Java - How can I disable a TLS cipher for only some protocols using JVM Config?

Question

I\'ve seen lots of examples of disabling TLS ciphers in java using jdk.tls.disabledAlgorithms, for example:

 jdk.tls.disabledAlgorithms=MD2, RSA keySize < 102         


        

Answer 1

Posting my comment as an answer because why not.

Other answers, and every doc I've found online, seems to agree that what you are asking for is not possible to do within Java, not yet at least. You can enable / disable protocols globally, and you can enable / disable cipher types globally, but you cannot do one based on the other.

However, since you are on the DevOps side, maybe a non-Java solution is possible. You could run separate instances of the app, each one having only TLSv1.1, only TLSv1.2 etc. enabled, and apply the desired cipher filter to each one; and then have nginx (or whatever you use) redirect traffic to the appropriate instance depending on the detected protocol.

So, one instance at NODE1 with:

jdk.tls.client.protocols=TLSv1.1
jdk.tls.disabledAlgorithms=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

Another instance at NODE2 with:

jdk.tls.client.protocols=TLSv1.2
jdk.tls.disabledAlgorithms=...

And some nginx rules (use return or rewrite as you see fit):

server {
    [...]
    if ( $ssl_protocol = TLSv1.1 ) {
        return 302 $scheme://NODE1.yourhost.com$request_uri;
    }
    if ( $ssl_protocol = TLSv1.2 ) {
        rewrite ^ $scheme://NODE2.yourhost.com$request_uri;
    }

I'm just a Java dev, my experience with nginx is very limited so you might need to tweak the config a bit. Just trying to help.

Answer 2

JSSE docs say that the https.protocols property can store comma separated list of supported protocols in a given SSL context, however this property is used by current JSSE implementation, but could be disregarded by other vendors or future versions, so YMMV.

Programatically you can achieve it like so:

SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
socket.setEnabledCipherSuites(new String[] {
    CipherSuite.TLS_RSA_WITH_RC4_128_MD5.javaName,
    CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName,
});

//allow TLS1.2 only
socket.setEnabledProtocols(new String[] {
    TlsVersion.TLS_1_2.javaName,
});

Answer 3

edit lib/security/java.security (could be in a different location based on your JDK) and add the Algorithm to the jdk.tls.disabledAlgorithms

In addition to that keySize could be used to restrict weaker algorithms. jdk.tls.disabledAlgorithms=MD2, MD4, MD5, EC keySize < 160, RSA keySize < 2048, DSA keySize < 2048

I suppose, you already know all these, and are really looking to have these per version (ideally something like jdk.tls11.disabledAlgorithms) however, I am not aware of any such fine grained property.

However, protocol version could be restricted as such jdk.tls.client.protocols=TLSv1.1

If you want to support TLSv1.1 and TLSv1.2 a good strategy would be to support only those algorithms (or adjust keySize of algorithms) so that they will be strong in both versions of TLS.

For reference: https://www.java.com/en/configure_crypto.html