Reputation: 377
Use Java Bouncy Castle to list cipher suites supported by server
Is it possible from Java Bouncy Castle to connect to a remote server using SSL/TLS and then get a list of supported cipher suites by the server? I need to receive the HEX value of it and if possible also the 'string-constant' of it (maybe just for the ones that the client knows of it self).
I need to connect to whatever port using whatever protocol (HTTPS, AMQPS, STOMPS, ...).
Upvotes: 2
Views: 1537
Answers (1)
Reputation: 94058
What you can do is to write a CipherSuiteFinder class that calls a rewritten TlsClientProtocol that simply offers up a single cipher suite to the server. To do this you create a new class derived from DefaultTlsClient that extends AbstractTlsClient.
After offering up the protocol and receiving the response you close the connection. If the server didn't error out it accepted the single offered cipher suite, which means this cipher suite is present. You then nicely close the connection by following the TLS standard to close the connection, only closing the socket after everything is done.
Now the CipherSuiteFinder just has to iterate through the cipher suites and collect the results.
The top level protocols such as HTTP and STOMP do not matter; they are only invoked after the TLS connection has been established.
Upvotes: 2
Related Questions
- List all options a server supports
- How can I list the available Cipher algorithms?
- Java - no cipher suites in common
- How can I edit the list of cipher suite in Java using Bouncy Castle
- Java cipher suites
- BouncyCastle tlsutils checkVersion
- How to configure SSL Cipher Suites for https in Java
- _programmatically_ find all supported ciphers for https urlconnections
- TLS handshake cipher list
- Java: How to view all available providers for a Cipher?