<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>The JDK pulls crypto operations from different providers to
complete operations (like TLS handshakes). The jsse.jar file is
primarily tasked with handling TLS operations but will call into
other providers (jars) where necessary. That's all controlled by
the security provider framework. <br>
</p>
<p>If you're interested in seeing exactly what providers are in use,
you can use the -Djava.security.debug=provider property. It'll
print that information in verbose detail. That extra output is
available in 7u80, 8u40 and later JDKs :
<a class="moz-txt-link-freetext" href="https://bugs.openjdk.java.net/browse/JDK-8056026">https://bugs.openjdk.java.net/browse/JDK-8056026</a><br>
</p>
<pre class="moz-signature" cols="72">Regards,
Sean.</pre>
<div class="moz-cite-prefix">On 01/06/2016 09:06, Ayaskant Swain
wrote:<br>
</div>
<blockquote
cite="mid:CAJo85Ja2H9n4SFcJ=BNAAdrqYSb60WjdcBQCXO_2Yp=qeR5rSQ@mail.gmail.com"
type="cite">
<div dir="ltr">Hi All,
<div><br>
</div>
<div>My question was not specific to those two cipher suites
that I had pasted in my query. I had just pasted them as
examples. Rather my question was generic. </div>
<div><br>
</div>
<div>I want to know which library or packages in JDK implement
the Algorithms/Ciphers that are used for SSL communication?</div>
<div><br>
</div>
<div>If java provides the implementation of those cryptographic
Algos through the <b>java.security , java.net.ssl &
javax.crypto</b> packages then what is the role of the <b>jsse.jar</b>
library that ships in as part of the <b>JAVA_HOME/ jre/lib</b>
directory?</div>
<div><br>
</div>
<div>I could clearly see the <b>jsse.jar </b>has classes like
<b>Handshaker.class, SSLContextImpl.class,
HandShakeMessage.class</b> inside the sun.security.ssl
package which do the actual SSL Handshake. There are many more
classes inside this package.</div>
<div><br>
</div>
<div>So wanted clarification on this.</div>
<div><br>
</div>
<div>Thanks</div>
<div>Ayas</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Jun 1, 2016 at 1:22 PM, Seán
Coffey <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:sean.coffey@oracle.com" target="_blank">sean.coffey@oracle.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span class=""> <br>
<div>On 01/06/2016 03:42, Jim Manico wrote:<br>
</div>
<blockquote type="cite">
<p>I think this is the right answer.</p>
<p>From <a moz-do-not-send="true"
href="https://stackoverflow.com/questions/27323858/java-6-ecdhe-cipher-suite-support"
target="_blank">https://stackoverflow.com/questions/27323858/java-6-ecdhe-cipher-suite-support</a><br>
</p>
<p> <span
style="color:rgb(36,39,41);font-family:Arial,"Helvetica
Neue",Helvetica,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;display:inline!important;float:none;background-color:rgb(255,255,255)">The
SSL/TLS implementation "JSSE" in Java 1.6 and
later supports ECDHE suites<span> </span></span><strong
style="margin:0px;padding:0px;border:0px;font-size:15px;font-weight:bold;color:rgb(36,39,41);font-family:Arial,"Helvetica
Neue",Helvetica,sans-serif;font-style:normal;font-variant:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255)">IF
there is an available (JCE) provider</strong><span
style="color:rgb(36,39,41);font-family:Arial,"Helvetica
Neue",Helvetica,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;display:inline!important;float:none;background-color:rgb(255,255,255)"><span> </span>for
needed ECC primitives.<span> </span></span><strong
style="margin:0px;padding:0px;border:0px;font-size:15px;font-weight:bold;color:rgb(36,39,41);font-family:Arial,"Helvetica
Neue",Helvetica,sans-serif;font-style:normal;font-variant:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255)">Java
1.6 OOTB does NOT</strong><span
style="color:rgb(36,39,41);font-family:Arial,"Helvetica
Neue",Helvetica,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;display:inline!important;float:none;background-color:rgb(255,255,255)"><span> </span>include
such an ECC provider, but you can add one.<span> </span></span><strong
style="margin:0px;padding:0px;border:0px;font-size:15px;font-weight:bold;color:rgb(36,39,41);font-family:Arial,"Helvetica
Neue",Helvetica,sans-serif;font-style:normal;font-variant:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255)">Java
7 and 8 do</strong><span
style="color:rgb(36,39,41);font-family:Arial,"Helvetica
Neue",Helvetica,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;display:inline!important;float:none;background-color:rgb(255,255,255)"><span> </span>include
SunECC provider.</span></p>
</blockquote>
</span> I don't believe Ayaskant's query was specific to
ECC. In any case, the above answer isn't accurate. ECC
support is available OOTB in JDK <br>
6 for Solaris. It's provided via the SunPKCS11 provider.
SunEC provider was added in JDK 7:<br>
<a moz-do-not-send="true"
href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunEC"
target="_blank">http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunEC</a><br>
<br>
regards,<br>
Sean.<span class=""><br>
<blockquote type="cite">
<p>- Jim<br>
</p>
<br>
<div>On 5/29/16 8:02 PM, Ayaskant Swain wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>Can anyone please help me know about this
- Does JSSE library implement the Ciphers or
Algorithms of a SSL protocol ? I see the
jsse.jar library shipped with the JDK. I read
the the Oracle document about JSSE - <a
moz-do-not-send="true"
href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#Introduction"
target="_blank"><a class="moz-txt-link-freetext" href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#Introduction">http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#Introduction</a></a></div>
<div><br>
</div>
<div>So my question is - does the JSSE implement
the Ciphers or Algorithms that are used for a
successful SSL handshake , server
authentication, data integrity & data
confidentiality (Application data encryption).</div>
<div><br>
</div>
<div>Example of cipher suites - <b>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
or </b><b>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</b></div>
<div><b><br>
</b></div>
<div>So is the coding of the above ciphers have
been done in the JSSE library?</div>
<div><br>
</div>
<div>Thanks</div>
<div>Ayaskant</div>
<div>Bangalore</div>
</div>
</blockquote>
<br>
</blockquote>
<br>
</span></div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>