, 57, 6, 201, 170, 117, 221, 226, 12
8, 29, 255, 77, 106, 2, 127, 56, 17, 251, 32, 82, 187, 183, 26, 211, 55, 80, 75,
 26, 182, 27, 126, 196, 187, 202, 86, 184, 210, 140, 248, 113, 41, 167, 129, 55,
 105, 40, 22, 139, 153, 237, 116, 32, 159, 206 }
SESSION KEYGEN:
PreMaster Secret:
0000: 6D AC 34 E4 32 B4 15 BB   4E 61 C0 E8 48 34 19 F2  m.4.2...Na..H4..
0010: 25 8E 8A 56 BF 35 8B 64   0B A4 EE C4 28 60 AA 70  %..V.5.d....(`.p
0020: DE DD F0 8D F8 3D 45 C1   1F 0F 7C D0 C3 BE 2C 0E  .....=E.......,.
0030: 0D CB 2B C2 B6 8E 82 44   C9 06 20 85 46 D1 A7 47  ..+....D.. .F..G
0040: 16 D5 B1 28 F9 68 FD AD   F5 C2 79 C5 54 69 EB 70  ...(.h....y.Ti.p
0050: 50 00 3C 37 95 01 AE CE   9E 2A 05 DF FB F4 27 78  P.<7.....*....'x
0060: 14 8E 23 07 4C 18 0B C1   54 9A 90 61 70 93 F2 68  ..#.L...T..ap..h
0070: F4 E2 5F F8 93 F0 1F B3   FD E7 9F BD 2F 07 58 F5  .._........./.X.
CONNECTION KEYGEN:
Client Nonce:
0000: 43 56 61 EF B9 54 59 DF   6C 77 D2 7C 07 76 02 4F  CVa..TY.lw...v.O
0010: 9E 92 31 82 59 D7 84 73   B9 3C A0 93 AA 90 16 B9  ..1.Y..s.<......
Server Nonce:
0000: 43 56 61 EF 2B 0F 85 F3   49 C4 0F A6 4B DE 98 6D  CVa.+...I...K..m
0010: 8B 27 B2 4C E1 CA C6 1A   52 D1 0B DA B2 B3 6C 1E  .'.L....R.....l.
Master Secret:
0000: C4 65 3D 1D 28 4F 75 59   CC 98 06 74 E9 D8 E8 AF  .e=.(OuY...t....
0010: 21 73 30 E8 FC C2 74 1A   61 53 FA 6F A4 EE 3A 87  !s0...t.aS.o..:.
0020: FF 20 32 6F 88 46 68 C6   85 D3 79 51 28 28 55 3D  . 2o.Fh...yQ((U=
Client MAC write Secret:
0000: 8C 52 F2 B7 4B A5 B0 45   0A A7 A2 6E 6C 0F B0 4E  .R..K..E...nl..N
0010: 4D 6C B5 A7                                        Ml..
Server MAC write Secret:
0000: F5 70 45 28 26 A8 05 6B   40 75 6E AD 32 53 75 DD  .pE(&..k@un.2Su.
0010: 02 61 F0 9C                                        .a..
Client write key:
0000: ED 54 9B 29 3F BC 63 BF   7B E4 37 0A 38 2C 54 4D  .T.)?.c...7.8,TM
0010: B3 21 DC A8 82 EA 5B E4                            .!....[.
Server write key:
0000: B0 93 B3 44 78 B0 F1 B5   CC 4E 9B A3 DC 93 32 D7  ...Dx....N....2.
0010: 91 5D 77 44 4F 3B A1 64                            .]wDO;.d
Client write IV:
0000: BF C4 B5 A8 D5 53 2D 6F                            .....S-o
Server write IV:
0000: E3 DB 9C 09 62 74 28 20                            ....bt(
main, READ: SSLv3 Change Cipher Spec, length = 1
main, READ: SSLv3 Handshake, length = 64
*** Finished
verify_data:  { 139, 166, 42, 69, 56, 191, 230, 222, 147, 239, 5, 90, 126, 36, 3
0, 250, 218, 179, 99, 160, 243, 40, 58, 38, 146, 16, 207, 177, 227, 7, 129, 125,
 73, 114, 165, 184 }
***
main, WRITE: SSLv3 Change Cipher Spec, length = 1
*** Finished
verify_data:  { 168, 69, 34, 34, 26, 24, 121, 221, 25, 31, 82, 206, 163, 225, 61
, 113, 23, 244, 70, 232, 31, 7, 102, 83, 167, 241, 41, 196, 52, 211, 201, 154, 1
95, 220, 7, 207 }
***
main, WRITE: SSLv3 Handshake, length = 64
%% Cached server session: [Session-1, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
main, WRITE: SSLv3 Application Data, length = 128
Any ideas on how to stop the application data part from happening?

Thanks.
Ben
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Nov 16 2005
Added on Oct 19 2005
#java-secure-socket-extension-jsse
0 comments
382 views