Re: TLS 1.2 Handshake on Tomcat 7.0.39 Getting Internal Error: Key format must be RAW

[tomcat]

Dono,

On 22.09.2016 01:06, Igor Cicimov wrote:
On 20 Sep 2016 2:45 am, "Dono Harjanto" <d...@deviceauthority.com> wrote:

Hi All,


We have a web app deployed on 3 different servers, all running Tomcat
7.0.39 and Java 8 (update 101/102). Here is the operating system on each
server:

- Production: CentOS 6.4

- Staging 1: CentOS 6.5

- Staging 2: CentOS 6.7


When we accessed the web app on Production server, we were able to
connect and connected over TLS 1.2 (as expected). However, when we accessed
the web app on both Staging servers we were able to connect, but it was
connected over TLS 1.1 not TLS 1.2 as TLS 1.2 handshake failed and server
sent an Alert (Level: Fatal, Description: Internal Error) response.


We enabled SSL debugging on Tomcat and we saw Tomcat threw
InvalidAlgorithmParameterException exception in catalina.out as shown below:


http-bio-8443-exec-1, READ: TLSv1.2 Handshake, length = 70
*** ECDHClientKeyExchange
ECDH Public value:  { 4, 245, 39, 156, 56, 88, 62, 108, 141, 237, 93,
240, 210, 228, 91, 60, 14, 109, 138, 121, 126, 100, 36, 194, 93, 101, 131,
119, 120, 57, 120, 222, 73, 123, 122, 218, 253, 91, 170, 240, 251, 73, 214,
29, 192, 234, 109, 189, 40, 249, 161, 176, 172, 179, 36, 162, 229, 69, 160,
221, 242, 53, 100, 34, 215 }
SESSION KEYGEN:

PreMaster Secret:
(key bytes not available)
RSA master secret generation error:
java.security.InvalidAlgorithmParameterException: Key format must be RAW
         at
com.sun.crypto.provider.TlsMasterSecretGenerator.engineInit(TlsMasterSecretGenerator.java:67)
         at javax.crypto.KeyGenerator.init(KeyGenerator.java:454)
         at javax.crypto.KeyGenerator.init(KeyGenerator.java:430)
         at sun.security.ssl.Handshaker.calculateMasterSecret(Unknown
Source)
         at sun.security.ssl.Handshaker.calculateKeys(Unknown Source)
         at sun.security.ssl.ServerHandshaker.processMessage(Unknown
Source)
         at sun.security.ssl.Handshaker.processLoop(Unknown Source)
         at sun.security.ssl.Handshaker.process_record(Unknown Source)
         at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
         at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
         at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
         at sun.security.ssl.SSLSocketImpl.getSession(Unknown Source)
         at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.handshake(JSSESocketFactory.java:215)
         at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:298)
         at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
Source)
         at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
Source)
         at java.lang.Thread.run(Unknown Source)
http-bio-8443-exec-1, handling exception:
java.security.ProviderException:
java.security.InvalidAlgorithmParameterException: Key format must be RAW
%% Invalidated:  [Session-1, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
http-bio-8443-exec-1, SEND TLSv1.2 ALERT:  fatal, description =
internal_error
http-bio-8443-exec-1, WRITE: TLSv1.2 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 03 00 02 02 50                               ......P
http-bio-8443-exec-1, called closeSocket()
http-bio-8443-exec-1, IOException in getSession():
javax.net.ssl.SSLException: java.security.ProviderException:
java.security.InvalidAlgorithmParameterException: Key format must be RAW
http-bio-8443-exec-1, called close()
http-bio-8443-exec-1, called closeInternal(true)



Below is the server.xml configuration we have on all servers:


     <Connector port="8443"
protocol="org.apache.coyote.http11.Http11Protocol"

         SSLEnabled="true"
         scheme="https"
         secure="true"
         clientAuth="false"
         sslProtocol="TLS"

         maxHttpHeaderSize="8192"
         maxThreads="150"
         minSpareThreads="25"
         enableLookups="false"
         disableUploadTimeout="true"
         acceptCount="100"
         useBodyEncodingForURI="true"

         keystoreType="pkcs12"
         keystoreFile="/path/to/keystore/.filename.p12"
         keystorePass="<snip>" />



Any idea why Tomcat not able to do TLS 1.2 handshake and throwing "Key
format must be RAW" exception? Did we miss anything here?



Thanks for your help,

Don

This sounds like something specific to pkcs can you convert to jks
keystore?


Ok, this is  really a long shot, and I really do not know what I am talking 
about..

I just want to point out that in the course of doing some searches on the WWW with 
keywords related to your issue, I seemed several times to come across articles which were 
referring to some restrictions in Java cryptography, having to do with US export 
regulations (cryptography being an area submitted in part to such rules).
In my limited understanding, the apparent gist of it seemed to be that
- for systems based in the US, by default some java-cryptographic modules allow some 
encryption methods (or key strengths etc.)
- while for non-US-based systems some of these methods/strengths are by default 
disabled
To re-enable these methods, one has to either change some java parameters (at the risk of 
falling foul of said export restrictions), or replace some standard underlying libraries, 
by other similar ones developed outside of the US.
And, in some cases, such "similar" libraries may throw exceptions where the standard ones 
would not.
All of the above to take with a grain of salt, considering my almost total lack of 
knowledge in the matter.
But, considering that your production system may be one case, and your staging systems 
another, and considering that so far nobody seems to have found the ultimate answer to 
your problem, this could be an area to investigate.

I will make another wild guess : a lot of people on this list probably either work 
predominantly on US-based systems, or don't know about such restrictions, or are unfamilar 
with them, and for such reasons have probably never encountered the kind of issue which 
you mention.  So it is probably no wonder that everyone seems to be a bit in the dark 
(including myself).


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org