Java : Unsafe SSL configuration
Classification
Overview
SSL connection uses insecure settings. The established connection is insecure and can cause a compromise of valuable data.
In Java applications constants that denote the cipher suite are used to set the parameters of SSL connection. Many cipher suits are insecure, obsolete or artificially weakened due to export restrictions. Examples of several cipher suites recommended by IANA in the TLS parameters documentation:
- TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256
- TLS_DHE_PSK_WITH_AES_256_CCM
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
- TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
In the Play Framework the SSLLooseConfig class is used to create a potentially insecure SSL connection for testing purposes. The true values for the following parameter makes the connection insecure: acceptAnyCertificate, allowWeakCiphers, disableHostnameVerification, allowWeakProtocols, allowUnsafeRenegotiation. Do not use SSLLooseConfig in real applications.
References
- Java Cryptography Architecture Oracle Providers - docs.oracle.com
- Now that it is 2015, what SSL/TLS cipher suites should be used in a high security HTTPS environment? - security.stackexchange.com
- Which Cipher Suites to enable for SSL Socket? - stackoverflow.com
- Good list of weak cipher suites for Java - stackoverflow.com
- SSLLooseConfig - playframework.com
- OWASP Top 10 2017-A3-Sensitive Data Exposure
- CWE CATEGORY: OWASP Top Ten 2017 Category A6 - Security Misconfiguration
- TLS Cipher Suites