[prev in list] [next in list] [prev in thread] [next in thread]
List: bouncycastle-crypto-dev
Subject: [dev-crypto] Re: Need help to use TLSv1.2 in java 1.4
From: Daniel Manley <daniel () manley ! name>
Date: 2017-06-27 15:39:23
Message-ID: 362d52dc-3132-1f4c-95c5-b7d5e03a3b34 () manley ! name
[Download RAW message or body]
hey Saurav,
that's great news! glad you were able to get it working. Cheers!
Dan
On 2017-06-26 11:23 AM, Gaurav Tawale wrote:
> Thanks Daniel. Thanks for your help.
>
> I am able to integrate httpmethod in my code.
>
> Thanks,
> Saurav Tawale
>
> On Monday, June 26, 2017, Gaurav Tawale <gtawale@gmail.com
> <mailto:gtawale@gmail.com>> wrote:
>
> Hi Daniel,
>
> If possible,
> Could you please provide working code for httpclient.
>
> I am struggling with HTtpurlconnection .
>
>
>
> Thanks,
> Gaurav Tawale
>
> On Friday, June 23, 2017, Daniel Manley <daniel@manley.name
> <javascript:_e(%7B%7D,'cvml','daniel@manley.name');>> wrote:
>
> Hey Gaurav,
>
> right -- just keep pairing down the code to strip out these
> variables. tsfcache, for instance, is a static cache of tls
> factories because they are too expensive to create for each
> new connection. and yes, that cache probably hold just one
> instance. it was modeled on our other factory cache, etc etc
> etc....
>
> unfortunately, I can't provide a complete independent working
> sample right now. I won't have time until next week. keep
> pairing down the code and remove variables and cruft I created
> and you'll get a working sample. if you're still stuck by
> next week, let me know.
>
> Dan
>
>
> On 2017-06-23 7:18 AM, Gaurav Tawale wrote:
>> Hi Daniel ,
>>
>> I have gone thorugh your https client code but it has some
>> variables which I did not find any reference like tsfcache.
>>
>> Actualluly I am running my code in simple java programme.
>> Using main method .
>>
>> It will be helpful if you give me full code.
>> Thanks for your help
>>
>> Gaurav
>>
>> On Thursday, June 22, 2017, Daniel Manley
>> <daniel@manley.name> wrote:
>>
>> I am running java 1.4 -- take a look at one of my
>> previous replies that showed usage of HttpClient
>>
>> basically this one:
>> https://www.bouncycastle.org/devmailarchive/msg15298.html
>> <https://www.bouncycastle.org/devmailarchive/msg15298.html>
>>
>> Dan
>>
>> On 2017-06-22 02:53 PM, Gaurav Tawale wrote:
>>> Can you send me your httpclient class
>>>
>>> I will try that in my code. you said that your code is
>>> working.You are running ur project on java 1.4 .right?
>>>
>>> On Thursday, June 22, 2017, Daniel Manley
>>> <daniel@manley.name> wrote:
>>>
>>> interesting ... have you looked at this?
>>> https://community.oracle.com/thread/1535402
>>> <https://community.oracle.com/thread/1535402>
>>>
>>> quote:
>>> From the release notes here:
>>>
>>> http://java.sun.com/j2se/1.4.1/docs/relnotes/features.html#security
>>> <http://java.sun.com/j2se/1.4.1/docs/relnotes/features.html#security>
>>>
>>> this quote:
>>>
>>> /"The JSSE implementation provided in this release
>>> includes strong cipher suites. However, due to U.S.
>>> export control restrictions, this release does not
>>> allow alternate "pluggable" SSL/TLS implementations
>>> to be used. For more information, please see the
>>> JSSE Reference Guide."
>>>
>>> /I've not encountered that problem. this is probably
>>> due to me using apache http client which avoid this
>>> restriction somehow. We originally switched to
>>> apache http client because the built-in Sun URL and
>>> socket implementations had bugs in timeout in
>>> connections such that threads would hang forever
>>> trying to connect to servers behind firewalls, etc.
>>> timeout were ignored.
>>>
>>> Dan
>>>
>>> On 2017-06-22 02:01 PM, Gaurav Tawale wrote:
>>>> sorry before reading your mail . I made some changes.
>>>>
>>>> Now I am getting Runtimeexception
>>>> Export restrictions:this JSSE implementation is
>>>> non-pluggable
>>>>
>>>>
>>>> Thanks,
>>>> Gaurav Tawale
>>>>
>>>>
>>>> On Thursday, June 22, 2017, Daniel Manley
>>>> <daniel@manley.name> wrote:
>>>>
>>>> ok - that makes sense.... you need to implement
>>>> one of these from TLSSocketFactory to satisfy
>>>> what URLConnection does. maybe put a
>>>> system.out in each to see which is called in
>>>> your scenario. --
>>>>
>>>> public Socket createSocket(Socket socket,
>>>> String host, int port, boolean autoClose)
>>>> throws IOException {
>>>> throw new UnsupportedOperationException();
>>>> }
>>>>
>>>> public Socket createSocket(String host, int
>>>> port) throws IOException, UnknownHostException {
>>>> throw new UnsupportedOperationException();
>>>> }
>>>>
>>>> public Socket createSocket(String host, int
>>>> port, InetAddress localAddress, int localPort)
>>>> throws IOException,
>>>> UnknownHostException {
>>>> throw new UnsupportedOperationException();
>>>> }
>>>>
>>>> public Socket createSocket(InetAddress
>>>> host, int port) throws IOException {
>>>> throw new UnsupportedOperationException();
>>>> }
>>>>
>>>> public Socket createSocket(InetAddress
>>>> address, int port, InetAddress localAddress,
>>>> int localPort)
>>>> throws IOException {
>>>> throw new UnsupportedOperationException();
>>>> }
>>>>
>>>> I only implemented the single one used by
>>>> HttpClient:
>>>>
>>>> public Socket createSocket(String host, int
>>>> port, InetAddress localAddress, int localPort,
>>>> HttpConnectionParams params) throws
>>>> IOException, UnknownHostException {
>>>> log.debug("Creating a new TLSSocket for
>>>> " + host + ":" + port);
>>>> return _createSocket(new Socket(host,
>>>> port), host);
>>>> }
>>>>
>>>>
>>>>
>>>> On 2017-06-22 01:43 PM, Gaurav Tawale wrote:
>>>>
>>>> I got java Lang.unsupportedOperationException
>>>>
>>>> TLSSocketFactory.java 48
>>>>
>>>>
>>>> I have an object of HTTPsURLConnection object.
>>>>
>>>> urlConnection.setSSLSocketFactory(new
>>>> TLSSocketFactory());
>>>>
>>>>
>>>>
>>>
>>
>
[Attachment #3 (text/html)]
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">hey Saurav,<br>
<br>
that's great news! glad you were able to get it working. Cheers!<br>
<br>
Dan<br>
<br>
<br>
On 2017-06-26 11:23 AM, Gaurav Tawale wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+qBet43MPA0M1JX6hRj_4YOiG1h5S-K0F8LjimZM=9CfTuXwQ@mail.gmail.com">Thanks
Daniel. Thanks for your help.
<div><br>
</div>
<div>I am able to integrate httpmethod in my code.</div>
<div><br>
</div>
<div>Thanks,</div>
<div>Saurav Tawale<br>
<br>
On Monday, June 26, 2017, Gaurav Tawale <<a
href="mailto:gtawale@gmail.com" \
moz-do-not-send="true">gtawale@gmail.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Daniel,
<div><br>
</div>
<div>If possible,</div>
<div>Could you please provide working code for httpclient.</div>
<div><br>
</div>
<div>I am struggling with HTtpurlconnection .</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Thanks,</div>
<div>Gaurav Tawale</div>
<div><br>
On Friday, June 23, 2017, Daniel Manley <<a
href="javascript:_e(%7B%7D,'cvml','daniel@manley.name');"
target="_blank" moz-do-not-send="true">daniel@manley.name</a>>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>Hey Gaurav,<br>
<br>
right -- just keep pairing down the code to strip out
these variables. tsfcache, for instance, is a static
cache of tls factories because they are too expensive
to create for each new connection. and yes, that
cache probably hold just one instance. it was modeled
on our other factory cache, etc etc etc....<br>
<br>
unfortunately, I can't provide a complete independent
working sample right now. I won't have time until
next week. keep pairing down the code and remove
variables and cruft I created and you'll get a working
sample. if you're still stuck by next week, let me
know.<br>
<br>
Dan<br>
<br>
<br>
On 2017-06-23 7:18 AM, Gaurav Tawale wrote:<br>
</div>
<blockquote type="cite">Hi Daniel ,
<div><br>
</div>
<div>I have gone thorugh your https client code but it
has some variables which I did not find any
reference like tsfcache.</div>
<div><br>
</div>
<div>Actualluly I am running my code in simple java
programme. Using main method .</div>
<div><br>
</div>
<div>It will be helpful if you give me full code.</div>
<div>Thanks for your help</div>
<div><br>
</div>
<div>Gaurav</div>
<div><br>
On Thursday, June 22, 2017, Daniel Manley <<a
moz-do-not-send="true">daniel@manley.name</a>>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> I am
running java 1.4 -- take a look at one of my
previous replies that showed usage of HttpClient<br>
<br>
basically this one: <a
\
href="https://www.bouncycastle.org/devmailarchive/msg15298.html"
target="_blank" \
moz-do-not-send="true">https://www.bouncycastle.org/d<wbr>evmailarchive/msg15298.html</a><br>
<br>
Dan<br>
<br>
<div>On 2017-06-22 02:53 PM, Gaurav Tawale
wrote:<br>
</div>
<blockquote type="cite">Can you send me your
httpclient class
<div><br>
</div>
<div>I will try that in my code. you said that
your code is working.You are running ur
project on java 1.4 .right?<br>
<br>
On Thursday, June 22, 2017, Daniel Manley
<<a moz-do-not-send="true">daniel@manley.name</a>>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
interesting ... have you looked at
this? <a
href="https://community.oracle.com/thread/1535402"
target="_blank" \
moz-do-not-send="true">https://community.oracle.com/t<wbr>hread/1535402</a><br> <br>
quote:<br>
<tt>From the release notes here:</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> <a
href="http://java.sun.com/j2se/1.4.1/docs/relnotes/features.html#security"
target="_blank"
\
moz-do-not-send="true">http://java.sun.com/j2se/1.4.1<wbr>/docs/relnotes/features.html#s<wbr>ecurity</a></tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> this quote:</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> </tt><em><tt>"The JSSE
implementation provided in this
release includes strong cipher
suites. However, due to U.S. export
control restrictions, this release
does not allow alternate "pluggable"
SSL/TLS implementations to be used.
For more information, please see the
JSSE Reference Guide."</tt><tt><br>
</tt><br>
</em>I've not encountered that problem.
this is probably due to me using apache
http client which avoid this restriction
somehow. We originally switched to
apache http client because the built-in
Sun URL and socket implementations had
bugs in timeout in connections such that
threads would hang forever trying to
connect to servers behind firewalls,
etc. timeout were ignored.<br>
<br>
Dan<br>
<br>
<div>On 2017-06-22 02:01 PM, Gaurav
Tawale wrote:<br>
</div>
<blockquote type="cite">sorry before
reading your mail . I made some
changes.
<div><br>
</div>
<div>Now I am getting Runtimeexception</div>
<div>Export restrictions:this JSSE
implementation is non-pluggable</div>
<div><br>
</div>
<div><br>
</div>
<div>Thanks,</div>
<div>Gaurav Tawale</div>
<div><br>
<br>
On Thursday, June 22, 2017, Daniel
Manley <<a \
moz-do-not-send="true">daniel@manley.name</a>> wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">ok - that
makes sense.... you need to
implement one of these from
TLSSocketFactory to satisfy what
URLConnection does. maybe put a
system.out in each to see which is
called in your scenario. --<br>
<br>
public Socket
createSocket(Socket socket, String
host, int port, boolean autoClose)
throws IOException {<br>
throw new
UnsupportedOperationException(<wbr>);<br>
}<br>
<br>
public Socket
createSocket(String host, int
port) throws IOException,
UnknownHostException {<br>
throw new
UnsupportedOperationException(<wbr>);<br>
}<br>
<br>
public Socket
createSocket(String host, int
port, InetAddress localAddress,
int localPort)<br>
throws IOException,
UnknownHostException {<br>
throw new
UnsupportedOperationException(<wbr>);<br>
}<br>
<br>
public Socket
createSocket(InetAddress host, int
port) throws IOException {<br>
throw new
UnsupportedOperationException(<wbr>);<br>
}<br>
<br>
public Socket
createSocket(InetAddress address,
int port, InetAddress
localAddress, int localPort)<br>
throws IOException {<br>
throw new
UnsupportedOperationException(<wbr>);<br>
}<br>
<br>
I only implemented the single one
used by HttpClient:<br>
<br>
public Socket
createSocket(String host, int
port, InetAddress localAddress,
int localPort,<br>
HttpConnectionParams
params) throws IOException,
UnknownHostException {<br>
log.debug("Creating a new
TLSSocket for " + host + ":" +
port);<br>
return _createSocket(new
Socket(host, port), host);<br>
}<br>
<br>
<br>
<br>
On 2017-06-22 01:43 PM, Gaurav
Tawale wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex"> I got
java
Lang.unsupportedOperationExcep<wbr>tion<br>
<br>
TLSSocketFactory.java 48<br>
<br>
<br>
I have an object of
HTTPsURLConnection object.<br>
<br>
urlConnection.setSSLSocketFact<wbr>ory(new
TLSSocketFactory());<br>
<br>
<br>
</blockquote>
<br>
</blockquote>
</div>
</blockquote>
<br>
</div>
</blockquote>
</div>
</blockquote>
<br>
</div>
</blockquote>
</div>
</blockquote>
<p><br>
</p>
</div>
</blockquote>
</div>
</blockquote>
</div>
</blockquote>
<p><br>
</p>
</body>
</html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic