如何更详细地调试 SSL 握手?

tag-icon tag-icon ssl java
如何更详细地调试 SSL 握手?

我正在开发一个 Java 应用程序,但无法创建与 API 的连接以进行集成。我遇到了握手失败,甚至不得不使用 wireshark 来抓取流量。我有点确信这是 TLS 版本问题。

在此处输入图片描述

我看到握手失败,协议显示 TLSv1,我猜这是问题所在。另外,如果我尝试使用 cURL 或 openSSL 连接到此 API,它会正常工作,并在 ClientHello 位的协议中显示 TLSv1.3。

但是,如果我查看 ClientHello 的详细信息,它显示 TlSv1.2 作为请求的协议,所以我不确定为什么这是一个问题。

在此处输入图片描述

有人能告诉我如何从中获取更多信息吗?如果有人能告诉我如何让 Java 应用程序改变其在这方面的行为,那就更好了。

投射式电容:https://drive.google.com/file/d/1qbzgU6L9AhPY8IPIy6KM1C6BP7ghOaAV/view?usp=sharing

SSL握手的Java调试:

javax.net.ssl|DEBUG|17|HttpClient-1-Worker-0|2024-04-04 21:42:19.180 EDT|ClientHello.java:640|Produced ClientHello handshake message (
"ClientHello": {
  "client version"      : "TLSv1.2",
  "random"              : "450D606506B1335CBF914F1AF981CE839E0A832B5648DA495514698FB44C3002",
  "session id"          : "567D9AC550CAD29ACBEAF2328E9A51E9E5D167C97C8B6CA750BDD611AC48BE7D",
  "cipher suites"       : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA9), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA8), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
  "compression methods" : "00",
  "extensions"          : [
    "status_request (5)": {
      "certificate status type": ocsp
      "OCSP status request": {
        "responder_id": <empty>
        "request extensions": {
          <empty>
        }
      }
    },
    "supported_groups (10)": {
      "named groups": [x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
    },
    "ec_point_formats (11)": {
      "formats": [uncompressed]
    },
    "application_layer_protocol_negotiation (16)": {
      [h2, http/1.1]
    },
    "status_request_v2 (17)": {
      "cert status request": {
        "certificate status type": ocsp_multi
        "OCSP status request": {
          "responder_id": <empty>
          "request extensions": {
            <empty>
          }
        }
      }
    },
    "extended_master_secret (23)": {
      <empty>
    },
    "session_ticket (35)": {
      <empty>
    },
    "signature_algorithms (13)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
    },
    "supported_versions (43)": {
      "versions": [TLSv1.3, TLSv1.2]
    },
    "psk_key_exchange_modes (45)": {
      "ke_modes": [psk_dhe_ke]
    },
    "signature_algorithms_cert (50)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
    },
    "key_share (51)": {
      "client_shares": [  
        {
          "named group": x25519
          "key_exchange": {
            0000: F9 2E FF DC 09 15 6C 94   D7 44 F4 95 00 C5 A0 EE  ......l..D......
            0010: C1 CD 97 E0 7E B4 77 05   B6 E9 2C 79 DB 83 A5 43  ......w...,y...C
          }
        },
        {
          "named group": secp256r1
          "key_exchange": {
            0000: 04 6E FA 0C F4 C2 62 10   D0 98 44 1F F8 C5 A9 90  .n....b...D.....
            0010: 42 02 8D 42 B0 83 A7 11   15 C1 39 58 B7 17 E1 6B  B..B......9X...k
            0020: BC 19 00 BF 0D D1 98 D6   FF 87 4E A9 32 19 25 77  ..........N.2.%w
            0030: DB 0C 51 20 74 06 46 55   89 F8 56 32 B3 03 E4 DB  ..Q t.FU..V2....
            0040: A2 
          }
        },
      ]
    }
  ]
}
)
javax.net.ssl|DEBUG|17|HttpClient-1-Worker-0|2024-04-04 21:42:19.208 EDT|Alert.java:232|Received alert message (
"Alert": {
  "level"      : "fatal",
  "description": "handshake_failure"
}
)

答案1

感谢 Steffen Ullrich 在评论中指出 SNI 可能导致此问题。我发现此 Java 应用程序的其他地方已禁用它:

System.setProperty("jsse.enableSNIExtension", "false");

通过将其设置为 true 来纠正它,解决了我眼前的问题。

相关内容