not-yet-commons-ssl



Download Not-Yet-Commons-SSL!

Not-Yet-Commons-SSL currently has NO affiliation with the Apache Software Foundation (apache.org), but we're hoping to start Incubation one day.
Current Version (November 14th, 2007):
Full source:not-yet-commons-ssl-0.3.9.zip2.3MBAlphaMD5: 8063831d05fc6204a7c0c23a0f86b086
Binary only:not-yet-commons-ssl-0.3.9.jar189KBAlphaMD5:
Previous Version (July 4th, 2007):
Full source:not-yet-commons-ssl-0.3.8.zip2.3MBAlphaMD5: 6c709837f9fef310a69f8659f1697c81
Binary only:not-yet-commons-ssl-0.3.8.jar189KBAlphaMD5: 34996468b477e3a6c81d7feec213288b

Warning:  not-yet-commons-ssl-0.3.9 should be considered to be of "Alpha" quality! This code probably contains bugs. This code may have security issues.

Future versions will definitely break the current API in a non-reverse compatible way. After commons-ssl-0.5.0, though, we plan on always being reverse compatible with ourselves.


Features as of not-yet-commons-ssl-0.3.9:

1. PBE is now Compatible with openssl enc -K [key] -iv [IV].
People were asking for this. See the PBE page for more details.
2. DES2 with PBE was broken.
Fixed.
3. directory.apache.org didn't write the ASN.1 code. BouncyCastle did.
Now using latest ASN.1 parsing code from BC, and attributing it properly.
4. The "ping" utility has a few more options.
For those who need more than just a "HEAD /" request. You can also set the HTTP host header, independant of the target host/ip.

Features as of not-yet-commons-ssl-0.3.8:

1. useDefaultJavaCiphers() actually works now.
When you want to allow 40 bit, 56 bit, and MD5 based SSL ciphers, use this. It was 99% functional in 0.3.7, but there was a rare situation where setting ciphers was causing SSL handshake errors.
2. PBE (password-based-encryption) improved.
PBE now has its own HTML page. Support for all of OpenSSL's PBE ciphers implemented and tested, including IDEA and RC5. (DES-X might work, but couldn't find a JCE provider that supported it). Threw in support for some additional BouncyCastle ciphers even though OpenSSL doesn't support them (cast6, gost28147, rc6, seed, serpent, skipjack, tea, twofish, xtea). Around 650 test files created to make sure PBE is working properly.
3. PBE API changed on OpenSSL.encrypt() and OpenSSL.decrypt().
The password is now char[] instead of byte[] (sorry!). Encrypt/decrypt on byte[] introduced. Encrypt/decrypt on InputStream is still available, and is properly streamed so that even extremely large files can be encrypted/decrypted.

Features as of not-yet-commons-ssl-0.3.7:

1. useStrongCiphers() used by default.
40 bit and 56 bit ciphers are now disabled by default. To turn them back on call useDefaultJavaCiphers().
2. addAllowedName() adds some flexibility to the CN verification.
Here's a code example using "cucbc.com" to connect, but anticipating "www.cucbc.com" in the server's certificate:
SSLClient client = new SSLClient();
client.addAllowedName( "www.cucbc.com" );
Socket s = client.createSocket( "cucbc.com", 443 );
This technique is also useful if you don't want to use DNS, and want to connect using the IP address.
3. SSLServer can re-use a Tomcat-8443 private key if running from inside Tomcat.
SSLClient server = new SSLServer();
server.useTomcatSSLMaterial();
4. RMI-SSL support improved.
Attempts to re-use the Tomcat-8443 private key for all RMI SSL Server sockets. Anonymous server-sockets (port 0) will always be set to port 31099. Analyzes the server certificate CN field and tries to set "java.rmi.server.hostname" to something compatible with that. Probably the only free implementation around that does a good job on the hostname verification!
5. KeyMaterial constructor blows up earlier.
If a JKS or PKCS12 file is provided that isn't going to work (e.g. no private keys), the KeyMaterial constructor throws an exception right away.
6. getSSLContext() now available to help inter-op with Java 5 SSL-NIO libraries.
Oleg has been working hard on SSL-NIO for the Apache httpcomponents library. Go check it out!
7. Fixed bug where SSLClient couldn't be used with javax.net.ssl.HttpsURLConnection on Java 1.4.x
I was wrapping the SSLSocket, but Java 1.4.x guards against that inside HttpsURLConnection and throws this exciting exception:
java.lang.RuntimeException: Export restriction: this JSSE implementation is non-pluggable.
  at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.checkCreate(DashoA6275)
  at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
  at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
  at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:560)
  at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA6275)
Silly Java - I'm still using your JSSE implementation, I'm just wrapping it!

Features as of not-yet-commons-ssl-0.3.4:

1.  "javax.net.ssl.keyStore" and "javax.net.ssl.trustStore"
SSLClient and SSLServer now set their default TrustMaterial and KeyMaterial from these system properties if they are present.
2.  ssl.setCheckCRL( true/false ) Note: CRL is an abbreviation for "Certificate Revocation List"
Set to true by default. If you're using SSLClient, then the remote server's certificate chain is checked. If you're using SSLServer, CRL checking is ignored unless client certificates are presented. Commons-SSL tries to perform the CRL check against each certificate in the chain, but we're not sure if we always know the entire chain.

Implementation note: To reduce memory consumption all CRL's are saved to disk using File.createTempFile() and File.deleteOnExit(). CRL's are re-downloaded every 24 hours. To reduce disk IO the "pass/fail" result of a CRL check for a given X.509 Certificate is cached using the 20 byte SHA1 hash of the certificate as the key. The cached "pass" result is discarded every 24 hours. The cached "fail" result is retained until the JVM restarts.

3.  ssl.setCheckExpiry( true/false )
Certificate expiry checking can be turned off. Turned on by default. For Java 1.4 and newer we're intercepting the CertificateException thrown by the TrustManager. But we still implemented our own expiry checking because Java 1.3 doesn't check expiry. We check every certificate in the chain, but we're not sure if we always know the entire chain.
4.  ssl.setCheckHostname( true/false )
Certificate hostname checking improved. Turned on by default for SSLClient, but turned off by default for SSLServer. If turned on for SSLServer, only applied to client certificates by checking against a reverse DNS lookup of the client's IP address. Turning on for SSLServer will probably be quite rare. We imagine that applications (such as Tomcat) will pass the client chain back up into the business layer where people can code in any kind of validation logic they like. But we put it in anyway to keep things consistent.

Support added for certificates with wildcards in the CN field (e.g. *.credential.com). Java already had this, to be fair. We broke it by accident!

s: CN=*.credential.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/cps (c)05,
   OU=businessprofile.geotrust.com/get.jsp?GT27402892, O=*.credential.com, C=CA
i: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US

5.  PKCS8 support.
Support for OpenSSL "Traditional" and PKCS8 encrypted private keys added. Private keys can be RSA or DSA. See our pkcs8 page for more details.
6.  New Utility: "KeyStoreBuilder"
Command line utility converts an OpenSSL pair (private key + certificate) into a Java Keystore ("JKS") file. To see the command-line options, visit our utilities page, or just run:
java -cp commons-ssl-0.3.4.jar org.apache.commons.ssl.KeyStoreBuilder

Road Map For Future Versions

0.3.10 - 0.3.11 are just some feature ideas. They might not be feasible. 0.3.9 is the current version.

VersionRelease Date?Description
0.3.4Nov 200690% feature complete. Probably contains some bugs.
0.3.5Dec 2006PKCS8Key constructor is public now. Whoops. Hostname verification knows about more than just CN's now - also checks subjectAlts in the server's certificate.
0.3.6Jan 2007Fixed Java 1.4 bug with HttpsURLConnection.
0.3.7Feb 200740 bit and 56 bit ciphers disabled by default. RMI-SSL improved. getSSLContext() added. Various other improvements.
0.3.8Nov 2007PBE (password-based-encryption) formally introduced and improved. 40 bit and 56 bit ciphers still disabled by default, but working better when re-enabled.
0.3.9May 2008Some PBE fixes. Using latest ASN.1 code from BouncyCastle.
0.3.10May 2008

Socket monitoring. Make it easier for long-running server applications to warn about impending certificate expiries.

OCSP - Online Certificate Status Protocol

NotQuiteSoEasySSLProtocolSocketFactory will trust any server The First Time, and store that server's cert on disk for future accesses.

0.3.11Jun 2008TrustMaterial.setAutoReload( true / false ), and KeyMaterial.setAutoReload( true / false ), but only if no password, or "changeit" was provided. (Question: should this "reload" tear down all open sockets?).
0.4.0Jul 2008Non-public code (protected, private, etc) moved into a separate "impl" package where possible.
0.5.0Aug 2008API froven. All future versions must be reverse-compatible with 0.5.0 (except for any parts of 0.5.0 later found to be insecure).
0.7.0Nov 2008JavaDocs written for all public methods and classes.
0.7.5Mar 2009JUnit tests written for all classes.
0.9.0May 2009First BETA release. JUnit tests passing on all targetted platforms:
  1. Intel/AMD: (Sun, IBM, BEA) x (Linux, Mac, Windows) x (1.3, 1.4, 5, 6, 7)
  2. All of the above with and without BouncyCastle.
  3. PowerPC: Mac OS X 10.4, 10.5
  4. Linux: Latest GCJ, Kaffe, and Blackdown releases. BouncyCastle added if necessary to get tests to pass.
  5. Anyone got an IBM mainframe we can test on?
0.9.1 - 0.9.9Aug 2009Bug fixes.
1.0.0Jan 2010Development mostly stops.

The problem we're solving with Commons-SSL is quite small, so I don't see any reason to ever go beyond 1.0.0, except for fixing bugs.